#include <dirent.h>
#include <errno.h>
#include <fcntl.h>
-#include <linux/bpf.h>
#include <signal.h>
#include <stdlib.h>
#include <sys/types.h>
-// libbpf
-#include <bpf/bpf.h>
-
#include <pakfire/ctx.h>
#include <pakfire/cgroup.h>
#include <pakfire/logging.h>
#define BUFFER_SIZE 64 * 1024
-// Short form of mov, dst_reg = src_reg
-#define BPF_MOV64_IMM(DST, IMM) \
- ((struct bpf_insn){ \
- .code = BPF_ALU64 | BPF_MOV | BPF_K, \
- .dst_reg = DST, \
- .src_reg = 0, \
- .off = 0, \
- .imm = IMM \
- })
-
-// Program exit
-#define BPF_EXIT_INSN() \
- ((struct bpf_insn){ \
- .code = BPF_JMP | BPF_EXIT, \
- .dst_reg = 0, \
- .src_reg = 0, \
- .off = 0, \
- .imm = 0 \
- })
-
struct pakfire_cgroup {
pakfire_ctx* ctx;
int nrefs;
return cgroup->path;
}
-static int pakfire_cgroup_setup_devices(pakfire_cgroup* cgroup) {
- static char bpf_log_buffer[BPF_LOG_BUF_SIZE];
-
- LIBBPF_OPTS(bpf_prog_load_opts, opts,
- // Log Buffer
- .log_buf = bpf_log_buffer,
- .log_size = sizeof(bpf_log_buffer),
- );
- int r;
-
- struct bpf_insn program[] = {
- BPF_MOV64_IMM(BPF_REG_0, 1), // r0 = 1
- BPF_EXIT_INSN(), // return r0
- };
-
- // Load the BPF program
- r = bpf_prog_load(BPF_PROG_TYPE_CGROUP_DEVICE, NULL, "GPL",
- program, sizeof(program) / sizeof(*program), &opts);
- if (r < 0) {
- ERROR(cgroup->ctx, "Could not load BPF program: %m\n");
- return r;
- }
-
- // Store the file descriptor
- cgroup->devicesfd = r;
-
- // Attach the program to the cgroup
- r = bpf_prog_attach(cgroup->devicesfd, cgroup->fd,
- BPF_CGROUP_DEVICE, BPF_F_ALLOW_MULTI);
- if (r) {
- ERROR(cgroup->ctx, "Could not attach BPF program to cgroup: %m\n");
- return r;
- }
-
- return 0;
-}
-
static int pakfire_cgroup_open_root(pakfire_cgroup* cgroup) {
const char* path = "/sys/fs/cgroup";
int fd;
if (r < 0)
goto ERROR;
-#if 0
- // Setup the devices filter
- r = pakfire_cgroup_setup_devices(c);
- if (r)
- goto ERROR;
-#endif
-
DEBUG(c->ctx, "Created cgroup %s\n", pakfire_cgroup_path(c));
// Return the pointer
projects / pakfire.git / commitdiff
