From 13cea725352ea4559c32a782c7d3fd560683a4d0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9s=20Medina?= Date: Fri, 4 Aug 2023 19:59:20 -0700 Subject: [PATCH] aya: Use AsFd when attaching fds to programs This is a breaking change but adds another level of safety to ensure the file descriptor we receive is valid. Additionally, this allows aya to internally easily duplicate this file descriptor using std library methods instead of manually calling `dup` which doesn't duplicate with the CLOSE_ON_EXEC flag that is standard pratice to avoid leaking the file descriptor when exec'ing. --- aya/src/maps/sock/mod.rs | 11 ++++- aya/src/programs/cgroup_device.rs | 34 +++++++++------- aya/src/programs/cgroup_skb.rs | 18 ++++---- aya/src/programs/cgroup_sock.rs | 18 ++++---- aya/src/programs/cgroup_sock_addr.rs | 18 ++++---- aya/src/programs/cgroup_sockopt.rs | 18 ++++---- aya/src/programs/cgroup_sysctl.rs | 34 +++++++++------- aya/src/programs/extension.rs | 45 ++++++++++++-------- aya/src/programs/links.rs | 17 ++++---- aya/src/programs/lirc_mode2.rs | 61 +++++++++++++--------------- aya/src/programs/mod.rs | 23 +++++++---- aya/src/programs/perf_attach.rs | 9 ++-- aya/src/programs/sk_lookup.rs | 15 ++++--- aya/src/programs/sk_msg.rs | 7 ++-- aya/src/programs/sk_skb.rs | 13 +++--- aya/src/programs/sock_ops.rs | 15 +++---- aya/src/programs/xdp.rs | 24 +++++++---- aya/src/sys/bpf.rs | 60 ++++++++++++++++++--------- xtask/public-api/aya.txt | 42 +++++++++++-------- 19 files changed, 278 insertions(+), 204 deletions(-) diff --git a/aya/src/maps/sock/mod.rs b/aya/src/maps/sock/mod.rs index 1b9f00e9..eef6b832 100644 --- a/aya/src/maps/sock/mod.rs +++ b/aya/src/maps/sock/mod.rs @@ -5,7 +5,7 @@ mod sock_map; pub use sock_hash::SockHash; pub use sock_map::SockMap; -use std::os::fd::{AsRawFd, RawFd}; +use std::os::fd::{AsFd, AsRawFd, BorrowedFd, RawFd}; /// A socket map file descriptor. #[derive(Copy, Clone)] @@ -16,3 +16,12 @@ impl AsRawFd for SockMapFd { self.0 } } + +impl AsFd for SockMapFd { + fn as_fd(&self) -> BorrowedFd<'_> { + // SAFETY: This isn't necessarily safe, we need to find ways + // to enforce that the file descriptor is still + // valid. TODO(#612) + unsafe { BorrowedFd::borrow_raw(self.0) } + } +} diff --git a/aya/src/programs/cgroup_device.rs b/aya/src/programs/cgroup_device.rs index dc318086..0858c9e2 100644 --- a/aya/src/programs/cgroup_device.rs +++ b/aya/src/programs/cgroup_device.rs @@ -1,7 +1,7 @@ //! Cgroup device programs. -use crate::util::KernelVersion; -use std::os::fd::AsRawFd; +use crate::{sys::LinkTarget, util::KernelVersion}; +use std::os::fd::AsFd; use crate::{ generated::{bpf_attach_type::BPF_CGROUP_DEVICE, bpf_prog_type::BPF_PROG_TYPE_CGROUP_DEVICE}, @@ -60,29 +60,35 @@ impl CgroupDevice { /// Attaches the program to the given cgroup. /// /// The returned value can be used to detach, see [CgroupDevice::detach] - pub fn attach(&mut self, cgroup: T) -> Result { + pub fn attach(&mut self, cgroup: T) -> Result { let prog_fd = self.data.fd_or_err()?; - let cgroup_fd = cgroup.as_raw_fd(); + let cgroup_fd = cgroup.as_fd(); if KernelVersion::current().unwrap() >= KernelVersion::new(5, 7, 0) { - let link_fd = bpf_link_create(prog_fd, cgroup_fd, BPF_CGROUP_DEVICE, None, 0).map_err( - |(_, io_error)| SyscallError { - call: "bpf_link_create", - io_error, - }, - )?; + let link_fd = bpf_link_create( + prog_fd, + LinkTarget::Fd(cgroup_fd), + BPF_CGROUP_DEVICE, + None, + 0, + ) + .map_err(|(_, io_error)| SyscallError { + call: "bpf_link_create", + io_error, + })?; self.data .links .insert(CgroupDeviceLink::new(CgroupDeviceLinkInner::Fd( FdLink::new(link_fd), ))) } else { - bpf_prog_attach(prog_fd, cgroup_fd, BPF_CGROUP_DEVICE).map_err(|(_, io_error)| { - SyscallError { + let cgroup_fd = cgroup_fd.try_clone_to_owned()?; + bpf_prog_attach(prog_fd, cgroup_fd.as_fd(), BPF_CGROUP_DEVICE).map_err( + |(_, io_error)| SyscallError { call: "bpf_prog_attach", io_error, - } - })?; + }, + )?; self.data .links .insert(CgroupDeviceLink::new(CgroupDeviceLinkInner::ProgAttach( diff --git a/aya/src/programs/cgroup_skb.rs b/aya/src/programs/cgroup_skb.rs index d0cda14a..2ffb686b 100644 --- a/aya/src/programs/cgroup_skb.rs +++ b/aya/src/programs/cgroup_skb.rs @@ -1,7 +1,7 @@ //! Cgroup skb programs. -use crate::util::KernelVersion; -use std::{hash::Hash, os::fd::AsRawFd, path::Path}; +use crate::{sys::LinkTarget, util::KernelVersion}; +use std::{hash::Hash, os::fd::AsFd, path::Path}; use crate::{ generated::{ @@ -83,32 +83,32 @@ impl CgroupSkb { /// Attaches the program to the given cgroup. /// /// The returned value can be used to detach, see [CgroupSkb::detach]. - pub fn attach( + pub fn attach( &mut self, cgroup: T, attach_type: CgroupSkbAttachType, ) -> Result { let prog_fd = self.data.fd_or_err()?; - let cgroup_fd = cgroup.as_raw_fd(); + let cgroup_fd = cgroup.as_fd(); let attach_type = match attach_type { CgroupSkbAttachType::Ingress => BPF_CGROUP_INET_INGRESS, CgroupSkbAttachType::Egress => BPF_CGROUP_INET_EGRESS, }; if KernelVersion::current().unwrap() >= KernelVersion::new(5, 7, 0) { - let link_fd = bpf_link_create(prog_fd, cgroup_fd, attach_type, None, 0).map_err( - |(_, io_error)| SyscallError { + let link_fd = bpf_link_create(prog_fd, LinkTarget::Fd(cgroup_fd), attach_type, None, 0) + .map_err(|(_, io_error)| SyscallError { call: "bpf_link_create", io_error, - }, - )?; + })?; self.data .links .insert(CgroupSkbLink::new(CgroupSkbLinkInner::Fd(FdLink::new( link_fd, )))) } else { - bpf_prog_attach(prog_fd, cgroup_fd, attach_type).map_err(|(_, io_error)| { + let cgroup_fd = cgroup_fd.try_clone_to_owned()?; + bpf_prog_attach(prog_fd, cgroup_fd.as_fd(), attach_type).map_err(|(_, io_error)| { SyscallError { call: "bpf_prog_attach", io_error, diff --git a/aya/src/programs/cgroup_sock.rs b/aya/src/programs/cgroup_sock.rs index a7a70e13..99980087 100644 --- a/aya/src/programs/cgroup_sock.rs +++ b/aya/src/programs/cgroup_sock.rs @@ -2,8 +2,8 @@ pub use aya_obj::programs::CgroupSockAttachType; -use crate::util::KernelVersion; -use std::{hash::Hash, os::fd::AsRawFd, path::Path}; +use crate::{sys::LinkTarget, util::KernelVersion}; +use