On Thu, Mar 05, 2020 at 12:16:20AM -0800, Jakub Kicinski wrote: > > > > bpf program is an object. That object has an owner or multiple owners. > > A user process that holds a pointer to that object is a shared owner. > > FD is such pointer. FD == std::shared_ptr<bpf_prog>. > > Holding that pointer guarantees that <bpf_prog> will not disappear, > > but it says nothing that the program will keep running. > > For [ku]probe,tp,fentry,fexit there was always <bpf_link> in the kernel. > > It wasn't that formal in the past until most recent Andrii's patches, > > but the concept existed for long time. FD == std::shared_ptr<bpf_link> > > connects a kernel object with <bpf_prog>. When that kernel objects emits > > an event the <bpf_link> guarantees that <bpf_prog> will be executed. > > I see so the link is sort of [owner -> prog -> target]. No. Link has two pieces: kernel object and program. It connects the two. > > For cgroups we don't have such concept. We thought that three attach modes we > > introduced (default, allow-override, allow-multi) will cover all use cases. But > > in practice turned out that it only works when there is a central daemon for > > _all_ cgroup-bpf progs in the system otherwise different processes step on each > > other. More so there has to be a central diff-review human authority otherwise > > teams step on each other. That's sort-of works within one org, but doesn't > > scale. > > > > To avoid making systemd a central place to coordinate attaching xdp, tc, cgroup > > progs the kernel has to provide a mechanism for an application to connect a > > kernel object with a prog and hold the ownership of that link so that no other > > process in the system can break that connection. > > To me for XDP the promise that nothing breaks the connection cannot be > made without a daemon, because without the daemon the link has to be > available somewhere/pinned to make changes to, and therefore is no > longer safe. This is not true. Nothing requires pinning. Again. FD == shared_ptr. Two applications can share that link and coordinate the changes to dispatcher prog without a daemon and without pinning.
