]> git.ipfire.org Git - thirdparty/systemd.git/commit
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3a47437) | patch
core: add options to delegate BPFFS token creation 36134/head
authorMatteo Croce <teknoraver@meta.com>
Thu, 15 May 2025 14:32:46 +0000 (16:32 +0200)
committerMatteo Croce <teknoraver@meta.com>
Tue, 8 Jul 2025 20:35:29 +0000 (22:35 +0200)
commitea9826eb946d57aaba7e6bfa2d6b120136c6b20f
tree3757f673054e92fe301e371ab0b08e98a995cc6ctree | snapshot
parent3a47437fc9f37637c2924a7663cf2b8849ceb10dcommit | diff
core: add options to delegate BPFFS token creation

Add four new options BPFDelegate{Commands,Maps,Programs,Attachments}=
in order to delegate to a BPFFS instance the permission to create tokens.

The value is a list of options taken from:
https://github.com/torvalds/linux/blob/v6.14/include/uapi/linux/bpf.h#L922-L1121
The special value "any" means to allow every possible values.

More informations about BPF tokens here:
https://lwn.net/Articles/947173/
21 files changed:
.github/workflows/linter.yml diff | blob | blame | history
man/meson.build diff | blob | blame | history
man/org.freedesktop.systemd1.xml diff | blob | blame | history
man/systemd.exec.xml diff | blob | blame | history
src/basic/generate-bpf-delegate-configs.py [new file with mode: 0755] blob
src/basic/meson.build diff | blob | blame | history
src/core/dbus-execute.c diff | blob | blame | history
src/core/exec-invoke.c diff | blob | blame | history
src/core/execute-serialize.c diff | blob | blame | history
src/core/execute.c diff | blob | blame | history
src/core/execute.h diff | blob | blame | history
src/core/load-fragment-gperf.gperf.in diff | blob | blame | history
src/core/load-fragment.c diff | blob | blame | history
src/core/load-fragment.h diff | blob | blame | history
src/core/namespace.c diff | blob | blame | history
src/core/namespace.h diff | blob | blame | history
src/shared/bus-unit-util.c diff | blob | blame | history
src/test/meson.build diff | blob | blame | history
src/test/test-bpf-token.c [new file with mode: 0644] blob
test/units/TEST-07-PID1.private-bpf.sh diff | blob | blame | history
tools/xml_helper.py diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.