backports: do not access user_ns on struct net

The ieee802154 subsystem wants to access user_ns on struct net, but
this member was added in kernel 3.8, check the general capabilities
instead.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

diff --git a/patches/collateral-evolutions/network/0044-no_user_ns_in_net/ieee802154.patch b/patches/collateral-evolutions/network/0044-no_user_ns_in_net/ieee802154.patch
new file mode 100644 (file)
index 0000000..d5f951b
--- /dev/null
+++ b/patches/collateral-evolutions/network/0044-no_user_ns_in_net/ieee802154.patch
@@ -0,0 +1,30 @@
+--- a/net/ieee802154/dgram.c
++++ b/net/ieee802154/dgram.c
+@@ -483,8 +483,13 @@ static int dgram_setsockopt(struct sock
+               ro->want_ack = !!val;
+               break;
+       case WPAN_SECURITY:
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(3,8,0)
+               if (!ns_capable(net->user_ns, CAP_NET_ADMIN) &&
+                   !ns_capable(net->user_ns, CAP_NET_RAW)) {
++#else
++              if (!capable(CAP_NET_ADMIN) &&
++                  !capable(CAP_NET_RAW)) {
++#endif
+                       err = -EPERM;
+                       break;
+               }
+@@ -507,8 +512,13 @@ static int dgram_setsockopt(struct sock
+               }
+               break;
+       case WPAN_SECURITY_LEVEL:
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(3,8,0)
+               if (!ns_capable(net->user_ns, CAP_NET_ADMIN) &&
+                   !ns_capable(net->user_ns, CAP_NET_RAW)) {
++#else
++              if (!capable(CAP_NET_ADMIN) &&
++                  !capable(CAP_NET_RAW)) {
++#endif
+                       err = -EPERM;
+                       break;
+               }