Andrii Nakryiko <andriin@xxxxxx> writes: > This patch series adds various observability APIs to bpf_link: > - each bpf_link now gets ID, similar to bpf_map and bpf_prog, by which > user-space can iterate over all existing bpf_links and create limited FD > from ID; > - allows to get extra object information with bpf_link general and > type-specific information; > - implements `bpf link show` command which lists all active bpf_links in the > system; > - implements `bpf link pin` allowing to pin bpf_link by ID or from other > pinned path. > > rfc->v1: > - dropped read-only bpf_links (Alexei); Just to make sure I understand this right: With this change, the GET_FD_BY_ID operation will always return a r/w bpf_link fd that can subsequently be used to detach the link? And you're doing the 'access limiting' by just requiring CAP_SYS_ADMIN for the whole thing. Right? :) -Toke
