Re: [PATCH net-next v2 2/4] cgroup: bpf: Add BPF_MAP_TYPE_CGROUP_ARRAY

From: Martin KaFai Lau
Date: Thu Jun 23 2016 - 18:10:44 EST

Next message: Andy Lutomirski: "Re: Doing crypto in small stack buffers (bluetooth vs vmalloc-stack crash, etc)"
Previous message: Casey Schaufler: "Re: [PATCH v4 3/3] LSM: Add context interface for proc attrs"
In reply to: Daniel Borkmann: "Re: [PATCH net-next v2 2/4] cgroup: bpf: Add BPF_MAP_TYPE_CGROUP_ARRAY"
Next in thread: Martin KaFai Lau: "[PATCH net-next v2 3/4] cgroup: bpf: Add bpf_skb_in_cgroup_proto"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jun 23, 2016 at 11:50:08PM +0200, Daniel Borkmann wrote:
> On 06/23/2016 11:26 PM, Martin KaFai Lau wrote:
> >We are still hatching out how to set this up in production. However, the
> >situation is similar to removing the pinned file.
s/pinned file/pinned cgroup-array/

> I presume you mean removing the last BPF program holding a reference on
> the cgroup array map.
Yes

> (Any user space visibility like struct files given
> from the anon inode and pinnings are tracked via uref, btw, which is
> needed to break possible complex dependencies among tail called programs.)
Yep. Understood on prog_array use case.

Thanks,
-- Martin

Next message: Andy Lutomirski: "Re: Doing crypto in small stack buffers (bluetooth vs vmalloc-stack crash, etc)"
Previous message: Casey Schaufler: "Re: [PATCH v4 3/3] LSM: Add context interface for proc attrs"
In reply to: Daniel Borkmann: "Re: [PATCH net-next v2 2/4] cgroup: bpf: Add BPF_MAP_TYPE_CGROUP_ARRAY"
Next in thread: Martin KaFai Lau: "[PATCH net-next v2 3/4] cgroup: bpf: Add bpf_skb_in_cgroup_proto"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]