[bpf-next] bpf/xdp: Can't detach BPF XDP prog if not exist

Message ID	20220504035207.98221-1-shaozhengchao@huawei.com (mailing list archive)
State	Changes Requested
Delegated to:	BPF
Headers	show Return-Path: <netdev-owner@kernel.org> From: Zhengchao Shao <shaozhengchao@huawei.com> To: <netdev@vger.kernel.org>, <linux-kernel@vger.kernel.org>, <bpf@vger.kernel.org>, <davem@davemloft.net>, <edumazet@google.com>, <kuba@kernel.org>, <pabeni@redhat.com> CC: <ast@kernel.org>, <daniel@iogearbox.net>, <hawk@kernel.org>, <john.fastabend@gmail.com>, <andrii@kernel.org>, <kafai@fb.com>, <songliubraving@fb.com>, <yhs@fb.com>, <kpsingh@kernel.org>, <bigeasy@linutronix.de>, <imagedong@tencent.com>, <petrm@nvidia.com>, <memxor@gmail.com>, <arnd@arndb.de>, <weiyongjun1@huawei.com>, <shaozhengchao@huawei.com>, <yuehaibing@huawei.com> Subject: [PATCH bpf-next] bpf/xdp: Can't detach BPF XDP prog if not exist Date: Wed, 4 May 2022 11:52:07 +0800 Message-ID: <20220504035207.98221-1-shaozhengchao@huawei.com> MIME-Version: 1.0 Content-Type: text/plain Precedence: bulk
Series	[bpf-next] bpf/xdp: Can't detach BPF XDP prog if not exist \| expand [bpf-next] bpf/xdp: Can't detach BPF XDP prog if not exist

Message ID

20220504035207.98221-1-shaozhengchao@huawei.com (mailing list archive)

State

Changes Requested

Delegated to:

BPF

Headers

From: Zhengchao Shao <shaozhengchao@huawei.com>
To: <netdev@vger.kernel.org>, <linux-kernel@vger.kernel.org>,
        <bpf@vger.kernel.org>, <davem@davemloft.net>,
        <edumazet@google.com>, <kuba@kernel.org>, <pabeni@redhat.com>
CC: <ast@kernel.org>, <daniel@iogearbox.net>, <hawk@kernel.org>,
        <john.fastabend@gmail.com>, <andrii@kernel.org>, <kafai@fb.com>,
        <songliubraving@fb.com>, <yhs@fb.com>, <kpsingh@kernel.org>,
        <bigeasy@linutronix.de>, <imagedong@tencent.com>,
        <petrm@nvidia.com>, <memxor@gmail.com>, <arnd@arndb.de>,
        <weiyongjun1@huawei.com>, <shaozhengchao@huawei.com>,
        <yuehaibing@huawei.com>
Subject: [PATCH bpf-next] bpf/xdp: Can't detach BPF XDP prog if not exist
Date: Wed, 4 May 2022 11:52:07 +0800
Message-ID: <20220504035207.98221-1-shaozhengchao@huawei.com>
MIME-Version: 1.0
Content-Type: text/plain
Precedence: bulk

Series

[bpf-next] bpf/xdp: Can't detach BPF XDP prog if not exist | expand

Context	Check	Description
bpf/vmtest-bpf-next-VM_Test-2	fail	Logs for Kernel LATEST on z15 + selftests
netdev/tree_selection	success	Clearly marked for bpf-next
netdev/fixes_present	success	Fixes tag not required for -next series
netdev/subject_prefix	success	Link
netdev/cover_letter	success	Single patches do not need cover letters
netdev/patch_count	success	Link
netdev/header_inline	success	No static functions without inline keyword in header files
netdev/build_32bit	success	Errors and warnings before: 7 this patch: 7
netdev/cc_maintainers	success	CCed 16 of 16 maintainers
netdev/build_clang	success	Errors and warnings before: 9 this patch: 9
netdev/module_param	success	Was 0 now: 0
netdev/verify_signedoff	success	Signed-off-by tag matches author and committer
netdev/verify_fixes	success	No Fixes tag
netdev/build_allmodconfig_warn	success	Errors and warnings before: 7 this patch: 7
netdev/checkpatch	success	total: 0 errors, 0 warnings, 0 checks, 12 lines checked
netdev/kdoc	success	Errors and warnings before: 0 this patch: 0
netdev/source_inline	success	Was 0 now: 0
bpf/vmtest-bpf-next-PR	fail	PR summary
bpf/vmtest-bpf-next-VM_Test-1	fail	Logs for Kernel LATEST on ubuntu-latest + selftests

Context

Check

Description

bpf/vmtest-bpf-next-VM_Test-2

fail

Logs for Kernel LATEST on z15 + selftests

netdev/tree_selection

success

Clearly marked for bpf-next

netdev/fixes_present

success

Fixes tag not required for -next series

netdev/subject_prefix

success

Link

netdev/cover_letter

success

Single patches do not need cover letters

netdev/patch_count

success

Link

netdev/header_inline

success

No static functions without inline keyword in header files

netdev/build_32bit

success

Errors and warnings before: 7 this patch: 7

netdev/cc_maintainers

success

CCed 16 of 16 maintainers

netdev/build_clang

success

Errors and warnings before: 9 this patch: 9

netdev/module_param

success

Was 0 now: 0

netdev/verify_signedoff

success

Signed-off-by tag matches author and committer

netdev/verify_fixes

success

No Fixes tag

netdev/build_allmodconfig_warn

success

Errors and warnings before: 7 this patch: 7

netdev/checkpatch

success

total: 0 errors, 0 warnings, 0 checks, 12 lines checked

netdev/kdoc

success

Errors and warnings before: 0 this patch: 0

netdev/source_inline

success

Was 0 now: 0

bpf/vmtest-bpf-next-PR

fail

PR summary

bpf/vmtest-bpf-next-VM_Test-1

fail

Logs for Kernel LATEST on ubuntu-latest + selftests

Commit Message

shaozhengchao May 4, 2022, 3:52 a.m. UTC

if user sets nonexistent xdp_flags to detach xdp prog, kernel should
return err and tell user that detach failed with detail info.

