From: Jakub Sitnicki <jakub@cloudflare.com>
To: Martin KaFai Lau <kafai@fb.com>
Cc: bpf@vger.kernel.org, netdev@vger.kernel.org, kernel-team@cloudflare.com
Subject: Re: [PATCH bpf-next v3 2/4] bpf, netns: Keep attached programs in bpf_prog_array
Date: Fri, 26 Jun 2020 12:40:06 +0200 [thread overview]
Message-ID: <87h7uym7p5.fsf@cloudflare.com> (raw)
In-Reply-To: <20200626054105.rpz6py7jqc34vzyl@kafai-mbp.dhcp.thefacebook.com>
On Fri, Jun 26, 2020 at 07:41 AM CEST, Martin KaFai Lau wrote:
> On Thu, Jun 25, 2020 at 04:13:55PM +0200, Jakub Sitnicki wrote:
>> Prepare for having multi-prog attachments for new netns attach types by
>> storing programs to run in a bpf_prog_array, which is well suited for
>> iterating over programs and running them in sequence.
>>
>> After this change bpf(PROG_QUERY) may block to allocate memory in
>> bpf_prog_array_copy_to_user() for collected program IDs. This forces a
>> change in how we protect access to the attached program in the query
>> callback. Because bpf_prog_array_copy_to_user() can sleep, we switch from
>> an RCU read lock to holding a mutex that serializes updaters.
>>
>> Because we allow only one BPF flow_dissector program to be attached to
>> netns at all times, the bpf_prog_array pointed by net->bpf.run_array is
>> always either detached (null) or one element long.
>>
>> No functional changes intended.
>>
>> Signed-off-by: Jakub Sitnicki <jakub@cloudflare.com>
>> ---
>> include/net/netns/bpf.h | 5 +-
>> kernel/bpf/net_namespace.c | 120 +++++++++++++++++++++++++------------
>> net/core/flow_dissector.c | 19 +++---
>> 3 files changed, 96 insertions(+), 48 deletions(-)
>>
>> diff --git a/include/net/netns/bpf.h b/include/net/netns/bpf.h
>> index a8dce2a380c8..a5015bda9979 100644
>> --- a/include/net/netns/bpf.h
>> +++ b/include/net/netns/bpf.h
>> @@ -9,9 +9,12 @@
>> #include <linux/bpf-netns.h>
>>
>> struct bpf_prog;
>> +struct bpf_prog_array;
>>
>> struct netns_bpf {
>> - struct bpf_prog __rcu *progs[MAX_NETNS_BPF_ATTACH_TYPE];
>> + /* Array of programs to run compiled from progs or links */
>> + struct bpf_prog_array __rcu *run_array[MAX_NETNS_BPF_ATTACH_TYPE];
>> + struct bpf_prog *progs[MAX_NETNS_BPF_ATTACH_TYPE];
>> struct bpf_link *links[MAX_NETNS_BPF_ATTACH_TYPE];
> With the new run_array, I think the "*progs[]" is not needed.
> It seems the original "*progs[]" is only used to tell
> if it is in the prog_attach mode or the newer link mode.
> There is other ways to do that.
>
> It is something to think about when there is more clarity on how
> multi netns prog will look like in the next set.
Having just the run_array without *progs[] is something I've tried
initially but ended up rewriting it. The end result was confusing to me.
I couldn't convince myself to sign off on it and present it.
Adding back the pointer to bpf_prog was counterintutivive, because it is
wasteful, but it actually made the code readable.
Best I can articulate why it didn't work out great (should have tagged
the branch...) is that without *progs[] the run_array holds bpf_prog
pointers sometimes with ref-count on the prog (old mode), and sometimes
without one (new mode). This mixed state manifests itself mostly on
netns teardown, where we need to access the prog_array to put the prog,
but only if we're not using links.
Then again, perhaps I simply messsed up the code back then, and it
deserves another shot. Either way, getting rid of *progs[] is a
potential optimization.
[...]
next prev parent reply other threads:[~2020-06-26 10:40 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-06-25 14:13 [PATCH bpf-next v3 0/4] bpf, netns: Prepare for multi-prog attachment Jakub Sitnicki
2020-06-25 14:13 ` [PATCH bpf-next v3 1/4] flow_dissector: Pull BPF program assignment up to bpf-netns Jakub Sitnicki
2020-06-26 1:38 ` Martin KaFai Lau
2020-06-25 14:13 ` [PATCH bpf-next v3 2/4] bpf, netns: Keep attached programs in bpf_prog_array Jakub Sitnicki
2020-06-25 20:50 ` Andrii Nakryiko
2020-06-26 9:45 ` Jakub Sitnicki
2020-06-26 22:13 ` Andrii Nakryiko
2020-06-26 22:15 ` Andrii Nakryiko
2020-06-26 5:41 ` Martin KaFai Lau
2020-06-26 10:40 ` Jakub Sitnicki [this message]
2020-06-25 14:13 ` [PATCH bpf-next v3 3/4] bpf, netns: Keep a list of attached bpf_link's Jakub Sitnicki
2020-06-26 5:43 ` Martin KaFai Lau
2020-06-25 14:13 ` [PATCH bpf-next v3 4/4] selftests/bpf: Test updating flow_dissector link with same program Jakub Sitnicki
2020-06-26 5:52 ` Martin KaFai Lau
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87h7uym7p5.fsf@cloudflare.com \
--to=jakub@cloudflare.com \
--cc=bpf@vger.kernel.org \
--cc=kafai@fb.com \
--cc=kernel-team@cloudflare.com \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.