On Wed, Dec 14, 2022 at 2:54 AM Toke Høiland-Jørgensen <toke@xxxxxxxxxx> wrote: > > Stanislav Fomichev <sdf@xxxxxxxxxx> writes: > > [..] > > > diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c > > index d434a994ee04..c3e501e3e39c 100644 > > --- a/kernel/bpf/core.c > > +++ b/kernel/bpf/core.c > > @@ -2097,6 +2097,13 @@ bool bpf_prog_map_compatible(struct bpf_map *map, > > if (fp->kprobe_override) > > return false; > > > > + /* When tail-calling from a non-dev-bound program to a dev-bound one, > > + * XDP metadata helpers should be disabled. Until it's implemented, > > + * prohibit adding dev-bound programs to tail-call maps. > > + */ > > + if (bpf_prog_is_dev_bound(fp->aux)) > > + return false; > > + > > nit: the comment is slightly inaccurate as the program running in a > devmap/cpumap has nothing to do with tail calls. maybe replace it with: > > "XDP programs inserted into maps are not guaranteed to run on a > particular netdev (and can run outside driver context entirely in the > case of devmap and cpumap). Until device checks are implemented, > prohibit adding dev-bound programs to program maps." SG. > Also, there needs to be a check in bpf_prog_test_run_xdp() to reject > dev-bound programs there as well... Ah, totally forgot about this part, thanks for reminding! > -Toke >
