git.maquefel.me Git - linux.git/commit

author	Daniel Xu <dxu@dxuuu.xyz>
	Wed, 7 Sep 2022 16:40:40 +0000 (10:40 -0600)
committer	Alexei Starovoitov <ast@kernel.org>
	Sun, 11 Sep 2022 00:27:32 +0000 (17:27 -0700)
commit	864b656f82ccd433d3e38149c3673d295ad64bf6
tree	1c4c3a628e740c3657756f4b8bc7c440bd948c84	tree \| snapshot
parent	84c6ac417ceacd086efc330afece8922969610b7	commit \| diff

bpf: Add support for writing to nf_conn:mark

Support direct writes to nf_conn:mark from TC and XDP prog types. This
is useful when applications want to store per-connection metadata. This
is also particularly useful for applications that run both bpf and
iptables/nftables because the latter can trivially access this metadata.

One example use case would be if a bpf prog is responsible for advanced
packet classification and iptables/nftables is later used for routing
due to pre-existing/legacy code.

Signed-off-by: Daniel Xu <dxu@dxuuu.xyz>
Link: https://lore.kernel.org/r/ebca06dea366e3e7e861c12f375a548cc4c61108.1662568410.git.dxu@dxuuu.xyz
Signed-off-by: Alexei Starovoitov <ast@kernel.org>

include/net/netfilter/nf_conntrack_bpf.h		diff \| blob \| history
net/core/filter.c		diff \| blob \| history
net/netfilter/nf_conntrack_bpf.c		diff \| blob \| history
net/netfilter/nf_conntrack_core.c		diff \| blob \| history