Hi, On 11/17/2022 2:48 PM, Martin KaFai Lau wrote: > On 11/15/22 6:48 PM, Hao Luo wrote: >> On Tue, Nov 15, 2022 at 5:37 PM Alexei Starovoitov >> <alexei.starovoitov@xxxxxxxxx> wrote: >>> >>> On Tue, Nov 15, 2022 at 11:16 AM Martin KaFai Lau <martin.lau@xxxxxxxxx> wrote: >>>> >>>> On 11/10/22 10:34 PM, Hou Tao wrote: >>>>> From: Hou Tao <houtao1@xxxxxxxxxx> >>>>> >>>>> For many bpf iterator (e.g., cgroup iterator), iterator link acquires >>>>> the reference of iteration target in .attach_target(), but iterator link >>>>> may be closed before or in the middle of iteration, so iterator will >>>>> need to acquire the reference of iteration target as well to prevent >>>>> potential use-after-free. To avoid doing the acquisition in >>>>> .init_seq_private() for each iterator type, just pin iterator link in >>>>> iterator. >>>> >>>> iiuc, a link currently will go away when all its fds closed and pinned file >>>> removed. After this change, the link will stay until the last iter is >>>> closed(). >>>> Before then, the user space can still "bpftool link show" and even get the >>>> link back by bpf_link_get_fd_by_id(). If this is the case, it would be useful >>>> to explain it in the commit message. >>>> >>>> and does this new behavior make sense when comparing with other link types? >> >> I think this is a unique problem in iter link. Because iter link is >> the only link type that can generate another object. > > Should a similar solution as in the current map iter be used then? > > I am thinking, after all link fds are closed and its pinned files are removed, > if it cannot stop the already created iter, it should at least stop new iter > from being created? Rather than adding the above logic for iterator link, just pinning the start cgroup in .init_seq_private() will be much simpler. And Hao worried about the close of iterator link fd will release the attached program and cause use-after-free problem, but it is not true, because prepare_seq_file() has already acquired an extra reference of the currently attached program, so it is OK to read the iterator after the close of iterator link fd. So what do you think ? > > > > .
