diff options
| author | Quentin Deslandes <qde@naccy.de> | 2023-12-26 14:07:42 +0100 |
|---|---|---|
| committer | Alexei Starovoitov <ast@kernel.org> | 2024-01-04 10:23:10 -0800 |
| commit | 98e20e5e13d2811898921f999288be7151a11954 (patch) | |
| tree | 194da196f85df00ebcc907347627265ea1fa2d72 /include/linux/bpfilter.h | |
| parent | 9ddf872b47e3ac8f27dbfc4a4737a976c7588de6 (diff) | |
| download | linux-98e20e5e13d2811898921f999288be7151a11954.tar.gz linux-98e20e5e13d2811898921f999288be7151a11954.tar.bz2 linux-98e20e5e13d2811898921f999288be7151a11954.zip | |
bpfilter: remove bpfilter
bpfilter was supposed to convert iptables filtering rules into
BPF programs on the fly, from the kernel, through a usermode
helper. The base code for the UMH was introduced in 2018, and
couple of attempts (2, 3) tried to introduce the BPF program
generate features but were abandoned.
bpfilter now sits in a kernel tree unused and unusable, occasionally
causing confusion amongst Linux users (4, 5).
As bpfilter is now developed in a dedicated repository on GitHub (6),
it was suggested a couple of times this year (LSFMM/BPF 2023,
LPC 2023) to remove the deprecated kernel part of the project. This
is the purpose of this patch.
[1]: https://lore.kernel.org/lkml/20180522022230.2492505-1-ast@kernel.org/
[2]: https://lore.kernel.org/bpf/20210829183608.2297877-1-me@ubique.spb.ru/#t
[3]: https://lore.kernel.org/lkml/20221224000402.476079-1-qde@naccy.de/
[4]: https://dxuuu.xyz/bpfilter.html
[5]: https://github.com/linuxkit/linuxkit/pull/3904
[6]: https://github.com/facebook/bpfilter
Signed-off-by: Quentin Deslandes <qde@naccy.de>
Link: https://lore.kernel.org/r/20231226130745.465988-1-qde@naccy.de
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Diffstat (limited to 'include/linux/bpfilter.h')
| -rw-r--r-- | include/linux/bpfilter.h | 24 |
1 files changed, 0 insertions, 24 deletions
diff --git a/include/linux/bpfilter.h b/include/linux/bpfilter.h deleted file mode 100644 index 736ded4905e0..000000000000 --- a/include/linux/bpfilter.h +++ /dev/null @@ -1,24 +0,0 @@ -/* SPDX-License-Identifier: GPL-2.0 */ -#ifndef _LINUX_BPFILTER_H -#define _LINUX_BPFILTER_H - -#include <uapi/linux/bpfilter.h> -#include <linux/usermode_driver.h> -#include <linux/sockptr.h> - -struct sock; -int bpfilter_ip_set_sockopt(struct sock *sk, int optname, sockptr_t optval, - unsigned int optlen); -int bpfilter_ip_get_sockopt(struct sock *sk, int optname, char __user *optval, - int __user *optlen); - -struct bpfilter_umh_ops { - struct umd_info info; - /* since ip_getsockopt() can run in parallel, serialize access to umh */ - struct mutex lock; - int (*sockopt)(struct sock *sk, int optname, sockptr_t optval, - unsigned int optlen, bool is_set); - int (*start)(void); -}; -extern struct bpfilter_umh_ops bpfilter_ops; -#endif |