This patch set adds new BPF link operation, LINK_DETACH, allowing processes
with BPF link FD to force-detach it from respective BPF hook, similarly how
BPF link is auto-detached when such BPF hook (e.g., cgroup, net_device, netns,
etc) is removed. This facility allows admin to forcefully undo BPF link
attachment, while process that created BPF link in the first place is left
intact.
Once force-detached, BPF link stays valid in the kernel as long as there is at
least one FD open against it. It goes into defunct state, just like
auto-detached BPF link.
bpftool also got `link detach` command to allow triggering this in
non-programmatic fashion.
v1->v2:
- improve error reporting in `bpftool link detach` (Song).
Andrii Nakryiko (5):
bpf: add support for forced LINK_DETACH command
libbpf: add bpf_link detach APIs
selftests/bpf: add link detach tests for cgroup, netns, and xdp
bpf_links
tools/bpftool: add `link detach` subcommand
tools/bpftool: add documentation and bash-completion for `link detach`
include/linux/bpf.h | 1 +
include/uapi/linux/bpf.h | 5 ++
kernel/bpf/cgroup.c | 15 +++++-
kernel/bpf/net_namespace.c | 8 +++
kernel/bpf/syscall.c | 26 ++++++++++
net/core/dev.c | 11 +++-
.../bpftool/Documentation/bpftool-link.rst | 8 +++
tools/bpf/bpftool/bash-completion/bpftool | 4 +-
tools/bpf/bpftool/link.c | 37 +++++++++++++-
tools/include/uapi/linux/bpf.h | 5 ++
tools/lib/bpf/bpf.c | 10 ++++
tools/lib/bpf/bpf.h | 2 +
tools/lib/bpf/libbpf.c | 5 ++
tools/lib/bpf/libbpf.h | 1 +
tools/lib/bpf/libbpf.map | 2 +
.../selftests/bpf/prog_tests/cgroup_link.c | 20 +++++++-
.../selftests/bpf/prog_tests/sk_lookup.c | 51 +++++++++----------
.../selftests/bpf/prog_tests/xdp_link.c | 14 +++++
tools/testing/selftests/bpf/testing_helpers.c | 14 +++++
tools/testing/selftests/bpf/testing_helpers.h | 3 ++
20 files changed, 208 insertions(+), 34 deletions(-)
--
2.24.1
