Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp3249479imm; Sun, 29 Jul 2018 14:01:00 -0700 (PDT) X-Google-Smtp-Source: AAOMgpdwCs6/oTOTVlrcVqggoVWDho6yEkMERO6xac0mcC9nW3O1FCNKEj1jaMt6bD9eUHJXIyY8 X-Received: by 2002:a62:642:: with SMTP id 63-v6mr11327029pfg.42.1532898060600; Sun, 29 Jul 2018 14:01:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1532898060; cv=none; d=google.com; s=arc-20160816; b=za7wWYeiaAdRnanKwRZ0sYaV4UUKyCZ0SDPTr7/BMNpH2MRYv1QlJf4/GkAFbnfsof E/TJNhq5daaen9Mx2t9Py8oQbr1CIkvi3r4as2xEJSblOXHPcJ6Ncuuv6EqRFHqjYWEC IWSqEUDYCyMoaKNDypVkeDzCSGO5bgM3eB59N4McWVi9f7c6f+POZe4XSpx+Mmm9cyXC 0m3RU9EY9DlrtgpuG9v7MnpVNX6lezw1EpbVzkihmHBrU6KxRfxfP3ZAj4J6/qEIVwON TFJyXKGgP+OBrOkxXe8ZI7YQYlzYnyEVxU8d5coDuxUleZSy3mPDSdAGU0rlcXXsvM+R MLxA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:from:subject:references :mime-version:message-id:in-reply-to:date:dkim-signature :arc-authentication-results; bh=AokGEKCgwJ737GNoCwSaZTwt/QvtFfmxL6P86g1wy5w=; b=DEjOoF0I4BX7OdvnTfdirInz6U0QG7ft2gpWXkc3hluoOsL7/litxhyvAXRpu84Icy +PKh1jW7vyPwWQuGttUzAtweBSSHeEVSllSviWS+tH83hLjRH/sT81c1X2n99IXIiyPA SIpoN7yc0zEiBcSxuNXLgjTGPbwfUruZzjE7wSubha/pPl0/sKCzuSFR6Pb6wTAIdXZS GZvOwGicrE8OTG2MAoZLu/GdbVobeoVCOzvLvXFrRI7CoyGXXxqRj/QxASv2PDFYQB5J FcLOVqsUh1Di3b2V09F9Ewy5QZ62TgLWeF+xr3H6aJyGBcjjNDmTIxuJkIEyG6Nydr0i n8DA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=HLSfDvdY; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d30-v6si8539613pla.110.2018.07.29.14.00.46; Sun, 29 Jul 2018 14:01:00 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=HLSfDvdY; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731542AbeG2Wag (ORCPT + 99 others); Sun, 29 Jul 2018 18:30:36 -0400 Received: from mail-it0-f73.google.com ([209.85.214.73]:55198 "EHLO mail-it0-f73.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730995AbeG2Wag (ORCPT ); Sun, 29 Jul 2018 18:30:36 -0400 Received: by mail-it0-f73.google.com with SMTP id l8-v6so10874781ita.4 for ; Sun, 29 Jul 2018 13:58:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=AokGEKCgwJ737GNoCwSaZTwt/QvtFfmxL6P86g1wy5w=; b=HLSfDvdY9AbuDbTZYWPhcZkUhQegd7dQVwl/J+Y1zsvQhfy5P2HQZxQU6fOK8vh9Zb Sv7dlfEEzLSaiK7S8eCPnDP+K0staviqRlm8zismaM/B53HtoAQ+a5ogcEwlibC0G4Lc UWiFB5p5ZWNl75ftk3FuT9EPT6ahpf6OcppjfQ9HvvhhUbO1L8lVPafT3ivcWHocgldr z5q0QFkJ0o388m5ukFcLY2/ewM3yhS5YTYAy36gKYW+724BZuiYdo1GXjYC9//mwRAuR GX2Yv7AvSpVE+YbEk5duPEmzAEv4VwN3iQA99X/9T0Wz0DcFI/YWOQuEaOpD43Zh0vfO xN0w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=AokGEKCgwJ737GNoCwSaZTwt/QvtFfmxL6P86g1wy5w=; b=nwGnTcRvqQhavuHvekRtwyWDlbLfaivtk6k7GTl6FiGlZkSe3SRXri5sXII7Aez+rk BozYkAb+4GWE/Oyx1fC40Hw3vE+LV8ePa/2/pDqOu6/PTmjUOD59lbR7gzzks0nUBvJL dwaTH1asFa4Q55lk90xIlaaJGXZVnY83qT4QN5wt2bdRLjrlmILQuNlV+70rSKy9bBEV z81bREXVyjJVEZ5+oMVjN+gMivDWdO5PkUcGznQ8BzOjtFeZouQyCXrGW9zfQQPqbivF io2YJkoiwGxGMl+6fR6iL/jCRGNJ4N12LLTr8p4cbxw1KVAXyxzbkqGszdzcmsuVvw+X gr1w== X-Gm-Message-State: AOUpUlEDCNiip1f78xTOsQUqDQs4RbsmytTXDrPeuf+m2XwvOnU8eKfy PB9Nwt7VtvBEqDEnwjL7aBlfjeSVlT8= X-Received: by 2002:a24:47ca:: with SMTP id t193-v6mr6874648itb.24.1532897927126; Sun, 29 Jul 2018 13:58:47 -0700 (PDT) Date: Sun, 29 Jul 2018 13:58:35 -0700 In-Reply-To: Message-Id: <20180729205835.34850-1-dancol@google.com> Mime-Version: 1.0 References: X-Mailer: git-send-email 2.18.0.345.g5c9ce644c3-goog Subject: [PATCH v3] Add BPF_SYNCHRONIZE_MAP_TO_MAP_REFERENCES bpf(2) command From: Daniel Colascione To: joelaf@google.com Cc: linux-kernel@vger.kernel.org, timmurray@google.com, netdev@vger.kernel.org, Alexei Starovoitov , Lorenzo Colitti , Chenbo Feng , Mathieu Desnoyers , Alexei Starovoitov , Daniel Borkmann , Daniel Colascione Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org BPF_SYNCHRONIZE_MAP_TO_MAP_REFERENCES waits for the release of all references to maps active at the instant the BPF_SYNCHRONIZE_MAP_TO_MAP_REFERENCES is issued. BPF_SYNCHRONIZE_MAP_TO_MAP_REFERENCES waits only for the expiration of map references obtained by BPF programs from other maps. The purpose of this command is to provide a means for userspace to replace a BPF map with another, newer version, then ensure that no component is still using the "old" map before manipulating the "old" map in some way. Signed-off-by: Daniel Colascione --- include/uapi/linux/bpf.h | 14 ++++++++++++++ kernel/bpf/syscall.c | 13 +++++++++++++ 2 files changed, 27 insertions(+) diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h index b7db3261c62d..ca3cfca76edc 100644 --- a/include/uapi/linux/bpf.h +++ b/include/uapi/linux/bpf.h @@ -75,6 +75,19 @@ struct bpf_lpm_trie_key { __u8 data[0]; /* Arbitrary size */ }; +/* BPF_SYNCHRONIZE_MAP_TO_MAP_REFERENCES waits for the release of all + * references to maps active at the instant the + * BPF_SYNCHRONIZE_MAP_TO_MAP_REFERENCES is + * issued. BPF_SYNCHRONIZE_MAP_TO_MAP_REFERENCES waits only for the + * expiration of map references obtained by BPF programs from + * other maps. + * + * The purpose of this command is to provide a means for userspace to + * replace a BPF map with another, newer version, then ensure that no + * component is still using the "old" map before manipulating the + * "old" map in some way. + */ + /* BPF syscall commands, see bpf(2) man-page for details. */ enum bpf_cmd { BPF_MAP_CREATE, @@ -98,6 +111,7 @@ enum bpf_cmd { BPF_BTF_LOAD, BPF_BTF_GET_FD_BY_ID, BPF_TASK_FD_QUERY, + BPF_SYNCHRONIZE_MAP_TO_MAP_REFERENCES, }; enum bpf_map_type { diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c index a31a1ba0f8ea..bc9a0713f47d 100644 --- a/kernel/bpf/syscall.c +++ b/kernel/bpf/syscall.c @@ -2274,6 +2274,19 @@ SYSCALL_DEFINE3(bpf, int, cmd, union bpf_attr __user *, uattr, unsigned int, siz if (sysctl_unprivileged_bpf_disabled && !capable(CAP_SYS_ADMIN)) return -EPERM; + if (cmd == BPF_SYNCHRONIZE_MAP_TO_MAP_REFERENCES) { + if (uattr != NULL || size != 0) + return -EINVAL; + err = security_bpf(cmd, NULL, 0); + if (err < 0) + return err; + /* BPF programs always enter a critical section while + * they have a map reference outstanding. + */ + synchronize_rcu(); + return 0; + } + err = bpf_check_uarg_tail_zero(uattr, sizeof(attr), size); if (err) return err; -- 2.18.0.345.g5c9ce644c3-goog