14872145375

Committed 06 May 2025 09:07PM UTC coverage: 72.232% (+0.02%) from 72.214%

Build # 14872145375

Build Type

push

github

Committed by

DaanDeMeyer

Commit Message

string-table: annotate _to_string and _from_string with _const_ and _pure_, respectively

Follow-up for c94f6ab1b

Coverage Stats

297286 of 411572 relevant lines covered (72.23%)

695615.99 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

56.72

/src/shared/bpf-program.c

/* SPDX-License-Identifier: LGPL-2.1-or-later */

#include <fcntl.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <unistd.h>

#include "alloc-util.h"
#include "bpf-program.h"
#include "errno-util.h"
#include "escape.h"
#include "fd-util.h"
#include "memory-util.h"
#include "missing_syscall.h"
#include "parse-util.h"
#include "path-util.h"
#include "serialize.h"
#include "string-table.h"

static const char *const bpf_cgroup_attach_type_table[__MAX_BPF_ATTACH_TYPE] = {
        [BPF_CGROUP_INET_INGRESS] =     "ingress",
        [BPF_CGROUP_INET_EGRESS] =      "egress",
        [BPF_CGROUP_INET_SOCK_CREATE] = "sock_create",
        [BPF_CGROUP_SOCK_OPS] =         "sock_ops",
        [BPF_CGROUP_DEVICE] =           "device",
        [BPF_CGROUP_INET4_BIND] =       "bind4",
        [BPF_CGROUP_INET6_BIND] =       "bind6",
        [BPF_CGROUP_INET4_CONNECT] =    "connect4",
        [BPF_CGROUP_INET6_CONNECT] =    "connect6",
        [BPF_CGROUP_INET4_POST_BIND] =  "post_bind4",
        [BPF_CGROUP_INET6_POST_BIND] =  "post_bind6",
        [BPF_CGROUP_UDP4_SENDMSG] =     "sendmsg4",
        [BPF_CGROUP_UDP6_SENDMSG] =     "sendmsg6",
        [BPF_CGROUP_SYSCTL] =           "sysctl",
        [BPF_CGROUP_UDP4_RECVMSG] =     "recvmsg4",
        [BPF_CGROUP_UDP6_RECVMSG] =     "recvmsg6",
        [BPF_CGROUP_GETSOCKOPT] =       "getsockopt",
        [BPF_CGROUP_SETSOCKOPT] =       "setsockopt",
};

DEFINE_STRING_TABLE_LOOKUP(bpf_cgroup_attach_type, int);

DEFINE_HASH_OPS_WITH_KEY_DESTRUCTOR(bpf_program_hash_ops, void, trivial_hash_func, trivial_compare_func, bpf_program_free);

BPFProgram *bpf_program_free(BPFProgram *p) {
        if (!p)
                return NULL;
        /* Unfortunately, the kernel currently doesn't implicitly detach BPF programs from their cgroups when the last
         * fd to the BPF program is closed. This has nasty side-effects since this means that abnormally terminated
         * programs that attached one of their BPF programs to a cgroup will leave this program pinned for good with
         * zero chance of recovery, until the cgroup is removed. This is particularly problematic if the cgroup in
         * question is the root cgroup (or any other cgroup belonging to a service that cannot be restarted during
         * operation, such as dbus), as the memory for the BPF program can only be reclaimed through a reboot. To
         * counter this, we track closely to which cgroup a program was attached to and will detach it on our own
         * whenever we close the BPF fd. */
        (void) bpf_program_cgroup_detach(p);

        safe_close(p->kernel_fd);
        free(p->prog_name);
        free(p->instructions);
        free(p->attached_path);

        return mfree(p);
}

 /* struct bpf_prog_info info must be initialized since its value is both input and output
  * for BPF_OBJ_GET_INFO_BY_FD syscall. */
static int bpf_program_get_info_by_fd(int prog_fd, struct bpf_prog_info *info, uint32_t info_len) {
        union bpf_attr attr;

        /* Explicitly memset to zero since some compilers may produce non-zero-initialized padding when
         * structured initialization is used.
         * Refer to https://github.com/systemd/systemd/issues/18164
         */
        zero(attr);
        attr.info.bpf_fd = prog_fd;
        attr.info.info_len = info_len;
        attr.info.info = PTR_TO_UINT64(info);

        return RET_NERRNO(bpf(BPF_OBJ_GET_INFO_BY_FD, &attr, sizeof(attr)));
}

int bpf_program_new(uint32_t prog_type, const char *prog_name, BPFProgram **ret) {
        _cleanup_(bpf_program_freep) BPFProgram *p = NULL;
        _cleanup_free_ char *name = NULL;

        if (prog_name) {
                if (strlen(prog_name) >= BPF_OBJ_NAME_LEN)
                        return -ENAMETOOLONG;

                name = strdup(prog_name);
                if (!name)
                        return -ENOMEM;
        }

        p = new(BPFProgram, 1);
        if (!p)
                return -ENOMEM;

