lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 19 Apr 2018 04:56:09 +0000 From: "Li,Rongqing" <lirongqing@...du.com> To: Daniel Borkmann <daniel@...earbox.net> CC: "netdev@...r.kernel.org" <netdev@...r.kernel.org>, "tj@...nel.org" <tj@...nel.org>, "ast@...com" <ast@...com>, "brakmo@...com" <brakmo@...com> Subject: 答复: [PATCH][net-next] net: ip tos cgroup > -----邮件原件----- > 发件人: Daniel Borkmann [mailto:daniel@...earbox.net] > 发送时间: 2018年4月17日 22:11 > 收件人: Li,Rongqing <lirongqing@...du.com> > 抄送: netdev@...r.kernel.org; tj@...nel.org; ast@...com; > brakmo@...com > 主题: Re: [PATCH][net-next] net: ip tos cgroup > > On 04/17/2018 05:36 AM, Li RongQing wrote: > > ip tos segment can be changed by setsockopt(IP_TOS), or by iptables; > > this patch creates a new method to change socket tos segment of > > processes based on cgroup > > > > The usage: > > > > 1. mount ip_tos cgroup, and setting tos value > > mount -t cgroup -o ip_tos ip_tos /cgroups/tos > > echo tos_value >/cgroups/tos/ip_tos.tos > > 2. then move processes to cgroup, or create processes in cgroup > > > > Signed-off-by: jimyan <jimyan@...du.com> > > Signed-off-by: Li RongQing <lirongqing@...du.com> > > This functionality is already possible through the help of BPF programs > attached to cgroups, have you had a chance to look into that? > I think this method is easier to use than BPF, and more efficient -RongQing
Powered by blists - more mailing lists