diff options
| -rw-r--r-- | queue-6.12/bpftool-fix-cgroup-command-to-only-show-cgroup-bpf-programs.patch | 107 | ||||
| -rw-r--r-- | queue-6.12/series | 1 |
2 files changed, 108 insertions, 0 deletions
diff --git a/queue-6.12/bpftool-fix-cgroup-command-to-only-show-cgroup-bpf-programs.patch b/queue-6.12/bpftool-fix-cgroup-command-to-only-show-cgroup-bpf-programs.patch new file mode 100644 index 0000000000..99c266b34b --- /dev/null +++ b/queue-6.12/bpftool-fix-cgroup-command-to-only-show-cgroup-bpf-programs.patch @@ -0,0 +1,107 @@ +From b69d4413aa1961930fbf9ffad8376d577378daf9 Mon Sep 17 00:00:00 2001 +From: Martin KaFai Lau <martin.lau@kernel.org> +Date: Wed, 7 May 2025 13:32:32 -0700 +Subject: bpftool: Fix cgroup command to only show cgroup bpf programs + +From: Martin KaFai Lau <martin.lau@kernel.org> + +commit b69d4413aa1961930fbf9ffad8376d577378daf9 upstream. + +The netkit program is not a cgroup bpf program and should not be shown +in the output of the "bpftool cgroup show" command. + +However, if the netkit device happens to have ifindex 3, +the "bpftool cgroup show" command will output the netkit +bpf program as well: + +> ip -d link show dev nk1 +3: nk1@if2: ... + link/ether ... + netkit mode ... + +> bpftool net show +tc: +nk1(3) netkit/peer tw_ns_nk2phy prog_id 469447 + +> bpftool cgroup show /sys/fs/cgroup/... +ID AttachType AttachFlags Name +... ... ... +469447 netkit_peer tw_ns_nk2phy + +The reason is that the target_fd (which is the cgroup_fd here) and +the target_ifindex are in a union in the uapi/linux/bpf.h. The bpftool +iterates all values in "enum bpf_attach_type" which includes +non cgroup attach types like netkit. The cgroup_fd is usually 3 here, +so the bug is triggered when the netkit ifindex just happens +to be 3 as well. + +The bpftool's cgroup.c already has a list of cgroup-only attach type +defined in "cgroup_attach_types[]". This patch fixes it by iterating +over "cgroup_attach_types[]" instead of "__MAX_BPF_ATTACH_TYPE". + +Cc: Quentin Monnet <qmo@kernel.org> +Reported-by: Takshak Chahande <ctakshak@meta.com> +Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org> +Acked-by: Daniel Borkmann <daniel@iogearbox.net> +Reviewed-by: Quentin Monnet <qmo@kernel.org> +Link: https://lore.kernel.org/r/20250507203232.1420762-1-martin.lau@linux.dev +Signed-off-by: Alexei Starovoitov <ast@kernel.org> +Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> +--- + tools/bpf/bpftool/cgroup.c | 12 ++++++------ + 1 file changed, 6 insertions(+), 6 deletions(-) + +--- a/tools/bpf/bpftool/cgroup.c ++++ b/tools/bpf/bpftool/cgroup.c +@@ -318,11 +318,11 @@ static int show_bpf_progs(int cgroup_fd, + + static int do_show(int argc, char **argv) + { +- enum bpf_attach_type type; + int has_attached_progs; + const char *path; + int cgroup_fd; + int ret = -1; ++ unsigned int i; + + query_flags = 0; + +@@ -370,14 +370,14 @@ static int do_show(int argc, char **argv + "AttachFlags", "Name"); + + btf_vmlinux = libbpf_find_kernel_btf(); +- for (type = 0; type < __MAX_BPF_ATTACH_TYPE; type++) { ++ for (i = 0; i < ARRAY_SIZE(cgroup_attach_types); i++) { + /* + * Not all attach types may be supported, so it's expected, + * that some requests will fail. + * If we were able to get the show for at least one + * attach type, let's return 0. + */ +- if (show_bpf_progs(cgroup_fd, type, 0) == 0) ++ if (show_bpf_progs(cgroup_fd, cgroup_attach_types[i], 0) == 0) + ret = 0; + } + +@@ -400,9 +400,9 @@ exit: + static int do_show_tree_fn(const char *fpath, const struct stat *sb, + int typeflag, struct FTW *ftw) + { +- enum bpf_attach_type type; + int has_attached_progs; + int cgroup_fd; ++ unsigned int i; + + if (typeflag != FTW_D) + return 0; +@@ -434,8 +434,8 @@ static int do_show_tree_fn(const char *f + } + + btf_vmlinux = libbpf_find_kernel_btf(); +- for (type = 0; type < __MAX_BPF_ATTACH_TYPE; type++) +- show_bpf_progs(cgroup_fd, type, ftw->level); ++ for (i = 0; i < ARRAY_SIZE(cgroup_attach_types); i++) ++ show_bpf_progs(cgroup_fd, cgroup_attach_types[i], ftw->level); + + if (errno == EINVAL) + /* Last attach type does not support query. diff --git a/queue-6.12/series b/queue-6.12/series index 9461c8d6ca..a03182a8fa 100644 --- a/queue-6.12/series +++ b/queue-6.12/series @@ -410,3 +410,4 @@ perf-evsel-missed-close-when-probing-hybrid-core-pmu.patch perf-test-directory-file-descriptor-leak.patch gpio-mlxbf3-only-get-irq-for-device-instance-0.patch cifs-remove-duplicate-fattr-cf_dtype-assignment-from.patch +bpftool-fix-cgroup-command-to-only-show-cgroup-bpf-programs.patch |