From aad5870e05a8ef46edc8b2fe217ee2bc6c97ce24 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A9s=20Medina?= Date: Fri, 4 Aug 2023 19:59:20 -0700 Subject: [PATCH] aya: Use AsFd when attaching fds to programs This is a breaking change but adds another level of safety to ensure the file descriptors we receive are valid. Additionally, this allows aya to internally easily duplicate this file descriptors using std library methods instead of manually calling `dup` which doesn't duplicate with the CLOSE_ON_EXEC flag that is standard pratice to avoid leaking file descriptors when exec'ing. --- aya/src/maps/sock/mod.rs | 9 +++++- aya/src/programs/cgroup_device.rs | 31 +++++++++++------- aya/src/programs/cgroup_skb.rs | 17 +++++----- aya/src/programs/cgroup_sock.rs | 17 +++++----- aya/src/programs/cgroup_sock_addr.rs | 17 +++++----- aya/src/programs/cgroup_sockopt.rs | 17 +++++----- aya/src/programs/cgroup_sysctl.rs | 31 +++++++++++------- aya/src/programs/extension.rs | 45 ++++++++++++++++---------- aya/src/programs/links.rs | 17 +++++----- aya/src/programs/lirc_mode2.rs | 41 ++++++++++++------------ aya/src/programs/mod.rs | 21 ++++++++---- aya/src/programs/perf_attach.rs | 9 +++--- aya/src/programs/sk_lookup.rs | 15 ++++----- aya/src/programs/sk_msg.rs | 5 +-- aya/src/programs/sk_skb.rs | 5 +-- aya/src/programs/sock_ops.rs | 7 ++-- aya/src/programs/xdp.rs | 24 +++++++++----- aya/src/sys/bpf.rs | 48 ++++++++++++++++++++-------- xtask/public-api/aya.txt | 42 +++++++++++++----------- 19 files changed, 246 insertions(+), 172 deletions(-) diff --git a/aya/src/maps/sock/mod.rs b/aya/src/maps/sock/mod.rs index 1b9f00e9..f438c72a 100644 --- a/aya/src/maps/sock/mod.rs +++ b/aya/src/maps/sock/mod.rs @@ -5,7 +5,7 @@ mod sock_map; pub use sock_hash::SockHash; pub use sock_map::SockMap; -use std::os::fd::{AsRawFd, RawFd}; +use std::os::fd::{AsFd, AsRawFd, BorrowedFd, RawFd}; /// A socket map file descriptor. #[derive(Copy, Clone)] @@ -16,3 +16,10 @@ impl AsRawFd for SockMapFd { self.0 } } + +impl AsFd for SockMapFd { + fn as_fd(&self) -> BorrowedFd<'_> { + // SAFETY: We trust that the sock map fd is still valid. TODO: Ensure that + unsafe { BorrowedFd::borrow_raw(self.0) } + } +} diff --git a/aya/src/programs/cgroup_device.rs b/aya/src/programs/cgroup_device.rs index dc318086..f290d89f 100644 --- a/aya/src/programs/cgroup_device.rs +++ b/aya/src/programs/cgroup_device.rs @@ -1,7 +1,7 @@ //! Cgroup device programs. -use crate::util::KernelVersion; -use std::os::fd::AsRawFd; +use crate::{sys::LinkTarget, util::KernelVersion}; +use std::os::fd::AsFd; use crate::{ generated::{bpf_attach_type::BPF_CGROUP_DEVICE, bpf_prog_type::BPF_PROG_TYPE_CGROUP_DEVICE}, @@ -60,17 +60,22 @@ impl CgroupDevice { /// Attaches the program to the given cgroup. /// /// The returned value can be used to detach, see [CgroupDevice::detach] - pub fn attach(&mut self, cgroup: T) -> Result { + pub fn attach(&mut self, cgroup: T) -> Result { let prog_fd = self.data.fd_or_err()?; - let cgroup_fd = cgroup.as_raw_fd(); + let cgroup_fd = cgroup.as_fd(); if