• Daniel Borkmann's avatar
    bpf, perf: delay release of BPF prog after grace period · ceb56070
    Daniel Borkmann authored
    Commit dead9f29 ("perf: Fix race in BPF program unregister") moved
    destruction of BPF program from free_event_rcu() callback to __free_event(),
    which is problematic if used with tail calls: if prog A is attached as
    trace event directly, but at the same time present in a tail call map used
    by another trace event program elsewhere, then we need to delay destruction
    via RCU grace period since it can still be in use by the program doing the
    tail call (the prog first needs to be dropped from the tail call map, then
    trace event with prog A attached destroyed, so we get immediate destruction).
    
    Fixes: dead9f29 ("perf: Fix race in BPF program unregister")
    Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
    Acked-by: default avatarAlexei Starovoitov <ast@kernel.org>
    Cc: Jann Horn <jann@thejh.net>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    ceb56070
core.c 245 KB