X-Git-Url: https://git.pld-linux.org/?a=blobdiff_plain;f=kernel-owner-xid.patch;h=01389aa781414e0062fd123d1ba842450ebfd7ec;hb=cd7a4cd993fd096faee514fee7ef72486f9cf447;hp=d2c27dc03f939148321275380c22b35218e150f1;hpb=2380c4865cc3612d22b7c8f21890de152daf79a1;p=packages%2Fkernel.git

diff --git a/kernel-owner-xid.patch b/kernel-owner-xid.patch
index d2c27dc0..01389aa7 100644
--- a/kernel-owner-xid.patch
+++ b/kernel-owner-xid.patch
@@ -1,6 +1,6 @@
-diff -upr linux-2.6.25/include/linux/netfilter/xt_owner.h linux-2.6.25-owner-xid/include/linux/netfilter/xt_owner.h
---- linux-2.6.25/include/linux/netfilter/xt_owner.h	2008-04-17 02:49:44.000000000 +0000
-+++ linux-2.6.25-owner-xid/include/linux/netfilter/xt_owner.h	2008-05-20 18:36:38.074950561 +0000
+diff -upr linux-2.6.25/include/uapi/linux/netfilter/xt_owner.h linux-2.6.25-owner-xid/include/uapi/linux/netfilter/xt_owner.h
+--- linux-2.6.25/include/uapi/linux/netfilter/xt_owner.h	2008-04-17 02:49:44.000000000 +0000
++++ linux-2.6.25-owner-xid/include/uapi/linux/netfilter/xt_owner.h	2008-05-20 18:36:38.074950561 +0000
 @@ -5,12 +5,16 @@ enum {
  	XT_OWNER_UID    = 1 << 0,
  	XT_OWNER_GID    = 1 << 1,
@@ -10,109 +10,17 @@ diff -upr linux-2.6.25/include/linux/netfilter/xt_owner.h linux-2.6.25-owner-xid
  };
  
  struct xt_owner_match_info {
- 	u_int32_t uid_min, uid_max;
- 	u_int32_t gid_min, gid_max;
- 	u_int8_t match, invert;
-+	u_int32_t nid;
-+	u_int32_t xid;
+ 	__u32 uid_min, uid_max;
+ 	__u32 gid_min, gid_max;
+ 	__u8 match, invert;
++	__u32 nid;
++	__u32 xid;
  };
  
  #endif /* _XT_OWNER_MATCH_H */
-Only in linux-2.6.25-owner-xid/include/linux/netfilter: xt_owner.h~
-diff -upr linux-2.6.25/include/linux/netfilter_ipv4/ipt_owner.h linux-2.6.25-owner-xid/include/linux/netfilter_ipv4/ipt_owner.h
---- linux-2.6.25/include/linux/netfilter_ipv4/ipt_owner.h	2008-05-20 17:15:02.411418369 +0000
-+++ linux-2.6.25-owner-xid/include/linux/netfilter_ipv4/ipt_owner.h	2008-05-20 17:16:22.905886167 +0000
-@@ -1,12 +1,16 @@
- #ifndef _IPT_OWNER_H
- #define _IPT_OWNER_H
- 
-+#include <linux/types.h>
-+
- /* match and invert flags */
- #define IPT_OWNER_UID	0x01
- #define IPT_OWNER_GID	0x02
- #define IPT_OWNER_PID	0x04
- #define IPT_OWNER_SID	0x08
- #define IPT_OWNER_COMM	0x10
-+#define IPT_OWNER_NID	0x20
-+#define IPT_OWNER_XID	0x40
- 
- struct ipt_owner_info {
-     uid_t uid;
-@@ -15,6 +19,8 @@ struct ipt_owner_info {
-     pid_t sid;
-     char comm[16];
-     u_int8_t match, invert;	/* flags */
-+    u_int32_t nid;
-+    u_int32_t xid;
- };
- 
- #endif /*_IPT_OWNER_H*/
-diff -upr linux-2.6.25/include/linux/netfilter_ipv6/ip6t_owner.h linux-2.6.25-owner-xid/include/linux/netfilter_ipv6/ip6t_owner.h
---- linux-2.6.25/include/linux/netfilter_ipv6/ip6t_owner.h	2008-05-20 17:15:02.411418369 +0000
-+++ linux-2.6.25-owner-xid/include/linux/netfilter_ipv6/ip6t_owner.h	2008-05-20 17:16:22.905886167 +0000
-@@ -1,11 +1,15 @@
- #ifndef _IP6T_OWNER_H
- #define _IP6T_OWNER_H
- 
-+#include <linux/types.h>
-+
- /* match and invert flags */
- #define IP6T_OWNER_UID	0x01
- #define IP6T_OWNER_GID	0x02
- #define IP6T_OWNER_PID	0x04
- #define IP6T_OWNER_SID	0x08
-+#define IP6T_OWNER_NID	0x20
-+#define IP6T_OWNER_XID	0x40
- 
- struct ip6t_owner_info {
-     uid_t uid;
-@@ -13,6 +17,8 @@ struct ip6t_owner_info {
-     pid_t pid;
-     pid_t sid;
-     u_int8_t match, invert;	/* flags */
-+    u_int32_t nid;
-+    u_int32_t xid;
- };
- 
- #endif /*_IPT_OWNER_H*/
 diff -upr linux-2.6.25/net/netfilter/xt_owner.c linux-2.6.25-owner-xid/net/netfilter/xt_owner.c
 --- linux-2.6.25/net/netfilter/xt_owner.c	2008-05-20 17:15:02.411418369 +0000
 +++ linux-2.6.25-owner-xid/net/netfilter/xt_owner.c	2008-05-20 17:48:15.774419069 +0000
-@@ -46,6 +46,16 @@ owner_mt_v0(const struct sk_buff *skb, c
- 		    !!(info->invert & IPT_OWNER_GID))
- 			return false;
- 
-+	if (info->match & IPT_OWNER_NID)
-+		if ((skb->sk->sk_nid != info->nid) ^
-+		    !!(info->invert & IPT_OWNER_NID))
-+			return 0;
-+
-+	if (info->match & IPT_OWNER_XID)
-+		if ((skb->sk->sk_xid != info->xid) ^
-+		    !!(info->invert & IPT_OWNER_XID))
-+			return 0;
-+
- 	return true;
- }
- 
-@@ -75,6 +85,16 @@ owner_mt6_v0(const struct sk_buff *skb, 
- 		    !!(info->invert & IP6T_OWNER_GID))
- 			return false;
- 
-+	if (info->match & IP6T_OWNER_NID)
-+		if ((skb->sk->sk_nid != info->nid) ^
-+		    !!(info->invert & IP6T_OWNER_NID))
-+			return 0;
-+
-+	if (info->match & IP6T_OWNER_XID)
-+		if ((skb->sk->sk_xid != info->xid) ^
-+		    !!(info->invert & IP6T_OWNER_XID))
-+			return 0;
-+
- 	return true;
- }
- 
 @@ -113,6 +133,16 @@ owner_mt(const struct sk_buff *skb, cons
  		    !(info->invert & XT_OWNER_GID))
  			return false;
@@ -130,4 +38,3 @@ diff -upr linux-2.6.25/net/netfilter/xt_owner.c linux-2.6.25-owner-xid/net/netfi
  	return true;
  }
  
-Only in linux-2.6.25-owner-xid/net/netfilter: xt_owner.c~