From: Martin KaFai Lau <martin.lau@linux.dev>
To: Hao Luo <haoluo@google.com>, Hou Tao <houtao@huaweicloud.com>
Cc: bpf <bpf@vger.kernel.org>, Yonghong Song <yhs@fb.com>,
Andrii Nakryiko <andrii@kernel.org>, Song Liu <song@kernel.org>,
Alexei Starovoitov <ast@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
KP Singh <kpsingh@kernel.org>,
Stanislav Fomichev <sdf@google.com>, Jiri Olsa <jolsa@kernel.org>,
John Fastabend <john.fastabend@gmail.com>,
Hou Tao <houtao1@huawei.com>,
Alexei Starovoitov <alexei.starovoitov@gmail.com>
Subject: Re: [PATCH bpf v2 1/3] bpf: Pin iterator link when opening iterator
Date: Wed, 16 Nov 2022 22:48:54 -0800 [thread overview]
Message-ID: <43bcd243-eea0-6cbe-b24b-640311fa1a83@linux.dev> (raw)
In-Reply-To: <CA+khW7gA3PgMwX5SmZELRdOATYeKN3XkAN9qKUWpjFU-M6YZjw@mail.gmail.com>
On 11/15/22 6:48 PM, Hao Luo wrote:
> On Tue, Nov 15, 2022 at 5:37 PM Alexei Starovoitov
> <alexei.starovoitov@gmail.com> wrote:
>>
>> On Tue, Nov 15, 2022 at 11:16 AM Martin KaFai Lau <martin.lau@linux.dev> wrote:
>>>
>>> On 11/10/22 10:34 PM, Hou Tao wrote:
>>>> From: Hou Tao <houtao1@huawei.com>
>>>>
>>>> For many bpf iterator (e.g., cgroup iterator), iterator link acquires
>>>> the reference of iteration target in .attach_target(), but iterator link
>>>> may be closed before or in the middle of iteration, so iterator will
>>>> need to acquire the reference of iteration target as well to prevent
>>>> potential use-after-free. To avoid doing the acquisition in
>>>> .init_seq_private() for each iterator type, just pin iterator link in
>>>> iterator.
>>>
>>> iiuc, a link currently will go away when all its fds closed and pinned file
>>> removed. After this change, the link will stay until the last iter is closed().
>>> Before then, the user space can still "bpftool link show" and even get the
>>> link back by bpf_link_get_fd_by_id(). If this is the case, it would be useful
>>> to explain it in the commit message.
>>>
>>> and does this new behavior make sense when comparing with other link types?
>
> I think this is a unique problem in iter link. Because iter link is
> the only link type that can generate another object.
Should a similar solution as in the current map iter be used then?
I am thinking, after all link fds are closed and its pinned files are removed,
if it cannot stop the already created iter, it should at least stop new iter
from being created?
next prev parent reply other threads:[~2022-11-17 6:49 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-11 6:34 [PATCH bpf v2 0/3] Pin iterator link when opening iterator Hou Tao
2022-11-11 6:34 ` [PATCH bpf v2 1/3] bpf: " Hou Tao
2022-11-11 16:31 ` Yonghong Song
2022-11-11 17:24 ` Hao Luo
2022-11-15 19:16 ` Martin KaFai Lau
2022-11-16 1:37 ` Alexei Starovoitov
2022-11-16 2:40 ` Hou Tao
2022-11-16 5:43 ` Alexei Starovoitov
2022-11-16 6:56 ` Hou Tao
2022-11-16 2:48 ` Hao Luo
2022-11-16 7:24 ` Hou Tao
2022-11-17 6:48 ` Martin KaFai Lau [this message]
2022-11-18 1:52 ` Hou Tao
2022-11-18 7:34 ` Martin KaFai Lau
2022-11-18 18:57 ` Hao Luo
2022-11-16 2:39 ` Hou Tao
2022-11-11 6:34 ` [PATCH bpf v2 2/3] selftests/bpf: Add cgroup helper remove_cgroup() Hou Tao
2022-11-11 6:34 ` [PATCH bpf v2 3/3] selftests/bpf: Add test for cgroup iterator on a dead cgroup Hou Tao
2022-11-11 18:00 ` Hao Luo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=43bcd243-eea0-6cbe-b24b-640311fa1a83@linux.dev \
--to=martin.lau@linux.dev \
--cc=alexei.starovoitov@gmail.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=haoluo@google.com \
--cc=houtao1@huawei.com \
--cc=houtao@huaweicloud.com \
--cc=john.fastabend@gmail.com \
--cc=jolsa@kernel.org \
--cc=kpsingh@kernel.org \
--cc=sdf@google.com \
--cc=song@kernel.org \
--cc=yhs@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox