42 lines
1.3 KiB
Diff
42 lines
1.3 KiB
Diff
|
--- a/linux/net/ipsec/pfkey_v2.c
|
||
|
|
+++ b/linux/net/ipsec/pfkey_v2.c
|
||
|
|
@@ -738,7 +738,7 @@ pfkey_create(struct socket *sock, int pr
|
||
|
|
sk->sk_family = PF_KEY;
|
||
|
|
/* sk->num = protocol; */
|
||
|
|
sk->sk_protocol = protocol;
|
||
|
|
- key_pid(sk) = current_uid();
|
||
|
|
+ key_pid(sk) = IPSEC_FROM_KUIDT(current_uid());
|
||
|
|
|
||
|
|
#ifdef HAVE_SOCKET_WQ
|
||
|
|
KLIPS_PRINT(debug_pfkey,
|
||
|
|
--- a/linux/include/openswan/ipsec_kversion.h
|
||
|
|
+++ b/linux/include/openswan/ipsec_kversion.h
|
||
|
|
@@ -614,6 +614,16 @@
|
||
|
|
# define DEFINE_RWLOCK(x) rwlock_t x = RW_LOCK_UNLOCKED
|
||
|
|
#endif
|
||
|
|
|
||
|
|
+/*
|
||
|
|
+ * kuid_t <=> uint32_t conversion
|
||
|
|
+ */
|
||
|
|
+
|
||
|
|
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3,7,0)
|
||
|
|
+# define IPSEC_FROM_KUIDT(x) from_kuid(current_user_ns(), x)
|
||
|
|
+#else
|
||
|
|
+# define IPSEC_FROM_KUIDT(x) (x)
|
||
|
|
+#endif
|
||
|
|
+
|
||
|
|
|
||
|
|
#endif /* _OPENSWAN_KVERSIONS_H */
|
||
|
|
|
||
|
|
--- a/linux/net/ipsec/pfkey_v2_parser.c
|
||
|
|
+++ b/linux/net/ipsec/pfkey_v2_parser.c
|
||
|
|
@@ -1481,7 +1481,7 @@ pfkey_register_reply(int satype, struct
|
||
|
|
satype,
|
||
|
|
0,
|
||
|
|
sadb_msg? sadb_msg->sadb_msg_seq : ++pfkey_msg_seq,
|
||
|
|
- sadb_msg? sadb_msg->sadb_msg_pid: current_uid()),
|
||
|
|
+ sadb_msg? sadb_msg->sadb_msg_pid: IPSEC_FROM_KUIDT(current_uid())),
|
||
|
|
extensions_reply) &&
|
||
|
|
(alg_num_a ? pfkey_safe_build(error = pfkey_supported_build(&extensions_reply[K_SADB_EXT_SUPPORTED_AUTH],
|
||
|
|
K_SADB_EXT_SUPPORTED_AUTH,
|