summaryrefslogtreecommitdiffstats
path: root/include/net/cls_cgroup.h
diff options
context:
space:
mode:
authorDaniel Borkmann <daniel@iogearbox.net>2020-03-27 16:58:53 +0100
committerAlexei Starovoitov <ast@kernel.org>2020-03-28 03:40:38 +0100
commit5a52ae4e32a61ad06ef67f0b3123adbdbac4fb83 (patch)
treeb6f8be3cebc0fc9da54c1494b9d4d05e554eac14 /include/net/cls_cgroup.h
parentbpf: Add netns cookie and enable it for bpf cgroup hooks (diff)
downloadlinux-5a52ae4e32a61ad06ef67f0b3123adbdbac4fb83.tar.xz
linux-5a52ae4e32a61ad06ef67f0b3123adbdbac4fb83.zip
bpf: Allow to retrieve cgroup v1 classid from v2 hooks
Today, Kubernetes is still operating on cgroups v1, however, it is possible to retrieve the task's classid based on 'current' out of connect(), sendmsg(), recvmsg() and bind-related hooks for orchestrators which attach to the root cgroup v2 hook in a mixed env like in case of Cilium, for example, in order to then correlate certain pod traffic and use it as part of the key for BPF map lookups. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Signed-off-by: Alexei Starovoitov <ast@kernel.org> Link: https://lore.kernel.org/bpf/555e1c69db7376c0947007b4951c260e1074efc3.1585323121.git.daniel@iogearbox.net
Diffstat (limited to 'include/net/cls_cgroup.h')
-rw-r--r--include/net/cls_cgroup.h7
1 files changed, 6 insertions, 1 deletions
diff --git a/include/net/cls_cgroup.h b/include/net/cls_cgroup.h
index 4295de3e6a4b..7e78e7d6f015 100644
--- a/include/net/cls_cgroup.h
+++ b/include/net/cls_cgroup.h
@@ -45,9 +45,14 @@ static inline void sock_update_classid(struct sock_cgroup_data *skcd)
sock_cgroup_set_classid(skcd, classid);
}
+static inline u32 __task_get_classid(struct task_struct *task)
+{
+ return task_cls_state(task)->classid;
+}
+
static inline u32 task_get_classid(const struct sk_buff *skb)
{
- u32 classid = task_cls_state(current)->classid;
+ u32 classid = __task_get_classid(current);
/* Due to the nature of the classifier it is required to ignore all
* packets originating from softirq context as accessing `current'