* Re: [PATCH] bpf: move the bpf syscall sysctl table to its own module
@ 2022-02-23 2:24 zhuyan (M)
0 siblings, 0 replies; 6+ messages in thread
From: zhuyan (M) @ 2022-02-23 2:24 UTC (permalink / raw)
To: Luis Chamberlain
Cc: ast, daniel, andrii, kafai, songliubraving, yhs, john.fastabend,
kpsingh, keescook, yzaikin, netdev, bpf, linux-kernel,
linux-fsdevel, Zengweilin, liucheng (G),
Nixiaoming, xiechengliang
On Wed, Feb 23, 2022 at 09:42:00AM +0800, Luis Chamberlain wrote:
> On Wed, Feb 23, 2022 at 09:35:29AM +0800, Yan Zhu wrote:
> > Sysctl table is easier to read under its own module.
>
> Hey Yan, thanks for you patch!
>
> This does not explain how this is being to help with maitenance as otherwise this makes
> kernel/sysctl.c hard to maintain and we also tend to get many conflicts. It also does not
> explain how all the filesystem sysctls are not gone and that this is just the next step,
> moving slowly the rest of the sysctls. Explaining this in the commit log will help patch
> review and subsystem maintainers understand the conext / logic behind the move.
>
> I'd be more than happy to take this if bpf folks Ack. To avoid conflicts I can route this
> through sysctl-next which is put forward in particular to avoid conflicts across trees for
> this effort. Let me know.
Thank you for your reply.
My patch is based on sysctl-next, sorry I forgot to identify it as a patch from the
sysctl-next branch. I will send the v2 patch later.
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH] bpf: move the bpf syscall sysctl table to its own module
@ 2022-02-23 1:35 Yan Zhu
2022-02-23 1:42 ` Luis Chamberlain
` (2 more replies)
0 siblings, 3 replies; 6+ messages in thread
From: Yan Zhu @ 2022-02-23 1:35 UTC (permalink / raw)
To: ast, daniel, andrii, kafai, songliubraving, yhs, john.fastabend,
kpsingh, mcgrof, keescook, yzaikin, netdev, bpf, linux-kernel,
linux-fsdevel
Cc: zengweilin, liucheng32, nixiaoming, xiechengliang1, zhuyan34
Sysctl table is easier to read under its own module.
Signed-off-by: Yan Zhu <zhuyan34@huawei.com>
---
kernel/bpf/syscall.c | 80 ++++++++++++++++++++++++++++++++++++++++++++++++++++
kernel/sysctl.c | 71 ----------------------------------------------
2 files changed, 80 insertions(+), 71 deletions(-)
diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
index fa4505f9b611..3cc50292a032 100644
--- a/kernel/bpf/syscall.c
+++ b/kernel/bpf/syscall.c
@@ -4850,3 +4850,83 @@ const struct bpf_verifier_ops bpf_syscall_verifier_ops = {
const struct bpf_prog_ops bpf_syscall_prog_ops = {
.test_run = bpf_prog_test_run_syscall,
};
+
+#ifdef CONFIG_SYSCTL
+static int bpf_stats_handler(struct ctl_table *table, int write,
+ void *buffer, size_t *lenp, loff_t *ppos)
+{
+ struct static_key *key = (struct static_key *)table->data;
+ static int saved_val;
+ int val, ret;
+ struct ctl_table tmp = {
+ .data = &val,
+ .maxlen = sizeof(val),
+ .mode = table->mode,
+ .extra1 = SYSCTL_ZERO,
+ .extra2 = SYSCTL_ONE,
+ };
+
+ if (write && !capable(CAP_SYS_ADMIN))
+ return -EPERM;
+
+ mutex_lock(&bpf_stats_enabled_mutex);
+ val = saved_val;
+ ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
+ if (write && !ret && val != saved_val) {
+ if (val)
+ static_key_slow_inc(key);
+ else
+ static_key_slow_dec(key);
+ saved_val = val;
+ }
+ mutex_unlock(&bpf_stats_enabled_mutex);
+ return ret;
+}
+
+static int bpf_unpriv_handler(struct ctl_table *table, int write,
+ void *buffer, size_t *lenp, loff_t *ppos)
+{
+ int ret, unpriv_enable = *(int *)table->data;
+ bool locked_state = unpriv_enable == 1;
+ struct ctl_table tmp = *table;
+
+ if (write && !capable(CAP_SYS_ADMIN))
+ return -EPERM;
+
+ tmp.data = &unpriv_enable;
+ ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
+ if (write && !ret) {
+ if (locked_state && unpriv_enable != 1)
+ return -EPERM;
+ *(int *)table->data = unpriv_enable;
+ }
+ return ret;
+}
+
+static struct ctl_table bpf_syscall_table[] = {
+ {
+ .procname = "unprivileged_bpf_disabled",
