On 2/15/24 12:41 AM, Pablo Neira Ayuso wrote:
On Wed, Feb 14, 2024 at 05:10:46PM +0100, Quentin Deslandes wrote:
On 2024-01-02 07:11, D. Wythe wrote:
From: "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>
This patches attempt to implements updating of progs within
bpf netfilter link, allowing user update their ebpf netfilter
prog in hot update manner.
Besides, a corresponding test case has been added to verify
whether the update works.
--
v1:
1. remove unnecessary context, access the prog directly via rcu.
2. remove synchronize_rcu(), dealloc the nf_link via kfree_rcu.
3. check the dead flag during the update.
--
v1->v2:
1. remove unnecessary nf_prog, accessing nf_link->link.prog in direct.
--
v2->v3:
1. access nf_link->link.prog via rcu_dereference_raw to avoid warning.
--
v3->v4:
1. remove mutex for link update, as it is unnecessary and can be replaced
by atomic operations.
--
v4->v5:
1. fix error retval check on cmpxhcg
D. Wythe (2):
netfilter: bpf: support prog update
selftests/bpf: Add netfilter link prog update test
net/netfilter/nf_bpf_link.c | 50 ++++++++-----
.../bpf/prog_tests/netfilter_link_update_prog.c | 83 ++++++++++++++++++++++
.../bpf/progs/test_netfilter_link_update_prog.c | 24 +++++++
3 files changed, 141 insertions(+), 16 deletions(-)
create mode 100644 tools/testing/selftests/bpf/prog_tests/netfilter_link_update_prog.c
create mode 100644 tools/testing/selftests/bpf/progs/test_netfilter_link_update_prog.c
It seems this patch has been forgotten, hopefully this answer
will give it more visibility.
I've applied this change on 6.8.0-rc4 and tested BPF_LINK_UPDATE
with bpfilter and everything seems alright.
Just post it without RFC tag.
Glad to know that, I will send a formal version soon.
D. Wythe