        *p = (BPFProgram) {
                .prog_type = prog_type,
                .kernel_fd = -EBADF,
                .prog_name = TAKE_PTR(name),
        };

        *ret = TAKE_PTR(p);

        return 0;
}

int bpf_program_new_from_bpffs_path(const char *path, BPFProgram **ret) {
        _cleanup_(bpf_program_freep) BPFProgram *p = NULL;
        struct bpf_prog_info info = {};
        int r;

        assert(path);
        assert(ret);

        p = new(BPFProgram, 1);
        if (!p)
                return -ENOMEM;

        *p = (BPFProgram) {
                .prog_type = BPF_PROG_TYPE_UNSPEC,
                .kernel_fd = -EBADF,
        };

        r = bpf_program_load_from_bpf_fs(p, path);
        if (r < 0)
                return r;

        r = bpf_program_get_info_by_fd(p->kernel_fd, &info, sizeof(info));
        if (r < 0)
                return r;

        p->prog_type = info.type;
        *ret = TAKE_PTR(p);

        return 0;
}

int bpf_program_add_instructions(BPFProgram *p, const struct bpf_insn *instructions, size_t count) {

        assert(p);

        if (p->kernel_fd >= 0) /* don't allow modification after we uploaded things to the kernel */
                return -EBUSY;

        if (!GREEDY_REALLOC(p->instructions, p->n_instructions + count))
                return -ENOMEM;

        memcpy(p->instructions + p->n_instructions, instructions, sizeof(struct bpf_insn) * count);
        p->n_instructions += count;

        return 0;
}

int bpf_program_load_kernel(BPFProgram *p, char *log_buf, size_t log_size) {
        union bpf_attr attr;

        assert(p);

        if (p->kernel_fd >= 0) { /* make this idempotent */
                memzero(log_buf, log_size);
                return 0;
        }

        // FIXME: Clang doesn't 0-pad with structured initialization, causing
        // the kernel to reject the bpf_attr as invalid. See:
        // https://github.com/torvalds/linux/blob/v5.9/kernel/bpf/syscall.c#L65
        // Ideally it should behave like GCC, so that we can remove these workarounds.
        zero(attr);
        attr.prog_type = p->prog_type;
        attr.insns = PTR_TO_UINT64(p->instructions);
        attr.insn_cnt = p->n_instructions;
        attr.license = PTR_TO_UINT64("GPL");
        attr.log_buf = PTR_TO_UINT64(log_buf);
        attr.log_level = !!log_buf;
        attr.log_size = log_size;
        if (p->prog_name)
                strncpy(attr.prog_name, p->prog_name, BPF_OBJ_NAME_LEN - 1);

        p->kernel_fd = bpf(BPF_PROG_LOAD, &attr, sizeof(attr));
        if (p->kernel_fd < 0)
                return -errno;

        return 0;
}

int bpf_program_load_from_bpf_fs(BPFProgram *p, const char *path) {
        union bpf_attr attr;

        assert(p);

        if (p->kernel_fd >= 0) /* don't overwrite an assembled or loaded program */
                return -EBUSY;

        zero(attr);
        attr.pathname = PTR_TO_UINT64(path);

        p->kernel_fd = bpf(BPF_OBJ_GET, &attr, sizeof(attr));
        if (p->kernel_fd < 0)
                return -errno;

        return 0;
}

int bpf_program_cgroup_attach(BPFProgram *p, int type, const char *path, uint32_t flags) {
        _cleanup_free_ char *copy = NULL;
        _cleanup_close_ int fd = -EBADF;
        union bpf_attr attr;
        int r;

        assert(p);
        assert(type >= 0);
        assert(path);

        if (!IN_SET(flags, 0, BPF_F_ALLOW_OVERRIDE, BPF_F_ALLOW_MULTI))
                return -EINVAL;

        /* We need to track which cgroup the program is attached to, and we can only track one attachment, hence let's
        * refuse this early. */
        if (p->attached_path) {
                if (!path_equal(p->attached_path, path))
                        return -EBUSY;
                if (p->attached_type != type)
                        return -EBUSY;
                if (p->attached_flags != flags)
                        return -EBUSY;

                /* Here's a shortcut: if we previously attached this program already, then we don't have to do so
                 * again. Well, with one exception: if we are in BPF_F_ALLOW_OVERRIDE mode then someone else might have
                 * replaced our program since the last time, hence let's reattach it again, just to be safe. In flags
                 * == 0 mode this is not an issue since nobody else can replace our program in that case, and in flags
                 * == BPF_F_ALLOW_MULTI mode any other's program would be installed in addition to ours hence ours
                 * would remain in effect. */
                if (flags != BPF_F_ALLOW_OVERRIDE)
                        return 0;
        }

