mirror/libbpf
1
0
Fork 0
mirror of https://github.com/netdata/libbpf.git synced 2026-04-04 07:39:07 +08:00
Code Issues Packages Projects Releases Wiki Activity

bpf: add BPF token support to BPF_PROG_LOAD command

Browse Source 
Add basic support of BPF token to BPF_PROG_LOAD. Wire through a set of
allowed BPF program types and attach types, derived from BPF FS at BPF
token creation time. Then make sure we perform bpf_token_capable()
checks everywhere where it's relevant.

Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Link: https://lore.kernel.org/r/20231130185229.2688956-7-andrii@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
This commit is contained in:
Andrii Nakryiko
2023-11-30 10:52:18 -08:00
committed by Andrii Nakryiko
parent 544acb9af6
commit 1ebea57322
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
include/uapi/linux/bpf.h
View File

@@ -1028,6 +1028,7 @@ enum bpf_prog_type {
BPF_PROG_TYPE_SK_LOOKUP, BPF_PROG_TYPE_SK_LOOKUP,
BPF_PROG_TYPE_SYSCALL, /* a program that can execute syscalls */ BPF_PROG_TYPE_SYSCALL, /* a program that can execute syscalls */
BPF_PROG_TYPE_NETFILTER, BPF_PROG_TYPE_NETFILTER,
__MAX_BPF_PROG_TYPE
}; };
enum bpf_attach_type { enum bpf_attach_type {
@@ -1504,6 +1505,7 @@ union bpf_attr {
* truncated), or smaller (if log buffer wasn't filled completely). * truncated), or smaller (if log buffer wasn't filled completely).
*/ */
__u32 log_true_size; __u32 log_true_size;
__u32 prog_token_fd;
}; };
struct { /* anonymous struct used by BPF_OBJ_* commands */ struct { /* anonymous struct used by BPF_OBJ_* commands */