From patchwork Tue Mar 24 18:12:53 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Toke_H=C3=B8iland-J=C3=B8rgensen?=
 <toke@redhat.com>
X-Patchwork-Id: 1260881
X-Patchwork-Delegate: bpf@iogearbox.net
Return-Path: <bpf-owner@vger.kernel.org>
X-Original-To: incoming-bpf@patchwork.ozlabs.org
Delivered-To: patchwork-incoming-bpf@bilbo.ozlabs.org
Authentication-Results: ozlabs.org; spf=none (no SPF record)
	smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67;
	helo=vger.kernel.org; envelope-from=bpf-owner@vger.kernel.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dmarc=pass (p=none dis=none) header.from=redhat.com
Authentication-Results: ozlabs.org; dkim=pass (1024-bit key;
	unprotected) header.d=redhat.com header.i=@redhat.com
	header.a=rsa-sha256 header.s=mimecast20190719
	header.b=ZqzeMUPF; dkim-atps=neutral
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 48mzrH2v8qz9sRN
	for <incoming-bpf@patchwork.ozlabs.org>;
	Wed, 25 Mar 2020 05:13:03 +1100 (AEDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1727688AbgCXSNC (ORCPT
	<rfc822;incoming-bpf@patchwork.ozlabs.org>);
	Tue, 24 Mar 2020 14:13:02 -0400
Received: from us-smtp-delivery-74.mimecast.com ([63.128.21.74]:55432 "EHLO
	us-smtp-delivery-74.mimecast.com" rhost-flags-OK-OK-OK-OK)
	by vger.kernel.org with ESMTP id S1727613AbgCXSNC (ORCPT
	<rfc822;bpf@vger.kernel.org>); Tue, 24 Mar 2020 14:13:02 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1585073581;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	content-transfer-encoding:content-transfer-encoding:
	in-reply-to:in-reply-to:references:references;
	bh=ZwgFlf8SmgzS3eZf8uGiBYaH3LLMRZ43TQ+/Om7KIBM=;
	b=ZqzeMUPFNnGI5iVkN3vTBLQayO/odheAEyJCROIlLERdTERBMOZQE6KsHEmdtTDs/0i3A9
	5++rzKWpQeB2v8QTA0VtXHfY1nb5idfTFJgZmCnPfs/E8G6rXOrjLiqFpLTywooAOY5J/4
	8R2Wqn4vmuH3AX50NntKE2XUdjukDNA=
Received: from mail-wr1-f69.google.com (mail-wr1-f69.google.com
	[209.85.221.69]) (Using TLS) by relay.mimecast.com with ESMTP id
	us-mta-76-Pik7i2ObOQ6__4wBOB-Yww-1; Tue, 24 Mar 2020 14:12:59 -0400
X-MC-Unique: Pik7i2ObOQ6__4wBOB-Yww-1
Received: by mail-wr1-f69.google.com with SMTP id h14so3445266wrr.12
	for <bpf@vger.kernel.org>; Tue, 24 Mar 2020 11:12:59 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:subject:from:to:cc:date:message-id:in-reply-to
	:references:user-agent:mime-version:content-transfer-encoding;
	bh=ZwgFlf8SmgzS3eZf8uGiBYaH3LLMRZ43TQ+/Om7KIBM=;
	b=EehJ8tNFtBk3HeW5JuIN/TX7kdIg/y5nqA6Gj0/fQbsejsZPtJwrLgzjxsPLqUuYfk
	bEQkiPD9DOpXPDfWOLTehdcfXe9SCfZMLlic/wQSz7LPd+oL9aG7KfXWgckZ+iiqYL/w
	9CMMznQR5pSWs5b4GeHl7lUJVWZNXgzZ2c+PKQmNnCKimKoLpoHe4yt/+Hz3uCI1rKar
	C9TD/NXHs4C9AytI8F8M/h9pAhLydgJmTg42bZpfFZS3fGD0Zf6fsb4ckpxE50AXjbP6
	9s2Y+4hjPTPL4wQpsH/2LKXCKNlbQkoEd80duKgPwz5DbCad+DiMIGxB0bdtN78iUo/0
	ci2w==
X-Gm-Message-State: ANhLgQ0LHbVG2E5Y8zXVZ05zWOAN3NZmBeVnkd3ufxInFoU02fRg1Hbt
	l1q3Kq8RRP3W4qF6uILm8iRQBDu9IB2moRKWvfpHfCshg8RVsd8KIKjcTu171SfwWZOTILv5vSv
	JZ0V+Hqr2dS3w
X-Received: by 2002:a1c:4e0c:: with SMTP id
	g12mr6590587wmh.184.1585073575709;
	Tue, 24 Mar 2020 11:12:55 -0700 (PDT)
X-Google-Smtp-Source: 
 ADFU+vs+MkE/Jy+J6xtzoMv9lqYUhpruQAUHWW304dSwJf2sDqtsPlK2cAV9D0bDI8Hefgxcamszhg==
X-Received: by 2002:a1c:4e0c:: with SMTP id
	g12mr6590492wmh.184.1585073574494;
	Tue, 24 Mar 2020 11:12:54 -0700 (PDT)
Received: from alrua-x1.borgediget.toke.dk ([2a0c:4d80:42:443::2])
	by smtp.gmail.com with ESMTPSA id
	o4sm29529044wrp.84.2020.03.24.11.12.53
	(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
	Tue, 24 Mar 2020 11:12:53 -0700 (PDT)
Received: by alrua-x1.borgediget.toke.dk (Postfix, from userid 1000)
	id 324FB18158C; Tue, 24 Mar 2020 19:12:53 +0100 (CET)
Subject: [PATCH bpf-next v3 1/4] xdp: Support specifying expected existing
	program when attaching XDP
From: =?utf-8?q?Toke_H=C3=B8iland-J=C3=B8rgensen?= <toke@redhat.com>
To: netdev@vger.kernel.org
Cc: bpf@vger.kernel.org, Alexei Starovoitov <ast@kernel.org>,
	Daniel Borkmann <daniel@iogearbox.net>, Martin KaFai Lau <kafai@fb.com>,
	Song Liu <songliubraving@fb.com>, Yonghong Song <yhs@fb.com>,
	Andrii Nakryiko <andriin@fb.com>,
	"David S. Miller" <davem@davemloft.net>,
	Jakub Kicinski <kuba@kernel.org>,
	Jesper Dangaard Brouer <brouer@redhat.com>,
	John Fastabend <john.fastabend@gmail.com>,
	Lorenz Bauer <lmb@cloudflare.com>, Andrey Ignatov <rdna@fb.com>
Date: Tue, 24 Mar 2020 19:12:53 +0100
Message-ID: <158507357313.6925.9859587430926258691.stgit@toke.dk>
In-Reply-To: <158507357205.6925.17804771242752938867.stgit@toke.dk>
References: <158507357205.6925.17804771242752938867.stgit@toke.dk>
User-Agent: StGit/0.22
MIME-Version: 1.0
Sender: bpf-owner@vger.kernel.org
Precedence: bulk
List-ID: <bpf.vger.kernel.org>
X-Mailing-List: bpf@vger.kernel.org

