xtables-addons is broken in conjunction with kernel 3.7 and later in that uid/gid are now defined by kuid_t and kgid_t typedefs in order to support namespaces. Ideally xtables-addons will be modified upstream to more fully support this abstraction, but in the meantime, this patch papers over the problem while continuing to support module_param().
Signed-off-by: Russell Senior <russ...@personaltelco.net> --- net/xtables-addons/patches/310-uidgid.patch | 77 +++++++++++++++++++++++++++ 1 files changed, 77 insertions(+), 0 deletions(-) create mode 100644 net/xtables-addons/patches/310-uidgid.patch diff --git a/net/xtables-addons/patches/310-uidgid.patch b/net/xtables-addons/patches/310-uidgid.patch new file mode 100644 index 0000000..28ec96c --- /dev/null +++ b/net/xtables-addons/patches/310-uidgid.patch @@ -0,0 +1,77 @@ +diff -ru xtables-addons-2.0-orig/extensions/xt_DNETMAP.c xtables-addons-2.0/extensions/xt_DNETMAP.c +--- xtables-addons-2.0-orig/extensions/xt_DNETMAP.c 2013-01-14 15:44:47.000000000 -0800 ++++ xtables-addons-2.0/extensions/xt_DNETMAP.c 2013-01-15 10:26:48.000000000 -0800 +@@ -31,6 +31,7 @@ + #include <net/net_namespace.h> + #include <net/netns/generic.h> + #include <linux/netfilter/nf_nat.h> ++#include <linux/uidgid.h> + #include "compat_xtables.h" + #include "xt_DNETMAP.h" + +@@ -329,8 +330,8 @@ + ret = -ENOMEM; + goto out; + } +- pde_data->uid = proc_uid; +- pde_data->gid = proc_gid; ++ pde_data->uid = KUIDT_INIT(proc_uid); ++ pde_data->gid = KGIDT_INIT(proc_gid); + + /* statistics */ + pde_stat = create_proc_entry(p->proc_str_stat, proc_perms, +@@ -342,8 +343,8 @@ + } + pde_stat->data = p; + pde_stat->read_proc = dnetmap_stat_proc_read; +- pde_stat->uid = proc_uid; +- pde_stat->gid = proc_gid; ++ pde_stat->uid = KUIDT_INIT(proc_uid); ++ pde_stat->gid = KGIDT_INIT(proc_gid); + #endif + + spin_lock_bh(&dnetmap_lock); +diff -ru xtables-addons-2.0-orig/extensions/xt_condition.c xtables-addons-2.0/extensions/xt_condition.c +--- xtables-addons-2.0-orig/extensions/xt_condition.c 2012-11-12 10:03:51.000000000 -0800 ++++ xtables-addons-2.0/extensions/xt_condition.c 2013-01-15 10:28:30.000000000 -0800 +@@ -20,6 +20,7 @@ + #include <linux/string.h> + #include <linux/version.h> + #include <linux/netfilter/x_tables.h> ++#include <linux/uidgid.h> + #include <asm/uaccess.h> + #include "xt_condition.h" + #include "compat_xtables.h" +@@ -155,8 +156,8 @@ + var->status_proc->read_proc = condition_proc_read; + var->status_proc->write_proc = condition_proc_write; + list_add(&var->list, &conditions_list); +- var->status_proc->uid = condition_uid_perms; +- var->status_proc->gid = condition_gid_perms; ++ var->status_proc->uid = KUIDT_INIT(condition_uid_perms); ++ var->status_proc->gid = KGIDT_INIT(condition_gid_perms); + mutex_unlock(&proc_lock); + info->condvar = var; + return 0; +diff -ru xtables-addons-2.0-orig/extensions/xt_quota2.c xtables-addons-2.0/extensions/xt_quota2.c +--- xtables-addons-2.0-orig/extensions/xt_quota2.c 2012-11-12 10:03:51.000000000 -0800 ++++ xtables-addons-2.0/extensions/xt_quota2.c 2013-01-15 10:30:20.000000000 -0800 +@@ -17,6 +17,7 @@ + #include <linux/skbuff.h> + #include <linux/spinlock.h> + #include <linux/version.h> ++#include <linux/uidgid.h> + #include <asm/atomic.h> + + #include <linux/netfilter/x_tables.h> +@@ -131,8 +132,8 @@ + p->data = e; + p->read_proc = quota_proc_read; + p->write_proc = quota_proc_write; +- p->uid = quota_list_uid; +- p->gid = quota_list_gid; ++ p->uid = KUIDT_INIT(quota_list_uid); ++ p->gid = KGIDT_INIT(quota_list_gid); + list_add_tail(&e->list, &counter_list); + spin_unlock_bh(&counter_list_lock); + return e; -- 1.7.2.2 -- Russell Senior, President russ...@personaltelco.net _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
