| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 19 Apr 2018 04:56:09 +0000
From: "Li,Rongqing" <lirongqing@...du.com>
To: Daniel Borkmann <daniel@...earbox.net>
CC: "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
"tj@...nel.org" <tj@...nel.org>, "ast@...com" <ast@...com>,
"brakmo@...com" <brakmo@...com>
Subject: 答复: [PATCH][net-next] net: ip tos cgroup
> -----邮件原件-----
> 发件人: Daniel Borkmann [mailto:daniel@...earbox.net]
> 发送时间: 2018年4月17日 22:11
> 收件人: Li,Rongqing <lirongqing@...du.com>
> 抄送: netdev@...r.kernel.org; tj@...nel.org; ast@...com;
> brakmo@...com
> 主题: Re: [PATCH][net-next] net: ip tos cgroup
>
> On 04/17/2018 05:36 AM, Li RongQing wrote:
> > ip tos segment can be changed by setsockopt(IP_TOS), or by iptables;
> > this patch creates a new method to change socket tos segment of
> > processes based on cgroup
> >
> > The usage:
> >
> > 1. mount ip_tos cgroup, and setting tos value
> > mount -t cgroup -o ip_tos ip_tos /cgroups/tos
> > echo tos_value >/cgroups/tos/ip_tos.tos
> > 2. then move processes to cgroup, or create processes in cgroup
> >
> > Signed-off-by: jimyan <jimyan@...du.com>
> > Signed-off-by: Li RongQing <lirongqing@...du.com>
>
> This functionality is already possible through the help of BPF programs
> attached to cgroups, have you had a chance to look into that?
>
I think this method is easier to use than BPF, and more efficient
-RongQing
Powered by blists - more mailing lists