• Andrii Nakryiko's avatar
    bpf: Implement bpf_link-based cgroup BPF program attachment · af6eea57
    Andrii Nakryiko authored
    Implement new sub-command to attach cgroup BPF programs and return FD-based
    bpf_link back on success. bpf_link, once attached to cgroup, cannot be
    replaced, except by owner having its FD. Cgroup bpf_link supports only
    BPF_F_ALLOW_MULTI semantics. Both link-based and prog-based BPF_F_ALLOW_MULTI
    attachments can be freely intermixed.
    
    To prevent bpf_cgroup_link from keeping cgroup alive past the point when no
    BPF program can be executed, implement auto-detachment of link. When
    cgroup_bpf_release() is called, all attached bpf_links are forced to release
    cgroup refcounts, but they leave bpf_link otherwise active and allocated, as
    well as still owning underlying bpf_prog. This is because user-space might
    still have FDs open and active, so bpf_link as a user-referenced object can't
    be freed yet. Once last active FD is closed, bpf_link will be freed and
    underlying bpf_prog refcount will be dropped. But cgroup refcount won't be
    touched, because cgroup is released already.
    
    The inherent race between bpf_cgroup_link release (from closing last FD) and
    cgroup_bpf_release() is resolved by both operations taking cgroup_mutex. So
    the only additional check required is when bpf_cgroup_link attempts to detach
    itself from cgroup. At that time we need to check whether there is still
    cgroup associated with that link. And if not, exit with success, because
    bpf_cgroup_link was already successfully detached.
    Signed-off-by: default avatarAndrii Nakryiko <andriin@fb.com>
    Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
    Acked-by: default avatarRoman Gushchin <guro@fb.com>
    Link: https://lore.kernel.org/bpf/20200330030001.2312810-2-andriin@fb.com
    af6eea57
cgroup.c 44.7 KB