[PATCH 05/12] libbpf: Support exclusive map creation

Mon Jul 14 20:56:26 UTC 2025

On Fri, Jul 11, 2025 at 5:53 PM KP Singh <kpsingh at kernel.org> wrote:
>
> On Fri, Jun 13, 2025 at 12:56 AM Andrii Nakryiko
> <andrii.nakryiko at gmail.com> wrote:
> >
> > On Fri, Jun 6, 2025 at 4:29 PM KP Singh <kpsingh at kernel.org> wrote:
> > >
> > > Implement a convenient method i.e. bpf_map__make_exclusive which
> > > calculates the hash for the program and registers it with the map for
> > > creation as an exclusive map when the objects are loaded.
> > >
> > > The hash of the program must be computed after all the relocations are
> > > done.
> > >
> > > Signed-off-by: KP Singh <kpsingh at kernel.org>
> > > ---
> > >  tools/lib/bpf/bpf.c            |  4 +-
> > >  tools/lib/bpf/bpf.h            |  4 +-
> > >  tools/lib/bpf/libbpf.c         | 68 +++++++++++++++++++++++++++++++++-
> > >  tools/lib/bpf/libbpf.h         | 13 +++++++
> > >  tools/lib/bpf/libbpf.map       |  5 +++
> > >  tools/lib/bpf/libbpf_version.h |  2 +-
> > >  6 files changed, 92 insertions(+), 4 deletions(-)
> > >

[...]

> > > +int bpf_map__make_exclusive(struct bpf_map *map, struct bpf_program *prog)
> > > +{
> > > +       if (map_is_created(map)) {
> > > +               pr_warn("%s must be called before creation\n", __func__);
> >
> > we don't really add __func__ for a long while now, please drop, we
> > have a consistent "map '%s': what the problem is" format
> >
> > but for checks like this we also just return -EBUSY or something like
> > that without error message, so I'd just drop the message altogether
> >
> > > +               return libbpf_err(-EINVAL);
> > > +       }
> > > +
> > > +       if (prog->obj->state == OBJ_LOADED) {
> > > +               pr_warn("%s must be called before the prog load\n", __func__);
> > > +               return libbpf_err(-EINVAL);
> > > +       }
> >
> > this is unnecessary, map_is_created() takes care of this
>
> No it does not? This is about the program and the latter is about the
> map, how does map_is_created check if the program is already loaded. A
> map needs to be marked as an exclusive to the program before the
> program is loaded.

Um... both map_is_created() and your `prog->obj->state == OBJ_LOADED`
check *object* state, making sure it didn't progress past some
specific stage. excl_prog_sha is *map* attribute, and *maps* are
created at the preparation stage (OBJ_PREPARED), which comes before
OBJ_LOADED step. OBJ_PREPARED is already too late, and so OBJ_LOADED
check is meaningless altogether because map_is_created() will return
true before that.

What am I missing?

>
>
> >
> > > +       map->excl_prog_sha = prog->hash;
> > > +       map->excl_prog_sha_size = SHA256_DIGEST_LENGTH;
> >
> > this is a hack, I assume that's why you compute that hash for any
> > program all the time, right? Well, first, if this is called before
> > bpf_object_prepare(), it will silently do the wrong thing.
> >
> > But also I don't think we should calculate hash proactively, we could
> > do this lazily.
> >
> > > +       return 0;
> > > +}
> > > +
> > > +

[...]