1
2
3
4
5#define _XOPEN_SOURCE 500
6#include <errno.h>
7#include <fcntl.h>
8#include <ftw.h>
9#include <mntent.h>
10#include <stdio.h>
11#include <stdlib.h>
12#include <string.h>
13#include <sys/stat.h>
14#include <sys/types.h>
15#include <unistd.h>
16
17#include <bpf/bpf.h>
18
19#include "main.h"
20
21#define HELP_SPEC_ATTACH_FLAGS \
22 "ATTACH_FLAGS := { multi | override }"
23
24#define HELP_SPEC_ATTACH_TYPES \
25 " ATTACH_TYPE := { ingress | egress | sock_create |\n" \
26 " sock_ops | device | bind4 | bind6 |\n" \
27 " post_bind4 | post_bind6 | connect4 |\n" \
28 " connect6 | getpeername4 | getpeername6 |\n" \
29 " getsockname4 | getsockname6 | sendmsg4 |\n" \
30 " sendmsg6 | recvmsg4 | recvmsg6 |\n" \
31 " sysctl | getsockopt | setsockopt |\n" \
32 " sock_release }"
33
34static unsigned int query_flags;
35
36static enum bpf_attach_type parse_attach_type(const char *str)
37{
38 enum bpf_attach_type type;
39
40 for (type = 0; type < __MAX_BPF_ATTACH_TYPE; type++) {
41 if (attach_type_name[type] &&
42 is_prefix(str, attach_type_name[type]))
43 return type;
44 }
45
46 return __MAX_BPF_ATTACH_TYPE;
47}
48
49static int show_bpf_prog(int id, enum bpf_attach_type attach_type,
50 const char *attach_flags_str,
51 int level)
52{
53 char prog_name[MAX_PROG_FULL_NAME];
54 struct bpf_prog_info info = {};
55 __u32 info_len = sizeof(info);
56 int prog_fd;
57
58 prog_fd = bpf_prog_get_fd_by_id(id);
59 if (prog_fd < 0)
60 return -1;
61
62 if (bpf_obj_get_info_by_fd(prog_fd, &info, &info_len)) {
63 close(prog_fd);
64 return -1;
65 }
66
67 get_prog_full_name(&info, prog_fd, prog_name, sizeof(prog_name));
68 if (json_output) {
69 jsonw_start_object(json_wtr);
70 jsonw_uint_field(json_wtr, "id", info.id);
71 if (attach_type < ARRAY_SIZE(attach_type_name))
72 jsonw_string_field(json_wtr, "attach_type",
73 attach_type_name[attach_type]);
74 else
75 jsonw_uint_field(json_wtr, "attach_type", attach_type);
76 jsonw_string_field(json_wtr, "attach_flags",
77 attach_flags_str);
78 jsonw_string_field(json_wtr, "name", prog_name);
79 jsonw_end_object(json_wtr);
80 } else {
81 printf("%s%-8u ", level ? " " : "", info.id);
82 if (attach_type < ARRAY_SIZE(attach_type_name))
83 printf("%-15s", attach_type_name[attach_type]);
84 else
85 printf("type %-10u", attach_type);
86 printf(" %-15s %-15s\n", attach_flags_str, prog_name);
87 }
88
89 close(prog_fd);
90 return 0;
91}
92
93static int count_attached_bpf_progs(int cgroup_fd, enum bpf_attach_type type)
94{
95 __u32 prog_cnt = 0;
96 int ret;
97
98 ret = bpf_prog_query(cgroup_fd, type, query_flags, NULL,
99 NULL, &prog_cnt);
100 if (ret)
101 return -1;
102
103 return prog_cnt;
104}
105
106static int cgroup_has_attached_progs(int cgroup_fd)
107{
108 enum bpf_attach_type type;
109 bool no_prog = true;
110
111 for (type = 0; type < __MAX_BPF_ATTACH_TYPE; type++) {
112 int count = count_attached_bpf_progs(cgroup_fd, type);
113
114 if (count < 0 && errno != EINVAL)
