f3cdfc488e
runc rc95 contains a fix for CVE-2021-30465. runc rc94 provides fixes and improvements. One notable change is cgroup manager's Set now accept Resources rather than Cgroup (see https://github.com/opencontainers/runc/pull/2906). Modify the code accordingly. Also update runc dependencies (as hinted by hack/lint-depdendencies.sh): github.com/cilium/ebpf v0.5.0 github.com/containerd/console v1.0.2 github.com/coreos/go-systemd/v22 v22.3.1 github.com/godbus/dbus/v5 v5.0.4 github.com/moby/sys/mountinfo v0.4.1 golang.org/x/sys v0.0.0-20210426230700-d19ff857e887 github.com/google/go-cmp v0.5.4 github.com/kr/pretty v0.2.1 github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417 Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
77 lines
1.8 KiB
Go
77 lines
1.8 KiB
Go
package link
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
"github.com/cilium/ebpf"
|
|
"github.com/cilium/ebpf/internal"
|
|
)
|
|
|
|
type RawAttachProgramOptions struct {
|
|
// File descriptor to attach to. This differs for each attach type.
|
|
Target int
|
|
// Program to attach.
|
|
Program *ebpf.Program
|
|
// Program to replace (cgroups).
|
|
Replace *ebpf.Program
|
|
// Attach must match the attach type of Program (and Replace).
|
|
Attach ebpf.AttachType
|
|
// Flags control the attach behaviour. This differs for each attach type.
|
|
Flags uint32
|
|
}
|
|
|
|
// RawAttachProgram is a low level wrapper around BPF_PROG_ATTACH.
|
|
//
|
|
// You should use one of the higher level abstractions available in this
|
|
// package if possible.
|
|
func RawAttachProgram(opts RawAttachProgramOptions) error {
|
|
if err := haveProgAttach(); err != nil {
|
|
return err
|
|
}
|
|
|
|
var replaceFd uint32
|
|
if opts.Replace != nil {
|
|
replaceFd = uint32(opts.Replace.FD())
|
|
}
|
|
|
|
attr := internal.BPFProgAttachAttr{
|
|
TargetFd: uint32(opts.Target),
|
|
AttachBpfFd: uint32(opts.Program.FD()),
|
|
ReplaceBpfFd: replaceFd,
|
|
AttachType: uint32(opts.Attach),
|
|
AttachFlags: uint32(opts.Flags),
|
|
}
|
|
|
|
if err := internal.BPFProgAttach(&attr); err != nil {
|
|
return fmt.Errorf("can't attach program: %s", err)
|
|
}
|
|
return nil
|
|
}
|
|
|
|
type RawDetachProgramOptions struct {
|
|
Target int
|
|
Program *ebpf.Program
|
|
Attach ebpf.AttachType
|
|
}
|
|
|
|
// RawDetachProgram is a low level wrapper around BPF_PROG_DETACH.
|
|
//
|
|
// You should use one of the higher level abstractions available in this
|
|
// package if possible.
|
|
func RawDetachProgram(opts RawDetachProgramOptions) error {
|
|
if err := haveProgAttach(); err != nil {
|
|
return err
|
|
}
|
|
|
|
attr := internal.BPFProgDetachAttr{
|
|
TargetFd: uint32(opts.Target),
|
|
AttachBpfFd: uint32(opts.Program.FD()),
|
|
AttachType: uint32(opts.Attach),
|
|
}
|
|
if err := internal.BPFProgDetach(&attr); err != nil {
|
|
return fmt.Errorf("can't detach program: %s", err)
|
|
}
|
|
|
|
return nil
|
|
}
|