KernelVersion::current().unwrap() >= KernelVersion::new(5, 7, 0) { - let link_fd = bpf_link_create(prog_fd, cgroup_fd, BPF_CGROUP_DEVICE, None, 0).map_err( - |(_, io_error)| SyscallError { - call: "bpf_link_create", - io_error, - }, - )?; + let link_fd = bpf_link_create( + prog_fd, + LinkTarget::Fd(cgroup_fd), + BPF_CGROUP_DEVICE, + None, + 0, + ) + .map_err(|(_, io_error)| SyscallError { + call: "bpf_link_create", + io_error, + })?; self.data .links .insert(CgroupDeviceLink::new(CgroupDeviceLinkInner::Fd( @@ -86,7 +91,11 @@ impl CgroupDevice { self.data .links .insert(CgroupDeviceLink::new(CgroupDeviceLinkInner::ProgAttach( - ProgAttachLink::new(prog_fd, cgroup_fd, BPF_CGROUP_DEVICE), + ProgAttachLink::new( + prog_fd, + cgroup_fd.try_clone_to_owned()?, + BPF_CGROUP_DEVICE, + ), ))) } } diff --git a/aya/src/programs/cgroup_skb.rs b/aya/src/programs/cgroup_skb.rs index d0cda14a..563298f2 100644 --- a/aya/src/programs/cgroup_skb.rs +++ b/aya/src/programs/cgroup_skb.rs @@ -1,7 +1,7 @@ //! Cgroup skb programs. -use crate::util::KernelVersion; -use std::{hash::Hash, os::fd::AsRawFd, path::Path}; +use crate::{sys::LinkTarget, util::KernelVersion}; +use std::{hash::Hash, os::fd::AsFd, path::Path}; use crate::{ generated::{ @@ -83,25 +83,24 @@ impl CgroupSkb { /// Attaches the program to the given cgroup. /// /// The returned value can be used to detach, see [CgroupSkb::detach]. - pub fn attach( + pub fn attach( &mut self, cgroup: T, attach_type: CgroupSkbAttachType, ) -> Result { let prog_fd = self.data.fd_or_err()?; - let cgroup_fd = cgroup.as_raw_fd(); + let cgroup_fd = cgroup.as_fd(); let attach_type = match attach_type { CgroupSkbAttachType::Ingress => BPF_CGROUP_INET_INGRESS, CgroupSkbAttachType::Egress => BPF_CGROUP_INET_EGRESS, }; if KernelVersion::current().unwrap() >= KernelVersion::new(5, 7, 0) { - let link_fd = bpf_link_create(prog_fd, cgroup_fd, attach_type, None, 0).map_err( - |(_, io_error)| SyscallError { + let link_fd = bpf_link_create(prog_fd, LinkTarget::Fd(cgroup_fd), attach_type, None, 0) + .map_err(|(_, io_error)| SyscallError { call: "bpf_link_create", io_error, - }, - )?; + })?; self.data .links .insert(CgroupSkbLink::new(CgroupSkbLinkInner::Fd(FdLink::new( @@ -118,7 +117,7 @@ impl CgroupSkb { self.data .links .insert(CgroupSkbLink::new(CgroupSkbLinkInner::ProgAttach( - ProgAttachLink::new(prog_fd, cgroup_fd, attach_type), + ProgAttachLink::new(prog_fd, cgroup_fd.try_clone_to_owned()?, attach_type), ))) } } diff --git a/aya/src/programs/cgroup_sock.rs b/aya/src/programs/cgroup_sock.rs index a7a70e13..7408b630 100644 --- a/aya/src/programs/cgroup_sock.rs +++ b/aya/src/programs/cgroup_sock.rs @@ -2,8 +2,8 @@ pub use aya_obj::programs::CgroupSockAttachType; -use crate::util::KernelVersion; -use std::{hash::Hash, os::fd::AsRawFd, path::Path}; +use crate::{sys::LinkTarget, util::KernelVersion}; +use std::{hash::Hash, os::fd::AsFd, path::Path}; use crate::{ generated::bpf_prog_type::BPF_PROG_TYPE_CGROUP_SOCK, @@ -66,17 +66,16 @@ impl CgroupSock { /// Attaches the program to the given