mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-09-30 14:19:16 +00:00
libbpf: support BPF token path setting through LIBBPF_BPF_TOKEN_PATH envvar
To allow external admin authority to override default BPF FS location (/sys/fs/bpf) for implicit BPF token creation, teach libbpf to recognize LIBBPF_BPF_TOKEN_PATH envvar. If it is specified and user application didn't explicitly specify neither bpf_token_path nor bpf_token_fd option, it will be treated exactly like bpf_token_path option, overriding default /sys/fs/bpf location and making BPF token mandatory. Suggested-by: Alexei Starovoitov <ast@kernel.org> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Link: https://lore.kernel.org/r/20231213190842.3844987-10-andrii@kernel.org Signed-off-by: Alexei Starovoitov <ast@kernel.org>
This commit is contained in:
parent
18678cf0ee
commit
ed54124b88
2 changed files with 21 additions and 6 deletions
|
@ -7171,11 +7171,17 @@ static struct bpf_object *bpf_object_open(const char *path, const void *obj_buf,
|
|||
/* non-empty token path can't be combined with invalid token FD */
|
||||
if (token_path && token_path[0] != '\0' && token_fd < 0)
|
||||
return ERR_PTR(-EINVAL);
|
||||
/* empty token path can't be combined with valid token FD */
|
||||
if (token_path && token_path[0] == '\0' && token_fd > 0)
|
||||
return ERR_PTR(-EINVAL);
|
||||
/* if user didn't specify bpf_token_path/bpf_token_fd explicitly,
|
||||
* check if LIBBPF_BPF_TOKEN_PATH envvar was set and treat it as
|
||||
* bpf_token_path option
|
||||
*/
|
||||
if (token_fd == 0 && !token_path)
|
||||
token_path = getenv("LIBBPF_BPF_TOKEN_PATH");
|
||||
/* empty token_path is equivalent to invalid token_fd */
|
||||
if (token_path && token_path[0] == '\0') {
|
||||
/* empty token path can't be combined with valid token FD */
|
||||
if (token_fd > 0)
|
||||
return ERR_PTR(-EINVAL);
|
||||
/* empty token_path is equivalent to invalid token_fd */
|
||||
token_path = NULL;
|
||||
token_fd = -1;
|
||||
}
|
||||
|
|
|
@ -185,8 +185,16 @@ struct bpf_object_open_opts {
|
|||
* attempt to create BPF token from default BPF FS mount point
|
||||
* (/sys/fs/bpf), in case this default behavior is undesirable.
|
||||
*
|
||||
* If bpf_token_path and bpf_token_fd are not specified, libbpf will
|
||||
* consult LIBBPF_BPF_TOKEN_PATH environment variable. If set, it will
|
||||
* be taken as a value of bpf_token_path option and will force libbpf
|
||||
* to either create BPF token from provided custom BPF FS path, or
|
||||
* will disable implicit BPF token creation, if envvar value is an
|
||||
* empty string.
|
||||
*
|
||||
* bpf_token_path and bpf_token_fd are mutually exclusive and only one
|
||||
* of those options should be set.
|
||||
* of those options should be set. Either of them overrides
|
||||
* LIBBPF_BPF_TOKEN_PATH envvar.
|
||||
*/
|
||||
int bpf_token_fd;
|
||||
/* Path to BPF FS mount point to derive BPF token from.
|
||||
|
@ -200,7 +208,8 @@ struct bpf_object_open_opts {
|
|||
* point (/sys/fs/bpf), in case this default behavior is undesirable.
|
||||
*
|
||||
* bpf_token_path and bpf_token_fd are mutually exclusive and only one
|
||||
* of those options should be set.
|
||||
* of those options should be set. Either of them overrides
|
||||
* LIBBPF_BPF_TOKEN_PATH envvar.
|
||||
*/
|
||||
const char *bpf_token_path;
|
||||
|
||||
|
|
Loading…
Reference in a new issue