115 return -1;
116
117 if (count > 0) {
118 no_prog = false;
119 break;
120 }
121 }
122
123 return no_prog ? 0 : 1;
124}
125static int show_attached_bpf_progs(int cgroup_fd, enum bpf_attach_type type,
126 int level)
127{
128 const char *attach_flags_str;
129 __u32 prog_ids[1024] = {0};
130 __u32 prog_cnt, iter;
131 __u32 attach_flags;
132 char buf[32];
133 int ret;
134
135 prog_cnt = ARRAY_SIZE(prog_ids);
136 ret = bpf_prog_query(cgroup_fd, type, query_flags, &attach_flags,
137 prog_ids, &prog_cnt);
138 if (ret)
139 return ret;
140
141 if (prog_cnt == 0)
142 return 0;
143
144 switch (attach_flags) {
145 case BPF_F_ALLOW_MULTI:
146 attach_flags_str = "multi";
147 break;
148 case BPF_F_ALLOW_OVERRIDE:
149 attach_flags_str = "override";
150 break;
151 case 0:
152 attach_flags_str = "";
153 break;
154 default:
155 snprintf(buf, sizeof(buf), "unknown(%x)", attach_flags);
156 attach_flags_str = buf;
157 }
158
159 for (iter = 0; iter < prog_cnt; iter++)
160 show_bpf_prog(prog_ids[iter], type,
161 attach_flags_str, level);
162
163 return 0;
164}
165
166static int do_show(int argc, char **argv)
167{
168 enum bpf_attach_type type;
169 int has_attached_progs;
170 const char *path;
171 int cgroup_fd;
172 int ret = -1;
173
174 query_flags = 0;
175
176 if (!REQ_ARGS(1))
177 return -1;
178 path = GET_ARG();
179
180 while (argc) {
181 if (is_prefix(*argv, "effective")) {
182 if (query_flags & BPF_F_QUERY_EFFECTIVE) {
183 p_err("duplicated argument: %s", *argv);
184 return -1;
185 }
186 query_flags |= BPF_F_QUERY_EFFECTIVE;
187 NEXT_ARG();
188 } else {
189 p_err("expected no more arguments, 'effective', got: '%s'?",
190 *argv);
191 return -1;
192 }
193 }
194
195 cgroup_fd = open(path, O_RDONLY);
196 if (cgroup_fd < 0) {
197 p_err("can't open cgroup %s", path);
198 goto exit;
199 }
200
201 has_attached_progs = cgroup_has_attached_progs(cgroup_fd);
202 if (has_attached_progs < 0) {
203 p_err("can't query bpf programs attached to %s: %s",
204 path, strerror(errno));
205 goto exit_cgroup;
206 } else if (!has_attached_progs) {
207 ret = 0;
208 goto exit_cgroup;
209 }
210
211 if (json_output)
212 jsonw_start_array(json_wtr);
213 else
214 printf("%-8s %-15s %-15s %-15s\n", "ID", "AttachType",
215 "AttachFlags", "Name");
216
217 for (type = 0; type < __MAX_BPF_ATTACH_TYPE; type++) {
218
219
220
221
222
223
224 if (show_attached_bpf_progs(cgroup_fd, type, 0) == 0)
225 ret = 0;
226 }
227
228 if (json_output)
229 jsonw_end_array(json_wtr);
230
231exit_cgroup:
232 close(cgroup_fd);
233exit:
234 return ret;
235}
236
237
238
239
240
241
242#define NFTW_ERR -1
243#define SHOW_TREE_FN_ERR -2
244static int do_show_tree_fn(const char *fpath, const struct stat *sb,
245 int typeflag, struct FTW *ftw)
246{
247 enum bpf_attach_type type;
248 int has_attached_progs;
249 int cgroup_fd;
250
251 if (typeflag != FTW_D)
252 return 0;
253
254 cgroup_fd = open(fpath, O_RDONLY);
255 if (cgroup_fd < 0) {
