]>
Commit | Line | Data |
---|---|---|
e8791d4f AM |
1 | diff -urNp -x '*.orig' linux-4.9/include/uapi/linux/netfilter/xt_owner.h linux-4.9/include/uapi/linux/netfilter/xt_owner.h |
2 | --- linux-4.9/include/uapi/linux/netfilter/xt_owner.h 2016-12-11 20:17:54.000000000 +0100 | |
3 | +++ linux-4.9/include/uapi/linux/netfilter/xt_owner.h 2021-02-24 15:31:31.354043397 +0100 | |
4 | @@ -7,12 +7,16 @@ enum { | |
2380c486 JR |
5 | XT_OWNER_UID = 1 << 0, |
6 | XT_OWNER_GID = 1 << 1, | |
7 | XT_OWNER_SOCKET = 1 << 2, | |
8 | + XT_OWNER_XID = 1 << 3, | |
9 | + XT_OWNER_NID = 1 << 4, | |
10 | }; | |
11 | ||
12 | struct xt_owner_match_info { | |
9474138d AM |
13 | __u32 uid_min, uid_max; |
14 | __u32 gid_min, gid_max; | |
15 | __u8 match, invert; | |
16 | + __u32 nid; | |
17 | + __u32 xid; | |
2380c486 JR |
18 | }; |
19 | ||
20 | #endif /* _XT_OWNER_MATCH_H */ | |
e8791d4f AM |
21 | diff -urNp -x '*.orig' linux-4.9/net/netfilter/xt_owner.c linux-4.9/net/netfilter/xt_owner.c |
22 | --- linux-4.9/net/netfilter/xt_owner.c 2016-12-11 20:17:54.000000000 +0100 | |
23 | +++ linux-4.9/net/netfilter/xt_owner.c 2021-02-24 15:31:31.354043397 +0100 | |
24 | @@ -97,6 +97,16 @@ owner_mt(const struct sk_buff *skb, stru | |
2380c486 | 25 | return false; |
e8791d4f | 26 | } |
2380c486 JR |
27 | |
28 | + if (info->match & XT_OWNER_NID) | |
29 | + if ((skb->sk->sk_nid != info->nid) ^ | |
30 | + !!(info->invert & XT_OWNER_NID)) | |
31 | + return 0; | |
32 | + | |
33 | + if (info->match & XT_OWNER_XID) | |
34 | + if ((skb->sk->sk_xid != info->xid) ^ | |
35 | + !!(info->invert & XT_OWNER_XID)) | |
36 | + return 0; | |
37 | + | |
38 | return true; | |
39 | } | |
40 |