From: Toke Høiland-Jørgensen <toke@redhat.com>

While it is currently possible for userspace to specify that an existing
XDP program should not be replaced when attaching to an interface, there is
no mechanism to safely replace a specific XDP program with another.

This patch adds a new netlink attribute, IFLA_XDP_EXPECTED_ID, which can be
set along with IFLA_XDP_FD. If set, the kernel will check that the program
currently loaded on the interface matches the expected one, and fail the
operation if it does not. This corresponds to a 'cmpxchg' memory operation.
Setting the new attribute with a negative value means that no program is
expected to be attached, which corresponds to setting the UPDATE_IF_NOEXIST
flag.

A new companion flag, XDP_FLAGS_EXPECT_ID, is also added to explicitly
request checking of the EXPECTED_ID attribute. This is needed for userspace
to discover whether the kernel supports the new attribute.

Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
Reviewed-by: Jakub Kicinski <kuba@kernel.org>
---
 include/linux/netdevice.h    |    2 +-
 include/uapi/linux/if_link.h |    4 +++-
 net/core/dev.c               |   14 +++++++++-----
 net/core/rtnetlink.c         |   13 +++++++++++++
 4 files changed, 26 insertions(+), 7 deletions(-)

diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h
index 654808bfad83..a14199ea9501 100644
--- a/include/linux/netdevice.h
+++ b/include/linux/netdevice.h
@@ -3768,7 +3768,7 @@ struct sk_buff *dev_hard_start_xmit(struct sk_buff *skb, struct net_device *dev,
 
 typedef int (*bpf_op_t)(struct net_device *dev, struct netdev_bpf *bpf);
 int dev_change_xdp_fd(struct net_device *dev, struct netlink_ext_ack *extack,
-		      int fd, u32 flags);
+		      int fd, u32 expected_id, u32 flags);
 u32 __dev_xdp_query(struct net_device *dev, bpf_op_t xdp_op,
 		    enum bpf_netdev_command cmd);
 int xdp_umem_query(struct net_device *dev, u16 queue_id);
diff --git a/include/uapi/linux/if_link.h b/include/uapi/linux/if_link.h
index 61e0801c82df..7182569773f9 100644
--- a/include/uapi/linux/if_link.h
+++ b/include/uapi/linux/if_link.h
@@ -972,11 +972,12 @@ enum {
 #define XDP_FLAGS_SKB_MODE		(1U << 1)
 #define XDP_FLAGS_DRV_MODE		(1U << 2)
 #define XDP_FLAGS_HW_MODE		(1U << 3)
+#define XDP_FLAGS_EXPECT_ID		(1U << 4)
 #define XDP_FLAGS_MODES			(XDP_FLAGS_SKB_MODE | \
 					 XDP_FLAGS_DRV_MODE | \
 					 XDP_FLAGS_HW_MODE)
 #define XDP_FLAGS_MASK			(XDP_FLAGS_UPDATE_IF_NOEXIST | \
-					 XDP_FLAGS_MODES)
+					 XDP_FLAGS_MODES | XDP_FLAGS_EXPECT_ID)
 
 /* These are stored into IFLA_XDP_ATTACHED on dump. */
 enum {
@@ -996,6 +997,7 @@ enum {
 	IFLA_XDP_DRV_PROG_ID,
 	IFLA_XDP_SKB_PROG_ID,
 	IFLA_XDP_HW_PROG_ID,
+	IFLA_XDP_EXPECTED_ID,
 	__IFLA_XDP_MAX,
 };
 
diff --git a/net/core/dev.c b/net/core/dev.c
index d84541c24446..37db06d8074f 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -8655,18 +8655,20 @@ static void dev_xdp_uninstall(struct net_device *dev)
  *	@dev: device
  *	@extack: netlink extended ack
  *	@fd: new program fd or negative value to clear
+ *	@expected_id: ID of old program that userspace expects to replace or clear
  *	@flags: xdp-related flags
  *
  *	Set or clear a bpf program for a device
  */
 int dev_change_xdp_fd(struct net_device *dev, struct netlink_ext_ack *extack,
-		      int fd, u32 flags)
+		      int fd, u32 expected_id, u32 flags)
 {
 	const struct net_device_ops *ops = dev->netdev_ops;
 	enum bpf_netdev_command query;
 	struct bpf_prog *prog = NULL;
 	bpf_op_t bpf_op, bpf_chk;
 	bool offload;
+	u32 prog_id;
 	int err;
 