cgroup. /// /// The returned value can be used to detach, see [CgroupSock::detach]. - pub fn attach(&mut self, cgroup: T) -> Result { + pub fn attach(&mut self, cgroup: T) -> Result { let prog_fd = self.data.fd_or_err()?; - let cgroup_fd = cgroup.as_raw_fd(); + let cgroup_fd = cgroup.as_fd(); let attach_type = self.data.expected_attach_type.unwrap(); if KernelVersion::current().unwrap() >= KernelVersion::new(5, 7, 0) { - let link_fd = bpf_link_create(prog_fd, cgroup_fd, attach_type, None, 0).map_err( - |(_, io_error)| SyscallError { + let link_fd = bpf_link_create(prog_fd, LinkTarget::Fd(cgroup_fd), attach_type, None, 0) + .map_err(|(_, io_error)| SyscallError { call: "bpf_link_create", io_error, - }, - )?; + })?; self.data .links .insert(CgroupSockLink::new(CgroupSockLinkInner::Fd(FdLink::new( @@ -93,7 +92,7 @@ impl CgroupSock { self.data .links .insert(CgroupSockLink::new(CgroupSockLinkInner::ProgAttach( - ProgAttachLink::new(prog_fd, cgroup_fd, attach_type), + ProgAttachLink::new(prog_fd, cgroup_fd.try_clone_to_owned()?, attach_type), ))) } } diff --git a/aya/src/programs/cgroup_sock_addr.rs b/aya/src/programs/cgroup_sock_addr.rs index 827cbe57..1b033575 100644 --- a/aya/src/programs/cgroup_sock_addr.rs +++ b/aya/src/programs/cgroup_sock_addr.rs @@ -2,8 +2,8 @@ pub use aya_obj::programs::CgroupSockAddrAttachType; -use crate::util::KernelVersion; -use std::{hash::Hash, os::fd::AsRawFd, path::Path}; +use crate::{sys::LinkTarget, util::KernelVersion}; +use std::{hash::Hash, os::fd::AsFd, path::Path}; use crate::{ generated::bpf_prog_type::BPF_PROG_TYPE_CGROUP_SOCK_ADDR, @@ -67,17 +67,16 @@ impl CgroupSockAddr { /// Attaches the program to the given cgroup. /// /// The returned value can be used to detach, see [CgroupSockAddr::detach]. - pub fn attach(&mut self, cgroup: T) -> Result { + pub fn attach(&mut self, cgroup: T) -> Result { let prog_fd = self.data.fd_or_err()?; - let cgroup_fd = cgroup.as_raw_fd(); + let cgroup_fd = cgroup.as_fd(); let attach_type = self.data.expected_attach_type.unwrap(); if KernelVersion::current().unwrap() >= KernelVersion::new(5, 7, 0) { - let link_fd = bpf_link_create(prog_fd, cgroup_fd, attach_type, None, 0).map_err( - |(_, io_error)| SyscallError { + let link_fd = bpf_link_create(prog_fd, LinkTarget::Fd(cgroup_fd), attach_type, None, 0) + .map_err(|(_, io_error)| SyscallError { call: "bpf_link_create", io_error, - }, - )?; + })?; self.data .links .insert(CgroupSockAddrLink::new(CgroupSockAddrLinkInner::Fd( @@ -94,7 +93,7 @@ impl CgroupSockAddr { self.data.links.insert(CgroupSockAddrLink::new( CgroupSockAddrLinkInner::ProgAttach(ProgAttachLink::new( prog_fd, - cgroup_fd, + cgroup_fd.try_clone_to_owned()?, attach_type, )), )) diff --git a/aya/src/programs/cgroup_sockopt.rs b/aya/src/programs/cgroup_sockopt.rs index e2ae3b64..3a1f242b 100644 --- a/aya/src/programs/cgroup_sockopt.rs +++ b/aya/src/programs/cgroup_sockopt.rs @@ -2,8 +2,8 @@ pub use aya_obj::programs::CgroupSockoptAttachType; -use crate::util::KernelVersion; -use std::{hash::Hash, os::fd::AsRawFd, path::Path}; +use