std::{hash::Hash, os::fd::AsFd, path::Path}; use crate::{ generated::bpf_prog_type::BPF_PROG_TYPE_CGROUP_SOCK, @@ -66,24 +66,24 @@ impl CgroupSock { /// Attaches the program to the given cgroup. /// /// The returned value can be used to detach, see [CgroupSock::detach]. - pub fn attach(&mut self, cgroup: T) -> Result { + pub fn attach(&mut self, cgroup: T) -> Result { let prog_fd = self.data.fd_or_err()?; - let cgroup_fd = cgroup.as_raw_fd(); + let cgroup_fd = cgroup.as_fd(); let attach_type = self.data.expected_attach_type.unwrap(); if KernelVersion::current().unwrap() >= KernelVersion::new(5, 7, 0) { - let link_fd = bpf_link_create(prog_fd, cgroup_fd, attach_type, None, 0).map_err( - |(_, io_error)| SyscallError { + let link_fd = bpf_link_create(prog_fd, LinkTarget::Fd(cgroup_fd), attach_type, None, 0) + .map_err(|(_, io_error)| SyscallError { call: "bpf_link_create", io_error, - }, - )?; + })?; self.data .links .insert(CgroupSockLink::new(CgroupSockLinkInner::Fd(FdLink::new( link_fd, )))) } else { - bpf_prog_attach(prog_fd, cgroup_fd, attach_type).map_err(|(_, io_error)| { + let cgroup_fd = cgroup_fd.try_clone_to_owned()?; + bpf_prog_attach(prog_fd, cgroup_fd.as_fd(), attach_type).map_err(|(_, io_error)| { SyscallError { call: "bpf_prog_attach", io_error, diff --git a/aya/src/programs/cgroup_sock_addr.rs b/aya/src/programs/cgroup_sock_addr.rs index 827cbe57..646b769e 100644 --- a/aya/src/programs/cgroup_sock_addr.rs +++ b/aya/src/programs/cgroup_sock_addr.rs @@ -2,8 +2,8 @@ pub use aya_obj::programs::CgroupSockAddrAttachType; -use crate::util::KernelVersion; -use std::{hash::Hash, os::fd::AsRawFd, path::Path}; +use crate::{sys::LinkTarget, util::KernelVersion}; +use std::{hash::Hash, os::fd::AsFd, path::Path}; use crate::{ generated::bpf_prog_type::BPF_PROG_TYPE_CGROUP_SOCK_ADDR, @@ -67,24 +67,24 @@ impl CgroupSockAddr { /// Attaches the program to the given cgroup. /// /// The returned value can be used to detach, see [CgroupSockAddr::detach]. - pub fn attach(&mut self, cgroup: T) -> Result { + pub fn attach(&mut self, cgroup: T) -> Result { let prog_fd = self.data.fd_or_err()?; - let cgroup_fd = cgroup.as_raw_fd(); + let cgroup_fd = cgroup.as_fd(); let attach_type = self.data.expected_attach_type.unwrap(); if KernelVersion::current().unwrap() >= KernelVersion::new(5, 7, 0) { - let link_fd = bpf_link_create(prog_fd, cgroup_fd, attach_type, None, 0).map_err( - |(_, io_error)| SyscallError { + let link_fd = bpf_link_create(prog_fd, LinkTarget::Fd(cgroup_fd), attach_type, None, 0) + .map_err(|(_, io_error)| SyscallError { call: "bpf_link_create", io_error, - }, - )?; + })?; self.data .links .insert(CgroupSockAddrLink::new(CgroupSockAddrLinkInner::Fd( FdLink::new(link_fd), ))) } else { - bpf_prog_attach(prog_fd, cgroup_fd, attach_type).map_err(|(_, io_error)| { + let cgroup_fd = cgroup_fd.try_clone_to_owned()?; + bpf_prog_attach(prog_fd, cgroup_fd.as_fd(), attach_type).map_err(|(_, io_error)| { SyscallError { call: "bpf_prog_attach", io_error, diff --git a/aya/src/programs/cgroup_sockopt.rs b/aya/src/programs/cgroup_sockopt.rs index e2ae3b64..6a146f5d 100644 --- a/aya/src/programs/cgroup_sockopt.rs +++ b/aya/src/programs/cgroup_sockopt.rs @@ -2,8 +2,8 @@ pub use aya_obj::programs::CgroupSockoptAttachType; -use crate::util::KernelVersion; -use std::{hash::Hash, os::fd::AsRawFd, path::Path}; +use crate::{sys::LinkTarget, util::KernelVersion}; +use std::{hash::Hash, os::fd::AsFd, path::Path}; use crate::{ generated::bpf_prog_type::BPF_PROG_TYPE_CGROUP_SOCKOPT, @@ -64,24 +64,24 @@ impl CgroupSockopt { /// Attaches the program to the given cgroup. /// /// The returned value can be used to detach, see [CgroupSockopt::detach]. - pub fn attach(&mut self, cgroup: T) -> Result { + pub fn attach(&mut self, cgroup: T) -> Result { let prog_fd = self.data.fd_or_err()?; - let cgroup_fd = cgroup.as_raw_fd(); + let cgroup_fd = cgroup.as_fd(); let attach_type = self.data.expected_attach_type.unwrap(); if KernelVersion::current().unwrap() >= KernelVersion::new(5, 7, 0) { - let link_fd = bpf_link_create(prog_fd, cgroup_fd, attach_type, None, 0).map_err( - |(_, io_error)| SyscallError { + let link_fd = bpf_link_create(prog_fd, LinkTarget::Fd(cgroup_fd), attach_type, None, 0) + .map_err(|(_, io_error)| SyscallError { call: "bpf_link_create", io_error, - }, - )?; + })?; self.data .links .insert(CgroupSockoptLink::new(CgroupSockoptLinkInner::Fd( FdLink::new(link_fd), ))) } else { - bpf_prog_attach(prog_fd, cgroup_fd, attach_type).map_err(|(_, io_error)| { + let cgroup_fd = cgroup_fd.try_clone_to_owned()?; + bpf_prog_attach(prog_fd, cgroup_fd.as_fd(), attach_type).map_err(|(_, io_error)| { SyscallError { call: "bpf_prog_attach", io_error, diff --git a/aya/src/programs/cgroup_sysctl.rs b/aya/src/programs/cgroup_sysctl.rs index 8e887657..d0ba4722 100644 --- a/aya/src/programs/cgroup_sysctl.rs +++ b/aya/src/programs/cgroup_sysctl.rs @@ -1,7 +1,7 @@ //! Cgroup sysctl programs. -use crate::util::KernelVersion; -use std::{hash::Hash, os::fd::AsRawFd}; +use crate::{sys::LinkTarget, util::KernelVersion}; +use std::{hash::Hash, os::fd::AsFd}; use crate::{ generated::{bpf_attach_type::BPF_CGROUP_SYSCTL, bpf_prog_type::BPF_PROG_TYPE_CGROUP_SYSCTL}, @@ -59,29 +59,35 @@ impl CgroupSysctl { /// Attaches the program to the given cgroup. /// /// The returned value can be used to detach, see [CgroupSysctl::detach]. - pub fn attach(&mut self, cgroup: T) -> Result { + pub fn attach(&mut self, cgroup: T) -> Result { let prog_fd = self.data.fd_or_err()?; - let cgroup_fd = cgroup.as_raw_fd(); + let cgroup_fd = cgroup.as_fd(); if KernelVersion::current().unwrap() >= KernelVersion::new(5, 7, 0) { - let link_fd = bpf_link_create(prog_fd, cgroup_fd, BPF_CGROUP_SYSCTL, None, 0).map_err( - |(_, io_error)| SyscallError { - call: "bpf_link_create", - io_error, - }, - )?; + let link_fd = bpf_link_create( + prog_fd, + LinkTarget::Fd(cgroup_fd), + BPF_CGROUP_SYSCTL, + None, + 0, + ) + .map_err(|(_, io_error)| SyscallError { + call: "bpf_link_create", + io_error, + })?; self.data .links .insert(CgroupSysctlLink::new(CgroupSysctlLinkInner::Fd( FdLink::new(link_fd), ))) } else { - bpf_prog_attach(prog_fd, cgroup_fd, BPF_CGROUP_SYSCTL).map_err(|(_, io_error)| { - SyscallError { + let cgroup_fd = cgroup_fd.try_clone_to_owned()?; + bpf_prog_attach(prog_fd, cgroup_fd.as_fd(), BPF_CGROUP_SYSCTL).map_err( + |(_, io_error)| SyscallError { call: "bpf_prog_attach", io_error, - } - })?; + }, + )?; self.data .links diff --git a/aya/src/programs/extension.rs b/aya/src/programs/extension.rs index 143c909f..4d16c56e 100644 --- a/aya/src/programs/extension.rs +++ b/aya/src/programs/extension.rs @@ -1,5 +1,5 @@ //! Extension programs. -use std::os::fd::{AsRawFd, RawFd}; +use std::os::fd::{AsFd as _, BorrowedFd, RawFd}; use thiserror::Error; use object::Endianness; @@ -10,7 +10,7 @@ use crate::{ programs::{ define_link_wrapper, load_program, FdLink, FdLinkId, ProgramData, ProgramError, ProgramFd, }, - sys::{self, bpf_link_create, SyscallError}, + sys::{self, bpf_link_create, LinkTarget, SyscallError}, Btf, }; @@ -69,11 +69,10 @@ impl Extension { /// There are no restrictions on what functions may be replaced, so you could replace /// the main entry point of your program with an extension. pub fn load(&mut self, program: ProgramFd, func_name: &str) -> Result<(), ProgramError> { - let target_prog_fd = program.as_raw_fd(); - let (btf_fd, btf_id) = get_btf_info(target_prog_fd, func_name)?; + let (btf_fd, btf_id) = get_btf_info(program.as_fd(), func_name)?; self.data.attach_btf_obj_fd = Some(btf_fd as u32); - self.data.attach_prog_fd = Some(target_prog_fd); + self.data.attach_prog_fd = Some(program); self.data.attach_btf_id = Some(btf_id); load_program(BPF_PROG_TYPE_EXT, &mut self.data) } @@ -90,11 +89,17 @@ impl Extension { let target_fd = self.data.attach_prog_fd.ok_or(ProgramError::NotLoaded)?; let btf_id = self.data.attach_btf_id.ok_or(ProgramError::NotLoaded)?; // the attach type must be set as 0, which is bpf_attach_type::BPF_CGROUP_INET_INGRESS - let link_fd = bpf_link_create(prog_fd, target_fd, BPF_CGROUP_INET_INGRESS, Some(btf_id), 0) - .map_err(|(_, io_error)| SyscallError { - call: "bpf_link_create", - io_error, - })?; + let link_fd = bpf_link_create( + prog_fd, + LinkTarget::Fd(target_fd.as_fd()), + BPF_CGROUP_INET_INGRESS, + Some(btf_id), + 0, + ) + .map_err(|(_, io_error)| SyscallError { + call: "bpf_link_create", + io_error, + })?; self.data .links .insert(ExtensionLink::new(FdLink::new(link_fd))) @@ -116,15 +121,21 @@ impl Extension { program: ProgramFd, func_name: &str, ) -> Result { - let target_fd = program.as_raw_fd(); + let target_fd = program.as_fd(); let (_, btf_id) = get_btf_info(target_fd, func_name)?; let prog_fd = self.data.fd_or_err()?; // the attach type must be set as 0, which is bpf_attach_type::BPF_CGROUP_INET_INGRESS - let link_fd = bpf_link_create(prog_fd, target_fd, BPF_CGROUP_INET_INGRESS, Some(btf_id), 0) - .map_err(|(_, io_error)| SyscallError { - call: "bpf_link_create", - io_error, - })?; + let link_fd = bpf_link_create( + prog_fd, + LinkTarget::Fd(target_fd), + BPF_CGROUP_INET_INGRESS, + Some(btf_id), + 0, + ) + .map_err(|(_, io_error)| SyscallError { + call: "bpf_link_create", + io_error, + })?; self.data .links .insert(ExtensionLink::new(FdLink::new(link_fd))) @@ -149,7 +160,7 @@ impl Extension { /// Retrieves the FD of the BTF object for the provided `prog_fd` and the BTF ID of the function /// with the name `func_name` within that BTF object. -fn get_btf_info(prog_fd: i32, func_name: &str) -> Result<(RawFd, u32), ProgramError> { +fn get_btf_info(prog_fd: BorrowedFd<'_>, func_name: &str) -> Result<(RawFd, u32), ProgramError> { // retrieve program information let info = sys::bpf_prog_get_info_by_fd(prog_fd)?; diff --git a/aya/src/programs/links.rs b/aya/src/programs/links.rs index 17176ff4..2d683174 100644 --- a/aya/src/programs/links.rs +++ b/aya/src/programs/links.rs @@ -1,12 +1,11 @@ //! Program links. -use libc::{close, dup}; use thiserror::Error; use std::{ collections::{hash_map::Entry, HashMap}, ffi::CString, io, - os::fd::{AsRawFd as _, BorrowedFd, OwnedFd, RawFd}, + os::fd::{AsFd as _, AsRawFd as _, BorrowedFd, OwnedFd, RawFd}, path::{Path, PathBuf}, }; @@ -14,7 +13,7 @@ use crate::{ generated::bpf_attach_type, pin::PinError, programs::ProgramError, - sys::{bpf_get_object, bpf_pin_object, bpf_prog_detach, SyscallError}, + sys::{bpf_get_object, bpf_pin_object, bpf_prog_detach, SysResult, SyscallError}, }; /// A Link. @@ -231,19 +230,19 @@ pub struct ProgAttachLinkId(RawFd, RawFd, bpf_attach_type); #[derive(Debug)] pub struct ProgAttachLink { prog_fd: RawFd, - target_fd: RawFd, + target_fd: OwnedFd, attach_type: bpf_attach_type, } impl ProgAttachLink { pub(crate) fn new( prog_fd: BorrowedFd<'_>, - target_fd: RawFd, + target_fd: OwnedFd, attach_type: bpf_attach_type, ) -> ProgAttachLink { ProgAttachLink { prog_fd: prog_fd.as_raw_fd(), - target_fd: unsafe { dup(target_fd) }, + target_fd, attach_type, } } @@ -253,12 +252,12 @@ impl Link for ProgAttachLink { type Id = ProgAttachLinkId; fn id(&self) -> Self::Id { - ProgAttachLinkId(self.prog_fd, self.target_fd, self.attach_type) + ProgAttachLinkId(self.prog_fd, self.target_fd.as_raw_fd(), self.attach_type) } fn detach(self) -> Result<(), ProgramError> { - let _ = bpf_prog_detach(self.prog_fd, self.target_fd, self.attach_type); - unsafe { close(self.target_fd) }; + let _: SysResult<_> = + bpf_prog_detach(self.prog_fd, self.target_fd.as_fd(), self.attach_type); Ok(()) } } diff --git a/aya/src/programs/lirc_mode2.rs b/aya/src/programs/lirc_mode2.rs index 54317110..3fdfcc6f 100644 --- a/aya/src/programs/lirc_mode2.rs +++ b/aya/src/programs/lirc_mode2.rs @@ -1,17 +1,15 @@ //! Lirc programs. -use std::os::fd::{AsRawFd, BorrowedFd, IntoRawFd as _, RawFd}; +use std::os::fd::{AsFd, AsRawFd, BorrowedFd, IntoRawFd as _, OwnedFd, RawFd}; use crate::{ generated::{bpf_attach_type::BPF_LIRC_MODE2, bpf_prog_type::BPF_PROG_TYPE_LIRC_MODE2}, programs::{load_program, query, Link, ProgramData, ProgramError, ProgramInfo}, sys::{ bpf_prog_attach, bpf_prog_detach, bpf_prog_get_fd_by_id, bpf_prog_get_info_by_fd, - SyscallError, + SysResult, SyscallError, }, }; -use libc::{close, dup}; - /// A program used to decode IR into key events for a lirc device. /// /// [`LircMode2`] programs can be used to