 	ASSERT_RTNL();
@@ -8684,15 +8686,17 @@ int dev_change_xdp_fd(struct net_device *dev, struct netlink_ext_ack *extack,
 	if (bpf_op == bpf_chk)
 		bpf_chk = generic_xdp_install;
 
+	prog_id = __dev_xdp_query(dev, bpf_op, query);
+	if (flags & XDP_FLAGS_EXPECT_ID && prog_id != expected_id) {
+		NL_SET_ERR_MSG(extack, "Active program does not match expected");
+		return -EEXIST;
+	}
 	if (fd >= 0) {
-		u32 prog_id;
-
 		if (!offload && __dev_xdp_query(dev, bpf_chk, XDP_QUERY_PROG)) {
 			NL_SET_ERR_MSG(extack, "native and generic XDP can't be active at the same time");
 			return -EEXIST;
 		}
 
-		prog_id = __dev_xdp_query(dev, bpf_op, query);
 		if ((flags & XDP_FLAGS_UPDATE_IF_NOEXIST) && prog_id) {
 			NL_SET_ERR_MSG(extack, "XDP program already attached");
 			return -EBUSY;
@@ -8715,7 +8719,7 @@ int dev_change_xdp_fd(struct net_device *dev, struct netlink_ext_ack *extack,
 			return 0;
 		}
 	} else {
-		if (!__dev_xdp_query(dev, bpf_op, query))
+		if (!prog_id)
 			return 0;
 	}
 
diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
index 14e6ea21c378..dd6d4d85b284 100644
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -1872,7 +1872,9 @@ static const struct nla_policy ifla_port_policy[IFLA_PORT_MAX+1] = {
 };
 
 static const struct nla_policy ifla_xdp_policy[IFLA_XDP_MAX + 1] = {
+	[IFLA_XDP_UNSPEC]	= { .strict_start_type = IFLA_XDP_EXPECTED_ID },
 	[IFLA_XDP_FD]		= { .type = NLA_S32 },
+	[IFLA_XDP_EXPECTED_ID]	= { .type = NLA_U32 },
 	[IFLA_XDP_ATTACHED]	= { .type = NLA_U8 },
 	[IFLA_XDP_FLAGS]	= { .type = NLA_U32 },
 	[IFLA_XDP_PROG_ID]	= { .type = NLA_U32 },
@@ -2799,8 +2801,19 @@ static int do_setlink(const struct sk_buff *skb,
 		}
 
 		if (xdp[IFLA_XDP_FD]) {
+			u32 expected_id = 0;
+
+			if (xdp_flags & XDP_FLAGS_EXPECT_ID) {
+				if (!xdp[IFLA_XDP_EXPECTED_ID]) {
+					err = -EINVAL;
+					goto errout;
+				}
+				expected_id = nla_get_u32(xdp[IFLA_XDP_EXPECTED_ID]);
+			}
+
 			err = dev_change_xdp_fd(dev, extack,
 						nla_get_s32(xdp[IFLA_XDP_FD]),
+						expected_id,
 						xdp_flags);
 			if (err)
 				goto errout;