        /* Ensure we have a kernel object for this. */
        r = bpf_program_load_kernel(p, NULL, 0);
        if (r < 0)
                return r;

        copy = strdup(path);
        if (!copy)
                return -ENOMEM;

        fd = open(path, O_DIRECTORY|O_RDONLY|O_CLOEXEC);
        if (fd < 0)
                return -errno;

        zero(attr);
        attr.attach_type = type;
        attr.target_fd = fd;
        attr.attach_bpf_fd = p->kernel_fd;
        attr.attach_flags = flags;

        if (bpf(BPF_PROG_ATTACH, &attr, sizeof(attr)) < 0)
                return -errno;

        free_and_replace(p->attached_path, copy);
        p->attached_type = type;
        p->attached_flags = flags;

        return 0;
}

int bpf_program_cgroup_detach(BPFProgram *p) {
        _cleanup_close_ int fd = -EBADF;

        assert(p);

        if (!p->attached_path)
                return -EUNATCH;

        fd = open(p->attached_path, O_DIRECTORY|O_RDONLY|O_CLOEXEC);
        if (fd < 0) {
                if (errno != ENOENT)
                        return -errno;

                /* If the cgroup does not exist anymore, then we don't have to explicitly detach, it got detached
                 * implicitly by the removal, hence don't complain */

        } else {
                union bpf_attr attr;

                zero(attr);
                attr.attach_type = p->attached_type;
                attr.target_fd = fd;
                attr.attach_bpf_fd = p->kernel_fd;

                if (bpf(BPF_PROG_DETACH, &attr, sizeof(attr)) < 0)
                        return -errno;
        }

        p->attached_path = mfree(p->attached_path);

        return 0;
}

int bpf_map_new(
                const char *name,
                enum bpf_map_type type,
                size_t key_size,
                size_t value_size,
                size_t max_entries,
                uint32_t flags) {

        union bpf_attr attr;
        const char *n = name;

        zero(attr);
        attr.map_type = type;
        attr.key_size = key_size;
        attr.value_size = value_size;
        attr.max_entries = max_entries;
        attr.map_flags = flags;

        /* The map name is primarily informational for debugging purposes, and typically too short
         * to carry the full unit name, hence we employ a trivial lossy escaping to make it fit
         * (truncation + only alphanumerical, "." and "_" are allowed as per
         * https://docs.kernel.org/bpf/maps.html#usage-notes) */
        for (size_t i = 0; i < sizeof(attr.map_name) - 1 && *n; i++, n++)
                attr.map_name[i] = strchr(ALPHANUMERICAL ".", *n) ? *n : '_';

        return RET_NERRNO(bpf(BPF_MAP_CREATE, &attr, sizeof(attr)));
}

int bpf_map_update_element(int fd, const void *key, void *value) {
        union bpf_attr attr;

        zero(attr);
        attr.map_fd = fd;
        attr.key = PTR_TO_UINT64(key);
        attr.value = PTR_TO_UINT64(value);

        return RET_NERRNO(bpf(BPF_MAP_UPDATE_ELEM, &attr, sizeof(attr)));
}

int bpf_map_lookup_element(int fd, const void *key, void *value) {
        union bpf_attr attr;

        zero(attr);
        attr.map_fd = fd;
        attr.key = PTR_TO_UINT64(key);
        attr.value = PTR_TO_UINT64(value);

        return RET_NERRNO(bpf(BPF_MAP_LOOKUP_ELEM, &attr, sizeof(attr)));
}

int bpf_program_pin(int prog_fd, const char *bpffs_path) {
        union bpf_attr attr;

        zero(attr);
        attr.pathname = PTR_TO_UINT64((void *) bpffs_path);
        attr.bpf_fd = prog_fd;

        return RET_NERRNO(bpf(BPF_OBJ_PIN, &attr, sizeof(attr)));
}

int bpf_program_get_id_by_fd(int prog_fd, uint32_t *ret_id) {
        struct bpf_prog_info info = {};
        int r;

        assert(ret_id);

        r = bpf_program_get_info_by_fd(prog_fd, &info, sizeof(info));
        if (r < 0)
                return r;

        *ret_id = info.id;

        return 0;
};

int bpf_program_serialize_attachment(
                FILE *f,
                FDSet *fds,
                const char *key,
                BPFProgram *p) {

        _cleanup_free_ char *escaped = NULL;
        int copy, r;

        if (!p || !p->attached_path)
                return 0;

        assert(p->kernel_fd >= 0);

        escaped = cescape(p->attached_path);
        if (!escaped)
                return -ENOMEM;

        copy = fdset_put_dup(fds, p->kernel_fd);
        if (copy < 0)
                return log_error_errno(copy, "Failed to add BPF kernel fd to serialize: %m");

        r = serialize_item_format(
                        f,
                        key,
                        "%i %s %s",
                        copy,
                        bpf_cgroup_attach_type_to_string(p->attached_type),
                        escaped);
        if (r < 0)
                return r;

