Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 22566a81 authored by Lukasz Pawelczyk's avatar Lukasz Pawelczyk Committed by Greg Kroah-Hartman
Browse files

netfilter: xt_owner: Add supplementary groups option 



[ Upstream commit ea6cc2fd8a2b89ab6dcd096ba6dbc1ecbdf26564 ]

The XT_OWNER_SUPPL_GROUPS flag causes GIDs specified with XT_OWNER_GID
to be also checked in the supplementary groups of a process.

f_cred->group_info cannot be modified during its lifetime and f_cred
holds a reference to it so it's safe to use.

Signed-off-by: default avatarLukasz Pawelczyk <l.pawelczyk@samsung.com>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
Stable-dep-of: 7ae836a3d630 ("netfilter: xt_owner: Fix for unsafe access of sk->sk_socket")
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
parent d371b059
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment