Received: by 2002:a05:7412:8d10:b0:f3:1519:9f41 with SMTP id bj16csp5739657rdb; Wed, 13 Dec 2023 19:26:13 -0800 (PST) X-Google-Smtp-Source: AGHT+IHaTh0RslQ6IbUo9csvzvGnrP8OslxFLhfxTnntn5DTx4eSXRCJP7yCB27KQxQPznzehC+A X-Received: by 2002:a05:6a20:7488:b0:185:a762:9179 with SMTP id p8-20020a056a20748800b00185a7629179mr11804555pzd.1.1702524373062; Wed, 13 Dec 2023 19:26:13 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1702524373; cv=none; d=google.com; s=arc-20160816; b=AyCd4n062HmMGei7yUtQgw54GXthq6THT5hliUyK49A9Vxr0GsvsBlOzCNf3HWl/oV TNROBgNI7jcVfoTzJ1AxCN8Dh+cZF/3M/usotjwQZllK2mD0sE2XXeO+yHCUqOmqaZHL YyCqihG79aSX2IE/6Sgn26j8z7oidjYf3A8VCeEOblLARLfpkyJ4NnDu/ofVFaX8q/qa CWkBXv0wlT2iQej1ibnQ1/iJwLOGShUCaTIngUzyZkrT6Pw764M72Qops3/GBUGOftdS JH/b9KoxnzG4U+BOAjoQMiUXTm9eKSTraRrzoZpxRf6C6LH53dwz83iOlhqOyvSd7eNJ 2WDw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=GPsWVyL4NwwSi16TKv9mIAnFmxSF7NSVwjEEFxKBUi4=; fh=nBK3i3jRS1RD0ocwlNXbIBIaRPDN5gjxHLQfPi0Bz/c=; b=z7ixurH/NmJoNJuMzKEmisOQiL8CqeA4gERqsGHAU8LS2XdsS3ufx6zMq+R7R6fIrD DSIumJg4zaLHycgLSPvBAz7L5n7dduYcg2/aDuTjE9MDyvx9jx232g+OpJHp/1XbFjSK ByJo3xYgyaS3WjOkW3741+/y/ScRdnxzd/1LoKUZIgJ9Ov7Ytjh5zPz19wa8xLg7RuzN JJhlQcmomqDhu4eWeD3HiDubVJ/BKEEqDW5hur536vHSIeyM6UcAm4KHJFR7TVKJYoLd KQ02vzx8z6+F+IOcLKwnhu7w1FZbHFuUwnAT10gLPMmtwzajS+yOC4QoMnHj/T1cowrR LF8g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=l5RDKi8J; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.34 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from howler.vger.email (howler.vger.email. [23.128.96.34]) by mx.google.com with ESMTPS id p31-20020a056a000a1f00b006cb8abd39d3si10602841pfh.180.2023.12.13.19.26.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 13 Dec 2023 19:26:13 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.34 as permitted sender) client-ip=23.128.96.34; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=l5RDKi8J; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.34 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by howler.vger.email (Postfix) with ESMTP id DD3AA808BCBB; Wed, 13 Dec 2023 19:25:50 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at howler.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1443094AbjLNDZJ (ORCPT + 99 others); Wed, 13 Dec 2023 22:25:09 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52378 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234158AbjLNDZI (ORCPT ); Wed, 13 Dec 2023 22:25:08 -0500 Received: from mail-wr1-x434.google.com (mail-wr1-x434.google.com [IPv6:2a00:1450:4864:20::434]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A763CD0; Wed, 13 Dec 2023 19:25:14 -0800 (PST) Received: by mail-wr1-x434.google.com with SMTP id ffacd0b85a97d-33646dbedc9so215636f8f.3; Wed, 13 Dec 2023 19:25:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1702524313; x=1703129113; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=GPsWVyL4NwwSi16TKv9mIAnFmxSF7NSVwjEEFxKBUi4=; b=l5RDKi8JqobHEEfHqeg6/Qs5k38K/go2BsS+4h45GSZLJjYDWWpHN4zDSL+Ztgctuo orZQTBu5i2Gz3ysblKf+bMiKqcMYqdgiC45wuaLv3EuCnAuCG1I9MvJCEPtlNxZxG11w hwjCq/L7u3GDzmbTUlnfhAz3cDLOIlDAJ1syzgD6SfR3cD3RNDMxE/IiG40tLDVG6T4w aiFfLF2F6sXoIoISfSXQi88i8mUb5pHW4QIr2pSjQQfLKFqim+Ty5n5Nss5e9HgYiY1y xwS6k4DEucO86GrB1NGhrIeYt/sDzeSgXVD76DNVnlrv8BTBUs4CUZ3TZ4TwZTDdEDYx NeRA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1702524313; x=1703129113; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=GPsWVyL4NwwSi16TKv9mIAnFmxSF7NSVwjEEFxKBUi4=; b=Pa6U7yuwVpYE6gX+12o8aSax0oukCYIJrIeGVi5p13m9SrLL5oRoIDXEU03KSrrcmQ MyxCOkw2jGbOmSCmXF/FspKdDjmQA735oBvaYTRrdQ8SKadqdhBOV3cT6uRAIyRZS6kr MXrZKw566AIfF7qHw3cwMFQPfGNhILU4qGROQAVK+wt6T2kkjDsb66g8Ey4DTTOxGRFj +mmT+UcCY0sddhpmZrMmIRD3k6TMWpgqBKQ8h/5UssA/jRVcZnj7TwUtYDQAcM19LTDG CDMaRF3WzWFfDLfMFjsMosLDvcSLdX2tnuMc2AO/OwF1aD+ZVuL7RXqPJJxuy3QAcjVR PLIg== X-Gm-Message-State: AOJu0YwcjJZReWyP1zsps6OIvvRiROJj2cAx4cNavCJatUA4SrVxdURP 6cam9XFMrSnimQ3elOwwwdk07V8uQcd+ge9B23g= X-Received: by 2002:a5d:49c1:0:b0:333:2fd2:5d1b with SMTP id t1-20020a5d49c1000000b003332fd25d1bmr5020063wrs.77.1702524313048; Wed, 13 Dec 2023 19:25:13 -0800 (PST) MIME-Version: 1.0 References: <1702467945-38866-1-git-send-email-alibuda@linux.alibaba.com> <1702467945-38866-2-git-send-email-alibuda@linux.alibaba.com> <20231213222415.GA13818@breakpoint.cc> In-Reply-To: <20231213222415.GA13818@breakpoint.cc> From: Alexei Starovoitov Date: Wed, 13 Dec 2023 19:25:01 -0800 Message-ID: Subject: Re: [RFC nf-next 1/2] netfilter: bpf: support prog update To: Florian Westphal Cc: "D. Wythe" , Pablo Neira Ayuso , Jozsef Kadlecsik , bpf , LKML , Network Development , coreteam@netfilter.org, netfilter-devel , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Alexei Starovoitov Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-0.6 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on howler.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (howler.vger.email [0.0.0.0]); Wed, 13 Dec 2023 19:25:51 -0800 (PST) On Wed, Dec 13, 2023 at 2:24=E2=80=AFPM Florian Westphal wro= te: > > D. Wythe wrote: > > From: "D. Wythe" > > > > To support the prog update, we need to ensure that the prog seen > > within the hook is always valid. Considering that hooks are always > > protected by rcu_read_lock(), which provide us the ability to use a > > new RCU-protected context to access the prog. > > > > Signed-off-by: D. Wythe > > --- > > net/netfilter/nf_bpf_link.c | 124 ++++++++++++++++++++++++++++++++++++= +++----- > > 1 file changed, 111 insertions(+), 13 deletions(-) > > > > diff --git a/net/netfilter/nf_bpf_link.c b/net/netfilter/nf_bpf_link.c > > index e502ec0..918c470 100644 > > --- a/net/netfilter/nf_bpf_link.c > > +++ b/net/netfilter/nf_bpf_link.c > > @@ -8,17 +8,11 @@ > > #include > > #include > > > > -static unsigned int nf_hook_run_bpf(void *bpf_prog, struct sk_buff *sk= b, > > - const struct nf_hook_state *s) > > +struct bpf_nf_hook_ctx > > { > > - const struct bpf_prog *prog =3D bpf_prog; > > - struct bpf_nf_ctx ctx =3D { > > - .state =3D s, > > - .skb =3D skb, > > - }; > > - > > - return bpf_prog_run(prog, &ctx); > > -} > > + struct bpf_prog *prog; > > + struct rcu_head rcu; > > +}; > > I don't understand the need for this structure. AFAICS bpf_prog_put() > will always release the program via call_rcu()? > > If it doesn't, we are probably already in trouble as-is without this > patch, I don't think anything that prevents us from ending up calling alr= eady > released bpf prog, or releasing it while another cpu is still running it > if bpf_prog_put releases the actual underlying prog instantly. > > A BPF expert could confirm bpf-prog-put-is-call-rcu. +1 These patches look unnecessary. It seems that they accidently fix something else.