From patchwork Tue Mar 24 18:12:54 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Toke_H=C3=B8iland-J=C3=B8rgensen?=
 <toke@redhat.com>
X-Patchwork-Id: 1260876
X-Patchwork-Delegate: bpf@iogearbox.net
Return-Path: <bpf-owner@vger.kernel.org>
X-Original-To: incoming-bpf@patchwork.ozlabs.org
Delivered-To: patchwork-incoming-bpf@bilbo.ozlabs.org
Authentication-Results: ozlabs.org; spf=none (no SPF record)
	smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67;
	helo=vger.kernel.org; envelope-from=bpf-owner@vger.kernel.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dmarc=pass (p=none dis=none) header.from=redhat.com
Authentication-Results: ozlabs.org; dkim=pass (1024-bit key;
	unprotected) header.d=redhat.com header.i=@redhat.com
	header.a=rsa-sha256 header.s=mimecast20190719
	header.b=WczF8mfM; dkim-atps=neutral
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 48mzrF1MYhz9sRR
	for <incoming-bpf@patchwork.ozlabs.org>;
	Wed, 25 Mar 2020 05:13:01 +1100 (AEDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1727334AbgCXSNA (ORCPT
	<rfc822;incoming-bpf@patchwork.ozlabs.org>);
	Tue, 24 Mar 2020 14:13:00 -0400
Received: from us-smtp-delivery-74.mimecast.com ([63.128.21.74]:37404 "EHLO
	us-smtp-delivery-74.mimecast.com" rhost-flags-OK-OK-OK-OK)
	by vger.kernel.org with ESMTP id S1727611AbgCXSNA (ORCPT
	<rfc822;bpf@vger.kernel.org>); Tue, 24 Mar 2020 14:13:00 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1585073578;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	content-transfer-encoding:content-transfer-encoding:
	in-reply-to:in-reply-to:references:references;
	bh=tSq0g3BWcscqwecq9OzTA1nIWwl388abRfl7XMKFSlI=;
	b=WczF8mfMJvFs4IxXJwssO/34NHR4Fo5+9mOrpvHQgt5XLBcLbVxqah9plUKabmdg4TiYju
	wDC9Tld9PhnVlrwhRjFDFXg2cWvsSpQ3YUErRKU1B7n54zp0IAHb0JR1ObUh96krUbnp65
	4JDpVQF2V1YCUYosHhXVJgIancgRtk4=
Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com
	[209.85.221.70]) (Using TLS) by relay.mimecast.com with ESMTP id
	us-mta-376-P0SZjNf2OV6ZN2cEVa0rFw-1; Tue, 24 Mar 2020 14:12:57 -0400
X-MC-Unique: P0SZjNf2OV6ZN2cEVa0rFw-1
Received: by mail-wr1-f70.google.com with SMTP id h17so9614244wru.16
	for <bpf@vger.kernel.org>; Tue, 24 Mar 2020 11:12:56 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:subject:from:to:cc:date:message-id:in-reply-to
	:references:user-agent:mime-version:content-transfer-encoding;
	bh=tSq0g3BWcscqwecq9OzTA1nIWwl388abRfl7XMKFSlI=;
	b=c8HtBdWzJJcrtGpcgG6q+BP2PSeISvMqMvmO3f2pZQg+7CbdRkfySA/kXLD2SQoonc
	CxtCc4t4wKVTVeuG8anO3TI/u9p4Z02M8AxZdJ/GbnmG9av6czhej40KNN1VRpv8wjHS
	43km6AzCPupl8VUYgtGGENBnl2LVBRovNTyhYJtputIGQmLM6mwP3IpXQDrauEHzyYNW
	pee4Wnxdf5p1wLCHTUblnjyFCXI9J/Dp8mPO9vGODMe2aC9pjvENuxcDh6M2TOGGtXoQ
	EB4CFftYYPZMslnS/hfxrooE9RWLm62HGGpUKGQffpMm6wz/vVmm09YyLYkj10qiOH46
	R6pQ==
X-Gm-Message-State: ANhLgQ2kHX8kZbII0MPBAeKzPscPGjfmT6xYjtZTNWtcxjDfR05WiDJI
	uDKfYKNTbAdON0qKqijvzBE7fFFqM3qaRx6SRvW+3WNUaNpwyBUw23u/4MWyQUzMUB7oz299bWx
	MvgPoc/INDdAx
X-Received: by 2002:a05:600c:da:: with SMTP id
	u26mr7434908wmm.117.1585073575829;
	Tue, 24 Mar 2020 11:12:55 -0700 (PDT)
X-Google-Smtp-Source: 
 ADFU+vtE2snWQd3U9Jm0nj2e7Xx4XiNovziigWM+YrFQhUJ7b6xuztOVXe52JbbBukTeNQtkOKfgkA==
X-Received: by 2002:a05:600c:da:: with SMTP id
	u26mr7434876wmm.117.1585073575644;
	Tue, 24 Mar 2020 11:12:55 -0700 (PDT)
Received: from alrua-x1.borgediget.toke.dk ([45.145.92.2])
	by smtp.gmail.com with ESMTPSA id
	p22sm5281840wmg.37.2020.03.24.11.12.54
	(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
	Tue, 24 Mar 2020 11:12:54 -0700 (PDT)
Received: by alrua-x1.borgediget.toke.dk (Postfix, from userid 1000)
	id 4002018158B; Tue, 24 Mar 2020 19:12:54 +0100 (CET)
Subject: [PATCH bpf-next v3 2/4] tools: Add EXPECTED_ID-related definitions
	in if_link.h
From: =?utf-8?q?Toke_H=C3=B8iland-J=C3=B8rgensen?= <toke@redhat.com>
To: netdev@vger.kernel.org
Cc: bpf@vger.kernel.org, Alexei Starovoitov <ast@kernel.org>,
	Daniel Borkmann <daniel@iogearbox.net>, Martin KaFai Lau <kafai@fb.com>,
	Song Liu <songliubraving@fb.com>, Yonghong Song <yhs@fb.com>,
	Andrii Nakryiko <andriin@fb.com>,
	"David S. Miller" <davem@davemloft.net>,
	Jakub Kicinski <kuba@kernel.org>,
	Jesper Dangaard Brouer <brouer@redhat.com>,
	John Fastabend <john.fastabend@gmail.com>,
	Lorenz Bauer <lmb@cloudflare.com>, Andrey Ignatov <rdna@fb.com>
Date: Tue, 24 Mar 2020 19:12:54 +0100
Message-ID: <158507357420.6925.493303763242155249.stgit@toke.dk>
In-Reply-To: <158507357205.6925.17804771242752938867.stgit@toke.dk>
References: <158507357205.6925.17804771242752938867.stgit@toke.dk>
User-Agent: StGit/0.22
MIME-Version: 1.0
Sender: bpf-owner@vger.kernel.org
Precedence: bulk
List-ID: <bpf.vger.kernel.org>
X-Mailing-List: bpf@vger.kernel.org

From: Toke Høiland-Jørgensen <toke@redhat.com>

This adds the IFLA_XDP_EXPECTED_ID netlink attribute definition and the
XDP_FLAGS_EXPECT_ID flag to if_link.h in tools/include.

Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
---
 tools/include/uapi/linux/if_link.h |    4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/tools/include/uapi/linux/if_link.h b/tools/include/uapi/linux/if_link.h
index 024af2d1d0af..a6c14ae083e3 100644
--- a/tools/include/uapi/linux/if_link.h
+++ b/tools/include/uapi/linux/if_link.h
@@ -960,11 +960,12 @@ enum {
 #define XDP_FLAGS_SKB_MODE		(1U << 1)
 #define XDP_FLAGS_DRV_MODE		(1U << 2)
 #define XDP_FLAGS_HW_MODE		(1U << 3)
+#define XDP_FLAGS_EXPECT_ID		(1U << 4)
 #define XDP_FLAGS_MODES			(XDP_FLAGS_SKB_MODE | \
 					 XDP_FLAGS_DRV_MODE | \
 					 XDP_FLAGS_HW_MODE)
 #define XDP_FLAGS_MASK			(XDP_FLAGS_UPDATE_IF_NOEXIST | \
-					 XDP_FLAGS_MODES)
+					 XDP_FLAGS_MODES | XDP_FLAGS_EXPECT_ID)
 
