diff options
| author | Tejun Heo <tj@kernel.org> | 2015-12-08 01:38:55 +0300 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2015-12-14 22:34:55 +0300 |
| commit | c38c4597e4bf3e99860eac98211748e1ecb0e139 (patch) | |
| tree | c24fde86bfd2353a1087f7c42f62a14c805931ae /net/netfilter/nfnetlink.c | |
| parent | 4ec8ff0edccffe7a77f18e2a1e2ce86f03e08b5c (diff) | |
| download | linux-c38c4597e4bf3e99860eac98211748e1ecb0e139.tar.xz | |
netfilter: implement xt_cgroup cgroup2 path match
This patch implements xt_cgroup path match which matches cgroup2
membership of the associated socket. The match is recursive and
invertible.
For rationales on introducing another cgroup based match, please refer
to a preceding commit "sock, cgroup: add sock->sk_cgroup".
v3: Folded into xt_cgroup as a new revision interface as suggested by
Pablo.
v2: Included linux/limits.h from xt_cgroup2.h for PATH_MAX. Added
explicit alignment to the priv field. Both suggested by Jan.
Signed-off-by: Tejun Heo <tj@kernel.org>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Cc: Daniel Wagner <daniel.wagner@bmw-carit.de>
CC: Neil Horman <nhorman@tuxdriver.com>
Cc: Jan Engelhardt <jengelh@inai.de>
Cc: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/nfnetlink.c')
0 files changed, 0 insertions, 0 deletions