        /* After serialization, let's forget the fact that this program is attached. The attachment — if you
         * so will — is now 'owned' by the serialization, and not us anymore. Why does that matter? Because
         * of BPF's less-than-ideal lifecycle handling: to detach a program from a cgroup we have to
         * explicitly do so, it's not done implicitly on close(). Now, since we are serializing here we don't
         * want the program to be detached while freeing things, so that the attachment can be retained after
         * deserializing again. bpf_program_free() implicitly detaches things, if attached_path is non-NULL,
         * hence we set it to NULL here. */

        p->attached_path = mfree(p->attached_path);
        return 0;
}

int bpf_program_serialize_attachment_set(FILE *f, FDSet *fds, const char *key, Set *set) {
        BPFProgram *p;
        int r;

        SET_FOREACH(p, set) {
                r = bpf_program_serialize_attachment(f, fds, key, p);
                if (r < 0)
                        return r;
        }

        return 0;
}

int bpf_program_deserialize_attachment(const char *v, FDSet *fds, BPFProgram **bpfp) {
        _cleanup_free_ char *sfd = NULL, *sat = NULL, *unescaped = NULL;
        _cleanup_(bpf_program_freep) BPFProgram *p = NULL;
        _cleanup_close_ int fd = -EBADF;
        ssize_t l;
        int ifd, at, r;

        assert(v);
        assert(bpfp);

        /* Extract first word: the fd number */
        r = extract_first_word(&v, &sfd, NULL, 0);
        if (r < 0)
                return r;
        if (r == 0)
                return -EINVAL;

        ifd = parse_fd(sfd);
        if (ifd < 0)
                return r;

        /* Extract second word: the attach type */
        r = extract_first_word(&v, &sat, NULL, 0);
        if (r < 0)
                return r;
        if (r == 0)
                return -EINVAL;

        at = bpf_cgroup_attach_type_from_string(sat);
        if (at < 0)
                return at;

        /* The rest is the path */
        if (isempty(v))
                return -EINVAL;

        l = cunescape(v, 0, &unescaped);
        if (l < 0)
                return l;

        fd = fdset_remove(fds, ifd);
        if (fd < 0)
                return fd;

        p = new(BPFProgram, 1);
        if (!p)
                return -ENOMEM;

        *p = (BPFProgram) {
                .kernel_fd = TAKE_FD(fd),
                .prog_type = BPF_PROG_TYPE_UNSPEC,
                .attached_path = TAKE_PTR(unescaped),
                .attached_type = at,
        };

        if (*bpfp)
                bpf_program_free(*bpfp);

        *bpfp = TAKE_PTR(p);
        return 0;
}

int bpf_program_deserialize_attachment_set(const char *v, FDSet *fds, Set **bpfsetp) {
        BPFProgram *p = NULL;
        int r;

        assert(v);
        assert(bpfsetp);

        r = bpf_program_deserialize_attachment(v, fds, &p);
        if (r < 0)
                return r;

        r = set_ensure_consume(bpfsetp, &bpf_program_hash_ops, p);
        if (r < 0)
                return r;

