From 6895b1e2ede8d571e7f7069a109932e917fd3ede Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9s=20Medina?= Date: Wed, 16 Aug 2023 18:09:55 -0700 Subject: [PATCH] aya: Use AsFd when attaching fds to programs This is a breaking change but adds another level of safety to ensure the file descriptor we receive is valid. Additionally, this allows aya to internally easily duplicate this file descriptor using std library methods instead of manually calling `dup` which doesn't duplicate with the CLOSE_ON_EXEC flag that is standard pratice to avoid leaking the file descriptor when exec'ing. --- aya/src/maps/sock/mod.rs | 11 +++-- aya/src/programs/cgroup_device.rs | 37 +++++++-------- aya/src/programs/cgroup_skb.rs | 32 ++++--------- aya/src/programs/cgroup_sock.rs | 32 ++++--------- aya/src/programs/cgroup_sock_addr.rs | 34 ++++---------- aya/src/programs/cgroup_sockopt.rs | 30 ++++-------- aya/src/programs/cgroup_sysctl.rs | 39 ++++++++-------- aya/src/programs/extension.rs | 26 +++++++---- aya/src/programs/links.rs | 39 ++++++++++------ aya/src/programs/lirc_mode2.rs | 69 +++++++++++++--------------- aya/src/programs/mod.rs | 6 +-- aya/src/programs/perf_attach.rs | 9 ++-- aya/src/programs/sk_lookup.rs | 15 +++--- aya/src/programs/sk_msg.rs | 17 ++----- aya/src/programs/sk_skb.rs | 20 ++------ aya/src/programs/sock_ops.rs | 20 ++------ aya/src/programs/socket_filter.rs | 8 ++-- aya/src/programs/xdp.rs | 9 ++-- aya/src/sys/bpf.rs | 27 ++++++++--- xtask/public-api/aya.txt | 42 ++++++++--------- 20 files changed, 234 insertions(+), 288 deletions(-) diff --git a/aya/src/maps/sock/mod.rs b/aya/src/maps/sock/mod.rs index 1b9f00e9..05fe112c 100644 --- a/aya/src/maps/sock/mod.rs +++ b/aya/src/maps/sock/mod.rs @@ -5,14 +5,17 @@ mod sock_map; pub use sock_hash::SockHash; pub use sock_map::SockMap; -use std::os::fd::{AsRawFd, RawFd}; +use std::os::fd::{AsFd, BorrowedFd, RawFd}; /// A socket map file descriptor. #[derive(Copy, Clone)] pub struct SockMapFd(RawFd); -impl AsRawFd for SockMapFd { - fn as_raw_fd(&self) -> RawFd { - self.0 +impl AsFd for SockMapFd { + fn as_fd(&self) -> BorrowedFd<'_> { + // SAFETY: This isn't necessarily safe, we need to find ways + // to enforce that the file descriptor is still + // valid. TODO(#612) + unsafe { BorrowedFd::borrow_raw(self.0) } } } diff --git a/aya/src/programs/cgroup_device.rs b/aya/src/programs/cgroup_device.rs index 08757ff3..180d3757 100644 --- a/aya/src/programs/cgroup_device.rs +++ b/aya/src/programs/cgroup_device.rs @@ -1,14 +1,14 @@ //! Cgroup device programs. -use crate::util::KernelVersion; -use std::os::fd::{AsFd as _, AsRawFd}; +use std::os::fd::AsFd; use crate::{ generated::{bpf_attach_type::BPF_CGROUP_DEVICE, bpf_prog_type::BPF_PROG_TYPE_CGROUP_DEVICE}, programs::{ define_link_wrapper, load_program, FdLink, Link, ProgAttachLink, ProgramData, ProgramError, }, - sys::{bpf_link_create, bpf_prog_attach, SyscallError}, + sys::{bpf_link_create, LinkTarget, SyscallError}, + util::KernelVersion, }; /// A program used to watch or prevent device interaction from a cgroup. @@ -60,34 +60,35 @@ impl CgroupDevice { /// Attaches the program to the given cgroup. /// /// The returned value can be used to detach, see [CgroupDevice::detach] - pub fn attach(&mut self, cgroup: T) -> Result { + pub fn attach(&mut self, cgroup: T) -> Result { let prog_fd = self.fd()?; let prog_fd = prog_fd.as_fd(); - let cgroup_fd = cgroup.as_raw_fd(); + let cgroup_fd = cgroup.as_fd(); if KernelVersion::current().unwrap() >= KernelVersion::new(5, 7, 0) { - let link_fd = bpf_link_create(prog_fd, cgroup_fd, BPF_CGROUP_DEVICE, None, 0).map_err( - |(_, io_error)| SyscallError { - call: "bpf_link_create", - io_error, - }, - )?; + let link_fd = bpf_link_create( + prog_fd, + LinkTarget::Fd(cgroup_fd), + BPF_CGROUP_DEVICE, + None, + 0, + ) + .map_err(|(_, io_error)| SyscallError { + call: "bpf_link_create", + io_error, + })?; self.data .links .insert(CgroupDeviceLink::new(CgroupDeviceLinkInner::Fd( FdLink::new(link_fd), ))) } else { - bpf_prog_attach(prog_fd, cgroup_fd, BPF_CGROUP_DEVICE).map_err(|(_, io_error)| { - SyscallError { - call: "bpf_prog_attach", - io_error, - } - })?; + let link = ProgAttachLink::attach(prog_fd, cgroup_fd, BPF_CGROUP_DEVICE)?; + self.data .links .insert(CgroupDeviceLink::new(CgroupDeviceLinkInner::ProgAttach( - ProgAttachLink::new(prog_fd, cgroup_fd, BPF_CGROUP_DEVICE), + link, ))) } } diff --git a/aya/src/programs/cgroup_skb.rs b/aya/src/programs/cgroup_skb.rs index 55a6f85e..1f99835c 100644 --- a/aya/src/programs/cgroup_skb.rs +++ b/aya/src/programs/cgroup_skb.rs @@ -1,11 +1,6 @@ //! Cgroup skb programs. -use crate::util::KernelVersion; -use std::{ - hash::Hash, - os::fd::{AsFd as _, AsRawFd}, - path::Path, -}; +use std::{hash::Hash, os::fd::AsFd, path::Path}; use crate::{ generated::{ @@ -15,7 +10,8 @@ use crate::{ programs::{ define_link_wrapper, load_program, FdLink, Link, ProgAttachLink, ProgramData, ProgramError, }, - sys::{bpf_link_create, bpf_prog_attach, SyscallError}, + sys::{bpf_link_create, LinkTarget, SyscallError}, + util::KernelVersion, VerifierLogLevel, }; @@ -87,44 +83,36 @@ impl CgroupSkb { /// Attaches the program to the given cgroup. /// /// The returned value can be used to detach, see [CgroupSkb::detach]. - pub fn attach( + pub fn attach( &mut self, cgroup: T, attach_type: CgroupSkbAttachType, ) -> Result { let prog_fd = self.fd()?; let prog_fd = prog_fd.as_fd(); - let cgroup_fd = cgroup.as_raw_fd(); + let cgroup_fd = cgroup.as_fd(); let attach_type = match attach_type { CgroupSkbAttachType::Ingress => BPF_CGROUP_INET_INGRESS, CgroupSkbAttachType::Egress => BPF_CGROUP_INET_EGRESS, }; if KernelVersion::current().unwrap() >= KernelVersion::new(5, 7, 0) { - let link_fd = bpf_link_create(prog_fd, cgroup_fd, attach_type, None, 0).map_err( - |(_, io_error)| SyscallError { + let link_fd = bpf_link_create(prog_fd, LinkTarget::Fd(cgroup_fd), attach_type, None, 0) + .map_err(|(_, io_error)| SyscallError { call: "bpf_link_create", io_error, - }, - )?; + })?; self.data .links .insert(CgroupSkbLink::new(CgroupSkbLinkInner::Fd(FdLink::new( link_fd, )))) } else { - bpf_prog_attach(prog_fd, cgroup_fd, attach_type).map_err(|(_, io_error)| { - SyscallError { - call: "bpf_prog_attach", - io_error, - } - })?; + let link = ProgAttachLink::attach(prog_fd, cgroup_fd, attach_type)?; self.data .links - .insert(CgroupSkbLink::new(CgroupSkbLinkInner::ProgAttach( - ProgAttachLink::new(prog_fd, cgroup_fd, attach_type), - ))) + .insert(CgroupSkbLink::new(CgroupSkbLinkInner::ProgAttach(link))) } } diff --git a/aya/src/programs/cgroup_sock.rs b/aya/src/programs/cgroup_sock.rs index 217386d6..1ea6284c 100644 --- a/aya/src/programs/cgroup_sock.rs +++ b/aya/src/programs/cgroup_sock.rs @@ -2,19 +2,15 @@ pub use aya_obj::programs::CgroupSockAttachType; -use crate::util::KernelVersion; -use std::{ - hash::Hash, - os::fd::{AsFd as _, AsRawFd}, - path::Path, -}; +use std::{hash::Hash, os::fd::AsFd, path::Path}; use crate::{ generated::bpf_prog_type::BPF_PROG_TYPE_CGROUP_SOCK, programs::{ define_link_wrapper, load_program, FdLink, Link, ProgAttachLink, ProgramData, ProgramError, }, - sys::{bpf_link_create, bpf_prog_attach, SyscallError}, + sys::{bpf_link_create, LinkTarget, SyscallError}, + util::KernelVersion, VerifierLogLevel, }; @@ -70,36 +66,28 @@ impl CgroupSock { /// Attaches the program to the given cgroup. /// /// The returned value can be used to detach, see [CgroupSock::detach]. - pub fn attach(&mut self, cgroup: T) -> Result { + pub fn attach(&mut self, cgroup: T) -> Result { let prog_fd = self.fd()?; let prog_fd = prog_fd.as_fd(); - let cgroup_fd = cgroup.as_raw_fd(); + let cgroup_fd = cgroup.as_fd(); let attach_type = self.data.expected_attach_type.unwrap(); if KernelVersion::current().unwrap() >= KernelVersion::new(5, 7, 0) { - let link_fd = bpf_link_create(prog_fd, cgroup_fd, attach_type, None, 0).map_err( - |(_, io_error)| SyscallError { + let link_fd = bpf_link_create(prog_fd, LinkTarget::Fd(cgroup_fd), attach_type, None, 0) + .map_err(|(_, io_error)| SyscallError { call: "bpf_link_create", io_error, - }, - )?; + })?; self.data .links .insert(CgroupSockLink::new(CgroupSockLinkInner::Fd(FdLink::new( link_fd, )))) } else { - bpf_prog_attach(prog_fd, cgroup_fd, attach_type).map_err(|(_, io_error)| { - SyscallError { - call: "bpf_prog_attach", - io_error, - } - })?; + let link = ProgAttachLink::attach(prog_fd, cgroup_fd, attach_type)?; self.data .links - .insert(CgroupSockLink::new(CgroupSockLinkInner::ProgAttach( - ProgAttachLink::new(prog_fd, cgroup_fd, attach_type), - ))) + .insert(CgroupSockLink::new(CgroupSockLinkInner::ProgAttach(link))) } } diff --git a/aya/src/programs/cgroup_sock_addr.rs b/aya/src/programs/cgroup_sock_addr.rs index b1b162ee..cab1b7c5 100644 --- a/aya/src/programs/cgroup_sock_addr.rs +++ b/aya/src/programs/cgroup_sock_addr.rs @@ -2,19 +2,15 @@ pub use aya_obj::programs::CgroupSockAddrAttachType; -use crate::util::KernelVersion; -use std::{ - hash::Hash, - os::fd::{AsFd as _, AsRawFd}, - path::Path, -}; +use std::{hash::Hash, os::fd::AsFd, path::Path}; use crate::{ generated::bpf_prog_type::BPF_PROG_TYPE_CGROUP_SOCK_ADDR, programs::{ define_link_wrapper, load_program, FdLink, Link, ProgAttachLink, ProgramData, ProgramError, }, - sys::{bpf_link_create, bpf_prog_attach, SyscallError}, + sys::{bpf_link_create, LinkTarget, SyscallError}, + util::KernelVersion, VerifierLogLevel, }; @@ -71,37 +67,27 @@ impl CgroupSockAddr { /// Attaches the program to the given cgroup. /// /// The returned value can be used to detach, see [CgroupSockAddr::detach]. - pub fn attach(&mut self, cgroup: T) -> Result { + pub fn attach(&mut self, cgroup: T) -> Result { let prog_fd = self.fd()?; let prog_fd = prog_fd.as_fd(); - let cgroup_fd = cgroup.as_raw_fd(); + let cgroup_fd = cgroup.as_fd(); let attach_type = self.data.expected_attach_type.unwrap(); if KernelVersion::current().unwrap() >= KernelVersion::new(5, 7, 0) { - let link_fd = bpf_link_create(prog_fd, cgroup_fd, attach_type, None, 0).map_err( - |(_, io_error)| SyscallError { + let link_fd = bpf_link_create(prog_fd, LinkTarget::Fd(cgroup_fd), attach_type, None, 0) + .map_err(|(_, io_error)| SyscallError { call: "bpf_link_create", io_error, - }, - )?; + })?; self.data .links .insert(CgroupSockAddrLink::new(CgroupSockAddrLinkInner::Fd( FdLink::new(link_fd), ))) } else { - bpf_prog_attach(prog_fd, cgroup_fd, attach_type).map_err(|(_, io_error)| { - SyscallError { - call: "bpf_prog_attach", - io_error, - } - })?; + let link = ProgAttachLink::attach(prog_fd, cgroup_fd, attach_type)?; self.data.links.insert(CgroupSockAddrLink::new( - CgroupSockAddrLinkInner::ProgAttach(ProgAttachLink::new( - prog_fd, - cgroup_fd, - attach_type, - )), + CgroupSockAddrLinkInner::ProgAttach(link), )) } } diff --git a/aya/src/programs/cgroup_sockopt.rs b/aya/src/programs/cgroup_sockopt.rs index 1016d49f..72ec868f 100644 --- a/aya/src/programs/cgroup_sockopt.rs +++ b/aya/src/programs/cgroup_sockopt.rs @@ -2,19 +2,15 @@ pub use aya_obj::programs::CgroupSockoptAttachType; -use crate::util::KernelVersion; -use std::{ - hash::Hash, - os::fd::{AsFd as _, AsRawFd}, - path::Path, -}; +use std::{hash::Hash, os::fd::AsFd, path::Path}; use crate::{ generated::bpf_prog_type::BPF_PROG_TYPE_CGROUP_SOCKOPT, programs::{ define_link_wrapper, load_program, FdLink, Link, ProgAttachLink, ProgramData, ProgramError, }, - sys::{bpf_link_create, bpf_prog_attach, SyscallError}, + sys::{bpf_link_create, LinkTarget, SyscallError}, + util::KernelVersion, VerifierLogLevel, }; @@ -68,35 +64,29 @@ impl CgroupSockopt { /// Attaches the program to the given cgroup. /// /// The returned value can be used to detach, see [CgroupSockopt::detach]. - pub fn attach(&mut self, cgroup: T) -> Result { + pub fn attach(&mut self, cgroup: T) -> Result { let prog_fd = self.fd()?; let prog_fd = prog_fd.as_fd(); - let cgroup_fd = cgroup.as_raw_fd(); + let cgroup_fd = cgroup.as_fd(); let attach_type = self.data.expected_attach_type.unwrap(); if KernelVersion::current().unwrap() >= KernelVersion::new(5, 7, 0) { - let link_fd = bpf_link_create(prog_fd, cgroup_fd, attach_type, None, 0).map_err( - |(_, io_error)| SyscallError { + let link_fd = bpf_link_create(prog_fd, LinkTarget::Fd(cgroup_fd), attach_type, None, 0) + .map_err(|(_, io_error)| SyscallError { call: "bpf_link_create", io_error, - }, - )?; + })?; self.data .links .insert(CgroupSockoptLink::new(CgroupSockoptLinkInner::Fd( FdLink::new(link_fd), ))) } else { - bpf_prog_attach(prog_fd, cgroup_fd, attach_type).map_err(|(_, io_error)| { - SyscallError { - call: "bpf_prog_attach", - io_error, - } - })?; + let link = ProgAttachLink::attach(prog_fd, cgroup_fd, attach_type)?; self.data .links .insert(CgroupSockoptLink::new(CgroupSockoptLinkInner::ProgAttach( - ProgAttachLink::new(prog_fd, cgroup_fd, attach_type), + link, ))) } } diff --git a/aya/src/programs/cgroup_sysctl.rs b/aya/src/programs/cgroup_sysctl.rs index 8582906a..80c1e028 100644 --- a/aya/src/programs/cgroup_sysctl.rs +++ b/aya/src/programs/cgroup_sysctl.rs @@ -1,17 +1,14 @@ //! Cgroup sysctl programs. -use crate::util::KernelVersion; -use std::{ - hash::Hash, - os::fd::{AsFd as _, AsRawFd}, -}; +use std::{hash::Hash, os::fd::AsFd}; use crate::{ generated::{bpf_attach_type::BPF_CGROUP_SYSCTL, bpf_prog_type::BPF_PROG_TYPE_CGROUP_SYSCTL}, programs::{ define_link_wrapper, load_program, FdLink, Link, ProgAttachLink, ProgramData, ProgramError, }, - sys::{bpf_link_create, bpf_prog_attach, SyscallError}, + sys::{bpf_link_create, LinkTarget, SyscallError}, + util::KernelVersion, }; /// A program used to watch for sysctl changes. @@ -62,35 +59,35 @@ impl CgroupSysctl { /// Attaches the program to the given cgroup. /// /// The returned value can be used to detach, see [CgroupSysctl::detach]. - pub fn attach(&mut self, cgroup: T) -> Result { + pub fn attach(&mut self, cgroup: T) -> Result { let prog_fd = self.fd()?; let prog_fd = prog_fd.as_fd(); - let cgroup_fd = cgroup.as_raw_fd(); + let cgroup_fd = cgroup.as_fd(); if KernelVersion::current().unwrap() >= KernelVersion::new(5, 7, 0) { - let link_fd = bpf_link_create(prog_fd, cgroup_fd, BPF_CGROUP_SYSCTL, None, 0).map_err( - |(_, io_error)| SyscallError { - call: "bpf_link_create", - io_error, - }, - )?; + let link_fd = bpf_link_create( + prog_fd, + LinkTarget::Fd(cgroup_fd), + BPF_CGROUP_SYSCTL, + None, + 0, + ) + .map_err(|(_, io_error)| SyscallError { + call: "bpf_link_create", + io_error, + })?; self.data .links .insert(CgroupSysctlLink::new(CgroupSysctlLinkInner::Fd( FdLink::new(link_fd), ))) } else { - bpf_prog_attach(prog_fd, cgroup_fd, BPF_CGROUP_SYSCTL).map_err(|(_, io_error)| { - SyscallError { - call: "bpf_prog_attach", - io_error, - } - })?; + let link = ProgAttachLink::attach(prog_fd, cgroup_fd, BPF_CGROUP_SYSCTL)?; self.data .links .insert(CgroupSysctlLink::new(CgroupSysctlLinkInner::ProgAttach( - ProgAttachLink::new(prog_fd, cgroup_fd, BPF_CGROUP_SYSCTL), + link, ))) } } diff --git a/aya/src/programs/extension.rs b/aya/src/programs/extension.rs index bca94cde..3785a57c 100644 --- a/aya/src/programs/extension.rs +++ b/aya/src/programs/extension.rs @@ -1,8 +1,9 @@ //! Extension programs. -use std::os::fd::{AsFd as _, AsRawFd as _, BorrowedFd, OwnedFd}; -use thiserror::Error; + +use std::os::fd::{AsFd as _, BorrowedFd, OwnedFd}; use object::Endianness; +use thiserror::Error; use crate::{ generated::{bpf_attach_type::BPF_CGROUP_INET_INGRESS, bpf_prog_type::BPF_PROG_TYPE_EXT}, @@ -10,7 +11,7 @@ use crate::{ programs::{ define_link_wrapper, load_program, FdLink, FdLinkId, ProgramData, ProgramError, ProgramFd, }, - sys::{self, bpf_link_create, SyscallError}, + sys::{self, bpf_link_create, LinkTarget, SyscallError}, Btf, }; @@ -94,14 +95,19 @@ impl Extension { .as_ref() .ok_or(ProgramError::NotLoaded)?; let target_fd = target_fd.as_fd(); - let target_fd = target_fd.as_raw_fd(); let btf_id = self.data.attach_btf_id.ok_or(ProgramError::NotLoaded)?; // the attach type must be set as 0, which is bpf_attach_type::BPF_CGROUP_INET_INGRESS - let link_fd = bpf_link_create(prog_fd, target_fd, BPF_CGROUP_INET_INGRESS, Some(btf_id), 0) - .map_err(|(_, io_error)| SyscallError { - call: "bpf_link_create", - io_error, - })?; + let link_fd = bpf_link_create( + prog_fd, + LinkTarget::Fd(target_fd), + BPF_CGROUP_INET_INGRESS, + Some(btf_id), + 0, + ) + .map_err(|(_, io_error)| SyscallError { + call: "bpf_link_create", + io_error, + })?; self.data .links .insert(ExtensionLink::new(FdLink::new(link_fd))) @@ -130,7 +136,7 @@ impl Extension { // the attach type must be set as 0, which is bpf_attach_type::BPF_CGROUP_INET_INGRESS let link_fd = bpf_link_create( prog_fd, - target_fd.as_raw_fd(), + LinkTarget::Fd(target_fd), BPF_CGROUP_INET_INGRESS, Some(btf_id), 0, diff --git a/aya/src/programs/links.rs b/aya/src/programs/links.rs index 3ebca47c..619ebef6 100644 --- a/aya/src/programs/links.rs +++ b/aya/src/programs/links.rs @@ -1,12 +1,11 @@ //! Program links. -use libc::{close, dup}; use thiserror::Error; use std::{ collections::{hash_map::Entry, HashMap}, ffi::CString, io, - os::fd::{AsRawFd as _, BorrowedFd, OwnedFd, RawFd}, + os::fd::{AsFd as _, AsRawFd as _, BorrowedFd, OwnedFd, RawFd}, path::{Path, PathBuf}, }; @@ -14,7 +13,9 @@ use crate::{ generated::bpf_attach_type, pin::PinError, programs::ProgramError, - sys::{bpf_get_object, bpf_pin_object, bpf_prog_detach, SyscallError}, + sys::{ + bpf_get_object, bpf_pin_object, bpf_prog_attach, bpf_prog_detach, SysResult, SyscallError, + }, }; /// A Link. @@ -234,22 +235,34 @@ pub struct ProgAttachLinkId(RawFd, RawFd, bpf_attach_type); #[derive(Debug)] pub struct ProgAttachLink { prog_fd: RawFd, - target_fd: RawFd, + target_fd: OwnedFd, attach_type: bpf_attach_type, } impl ProgAttachLink { - pub(crate) fn new( + pub(crate) fn attach( prog_fd: BorrowedFd<'_>, - target_fd: RawFd, + target_fd: BorrowedFd<'_>, attach_type: bpf_attach_type, - ) -> Self { + ) -> Result { + // The link is going to own this new file descriptor so we are + // going to need a duplicate whose lifetime we manage. Let's + // duplicate it prior to attaching it so the new file + // descriptor is closed at drop in case it fails to attach. + let target_fd = target_fd.try_clone_to_owned()?; + bpf_prog_attach(prog_fd, target_fd.as_fd(), attach_type).map_err(|(_, io_error)| { + SyscallError { + call: "bpf_prog_attach", + io_error, + } + })?; + let prog_fd = prog_fd.as_raw_fd(); - Self { + Ok(Self { prog_fd, - target_fd: unsafe { dup(target_fd) }, + target_fd, attach_type, - } + }) } } @@ -257,12 +270,12 @@ impl Link for ProgAttachLink { type Id = ProgAttachLinkId; fn