On Tue, 2016-06-14 at 02:02 +0200, Florian Westphal wrote: > Kevin Cernekee <cernekee@xxxxxxxxxxxx> wrote: > > @@ -35,6 +63,7 @@ owner_mt(const struct sk_buff *skb, struct xt_action_param *par) > > const struct xt_owner_match_info *info = par->matchinfo; > > const struct file *filp; > > struct sock *sk = skb_to_full_sk(skb); > > + const struct net *net; > > > > if (sk == NULL || sk->sk_socket == NULL) > > return (info->match ^ info->invert) == 0; > > @@ -50,9 +79,10 @@ owner_mt(const struct sk_buff *skb, struct xt_action_param *par) > > return ((info->match ^ info->invert) & > > (XT_OWNER_UID | XT_OWNER_GID)) == 0; > > > > + net = sock_net(skb->sk); > > I think you need to use sock_net(sk) as skb_to_full_sk(skb) can return something > other than skb->sk. They should share same network namespace ? -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
