On 2/16/17 3:08 AM, Daniel Borkmann wrote:
> Is there anything that speaks against doing the comparison itself
> outside of the helper? Meaning, the helper would get a buffer
> passed from stack f.e. struct foo { u64 ns_dev; u64 ns_ino; }
> and fills both out with the netns info belonging to the sk/skb.How do you handle CONFIG_NET_NS not set? You call something like bpf_get_netns_id(sk, &foo), it has to exist regardless of the config. What should it return if netns is disabled?