inspect infrared pulses, spaces, @@ -63,11 +61,11 @@ impl LircMode2 { /// Attaches the program to the given lirc device. /// /// The returned value can be used to detach, see [LircMode2::detach]. - pub fn attach(&mut self, lircdev: T) -> Result { + pub fn attach(&mut self, lircdev: T) -> Result { let prog_fd = self.data.fd_or_err()?; - let lircdev_fd = lircdev.as_raw_fd(); + let lircdev_fd = lircdev.as_fd().try_clone_to_owned()?; - bpf_prog_attach(prog_fd, lircdev_fd, BPF_LIRC_MODE2).map_err(|(_, io_error)| { + bpf_prog_attach(prog_fd, lircdev_fd.as_fd(), BPF_LIRC_MODE2).map_err(|(_, io_error)| { SyscallError { call: "bpf_prog_attach", io_error, @@ -93,27 +91,24 @@ impl LircMode2 { } /// Queries the lirc device for attached programs. - pub fn query(target_fd: T) -> Result, ProgramError> { - let prog_ids = query(target_fd.as_raw_fd(), BPF_LIRC_MODE2, 0, &mut None)?; - - let mut prog_fds = Vec::with_capacity(prog_ids.len()); - - for id in prog_ids { - let fd = bpf_prog_get_fd_by_id(id)?; - prog_fds.push(fd); - } + pub fn query(target_fd: T) -> Result, ProgramError> { + let prog_ids = query(target_fd.as_fd(), BPF_LIRC_MODE2, 0, &mut None)?; - Ok(prog_fds + prog_ids .into_iter() - .map(|prog_fd| { - LircLink::new( - // SAFETY: The file descriptor will stay valid because we are leaking it - // TODO: Do not leak it? - unsafe { BorrowedFd::borrow_raw(prog_fd.into_raw_fd()) }, - target_fd.as_raw_fd(), - ) + .map(|prog_id| { + let prog_fd = bpf_prog_get_fd_by_id(prog_id)?; + let target_fd = target_fd.as_fd().try_clone_to_owned()?; + // SAFETY: The file descriptor will stay valid because + // we are leaking it. We cannot use `OwnedFd` in here + // because LircMode2::attach also uses LircLink::new + // but with a borrowed file descriptor (of the loaded + // program) without duplicating. TODO(#612): Fix API + // or internals so this file descriptor isn't leaked + let prog_fd = unsafe { BorrowedFd::borrow_raw(prog_fd.into_raw_fd()) }; + Ok(LircLink::new(prog_fd, target_fd)) }) - .collect()) + .collect() } } @@ -125,20 +120,23 @@ pub struct LircLinkId(RawFd, RawFd); /// An LircMode2 Link pub struct LircLink { prog_fd: RawFd, - target_fd: RawFd, + target_fd: OwnedFd, } impl LircLink { - pub(crate) fn new(prog_fd: BorrowedFd<'_>, target_fd: RawFd) -> LircLink { + pub(crate) fn new(prog_fd: BorrowedFd<'_>, target_fd: OwnedFd) -> LircLink { LircLink { prog_fd: prog_fd.as_raw_fd(), - target_fd: unsafe { dup(target_fd) }, + target_fd, } } /// Get ProgramInfo from this link pub fn info(&self) -> Result { - bpf_prog_get_info_by_fd(self.prog_fd) + // SAFETY: This isn't necessarily safe, we need to find ways + // to enforce that the file descriptor is still + // valid. TODO(#612) + bpf_prog_get_info_by_fd(unsafe { BorrowedFd::borrow_raw(self.prog_fd) }) .map(ProgramInfo) .map_err(Into::into) } @@ -148,12 +146,11 @@ impl Link for LircLink { type Id = LircLinkId; fn id(&self) -> Self::Id { - LircLinkId(self.prog_fd, self.target_fd) + LircLinkId(self.prog_fd, self.target_fd.as_raw_fd()) } fn detach(self) -> Result<(), ProgramError> { - let _ = bpf_prog_detach(self.prog_fd, self.target_fd, BPF_LIRC_MODE2); - unsafe { close(self.target_fd) }; + let _: SysResult<_> = bpf_prog_detach(self.prog_fd, self.target_fd.as_fd(), BPF_LIRC_MODE2); Ok(()) } } diff --git a/aya/src/programs/mod.rs b/aya/src/programs/mod.rs index 6236e86f..eae35be3 100644 --- a/aya/src/programs/mod.rs +++ b/aya/src/programs/mod.rs @@ -68,7 +68,7 @@ use libc::ENOSPC; use std::{ ffi::CString, io, - os::fd::{AsFd as _, AsRawFd, BorrowedFd, OwnedFd, RawFd}, + os::fd::{AsFd, AsRawFd, BorrowedFd, OwnedFd, RawFd}, path::{Path, PathBuf}, sync::Arc, }; @@ -211,7 +211,7 @@ pub enum ProgramError { } /// A [`Program`] file descriptor. -#[derive(Copy, Clone)] +#[derive(Copy, Clone, Debug)] pub struct ProgramFd(RawFd); impl AsRawFd for ProgramFd { @@ -220,6 +220,15 @@ impl AsRawFd for ProgramFd { } } +impl AsFd for ProgramFd { + fn as_fd(&self) -> BorrowedFd<'_> { + // SAFETY: This isn't necessarily safe, we need to find ways + // to enforce that the file descriptor is still + // valid. TODO(#612) + unsafe { BorrowedFd::borrow_raw(self.0) } + } +} + /// eBPF program type. #[derive(Debug)] pub enum Program { @@ -408,7 +417,7 @@ pub(crate) struct ProgramData { pub(crate) expected_attach_type: Option, pub(crate) attach_btf_obj_fd: Option, pub(crate) attach_btf_id: Option, - pub(crate) attach_prog_fd: Option, + pub(crate) attach_prog_fd: Option, pub(crate) btf_fd: Option>, pub(crate) verifier_log_level: VerifierLogLevel, pub(crate) path: Option, @@ -488,7 +497,7 @@ impl ProgramData { io_error, })?; - let info = bpf_prog_get_info_by_fd(fd.as_raw_fd())?; + let info = bpf_prog_get_info_by_fd(fd.as_fd())?; let name = ProgramInfo(info).name_as_str().map(|s| s.to_string()); ProgramData::from_bpf_prog_info(name, fd, path.as_ref(), info, verifier_log_level) } @@ -606,7 +615,7 @@ fn load_program( prog_btf_fd: btf_fd.as_ref().map(|f| f.as_fd()), attach_btf_obj_fd: *attach_btf_obj_fd, attach_btf_id: *attach_btf_id, - attach_prog_fd: *attach_prog_fd, + attach_prog_fd: attach_prog_fd.as_ref().map(|fd| fd.as_fd()), func_info_rec_size: *func_info_rec_size, func_info: func_info.clone(), line_info_rec_size: *line_info_rec_size, @@ -952,7 +961,7 @@ impl ProgramInfo { io_error, })?; - let info = bpf_prog_get_info_by_fd(fd.as_raw_fd())?; + let info = bpf_prog_get_info_by_fd(fd.as_fd())?; Ok(ProgramInfo(info)) } } @@ -988,7 +997,7 @@ pub fn loaded_programs() -> impl Iterator Result { if FEATURES.bpf_perf_link() { - let link_fd = bpf_link_create(prog_fd, fd.as_raw_fd(), BPF_PERF_EVENT, None, 0).map_err( - |(_, io_error)| SyscallError { + let link_fd = bpf_link_create(prog_fd, LinkTarget::Fd(fd.as_fd()), BPF_PERF_EVENT, None, 0) + .map_err(|(_, io_error)| SyscallError { call: "bpf_link_create", io_error, - }, - )?; + })?; Ok(PerfLinkInner::FdLink(FdLink::new(link_fd))) } else { perf_attach_either(prog_fd, fd, None) diff --git a/aya/src/programs/sk_lookup.rs b/aya/src/programs/sk_lookup.rs index 15687e43..b6e2f225 100644 --- a/aya/src/programs/sk_lookup.rs +++ b/aya/src/programs/sk_lookup.rs @@ -1,9 +1,9 @@ -use std::os::fd::AsRawFd; +use