diff options
| author | Daniel Mack <daniel@zonque.org> | 2016-11-23 16:52:27 +0100 |
|---|---|---|
| committer | Michael Bestas <mkbestas@lineageos.org> | 2022-04-19 00:51:10 +0300 |
| commit | cbb19ce2324acc32e5491703bbc31f6d67e7ac1b (patch) | |
| tree | 6bbe7165853f177c44f70143175bde0f2e6d71a8 /kernel/bpf/arraymap.c | |
| parent | 8de2dd69e0de818afa690b277bedac4c6f74b2d9 (diff) | |
UPSTREAM: bpf: add BPF_PROG_ATTACH and BPF_PROG_DETACH commands
Cherry-pick from commit f4324551489e8781d838f941b7aee4208e52e8bf
Extend the bpf(2) syscall by two new commands, BPF_PROG_ATTACH and
BPF_PROG_DETACH which allow attaching and detaching eBPF programs
to a target.
On the API level, the target could be anything that has an fd in
userspace, hence the name of the field in union bpf_attr is called
'target_fd'.
When called with BPF_ATTACH_TYPE_CGROUP_INET_{E,IN}GRESS, the target is
expected to be a valid file descriptor of a cgroup v2 directory which
has the bpf controller enabled. These are the only use-cases
implemented by this patch at this point, but more can be added.
If a program of the given type already exists in the given cgroup,
the program is swapped automically, so userspace does not have to drop
an existing program first before installing a new one, which would
otherwise leave a gap in which no program is attached.
For more information on the propagation logic to subcgroups, please
refer to the bpf cgroup controller implementation.
The API is guarded by CAP_NET_ADMIN.
Signed-off-by: Daniel Mack <daniel@zonque.org>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Bug: 30950746
Change-Id: Iab156859332166835d51e1e6f64e5cb8b81870f2
Signed-off-by: Chatur27 <jasonbright2709@gmail.com>
Diffstat (limited to 'kernel/bpf/arraymap.c')
0 files changed, 0 insertions, 0 deletions