Embed counter snapshots in bf_rule and bf_chain#527
Merged
qdeslandes merged 2 commits intofacebook:mainfrom May 9, 2026
Merged
Embed counter snapshots in bf_rule and bf_chain#527qdeslandes merged 2 commits intofacebook:mainfrom
bf_rule and bf_chain#527qdeslandes merged 2 commits intofacebook:mainfrom
Conversation
Contributor
Author
|
@claude review |
Claude review of PR #527 (d6f88ab)Must fix
Suggestions
Nits
|
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
qdeslandes
force-pushed
the
counters_in_rule
branch
from
6b85e52 to
d6f88ab
Compare
Contributor
Author
|
@claude review |
qdeslandes
changed the title
bf_rule and `bf_chainbf_rule and bf_chain
bf_rule doesn't need a full boolean to flag whether counters are defined or not, use a 1 bit field instead. Follow up changes will apply this pattern to bf_rule.mark and bf_rule.disabled.
Counter values were previously delivered alongside chains as a parallel bf_list parameter on bf_chain_get/bf_ruleset_get, requiring consumers to walk two lists in lockstep. Embed the snapshots directly: - struct bf_counter counters in bf_rule (valid when has_counters == 1) - struct bf_counter policy_counters and error_counters in bf_chain Add bf_cgen_load_counters() to refresh those fields from the BPF counters map, and call it from bf_chain_get and bf_ruleset_get on the read path. The pinned BPF map remains the source of truth: snapshots are populated per-invocation, never cached, and intentionally not serialized. Drop the counters parameter from bf_chain_get and bf_ruleset_get; update bfcli, the fuzz stub, the test harness, and unit tests accordingly. bf_rule_new_from_pack accepts both the new "has_counters" key and the legacy "counters" key, so chains pinned by an earlier build remain readable.
qdeslandes
force-pushed
the
counters_in_rule
branch
from
b47b3ad to
c440961
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Counter values were previously delivered alongside chains as a parallel
bf_listparameter onbf_chain_get/bf_ruleset_get, requiring every consumer to walk two lists in lockstep and to re-derive which slot belonged to which rule. This series moves the snapshots into the data model and refreshes them on the read path.