std::os::fd::AsFd; use crate::{ generated::{bpf_attach_type::BPF_SK_LOOKUP, bpf_prog_type::BPF_PROG_TYPE_SK_LOOKUP}, programs::{define_link_wrapper, load_program, FdLinkId, ProgramData, ProgramError}, - sys::{bpf_link_create, SyscallError}, + sys::{bpf_link_create, LinkTarget, SyscallError}, }; use super::links::FdLink; @@ -60,16 +60,15 @@ impl SkLookup { /// Attaches the program to the given network namespace. /// /// The returned value can be used to detach, see [SkLookup::detach]. - pub fn attach(&mut self, netns: T) -> Result { + pub fn attach(&mut self, netns: T) -> Result { let prog_fd = self.data.fd_or_err()?; - let netns_fd = netns.as_raw_fd(); + let netns_fd = netns.as_fd(); - let link_fd = bpf_link_create(prog_fd, netns_fd, BPF_SK_LOOKUP, None, 0).map_err( - |(_, io_error)| SyscallError { + let link_fd = bpf_link_create(prog_fd, LinkTarget::Fd(netns_fd), BPF_SK_LOOKUP, None, 0) + .map_err(|(_, io_error)| SyscallError { call: "bpf_link_create", io_error, - }, - )?; + })?; self.data .links .insert(SkLookupLink::new(FdLink::new(link_fd))) diff --git a/aya/src/programs/sk_msg.rs b/aya/src/programs/sk_msg.rs index 93819fbe..f1fbf376 100644 --- a/aya/src/programs/sk_msg.rs +++ b/aya/src/programs/sk_msg.rs @@ -1,6 +1,6 @@ //! Skmsg programs. -use std::os::fd::AsRawFd; +use std::os::fd::AsFd as _; use crate::{ generated::{bpf_attach_type::BPF_SK_MSG_VERDICT, bpf_prog_type::BPF_PROG_TYPE_SK_MSG}, @@ -80,14 +80,15 @@ impl SkMsg { /// The returned value can be used to detach, see [SkMsg::detach]. pub fn attach(&mut self, map: SockMapFd) -> Result { let prog_fd = self.data.fd_or_err()?; - let map_fd = map.as_raw_fd(); + let map_fd = map.as_fd().try_clone_to_owned()?; - bpf_prog_attach(prog_fd, map_fd, BPF_SK_MSG_VERDICT).map_err(|(_, io_error)| { + bpf_prog_attach(prog_fd, map_fd.as_fd(), BPF_SK_MSG_VERDICT).map_err(|(_, io_error)| { SyscallError { call: "bpf_prog_attach", io_error, } })?; + self.data.links.insert(SkMsgLink::new(ProgAttachLink::new( prog_fd, map_fd, diff --git a/aya/src/programs/sk_skb.rs b/aya/src/programs/sk_skb.rs index 70960265..7e5541c4 100644 --- a/aya/src/programs/sk_skb.rs +++ b/aya/src/programs/sk_skb.rs @@ -1,6 +1,6 @@ //! Skskb programs. -use std::{os::fd::AsRawFd, path::Path}; +use std::{os::fd::AsFd as _, path::Path}; use crate::{ generated::{ @@ -73,16 +73,19 @@ impl SkSkb { /// The returned value can be used to detach, see [SkSkb::detach]. pub fn attach(&mut self, map: SockMapFd) -> Result { let prog_fd = self.data.fd_or_err()?; - let map_fd = map.as_raw_fd(); + let map_fd = map.as_fd().try_clone_to_owned()?; let attach_type = match self.kind { SkSkbKind::StreamParser => BPF_SK_SKB_STREAM_PARSER, SkSkbKind::StreamVerdict => BPF_SK_SKB_STREAM_VERDICT, }; - bpf_prog_attach(prog_fd, map_fd, attach_type).map_err(|(_, io_error)| SyscallError { - call: "bpf_prog_attach", - io_error, + bpf_prog_attach(prog_fd, map_fd.as_fd(), attach_type).map_err(|(_, io_error)| { + SyscallError { + call: "bpf_prog_attach", + io_error, + } })?; + self.data.links.insert(SkSkbLink::new(ProgAttachLink::new( prog_fd, map_fd, diff --git a/aya/src/programs/sock_ops.rs b/aya/src/programs/sock_ops.rs index 6b68873f..d0695ff4 100644 --- a/aya/src/programs/sock_ops.rs +++ b/aya/src/programs/sock_ops.rs @@ -1,5 +1,5 @@ //! Socket option programs. -use std::os::fd::{AsFd as _, AsRawFd}; +use std::os::fd::AsFd; use crate::{ generated::{bpf_attach_type::BPF_CGROUP_SOCK_OPS, bpf_prog_type::BPF_PROG_TYPE_SOCK_OPS}, @@ -58,16 +58,17 @@ impl SockOps { /// Attaches the program to the given cgroup. /// /// The returned value can be used to detach, see [SockOps::detach]. - pub fn attach(&mut self, cgroup: T) -> Result { + pub fn attach(&mut self, cgroup: T) -> Result { let prog_fd = self.data.fd_or_err()?; - let cgroup_fd = cgroup.as_raw_fd(); + let cgroup_fd = cgroup.as_fd().try_clone_to_owned()?; - bpf_prog_attach(prog_fd, cgroup_fd, BPF_CGROUP_SOCK_OPS).map_err(|(_, io_error)| { - SyscallError { + bpf_prog_attach(prog_fd, cgroup_fd.as_fd(), BPF_CGROUP_SOCK_OPS).map_err( + |(_, io_error)| SyscallError { call: "bpf_prog_attach", io_error, - } - })?; + }, + )?; + self.data.links.insert(SockOpsLink::new(ProgAttachLink::new( prog_fd.as_fd(), cgroup_fd, diff --git a/aya/src/programs/xdp.rs b/aya/src/programs/xdp.rs index b7f9def1..0a6e6737 100644 --- a/aya/src/programs/xdp.rs +++ b/aya/src/programs/xdp.rs @@ -1,6 +1,9 @@ //! eXpress Data Path (XDP) programs. -use crate::{sys::SyscallError, util::KernelVersion}; +use crate::{ + sys::{LinkTarget, SyscallError}, + util::KernelVersion, +}; use bitflags; use libc::if_nametoindex; use std::{ @@ -129,19 +132,24 @@ impl Xdp { flags: XdpFlags, ) -> Result { let prog_fd = self.data.fd_or_err()?; - let if_index = if_index as RawFd; if KernelVersion::current().unwrap() >= KernelVersion::new(5, 9, 0) { - let link_fd = bpf_link_create(prog_fd, if_index, BPF_XDP, None, flags.bits()).map_err( - |(_, io_error)| SyscallError { - call: "bpf_link_create", - io_error, - }, - )?; + let link_fd = bpf_link_create( + prog_fd, + LinkTarget::IfIndex(if_index), + BPF_XDP, + None, + flags.bits(), + ) + .map_err(|(_, io_error)| SyscallError { + call: "bpf_link_create", + io_error, + })?; self.data .links .insert(XdpLink::new(XdpLinkInner::FdLink(FdLink::new(link_fd)))) } else { + let if_index = if_index as i32; unsafe { netlink_set_xdp_fd(if_index, Some(prog_fd), None, flags.bits()) } .map_err(|io_error| XdpError::NetlinkError { io_error })?; diff --git a/aya/src/sys/bpf.rs b/aya/src/sys/bpf.rs index e31b8a87..34d5127a 100644 --- a/aya/src/sys/bpf.rs +++ b/aya/src/sys/bpf.rs @@ -11,6 +11,7 @@ use crate::util::KernelVersion; use libc::{c_char, c_long, ENOENT, ENOSPC}; use obj::{ btf::{BtfEnum64, Enum64}, + generated::bpf_attr__bindgen_ty_14__bindgen_ty_2, maps::{bpf_map_def, LegacyMap}, BpfSectionKind, VerifierLog, }; @@ -120,7 +121,7 @@ pub(crate) struct BpfLoadProgramAttrs<'a> { pub(crate) prog_btf_fd: Option>, pub(crate) attach_btf_obj_fd: Option, pub(crate) attach_btf_id: Option, - pub(crate) attach_prog_fd: Option, + pub(crate) attach_prog_fd: Option>, pub(crate) func_info_rec_size: usize, pub(crate) func_info: FuncSecInfo, pub(crate) line_info_rec_size: usize, @@ -184,7 +185,7 @@ pub(crate) fn bpf_load_program( u.__bindgen_anon_1.attach_btf_obj_fd = v; } if let Some(v) = aya_attr.attach_prog_fd { - u.__bindgen_anon_1.attach_prog_fd = v as u32; + u.__bindgen_anon_1.attach_prog_fd = v.as_raw_fd() as u32; } if let Some(v) = aya_attr.attach_btf_id { @@ -366,10 +367,15 @@ pub(crate) fn bpf_map_freeze(fd: RawFd) -> SysResult { sys_bpf(bpf_cmd::BPF_MAP_FREEZE, &mut attr) } +pub(crate) enum LinkTarget<'f> { + Fd(BorrowedFd<'f>), + IfIndex(u32), +} + // since kernel 5.7 pub(crate) fn bpf_link_create( prog_fd: BorrowedFd<'_>, - target_fd: RawFd, + target: LinkTarget<'_>, attach_type: bpf_attach_type, btf_id: Option, flags: u32, @@ -377,7 +383,14 @@ pub(crate) fn bpf_link_create( let mut attr = unsafe { mem::zeroed::() }; attr.link_create.__bindgen_anon_1.prog_fd = prog_fd.as_raw_fd() as u32; - attr.link_create.__bindgen_anon_2.target_fd = target_fd as u32; + attr.link_create.__bindgen_anon_2 = match target { + LinkTarget::Fd(fd) => bpf_attr__bindgen_ty_14__bindgen_ty_2 { + target_fd: fd.as_raw_fd() as u32, + }, + LinkTarget::IfIndex(ifindex) => bpf_attr__bindgen_ty_14__bindgen_ty_2 { + target_ifindex: ifindex, + }, + }; attr.link_create.attach_type = attach_type as u32; attr.link_create.flags = flags; if let Some(btf_id) = btf_id { @@ -411,13 +424,13 @@ pub(crate) fn bpf_link_update( pub(crate) fn bpf_prog_attach( prog_fd: BorrowedFd<'_>, - target_fd: RawFd, + target_fd: BorrowedFd<'_>, attach_type: bpf_attach_type, ) -> SysResult { let mut attr = unsafe { mem::zeroed::() }; attr.__bindgen_anon_5.attach_bpf_fd = prog_fd.as_raw_fd() as u32; - attr.__bindgen_anon_5.target_fd = target_fd as u32; + attr.__bindgen_anon_5.target_fd = target_fd.as_raw_fd() as u32; attr.__bindgen_anon_5.attach_type = attach_type as u32; sys_bpf(bpf_cmd::BPF_PROG_ATTACH, &mut attr) @@ -425,13 +438,13 @@ pub(crate) fn bpf_prog_attach( pub(crate) fn bpf_prog_detach( prog_fd: RawFd, - map_fd: RawFd, + target_fd: BorrowedFd<'_>, attach_type: bpf_attach_type, ) -> SysResult { let mut attr = unsafe { mem::zeroed::() }; attr.__bindgen_anon_5.attach_bpf_fd = prog_fd as u32; - attr.__bindgen_anon_5.target_fd = map_fd as u32; + attr.__bindgen_anon_5.target_fd = target_fd.as_raw_fd() as u32; attr.__bindgen_anon_5.attach_type = attach_type as u32; sys_bpf(bpf_cmd::BPF_PROG_DETACH, &mut attr) @@ -502,8 +515,7 @@ fn bpf_obj_get_info_by_fd(fd: BorrowedFd<'_>) -> Result { } } -pub(crate) fn bpf_prog_get_info_by_fd(fd: RawFd) -> Result { - let fd = unsafe { BorrowedFd::borrow_raw(fd) }; +pub(crate) fn bpf_prog_get_info_by_fd(fd: BorrowedFd<'_>) -> Result { bpf_obj_get_info_by_fd::(fd) } @@ -676,17 +688,23 @@ pub(crate) fn is_perf_link_supported() -> bool { u.insns = insns.as_ptr() as u64; u.prog_type = bpf_prog_type::BPF_PROG_TYPE_TRACEPOINT as u32; - let Ok(fd) = bpf_prog_load(&mut attr) else { return false }; + let Ok(fd) = bpf_prog_load(&mut attr) else { + return false; + }; - if let Err((_, e)) = - // Uses an invalid target FD so we get EBADF if supported. - bpf_link_create(fd.as_fd(), -1, bpf_attach_type::BPF_PERF_EVENT, None, 0) - { - // Returns EINVAL if unsupported. EBADF if supported. - return e.raw_os_error() == Some(libc::EBADF); - } + let Err((_, e)) = bpf_link_create( + fd.as_fd(), + // Uses an invalid target so we get EBADF if supported. + LinkTarget::IfIndex(u32::MAX), + bpf_attach_type::BPF_PERF_EVENT, + None, + 0, + ) else { + return false; + }; - false + // Returns EINVAL if unsupported. EBADF if supported. + e.raw_os_error() == Some(libc::EBADF) } pub(crate) fn is_bpf_global_data_supported() -> bool { @@ -722,7 +740,9 @@ pub(crate) fn is_bpf_global_data_supported() -> bool { btf_fd: None, }; - let Ok(map_fd) = map_data.create("aya_global") else { return false }; + let Ok(map_fd) = map_data.create("aya_global") else { + return false; + }; insns[0].imm = map_fd; diff --git a/xtask/public-api/aya.txt b/xtask/public-api/aya.txt index 02e3eb94..10d75355 100644 --- a/xtask/public-api/aya.txt +++ b/xtask/public-api/aya.txt @@ -638,6 +638,8 @@ pub fn aya::maps::SockMap::borrow_mut(&mut self) -> &mut T impl core::convert::From for aya::maps::SockMap pub fn aya::maps::SockMap::from(t: T) -> T pub struct aya::maps::sock::SockMapFd(_) +impl std::os::fd::owned::AsFd for aya::maps::sock::SockMapFd +pub fn aya::maps::sock::SockMapFd::as_fd(&self) -> std::os::fd::owned::BorrowedFd<'_> impl std::os::fd::raw::AsRawFd for aya::maps::sock::SockMapFd pub fn aya::maps::sock::SockMapFd::as_raw_fd(&self) -> std::os::fd::raw::RawFd impl core::clone::Clone for aya::maps::sock::SockMapFd @@ -1805,7 +1807,7 @@ pub use aya::programs::CgroupSockoptAttachType pub mod aya::programs::cgroup_device pub struct aya::programs::cgroup_device::CgroupDevice impl aya::programs::cgroup_device::CgroupDevice -pub fn aya::programs::cgroup_device::CgroupDevice::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_device::CgroupDevice::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_device::CgroupDevice::detach(&mut self, link_id: aya::programs::cgroup_device::CgroupDeviceLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_device::CgroupDevice::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_device::CgroupDevice::take_link(&mut self, link_id: aya::programs::cgroup_device::CgroupDeviceLinkId) -> core::result::Result @@ -1946,7 +1948,7 @@ impl core::convert::From for aya::programs::cgroup_skb::CgroupSkbAttachTyp pub fn aya::programs::cgroup_skb::CgroupSkbAttachType::from(t: T) -> T pub struct aya::programs::cgroup_skb::CgroupSkb impl aya::programs::cgroup_skb::CgroupSkb -pub fn aya::programs::cgroup_skb::CgroupSkb::attach(&mut self, cgroup: T, attach_type: aya::programs::cgroup_skb::CgroupSkbAttachType) -> core::result::Result +pub fn aya::programs::cgroup_skb::CgroupSkb::attach(&mut self, cgroup: T, attach_type: aya::programs::cgroup_skb::CgroupSkbAttachType) -> core::result::Result pub fn aya::programs::cgroup_skb::CgroupSkb::detach(&mut self, link_id: aya::programs::cgroup_skb::CgroupSkbLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_skb::CgroupSkb::expected_attach_type(&self) -> &core::option::Option pub fn