bpftool: Add support for cgroup unix socket address hooks
Add the necessary plumbing to hook up the new cgroup unix sockaddr hooks into bpftool. Signed-off-by: Daan De Meyer <daan.j.demeyer@gmail.com> Acked-by: Quentin Monnet <quentin@isovalent.com> Link: https://lore.kernel.org/r/20231011185113.140426-7-daan.j.demeyer@gmail.com Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org>
This commit is contained in:
parent
bf90438c78
commit
8b3cba987e
@ -36,11 +36,14 @@ CGROUP COMMANDS
|
|||||||
| **cgroup_device** | **cgroup_inet4_bind** | **cgroup_inet6_bind** |
|
| **cgroup_device** | **cgroup_inet4_bind** | **cgroup_inet6_bind** |
|
||||||
| **cgroup_inet4_post_bind** | **cgroup_inet6_post_bind** |
|
| **cgroup_inet4_post_bind** | **cgroup_inet6_post_bind** |
|
||||||
| **cgroup_inet4_connect** | **cgroup_inet6_connect** |
|
| **cgroup_inet4_connect** | **cgroup_inet6_connect** |
|
||||||
| **cgroup_inet4_getpeername** | **cgroup_inet6_getpeername** |
|
| **cgroup_unix_connect** | **cgroup_inet4_getpeername** |
|
||||||
|
| **cgroup_inet6_getpeername** | **cgroup_unix_getpeername** |
|
||||||
| **cgroup_inet4_getsockname** | **cgroup_inet6_getsockname** |
|
| **cgroup_inet4_getsockname** | **cgroup_inet6_getsockname** |
|
||||||
| **cgroup_udp4_sendmsg** | **cgroup_udp6_sendmsg** |
|
| **cgroup_unix_getsockname** | **cgroup_udp4_sendmsg** |
|
||||||
|
| **cgroup_udp6_sendmsg** | **cgroup_unix_sendmsg** |
|
||||||
| **cgroup_udp4_recvmsg** | **cgroup_udp6_recvmsg** |
|
| **cgroup_udp4_recvmsg** | **cgroup_udp6_recvmsg** |
|
||||||
| **cgroup_sysctl** | **cgroup_getsockopt** | **cgroup_setsockopt** |
|
| **cgroup_unix_recvmsg** | **cgroup_sysctl** |
|
||||||
|
| **cgroup_getsockopt** | **cgroup_setsockopt** |
|
||||||
| **cgroup_inet_sock_release** }
|
| **cgroup_inet_sock_release** }
|
||||||
| *ATTACH_FLAGS* := { **multi** | **override** }
|
| *ATTACH_FLAGS* := { **multi** | **override** }
|
||||||
|
|
||||||
@ -102,21 +105,28 @@ DESCRIPTION
|
|||||||
**post_bind6** return from bind(2) for an inet6 socket (since 4.17);
|
**post_bind6** return from bind(2) for an inet6 socket (since 4.17);
|
||||||
**connect4** call to connect(2) for an inet4 socket (since 4.17);
|
**connect4** call to connect(2) for an inet4 socket (since 4.17);
|
||||||
**connect6** call to connect(2) for an inet6 socket (since 4.17);
|
**connect6** call to connect(2) for an inet6 socket (since 4.17);
|
||||||
|
**connect_unix** call to connect(2) for a unix socket (since 6.7);
|
||||||
**sendmsg4** call to sendto(2), sendmsg(2), sendmmsg(2) for an
|
**sendmsg4** call to sendto(2), sendmsg(2), sendmmsg(2) for an
|
||||||
unconnected udp4 socket (since 4.18);
|
unconnected udp4 socket (since 4.18);
