On 8/4/21 12:08 AM, Kuniyuki Iwashima wrote:
This patch implements the BPF iterator for the UNIX domain socket and
exports some functions under GPL for the CONFIG_UNIX=m case.
Currently, the batch optimization introduced for the TCP iterator in the
commit 04c7820b776f ("bpf: tcp: Bpf iter batching and lock_sock") is not
applied. It will require replacing the big lock for the hash table with
small locks for each hash list not to block other processes.
Signed-off-by: Kuniyuki Iwashima <kuniyu@xxxxxxxxxxxx>
---
fs/proc/proc_net.c | 2 +
include/linux/btf_ids.h | 3 +-
kernel/bpf/bpf_iter.c | 3 ++
net/core/filter.c | 1 +
net/unix/af_unix.c | 93 +++++++++++++++++++++++++++++++++++++++++
5 files changed, 101 insertions(+), 1 deletion(-)
diff --git a/fs/proc/proc_net.c b/fs/proc/proc_net.c
index 15c2e55d2ed2..887a8102da9f 100644
--- a/fs/proc/proc_net.c
+++ b/fs/proc/proc_net.c
@@ -91,6 +91,7 @@ int bpf_iter_init_seq_net(void *priv_data, struct bpf_iter_aux_info *aux)
#endif
return 0;
}
+EXPORT_SYMBOL_GPL(bpf_iter_init_seq_net);
bpf_iter does not support modules for now as it is implemented before
module btf support. It needs some changes.
For example, currently bpf_iter only caches/uses the vmlinux btf_id
and module obj_id and module btf_id is not used.
One example is ipv6 and bpf_iter is guarded with IS_BUILTIN(CONFIG_IPV6).
So you could (1) add btf_iter support module btf in this patch set, or
(2). check IS_BUILTIN(CONFIG_UNIX). (2) might be easier and you can have
a subsequent patch set to add module support for bpf_iter. But it is
up to you.
void bpf_iter_fini_seq_net(void *priv_data)
{
@@ -100,6 +101,7 @@ void bpf_iter_fini_seq_net(void *priv_data)
put_net(p->net);
#endif
[...]
