1 --- a/linux/net/ipsec/pfkey_v2.c
2 +++ b/linux/net/ipsec/pfkey_v2.c
3 @@ -738,7 +738,7 @@ pfkey_create(struct socket *sock, int pr
4 sk->sk_family = PF_KEY;
5 /* sk->num = protocol; */
6 sk->sk_protocol = protocol;
7 - key_pid(sk) = current_uid();
8 + key_pid(sk) = IPSEC_FROM_KUIDT(current_uid());
11 KLIPS_PRINT(debug_pfkey,
12 --- a/linux/include/openswan/ipsec_kversion.h
13 +++ b/linux/include/openswan/ipsec_kversion.h
15 # define DEFINE_RWLOCK(x) rwlock_t x = RW_LOCK_UNLOCKED
19 + * kuid_t <=> uint32_t conversion
22 +#if LINUX_VERSION_CODE >= KERNEL_VERSION(3,7,0)
23 +# define IPSEC_FROM_KUIDT(x) from_kuid(current_user_ns(), x)
25 +# define IPSEC_FROM_KUIDT(x) (x)
29 #endif /* _OPENSWAN_KVERSIONS_H */
31 --- a/linux/net/ipsec/pfkey_v2_parser.c
32 +++ b/linux/net/ipsec/pfkey_v2_parser.c
33 @@ -1481,7 +1481,7 @@ pfkey_register_reply(int satype, struct
36 sadb_msg? sadb_msg->sadb_msg_seq : ++pfkey_msg_seq,
37 - sadb_msg? sadb_msg->sadb_msg_pid: current_uid()),
38 + sadb_msg? sadb_msg->sadb_msg_pid: IPSEC_FROM_KUIDT(current_uid())),
40 (alg_num_a ? pfkey_safe_build(error = pfkey_supported_build(&extensions_reply[K_SADB_EXT_SUPPORTED_AUTH],
41 K_SADB_EXT_SUPPORTED_AUTH,