Chenbo Feng fb9a307d11 bpf: Allow CGROUP_SKB eBPF program to access sk_buff ... This allows cgroup eBPF program to classify packet based on their protocol or other detail information. Currently program need CAP_NET_ADMIN privilege to attach a cgroup eBPF program, and A process with CAP_NET_ADMIN can already see all packets on the system, for example, by creating an iptables rules that causes the packet to be passed to userspace via NFLOG. Signed-off-by: Chenbo Feng <fengc@google.com> Acked-by: Alexei Starovoitov <ast@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net>		2017-06-02 14:24:40 -04:00
..
Makefile	bpf: Add array of maps support	2017-03-22 15:45:45 -07:00
arraymap.c	bpf: fix wrong exposure of map_flags into fdinfo for lpm	2017-05-25 13:44:28 -04:00
bpf_lru_list.c	bpf: lru: Lower the PERCPU_NR_SCANS from 16 to 4	2017-04-17 13:55:52 -04:00
bpf_lru_list.h	bpf: Add percpu LRU list	2016-11-15 11:50:20 -05:00
cgroup.c	bpf: pass sk to helper functions	2017-04-11 14:54:19 -04:00
core.c	bpf: use different interpreter depending on required stack size	2017-05-31 19:29:48 -04:00
hashtab.c	bpf: map_get_next_key to return first key on NULL	2017-04-25 11:57:45 -04:00
helpers.c	bpf: rename ARG_PTR_TO_STACK	2017-01-09 16:56:27 -05:00
inode.c	fs: constify tree_descr arrays passed to simple_fill_super()	2017-04-26 23:54:06 -04:00
lpm_trie.c	bpf: fix wrong exposure of map_flags into fdinfo for lpm	2017-05-25 13:44:28 -04:00
map_in_map.c	bpf: Add array of maps support	2017-03-22 15:45:45 -07:00
map_in_map.h	bpf: Add array of maps support	2017-03-22 15:45:45 -07:00
percpu_freelist.c	bpf: introduce percpu_freelist	2016-03-08 15:28:31 -05:00
percpu_freelist.h	bpf: introduce percpu_freelist	2016-03-08 15:28:31 -05:00
stackmap.c	bpf: fix wrong exposure of map_flags into fdinfo for lpm	2017-05-25 13:44:28 -04:00
syscall.c	bpf: Add strict alignment flag for BPF_PROG_LOAD.	2017-05-11 14:19:00 -04:00
verifier.c	bpf: Allow CGROUP_SKB eBPF program to access sk_buff	2017-06-02 14:24:40 -04:00