 /* These are stored into IFLA_XDP_ATTACHED on dump. */
 enum {
@@ -984,6 +985,7 @@ enum {
 	IFLA_XDP_DRV_PROG_ID,
 	IFLA_XDP_SKB_PROG_ID,
 	IFLA_XDP_HW_PROG_ID,
+	IFLA_XDP_EXPECTED_ID,
 	__IFLA_XDP_MAX,
 };
 

From patchwork Tue Mar 24 18:12:55 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Toke_H=C3=B8iland-J=C3=B8rgensen?=
 <toke@redhat.com>
X-Patchwork-Id: 1260880
X-Patchwork-Delegate: bpf@iogearbox.net
Return-Path: <bpf-owner@vger.kernel.org>
X-Original-To: incoming-bpf@patchwork.ozlabs.org
Delivered-To: patchwork-incoming-bpf@bilbo.ozlabs.org
Authentication-Results: ozlabs.org; spf=none (no SPF record)
	smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67;
	helo=vger.kernel.org; envelope-from=bpf-owner@vger.kernel.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dmarc=pass (p=none dis=none) header.from=redhat.com
Authentication-Results: ozlabs.org; dkim=pass (1024-bit key;
	unprotected) header.d=redhat.com header.i=@redhat.com
	header.a=rsa-sha256 header.s=mimecast20190719
	header.b=CtdhCsU/; dkim-atps=neutral
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 48mzrG0P2mz9sRY
	for <incoming-bpf@patchwork.ozlabs.org>;
	Wed, 25 Mar 2020 05:13:02 +1100 (AEDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1727611AbgCXSNB (ORCPT
	<rfc822;incoming-bpf@patchwork.ozlabs.org>);
	Tue, 24 Mar 2020 14:13:01 -0400
Received: from us-smtp-delivery-74.mimecast.com ([63.128.21.74]:32058 "EHLO
	us-smtp-delivery-74.mimecast.com" rhost-flags-OK-OK-OK-OK)
	by vger.kernel.org with ESMTP id S1727613AbgCXSNA (ORCPT
	<rfc822;bpf@vger.kernel.org>); Tue, 24 Mar 2020 14:13:00 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1585073579;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	content-transfer-encoding:content-transfer-encoding:
	in-reply-to:in-reply-to:references:references;
	bh=EfiTCpcsPC45Hnq6DJIEu035E/7yp/pZx+JmbCf++lM=;
	b=CtdhCsU/cOctAbqYkVYlmb2E109uLILaQCvSqpSWI2NeTCQ41z8PvEIFtlnkNITx1rglnr
	e1BQF8QUACi0hGV2zoFWyJEa7e98KN6HZzFAHYBUnohRaGWtnxekQmyAqX0/Mq9jyrAyfA
	tvrpJht7qEZ1YXrbqpjUtecW6CKORGM=
Received: from mail-wr1-f72.google.com (mail-wr1-f72.google.com
	[209.85.221.72]) (Using TLS) by relay.mimecast.com with ESMTP id
	us-mta-340-FlhgfDfGMiCFVSRFZvPrig-1; Tue, 24 Mar 2020 14:12:57 -0400
X-MC-Unique: FlhgfDfGMiCFVSRFZvPrig-1
Received: by mail-wr1-f72.google.com with SMTP id h17so9614272wru.16
	for <bpf@vger.kernel.org>; Tue, 24 Mar 2020 11:12:57 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:subject:from:to:cc:date:message-id:in-reply-to
	:references:user-agent:mime-version:content-transfer-encoding;
	bh=EfiTCpcsPC45Hnq6DJIEu035E/7yp/pZx+JmbCf++lM=;
	b=NuyEP7/eLhyKw27IRKeIQo85KwXJe82/ws/gTVCttyfjmik3+2T5y3Kriz5KGjz/7K
	BcV9RmbzjnRMWdMogGeHTZLxNxMHTcjPUHg5TcSrzYgH95jcHki7IfL5RXB6k1j6AAkX
	sLC5LGjROiySaDMf0+PGc0LHHJGaX7/Ff49qMFs/KyeQkPe3BGCQibRPK8FM3QeFCX7g
	wJlAkEusdNyZCdFWxhXTnHwAYKkhG7/vEdQx4e0+G5vlQCCqzNK8rMFjF5MpAKRAH9oi
	EZBlfWHhGJ9OcJjnV31/6B+r3Zu4fY4PR3rz7P+UGehSLFlfDYgdxetwuyFHaxql4s6P
	qhWg==
X-Gm-Message-State: ANhLgQ0BcIeVIeFYXYqAen1v9GXcUiLdIbSKm0h/OTdd4jS47JgJ/uoh
	DyJQ2KawqKGsdnggkD8BZ2ZQAjS069DqbrqPjG54HbBVam7eujVbus7Vyy0L6lJ7WJdLgy2EzOc
	bI64TusFGuOg9
X-Received: by 2002:a7b:c308:: with SMTP id k8mr7304362wmj.40.1585073576557;
	Tue, 24 Mar 2020 11:12:56 -0700 (PDT)
X-Google-Smtp-Source: 
 ADFU+vvTDjjEHP3nI0RtMl0aOZuDaemDUl+6ctS0MQF8WLGVx5hAhqxHHRRry/p7cre4LRmISV2EMg==
X-Received: by 2002:a7b:c308:: with SMTP id k8mr7304329wmj.40.1585073576309;
	Tue, 24 Mar 2020 11:12:56 -0700 (PDT)
Received: from alrua-x1.borgediget.toke.dk ([45.145.92.2])
	by smtp.gmail.com with ESMTPSA id
	f12sm5284669wmf.24.2020.03.24.11.12.55
	(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
	Tue, 24 Mar 2020 11:12:55 -0700 (PDT)
Received: by alrua-x1.borgediget.toke.dk (Postfix, from userid 1000)
	id 4E0EC18158C; Tue, 24 Mar 2020 19:12:55 +0100 (CET)
Subject: [PATCH bpf-next v3 3/4] libbpf: Add function to set link XDP fd
	while specifying old program
From: =?utf-8?q?Toke_H=C3=B8iland-J=C3=B8rgensen?= <toke@redhat.com>
To: netdev@vger.kernel.org
Cc: bpf@vger.kernel.org, Alexei Starovoitov <ast@kernel.org>,
	Daniel Borkmann <daniel@iogearbox.net>, Martin KaFai Lau <kafai@fb.com>,
	Song Liu <songliubraving@fb.com>, Yonghong Song <yhs@fb.com>,
	Andrii Nakryiko <andriin@fb.com>,
	"David S. Miller" <davem@davemloft.net>,
	Jakub Kicinski <kuba@kernel.org>,
	Jesper Dangaard Brouer <brouer@redhat.com>,
	John Fastabend <john.fastabend@gmail.com>,
	Lorenz Bauer <lmb@cloudflare.com>, Andrey Ignatov <rdna@fb.com>
Date: Tue, 24 Mar 2020 19:12:55 +0100
Message-ID: <158507357526.6925.6217863214278001637.stgit@toke.dk>
In-Reply-To: <158507357205.6925.17804771242752938867.stgit@toke.dk>
References: <158507357205.6925.17804771242752938867.stgit@toke.dk>
User-Agent: StGit/0.22
MIME-Version: 1.0
Sender: bpf-owner@vger.kernel.org
Precedence: bulk
List-ID: <bpf.vger.kernel.org>
X-Mailing-List: bpf@vger.kernel.org

