On 6/23/20 12:34 PM, Jakub Sitnicki wrote:
This patch set prepares ground for link-based multi-prog attachment for future netns attach types, with BPF_SK_LOOKUP attach type in mind [0]. Two changes are needed in order to attach and run a series of BPF programs: 1) an bpf_prog_array of programs to run (patch #2), and 2) a list of attached links to keep track of attachments (patch #3). I've been using these patches with the next iteration of BPF socket lookup hook patches, and saw that they are self-contained and can be split out to ease the review burden. Nothing changes for BPF flow_dissector. That is at most one prog can be attached. Thanks, -jkbs [0] https://lore.kernel.org/bpf/20200511185218.1422406-1-jakub@xxxxxxxxxxxxxx/ Cc: Andrii Nakryiko <andrii.nakryiko@xxxxxxxxx> Cc: Stanislav Fomichev <sdf@xxxxxxxxxx> v1 -> v2: - Show with a (void) cast that bpf_prog_array_replace_item() return value is ignored on purpose. (Andrii) - Explain why bpf-cgroup cannot replace programs in bpf_prog_array based on bpf_prog pointer comparison in patch #2 description. (Andrii) Jakub Sitnicki (3): flow_dissector: Pull BPF program assignment up to bpf-netns bpf, netns: Keep attached programs in bpf_prog_array bpf, netns: Keep a list of attached bpf_link's include/linux/bpf.h | 3 + include/net/flow_dissector.h | 3 +- include/net/netns/bpf.h | 7 +- kernel/bpf/core.c | 20 +++- kernel/bpf/net_namespace.c | 189 +++++++++++++++++++++++++---------- net/core/flow_dissector.c | 34 +++---- 6 files changed, 173 insertions(+), 83 deletions(-)
Applied, thanks!
