diff options
| author | Alexei Starovoitov <ast@fb.com> | 2017-10-03 01:50:22 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2017-10-04 19:05:05 -0400 |
| commit | 468e2f64d220fe2dc11caa2bcb9b3a1e50fc7321 (patch) | |
| tree | da21e580b4a534f6feab72ba479b6d3e0ad951f1 /kernel/bpf/syscall.c | |
| parent | 324bda9e6c5add86ba2e1066476481c48132aca0 (diff) | |
bpf: introduce BPF_PROG_QUERY command
introduce BPF_PROG_QUERY command to retrieve a set of either
attached programs to given cgroup or a set of effective programs
that will execute for events within a cgroup
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Martin KaFai Lau <kafai@fb.com>
for cgroup bits
Acked-by: Tejun Heo <tj@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'kernel/bpf/syscall.c')
| -rw-r--r-- | kernel/bpf/syscall.c | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c index 51bee695d32c..0048cb24ba7b 100644 --- a/kernel/bpf/syscall.c +++ b/kernel/bpf/syscall.c | |||
| @@ -1272,6 +1272,37 @@ static int bpf_prog_detach(const union bpf_attr *attr) | |||
| 1272 | return ret; | 1272 | return ret; |
| 1273 | } | 1273 | } |
| 1274 | 1274 | ||
| 1275 | #define BPF_PROG_QUERY_LAST_FIELD query.prog_cnt | ||
| 1276 | |||
| 1277 | static int bpf_prog_query(const union bpf_attr *attr, | ||
| 1278 | union bpf_attr __user *uattr) | ||
| 1279 | { | ||
| 1280 | struct cgroup *cgrp; | ||
| 1281 | int ret; | ||
| 1282 | |||
| 1283 | if (!capable(CAP_NET_ADMIN)) | ||
| 1284 | return -EPERM; | ||
| 1285 | if (CHECK_ATTR(BPF_PROG_QUERY)) | ||
| 1286 | return -EINVAL; | ||
| 1287 | if (attr->query.query_flags & ~BPF_F_QUERY_EFFECTIVE) | ||
| 1288 | return -EINVAL; | ||
| 1289 | |||
| 1290 | switch (attr->query.attach_type) { | ||
| 1291 | case BPF_CGROUP_INET_INGRESS: | ||
| 1292 | case BPF_CGROUP_INET_EGRESS: | ||
| 1293 | case BPF_CGROUP_INET_SOCK_CREATE: | ||
| 1294 | case BPF_CGROUP_SOCK_OPS: | ||
| 1295 | break; | ||
| 1296 | default: | ||
| 1297 | return -EINVAL; | ||
| 1298 | } | ||
| 1299 | cgrp = cgroup_get_from_fd(attr->query.target_fd); | ||
| 1300 | if (IS_ERR(cgrp)) | ||
| 1301 | return PTR_ERR(cgrp); | ||
| 1302 | ret = cgroup_bpf_query(cgrp, attr, uattr); | ||
| 1303 | cgroup_put(cgrp); | ||
| 1304 | return ret; | ||
| 1305 | } | ||
| 1275 | #endif /* CONFIG_CGROUP_BPF */ | 1306 | #endif /* CONFIG_CGROUP_BPF */ |
| 1276 | 1307 | ||
| 1277 | #define BPF_PROG_TEST_RUN_LAST_FIELD test.duration | 1308 | #define BPF_PROG_TEST_RUN_LAST_FIELD test.duration |
| @@ -1568,6 +1599,9 @@ SYSCALL_DEFINE3(bpf, int, cmd, union bpf_attr __user *, uattr, unsigned int, siz | |||
| 1568 | case BPF_PROG_DETACH: | 1599 | case BPF_PROG_DETACH: |
| 1569 | err = bpf_prog_detach(&attr); | 1600 | err = bpf_prog_detach(&attr); |
| 1570 | break; | 1601 | break; |
| 1602 | case BPF_PROG_QUERY: | ||
| 1603 | err = bpf_prog_query(&attr, uattr); | ||
| 1604 | break; | ||
| 1571 | #endif | 1605 | #endif |
| 1572 | case BPF_PROG_TEST_RUN: | 1606 | case BPF_PROG_TEST_RUN: |
| 1573 | err = bpf_prog_test_run(&attr, uattr); | 1607 | err = bpf_prog_test_run(&attr, uattr); |