tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

bpftool: Fix cgroup command to only show cgroup bpf programs

The netkit program is not a cgroup bpf program and should not be shown
in the output of the "bpftool cgroup show" command.

However, if the netkit device happens to have ifindex 3,
the "bpftool cgroup show" command will output the netkit
bpf program as well:

> ip -d link show dev nk1
3: nk1@if2: ...
link/ether ...
netkit mode ...

> bpftool net show
tc:
nk1(3) netkit/peer tw_ns_nk2phy prog_id 469447

> bpftool cgroup show /sys/fs/cgroup/...
ID AttachType AttachFlags Name
... ... ...
469447 netkit_peer tw_ns_nk2phy

The reason is that the target_fd (which is the cgroup_fd here) and
the target_ifindex are in a union in the uapi/linux/bpf.h. The bpftool
iterates all values in "enum bpf_attach_type" which includes
non cgroup attach types like netkit. The cgroup_fd is usually 3 here,
so the bug is triggered when the netkit ifindex just happens
to be 3 as well.

The bpftool's cgroup.c already has a list of cgroup-only attach type
defined in "cgroup_attach_types[]". This patch fixes it by iterating
over "cgroup_attach_types[]" instead of "__MAX_BPF_ATTACH_TYPE".

Cc: Quentin Monnet <qmo@kernel.org>
Reported-by: Takshak Chahande <ctakshak@meta.com>
Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Reviewed-by: Quentin Monnet <qmo@kernel.org>
Link: https://lore.kernel.org/r/20250507203232.1420762-1-martin.lau@linux.dev
Signed-off-by: Alexei Starovoitov <ast@kernel.org>

authored by

Martin KaFai Lau and committed by
Alexei Starovoitov b69d4413 43745d11

+6 -6
+6 -6
tools/bpf/bpftool/cgroup.c
··· 318 318 319 319 static int do_show(int argc, char **argv) 320 320 { 321 - enum bpf_attach_type type; 322 321 int has_attached_progs; 323 322 const char *path; 324 323 int cgroup_fd; 325 324 int ret = -1; 325 + unsigned int i; 326 326 327 327 query_flags = 0; 328 328 ··· 370 370 "AttachFlags", "Name"); 371 371 372 372 btf_vmlinux = libbpf_find_kernel_btf(); 373 - for (type = 0; type < __MAX_BPF_ATTACH_TYPE; type++) { 373 + for (i = 0; i < ARRAY_SIZE(cgroup_attach_types); i++) { 374 374 /* 375 375 * Not all attach types may be supported, so it's expected, 376 376 * that some requests will fail. 377 377 * If we were able to get the show for at least one 378 378 * attach type, let's return 0. 379 379 */ 380 - if (show_bpf_progs(cgroup_fd, type, 0) == 0) 380 + if (show_bpf_progs(cgroup_fd, cgroup_attach_types[i], 0) == 0) 381 381 ret = 0; 382 382 } 383 383 ··· 400 400 static int do_show_tree_fn(const char *fpath, const struct stat *sb, 401 401 int typeflag, struct FTW *ftw) 402 402 { 403 - enum bpf_attach_type type; 404 403 int has_attached_progs; 405 404 int cgroup_fd; 405 + unsigned int i; 406 406 407 407 if (typeflag != FTW_D) 408 408 return 0; ··· 434 434 } 435 435 436 436 btf_vmlinux = libbpf_find_kernel_btf(); 437 - for (type = 0; type < __MAX_BPF_ATTACH_TYPE; type++) 438 - show_bpf_progs(cgroup_fd, type, ftw->level); 437 + for (i = 0; i < ARRAY_SIZE(cgroup_attach_types); i++) 438 + show_bpf_progs(cgroup_fd, cgroup_attach_types[i], ftw->level); 439 439 440 440 if (errno == EINVAL) 441 441 /* Last attach type does not support query.