256 p_err("can't open cgroup %s: %s", fpath, strerror(errno));
257 return SHOW_TREE_FN_ERR;
258 }
259
260 has_attached_progs = cgroup_has_attached_progs(cgroup_fd);
261 if (has_attached_progs < 0) {
262 p_err("can't query bpf programs attached to %s: %s",
263 fpath, strerror(errno));
264 close(cgroup_fd);
265 return SHOW_TREE_FN_ERR;
266 } else if (!has_attached_progs) {
267 close(cgroup_fd);
268 return 0;
269 }
270
271 if (json_output) {
272 jsonw_start_object(json_wtr);
273 jsonw_string_field(json_wtr, "cgroup", fpath);
274 jsonw_name(json_wtr, "programs");
275 jsonw_start_array(json_wtr);
276 } else {
277 printf("%s\n", fpath);
278 }
279
280 for (type = 0; type < __MAX_BPF_ATTACH_TYPE; type++)
281 show_attached_bpf_progs(cgroup_fd, type, ftw->level);
282
283 if (errno == EINVAL)
284
285
286
287
288 errno = 0;
289
290 if (json_output) {
291 jsonw_end_array(json_wtr);
292 jsonw_end_object(json_wtr);
293 }
294
295 close(cgroup_fd);
296
297 return 0;
298}
299
300static char *find_cgroup_root(void)
301{
302 struct mntent *mnt;
303 FILE *f;
304
305 f = fopen("/proc/mounts", "r");
306 if (f == NULL)
307 return NULL;
308
309 while ((mnt = getmntent(f))) {
310 if (strcmp(mnt->mnt_type, "cgroup2") == 0) {
311 fclose(f);
312 return strdup(mnt->mnt_dir);
313 }
314 }
315
316 fclose(f);
317 return NULL;
318}
319
320static int do_show_tree(int argc, char **argv)
321{
322 char *cgroup_root, *cgroup_alloced = NULL;
323 int ret;
324
325 query_flags = 0;
326
327 if (!argc) {
328 cgroup_alloced = find_cgroup_root();
329 if (!cgroup_alloced) {
330 p_err("cgroup v2 isn't mounted");
331 return -1;
332 }
333 cgroup_root = cgroup_alloced;
334 } else {
335 cgroup_root = GET_ARG();
336
337 while (argc) {
338 if (is_prefix(*argv, "effective")) {
339 if (query_flags & BPF_F_QUERY_EFFECTIVE) {
340 p_err("duplicated argument: %s", *argv);
341 return -1;
342 }
343 query_flags |= BPF_F_QUERY_EFFECTIVE;
344 NEXT_ARG();
345 } else {
346 p_err("expected no more arguments, 'effective', got: '%s'?",
347 *argv);
348 return -1;
349 }
350 }
351 }
352
353 if (json_output)
354 jsonw_start_array(json_wtr);
355 else
356 printf("%s\n"
357 "%-8s %-15s %-15s %-15s\n",
358 "CgroupPath",
359 "ID", "AttachType", "AttachFlags", "Name");
360
361 switch (nftw(cgroup_root, do_show_tree_fn, 1024, FTW_MOUNT)) {
362 case NFTW_ERR:
363 p_err("can't iterate over %s: %s", cgroup_root,
364 strerror(errno));
365 ret = -1;
366 break;
367 case SHOW_TREE_FN_ERR:
368 ret = -1;
369 break;
370 default:
371 ret = 0;
372 }
373
374 if (json_output)
375 jsonw_end_array(json_wtr);
376
377 free(cgroup_alloced);
378
379 return ret;
380}
381
382static int do_attach(int argc, char **argv)
383{
384 enum bpf_attach_type attach_type;
385 int cgroup_fd, prog_fd;
386 int attach_flags = 0;
387 int ret = -1;
388 int i;
389
390 if (argc < 4) {
391 p_err("too few parameters for cgroup attach");
392 goto exit;
393 }
394
395 cgroup_fd = open(argv[0], O_RDONLY);