id(&self) -> Self::Id { - ProgAttachLinkId(self.prog_fd, self.target_fd, self.attach_type) + ProgAttachLinkId(self.prog_fd, self.target_fd.as_raw_fd(), self.attach_type) } fn detach(self) -> Result<(), ProgramError> { - let _ = bpf_prog_detach(self.prog_fd, self.target_fd, self.attach_type); - unsafe { close(self.target_fd) }; + let _: SysResult<_> = + bpf_prog_detach(self.prog_fd, self.target_fd.as_fd(), self.attach_type); Ok(()) } } diff --git a/aya/src/programs/lirc_mode2.rs b/aya/src/programs/lirc_mode2.rs index c1054eb0..7b0d886f 100644 --- a/aya/src/programs/lirc_mode2.rs +++ b/aya/src/programs/lirc_mode2.rs @@ -1,14 +1,12 @@ //! Lirc programs. -use std::os::fd::{AsFd as _, AsRawFd, BorrowedFd, IntoRawFd as _, RawFd}; +use std::os::fd::{AsFd, AsRawFd, BorrowedFd, IntoRawFd as _, OwnedFd, RawFd}; use crate::{ generated::{bpf_attach_type::BPF_LIRC_MODE2, bpf_prog_type::BPF_PROG_TYPE_LIRC_MODE2}, programs::{load_program, query, Link, ProgramData, ProgramError, ProgramInfo}, - sys::{bpf_prog_attach, bpf_prog_detach, bpf_prog_get_fd_by_id, SyscallError}, + sys::{bpf_prog_attach, bpf_prog_detach, bpf_prog_get_fd_by_id, SysResult, SyscallError}, }; -use libc::{close, dup}; - /// A program used to decode IR into key events for a lirc device. /// /// [`LircMode2`] programs can be used to inspect infrared pulses, spaces, @@ -60,12 +58,17 @@ impl LircMode2 { /// Attaches the program to the given lirc device. /// /// The returned value can be used to detach, see [LircMode2::detach]. - pub fn attach(&mut self, lircdev: T) -> Result { + pub fn attach(&mut self, lircdev: T) -> Result { let prog_fd = self.fd()?; let prog_fd = prog_fd.as_fd(); - let lircdev_fd = lircdev.as_raw_fd(); - bpf_prog_attach(prog_fd, lircdev_fd, BPF_LIRC_MODE2).map_err(|(_, io_error)| { + // The link is going to own this new file descriptor so we are + // going to need a duplicate whose lifetime we manage. Let's + // duplicate it prior to attaching it so the new file + // descriptor is closed at drop in case it fails to attach. + let lircdev_fd = lircdev.as_fd().try_clone_to_owned()?; + + bpf_prog_attach(prog_fd, lircdev_fd.as_fd(), BPF_LIRC_MODE2).map_err(|(_, io_error)| { SyscallError { call: "bpf_prog_attach", io_error, @@ -91,31 +94,25 @@ impl LircMode2 { } /// Queries the lirc device for attached programs. - pub fn query(target_fd: T) -> Result, ProgramError> { - let prog_ids = query(target_fd.as_raw_fd(), BPF_LIRC_MODE2, 0, &mut None)?; - - let mut prog_fds = Vec::with_capacity(prog_ids.len()); - - for id in prog_ids { - let fd = bpf_prog_get_fd_by_id(id)?; - prog_fds.push(fd); - } + pub fn query(target_fd: T) -> Result, ProgramError> { + let target_fd = target_fd.as_fd(); + let prog_ids = query(target_fd, BPF_LIRC_MODE2, 0, &mut None)?; - Ok(prog_fds + prog_ids .into_iter() - .map(|prog_fd| { - LircLink::new( - // SAFETY: The file descriptor will stay valid because - // we are leaking it. We cannot use `OwnedFd` in here - // because LircMode2::attach also uses LircLink::new - // but with a borrowed file descriptor (of the loaded - // program) without duplicating. TODO(#612): Fix API - // or internals so this file descriptor isn't leaked - unsafe { BorrowedFd::borrow_raw(prog_fd.into_raw_fd()) }, - target_fd.as_raw_fd(), - ) + .map(|prog_id| { + let prog_fd = bpf_prog_get_fd_by_id(prog_id)?; + let target_fd = target_fd.try_clone_to_owned()?; + // SAFETY: The file descriptor will stay valid because + // we are leaking it. We cannot use `OwnedFd` in here + // because LircMode2::attach also uses LircLink::new + // but with a borrowed file descriptor (of the loaded + // program) without duplicating. TODO(#612): Fix API + // or internals so this file descriptor isn't leaked + let prog_fd = unsafe { BorrowedFd::borrow_raw(prog_fd.into_raw_fd()) }; + Ok(LircLink::new(prog_fd, target_fd)) }) - .collect()) + .collect() } } @@ -127,16 +124,13 @@ pub struct LircLinkId(RawFd, RawFd); /// An LircMode2 Link pub struct LircLink { prog_fd: RawFd, - target_fd: RawFd, + target_fd: OwnedFd, } impl LircLink { - pub(crate) fn new(prog_fd: BorrowedFd<'_>, target_fd: RawFd) -> Self { + pub(crate) fn new(prog_fd: BorrowedFd<'_>, target_fd: OwnedFd) -> Self { let prog_fd = prog_fd.as_raw_fd(); - Self { - prog_fd, - target_fd: unsafe { dup(target_fd) }, - } + Self { prog_fd, target_fd } } /// Get ProgramInfo from this link @@ -151,12 +145,11 @@ impl Link for LircLink { type Id = LircLinkId; fn id(&self) -> Self::Id { - LircLinkId(self.prog_fd, self.target_fd) + LircLinkId(self.prog_fd, self.target_fd.as_raw_fd()) } fn detach(self) -> Result<(), ProgramError> { - let _ = bpf_prog_detach(self.prog_fd, self.target_fd, BPF_LIRC_MODE2); - unsafe { close(self.target_fd) }; + let _: SysResult<_> = bpf_prog_detach(self.prog_fd, self.target_fd.as_fd(), BPF_LIRC_MODE2); Ok(()) } } diff --git a/aya/src/programs/mod.rs b/aya/src/programs/mod.rs index 07755307..616244e0 100644 --- a/aya/src/programs/mod.rs +++ b/aya/src/programs/mod.rs @@ -640,8 +640,8 @@ fn load_program( } } -pub(crate) fn query( - target_fd: T, +pub(crate) fn query( + target_fd: BorrowedFd<'_>, attach_type: bpf_attach_type, query_flags: u32, attach_flags: &mut Option, @@ -653,7 +653,7 @@ pub(crate) fn query( loop { match bpf_prog_query( - target_fd.as_raw_fd(), + target_fd.as_fd().as_raw_fd(), attach_type, query_flags, attach_flags.as_mut(), diff --git a/aya/src/programs/perf_attach.rs b/aya/src/programs/perf_attach.rs index c48bf97e..8cf04871 100644 --- a/aya/src/programs/perf_attach.rs +++ b/aya/src/programs/perf_attach.rs @@ -7,7 +7,7 @@ use crate::{ probe::{detach_debug_fs, ProbeEvent}, FdLink, Link, ProgramError, }, - sys::{bpf_link_create, perf_event_ioctl, SysResult, SyscallError}, + sys::{bpf_link_create, perf_event_ioctl, LinkTarget, SysResult, SyscallError}, FEATURES, PERF_EVENT_IOC_DISABLE, PERF_EVENT_IOC_ENABLE, PERF_EVENT_IOC_SET_BPF, }; @@ -75,12 +75,11 @@ pub(crate) fn perf_attach( fd: OwnedFd, ) -> Result { if FEATURES.bpf_perf_link() { - let link_fd = bpf_link_create(prog_fd, fd.as_raw_fd(), BPF_PERF_EVENT, None, 0).map_err( - |(_, io_error)| SyscallError { + let link_fd = bpf_link_create(prog_fd, LinkTarget::Fd(fd.as_fd()), BPF_PERF_EVENT, None, 