netfilter: xt_bpf: support ebpf
authorWillem de Bruijn <willemb@google.com>
Tue, 6 Dec 2016 21:25:02 +0000 (16:25 -0500)
committerPablo Neira Ayuso <pablo@netfilter.org>
Wed, 7 Dec 2016 12:32:35 +0000 (13:32 +0100)
commit2c16d60332643e90d4fa244f4a706c454b8c7569
treedde08e481c1bf3e50c501b7aca2fd88eefdfa6d7
parent5bad87348c70bb4d36e876523aade31e9dedd2fc
netfilter: xt_bpf: support ebpf

Add support for attaching an eBPF object by file descriptor.

The iptables binary can be called with a path to an elf object or a
pinned bpf object. Also pass the mode and path to the kernel to be
able to return it later for iptables dump and save.

Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
include/uapi/linux/netfilter/xt_bpf.h
net/netfilter/xt_bpf.c