On Thu, Oct 13, 2022 at 04:37:47PM +0200, Guillaume Nault wrote:
> Currently netfilter's rpfilter and fib modules implicitely initialise
> ->flowic_uid with 0. This is normally the root UID. However, this isn't
> the case in user namespaces, where user ID 0 is mapped to a different
> kernel UID. By initialising ->flowic_uid with sock_net_uid(), we get
> the root UID of the user namespace, thus keeping the same behaviour
> whether or not we're running in a user namepspace.
>
> Note, this is similar to commit 8bcfd0925ef1 ("ipv4: add missing
> initialization for flowi4_uid"), which fixed the rp_filter sysctl.
Applied, thanks
