The xt_quota2 came from
http://sourceforge.net/projects/xtables-addons/develop
It needed tweaking for it to compile within the kernel tree.
Fixed kmalloc() and create_proc_entry() invocations within
a non-interruptible context.
Removed useless copying of current quota back to the iptable's
struct matchinfo:
- those are per CPU: they will change randomly based on which
cpu gets to update the value.
- they prevent matching a rule: e.g.
-A chain -m quota2 --name q1 --quota 123
can't be followed by
-D chain -m quota2 --name q1 --quota 123
as the 123 will be compared to the struct matchinfo's quota member.
Use the NETLINK NETLINK_NFLOG family to log a single message
when the quota limit is reached.
It uses the same packet type as ipt_ULOG, but
- never copies skb data,
- uses 112 as the event number (ULOG's +1)
It doesn't log if the module param "event_num" is 0.
Change-Id: I021d3b743db3b22158cc49acb5c94d905b501492
Signed-off-by: JP Abgrall <jpa@google.com>
[AmitP: Fix quota2_log() call and use ktime directly to align with
upstream commits 2456e85535 ("ktime: Get rid of the union") and
613dbd9572 ("netfilter: x_tables: move hook state into xt_action_param structure").
Also folded following android-4.9 commit changes into this patch
eb6aba2a14b9 ("ANDROID: netfilter: xt_quota2: 3.10 fixes.")
Parts of 85a2eb5b48fc ("ANDROID: netfilter: xt_qtaguid: 64-bit warning fixes")
89f9044e826c ("ANDROID: net: kuid/kguid build fixes")
60d4c172c5cd ("ANDROID: netfilter: xt_quota2: make quota2_log work well")]
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
7ff0c9f5c6