Re: 答复: [PATCH bpf-next] samples/bpf: check detach prog exist or not in xdp_fwd

[Toke Høiland-Jørgensen]

shaozhengchao <shaozhengchao@xxxxxxxxxx> writes:

> -----邮件原件-----
> 发件人: Toke Høiland-Jørgensen [mailto:toke@xxxxxxxxxx] 
> 发送时间: 2022年5月9日 17:46
> 收件人: shaozhengchao <shaozhengchao@xxxxxxxxxx>; bpf@xxxxxxxxxxxxxxx; netdev@xxxxxxxxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx; ast@xxxxxxxxxx; daniel@xxxxxxxxxxxxx; davem@xxxxxxxxxxxxx; kuba@xxxxxxxxxx; hawk@xxxxxxxxxx; john.fastabend@xxxxxxxxx; andrii@xxxxxxxxxx; kafai@xxxxxx; songliubraving@xxxxxx; yhs@xxxxxx; kpsingh@xxxxxxxxxx
> 抄送: weiyongjun (A) <weiyongjun1@xxxxxxxxxx>; shaozhengchao <shaozhengchao@xxxxxxxxxx>; yuehaibing <yuehaibing@xxxxxxxxxx>
> 主题: Re: [PATCH bpf-next] samples/bpf: check detach prog exist or not in xdp_fwd
>
> Zhengchao Shao <shaozhengchao@xxxxxxxxxx> writes:
>
>> Before detach the prog, we should check detach prog exist or not.
>
> If we're adding such a check we should also check that it's the *right* program. I.e., query the ID for the program name and check that it matches what the program attached, then obtain an fd and pass that as XDP_EXPECTED_FD on detach to make sure it wasn't swapped out in the meantime...
>
> -Toke
>
> Thank you for your reply. When finish running xdp_fwd to attatch prog,
> the program will exit and can't store fd as XDP_EXPECTED_FD.
>
> I think the sample xdp_fwd -d is just detach prog and don't care if
> the fd is expected.

So why are you adding the check? Either keep it the way it is, or add a
proper check that examines the program type; you're right that it
doesn't store the prog FD, but you can still check the program name and
see if it matches to get some idea that it's not a totally separate
program that's loaded. I think doing so would be an improvement to the
sample, but just adding a check if a program is loaded is not, really...

-Toke