        return 0;
}

1	/* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3	#include <fcntl.h>
4	#include <sys/stat.h>
5	#include <sys/types.h>
6	#include <unistd.h>
7
8	#include "alloc-util.h"
9	#include "bpf-program.h"
10	#include "errno-util.h"
11	#include "escape.h"
12	#include "fd-util.h"
13	#include "memory-util.h"
14	#include "missing_syscall.h"
15	#include "parse-util.h"
16	#include "path-util.h"
17	#include "serialize.h"
18	#include "string-table.h"
19
20	static const char *const bpf_cgroup_attach_type_table[__MAX_BPF_ATTACH_TYPE] = {
21	[BPF_CGROUP_INET_INGRESS] = "ingress",
22	[BPF_CGROUP_INET_EGRESS] = "egress",
23	[BPF_CGROUP_INET_SOCK_CREATE] = "sock_create",
24	[BPF_CGROUP_SOCK_OPS] = "sock_ops",
25	[BPF_CGROUP_DEVICE] = "device",
26	[BPF_CGROUP_INET4_BIND] = "bind4",
27	[BPF_CGROUP_INET6_BIND] = "bind6",
28	[BPF_CGROUP_INET4_CONNECT] = "connect4",
29	[BPF_CGROUP_INET6_CONNECT] = "connect6",
30	[BPF_CGROUP_INET4_POST_BIND] = "post_bind4",
31	[BPF_CGROUP_INET6_POST_BIND] = "post_bind6",
32	[BPF_CGROUP_UDP4_SENDMSG] = "sendmsg4",
33	[BPF_CGROUP_UDP6_SENDMSG] = "sendmsg6",
34	[BPF_CGROUP_SYSCTL] = "sysctl",
35	[BPF_CGROUP_UDP4_RECVMSG] = "recvmsg4",
36	[BPF_CGROUP_UDP6_RECVMSG] = "recvmsg6",
37	[BPF_CGROUP_GETSOCKOPT] = "getsockopt",
38	[BPF_CGROUP_SETSOCKOPT] = "setsockopt",
39	};
40
41	DEFINE_STRING_TABLE_LOOKUP(bpf_cgroup_attach_type, int);	738✔
42
43	DEFINE_HASH_OPS_WITH_KEY_DESTRUCTOR(bpf_program_hash_ops, void, trivial_hash_func, trivial_compare_func, bpf_program_free);	×
44
45	BPFProgram bpf_program_free(BPFProgram p) {	116,888✔
46	if (!p)	116,888✔
47	return NULL;
48	/* Unfortunately, the kernel currently doesn't implicitly detach BPF programs from their cgroups when the last
49	* fd to the BPF program is closed. This has nasty side-effects since this means that abnormally terminated
50	* programs that attached one of their BPF programs to a cgroup will leave this program pinned for good with
51	* zero chance of recovery, until the cgroup is removed. This is particularly problematic if the cgroup in
52	* question is the root cgroup (or any other cgroup belonging to a service that cannot be restarted during
53	* operation, such as dbus), as the memory for the BPF program can only be reclaimed through a reboot. To
54	* counter this, we track closely to which cgroup a program was attached to and will detach it on our own
55	* whenever we close the BPF fd. */
56	(void) bpf_program_cgroup_detach(p);	1,014✔
57
58	safe_close(p->kernel_fd);	1,014✔
59	free(p->prog_name);	1,014✔
60	free(p->instructions);	1,014✔
61	free(p->attached_path);	1,014✔
62
63	return mfree(p);	1,014✔
64	}
65
66	/* struct bpf_prog_info info must be initialized since its value is both input and output
67	* for BPF_OBJ_GET_INFO_BY_FD syscall. */
68	static int bpf_program_get_info_by_fd(int prog_fd, struct bpf_prog_info *info, uint32_t info_len) {	×
69	union bpf_attr attr;	×
70
71	/* Explicitly memset to zero since some compilers may produce non-zero-initialized padding when
72	* structured initialization is used.
73	* Refer to https://github.com/systemd/systemd/issues/18164
74	*/
75	zero(attr);	×
76	attr.info.bpf_fd = prog_fd;	×
77	attr.info.info_len = info_len;	×
78	attr.info.info = PTR_TO_UINT64(info);	×
79
80	return RET_NERRNO(bpf(BPF_OBJ_GET_INFO_BY_FD, &attr, sizeof(attr)));	×
81	}
82
83	int bpf_program_new(uint32_t prog_type, const char prog_name, BPFProgram *ret) {	701✔
84	_cleanup_(bpf_program_freep) BPFProgram *p = NULL;	1,402✔
85	_cleanup_free_ char *name = NULL;	701✔
86
87	if (prog_name) {	701✔
88	if (strlen(prog_name) >= BPF_OBJ_NAME_LEN)	461✔
89	return -ENAMETOOLONG;
90
91	name = strdup(prog_name);	461✔
92	if (!name)	461✔
93	return -ENOMEM;
94	}
95
96	p = new(BPFProgram, 1);	701✔
97	if (!p)	701✔
98	return -ENOMEM;
99
100	*p = (BPFProgram) {	701✔
101	.prog_type = prog_type,
102	.kernel_fd = -EBADF,
103	.prog_name = TAKE_PTR(name),	701✔
104	};
105