+ .data = &sysctl_unprivileged_bpf_disabled,
+ .maxlen = sizeof(sysctl_unprivileged_bpf_disabled),
+ .mode = 0644,
+ .proc_handler = bpf_unpriv_handler,
+ .extra1 = SYSCTL_ZERO,
+ .extra2 = SYSCTL_TWO,
+ },
+ {
+ .procname = "bpf_stats_enabled",
+ .data = &bpf_stats_enabled_key.key,
+ .maxlen = sizeof(bpf_stats_enabled_key),
+ .mode = 0644,
+ .proc_handler = bpf_stats_handler,
+ },
+ { }
+};
+
+static int __init bpf_syscall_sysctl_init(void)
+{
+ register_sysctl_init("kernel", bpf_syscall_table);
+ return 0;
+}
+late_initcall(bpf_syscall_sysctl_init);
+#endif /* CONFIG_SYSCTL */
diff --git a/kernel/sysctl.c b/kernel/sysctl.c
index 22037f03cd2b..5ae905677eaf 100644
--- a/kernel/sysctl.c
+++ b/kernel/sysctl.c
@@ -139,59 +139,6 @@ static const int max_extfrag_threshold = 1000;
#endif /* CONFIG_SYSCTL */
-#if defined(CONFIG_BPF_SYSCALL) && defined(CONFIG_SYSCTL)
-static int bpf_stats_handler(struct ctl_table *table, int write,
- void *buffer, size_t *lenp, loff_t *ppos)
-{
- struct static_key *key = (struct static_key *)table->data;
- static int saved_val;
- int val, ret;
- struct ctl_table tmp = {
- .data = &val,
- .maxlen = sizeof(val),
- .mode = table->mode,
- .extra1 = SYSCTL_ZERO,
- .extra2 = SYSCTL_ONE,
- };
-
- if (write && !capable(CAP_SYS_ADMIN))
- return -EPERM;
-
- mutex_lock(&bpf_stats_enabled_mutex);
- val = saved_val;
- ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
- if (write && !ret && val != saved_val) {
- if (val)
- static_key_slow_inc(key);
- else
- static_key_slow_dec(key);
- saved_val = val;
- }
- mutex_unlock(&bpf_stats_enabled_mutex);
- return ret;
-}
-
-static int bpf_unpriv_handler(struct ctl_table *table, int write,
- void *buffer, size_t *lenp, loff_t *ppos)
-{
- int ret, unpriv_enable = *(int *)table->data;
- bool locked_state = unpriv_enable == 1;
- struct ctl_table tmp = *table;
-
- if (write && !capable(CAP_SYS_ADMIN))
- return -EPERM;
-
- tmp.data = &unpriv_enable;
- ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
- if (write && !ret) {
- if (locked_state && unpriv_enable != 1)
- return -EPERM;
- *(int *)table->data = unpriv_enable;
- }
- return ret;
-}
-#endif /* CONFIG_BPF_SYSCALL && CONFIG_SYSCTL */
-
/*
* /proc/sys support
*/
@@ -2125,24 +2072,6 @@ static struct ctl_table kern_table[] = {
.extra2 = SYSCTL_ONE,
},
#endif
-#ifdef CONFIG_BPF_SYSCALL
- {
- .procname = "unprivileged_bpf_disabled",
- .data = &sysctl_unprivileged_bpf_disabled,
- .maxlen = sizeof(sysctl_unprivileged_bpf_disabled),
- .mode = 0644,
- .proc_handler = bpf_unpriv_handler,
- .extra1 = SYSCTL_ZERO,
- .extra2 = SYSCTL_TWO,
- },
- {
- .procname = "bpf_stats_enabled",
- .data = &bpf_stats_enabled_key.key,
- .maxlen = sizeof(bpf_stats_enabled_key),
- .mode = 0644,
- .proc_handler = bpf_stats_handler,
- },
-#endif
#if defined(CONFIG_TREE_RCU)
{
.procname = "panic_on_rcu_stall",
--
2.12.3
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH] bpf: move the bpf syscall sysctl table to its own module
2022-02-23 1:35 Yan Zhu
@ 2022-02-23 1:42 ` Luis Chamberlain
2022-02-23 4:28 ` Matthew Wilcox
2022-02-23 5:06 ` Alexei Starovoitov
2 siblings, 0 replies; 6+ messages in thread
From: Luis Chamberlain @ 2022-02-23 1:42 UTC (permalink / raw)
To: Yan Zhu
Cc: ast, daniel, andrii, kafai, songliubraving, yhs, john.fastabend,
kpsingh, keescook, yzaikin, netdev, bpf, linux-kernel,
linux-fsdevel, zengweilin, liucheng32, nixiaoming,
xiechengliang1
On Wed, Feb 23, 2022 at 09:35:29AM +0800, Yan Zhu wrote:
> Sysctl table is easier to read under its own module.
Hey Yan, thanks for you patch!
This does not explain how this is being to help with maitenance as
otherwise this makes kernel/sysctl.c hard to maintain and we also
tend to get many conflicts. It also does not explain how all the
filesystem sysctls are not gone and that this is just the next step,
moving slowly the rest of the sysctls. Explaining this in the commit
log will help patch review and subsystem maintainers understand the
conext / logic behind the move.
