1 // SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
2 // Copyright (C) 2017 Facebook
3 // Author: Roman Gushchin <guro@fb.com>
5 #define _XOPEN_SOURCE 500
14 #include <sys/types.h>
22 #define HELP_SPEC_ATTACH_FLAGS \
23 "ATTACH_FLAGS := { multi | override }"
25 #define HELP_SPEC_ATTACH_TYPES \
26 " ATTACH_TYPE := { cgroup_inet_ingress | cgroup_inet_egress |\n" \
27 " cgroup_inet_sock_create | cgroup_sock_ops |\n" \
28 " cgroup_device | cgroup_inet4_bind |\n" \
29 " cgroup_inet6_bind | cgroup_inet4_post_bind |\n" \
30 " cgroup_inet6_post_bind | cgroup_inet4_connect |\n" \
31 " cgroup_inet6_connect | cgroup_unix_connect |\n" \
32 " cgroup_inet4_getpeername | cgroup_inet6_getpeername |\n" \
33 " cgroup_unix_getpeername | cgroup_inet4_getsockname |\n" \
34 " cgroup_inet6_getsockname | cgroup_unix_getsockname |\n" \
35 " cgroup_udp4_sendmsg | cgroup_udp6_sendmsg |\n" \
36 " cgroup_unix_sendmsg | cgroup_udp4_recvmsg |\n" \
37 " cgroup_udp6_recvmsg | cgroup_unix_recvmsg |\n" \
38 " cgroup_sysctl | cgroup_getsockopt |\n" \
39 " cgroup_setsockopt | cgroup_inet_sock_release }"
41 static unsigned int query_flags;
42 static struct btf *btf_vmlinux;
43 static __u32 btf_vmlinux_id;
45 static enum bpf_attach_type parse_attach_type(const char *str)
47 const char *attach_type_str;
48 enum bpf_attach_type type;
50 for (type = 0; ; type++) {
51 attach_type_str = libbpf_bpf_attach_type_str(type);
54 if (!strcmp(str, attach_type_str))
58 /* Also check traditionally used attach type strings. For these we keep
59 * allowing prefixed usage.
61 for (type = 0; ; type++) {
62 attach_type_str = bpf_attach_type_input_str(type);
65 if (is_prefix(str, attach_type_str))
69 return __MAX_BPF_ATTACH_TYPE;
72 static void guess_vmlinux_btf_id(__u32 attach_btf_obj_id)
74 struct bpf_btf_info btf_info = {};
75 __u32 btf_len = sizeof(btf_info);
80 btf_info.name = ptr_to_u64(name);
81 btf_info.name_len = sizeof(name);
83 fd = bpf_btf_get_fd_by_id(attach_btf_obj_id);
87 err = bpf_btf_get_info_by_fd(fd, &btf_info, &btf_len);
91 if (btf_info.kernel_btf && strncmp(name, "vmlinux", sizeof(name)) == 0)
92 btf_vmlinux_id = btf_info.id;
98 static int show_bpf_prog(int id, enum bpf_attach_type attach_type,
99 const char *attach_flags_str,
102 char prog_name[MAX_PROG_FULL_NAME];
103 const char *attach_btf_name = NULL;
104 struct bpf_prog_info info = {};
105 const char *attach_type_str;
106 __u32 info_len = sizeof(info);
109 prog_fd = bpf_prog_get_fd_by_id(id);
113 if (bpf_prog_get_info_by_fd(prog_fd, &info, &info_len)) {
118 attach_type_str = libbpf_bpf_attach_type_str(attach_type);
122 guess_vmlinux_btf_id(info.attach_btf_obj_id);
124 if (btf_vmlinux_id == info.attach_btf_obj_id &&
125 info.attach_btf_id < btf__type_cnt(btf_vmlinux)) {
126 const struct btf_type *t =
127 btf__type_by_id(btf_vmlinux, info.attach_btf_id);
129 btf__name_by_offset(btf_vmlinux, t->name_off);
133 get_prog_full_name(&info, prog_fd, prog_name, sizeof(prog_name));
135 jsonw_start_object(json_wtr);
136 jsonw_uint_field(json_wtr, "id", info.id);
138 jsonw_string_field(json_wtr, "attach_type", attach_type_str);
140 jsonw_uint_field(json_wtr, "attach_type", attach_type);
141 if (!(query_flags & BPF_F_QUERY_EFFECTIVE))
142 jsonw_string_field(json_wtr, "attach_flags", attach_flags_str);
143 jsonw_string_field(json_wtr, "name", prog_name);
145 jsonw_string_field(json_wtr, "attach_btf_name", attach_btf_name);
146 jsonw_uint_field(json_wtr, "attach_btf_obj_id", info.attach_btf_obj_id);
147 jsonw_uint_field(json_wtr, "attach_btf_id", info.attach_btf_id);
148 jsonw_end_object(json_wtr);
150 printf("%s%-8u ", level ? " " : "", info.id);
152 printf("%-15s", attach_type_str);
154 printf("type %-10u", attach_type);
155 if (query_flags & BPF_F_QUERY_EFFECTIVE)
156 printf(" %-15s", prog_name);
158 printf(" %-15s %-15s", attach_flags_str, prog_name);
160 printf(" %-15s", attach_btf_name);
161 else if (info.attach_btf_id)
162 printf(" attach_btf_obj_id=%d attach_btf_id=%d",
163 info.attach_btf_obj_id, info.attach_btf_id);
171 static int count_attached_bpf_progs(int cgroup_fd, enum bpf_attach_type type)
176 ret = bpf_prog_query(cgroup_fd, type, query_flags, NULL,
184 static int cgroup_has_attached_progs(int cgroup_fd)
186 enum bpf_attach_type type;
189 for (type = 0; type < __MAX_BPF_ATTACH_TYPE; type++) {
190 int count = count_attached_bpf_progs(cgroup_fd, type);
192 if (count < 0 && errno != EINVAL)
201 return no_prog ? 0 : 1;
204 static int show_effective_bpf_progs(int cgroup_fd, enum bpf_attach_type type,
207 LIBBPF_OPTS(bpf_prog_query_opts, p);
208 __u32 prog_ids[1024] = {0};
212 p.query_flags = query_flags;
213 p.prog_cnt = ARRAY_SIZE(prog_ids);
214 p.prog_ids = prog_ids;
216 ret = bpf_prog_query_opts(cgroup_fd, type, &p);
223 for (iter = 0; iter < p.prog_cnt; iter++)
224 show_bpf_prog(prog_ids[iter], type, NULL, level);
229 static int show_attached_bpf_progs(int cgroup_fd, enum bpf_attach_type type,
232 LIBBPF_OPTS(bpf_prog_query_opts, p);
233 __u32 prog_attach_flags[1024] = {0};
234 const char *attach_flags_str;
235 __u32 prog_ids[1024] = {0};
240 p.query_flags = query_flags;
241 p.prog_cnt = ARRAY_SIZE(prog_ids);
242 p.prog_ids = prog_ids;
243 p.prog_attach_flags = prog_attach_flags;
245 ret = bpf_prog_query_opts(cgroup_fd, type, &p);
252 for (iter = 0; iter < p.prog_cnt; iter++) {
255 attach_flags = prog_attach_flags[iter] ?: p.attach_flags;
257 switch (attach_flags) {
258 case BPF_F_ALLOW_MULTI:
259 attach_flags_str = "multi";
261 case BPF_F_ALLOW_OVERRIDE:
262 attach_flags_str = "override";
265 attach_flags_str = "";
268 snprintf(buf, sizeof(buf), "unknown(%x)", attach_flags);
269 attach_flags_str = buf;
272 show_bpf_prog(prog_ids[iter], type,
273 attach_flags_str, level);
279 static int show_bpf_progs(int cgroup_fd, enum bpf_attach_type type,
282 return query_flags & BPF_F_QUERY_EFFECTIVE ?