crate::{sys::LinkTarget, util::KernelVersion}; +use std::{hash::Hash, os::fd::AsFd, path::Path}; use crate::{ generated::bpf_prog_type::BPF_PROG_TYPE_CGROUP_SOCKOPT, @@ -64,17 +64,16 @@ impl CgroupSockopt { /// Attaches the program to the given cgroup. /// /// The returned value can be used to detach, see [CgroupSockopt::detach]. - pub fn attach(&mut self, cgroup: T) -> Result { + pub fn attach(&mut self, cgroup: T) -> Result { let prog_fd = self.data.fd_or_err()?; - let cgroup_fd = cgroup.as_raw_fd(); + let cgroup_fd = cgroup.as_fd(); let attach_type = self.data.expected_attach_type.unwrap(); if KernelVersion::current().unwrap() >= KernelVersion::new(5, 7, 0) { - let link_fd = bpf_link_create(prog_fd, cgroup_fd, attach_type, None, 0).map_err( - |(_, io_error)| SyscallError { + let link_fd = bpf_link_create(prog_fd, LinkTarget::Fd(cgroup_fd), attach_type, None, 0) + .map_err(|(_, io_error)| SyscallError { call: "bpf_link_create", io_error, - }, - )?; + })?; self.data .links .insert(CgroupSockoptLink::new(CgroupSockoptLinkInner::Fd( @@ -91,7 +90,7 @@ impl CgroupSockopt { self.data .links .insert(CgroupSockoptLink::new(CgroupSockoptLinkInner::ProgAttach( - ProgAttachLink::new(prog_fd, cgroup_fd, attach_type), + ProgAttachLink::new(prog_fd, cgroup_fd.try_clone_to_owned()?, attach_type), ))) } } diff --git a/aya/src/programs/cgroup_sysctl.rs b/aya/src/programs/cgroup_sysctl.rs index 8e887657..f230eacb 100644 --- a/aya/src/programs/cgroup_sysctl.rs +++ b/aya/src/programs/cgroup_sysctl.rs @@ -1,7 +1,7 @@ //! Cgroup sysctl programs. -use crate::util::KernelVersion; -use std::{hash::Hash, os::fd::AsRawFd}; +use crate::{sys::LinkTarget, util::KernelVersion}; +use std::{hash::Hash, os::fd::AsFd}; use crate::{ generated::{bpf_attach_type::BPF_CGROUP_SYSCTL, bpf_prog_type::BPF_PROG_TYPE_CGROUP_SYSCTL}, @@ -59,17 +59,22 @@ impl CgroupSysctl { /// Attaches the program to the given cgroup. /// /// The returned value can be used to detach, see [CgroupSysctl::detach]. - pub fn attach(&mut self, cgroup: T) -> Result { + pub fn attach(&mut self, cgroup: T) -> Result { let prog_fd = self.data.fd_or_err()?; - let cgroup_fd = cgroup.as_raw_fd(); + let cgroup_fd = cgroup.as_fd(); if KernelVersion::current().unwrap() >= KernelVersion::new(5, 7, 0) { - let link_fd = bpf_link_create(prog_fd, cgroup_fd, BPF_CGROUP_SYSCTL, None, 0).map_err( - |(_, io_error)| SyscallError { - call: "bpf_link_create", - io_error, - }, - )?; + let link_fd = bpf_link_create( + prog_fd, + LinkTarget::Fd(cgroup_fd), + BPF_CGROUP_SYSCTL, + None, + 0, + ) + .map_err(|(_, io_error)| SyscallError { + call: "bpf_link_create", + io_error, + })?; self.data .links .insert(CgroupSysctlLink::new(CgroupSysctlLinkInner::Fd( @@ -86,7 +91,11 @@ impl CgroupSysctl { self.data .links .insert(CgroupSysctlLink::new(CgroupSysctlLinkInner::ProgAttach( - ProgAttachLink::new(prog_fd, cgroup_fd, BPF_CGROUP_SYSCTL), + ProgAttachLink::new( + prog_fd, + cgroup_fd.try_clone_to_owned()?, + BPF_CGROUP_SYSCTL, + ), ))) } } diff --git a/aya/src/programs/extension.rs b/aya/src/programs/extension.rs