> Signed-off-by: Yan Zhu <zhuyan34@huawei.com>
I'd be more than happy to take this if bpf folks Ack. To avoid conflicts
I can route this through sysctl-next which is put forward in particular
to avoid conflicts across trees for this effort. Let me know.
Luis
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] bpf: move the bpf syscall sysctl table to its own module
2022-02-23 1:35 Yan Zhu
2022-02-23 1:42 ` Luis Chamberlain
@ 2022-02-23 4:28 ` Matthew Wilcox
2022-02-23 5:06 ` Alexei Starovoitov
2 siblings, 0 replies; 6+ messages in thread
From: Matthew Wilcox @ 2022-02-23 4:28 UTC (permalink / raw)
To: Yan Zhu
Cc: ast, daniel, andrii, kafai, songliubraving, yhs, john.fastabend,
kpsingh, mcgrof, keescook, yzaikin, netdev, bpf, linux-kernel,
linux-fsdevel, zengweilin, liucheng32, nixiaoming,
xiechengliang1
On Wed, Feb 23, 2022 at 09:35:29AM +0800, Yan Zhu wrote:
> +static struct ctl_table bpf_syscall_table[] = {
> + {
> + .procname = "unprivileged_bpf_disabled",
> + .data = &sysctl_unprivileged_bpf_disabled,
> + .maxlen = sizeof(sysctl_unprivileged_bpf_disabled),
> + .mode = 0644,
> + .proc_handler = bpf_unpriv_handler,
> + .extra1 = SYSCTL_ZERO,
> + .extra2 = SYSCTL_TWO,
> + },
> + {
> + .procname = "bpf_stats_enabled",
> + .data = &bpf_stats_enabled_key.key,
> + .maxlen = sizeof(bpf_stats_enabled_key),
> + .mode = 0644,
> + .proc_handler = bpf_stats_handler,
> + },
> + { }
> +};
No progress towards a counted array instead of a NULL terminated one?
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] bpf: move the bpf syscall sysctl table to its own module
2022-02-23 1:35 Yan Zhu
2022-02-23 1:42 ` Luis Chamberlain
2022-02-23 4:28 ` Matthew Wilcox
@ 2022-02-23 5:06 ` Alexei Starovoitov
2022-02-23 9:50 ` Yan Zhu
2 siblings, 1 reply; 6+ messages in thread
From: Alexei Starovoitov @ 2022-02-23 5:06 UTC (permalink / raw)
To: Yan Zhu
Cc: Alexei Starovoitov, Daniel Borkmann, Andrii Nakryiko,
Martin KaFai Lau, Song Liu, Yonghong Song, John Fastabend,
KP Singh, Luis R. Rodriguez, Kees Cook, Iurii Zaikin,
Network Development, bpf, LKML, Linux-Fsdevel, zengweilin,
liucheng32, Xiaoming Ni, xiechengliang1
On Tue, Feb 22, 2022 at 5:35 PM Yan Zhu <zhuyan34@huawei.com> wrote:
>
> Sysctl table is easier to read under its own module.
"own module"?
What are you talking about?
It's not "easier to read" and looks like a pointless churn.
> Signed-off-by: Yan Zhu <zhuyan34@huawei.com>
> ---
> kernel/bpf/syscall.c | 80 ++++++++++++++++++++++++++++++++++++++++++++++++++++
> kernel/sysctl.c | 71 ----------------------------------------------
> 2 files changed, 80 insertions(+), 71 deletions(-)
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] bpf: move the bpf syscall sysctl table to its own module
2022-02-23 5:06 ` Alexei Starovoitov
@ 2022-02-23 9:50 ` Yan Zhu
0 siblings, 0 replies; 6+ messages in thread
From: Yan Zhu @ 2022-02-23 9:50 UTC (permalink / raw)
To: alexei.starovoitov
Cc: andrii, ast, bpf, daniel, john.fastabend, kafai, keescook,
kpsingh, linux-fsdevel, linux-kernel, liucheng32, mcgrof, netdev,
nixiaoming, songliubraving, xiechengliang1, yhs, yzaikin,
zengweilin, zhuyan34
On Tue, Feb 22, 2022 at 9:06 PM Alexei Starovoitov wrote:
> On Tue, Feb 22, 2022 at 5:35 PM Yan Zhu <zhuyan34@huawei.com> wrote:
> >
> > Sysctl table is easier to read under its own module.
>
> "own module"?
> What are you talking about?
I'm sorry I didn't express it clearly. The meaning here is that
the code of bpf syscall sysctl is moved to the bpf module
I will fix it in v2 patch.
> It's not "easier to read" and looks like a pointless churn.
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2022-02-23 9:50 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-02-23 2:24 [PATCH] bpf: move the bpf syscall sysctl table to its own module zhuyan (M)
-- strict thread matches above, loose matches on Subject: below --
2022-02-23 1:35 Yan Zhu
2022-02-23 1:42 ` Luis Chamberlain
2022-02-23 4:28 ` Matthew Wilcox
2022-02-23 5:06 ` Alexei Starovoitov
2022-02-23 9:50 ` Yan Zhu
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.