git.ipfire.org Git - thirdparty/kernel/linux.git/commit

author	Matt Bobrowski <mattbobrowski@google.com>
	Tue, 27 Jan 2026 08:51:10 +0000 (08:51 +0000)
committer	Alexei Starovoitov <ast@kernel.org>
	Tue, 27 Jan 2026 17:05:54 +0000 (09:05 -0800)
commit	752b807028e63f1473b84eb1350e131eca5e5249
tree	14099808ccce2765fb5e94314e4f8d764bfbceb9	tree
parent	8016abd6314ed1ed01ff09404e3c82ceb13c185b	commit \| diff

bpf: add new BPF_CGROUP_ITER_CHILDREN control option

Currently, the BPF cgroup iterator supports walking descendants in
either pre-order (BPF_CGROUP_ITER_DESCENDANTS_PRE) or post-order
(BPF_CGROUP_ITER_DESCENDANTS_POST). These modes perform an exhaustive
depth-first search (DFS) of the hierarchy. In scenarios where a BPF
program may need to inspect only the direct children of a given parent
cgroup, a full DFS is unnecessarily expensive.

This patch introduces a new BPF cgroup iterator control option,
BPF_CGROUP_ITER_CHILDREN. This control option restricts the traversal
to the immediate children of a specified parent cgroup, allowing for
more targeted and efficient iteration, particularly when exhaustive
depth-first search (DFS) traversal is not required.

Signed-off-by: Matt Bobrowski <mattbobrowski@google.com>
Link: https://lore.kernel.org/r/20260127085112.3608687-1-mattbobrowski@google.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>

include/uapi/linux/bpf.h		diff \| blob \| blame \| history
kernel/bpf/cgroup_iter.c		diff \| blob \| blame \| history
tools/include/uapi/linux/bpf.h		diff \| blob \| blame \| history