Alexei Starovoitov <ast@xxxxxxxxxx> writes: > Allow FENTRY/FEXIT BPF programs to attach to other BPF programs of any type > including their subprograms. This feature allows snooping on input and output > packets in XDP, TC programs including their return values. In order to do that > the verifier needs to track types not only of vmlinux, but types of other BPF > programs as well. The verifier also needs to translate uapi/linux/bpf.h types > used by networking programs into kernel internal BTF types used by FENTRY/FEXIT > BPF programs. In some cases LLVM optimizations can remove arguments from BPF > subprograms without adjusting BTF info that LLVM backend knows. When BTF info > disagrees with actual types that the verifiers sees the BPF trampoline has to > fallback to conservative and treat all arguments as u64. The FENTRY/FEXIT > program can still attach to such subprograms, but won't be able to recognize > pointer types like 'struct sk_buff *' into won't be able to pass them to > bpf_skb_output() for dumping to user space. > > The BPF_PROG_LOAD command is extended with attach_prog_fd field. When it's set > to zero the attach_btf_id is one vmlinux BTF type ids. When attach_prog_fd > points to previously loaded BPF program the attach_btf_id is BTF type id of > main function or one of its subprograms. > > Signed-off-by: Alexei Starovoitov <ast@xxxxxxxxxx> This is cool! Certainly solves the xdpdump use case; thanks! I do have a few questions (thinking about whether it can also be used for running multiple XDP programs): - Can a FEXIT function loaded this way only *observe* the return code of the BPF program it attaches to, or can it also change it? - Is it possible to attach multiple FENTRY/FEXIT programs to the same XDP program and/or to recursively attach FENTRY/FEXIT programs to each other? - Could it be possible for an FENTRY/FEXIT program to call into another XDP program (i.e., one that has the regular XDP program type)? -Toke