index 143c909f..4d16c56e 100644 --- a/aya/src/programs/extension.rs +++ b/aya/src/programs/extension.rs @@ -1,5 +1,5 @@ //! Extension programs. -use std::os::fd::{AsRawFd, RawFd}; +use std::os::fd::{AsFd as _, BorrowedFd, RawFd}; use thiserror::Error; use object::Endianness; @@ -10,7 +10,7 @@ use crate::{ programs::{ define_link_wrapper, load_program, FdLink, FdLinkId, ProgramData, ProgramError, ProgramFd, }, - sys::{self, bpf_link_create, SyscallError}, + sys::{self, bpf_link_create, LinkTarget, SyscallError}, Btf, }; @@ -69,11 +69,10 @@ impl Extension { /// There are no restrictions on what functions may be replaced, so you could replace /// the main entry point of your program with an extension. pub fn load(&mut self, program: ProgramFd, func_name: &str) -> Result<(), ProgramError> { - let target_prog_fd = program.as_raw_fd(); - let (btf_fd, btf_id) = get_btf_info(target_prog_fd, func_name)?; + let (btf_fd, btf_id) = get_btf_info(program.as_fd(), func_name)?; self.data.attach_btf_obj_fd = Some(btf_fd as u32); - self.data.attach_prog_fd = Some(target_prog_fd); + self.data.attach_prog_fd = Some(program); self.data.attach_btf_id = Some(btf_id); load_program(BPF_PROG_TYPE_EXT, &mut self.data) } @@ -90,11 +89,17 @@ impl Extension { let target_fd = self.data.attach_prog_fd.ok_or(ProgramError::NotLoaded)?; let btf_id = self.data.attach_btf_id.ok_or(ProgramError::NotLoaded)?; // the attach type must be set as 0, which is bpf_attach_type::BPF_CGROUP_INET_INGRESS - let link_fd = bpf_link_create(prog_fd, target_fd, BPF_CGROUP_INET_INGRESS, Some(btf_id), 0) - .map_err(|(_, io_error)| SyscallError { - call: "bpf_link_create", - io_error, - })?; + let link_fd = bpf_link_create( + prog_fd, + LinkTarget::Fd(target_fd.as_fd()), + BPF_CGROUP_INET_INGRESS, + Some(btf_id), + 0, + ) + .map_err(|(_, io_error)| SyscallError { + call: "bpf_link_create", + io_error, + })?; self.data .links .insert(ExtensionLink::new(FdLink::new(link_fd))) @@ -116,15 +121,21 @@ impl Extension { program: ProgramFd, func_name: &str, ) -> Result { - let target_fd = program.as_raw_fd(); + let target_fd = program.as_fd(); let (_, btf_id) = get_btf_info(target_fd, func_name)?; let prog_fd = self.data.fd_or_err()?; // the attach type must be set as 0, which is bpf_attach_type::BPF_CGROUP_INET_INGRESS - let link_fd = bpf_link_create(prog_fd, target_fd, BPF_CGROUP_INET_INGRESS, Some(btf_id), 0) - .map_err(|(_, io_error)| SyscallError { - call: "bpf_link_create", - io_error, - })?; + let link_fd = bpf_link_create( + prog_fd, + LinkTarget::Fd(target_fd), + BPF_CGROUP_INET_INGRESS, + Some(btf_id), + 0, + ) + .map_err(|(_, io_error)| SyscallError { + call: "bpf_link_create", + io_error, + })?; self.data .links .insert(ExtensionLink::new(FdLink::new(link_fd))) @@ -149,7 +160,7 @@ impl Extension { /// Retrieves the FD of the BTF object for the provided `prog_fd` and the BTF ID of the function /// with the name `func_name` within that BTF object. -fn get_btf_info(prog_fd: i32, func_name: &str) -> Result<(RawFd, u32), ProgramError> { +fn