|
||||||
**sendmsg6** call to sendto(2), sendmsg(2), sendmmsg(2) for an
|
**sendmsg6** call to sendto(2), sendmsg(2), sendmmsg(2) for an
|
||||||
unconnected udp6 socket (since 4.18);
|
unconnected udp6 socket (since 4.18);
|
||||||
|
**sendmsg_unix** call to sendto(2), sendmsg(2), sendmmsg(2) for
|
||||||
|
an unconnected unix socket (since 6.7);
|
||||||
**recvmsg4** call to recvfrom(2), recvmsg(2), recvmmsg(2) for
|
**recvmsg4** call to recvfrom(2), recvmsg(2), recvmmsg(2) for
|
||||||
an unconnected udp4 socket (since 5.2);
|
an unconnected udp4 socket (since 5.2);
|
||||||
**recvmsg6** call to recvfrom(2), recvmsg(2), recvmmsg(2) for
|
**recvmsg6** call to recvfrom(2), recvmsg(2), recvmmsg(2) for
|
||||||
an unconnected udp6 socket (since 5.2);
|
an unconnected udp6 socket (since 5.2);
|
||||||
|
**recvmsg_unix** call to recvfrom(2), recvmsg(2), recvmmsg(2) for
|
||||||
|
an unconnected unix socket (since 6.7);
|
||||||
**sysctl** sysctl access (since 5.2);
|
**sysctl** sysctl access (since 5.2);
|
||||||
**getsockopt** call to getsockopt (since 5.3);
|
**getsockopt** call to getsockopt (since 5.3);
|
||||||
**setsockopt** call to setsockopt (since 5.3);
|
**setsockopt** call to setsockopt (since 5.3);
|
||||||
**getpeername4** call to getpeername(2) for an inet4 socket (since 5.8);
|
**getpeername4** call to getpeername(2) for an inet4 socket (since 5.8);
|
||||||
**getpeername6** call to getpeername(2) for an inet6 socket (since 5.8);
|
**getpeername6** call to getpeername(2) for an inet6 socket (since 5.8);
|
||||||
|
**getpeername_unix** call to getpeername(2) for a unix socket (since 6.7);
|
||||||
**getsockname4** call to getsockname(2) for an inet4 socket (since 5.8);
|
**getsockname4** call to getsockname(2) for an inet4 socket (since 5.8);
|
||||||
**getsockname6** call to getsockname(2) for an inet6 socket (since 5.8).
|
**getsockname6** call to getsockname(2) for an inet6 socket (since 5.8).
|
||||||
|
**getsockname_unix** call to getsockname(2) for a unix socket (since 6.7);
|
||||||
**sock_release** closing an userspace inet socket (since 5.9).
|
**sock_release** closing an userspace inet socket (since 5.9).
|
||||||
|
|
||||||
**bpftool cgroup detach** *CGROUP* *ATTACH_TYPE* *PROG*
|
**bpftool cgroup detach** *CGROUP* *ATTACH_TYPE* *PROG*
|
||||||
|
@ -47,9 +47,11 @@ PROG COMMANDS
|
|||||||
| **cgroup/sock** | **cgroup/dev** | **lwt_in** | **lwt_out** | **lwt_xmit** |
|
| **cgroup/sock** | **cgroup/dev** | **lwt_in** | **lwt_out** | **lwt_xmit** |
|
||||||
| **lwt_seg6local** | **sockops** | **sk_skb** | **sk_msg** | **lirc_mode2** |
|
| **lwt_seg6local** | **sockops** | **sk_skb** | **sk_msg** | **lirc_mode2** |
|
||||||
