On 6/15/15 4:01 PM, David Miller wrote:
Although I agree with the sentiment that this thing can cause surprising results and can be asking for trouble. If someone wants to filter traffic "by UID" they might make a simple ingress TC ebpf program using these new interfaces and expect it to work. But the UID their program will see will be the UID of whatever randomly happened to be executing when the packet was received and processed.
yes, you're right. Such tc filters will be incorrect. Will send a partial revert disallowing them in tc. -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
