On Sun, Mar 18, 2018 at 12:57:10PM -0700, John Fastabend wrote: > This implements a BPF ULP layer to allow policy enforcement and > monitoring at the socket layer. In order to support this a new > program type BPF_PROG_TYPE_SK_MSG is used to run the policy at > the sendmsg/sendpage hook. To attach the policy to sockets a > sockmap is used with a new program attach type BPF_SK_MSG_VERDICT. > > Similar to previous sockmap usages when a sock is added to a > sockmap, via a map update, if the map contains a BPF_SK_MSG_VERDICT > program type attached then the BPF ULP layer is created on the > socket and the attached BPF_PROG_TYPE_SK_MSG program is run for > every msg in sendmsg case and page/offset in sendpage case. ... > > Signed-off-by: John Fastabend <[email protected]>
looks great Acked-by: Alexei Starovoitov <[email protected]>