0) + .map_err(|(_, io_error)| SyscallError { call: "bpf_link_create", io_error, - }, - )?; + })?; Ok(PerfLinkInner::FdLink(FdLink::new(link_fd))) } else { perf_attach_either(prog_fd, fd, None) diff --git a/aya/src/programs/sk_lookup.rs b/aya/src/programs/sk_lookup.rs index ab322daa..eb386187 100644 --- a/aya/src/programs/sk_lookup.rs +++ b/aya/src/programs/sk_lookup.rs @@ -1,9 +1,9 @@ -use std::os::fd::{AsFd as _, AsRawFd}; +use std::os::fd::AsFd; use crate::{ generated::{bpf_attach_type::BPF_SK_LOOKUP, bpf_prog_type::BPF_PROG_TYPE_SK_LOOKUP}, programs::{define_link_wrapper, load_program, FdLinkId, ProgramData, ProgramError}, - sys::{bpf_link_create, SyscallError}, + sys::{bpf_link_create, LinkTarget, SyscallError}, }; use super::links::FdLink; @@ -60,17 +60,16 @@ impl SkLookup { /// Attaches the program to the given network namespace. /// /// The returned value can be used to detach, see [SkLookup::detach]. - pub fn attach(&mut self, netns: T) -> Result { + pub fn attach(&mut self, netns: T) -> Result { let prog_fd = self.fd()?; let prog_fd = prog_fd.as_fd(); - let netns_fd = netns.as_raw_fd(); + let netns_fd = netns.as_fd(); - let link_fd = bpf_link_create(prog_fd, netns_fd, BPF_SK_LOOKUP, None, 0).map_err( - |(_, io_error)| SyscallError { + let link_fd = bpf_link_create(prog_fd, LinkTarget::Fd(netns_fd), BPF_SK_LOOKUP, None, 0) + .map_err(|(_, io_error)| SyscallError { call: "bpf_link_create", io_error, - }, - )?; + })?; self.data .links .insert(SkLookupLink::new(FdLink::new(link_fd))) diff --git a/aya/src/programs/sk_msg.rs b/aya/src/programs/sk_msg.rs index e7776d5d..554c3e86 100644 --- a/aya/src/programs/sk_msg.rs +++ b/aya/src/programs/sk_msg.rs @@ -1,6 +1,6 @@ //! Skmsg programs. -use std::os::fd::{AsFd as _, AsRawFd as _}; +use std::os::fd::AsFd as _; use crate::{ generated::{bpf_attach_type::BPF_SK_MSG_VERDICT, bpf_prog_type::BPF_PROG_TYPE_SK_MSG}, @@ -9,7 +9,6 @@ use crate::{ define_link_wrapper, load_program, ProgAttachLink, ProgAttachLinkId, ProgramData, ProgramError, }, - sys::{bpf_prog_attach, SyscallError}, }; /// A program used to intercept messages sent with `sendmsg()`/`sendfile()`. @@ -81,19 +80,9 @@ impl SkMsg { pub fn attach(&mut self, map: SockMapFd) -> Result { let prog_fd = self.fd()?; let prog_fd = prog_fd.as_fd(); - let map_fd = map.as_raw_fd(); + let link = ProgAttachLink::attach(prog_fd, map.as_fd(), BPF_SK_MSG_VERDICT)?; - bpf_prog_attach(prog_fd, map_fd, BPF_SK_MSG_VERDICT).map_err(|(_, io_error)| { - SyscallError { - call: "bpf_prog_attach", - io_error, - } - })?; - self.data.links.insert(SkMsgLink::new(ProgAttachLink::new( - prog_fd, - map_fd, - BPF_SK_MSG_VERDICT, - ))) + self.data.links.insert(SkMsgLink::new(link)) } /// Detaches the program from a sockmap. diff --git a/aya/src/programs/sk_skb.rs b/aya/src/programs/sk_skb.rs index 79ac0c23..dac5ba3f 100644 --- a/aya/src/programs/sk_skb.rs +++ b/aya/src/programs/sk_skb.rs @@ -1,9 +1,6 @@ //! Skskb programs. -use std::{ - os::fd::{AsFd as _, AsRawFd as _}, - path::Path, -}; +use std::{os::fd::AsFd as _, path::Path}; use crate::{ generated::{ @@ -15,7 +12,6 @@ use crate::{ define_link_wrapper, load_program, ProgAttachLink, ProgAttachLinkId, ProgramData, ProgramError, }, - sys::{bpf_prog_attach, SyscallError}, VerifierLogLevel, }; @@ -77,21 +73,15 @@ impl SkSkb { pub fn attach(&mut self, map: SockMapFd) -> Result { let prog_fd = self.fd()?; let prog_fd = prog_fd.as_fd(); - let map_fd = map.as_raw_fd(); let attach_type = match self.kind { SkSkbKind::StreamParser => BPF_SK_SKB_STREAM_PARSER, SkSkbKind::StreamVerdict => BPF_SK_SKB_STREAM_VERDICT, }; - bpf_prog_attach(prog_fd, map_fd, attach_type).map_err(|(_, io_error)| SyscallError { - call: "bpf_prog_attach", - io_error, - })?; - self.data.links.insert(SkSkbLink::new(ProgAttachLink::new( - prog_fd, - map_fd, - attach_type, - ))) + + let link = ProgAttachLink::attach(prog_fd, map.as_fd(), attach_type)?; + + self.data.links.insert(SkSkbLink::new(link)) } /// Detaches the program. diff --git a/aya/src/programs/sock_ops.rs b/aya/src/programs/sock_ops.rs index a44d7058..d8cb1383 100644 --- a/aya/src/programs/sock_ops.rs +++ b/aya/src/programs/sock_ops.rs @@ -1,5 +1,5 @@ //! Socket option programs. -use std::os::fd::{AsFd as _, AsRawFd}; +use std::os::fd::AsFd; use crate::{ generated::{bpf_attach_type::BPF_CGROUP_SOCK_OPS, bpf_prog_type::BPF_PROG_TYPE_SOCK_OPS}, @@ -7,7 +7,6 @@ use crate::{ define_link_wrapper, load_program, ProgAttachLink, ProgAttachLinkId, ProgramData, ProgramError, }, - sys::{bpf_prog_attach, SyscallError}, }; /// A program used to work with sockets. @@ -58,22 +57,11 @@ impl SockOps { /// Attaches the program to the given cgroup. /// /// The returned value can be used to detach, see [SockOps::detach]. - pub fn attach(&mut self, cgroup: T) -> Result { + pub fn attach(&mut self, cgroup: T) -> Result { let prog_fd = self.fd()?; - let prog_fd = prog_fd.as_fd(); - let cgroup_fd = cgroup.as_raw_fd(); - bpf_prog_attach(prog_fd, cgroup_fd, BPF_CGROUP_SOCK_OPS).map_err(|(_, io_error)| { - SyscallError { - call: "bpf_prog_attach", - io_error, - } - })?; - self.data.links.insert(SockOpsLink::new(ProgAttachLink::new( - prog_fd, - cgroup_fd, - BPF_CGROUP_SOCK_OPS, - ))) + let link = ProgAttachLink::attach(prog_fd.as_fd(), cgroup.as_fd(), BPF_CGROUP_SOCK_OPS)?; + self.data.links.insert(SockOpsLink::new(link)) } /// Detaches the program. diff --git a/aya/src/programs/socket_filter.rs b/aya/src/programs/socket_filter.rs index e737d8ae..014b6475 100644 --- a/aya/src/programs/socket_filter.rs +++ b/aya/src/programs/socket_filter.rs @@ -2,7 +2,7 @@ use libc::{setsockopt, SOL_SOCKET}; use std::{ io, mem, - os::fd::{AsFd as _, AsRawFd, RawFd}, + os::fd::{AsFd, AsRawFd, RawFd}, }; use thiserror::Error; @@ -48,13 +48,12 @@ pub enum SocketFilterError { /// # } /// # let mut bpf = aya::Bpf::load(&[])?; /// use std::net::TcpStream; -/// use std::os::fd::AsRawFd; /// use aya::programs::SocketFilter; /// /// let mut client = TcpStream::connect("127.0.0.1:1234")?; /// let prog: &mut SocketFilter = bpf.program_mut("filter_packets").unwrap().try_into()?; /// prog.load()?; -/// prog.attach(client.as_raw_fd())?; +/// prog.attach(&client)?; /// # Ok::<(), Error>(()) /// ``` #[derive(Debug)] @@ -72,10 +71,11 @@ impl SocketFilter { /// Attaches the filter on the given socket. /// /// The returned value can be used to detach from the socket, see [SocketFilter::detach]. - pub fn attach(&mut self, socket: T) -> Result { + pub fn attach(&mut self, socket: T) -> Result { let prog_fd = self.fd()?; let prog_fd = prog_fd.as_fd(); let prog_fd = prog_fd.as_raw_fd(); + let socket = socket.as_fd(); let socket = socket.as_raw_fd(); let ret = unsafe { diff --git a/aya/src/programs/xdp.rs b/aya/src/programs/xdp.rs index 39ca3cf9..499b2b38 100644 --- a/aya/src/programs/xdp.rs +++ b/aya/src/programs/xdp.rs @@ -1,6 +1,9 @@ //! eXpress Data Path (XDP) programs. -use crate::{sys::SyscallError, util::KernelVersion}; +use crate::{ + sys::{LinkTarget, SyscallError}, + util::KernelVersion, +}; use bitflags; use libc::if_nametoindex; use std::{ @@ -128,12 +131,11 @@ impl Xdp { ) -> Result { let prog_fd = self.fd()?; let prog_fd = prog_fd.as_fd(); - let if_index = if_index as RawFd; if KernelVersion::current().unwrap() >= KernelVersion::new(5, 9, 0) { let link_fd = bpf_link_create( prog_fd, - if_index, + LinkTarget::IfIndex(if_index), bpf_attach_type::BPF_XDP, None, flags.bits(), @@ -146,6 +148,7 @@ impl Xdp { .links .insert(XdpLink::new(XdpLinkInner::FdLink(FdLink::new(link_fd)))) } else { + let if_index = if_index as i32; unsafe { netlink_set_xdp_fd(if_index, Some(prog_fd), None, flags.bits()) } .map_err(|io_error| XdpError::NetlinkError { io_error })?; diff --git a/aya/src/sys/bpf.rs b/aya/src/sys/bpf.rs index 8656c04b..41f6fd6f 100644 --- a/aya/src/sys/bpf.rs +++ b/aya/src/sys/bpf.rs @@ -365,10 +365,15 @@ pub(crate) fn bpf_map_freeze(fd: RawFd) -> SysResult { sys_bpf(bpf_cmd::BPF_MAP_FREEZE, &mut attr) } +pub(crate) enum LinkTarget<'f> { + Fd(BorrowedFd<'f>), + IfIndex(u32), +} + // since kernel 5.7 pub(crate) fn bpf_link_create( prog_fd: BorrowedFd<'_>, - target_fd: RawFd, + target: LinkTarget<'_>, attach_type: bpf_attach_type, btf_id: Option, flags: u32, @@ -376,7 +381,15 @@ pub(crate) fn bpf_link_create( let mut attr = unsafe { mem::zeroed::() }; attr.link_create.__bindgen_anon_1.prog_fd = prog_fd.as_raw_fd() as u32; - attr.link_create.__bindgen_anon_2.target_fd = target_fd as u32; + + match target { + LinkTarget::Fd(fd) => { + attr.link_create.__bindgen_anon_2.target_fd = fd.as_raw_fd() as u32; + } + LinkTarget::IfIndex(ifindex) => { + attr.link_create.__bindgen_anon_2.target_ifindex = ifindex; + } + }; attr.link_create.attach_type = attach_type as u32; attr.link_create.flags = flags; if let Some(btf_id) = btf_id { @@ -410,13 +423,13 @@ pub(crate) fn bpf_link_update( pub(crate) fn bpf_prog_attach( prog_fd: BorrowedFd<'_>, - target_fd: RawFd, + target_fd: BorrowedFd<'_>, attach_type: bpf_attach_type, ) -> SysResult { let mut attr = unsafe { mem::zeroed::() }; attr.__bindgen_anon_5.attach_bpf_fd = prog_fd.as_raw_fd() as u32; - attr.__bindgen_anon_5.target_fd = target_fd as u32; + attr.__bindgen_anon_5.target_fd = target_fd.as_raw_fd() as u32; attr.__bindgen_anon_5.attach_type = attach_type as u32; sys_bpf(bpf_cmd::BPF_PROG_ATTACH, &mut attr) @@ -424,13 +437,13 @@ pub(crate) fn bpf_prog_attach( pub(crate) fn bpf_prog_detach( prog_fd: RawFd, - map_fd: RawFd, + target_fd: BorrowedFd<'_>, attach_type: bpf_attach_type, ) -> SysResult { let mut attr = unsafe { mem::zeroed::() }; attr.__bindgen_anon_5.attach_bpf_fd = prog_fd as u32; - attr.__bindgen_anon_5.target_fd = map_fd as u32; + attr.__bindgen_anon_5.target_fd = target_fd.as_raw_fd() as u32; attr.__bindgen_anon_5.attach_type = attach_type as u32; sys_bpf(bpf_cmd::BPF_PROG_DETACH, &mut attr) @@ -683,7 +696,7 @@ pub(crate) fn is_perf_link_supported() -> bool { let fd = fd.as_fd(); matches!( // Uses an invalid target FD so we get EBADF if supported. - bpf_link_create(fd, -1, bpf_attach_type::BPF_PERF_EVENT, None, 0), + bpf_link_create(fd, LinkTarget::IfIndex(u32::MAX), bpf_attach_type::BPF_PERF_EVENT, None, 0), // Returns EINVAL if unsupported. EBADF if supported. Err((_, e)) if e.raw_os_error() == Some(libc::EBADF), ) diff --git a/xtask/public-api/aya.txt b/xtask/public-api/aya.txt index 4c06ccf6..388024ce 100644 --- a/xtask/public-api/aya.txt +++ b/xtask/public-api/aya.txt @@ -637,8 +637,8 @@ pub fn aya::maps::SockMap::borrow_mut(&mut self) -> &mut T impl core::convert::From for aya::maps::SockMap pub fn aya::maps::SockMap::from(t: T) -> T pub struct aya::maps::sock::SockMapFd(_) -impl std::os::fd::raw::AsRawFd for aya::maps::sock::SockMapFd -pub fn aya::maps::sock::SockMapFd::as_raw_fd(&self) -> std::os::fd::raw::RawFd +impl std::os::fd::owned::AsFd for aya::maps::sock::SockMapFd +pub fn aya::maps::sock::SockMapFd::as_fd(&self) -> std::os::fd::owned::BorrowedFd<'_> impl core::clone::Clone for aya::maps::sock::SockMapFd pub fn aya::maps::sock::SockMapFd::clone(&self) -> aya::maps::sock::SockMapFd impl core::marker::Copy for aya::maps::sock::SockMapFd @@ -1793,7 +1793,7 @@ pub use aya::programs::CgroupSockoptAttachType pub mod aya::programs::cgroup_device pub struct aya::programs::cgroup_device::CgroupDevice impl aya::programs::cgroup_device::CgroupDevice -pub fn aya::programs::cgroup_device::CgroupDevice::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_device::CgroupDevice::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_device::CgroupDevice::detach(&mut self, link_id: aya::programs::cgroup_device::CgroupDeviceLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_device::CgroupDevice::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_device::CgroupDevice::take_link(&mut self, link_id: aya::programs::cgroup_device::CgroupDeviceLinkId) -> core::result::Result @@ -1936,7 +1936,7 @@ impl core::convert::From for aya::programs::cgroup_skb::CgroupSkbAttachTyp pub fn aya::programs::cgroup_skb::CgroupSkbAttachType::from(t: T) -> T pub struct aya::programs::cgroup_skb::CgroupSkb impl aya::programs::cgroup_skb::CgroupSkb -pub fn aya::programs::cgroup_skb::CgroupSkb::attach(&mut self, cgroup: T, attach_type: aya::programs::cgroup_skb::CgroupSkbAttachType) -> core::result::Result +pub fn aya::programs::cgroup_skb::CgroupSkb::attach(&mut self, cgroup: T, attach_type: aya::programs::cgroup_skb::CgroupSkbAttachType) -> core::result::Result