| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 1 Dec 2017 10:26:27 +0000
From: Quentin Monnet <quentin.monnet@...ronome.com>
To: Roman Gushchin <guro@...com>, netdev@...r.kernel.org
Cc: linux-kernel@...r.kernel.org, kernel-team@...com, ast@...nel.org,
daniel@...earbox.net, jakub.kicinski@...ronome.com, kafai@...com
Subject: Re: [PATCH net-next 4/5] bpftool: implement cgdetach command
2017-11-30 13:43 UTC+0000 ~ Roman Gushchin <guro@...com>
> Implement cgdetach command, which allows to detach the bpf
> program from a cgroup. It takes program id and attach type
> as arguments.
>
> Example:
> $ ./bpftool cgdetach /sys/fs/cgroup/user.slice/ device 1
>
> Signed-off-by: Roman Gushchin <guro@...com>
> Cc: Alexei Starovoitov <ast@...nel.org>
> Cc: Daniel Borkmann <daniel@...earbox.net>
> Cc: Jakub Kicinski <jakub.kicinski@...ronome.com>
> Cc: Martin KaFai Lau <kafai@...com>
> ---
> tools/bpf/bpftool/main.c | 50 +++++++++++++++++++++++++++++++++++++++++++++++-
> 1 file changed, 49 insertions(+), 1 deletion(-)
>
> diff --git a/tools/bpf/bpftool/main.c b/tools/bpf/bpftool/main.c
> index 8eb3b9bf5bb2..77fcc1a0bd5d 100644
> --- a/tools/bpf/bpftool/main.c
> +++ b/tools/bpf/bpftool/main.c
[…]
> @@ -338,6 +341,51 @@ static int do_cgattach(int argc, char **argv)
> return 0;
> }
>
> +static int do_cgdetach(int argc, char **argv)
> +{
> + int prog_fd, cgroup_fd;
> + enum bpf_attach_type attach_type;
> +
> + if (argc < 3) {
> + p_err("too few parameters for cgdetach\n");
> + return -1;
> + } else if (argc > 3) {
> + p_err("too many parameters for cgdetach\n");
> + return -1;
> + }
> +
> + cgroup_fd = open(argv[0], O_RDONLY);
> + if (cgroup_fd < 0) {
> + p_err("can't open cgroup %s\n", argv[1]);
> + return -1;
> + }
> +
> + attach_type = parse_attach_type(argv[1]);
> + if (attach_type == __MAX_BPF_ATTACH_TYPE) {
> + close(cgroup_fd);
> + p_err("Invalid attach type");
> + return -1;
> + }
> +
> + prog_fd = bpf_prog_get_fd_by_id(atoi(argv[2]));
> + if (prog_fd < 0) {
> + p_err("invalid program id\n");
> + return -1;
> + }
> +
> + if (bpf_prog_detach2(prog_fd, cgroup_fd, attach_type)) {
> + close(prog_fd);
> + close(cgroup_fd);
> + p_err("Failed to attach program");
> + return -1;
> + }
> +
> + close(prog_fd);
> + close(cgroup_fd);
Could you please make the function print a "null" string for JSON here?
So that it does not break JSON for batched commands. Should be as simple as:
jsonw_null(json_wtr);
This is also valid for `do_cgattach()` in patch 3.
Thanks!
> +
> + return 0;
> +}
> +
> int main(int argc, char **argv)
> {
> static const struct option options[] = {
>
Powered by blists - more mailing lists