[packages/kernel.git] / kernel-owner-xid.patch

diff -urNp -x '*.orig' linux-4.9/include/uapi/linux/netfilter/xt_owner.h linux-4.9/include/uapi/linux/netfilter/xt_owner.h
--- linux-4.9/include/uapi/linux/netfilter/xt_owner.h	2016-12-11 20:17:54.000000000 +0100
+++ linux-4.9/include/uapi/linux/netfilter/xt_owner.h	2021-02-24 15:31:31.354043397 +0100
@@ -7,12 +7,16 @@ enum {
 	XT_OWNER_UID    = 1 << 0,
 	XT_OWNER_GID    = 1 << 1,
 	XT_OWNER_SOCKET = 1 << 2,
+	XT_OWNER_XID    = 1 << 3,
+	XT_OWNER_NID    = 1 << 4,
 };
 
 struct xt_owner_match_info {
 	__u32 uid_min, uid_max;
 	__u32 gid_min, gid_max;
 	__u8 match, invert;
+	__u32 nid;
+	__u32 xid;
 };
 
 #endif /* _XT_OWNER_MATCH_H */
diff -urNp -x '*.orig' linux-4.9/net/netfilter/xt_owner.c linux-4.9/net/netfilter/xt_owner.c
--- linux-4.9/net/netfilter/xt_owner.c	2016-12-11 20:17:54.000000000 +0100
+++ linux-4.9/net/netfilter/xt_owner.c	2021-02-24 15:31:31.354043397 +0100
@@ -97,6 +97,16 @@ owner_mt(const struct sk_buff *skb, stru
 			return false;
 	}
 
+	if (info->match & XT_OWNER_NID)
+		if ((skb->sk->sk_nid != info->nid) ^
+		    !!(info->invert & XT_OWNER_NID))
+			return 0;
+
+	if (info->match & XT_OWNER_XID)
+		if ((skb->sk->sk_xid != info->xid) ^
+		    !!(info->invert & XT_OWNER_XID))
+			return 0;
+
 	return true;
 }
Commit	Line	Data
e8791d4f AM	1	diff -urNp -x '*.orig' linux-4.9/include/uapi/linux/netfilter/xt_owner.h linux-4.9/include/uapi/linux/netfilter/xt_owner.h
	2	--- linux-4.9/include/uapi/linux/netfilter/xt_owner.h 2016-12-11 20:17:54.000000000 +0100
	3	+++ linux-4.9/include/uapi/linux/netfilter/xt_owner.h 2021-02-24 15:31:31.354043397 +0100
	4	@@ -7,12 +7,16 @@ enum {
2380c486 JR	5	XT_OWNER_UID = 1 << 0,
	6	XT_OWNER_GID = 1 << 1,
	7	XT_OWNER_SOCKET = 1 << 2,
	8	+ XT_OWNER_XID = 1 << 3,
	9	+ XT_OWNER_NID = 1 << 4,
	10	};
	11
	12	struct xt_owner_match_info {
9474138d AM	13	__u32 uid_min, uid_max;
	14	__u32 gid_min, gid_max;
	15	__u8 match, invert;
	16	+ __u32 nid;
	17	+ __u32 xid;
2380c486 JR	18	};
	19
	20	#endif /* _XT_OWNER_MATCH_H */
e8791d4f AM	21	diff -urNp -x '*.orig' linux-4.9/net/netfilter/xt_owner.c linux-4.9/net/netfilter/xt_owner.c
	22	--- linux-4.9/net/netfilter/xt_owner.c 2016-12-11 20:17:54.000000000 +0100
	23	+++ linux-4.9/net/netfilter/xt_owner.c 2021-02-24 15:31:31.354043397 +0100
	24	@@ -97,6 +97,16 @@ owner_mt(const struct sk_buff *skb, stru
2380c486	25	return false;
e8791d4f	26	}
2380c486 JR	27
	28	+ if (info->match & XT_OWNER_NID)
	29	+ if ((skb->sk->sk_nid != info->nid) ^
	30	+ !!(info->invert & XT_OWNER_NID))
	31	+ return 0;
	32	+
	33	+ if (info->match & XT_OWNER_XID)
	34	+ if ((skb->sk->sk_xid != info->xid) ^
	35	+ !!(info->invert & XT_OWNER_XID))
	36	+ return 0;
	37	+
	38	return true;
	39	}
	40