On Mon Jun 22, 2026 at 3:32 PM PDT, Alexei Starovoitov wrote: > Sorry, this is no go. > There is bpf_spin_lock that use can use to synchronize access > between bpf progs and user space. > lookup_and_delete with BPF_F_LOCK uses the same lock. > Or add another syscall program that is triggered from user space > that operates on the same map. > Or convert everything to arena and use whatever algorithm you prefer.
Thanks for taking the time to look at this, and for the pointers. That makes sense. Using bpf_spin_lock to synchronize the datapath and user space, and driving the conditional delete from a SYSCALL program (or moving the state into arena), stays within the existing programmability model instead of adding new UAPI. At the same time, it still lets us close the conntrack GC race we were after. I'll explore those directions rather than a new map primitive. Appreciate the pointers.