aya::programs::cgroup_skb::CgroupSkb::from_pin>(path: P, expected_attach_type: aya::programs::cgroup_skb::CgroupSkbAttachType) -> core::result::Result @@ -2055,7 +2057,7 @@ pub mod aya::programs::cgroup_sock pub use aya::programs::cgroup_sock::CgroupSockAttachType pub struct aya::programs::cgroup_sock::CgroupSock impl aya::programs::cgroup_sock::CgroupSock -pub fn aya::programs::cgroup_sock::CgroupSock::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_sock::CgroupSock::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_sock::CgroupSock::detach(&mut self, link_id: aya::programs::cgroup_sock::CgroupSockLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sock::CgroupSock::from_pin>(path: P, attach_type: aya_obj::programs::cgroup_sock::CgroupSockAttachType) -> core::result::Result pub fn aya::programs::cgroup_sock::CgroupSock::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> @@ -2163,7 +2165,7 @@ pub mod aya::programs::cgroup_sock_addr pub use aya::programs::cgroup_sock_addr::CgroupSockAddrAttachType pub struct aya::programs::cgroup_sock_addr::CgroupSockAddr impl aya::programs::cgroup_sock_addr::CgroupSockAddr -pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::detach(&mut self, link_id: aya::programs::cgroup_sock_addr::CgroupSockAddrLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::from_pin>(path: P, attach_type: aya_obj::programs::cgroup_sock_addr::CgroupSockAddrAttachType) -> core::result::Result pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> @@ -2271,7 +2273,7 @@ pub mod aya::programs::cgroup_sockopt pub use aya::programs::cgroup_sockopt::CgroupSockoptAttachType pub struct aya::programs::cgroup_sockopt::CgroupSockopt impl aya::programs::cgroup_sockopt::CgroupSockopt -pub fn aya::programs::cgroup_sockopt::CgroupSockopt::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_sockopt::CgroupSockopt::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_sockopt::CgroupSockopt::detach(&mut self, link_id: aya::programs::cgroup_sockopt::CgroupSockoptLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sockopt::CgroupSockopt::from_pin>(path: P, attach_type: aya_obj::programs::cgroup_sockopt::CgroupSockoptAttachType) -> core::result::Result pub fn aya::programs::cgroup_sockopt::CgroupSockopt::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> @@ -2378,7 +2380,7 @@ pub fn aya::programs::cgroup_sockopt::CgroupSockoptLinkId::from(t: T) -> T pub mod aya::programs::cgroup_sysctl pub struct aya::programs::cgroup_sysctl::CgroupSysctl impl aya::programs::cgroup_sysctl::CgroupSysctl -pub fn aya::programs::cgroup_sysctl::CgroupSysctl::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_sysctl::CgroupSysctl::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_sysctl::CgroupSysctl::detach(&mut self, link_id: aya::programs::cgroup_sysctl::CgroupSysctlLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sysctl::CgroupSysctl::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sysctl::CgroupSysctl::take_link(&mut self, link_id: aya::programs::cgroup_sysctl::CgroupSysctlLinkId) -> core::result::Result @@ -3393,10 +3395,10 @@ impl core::convert::From for aya::programs::lirc_mode2::LircLinkId pub fn aya::programs::lirc_mode2::LircLinkId::from(t: T) -> T pub struct aya::programs::lirc_mode2::LircMode2 impl aya::programs::lirc_mode2::LircMode2 -pub fn aya::programs::lirc_mode2::LircMode2::attach(&mut self, lircdev: T) -> core::result::Result +pub fn aya::programs::lirc_mode2::LircMode2::attach(&mut self, lircdev: T) -> core::result::Result pub fn aya::programs::lirc_mode2::LircMode2::detach(&mut self, link_id: aya::programs::lirc_mode2::LircLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::lirc_mode2::LircMode2::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> -pub fn aya::programs::lirc_mode2::LircMode2::query(target_fd: T) -> core::result::Result, aya::programs::ProgramError> +pub fn aya::programs::lirc_mode2::LircMode2::query(target_fd: T) -> core::result::Result, aya::programs::ProgramError> pub fn aya::programs::lirc_mode2::LircMode2::take_link(&mut self, link_id: aya::programs::lirc_mode2::LircLinkId) -> core::result::Result impl aya::programs::lirc_mode2::LircMode2 pub fn aya::programs::lirc_mode2::LircMode2::fd(&self) -> core::option::Option @@ -5574,7 +5576,7 @@ impl core::convert::From for aya::programs::tp_btf::BtfTracePoint pub fn aya::programs::tp_btf::BtfTracePoint::from(t: T) -> T pub struct aya::programs::CgroupDevice impl aya::programs::cgroup_device::CgroupDevice -pub fn aya::programs::cgroup_device::CgroupDevice::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_device::CgroupDevice::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_device::CgroupDevice::detach(&mut self, link_id: aya::programs::cgroup_device::CgroupDeviceLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_device::CgroupDevice::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_device::CgroupDevice::take_link(&mut self, link_id: aya::programs::cgroup_device::CgroupDeviceLinkId) -> core::result::Result @@ -5620,7 +5622,7 @@ impl core::convert::From for aya::programs::cgroup_device::CgroupDevice pub fn aya::programs::cgroup_device::CgroupDevice::from(t: T) -> T pub struct aya::programs::CgroupSkb impl aya::programs::cgroup_skb::CgroupSkb -pub fn aya::programs::cgroup_skb::CgroupSkb::attach(&mut self, cgroup: T, attach_type: aya::programs::cgroup_skb::CgroupSkbAttachType) -> core::result::Result +pub fn aya::programs::cgroup_skb::CgroupSkb::attach(&mut self, cgroup: T, attach_type: aya::programs::cgroup_skb::CgroupSkbAttachType) -> core::result::Result pub fn aya::programs::cgroup_skb::CgroupSkb::detach(&mut self, link_id: aya::programs::cgroup_skb::CgroupSkbLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_skb::CgroupSkb::expected_attach_type(&self) -> &core::option::Option pub fn aya::programs::cgroup_skb::CgroupSkb::from_pin>(path: P, expected_attach_type: aya::programs::cgroup_skb::CgroupSkbAttachType) -> core::result::Result @@ -5666,7 +5668,7 @@ impl core::convert::From for aya::programs::cgroup_skb::CgroupSkb pub fn aya::programs::cgroup_skb::CgroupSkb::from(t: T) -> T pub struct aya::programs::CgroupSock impl