Currently 5-tuple(sip+dip+sport+dport+proto) can't identify a uniq connection because there may be multi net namespace. For example, there may be a chance that netns a and netns b all listen on 127.0.0.1:8080 and the client with same port 40782 connect to them. Without netns number, sock ops program can't distinguish them. Using bpf_get_netns_id helpers to get current connection netns number to distinguish connections. Changes in v4: - rename get_netns_id_sock_ops to get_getns_id - rebase from bpf-next Changes in v3: - rename sock_ops_get_netns to get_netns_id Changes in v2: - Return u64 instead of u32 for sock_ops_get_netns - Fix build bug when CONFIG_NET_NS not set - Add selftest for sock_ops_get_netns Lingpeng Chen (3): bpf: Add get_netns_id helper function for sock_ops bpf: Sync uapi bpf.h to tools/ selftests/bpf: add selftest for get_netns_id helper include/uapi/linux/bpf.h | 9 +++- net/core/filter.c | 20 ++++++++ tools/include/uapi/linux/bpf.h | 9 +++- .../selftests/bpf/progs/test_tcpbpf_kern.c | 11 +++++ .../testing/selftests/bpf/test_tcpbpf_user.c | 46 ++++++++++++++++++- 5 files changed, 92 insertions(+), 3 deletions(-) base-commit e0360423d020 ("selftests/bpf: Run SYN cookies with reuseport BPF test only for TCP") -- 2.20.1