Re: [PATCH bpf-next v3 3/6] netfilter: nfnetlink hook: dump bpf prog id

Simon Horman <simon.horman@xxxxxxxxxxxx> · Thu, 20 Apr 2023 11:54:22 +0200

On Tue, Apr 18, 2023 at 03:10:35PM +0200, Florian Westphal wrote:
> This allows userspace ("nft list hooks") to show which bpf program
> is attached to which hook.
> 
> Without this, user only knows bpf prog is attached at prio
> x, y, z at INPUT and FORWARD, but can't tell which program is where.
> 
> Signed-off-by: Florian Westphal <fw@xxxxxxxxx>

Hi Florian,

as it seems there will be a v4, some kdoc nits from my side.

> ---
>  include/uapi/linux/netfilter/nfnetlink_hook.h | 20 ++++-
>  net/netfilter/nfnetlink_hook.c                | 81 ++++++++++++++++---
>  2 files changed, 87 insertions(+), 14 deletions(-)
> 
> diff --git a/include/uapi/linux/netfilter/nfnetlink_hook.h b/include/uapi/linux/netfilter/nfnetlink_hook.h
> index bbcd285b22e1..63b7dbddf0b1 100644
> --- a/include/uapi/linux/netfilter/nfnetlink_hook.h
> +++ b/include/uapi/linux/netfilter/nfnetlink_hook.h
> @@ -32,8 +32,12 @@ enum nfnl_hook_attributes {
>  /**
>   * enum nfnl_hook_chain_info_attributes - chain description
>   *
> - * NFNLA_HOOK_INFO_DESC: nft chain and table name (enum nft_table_attributes) (NLA_NESTED)
> + * NFNLA_HOOK_INFO_DESC: nft chain and table name (NLA_NESTED)
>   * NFNLA_HOOK_INFO_TYPE: chain type (enum nfnl_hook_chaintype) (NLA_U32)

nit: -,.s/NFLA/@NFLA/

> + *
> + * NFNLA_HOOK_INFO_DESC depends on NFNLA_HOOK_INFO_TYPE value:
> + *   NFNL_HOOK_TYPE_NFTABLES: enum nft_table_attributes
> + *   NFNL_HOOK_TYPE_BPF: enum nfnl_hook_bpf_info_attributes
>   */
>  enum nfnl_hook_chain_info_attributes {
>  	NFNLA_HOOK_INFO_UNSPEC,
> @@ -56,9 +60,23 @@ enum nfnl_hook_chain_desc_attributes {
>   * enum nfnl_hook_chaintype - chain type
>   *
>   * @NFNL_HOOK_TYPE_NFTABLES nf_tables base chain
> + * @NFNL_HOOK_TYPE_BPF bpf program

nit: s/@NFNL_HOOK_TYPE_NFTABLES/@NFNL_HOOK_TYPE_NFTABLES:/
     s/@NFNL_HOOK_TYPE_BPF/@NFNL_HOOK_TYPE_BPF:/

>   */
>  enum nfnl_hook_chaintype {
>  	NFNL_HOOK_TYPE_NFTABLES = 0x1,
> +	NFNL_HOOK_TYPE_BPF,
> +};
> +
> +/**
> + * enum nfnl_hook_bpf_info_attributes - bpf prog description

nit: s/nfnl_hook_bpf_info_attributes/nfnl_hook_bpf_attributes/

> + *
> + * NFNLA_BPF_INFO_ID: bpf program id (NLA_U32)

nit: s/NFNLA_BPF_INFO_ID:/NFNLA_HOOK_BPF_ID:/

> + */
> +enum nfnl_hook_bpf_attributes {
> +	NFNLA_HOOK_BPF_UNSPEC,
> +	NFNLA_HOOK_BPF_ID,
> +	__NFNLA_HOOK_BPF_MAX,
>  };
> +#define NFNLA_HOOK_BPF_MAX (__NFNLA_HOOK_BPF_MAX - 1)

...