From: Toke Høiland-Jørgensen <toke@redhat.com>

This adds a new function to set the XDP fd while specifying the ID of the
program to replace, using the newly added IFLA_XDP_EXPECTED_ID netlink
parameter. The new function uses the opts struct mechanism to be extendable
in the future.

Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
---
 tools/lib/bpf/libbpf.h   |    8 ++++++++
 tools/lib/bpf/libbpf.map |    1 +
 tools/lib/bpf/netlink.c  |   34 +++++++++++++++++++++++++++++++++-
 3 files changed, 42 insertions(+), 1 deletion(-)

diff --git a/tools/lib/bpf/libbpf.h b/tools/lib/bpf/libbpf.h
index d38d7a629417..2d77bc28b518 100644
--- a/tools/lib/bpf/libbpf.h
+++ b/tools/lib/bpf/libbpf.h
@@ -444,7 +444,15 @@ struct xdp_link_info {
 	__u8 attach_mode;
 };
 
+struct bpf_xdp_set_link_opts {
+	size_t sz;
+	__u32 old_id;
+};
+#define bpf_xdp_set_link_opts__last_field old_id
+
 LIBBPF_API int bpf_set_link_xdp_fd(int ifindex, int fd, __u32 flags);
+LIBBPF_API int bpf_set_link_xdp_fd_opts(int ifindex, int fd, __u32 flags,
+					const struct bpf_xdp_set_link_opts *opts);
 LIBBPF_API int bpf_get_link_xdp_id(int ifindex, __u32 *prog_id, __u32 flags);
 LIBBPF_API int bpf_get_link_xdp_info(int ifindex, struct xdp_link_info *info,
 				     size_t info_size, __u32 flags);
diff --git a/tools/lib/bpf/libbpf.map b/tools/lib/bpf/libbpf.map
index 5129283c0284..dcc87db3ca8a 100644
--- a/tools/lib/bpf/libbpf.map
+++ b/tools/lib/bpf/libbpf.map
@@ -244,4 +244,5 @@ LIBBPF_0.0.8 {
 		bpf_link__pin_path;
 		bpf_link__unpin;
 		bpf_program__set_attach_target;
+		bpf_set_link_xdp_fd_opts;
 } LIBBPF_0.0.7;
diff --git a/tools/lib/bpf/netlink.c b/tools/lib/bpf/netlink.c
index 431bd25c6cdb..2ae0cf1956f2 100644
--- a/tools/lib/bpf/netlink.c
+++ b/tools/lib/bpf/netlink.c
@@ -132,7 +132,8 @@ static int bpf_netlink_recv(int sock, __u32 nl_pid, int seq,
 	return ret;
 }
 
-int bpf_set_link_xdp_fd(int ifindex, int fd, __u32 flags)
+static int __bpf_set_link_xdp_fd_replace(int ifindex, int fd, __u32 old_id,
+					 __u32 flags)
 {
 	int sock, seq = 0, ret;
 	struct nlattr *nla, *nla_xdp;
@@ -178,6 +179,14 @@ int bpf_set_link_xdp_fd(int ifindex, int fd, __u32 flags)
 		nla->nla_len += nla_xdp->nla_len;
 	}
 
+	if (flags & XDP_FLAGS_EXPECT_ID) {
+		nla_xdp = (struct nlattr *)((char *)nla + nla->nla_len);
+		nla_xdp->nla_type = IFLA_XDP_EXPECTED_ID;
+		nla_xdp->nla_len = NLA_HDRLEN + sizeof(old_id);
+		memcpy((char *)nla_xdp + NLA_HDRLEN, &old_id, sizeof(old_id));
+		nla->nla_len += nla_xdp->nla_len;
+	}
+
 	req.nh.nlmsg_len += NLA_ALIGN(nla->nla_len);
 
 	if (send(sock, &req, req.nh.nlmsg_len, 0) < 0) {
@@ -191,6 +200,29 @@ int bpf_set_link_xdp_fd(int ifindex, int fd, __u32 flags)
 	return ret;
 }
 
+int bpf_set_link_xdp_fd_opts(int ifindex, int fd, __u32 flags,
+			     const struct bpf_xdp_set_link_opts *opts)
+{
+	__u32 old_id;
+
+	if (!OPTS_VALID(opts, bpf_xdp_set_link_opts))
+		return -EINVAL;
+
+	old_id = OPTS_GET(opts, old_id, 0);
+
+	if (old_id)
+		flags |=  XDP_FLAGS_EXPECT_ID;
+
+	return __bpf_set_link_xdp_fd_replace(ifindex, fd,
+					     old_id,
+					     flags);
+}
+
+int bpf_set_link_xdp_fd(int ifindex, int fd, __u32 flags)
+{
+	return __bpf_set_link_xdp_fd_replace(ifindex, fd, 0, flags);
+}
+
 static int __dump_link_nlmsg(struct nlmsghdr *nlh,
 			     libbpf_dump_nlmsg_t dump_link_nlmsg, void *cookie)
 {

From patchwork Tue Mar 24 18:12:56 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Toke_H=C3=B8iland-J=C3=B8rgensen?=
 <toke@redhat.com>
X-Patchwork-Id: 1260884
X-Patchwork-Delegate: bpf@iogearbox.net
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming-netdev@ozlabs.org
Delivered-To: patchwork-incoming-netdev@ozlabs.org
Authentication-Results: ozlabs.org; spf=none (no SPF record)
	smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67;
	helo=vger.kernel.org;
	envelope-from=netdev-owner@vger.kernel.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dmarc=pass (p=none dis=none) header.from=redhat.com
Authentication-Results: ozlabs.org; dkim=pass (1024-bit key;
	unprotected) header.d=redhat.com header.i=@redhat.com
	header.a=rsa-sha256 header.s=mimecast20190719
	header.b=ZdHY1X7A; dkim-atps=neutral
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 48mzrN48h3z9sP7
	for <patchwork-incoming-netdev@ozlabs.org>;
	Wed, 25 Mar 2020 05:13:08 +1100 (AEDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1727817AbgCXSNH (ORCPT
	<rfc822;patchwork-incoming-netdev@ozlabs.org>);
	Tue, 24 Mar 2020 14:13:07 -0400
Received: from us-smtp-delivery-74.mimecast.com ([63.128.21.74]:32448 "EHLO
	us-smtp-delivery-74.mimecast.com" rhost-flags-OK-OK-OK-OK)
	by vger.kernel.org with ESMTP id S1727775AbgCXSNF (ORCPT
	<rfc822;netdev@vger.kernel.org>); Tue, 24 Mar 2020 14:13:05 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1585073584;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	content-transfer-encoding:content-transfer-encoding:
	in-reply-to:in-reply-to:references:references;
	bh=R3Wa07YAd+zFovCvokyH5i/22yVWoZ1gMGqsMWsRY8s=;
	b=ZdHY1X7AYZNTJF9sZq+L+3HEne/qS+HjWWHoE2W7+PCAFHBjcHQ0IyKsdyPmip9NZ1/why
	fWOI5fcG2cyPrnmj72OsNl7O8AQIcbiJe0h4cKLOfGcV8obZVuHvkAoBGAwZDa5Ho4HEv3
	nx8W61R3uledvZJ5a8tdZ1WdESpPbww=
Received: from mail-wr1-f69.google.com (mail-wr1-f69.google.com
	[209.85.221.69]) (Using TLS) by relay.mimecast.com with ESMTP id
	us-mta-48-7ZAXlAvJMTG_xdGX69ZPOQ-1; Tue, 24 Mar 2020 14:13:02 -0400
X-MC-Unique: 7ZAXlAvJMTG_xdGX69ZPOQ-1
Received: by mail-wr1-f69.google.com with SMTP id h17so9614342wru.16
	for <netdev@vger.kernel.org>; Tue, 24 Mar 2020 11:13:02 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:subject:from:to:cc:date:message-id:in-reply-to
	:references:user-agent:mime-version:content-transfer-encoding;
	bh=R3Wa07YAd+zFovCvokyH5i/22yVWoZ1gMGqsMWsRY8s=;
	b=apSra0s5CRB5QCk080HTlOKOpxf2qaGy+AJhn3DyGLxkNXnn1vZ2vbT4QdRJJ8DLoX
	e5hlC4N+qjrE73SEl1QfNU1W9uSOmQMANFHABqOQAOCrVY6W1n5vAqf5Vjl0KYPQ0Nz3
	SLTJKe0cqH73/TXCCRo4X32RPu4OBvkA0CwdXuuQ2aEGRhr8ylm14tDa5fbbTdMcutz4
	/JEoSpFC9hegiKdVel4Hpf6RQJ2yLwAfjf8c3fqxVftrmqTp+nXh+9Zyi8lUuCpP5lrL
	KUMKZTgcTOnBe3/4YE5Op6p4XPCxDh4gJgxGcgUwpYUlOQWcyRZ/j/GTYgJGfZPNbio+
	QkCA==
X-Gm-Message-State: ANhLgQ3GgGTDH1VEJrhqABL7Z3QlgxBXlXaaIHo5azJhim3yW8IXlUeQ
	PuKQQiZ9l+j3QesWA1tonoZEfwtDEuxQOPIePQXZD3nurOY9Ij85QKZ3YsISzdNhPNDn+574jIf
	BYaqy/0A9cRTmePXm
X-Received: by 2002:a05:600c:2101:: with SMTP id
	u1mr7012082wml.177.1585073581085;
	Tue, 24 Mar 2020 11:13:01 -0700 (PDT)
X-Google-Smtp-Source: 
 ADFU+vvpNYRWpV6uRP+NqVy6W9zqRQjKTec8plOaPvuVG45PE92D30xfQiDfaCz8oZmdrLiInBErZw==
X-Received: by 2002:a05:600c:2101:: with SMTP id
	u1mr7012049wml.177.1585073580838;
	Tue, 24 Mar 2020 11:13:00 -0700 (PDT)
Received: from alrua-x1.borgediget.toke.dk ([2a0c:4d80:42:443::2])
	by smtp.gmail.com with ESMTPSA id
	j2sm13308840wrs.64.2020.03.24.11.12.56
	(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
	Tue, 24 Mar 2020 11:12:57 -0700 (PDT)
Received: by alrua-x1.borgediget.toke.dk (Postfix, from userid 1000)
	id 5C64118158B; Tue, 24 Mar 2020 19:12:56 +0100 (CET)
Subject: [PATCH bpf-next v3 4/4] selftests/bpf: Add tests for attaching XDP
	programs
From: =?utf-8?q?Toke_H=C3=B8iland-J=C3=B8rgensen?= <toke@redhat.com>
To: netdev@vger.kernel.org
Cc: bpf@vger.kernel.org, Alexei Starovoitov <ast@kernel.org>,
	Daniel Borkmann <daniel@iogearbox.net>, Martin KaFai Lau <kafai@fb.com>,
	Song Liu <songliubraving@fb.com>, Yonghong Song <yhs@fb.com>,
	Andrii Nakryiko <andriin@fb.com>,
	"David S. Miller" <davem@davemloft.net>,
	Jakub Kicinski <kuba@kernel.org>,
	Jesper Dangaard Brouer <brouer@redhat.com>,
	John Fastabend <john.fastabend@gmail.com>,
	Lorenz Bauer <lmb@cloudflare.com>, Andrey Ignatov <rdna@fb.com>
Date: Tue, 24 Mar 2020 19:12:56 +0100
Message-ID: <158507357632.6925.5524660251258919856.stgit@toke.dk>
In-Reply-To: <158507357205.6925.17804771242752938867.stgit@toke.dk>
References: <158507357205.6925.17804771242752938867.stgit@toke.dk>
User-Agent: StGit/0.22
MIME-Version: 1.0
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

From: Toke Høiland-Jørgensen <toke@redhat.com>

This adds tests for the various replacement operations using
IFLA_XDP_EXPECTED_ID.

Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
---
 .../testing/selftests/bpf/prog_tests/xdp_attach.c  |   74 ++++++++++++++++++++
 1 file changed, 74 insertions(+)
 create mode 100644 tools/testing/selftests/bpf/prog_tests/xdp_attach.c

diff --git a/tools/testing/selftests/bpf/prog_tests/xdp_attach.c b/tools/testing/selftests/bpf/prog_tests/xdp_attach.c
new file mode 100644
index 000000000000..190df7599107
--- /dev/null
+++ b/tools/testing/selftests/bpf/prog_tests/xdp_attach.c
@@ -0,0 +1,74 @@
+// SPDX-License-Identifier: GPL-2.0
+#include <test_progs.h>
+
+#define IFINDEX_LO 1
+#define XDP_FLAGS_EXPECT_ID		(1U << 4)
+
+void test_xdp_attach(void)
+{
+	struct bpf_object *obj1, *obj2, *obj3;
+	const char *file = "./test_xdp.o";
+	struct bpf_prog_info info = {};
+	__u32 duration = 0, id1, id2;
+	__u32 len = sizeof(info);
+	int err, fd1, fd2, fd3;
+	DECLARE_LIBBPF_OPTS(bpf_xdp_set_link_opts, opts);
+
+	err = bpf_prog_load(file, BPF_PROG_TYPE_XDP, &obj1, &fd1);
+	if (CHECK_FAIL(err))
+		return;
+	err = bpf_prog_load(file, BPF_PROG_TYPE_XDP, &obj2, &fd2);
+	if (CHECK_FAIL(err))
+		goto out_1;
+	err = bpf_prog_load(file, BPF_PROG_TYPE_XDP, &obj3, &fd3);
+	if (CHECK_FAIL(err))
+		goto out_2;
+
+	err = bpf_obj_get_info_by_fd(fd1, &info, &len);
+	if (CHECK_FAIL(err))
+		goto out_2;
+	id1 = info.id;
+
+	memset(&info, 0, sizeof(info));
+	err = bpf_obj_get_info_by_fd(fd2, &info, &len);
+	if (CHECK_FAIL(err))
+		goto out_2;
+	id2 = info.id;
+
+	err = bpf_set_link_xdp_fd_opts(IFINDEX_LO, fd1, XDP_FLAGS_EXPECT_ID,
+				       &opts);
+	if (CHECK(err, "load_ok", "initial load failed"))
+		goto out_close;
+
+	err = bpf_set_link_xdp_fd_opts(IFINDEX_LO, fd2, XDP_FLAGS_EXPECT_ID,
+				       &opts);
+	if (CHECK(!err, "load_fail", "load with expected id didn't fail"))
+		goto out;
+
+	opts.old_id = id1;
+	err = bpf_set_link_xdp_fd_opts(IFINDEX_LO, fd2, 0, &opts);
+	if (CHECK(err, "replace_ok", "replace valid old_id failed"))
+		goto out;
+
+	err = bpf_set_link_xdp_fd_opts(IFINDEX_LO, fd3, 0, &opts);
+	if (CHECK(!err, "replace_fail", "replace invalid old_id didn't fail"))
+		goto out;
+
+	err = bpf_set_link_xdp_fd_opts(IFINDEX_LO, -1, 0, &opts);
+	if (CHECK(!err, "remove_fail", "remove invalid old_id didn't fail"))
+		goto out;
+
+	opts.old_id = id2;
+	err = bpf_set_link_xdp_fd_opts(IFINDEX_LO, -1, 0, &opts);
+	if (CHECK(err, "remove_ok", "remove valid old_id failed"))
+		goto out;
+
+out:
+	bpf_set_link_xdp_fd(IFINDEX_LO, -1, 0);
+out_close:
+	bpf_object__close(obj3);
+out_2:
+	bpf_object__close(obj2);
+out_1:
+	bpf_object__close(obj1);
+}