106	*ret = TAKE_PTR(p);	701✔
107
108	return 0;	701✔
109	}
110
111	int bpf_program_new_from_bpffs_path(const char path, BPFProgram *ret) {	×
112	_cleanup_(bpf_program_freep) BPFProgram *p = NULL;	×
113	struct bpf_prog_info info = {};	×
114	int r;	×
115
116	assert(path);	×
117	assert(ret);	×
118
119	p = new(BPFProgram, 1);	×
120	if (!p)	×
121	return -ENOMEM;
122
123	*p = (BPFProgram) {	×
124	.prog_type = BPF_PROG_TYPE_UNSPEC,
125	.kernel_fd = -EBADF,
126	};
127
128	r = bpf_program_load_from_bpf_fs(p, path);	×
129	if (r < 0)	×
130	return r;
131
132	r = bpf_program_get_info_by_fd(p->kernel_fd, &info, sizeof(info));	×
133	if (r < 0)	×
134	return r;
135
136	p->prog_type = info.type;	×
137	*ret = TAKE_PTR(p);	×
138
139	return 0;	×
140	}
141
142	int bpf_program_add_instructions(BPFProgram p, const struct bpf_insn instructions, size_t count) {	3,322✔
143
144	assert(p);	3,322✔
145
146	if (p->kernel_fd >= 0) /* don't allow modification after we uploaded things to the kernel */	3,322✔
147	return -EBUSY;
148
149	if (!GREEDY_REALLOC(p->instructions, p->n_instructions + count))	3,322✔
150	return -ENOMEM;
151
152	memcpy(p->instructions + p->n_instructions, instructions, sizeof(struct bpf_insn) * count);	3,322✔
153	p->n_instructions += count;	3,322✔
154
155	return 0;	3,322✔
156	}
157
158	int bpf_program_load_kernel(BPFProgram p, char log_buf, size_t log_size) {	701✔
159	union bpf_attr attr;	701✔
160
161	assert(p);	701✔
162
163	if (p->kernel_fd >= 0) { /* make this idempotent */	701✔
164	memzero(log_buf, log_size);	×
165	return 0;	×
166	}
167
168	// FIXME: Clang doesn't 0-pad with structured initialization, causing
169	// the kernel to reject the bpf_attr as invalid. See:
170	// https://github.com/torvalds/linux/blob/v5.9/kernel/bpf/syscall.c#L65
171	// Ideally it should behave like GCC, so that we can remove these workarounds.
172	zero(attr);	701✔
173	attr.prog_type = p->prog_type;	701✔
174	attr.insns = PTR_TO_UINT64(p->instructions);	701✔
175	attr.insn_cnt = p->n_instructions;	701✔
176	attr.license = PTR_TO_UINT64("GPL");	701✔
177	attr.log_buf = PTR_TO_UINT64(log_buf);	701✔
178	attr.log_level = !!log_buf;	701✔
179	attr.log_size = log_size;	701✔
180	if (p->prog_name)	701✔
181	strncpy(attr.prog_name, p->prog_name, BPF_OBJ_NAME_LEN - 1);	461✔
182
183	p->kernel_fd = bpf(BPF_PROG_LOAD, &attr, sizeof(attr));	701✔
184	if (p->kernel_fd < 0)	701✔
185	return -errno;	261✔
186
187	return 0;
188	}
189
190	int bpf_program_load_from_bpf_fs(BPFProgram p, const char path) {	×
191	union bpf_attr attr;	×
192
193	assert(p);	×
194
195	if (p->kernel_fd >= 0) /* don't overwrite an assembled or loaded program */	×
196	return -EBUSY;	×
197
198	zero(attr);	×
199	attr.pathname = PTR_TO_UINT64(path);	×
200
201	p->kernel_fd = bpf(BPF_OBJ_GET, &attr, sizeof(attr));	×
202	if (p->kernel_fd < 0)	×
203	return -errno;	×
204
205	return 0;
206	}
207
208	int bpf_program_cgroup_attach(BPFProgram p, int type, const char path, uint32_t flags) {	336✔
209	_cleanup_free_ char *copy = NULL;	336✔
210	_cleanup_close_ int fd = -EBADF;	336✔
211	union bpf_attr attr;	336✔
212	int r;	336✔
213
214	assert(p);	336✔
215	assert(type >= 0);	336✔
216	assert(path);	336✔
217
218	if (!IN_SET(flags, 0, BPF_F_ALLOW_OVERRIDE, BPF_F_ALLOW_MULTI))	336✔
219	return -EINVAL;
220
221	/* We need to track which cgroup the program is attached to, and we can only track one attachment, hence let's
222	* refuse this early. */
223	if (p->attached_path) {	336✔
224	if (!path_equal(p->attached_path, path))	×
225	return -EBUSY;
226	if (p->attached_type != type)	×
227	return -EBUSY;
228	if (p->attached_flags != flags)	×
229	return -EBUSY;
230
231	/* Here's a shortcut: if we previously attached this program already, then we don't have to do so
232	* again. Well, with one exception: if we are in BPF_F_ALLOW_OVERRIDE mode then someone else might have
233	* replaced our program since the last time, hence let's reattach it again, just to be safe. In flags