| **cgroup/bind4** | **cgroup/bind6** | **cgroup/post_bind4** | **cgroup/post_bind6** |
|
| **cgroup/bind4** | **cgroup/bind6** | **cgroup/post_bind4** | **cgroup/post_bind6** |
|
||||||
| **cgroup/connect4** | **cgroup/connect6** | **cgroup/getpeername4** | **cgroup/getpeername6** |
|
| **cgroup/connect4** | **cgroup/connect6** | **cgroup/connect_unix** |
|
||||||
| **cgroup/getsockname4** | **cgroup/getsockname6** | **cgroup/sendmsg4** | **cgroup/sendmsg6** |
|
| **cgroup/getpeername4** | **cgroup/getpeername6** | **cgroup/getpeername_unix** |
|
||||||
| **cgroup/recvmsg4** | **cgroup/recvmsg6** | **cgroup/sysctl** |
|
| **cgroup/getsockname4** | **cgroup/getsockname6** | **cgroup/getsockname_unix** |
|
||||||
|
| **cgroup/sendmsg4** | **cgroup/sendmsg6** | **cgroup/sendmsg_unix** |
|
||||||
|
| **cgroup/recvmsg4** | **cgroup/recvmsg6** | **cgroup/recvmsg_unix** | **cgroup/sysctl** |
|
||||||
| **cgroup/getsockopt** | **cgroup/setsockopt** | **cgroup/sock_release** |
|
| **cgroup/getsockopt** | **cgroup/setsockopt** | **cgroup/sock_release** |
|
||||||
| **struct_ops** | **fentry** | **fexit** | **freplace** | **sk_lookup**
|
| **struct_ops** | **fentry** | **fexit** | **freplace** | **sk_lookup**
|
||||||
| }
|
| }
|
||||||
|
@ -480,13 +480,13 @@ _bpftool()
|
|||||||
action tracepoint raw_tracepoint \
|
action tracepoint raw_tracepoint \
|
||||||
xdp perf_event cgroup/skb cgroup/sock \
|
xdp perf_event cgroup/skb cgroup/sock \
|
||||||
cgroup/dev lwt_in lwt_out lwt_xmit \
|
cgroup/dev lwt_in lwt_out lwt_xmit \
|
||||||
lwt_seg6local sockops sk_skb sk_msg \
|
lwt_seg6local sockops sk_skb sk_msg lirc_mode2 \
|
||||||
lirc_mode2 cgroup/bind4 cgroup/bind6 \
|
cgroup/bind4 cgroup/bind6 \
|
||||||
cgroup/connect4 cgroup/connect6 \
|
cgroup/connect4 cgroup/connect6 cgroup/connect_unix \
|
||||||
cgroup/getpeername4 cgroup/getpeername6 \
|
cgroup/getpeername4 cgroup/getpeername6 cgroup/getpeername_unix \
|
||||||
cgroup/getsockname4 cgroup/getsockname6 \
|
cgroup/getsockname4 cgroup/getsockname6 cgroup/getsockname_unix \
|
||||||
cgroup/sendmsg4 cgroup/sendmsg6 \
|
cgroup/sendmsg4 cgroup/sendmsg6 cgroup/sendmsg_unix \
|
||||||
cgroup/recvmsg4 cgroup/recvmsg6 \
|
cgroup/recvmsg4 cgroup/recvmsg6 cgroup/recvmsg_unix \
|
||||||
cgroup/post_bind4 cgroup/post_bind6 \
|
cgroup/post_bind4 cgroup/post_bind6 \
|
||||||
cgroup/sysctl cgroup/getsockopt \
|
cgroup/sysctl cgroup/getsockopt \
|
||||||
cgroup/setsockopt cgroup/sock_release struct_ops \
|
cgroup/setsockopt cgroup/sock_release struct_ops \
|
||||||
|
@ -28,13 +28,15 @@
|
|||||||
" cgroup_device | cgroup_inet4_bind |\n" \
|
" cgroup_device | cgroup_inet4_bind |\n" \
|
||||||
" cgroup_inet6_bind | cgroup_inet4_post_bind |\n" \
|
