On Fri, Feb 3, 2017 at 6:32 AM, Daniel Borkmann <dan...@iogearbox.net> wrote: >> + sk = skb->sk; >> + kuid = sock_net_uid(dev_net(skb->dev), sk); > > > Don't you need to test for fullsock? Do you mean something like below?
It should be safe to call sock_net_uid on any type of socket
(including NULL). sk_uid was added to struct sock in 86741ec25462
("net: core: Add a UID field to struct sock.")
