On Wed, 2 Oct 2019 at 14:30, Toke Høiland-Jørgensen <toke@xxxxxxxxxx> wrote: > > From: Toke Høiland-Jørgensen <toke@xxxxxxxxxx> > > This adds support to rtnetlink for setting and getting the per-device XDP > chain map. The map is set by means of a new netlink attribute that contains > a pointer to a BPF map of the XDP chain type. If such an attribute is > included, it will be inserted into the struct net_device so that the XDP > chain call code will pick it up on program execution. > > To prevent old userspace programs that do not understand the chain map > attribute from messing up the chain call order, a netlink message with no > chain map attribute set will be rejected if a chain map has already been > installed. > > When installing a new chain call map, an XDP program fd must also be > provided, otherwise the operation will be rejected. Why is the program required? I kind of expected the chain call map to override any program. -- Lorenz Bauer | Systems Engineer 6th Floor, County Hall/The Riverside Building, SE1 7PB, UK www.cloudflare.com
