Re: [PATCH bpf-next 1/4] xdp: Support specifying expected existing program when attaching XDP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, Mar 31, 2020 at 01:34:00PM +0200, Toke Høiland-Jørgensen wrote:
> Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx> writes:
> 
> > On Mon, Mar 30, 2020 at 04:41:46PM +0100, Edward Cree wrote:
> >> On 29/03/2020 21:23, Andrii Nakryiko wrote:
> >> > But you can't say the same about other XDP applications that do not
> >> > use libxdp. So will your library come with a huge warning
> >> What about a system-wide policy switch to decide whether replacing/
> >>  removing an XDP program without EXPECTED_FD is allowed?  That way
> >>  the sysadmin gets to choose whether it's the firewall or the packet
> >>  analyser that breaks, rather than baking a policy into the design.
> >> Then libxdp just needs to say in the README "you might want to turn
> >>  on this switch".  Or maybe it defaults to on, and the other program
> >>  has to talk you into turning it off if it wants to be 'ill-behaved'.
> >
> > yeah. something like this can work for xdp only, but
> > it won't work for tc, since ownership is missing.
> > It looks like such policy knob will bere-inventing bpf_link for
> > one specific xdp case only because xdp has one program per attachment.
> 
> You keep talking about this as though bpf_link was the existing API and
> we're discussing adding another, when in reality it's the other way
> around.

We explained it several times already that it is an existing API.
The _name_ bpf_link was formed only recently, but the concept
existed for very long time.
The raw_tp attach is nothing but bpf_link. It's FD based and it
preserves ownership (program execution guarantee).
Nothing can nuke it from under the process.
This was an api from the day one. See
commit c4f6699dfcb8 ("bpf: introduce BPF_RAW_TRACEPOINT")
from March 2018.
Then FD based [ku]probe and tracepoints were added
with the same two properties of bpf_link concept.
Then fentry/fexit attachment. Also FD based and execution guarantee.
And finally freplace. which is exact equivalent of bpf_link for xdp.
Since freplace can only be one, attaching freplace prog to another
program locks out any other process from attaching a different freplace
prog in the same spot (the same hook/function in the target prog).
To me that behavior looks like 100% equivalency to bpf_link for xdp.
While raw_tp/kprobe/tp/fentry/fexit/bpf_lsm are 100% equivalent to
what we want to do with bpf_link for TC (FD based multi prog with
all progs running and execution guarantee).
[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux