Skip to content

Comments

bpf: Fix pcap filter bypass with --filter-trace-xdp and --filter-track-skb#635

Merged
jschwinger233 merged 1 commit intomainfrom
pr/brb/trace-xdp
Jan 1, 2026
Merged

bpf: Fix pcap filter bypass with --filter-trace-xdp and --filter-track-skb#635
jschwinger233 merged 1 commit intomainfrom
pr/brb/trace-xdp

Conversation

@brb
Copy link
Member

@brb brb commented Dec 31, 2025
edited
Loading

When both flags are enabled (need to trace XDP programs), fexit/xdp unconditionally tracked all XDP packets for later SKB tracing, causing the pcap filter to be bypassed.

Fix by adding a per-CPU boolean map to pass filter match status from fentry/xdp to fexit/xdp, so only filtered packets are tracked.

Fix #445.

@brb
bpf: Fix pcap filter bypass with --filter-trace-xdp and --filter-trac…
670108f 
…k-skb

When both flags are enabled (need to trace XDP programs), fexit/xdp
unconditionally tracked all XDP packets for later SKB tracing, causing
the pcap filter to be bypassed.

Fix by adding a per-CPU boolean map to pass filter match status from
fentry/xdp to fexit/xdp, so only filtered packets are tracked.

Signed-off-by: Martynas Pumputis <[email protected]>
@brb brb requested a review from a team as a code owner December 31, 2025 11:36
@jschwinger233 jschwinger233 merged commit 2646b59 into main Jan 1, 2026
10 checks passed
@jschwinger233 jschwinger233 deleted the pr/brb/trace-xdp branch January 1, 2026 03:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jschwinger233 jschwinger233 jschwinger233 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Unable to track BPF helpers in XDP programs

2 participants

@brb @jschwinger233