diff options
| author | Alexei Starovoitov <ast@kernel.org> | 2020-06-30 10:45:08 -0700 |
|---|---|---|
| committer | Alexei Starovoitov <ast@kernel.org> | 2020-06-30 10:45:11 -0700 |
| commit | 951f38cf08350884e72e0936adf147a8d764cc5d (patch) | |
| tree | 738b98ec90d00d22a30a333a033aef20583d8c8b /include/linux/bpf-netns.h | |
| parent | 517bbe1994a3cee29a35c730662277bb5daff582 (diff) | |
| parent | 6ebb85c83aaf6ae75b920ef45d2a9eee42079265 (diff) | |
| download | linux-951f38cf08350884e72e0936adf147a8d764cc5d.tar.gz linux-951f38cf08350884e72e0936adf147a8d764cc5d.tar.bz2 linux-951f38cf08350884e72e0936adf147a8d764cc5d.zip | |
Merge branch 'bpf-multi-prog-prep'
Jakub Sitnicki says:
====================
This patch set prepares ground for link-based multi-prog attachment for
future netns attach types, with BPF_SK_LOOKUP attach type in mind [0].
Two changes are needed in order to attach and run a series of BPF programs:
1) an bpf_prog_array of programs to run (patch #2), and
2) a list of attached links to keep track of attachments (patch #3).
Nothing changes for BPF flow_dissector. Just as before only one program can
be attached to netns.
In v3 I've simplified patch #2 that introduces bpf_prog_array to take
advantage of the fact that it will hold at most one program for now.
In particular, I'm no longer using bpf_prog_array_copy. It turned out to be
less suitable for link operations than I thought as it fails to append the
same BPF program.
bpf_prog_array_replace_item is also gone, because we know we always want to
replace the first element in prog_array.
Naturally the code that handles bpf_prog_array will need change once
more when there is a program type that allows multi-prog attachment. But I
feel it will be better to do it gradually and present it together with
tests that actually exercise multi-prog code paths.
[0] https://lore.kernel.org/bpf/20200511185218.1422406-1-jakub@cloudflare.com/
v2 -> v3:
- Don't check if run_array is null in link update callback. (Martin)
- Allow updating the link with the same BPF program. (Andrii)
- Add patch #4 with a test for the above case.
- Kill bpf_prog_array_replace_item. Access the run_array directly.
- Switch from bpf_prog_array_copy() to bpf_prog_array_alloc(1, ...).
- Replace rcu_deref_protected & RCU_INIT_POINTER with rcu_replace_pointer.
- Drop Andrii's Ack from patch #2. Code changed.
v1 -> v2:
- Show with a (void) cast that bpf_prog_array_replace_item() return value
is ignored on purpose. (Andrii)
- Explain why bpf-cgroup cannot replace programs in bpf_prog_array based
on bpf_prog pointer comparison in patch #2 description. (Andrii)
====================
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Diffstat (limited to 'include/linux/bpf-netns.h')
0 files changed, 0 insertions, 0 deletions