234	* == 0 mode this is not an issue since nobody else can replace our program in that case, and in flags
235	* == BPF_F_ALLOW_MULTI mode any other's program would be installed in addition to ours hence ours
236	* would remain in effect. */
237	if (flags != BPF_F_ALLOW_OVERRIDE)	×
238	return 0;
239	}
240
241	/* Ensure we have a kernel object for this. */
242	r = bpf_program_load_kernel(p, NULL, 0);	336✔
243	if (r < 0)	336✔
244	return r;
245
246	copy = strdup(path);	336✔
247	if (!copy)	336✔
248	return -ENOMEM;
249
250	fd = open(path, O_DIRECTORY\|O_RDONLY\|O_CLOEXEC);	336✔
251	if (fd < 0)	336✔
252	return -errno;	×
253
254	zero(attr);	336✔
255	attr.attach_type = type;	336✔
256	attr.target_fd = fd;	336✔
257	attr.attach_bpf_fd = p->kernel_fd;	336✔
258	attr.attach_flags = flags;	336✔
259
260	if (bpf(BPF_PROG_ATTACH, &attr, sizeof(attr)) < 0)	336✔
261	return -errno;	×
262
263	free_and_replace(p->attached_path, copy);	336✔
264	p->attached_type = type;	336✔
265	p->attached_flags = flags;	336✔
266
267	return 0;	336✔
268	}
269
270	int bpf_program_cgroup_detach(BPFProgram *p) {	1,014✔
271	_cleanup_close_ int fd = -EBADF;	1,014✔
272
273	assert(p);	1,014✔
274
275	if (!p->attached_path)	1,014✔
276	return -EUNATCH;
277
278	fd = open(p->attached_path, O_DIRECTORY\|O_RDONLY\|O_CLOEXEC);	224✔
279	if (fd < 0) {	224✔
280	if (errno != ENOENT)	105✔
281	return -errno;	×
282
283	/* If the cgroup does not exist anymore, then we don't have to explicitly detach, it got detached
284	* implicitly by the removal, hence don't complain */
285
286	} else {
287	union bpf_attr attr;	119✔
288
289	zero(attr);	119✔
290	attr.attach_type = p->attached_type;	119✔
291	attr.target_fd = fd;	119✔
292	attr.attach_bpf_fd = p->kernel_fd;	119✔
293
294	if (bpf(BPF_PROG_DETACH, &attr, sizeof(attr)) < 0)	119✔
295	return -errno;	×
296	}
297
298	p->attached_path = mfree(p->attached_path);	224✔
299
300	return 0;	224✔
301	}
302
303	int bpf_map_new(	×
304	const char *name,
305	enum bpf_map_type type,
306	size_t key_size,
307	size_t value_size,
308	size_t max_entries,
309	uint32_t flags) {
310
311	union bpf_attr attr;	×
312	const char *n = name;	×
313
314	zero(attr);	×
315	attr.map_type = type;	×
316	attr.key_size = key_size;	×
317	attr.value_size = value_size;	×
318	attr.max_entries = max_entries;	×
319	attr.map_flags = flags;	×
320
321	/* The map name is primarily informational for debugging purposes, and typically too short
322	* to carry the full unit name, hence we employ a trivial lossy escaping to make it fit
323	* (truncation + only alphanumerical, "." and "_" are allowed as per
324	* https://docs.kernel.org/bpf/maps.html#usage-notes) */
325	for (size_t i = 0; i < sizeof(attr.map_name) - 1 && *n; i++, n++)	×
326	attr.map_name[i] = strchr(ALPHANUMERICAL ".", n) ? n : '_';	×
327
328	return RET_NERRNO(bpf(BPF_MAP_CREATE, &attr, sizeof(attr)));	×
329	}
330
331	int bpf_map_update_element(int fd, const void key, void value) {	×
332	union bpf_attr attr;	×
333
334	zero(attr);	×
335	attr.map_fd = fd;	×
336	attr.key = PTR_TO_UINT64(key);	×
337	attr.value = PTR_TO_UINT64(value);	×
338
339	return RET_NERRNO(bpf(BPF_MAP_UPDATE_ELEM, &attr, sizeof(attr)));	×
340	}
341
342	int bpf_map_lookup_element(int fd, const void key, void value) {	×
343	union bpf_attr attr;	×
344
345	zero(attr);	×
346	attr.map_fd = fd;	×
347	attr.key = PTR_TO_UINT64(key);	×
348	attr.value = PTR_TO_UINT64(value);	×
349
350	return RET_NERRNO(bpf(BPF_MAP_LOOKUP_ELEM, &attr, sizeof(attr)));	×
351	}
352
353	int bpf_program_pin(int prog_fd, const char *bpffs_path) {	×
354	union bpf_attr attr;	×
355
356	zero(attr);	×
357	attr.pathname = PTR_TO_UINT64((void *) bpffs_path);	×
358	attr.bpf_fd = prog_fd;	×
359
360	return RET_NERRNO(bpf(BPF_OBJ_PIN, &attr, sizeof(attr)));	×
361	}
362
363	int bpf_program_get_id_by_fd(int prog_fd, uint32_t *ret_id) {	×
364	struct bpf_prog_info info = {};	×
365	int r;	×
366
367	assert(ret_id);	×
368
