lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 1 May 2020 08:54:08 +0300 From: Konstantin Khlebnikov <khlebnikov@...dex-team.ru> To: David Miller <davem@...emloft.net>, zeil@...dex-team.ru Cc: netdev@...r.kernel.org, tj@...nel.org, cgroups@...r.kernel.org, bpf@...r.kernel.org Subject: Re: [PATCH net-next 0/2] inet_diag: add cgroup attribute and filter On 30/04/2020 22.55, David Miller wrote: > From: Dmitry Yakunin <zeil@...dex-team.ru> > Date: Thu, 30 Apr 2020 18:51:13 +0300 > >> This patch series extends inet diag with cgroup v2 ID attribute and >> filter. Which allows investigate sockets on per cgroup basis. Patch for >> ss is already sent to iproute2-next mailing list. > > Ok, this looks fine, series applied. > > Although I wish you could have done something like only emit the cgroup > attribute if it is a non-default value (zero, or whatever it is). > > Every time a new socket attribute is added, it makes long dumps more > and more expensive. > Maybe then put it under condition if (ext & (1 << (INET_DIAG_CLASS_ID - 1)) || ext & (1 << (INET_DIAG_TCLASS - 1))) { like legacy cgroup id INET_DIAG_CLASS_ID above. (userspace requests it by INET_DIAG_TCLASS because INET_DIAG_CLASS_ID does not fit into field)
Powered by blists - more mailing lists