Re: [PATCH 5/5] netfilter: implement xt_cgroup2 match

From: Jan Engelhardt
Date: Tue Nov 17 2015 - 17:56:08 EST

Next message: Francois Romieu: "Re: [PATCH 3/3] dl2k: Implement suspend"
Previous message: Enric Balletbo Serra: "Re: [PATCH] [media] hdmi: added functions for MPEG InfoFrames"
In reply to: Tejun Heo: "[PATCH 5/5] netfilter: implement xt_cgroup2 match"
Next in thread: Tejun Heo: "[PATCH 2/5] kernfs: implement kernfs_walk_and_get()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tuesday 2015-11-17 20:40, Tejun Heo wrote:
>@@ -0,0 +1,14 @@
>+#ifndef _XT_CGROUP2_H
>+#define _XT_CGROUP2_H
>+
>+#include <linux/types.h>
>+
>+struct xt_cgroup2_info {
>+ char path[PATH_MAX];
>+ __u8 invert;

Should <linux/limits.h> be included? (For PATH_MAX)

>+ /* kernel internal data */
>+ void *priv;
>+};

void *priv __attribute__((aligned(8)));

>+static bool cgroup2_mt(const struct sk_buff *skb, struct xt_action_param *par)
>+{
>+ const struct xt_cgroup2_info *info = par->matchinfo;
>+ struct cgroup *ancestor = info->priv;

There is no modification planned on the cgroup, so this too can be const struct
cgroupÂ* if-and-when cgroup_is_descendant is made to take const ptrs as well.

>+ if (!skb->sk || !sk_fullsock(skb->sk))
>+ return false;
>+
>+ return cgroup_is_descendant(skb->sk->sk_cgroup, ancestor) ^ info->invert;
>+}

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Francois Romieu: "Re: [PATCH 3/3] dl2k: Implement suspend"
Previous message: Enric Balletbo Serra: "Re: [PATCH] [media] hdmi: added functions for MPEG InfoFrames"
In reply to: Tejun Heo: "[PATCH 5/5] netfilter: implement xt_cgroup2 match"
Next in thread: Tejun Heo: "[PATCH 2/5] kernfs: implement kernfs_walk_and_get()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]