aya::programs::cgroup_sock::CgroupSock -pub fn aya::programs::cgroup_sock::CgroupSock::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_sock::CgroupSock::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_sock::CgroupSock::detach(&mut self, link_id: aya::programs::cgroup_sock::CgroupSockLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sock::CgroupSock::from_pin>(path: P, attach_type: aya_obj::programs::cgroup_sock::CgroupSockAttachType) -> core::result::Result pub fn aya::programs::cgroup_sock::CgroupSock::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> @@ -5711,7 +5713,7 @@ impl core::convert::From for aya::programs::cgroup_sock::CgroupSock pub fn aya::programs::cgroup_sock::CgroupSock::from(t: T) -> T pub struct aya::programs::CgroupSockAddr impl aya::programs::cgroup_sock_addr::CgroupSockAddr -pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::detach(&mut self, link_id: aya::programs::cgroup_sock_addr::CgroupSockAddrLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::from_pin>(path: P, attach_type: aya_obj::programs::cgroup_sock_addr::CgroupSockAddrAttachType) -> core::result::Result pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> @@ -5756,7 +5758,7 @@ impl core::convert::From for aya::programs::cgroup_sock_addr::CgroupSockAd pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::from(t: T) -> T pub struct aya::programs::CgroupSockopt impl aya::programs::cgroup_sockopt::CgroupSockopt -pub fn aya::programs::cgroup_sockopt::CgroupSockopt::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_sockopt::CgroupSockopt::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_sockopt::CgroupSockopt::detach(&mut self, link_id: aya::programs::cgroup_sockopt::CgroupSockoptLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sockopt::CgroupSockopt::from_pin>(path: P, attach_type: aya_obj::programs::cgroup_sockopt::CgroupSockoptAttachType) -> core::result::Result pub fn aya::programs::cgroup_sockopt::CgroupSockopt::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> @@ -5801,7 +5803,7 @@ impl core::convert::From for aya::programs::cgroup_sockopt::CgroupSockopt pub fn aya::programs::cgroup_sockopt::CgroupSockopt::from(t: T) -> T pub struct aya::programs::CgroupSysctl impl aya::programs::cgroup_sysctl::CgroupSysctl -pub fn aya::programs::cgroup_sysctl::CgroupSysctl::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_sysctl::CgroupSysctl::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_sysctl::CgroupSysctl::detach(&mut self, link_id: aya::programs::cgroup_sysctl::CgroupSysctlLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sysctl::CgroupSysctl::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sysctl::CgroupSysctl::take_link(&mut self, link_id: aya::programs::cgroup_sysctl::CgroupSysctlLinkId) -> core::result::Result @@ -6032,10 +6034,10 @@ impl core::convert::From for aya::programs::kprobe::KProbe pub fn aya::programs::kprobe::KProbe::from(t: T) -> T pub struct aya::programs::LircMode2 impl aya::programs::lirc_mode2::LircMode2 -pub fn aya::programs::lirc_mode2::LircMode2::attach(&mut self, lircdev: T) -> core::result::Result +pub fn aya::programs::lirc_mode2::LircMode2::attach(&mut self, lircdev: T) -> core::result::Result pub fn aya::programs::lirc_mode2::LircMode2::detach(&mut self, link_id: aya::programs::lirc_mode2::LircLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::lirc_mode2::LircMode2::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> -pub fn aya::programs::lirc_mode2::LircMode2::query(target_fd: T) -> core::result::Result, aya::programs::ProgramError> +pub fn aya::programs::lirc_mode2::LircMode2::query(target_fd: T) -> core::result::Result, aya::programs::ProgramError> pub fn aya::programs::lirc_mode2::LircMode2::take_link(&mut self, link_id: aya::programs::lirc_mode2::LircLinkId) -> core::result::Result impl aya::programs::lirc_mode2::LircMode2 pub fn aya::programs::lirc_mode2::LircMode2::fd(&self) -> core::option::Option @@ -6170,10 +6172,14 @@ pub fn aya::programs::perf_event::PerfEvent::borrow_mut(&mut self) -> &mut T impl core::convert::From for aya::programs::perf_event::PerfEvent pub fn aya::programs::perf_event::PerfEvent::from(t: T) -> T pub struct aya::programs::ProgramFd(_) +impl std::os::fd::owned::AsFd for aya::programs::ProgramFd +pub fn aya::programs::ProgramFd::as_fd(&self) -> std::os::fd::owned::BorrowedFd<'_> impl std::os::fd::raw::AsRawFd for aya::programs::ProgramFd pub fn aya::programs::ProgramFd::as_raw_fd(&self) -> std::os::fd::raw::RawFd impl core::clone::Clone for aya::programs::ProgramFd pub fn aya::programs::ProgramFd::clone(&self) -> aya::programs::ProgramFd +impl core::fmt::Debug for aya::programs::ProgramFd +pub fn aya::programs::ProgramFd::fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result impl core::marker::Copy for aya::programs::ProgramFd impl core::marker::Send for aya::programs::ProgramFd impl core::marker::Sync for aya::programs::ProgramFd @@ -6324,7 +6330,7 @@ impl core::convert::From for aya::programs::tc::SchedClassifier pub fn aya::programs::tc::SchedClassifier::from(t: T) -> T pub struct aya::programs::SkLookup impl aya::programs::SkLookup -pub fn aya::programs::SkLookup::attach(&mut self, netns: T) -> core::result::Result +pub fn aya::programs::SkLookup::attach(&mut self, netns: T) -> core::result::Result pub fn aya::programs::SkLookup::detach(&mut self, link_id: SkLookupLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::SkLookup::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::SkLookup::take_link(&mut self, link_id: SkLookupLinkId) -> core::result::Result @@ -6461,7 +6467,7 @@ impl core::convert::From for aya::programs::SkSkb pub fn aya::programs::SkSkb::from(t: T) -> T pub struct aya::programs::SockOps impl aya::programs::SockOps -pub fn aya::programs::SockOps::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::SockOps::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::SockOps::detach(&mut self, link_id: SockOpsLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::SockOps::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::SockOps::take_link(&mut self, link_id: SockOpsLinkId) -> core::result::Result