00f57e8b30
This module allows tracking stats at the socket level for given UIDs.
It replaces xt_owner.
If the --uid-owner is not specified, it will just count stats based on
who the skb belongs to. This will even happen on incoming skbs as it
looks into the skb via xt_socket magic to see who owns it.
If an skb is lost, it will be assigned to uid=0.
To control what sockets of what UIDs are tagged by what, one uses:
echo t $sock_fd $accounting_tag $the_billed_uid \
> /proc/net/xt_qtaguid/ctrl
So whenever an skb belongs to a sock_fd, it will be accounted against
$the_billed_uid
and matching stats will show up under the uid with the given
$accounting_tag.
Because the number of allocations for the stats structs is not that big:
~500 apps * 32 per app
we'll just do it atomic. This avoids walking lists many times, and
the fancy worker thread handling. Slabs will grow when needed later.
It use netdevice and inetaddr notifications instead of hooks in the core dev
code to track when a device comes and goes. This removes the need for
exposed iface_stat.h.
Put procfs dirs in /proc/net/xt_qtaguid/
ctrl
stats
iface_stat/<iface>/...
The uid stats are obtainable in ./stats.
Change-Id: I01af4fd91c8de651668d3decb76d9bdc1e343919
Signed-off-by: JP Abgrall <jpa@google.com>
[AmitP: Folded following android-4.9 commit changes into this patch
e5d798684a71 ("ANDROID: netfilter: qtaguid: initialize a local var to keep compiler happy")]
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
28 lines
1 KiB
C
28 lines
1 KiB
C
/* include/linux/android_aid.h
|
|
*
|
|
* Copyright (C) 2008 Google, Inc.
|
|
*
|
|
* This software is licensed under the terms of the GNU General Public
|
|
* License version 2, as published by the Free Software Foundation, and
|
|
* may be copied, distributed, and modified under those terms.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
*/
|
|
|
|
#ifndef _LINUX_ANDROID_AID_H
|
|
#define _LINUX_ANDROID_AID_H
|
|
|
|
/* AIDs that the kernel treats differently */
|
|
#define AID_OBSOLETE_000 KGIDT_INIT(3001) /* was NET_BT_ADMIN */
|
|
#define AID_OBSOLETE_001 KGIDT_INIT(3002) /* was NET_BT */
|
|
#define AID_INET KGIDT_INIT(3003)
|
|
#define AID_NET_RAW KGIDT_INIT(3004)
|
|
#define AID_NET_ADMIN KGIDT_INIT(3005)
|
|
#define AID_NET_BW_STATS KGIDT_INIT(3006) /* read bandwidth statistics */
|
|
#define AID_NET_BW_ACCT KGIDT_INIT(3007) /* change bandwidth statistics accounting */
|
|
|
|
#endif
|