diff options
| author | Daniel Mack <daniel@zonque.org> | 2016-11-23 16:52:26 +0100 |
|---|---|---|
| committer | Michael Bestas <mkbestas@lineageos.org> | 2022-04-19 00:51:08 +0300 |
| commit | b6b7346069a319fe0766d7861a188c2f7acb3c68 (patch) | |
| tree | 969b7e5d6fbfe7249d4cdfe5ce1beb524ea251eb /kernel/bpf/arraymap.c | |
| parent | 0a346079605ce5f64c8907f426205259edd65201 (diff) | |
UPSTREAM: cgroup: add support for eBPF programs
Cherry-pick from commit 3007098494bec614fb55dee7bc0410bb7db5ad18
This patch adds two sets of eBPF program pointers to struct cgroup.
One for such that are directly pinned to a cgroup, and one for such
that are effective for it.
To illustrate the logic behind that, assume the following example
cgroup hierarchy.
A - B - C
\ D - E
If only B has a program attached, it will be effective for B, C, D
and E. If D then attaches a program itself, that will be effective for
both D and E, and the program in B will only affect B and C. Only one
program of a given type is effective for a cgroup.
Attaching and detaching programs will be done through the bpf(2)
syscall. For now, ingress and egress inet socket filtering are the
only supported use-cases.
Signed-off-by: Daniel Mack <daniel@zonque.org>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Bug: 30950746
Change-Id: I3df35d8d3b1261503f9b5bcd90b18c9358f1ac28
Signed-off-by: Chatur27 <jasonbright2709@gmail.com>
Diffstat (limited to 'kernel/bpf/arraymap.c')
0 files changed, 0 insertions, 0 deletions