pub fn aya::programs::cgroup_skb::CgroupSkb::detach(&mut self, link_id: aya::programs::cgroup_skb::CgroupSkbLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_skb::CgroupSkb::expected_attach_type(&self) -> &core::option::Option pub fn aya::programs::cgroup_skb::CgroupSkb::from_pin>(path: P, expected_attach_type: aya::programs::cgroup_skb::CgroupSkbAttachType) -> core::result::Result @@ -2047,7 +2047,7 @@ pub mod aya::programs::cgroup_sock pub use aya::programs::cgroup_sock::CgroupSockAttachType pub struct aya::programs::cgroup_sock::CgroupSock impl aya::programs::cgroup_sock::CgroupSock -pub fn aya::programs::cgroup_sock::CgroupSock::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_sock::CgroupSock::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_sock::CgroupSock::detach(&mut self, link_id: aya::programs::cgroup_sock::CgroupSockLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sock::CgroupSock::from_pin>(path: P, attach_type: aya_obj::programs::cgroup_sock::CgroupSockAttachType) -> core::result::Result pub fn aya::programs::cgroup_sock::CgroupSock::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> @@ -2157,7 +2157,7 @@ pub mod aya::programs::cgroup_sock_addr pub use aya::programs::cgroup_sock_addr::CgroupSockAddrAttachType pub struct aya::programs::cgroup_sock_addr::CgroupSockAddr impl aya::programs::cgroup_sock_addr::CgroupSockAddr -pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::detach(&mut self, link_id: aya::programs::cgroup_sock_addr::CgroupSockAddrLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::from_pin>(path: P, attach_type: aya_obj::programs::cgroup_sock_addr::CgroupSockAddrAttachType) -> core::result::Result pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> @@ -2267,7 +2267,7 @@ pub mod aya::programs::cgroup_sockopt pub use aya::programs::cgroup_sockopt::CgroupSockoptAttachType pub struct aya::programs::cgroup_sockopt::CgroupSockopt impl aya::programs::cgroup_sockopt::CgroupSockopt -pub fn aya::programs::cgroup_sockopt::CgroupSockopt::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_sockopt::CgroupSockopt::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_sockopt::CgroupSockopt::detach(&mut self, link_id: aya::programs::cgroup_sockopt::CgroupSockoptLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sockopt::CgroupSockopt::from_pin>(path: P, attach_type: aya_obj::programs::cgroup_sockopt::CgroupSockoptAttachType) -> core::result::Result pub fn aya::programs::cgroup_sockopt::CgroupSockopt::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> @@ -2376,7 +2376,7 @@ pub fn aya::programs::cgroup_sockopt::CgroupSockoptLinkId::from(t: T) -> T pub mod aya::programs::cgroup_sysctl pub struct aya::programs::cgroup_sysctl::CgroupSysctl impl aya::programs::cgroup_sysctl::CgroupSysctl -pub fn aya::programs::cgroup_sysctl::CgroupSysctl::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_sysctl::CgroupSysctl::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_sysctl::CgroupSysctl::detach(&mut self, link_id: aya::programs::cgroup_sysctl::CgroupSysctlLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sysctl::CgroupSysctl::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sysctl::CgroupSysctl::take_link(&mut self, link_id: aya::programs::cgroup_sysctl::CgroupSysctlLinkId) -> core::result::Result @@ -3395,10 +3395,10 @@ impl core::convert::From for aya::programs::lirc_mode2::LircLinkId pub fn aya::programs::lirc_mode2::LircLinkId::from(t: T) -> T pub struct aya::programs::lirc_mode2::LircMode2 impl aya::programs::lirc_mode2::LircMode2 -pub fn aya::programs::lirc_mode2::LircMode2::attach(&mut self, lircdev: T) -> core::result::Result +pub fn aya::programs::lirc_mode2::LircMode2::attach(&mut self, lircdev: T) -> core::result::Result pub fn aya::programs::lirc_mode2::LircMode2::detach(&mut self, link_id: aya::programs::lirc_mode2::LircLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::lirc_mode2::LircMode2::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> -pub fn aya::programs::lirc_mode2::LircMode2::query(target_fd: T) -> core::result::Result, aya::programs::ProgramError> +pub fn aya::programs::lirc_mode2::LircMode2::query(target_fd: T) -> core::result::Result, aya::programs::ProgramError> pub fn aya::programs::lirc_mode2::LircMode2::take_link(&mut self, link_id: aya::programs::lirc_mode2::LircLinkId) -> core::result::Result impl aya::programs::lirc_mode2::LircMode2 pub fn aya::programs::lirc_mode2::LircMode2::fd(&self) -> core::result::Result<&aya::programs::ProgramFd, aya::programs::ProgramError> @@ -5567,7 +5567,7 @@ impl core::convert::From for aya::programs::tp_btf::BtfTracePoint pub fn aya::programs::tp_btf::BtfTracePoint::from(t: T) -> T pub struct aya::programs::CgroupDevice impl aya::programs::cgroup_device::CgroupDevice -pub fn aya::programs::cgroup_device::CgroupDevice::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_device::CgroupDevice::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_device::CgroupDevice::detach(&mut self, link_id: aya::programs::cgroup_device::CgroupDeviceLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_device::CgroupDevice::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_device::CgroupDevice::take_link(&mut self, link_id: aya::programs::cgroup_device::CgroupDeviceLinkId) -> core::result::Result @@ -5615,7 +5615,7 @@ impl core::convert::From for aya::programs::cgroup_device::CgroupDevice pub fn aya::programs::cgroup_device::CgroupDevice::from(t: T) -> T pub struct aya::programs::CgroupSkb impl aya::programs::cgroup_skb::CgroupSkb -pub fn aya::programs::cgroup_skb::CgroupSkb::attach(&mut self, cgroup: T, attach_type: aya::programs::cgroup_skb::CgroupSkbAttachType) -> core::result::Result +pub fn aya::programs::cgroup_skb::CgroupSkb::attach(&mut self, cgroup: T, attach_type: aya::programs::cgroup_skb::CgroupSkbAttachType) -> core::result::Result pub fn aya::programs::cgroup_skb::CgroupSkb::detach(&mut self, link_id: aya::programs::cgroup_skb::CgroupSkbLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_skb::CgroupSkb::expected_attach_type(&self) -> &core::option::Option pub fn aya::programs::cgroup_skb::CgroupSkb::from_pin>(path: P, expected_attach_type: aya::programs::cgroup_skb::CgroupSkbAttachType) -> core::result::Result @@ -5663,7 +5663,7 @@ impl core::convert::From for aya::programs::cgroup_skb::CgroupSkb pub fn aya::programs::cgroup_skb::CgroupSkb::from(t: T) -> T pub struct aya::programs::CgroupSock impl aya::programs::cgroup_sock::CgroupSock -pub fn aya::programs::cgroup_sock::CgroupSock::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_sock::CgroupSock::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_sock::CgroupSock::detach(&mut self, link_id: aya::programs::cgroup_sock::CgroupSockLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sock::CgroupSock::from_pin>(path: P, attach_type: aya_obj::programs::cgroup_sock::CgroupSockAttachType) -> core::result::Result pub fn aya::programs::cgroup_sock::CgroupSock::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> @@ -5710,7 +5710,7 @@ impl core::convert::From for aya::programs::cgroup_sock::CgroupSock pub fn aya::programs::cgroup_sock::CgroupSock::from(t: T) -> T pub struct aya::programs::CgroupSockAddr impl aya::programs::cgroup_sock_addr::CgroupSockAddr -pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::detach(&mut self, link_id: aya::programs::cgroup_sock_addr::CgroupSockAddrLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::from_pin>(path: P, attach_type: aya_obj::programs::cgroup_sock_addr::CgroupSockAddrAttachType) -> core::result::Result pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> @@ -5757,7 +5757,7 @@ impl core::convert::From for aya::programs::cgroup_sock_addr::CgroupSockAd pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::from(t: T) -> T pub struct aya::programs::CgroupSockopt impl aya::programs::cgroup_sockopt::CgroupSockopt -pub fn aya::programs::cgroup_sockopt::CgroupSockopt::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_sockopt::CgroupSockopt::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_sockopt::CgroupSockopt::detach(&mut self, link_id: aya::programs::cgroup_sockopt::CgroupSockoptLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sockopt::CgroupSockopt::from_pin>(path: P, attach_type: aya_obj::programs::cgroup_sockopt::CgroupSockoptAttachType) -> core::result::Result pub fn aya::programs::cgroup_sockopt::CgroupSockopt::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> @@ -5804,7 +5804,7 @@ impl core::convert::From for aya::programs::cgroup_sockopt::CgroupSockopt pub fn aya::programs::cgroup_sockopt::CgroupSockopt::from(t: T) -> T pub struct aya::programs::CgroupSysctl impl aya::programs::cgroup_sysctl::CgroupSysctl -pub fn aya::programs::cgroup_sysctl::CgroupSysctl::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_sysctl::CgroupSysctl::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_sysctl::CgroupSysctl::detach(&mut self, link_id: aya::programs::cgroup_sysctl::CgroupSysctlLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sysctl::CgroupSysctl::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sysctl::CgroupSysctl::take_link(&mut self, link_id: aya::programs::cgroup_sysctl::CgroupSysctlLinkId) -> core::result::Result @@ -6045,10 +6045,10 @@ impl core::convert::From for aya::programs::kprobe::KProbe pub fn aya::programs::kprobe::KProbe::from(t: T) -> T pub struct aya::programs::LircMode2 impl aya::programs::lirc_mode2::LircMode2 -pub fn aya::programs::lirc_mode2::LircMode2::attach(&mut self, lircdev: T) -> core::result::Result +pub fn aya::programs::lirc_mode2::LircMode2::attach(&mut self, lircdev: T) -> core::result::Result pub fn aya::programs::lirc_mode2::LircMode2::detach(&mut self, link_id: aya::programs::lirc_mode2::LircLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::lirc_mode2::LircMode2::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> -pub fn aya::programs::lirc_mode2::LircMode2::query(target_fd: T) -> core::result::Result, aya::programs::ProgramError> +pub fn aya::programs::lirc_mode2::LircMode2::query(target_fd: T) -> core::result::Result, aya::programs::ProgramError> pub fn aya::programs::lirc_mode2::LircMode2::take_link(&mut self, link_id: aya::programs::lirc_mode2::LircLinkId) -> core::result::Result impl aya::programs::lirc_mode2::LircMode2 pub fn aya::programs::lirc_mode2::LircMode2::fd(&self) -> core::result::Result<&aya::programs::ProgramFd, aya::programs::ProgramError> @@ -6354,7 +6354,7 @@ impl core::convert::From for aya::programs::tc::SchedClassifier pub fn aya::programs::tc::SchedClassifier::from(t: T) -> T pub struct aya::programs::SkLookup impl aya::programs::SkLookup -pub fn aya::programs::SkLookup::attach(&mut self, netns: T) -> core::result::Result +pub fn aya::programs::SkLookup::attach(&mut self, netns: T) -> core::result::Result pub fn aya::programs::SkLookup::detach(&mut self, link_id: SkLookupLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::SkLookup::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::SkLookup::take_link(&mut self, link_id: SkLookupLinkId) -> core::result::Result @@ -6497,7 +6497,7 @@ impl core::convert::From for aya::programs::SkSkb pub fn aya::programs::SkSkb::from(t: T) -> T pub struct aya::programs::SockOps impl aya::programs::SockOps -pub fn aya::programs::SockOps::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::SockOps::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::SockOps::detach(&mut self, link_id: SockOpsLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::SockOps::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::SockOps::take_link(&mut self, link_id: SockOpsLinkId) -> core::result::Result @@ -6545,7 +6545,7 @@ impl core::convert::From for aya::programs::SockOps pub fn aya::programs::SockOps::from(t: T) -> T pub struct aya::programs::SocketFilter impl aya::programs::SocketFilter -pub fn aya::programs::SocketFilter::attach(&mut self, socket: T) -> core::result::Result +pub fn aya::programs::SocketFilter::attach(&mut self, socket: T) -> core::result::Result pub fn aya::programs::SocketFilter::detach(&mut self, link_id: SocketFilterLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::SocketFilter::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::SocketFilter::take_link(&mut self, link_id: SocketFilterLinkId) -> core::result::Result