Signed-off-by: Zhengchao Shao <shaozhengchao@huawei.com>
---
 net/core/dev.c | 6 ++++++
 1 file changed, 6 insertions(+)

Comments

Toke Høiland-Jørgensen May 4, 2022, 11:19 a.m. UTC | #1

Zhengchao Shao <shaozhengchao@huawei.com> writes:

> if user sets nonexistent xdp_flags to detach xdp prog, kernel should
> return err and tell user that detach failed with detail info.
>
> Signed-off-by: Zhengchao Shao <shaozhengchao@huawei.com>

I kinda see your point, but this will change user-visible behaviour that
applications might be relying on, so I don't think we can make this
change at this stage. Why can't your application just query the link for
whether a program is attached?

-Toke

shaozhengchao May 5, 2022, 8:21 a.m. UTC | #2

-----邮件原件-----
发件人: Toke Høiland-Jørgensen [mailto:toke@redhat.com] 
发送时间: 2022年5月4日 19:20
收件人: shaozhengchao <shaozhengchao@huawei.com>; netdev@vger.kernel.org; linux-kernel@vger.kernel.org; bpf@vger.kernel.org; davem@davemloft.net; edumazet@google.com; kuba@kernel.org; pabeni@redhat.com
抄送: ast@kernel.org; daniel@iogearbox.net; hawk@kernel.org; john.fastabend@gmail.com; andrii@kernel.org; kafai@fb.com; songliubraving@fb.com; yhs@fb.com; kpsingh@kernel.org; bigeasy@linutronix.de; imagedong@tencent.com; petrm@nvidia.com; memxor@gmail.com; arnd@arndb.de; weiyongjun (A) <weiyongjun1@huawei.com>; shaozhengchao <shaozhengchao@huawei.com>; yuehaibing <yuehaibing@huawei.com>
主题: Re: [PATCH bpf-next] bpf/xdp: Can't detach BPF XDP prog if not exist

Zhengchao Shao <shaozhengchao@huawei.com> writes:

> if user sets nonexistent xdp_flags to detach xdp prog, kernel should 
> return err and tell user that detach failed with detail info.
>
> Signed-off-by: Zhengchao Shao <shaozhengchao@huawei.com>

I kinda see your point, but this will change user-visible behaviour that applications might be relying on, so I don't think we can make this change at this stage. Why can't your application just query the link for whether a program is attached?

-Toke

Thank you for your reply. I wiil change sample application firstly. But if kernel does nothing and return 0, maybe user will think setup is OK, actually It failed. Is this acceptable?

Toke Høiland-Jørgensen May 5, 2022, 2:27 p.m. UTC | #3

shaozhengchao <shaozhengchao@huawei.com> writes:

> Thank you for your reply. I wiil change sample application firstly.
> But if kernel does nothing and return 0, maybe user will think setup
> is OK, actually It failed. Is this acceptable?

Your patch was about detach; what has that got to do with "setup is OK"?

As for detaching, it's possible to write the application in a way that
it will always get a consistent result. There are basically two cases
when using netlink to detach an XDP program (bpf_link has its own
semantics, so setting that aside here):

1. The application just wants to turn off XDP entirely on the interface
   (e.g., 'ip link set dev XXX xdp off'). In this case you just send a
   RTM_SETLINK message with an IFLA_XDP_FD of -1, and if you don't get
   an error you can be sure that there is now no XDP program attached.
   Whether this was because there was already no program attached, or
   because you just detached it doesn't really matter in this case,
   since you're doing an unspecific detach anyway.

2. You attached a program earlier, and now you want to detach that (and
   only that) program. Or, equivalently, you queried the link and want
   to detach the program you know is attached there. In this case you
   send an RTM_SETLINK message with an IFLA_XDP_FD of -1 and an
   IFLA_XDP_EXPECTED_FD referring to the existing program. In this case
   you will get an error if that specific program is not in fact
   attached, whether because it was detached or swapped out in the
   meantime.

I don't see how case 1. is improved by returning ENOENT if there is no
program attached; if you care about detaching a specific program you'd
use case 2. anyway, and if you just want to check if a program is
attached, you'd do an RTM_GETLINK.

-Toke

diff --git a/net/core/dev.c b/net/core/dev.c
index 8ed0272bf32f..8ed05ef62c68 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -9149,6 +9149,12 @@  static int dev_xdp_attach(struct net_device *dev, struct netlink_ext_ack *extack
 		return -EBUSY;
 	}
 
+	/* no BPF XDP prog attached */
+	if (!new_prog && !(dev->xdp_state[mode].prog)) {
+		NL_SET_ERR_MSG(extack, "no BPF XDP prog attached");
+		return -ENOENT;
+	}
+
 	/* don't allow if an upper device already has a program */
 	netdev_for_each_upper_dev_rcu(dev, upper, iter) {
 		if (dev_xdp_prog_count(upper) > 0) {

[bpf-next] bpf/xdp: Can't detach BPF XDP prog if not exist

Checks

Commit Message

Comments

Patch