On Fri, 20 Dec 2019, KP Singh wrote: > From: KP Singh <kpsingh@xxxxxxxxxx> > > Allow userspace to attach a newer version of a program without having > duplicates of the same program. > > If BPF_F_ALLOW_OVERRIDE is passed, the attachment logic compares the > name of the new program to the names of existing attached programs. The > names are only compared till a "__" (or '\0', if there is no "__"). If > a successful match is found, the existing program is replaced with the > newer attachment. > > ./loader Attaches "env_dumper__v1" followed by "env_dumper__v2" > to the bprm_check_security hook.. > > ./loader > ./loader > > Before: > > cat /sys/kernel/security/bpf/process_execution > env_dumper__v1 > env_dumper__v2 > > After: > > cat /sys/kernel/security/bpf/process_execution > env_dumper__v2 > > Signed-off-by: KP Singh <kpsingh@xxxxxxxxxx> Reviewed-by: James Morris <jamorris@xxxxxxxxxxxxxxxxxxx> -- James Morris <jmorris@xxxxxxxxx>