projects / firefly-linux-kernel-4.4.55.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d18e4b8) | patch
netfilter: xt_qtaguid: 1st pass at tracking tag based data resources
authorJP Abgrall <jpa@google.com>
Fri, 9 Sep 2011 08:55:24 +0000 (01:55 -0700)
committerJP Abgrall <jpa@google.com>
Fri, 9 Sep 2011 22:46:22 +0000 (15:46 -0700)
commitf7d29b64351dda3bc763bbda3db9cc7785512bc2
treef1c9f3439628fc6c63d80b226c1b56e3d8646de7tree | snapshot
parentd18e4b80d11b530e76eeb076a812f4630426a0eccommit | diff
netfilter: xt_qtaguid: 1st pass at tracking tag based data resources

* Added global resource tracking based on tags.
 - Can be put into passive mode via
    /sys/modules/xt_qtaguid/params/tag_tracking_passive
 - The number of socket tags per UID is now limited
 - Adding /dev/xt_qtaguid that each process should open before starting
to tag sockets. A later change will make it a "must".
 - A process should not create new tags unless it has the dev open.
  A later change will make it a must.
 - On qtaguid_resources release, the process' matching socket tag info
  is deleted.
* Support run-time debug mask via /sys/modules parameter "debug_mask".
* split module into prettyprinting code, includes, main.
* Removed ptrdiff_t usage which didn't work in all cases.

Change-Id: I4a21d3bea55d23c1c3747253904e2a79f7d555d9
Signed-off-by: JP Abgrall <jpa@google.com>
net/netfilter/Makefile diff | blob | history
net/netfilter/xt_qtaguid.c diff | blob | history
net/netfilter/xt_qtaguid_internal.h [new file with mode: 0644] blob
net/netfilter/xt_qtaguid_print.c [new file with mode: 0644] blob
net/netfilter/xt_qtaguid_print.h [new file with mode: 0644] blob
Unnamed repository; edit this file 'description' to name the repository.