396 if (cgroup_fd < 0) {
397 p_err("can't open cgroup %s", argv[0]);
398 goto exit;
399 }
400
401 attach_type = parse_attach_type(argv[1]);
402 if (attach_type == __MAX_BPF_ATTACH_TYPE) {
403 p_err("invalid attach type");
404 goto exit_cgroup;
405 }
406
407 argc -= 2;
408 argv = &argv[2];
409 prog_fd = prog_parse_fd(&argc, &argv);
410 if (prog_fd < 0)
411 goto exit_cgroup;
412
413 for (i = 0; i < argc; i++) {
414 if (is_prefix(argv[i], "multi")) {
415 attach_flags |= BPF_F_ALLOW_MULTI;
416 } else if (is_prefix(argv[i], "override")) {
417 attach_flags |= BPF_F_ALLOW_OVERRIDE;
418 } else {
419 p_err("unknown option: %s", argv[i]);
420 goto exit_cgroup;
421 }
422 }
423
424 if (bpf_prog_attach(prog_fd, cgroup_fd, attach_type, attach_flags)) {
425 p_err("failed to attach program");
426 goto exit_prog;
427 }
428
429 if (json_output)
430 jsonw_null(json_wtr);
431
432 ret = 0;
433
434exit_prog:
435 close(prog_fd);
436exit_cgroup:
437 close(cgroup_fd);
438exit:
439 return ret;
440}
441
442static int do_detach(int argc, char **argv)
443{
444 enum bpf_attach_type attach_type;
445 int prog_fd, cgroup_fd;
446 int ret = -1;
447
448 if (argc < 4) {
449 p_err("too few parameters for cgroup detach");
450 goto exit;
451 }
452
453 cgroup_fd = open(argv[0], O_RDONLY);
454 if (cgroup_fd < 0) {
455 p_err("can't open cgroup %s", argv[0]);
456 goto exit;
457 }
458
459 attach_type = parse_attach_type(argv[1]);
460 if (attach_type == __MAX_BPF_ATTACH_TYPE) {
461 p_err("invalid attach type");
462 goto exit_cgroup;
463 }
464
465 argc -= 2;
466 argv = &argv[2];
467 prog_fd = prog_parse_fd(&argc, &argv);
468 if (prog_fd < 0)
469 goto exit_cgroup;
470
471 if (bpf_prog_detach2(prog_fd, cgroup_fd, attach_type)) {
472 p_err("failed to detach program");
473 goto exit_prog;
474 }
475
476 if (json_output)
477 jsonw_null(json_wtr);
478
479 ret = 0;
480
481exit_prog:
482 close(prog_fd);
483exit_cgroup:
484 close(cgroup_fd);
485exit:
486 return ret;
487}
488
489static int do_help(int argc, char **argv)
490{
491 if (json_output) {
492 jsonw_null(json_wtr);
493 return 0;
494 }
495
496 fprintf(stderr,
497 "Usage: %1$s %2$s { show | list } CGROUP [**effective**]\n"
498 " %1$s %2$s tree [CGROUP_ROOT] [**effective**]\n"
499 " %1$s %2$s attach CGROUP ATTACH_TYPE PROG [ATTACH_FLAGS]\n"
500 " %1$s %2$s detach CGROUP ATTACH_TYPE PROG\n"
501 " %1$s %2$s help\n"
502 "\n"
503 HELP_SPEC_ATTACH_TYPES "\n"
504 " " HELP_SPEC_ATTACH_FLAGS "\n"
505 " " HELP_SPEC_PROGRAM "\n"
506 " " HELP_SPEC_OPTIONS " |\n"
507 " {-f|--bpffs} }\n"
508 "",
509 bin_name, argv[-2]);
510
511 return 0;
512}
513
514static const struct cmd cmds[] = {
515 { "show", do_show },
516 { "list", do_show },
517 { "tree", do_show_tree },
518 { "attach", do_attach },
519 { "detach", do_detach },
520 { "help", do_help },
521 { 0 }
522};
523
524int do_cgroup(int argc, char **argv)
525{
526 return cmd_select(cmds, argc, argv, do_help);
527}
528
