On Fri, Feb 3, 2017 at 9:13 AM, Alexei Starovoitov <alexei.starovoi...@gmail.com> wrote: > I think sk_uid is self explanatory, but cookie is less so. > Please explain how you plan to use it.
The cookie is the only way to uniquely identify a given socket on the system (the 5-tuple is not sufficient in the presence of SO_REUSEPORT, for example). One goal for this infrastructure is to perform per-socket accounting (ultimately replace the out-of-tree xt_qtaguid code that is used for per-UID, per-socket-tag accounting on Android). The socket cookie would be a natural key to use in a BPF map where the values are socket accounting information.