369	r = bpf_program_get_info_by_fd(prog_fd, &info, sizeof(info));	×
370	if (r < 0)	×
371	return r;	×
372
373	*ret_id = info.id;	×
374
375	return 0;	×
376	};
377
378	int bpf_program_serialize_attachment(	15,690✔
379	FILE *f,
380	FDSet *fds,
381	const char *key,
382	BPFProgram *p) {
383
384	_cleanup_free_ char *escaped = NULL;	15,690✔
385	int copy, r;	15,690✔
386
387	if (!p \|\| !p->attached_path)	15,690✔
388	return 0;
389
390	assert(p->kernel_fd >= 0);	425✔
391
392	escaped = cescape(p->attached_path);	425✔
393	if (!escaped)	425✔
394	return -ENOMEM;
395
396	copy = fdset_put_dup(fds, p->kernel_fd);	425✔
397	if (copy < 0)	425✔
398	return log_error_errno(copy, "Failed to add BPF kernel fd to serialize: %m");	×
399
400	r = serialize_item_format(	425✔
401	f,
402	key,
403	"%i %s %s",
404	copy,
405	bpf_cgroup_attach_type_to_string(p->attached_type),
406	escaped);
407	if (r < 0)	425✔
408	return r;
409
410	/* After serialization, let's forget the fact that this program is attached. The attachment — if you
411	* so will — is now 'owned' by the serialization, and not us anymore. Why does that matter? Because
412	* of BPF's less-than-ideal lifecycle handling: to detach a program from a cgroup we have to
413	* explicitly do so, it's not done implicitly on close(). Now, since we are serializing here we don't
414	* want the program to be detached while freeing things, so that the attachment can be retained after
415	* deserializing again. bpf_program_free() implicitly detaches things, if attached_path is non-NULL,
416	* hence we set it to NULL here. */
417
418	p->attached_path = mfree(p->attached_path);	425✔
419	return 0;	425✔
420	}
421
422	int bpf_program_serialize_attachment_set(FILE f, FDSet fds, const char key, Set set) {	10,460✔
423	BPFProgram *p;	10,460✔
424	int r;	10,460✔
425
426	SET_FOREACH(p, set) {	10,460✔
427	r = bpf_program_serialize_attachment(f, fds, key, p);	×
428	if (r < 0)	×
429	return r;	×
430	}
431
432	return 0;	10,460✔
433	}
434
435	int bpf_program_deserialize_attachment(const char v, FDSet fds, BPFProgram **bpfp) {	313✔
436	_cleanup_free_ char sfd = NULL, sat = NULL, *unescaped = NULL;	313✔
437	_cleanup_(bpf_program_freep) BPFProgram *p = NULL;	×
438	_cleanup_close_ int fd = -EBADF;	313✔
439	ssize_t l;	313✔
440	int ifd, at, r;	313✔
441
442	assert(v);	313✔
443	assert(bpfp);	313✔
444
445	/* Extract first word: the fd number */
446	r = extract_first_word(&v, &sfd, NULL, 0);	313✔
447	if (r < 0)	313✔
448	return r;
449	if (r == 0)	313✔
450	return -EINVAL;
451
452	ifd = parse_fd(sfd);	313✔
453	if (ifd < 0)	313✔
454	return r;
455
456	/* Extract second word: the attach type */
457	r = extract_first_word(&v, &sat, NULL, 0);	313✔
458	if (r < 0)	313✔
459	return r;
460	if (r == 0)	313✔
461	return -EINVAL;
462
463	at = bpf_cgroup_attach_type_from_string(sat);	313✔
464	if (at < 0)	313✔
465	return at;
466
467	/* The rest is the path */
468	if (isempty(v))	626✔
469	return -EINVAL;
470
471	l = cunescape(v, 0, &unescaped);	313✔
472	if (l < 0)	313✔
473	return l;	×
474
475	fd = fdset_remove(fds, ifd);	313✔
476	if (fd < 0)	313✔
477	return fd;
478
479	p = new(BPFProgram, 1);	313✔
480	if (!p)	313✔
481	return -ENOMEM;
482
483	*p = (BPFProgram) {	313✔
484	.kernel_fd = TAKE_FD(fd),	313✔
485	.prog_type = BPF_PROG_TYPE_UNSPEC,
486	.attached_path = TAKE_PTR(unescaped),	313✔
487	.attached_type = at,
488	};
489
490	if (*bpfp)	313✔
491	bpf_program_free(*bpfp);	×
492
493	*bpfp = TAKE_PTR(p);	313✔
494	return 0;	313✔
495	}
496
497	int bpf_program_deserialize_attachment_set(const char v, FDSet fds, Set **bpfsetp) {	×
498	BPFProgram *p = NULL;	×
499	int r;	×
500
501	assert(v);	×
502	assert(bpfsetp);	×
503
504	r = bpf_program_deserialize_attachment(v, fds, &p);	×
505	if (r < 0)	×
506	return r;	×
507
508	r = set_ensure_consume(bpfsetp, &bpf_program_hash_ops, p);	×
509	if (r < 0)	×
510	return r;	×
511
512	return 0;
513	}

systemd / systemd / 14872145375

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous