if (policy == CGROUP_DEVICE_POLICY_AUTO && !allow_list)
return 0;
- r = bpf_program_new(BPF_PROG_TYPE_CGROUP_DEVICE, &prog);
+ r = bpf_program_new(BPF_PROG_TYPE_CGROUP_DEVICE, "sd_devices", &prog);
if (r < 0)
return log_error_errno(r, "Loading device control BPF program failed: %m");
return supported = 0;
}
- r = bpf_program_new(BPF_PROG_TYPE_CGROUP_DEVICE, &program);
+ r = bpf_program_new(BPF_PROG_TYPE_CGROUP_DEVICE, NULL, &program);
if (r < 0) {
log_debug_errno(r, "Can't allocate CGROUP DEVICE BPF program, BPF device control is not supported: %m");
return supported = 0;
};
_cleanup_(bpf_program_freep) BPFProgram *p = NULL;
+ const char *prog_name = is_ingress ? "sd_fw_ingress" : "sd_fw_egress";
int accounting_map_fd, r;
bool access_enabled;
return 0;
}
- r = bpf_program_new(BPF_PROG_TYPE_CGROUP_SKB, &p);
+ r = bpf_program_new(BPF_PROG_TYPE_CGROUP_SKB, prog_name, &p);
if (r < 0)
return r;
_cleanup_(bpf_program_freep) BPFProgram *prog = NULL;
int r;
- r = bpf_program_new(BPF_PROG_TYPE_CGROUP_SKB, &prog);
+ r = bpf_program_new(BPF_PROG_TYPE_CGROUP_SKB, NULL, &prog);
if (r < 0)
return log_unit_error_errno(u, r, "Can't allocate CGROUP SKB BPF program: %m");
return supported = BPF_FIREWALL_UNSUPPORTED;
}
- r = bpf_program_new(BPF_PROG_TYPE_CGROUP_SKB, &program);
+ r = bpf_program_new(BPF_PROG_TYPE_CGROUP_SKB, NULL, &program);
if (r < 0) {
bpf_firewall_unsupported_reason =
log_debug_errno(r, "Can't allocate CGROUP SKB BPF program, BPF firewalling is not supported: %m");
(void) bpf_program_cgroup_detach(p);
safe_close(p->kernel_fd);
+ free(p->prog_name);
free(p->instructions);
free(p->attached_path);
return RET_NERRNO(bpf(BPF_OBJ_GET_INFO_BY_FD, &attr, sizeof(attr)));
}
-int bpf_program_new(uint32_t prog_type, BPFProgram **ret) {
+int bpf_program_new(uint32_t prog_type, const char *prog_name, BPFProgram **ret) {
_cleanup_(bpf_program_freep) BPFProgram *p = NULL;
+ _cleanup_free_ char *name = NULL;
+
+ if (prog_name) {
+ if (strlen(prog_name) >= BPF_OBJ_NAME_LEN)
+ return -ENAMETOOLONG;
+
+ name = strdup(prog_name);
+ if (!name)
+ return -ENOMEM;
+ }
p = new(BPFProgram, 1);
if (!p)
*p = (BPFProgram) {
.prog_type = prog_type,
.kernel_fd = -1,
+ .prog_name = TAKE_PTR(name),
};
*ret = TAKE_PTR(p);
attr.log_buf = PTR_TO_UINT64(log_buf);
attr.log_level = !!log_buf;
attr.log_size = log_size;
+ if (p->prog_name)
+ strncpy(attr.prog_name, p->prog_name, BPF_OBJ_NAME_LEN - 1);
p->kernel_fd = bpf(BPF_PROG_LOAD, &attr, sizeof(attr));
if (p->kernel_fd < 0)
/* The loaded BPF program, if loaded */
int kernel_fd;
uint32_t prog_type;
+ char *prog_name;
/* The code of it BPF program, if known */
size_t n_instructions;
uint32_t attached_flags;
};
-int bpf_program_new(uint32_t prog_type, BPFProgram **ret);
+int bpf_program_new(uint32_t prog_type, const char *prog_name, BPFProgram **ret);
int bpf_program_new_from_bpffs_path(const char *path, BPFProgram **ret);
BPFProgram *bpf_program_free(BPFProgram *p);
assert_se(set_unit_path(unit_dir) >= 0);
assert_se(runtime_dir = setup_fake_runtime_dir());
- r = bpf_program_new(BPF_PROG_TYPE_CGROUP_SKB, &p);
+ r = bpf_program_new(BPF_PROG_TYPE_CGROUP_SKB, "sd_trivial", &p);
assert_se(r == 0);
r = bpf_program_add_instructions(p, exit_insn, ELEMENTSOF(exit_insn));
if (r < 0)
return log_error_errno(r, "Failed to convert program to string");
- r = bpf_program_new(test_suite[i].prog_type, &prog);
+ r = bpf_program_new(test_suite[i].prog_type, "sd_trivial", &prog);
if (r < 0)
return log_error_errno(r, "Failed to create program '%s'", str);
projects / thirdparty / systemd.git / commitdiff