283 show_effective_bpf_progs(cgroup_fd, type, level) :
284 show_attached_bpf_progs(cgroup_fd, type, level);
287 static int do_show(int argc, char **argv)
289 enum bpf_attach_type type;
290 int has_attached_progs;
302 if (is_prefix(*argv, "effective")) {
303 if (query_flags & BPF_F_QUERY_EFFECTIVE) {
304 p_err("duplicated argument: %s", *argv);
307 query_flags |= BPF_F_QUERY_EFFECTIVE;
310 p_err("expected no more arguments, 'effective', got: '%s'?",
316 cgroup_fd = open(path, O_RDONLY);
318 p_err("can't open cgroup %s", path);
322 has_attached_progs = cgroup_has_attached_progs(cgroup_fd);
323 if (has_attached_progs < 0) {
324 p_err("can't query bpf programs attached to %s: %s",
325 path, strerror(errno));
327 } else if (!has_attached_progs) {
333 jsonw_start_array(json_wtr);
334 else if (query_flags & BPF_F_QUERY_EFFECTIVE)
335 printf("%-8s %-15s %-15s\n", "ID", "AttachType", "Name");
337 printf("%-8s %-15s %-15s %-15s\n", "ID", "AttachType",
338 "AttachFlags", "Name");
340 btf_vmlinux = libbpf_find_kernel_btf();
341 for (type = 0; type < __MAX_BPF_ATTACH_TYPE; type++) {
343 * Not all attach types may be supported, so it's expected,
344 * that some requests will fail.
345 * If we were able to get the show for at least one
346 * attach type, let's return 0.
348 if (show_bpf_progs(cgroup_fd, type, 0) == 0)
353 jsonw_end_array(json_wtr);
362 * To distinguish nftw() errors and do_show_tree_fn() errors
363 * and avoid duplicating error messages, let's return -2
364 * from do_show_tree_fn() in case of error.
367 #define SHOW_TREE_FN_ERR -2
368 static int do_show_tree_fn(const char *fpath, const struct stat *sb,
369 int typeflag, struct FTW *ftw)
371 enum bpf_attach_type type;
372 int has_attached_progs;
375 if (typeflag != FTW_D)
378 cgroup_fd = open(fpath, O_RDONLY);
380 p_err("can't open cgroup %s: %s", fpath, strerror(errno));
381 return SHOW_TREE_FN_ERR;
384 has_attached_progs = cgroup_has_attached_progs(cgroup_fd);
385 if (has_attached_progs < 0) {
386 p_err("can't query bpf programs attached to %s: %s",
387 fpath, strerror(errno));
389 return SHOW_TREE_FN_ERR;
390 } else if (!has_attached_progs) {
396 jsonw_start_object(json_wtr);
397 jsonw_string_field(json_wtr, "cgroup", fpath);
398 jsonw_name(json_wtr, "programs");
399 jsonw_start_array(json_wtr);
401 printf("%s\n", fpath);
404 btf_vmlinux = libbpf_find_kernel_btf();
405 for (type = 0; type < __MAX_BPF_ATTACH_TYPE; type++)
406 show_bpf_progs(cgroup_fd, type, ftw->level);
409 /* Last attach type does not support query.
410 * Do not report an error for this, especially because batch
411 * mode would stop processing commands.
416 jsonw_end_array(json_wtr);
417 jsonw_end_object(json_wtr);
425 static char *find_cgroup_root(void)
430 f = fopen("/proc/mounts", "r");
434 while ((mnt = getmntent(f))) {
435 if (strcmp(mnt->mnt_type, "cgroup2") == 0) {
437 return strdup(mnt->mnt_dir);
445 static int do_show_tree(int argc, char **argv)
447 char *cgroup_root, *cgroup_alloced = NULL;
453 cgroup_alloced = find_cgroup_root();
454 if (!cgroup_alloced) {
455 p_err("cgroup v2 isn't mounted");
458 cgroup_root = cgroup_alloced;
460 cgroup_root = GET_ARG();
463 if (is_prefix(*argv, "effective")) {
464 if (query_flags & BPF_F_QUERY_EFFECTIVE) {
465 p_err("duplicated argument: %s", *argv);
468 query_flags |= BPF_F_QUERY_EFFECTIVE;
471 p_err("expected no more arguments, 'effective', got: '%s'?",
479 jsonw_start_array(json_wtr);
480 else if (query_flags & BPF_F_QUERY_EFFECTIVE)
482 "%-8s %-15s %-15s\n",
484 "ID", "AttachType", "Name");
487 "%-8s %-15s %-15s %-15s\n",
489 "ID", "AttachType", "AttachFlags", "Name");
491 switch (nftw(cgroup_root, do_show_tree_fn, 1024, FTW_MOUNT)) {
493 p_err("can't iterate over %s: %s", cgroup_root,
497 case SHOW_TREE_FN_ERR:
505 jsonw_end_array(json_wtr);
507 free(cgroup_alloced);
512 static int do_attach(int argc, char **argv)
514 enum bpf_attach_type attach_type;
515 int cgroup_fd, prog_fd;
516 int attach_flags = 0;
521 p_err("too few parameters for cgroup attach");
525 cgroup_fd = open(argv[0], O_RDONLY);
527 p_err("can't open cgroup %s", argv[0]);
531 attach_type = parse_attach_type(argv[1]);
532 if (attach_type == __MAX_BPF_ATTACH_TYPE) {
533 p_err("invalid attach type");
539 prog_fd = prog_parse_fd(&argc, &argv);
543 for (i = 0; i < argc; i++) {
544 if (is_prefix(argv[i], "multi")) {
545 attach_flags |= BPF_F_ALLOW_MULTI;
546 } else if (is_prefix(argv[i], "override")) {
547 attach_flags |= BPF_F_ALLOW_OVERRIDE;
549 p_err("unknown option: %s", argv[i]);
554 if (bpf_prog_attach(prog_fd, cgroup_fd, attach_type, attach_flags)) {
555 p_err("failed to attach program");
560 jsonw_null(json_wtr);
572 static int do_detach(int argc, char **argv)
574 enum bpf_attach_type attach_type;
575 int prog_fd, cgroup_fd;
579 p_err("too few parameters for cgroup detach");
583 cgroup_fd = open(argv[0], O_RDONLY);
585 p_err("can't open cgroup %s", argv[0]);
589 attach_type = parse_attach_type(argv[1]);
590 if (attach_type == __MAX_BPF_ATTACH_TYPE) {
591 p_err("invalid attach type");
597 prog_fd = prog_parse_fd(&argc, &argv);
601 if (bpf_prog_detach2(prog_fd, cgroup_fd, attach_type)) {
602 p_err("failed to detach program");
607 jsonw_null(json_wtr);
619 static int do_help(int argc, char **argv)
622 jsonw_null(json_wtr);
627 "Usage: %1$s %2$s { show | list } CGROUP [**effective**]\n"
628 " %1$s %2$s tree [CGROUP_ROOT] [**effective**]\n"
629 " %1$s %2$s attach CGROUP ATTACH_TYPE PROG [ATTACH_FLAGS]\n"
630 " %1$s %2$s detach CGROUP ATTACH_TYPE PROG\n"
633 HELP_SPEC_ATTACH_TYPES "\n"
634 " " HELP_SPEC_ATTACH_FLAGS "\n"
635 " " HELP_SPEC_PROGRAM "\n"
636 " " HELP_SPEC_OPTIONS " |\n"
644 static const struct cmd cmds[] = {
647 { "tree", do_show_tree },
648 { "attach", do_attach },
649 { "detach", do_detach },
654 int do_cgroup(int argc, char **argv)
656 return cmd_select(cmds, argc, argv, do_help);