Re: [PATCH] samples/bpf: Add sample usage for BPF_PROG_TYPE_NETFILTER
From: Alexei Starovoitov
Date: Tue Sep 05 2023 - 12:20:21 EST
On Tue, Sep 5, 2023 at 4:11 AM David Wang <00107082@xxxxxxx> wrote:
>
>
>
>
>
>
>
>
>
>
>
>
> At 2023-09-05 05:01:14, "Alexei Starovoitov" <alexei.starovoitov@xxxxxxxxx> wrote:
> >On Mon, Sep 4, 2023 at 3:49 AM Florian Westphal <fw@xxxxxxxxx> wrote:
> >>
> >> David Wang <00107082@xxxxxxx> wrote:
> >> > This sample code implements a simple ipv4
> >> > blacklist via the new bpf type BPF_PROG_TYPE_NETFILTER,
> >> > which was introduced in 6.4.
> >> >
> >> > The bpf program drops package if destination ip address
> >> > hits a match in the map of type BPF_MAP_TYPE_LPM_TRIE,
> >> >
> >> > The userspace code would load the bpf program,
> >> > attach it to netfilter's FORWARD/OUTPUT hook,
> >> > and then write ip patterns into the bpf map.
> >>
> >> Thanks, I think its good to have this.
> >
> >Yes, but only in selftests/bpf.
> >samples/bpf/ are not tested and bit rot heavily.
>
> Hi Alexei,
>
> I need to know whether samples/bpf is still a good place to put code.
> I will put the code in another open source project for bpf samples, mentioned by Toke.
> But I still want to put it in samples/bpf , since the code only compile/work with new kernel.
>
> Need your feedback on this, could this code be kept in samples/bpf? :)
Sorry, but we don't accept new code to samples/bpf/.
Everything in there will be moved/removed.
If you want to stay in the kernel selftests/bpf is the only place and
it's gotta be the real test and not just a sample.