" cgroup_inet6_bind | cgroup_inet4_post_bind |\n" \
|
||||||
" cgroup_inet6_post_bind | cgroup_inet4_connect |\n" \
|
" cgroup_inet6_post_bind | cgroup_inet4_connect |\n" \
|
||||||
" cgroup_inet6_connect | cgroup_inet4_getpeername |\n" \
|
" cgroup_inet6_connect | cgroup_unix_connect |\n" \
|
||||||
" cgroup_inet6_getpeername | cgroup_inet4_getsockname |\n" \
|
" cgroup_inet4_getpeername | cgroup_inet6_getpeername |\n" \
|
||||||
" cgroup_inet6_getsockname | cgroup_udp4_sendmsg |\n" \
|
" cgroup_unix_getpeername | cgroup_inet4_getsockname |\n" \
|
||||||
" cgroup_udp6_sendmsg | cgroup_udp4_recvmsg |\n" \
|
" cgroup_inet6_getsockname | cgroup_unix_getsockname |\n" \
|
||||||
" cgroup_udp6_recvmsg | cgroup_sysctl |\n" \
|
" cgroup_udp4_sendmsg | cgroup_udp6_sendmsg |\n" \
|
||||||
" cgroup_getsockopt | cgroup_setsockopt |\n" \
|
" cgroup_unix_sendmsg | cgroup_udp4_recvmsg |\n" \
|
||||||
" cgroup_inet_sock_release }"
|
" cgroup_udp6_recvmsg | cgroup_unix_recvmsg |\n" \
|
||||||
|
" cgroup_sysctl | cgroup_getsockopt |\n" \
|
||||||
|
" cgroup_setsockopt | cgroup_inet_sock_release }"
|
||||||
|
|
||||||
static unsigned int query_flags;
|
static unsigned int query_flags;
|
||||||
static struct btf *btf_vmlinux;
|
static struct btf *btf_vmlinux;
|
||||||
|
@ -2475,9 +2475,10 @@ static int do_help(int argc, char **argv)
|
|||||||
" sk_reuseport | flow_dissector | cgroup/sysctl |\n"
|
" sk_reuseport | flow_dissector | cgroup/sysctl |\n"
|
||||||
" cgroup/bind4 | cgroup/bind6 | cgroup/post_bind4 |\n"
|
" cgroup/bind4 | cgroup/bind6 | cgroup/post_bind4 |\n"
|
||||||
" cgroup/post_bind6 | cgroup/connect4 | cgroup/connect6 |\n"
|
" cgroup/post_bind6 | cgroup/connect4 | cgroup/connect6 |\n"
|
||||||
" cgroup/getpeername4 | cgroup/getpeername6 |\n"
|
" cgroup/connect_unix | cgroup/getpeername4 | cgroup/getpeername6 |\n"
|
||||||
" cgroup/getsockname4 | cgroup/getsockname6 | cgroup/sendmsg4 |\n"
|
" cgroup/getpeername_unix | cgroup/getsockname4 | cgroup/getsockname6 |\n"
|
||||||
" cgroup/sendmsg6 | cgroup/recvmsg4 | cgroup/recvmsg6 |\n"
|
" cgroup/getsockname_unix | cgroup/sendmsg4 | cgroup/sendmsg6 |\n"
|
||||||
|
" cgroup/sendmsg°unix | cgroup/recvmsg4 | cgroup/recvmsg6 | cgroup/recvmsg_unix |\n"
|
||||||
" cgroup/getsockopt | cgroup/setsockopt | cgroup/sock_release |\n"
|
" cgroup/getsockopt | cgroup/setsockopt | cgroup/sock_release |\n"
|
||||||
" struct_ops | fentry | fexit | freplace | sk_lookup }\n"
|
" struct_ops | fentry | fexit | freplace | sk_lookup }\n"
|
||||||
" ATTACH_TYPE := { sk_msg_verdict | sk_skb_verdict | sk_skb_stream_verdict |\n"
|
" ATTACH_TYPE := { sk_msg_verdict | sk_skb_verdict | sk_skb_stream_verdict |\n"
|
||||||
|
Loading…
Reference in New Issue
Block a user