get_btf_info(prog_fd: BorrowedFd<'_>, func_name: &str) -> Result<(RawFd, u32), ProgramError> { // retrieve program information let info = sys::bpf_prog_get_info_by_fd(prog_fd)?; diff --git a/aya/src/programs/links.rs b/aya/src/programs/links.rs index 17176ff4..2d683174 100644 --- a/aya/src/programs/links.rs +++ b/aya/src/programs/links.rs @@ -1,12 +1,11 @@ //! Program links. -use libc::{close, dup}; use thiserror::Error; use std::{ collections::{hash_map::Entry, HashMap}, ffi::CString, io, - os::fd::{AsRawFd as _, BorrowedFd, OwnedFd, RawFd}, + os::fd::{AsFd as _, AsRawFd as _, BorrowedFd, OwnedFd, RawFd}, path::{Path, PathBuf}, }; @@ -14,7 +13,7 @@ use crate::{ generated::bpf_attach_type, pin::PinError, programs::ProgramError, - sys::{bpf_get_object, bpf_pin_object, bpf_prog_detach, SyscallError}, + sys::{bpf_get_object, bpf_pin_object, bpf_prog_detach, SysResult, SyscallError}, }; /// A Link. @@ -231,19 +230,19 @@ pub struct ProgAttachLinkId(RawFd, RawFd, bpf_attach_type); #[derive(Debug)] pub struct ProgAttachLink { prog_fd: RawFd, - target_fd: RawFd, + target_fd: OwnedFd, attach_type: bpf_attach_type, } impl ProgAttachLink { pub(crate) fn new( prog_fd: BorrowedFd<'_>, - target_fd: RawFd, + target_fd: OwnedFd, attach_type: bpf_attach_type, ) -> ProgAttachLink { ProgAttachLink { prog_fd: prog_fd.as_raw_fd(), - target_fd: unsafe { dup(target_fd) }, + target_fd, attach_type, } } @@ -253,12 +252,12 @@ impl Link for ProgAttachLink { type Id = ProgAttachLinkId; fn id(&self) -> Self::Id { - ProgAttachLinkId(self.prog_fd, self.target_fd, self.attach_type) + ProgAttachLinkId(self.prog_fd, self.target_fd.as_raw_fd(), self.attach_type) } fn detach(self) -> Result<(), ProgramError> { - let _ = bpf_prog_detach(self.prog_fd, self.target_fd, self.attach_type); - unsafe { close(self.target_fd) }; + let _: SysResult<_> = + bpf_prog_detach(self.prog_fd, self.target_fd.as_fd(), self.attach_type); Ok(()) } } diff --git a/aya/src/programs/lirc_mode2.rs b/aya/src/programs/lirc_mode2.rs index 54317110..b62fb802 100644 --- a/aya/src/programs/lirc_mode2.rs +++ b/aya/src/programs/lirc_mode2.rs @@ -1,17 +1,15 @@ //! Lirc programs. -use std::os::fd::{AsRawFd, BorrowedFd, IntoRawFd as _, RawFd}; +use std::os::fd::{AsFd, AsRawFd, BorrowedFd, IntoRawFd as _, OwnedFd, RawFd}; use crate::{ generated::{bpf_attach_type::BPF_LIRC_MODE2, bpf_prog_type::BPF_PROG_TYPE_LIRC_MODE2}, programs::{load_program, query, Link, ProgramData, ProgramError, ProgramInfo}, sys::{ bpf_prog_attach, bpf_prog_detach, bpf_prog_get_fd_by_id, bpf_prog_get_info_by_fd, - SyscallError, + SysResult, SyscallError, }, }; -use libc::{close, dup}; - /// A program used to decode IR into key events for a lirc device. /// /// [`LircMode2`] programs can be used to inspect infrared pulses, spaces, @@ -63,9 +61,9 @@ impl LircMode2 { /// Attaches the program to the given lirc device. /// /// The returned value can be used to detach, see [LircMode2::detach]. - pub fn attach(&mut self, lircdev: T) -> Result { + pub fn attach(&mut self, lircdev: T) -> Result { let prog_fd = self.data.fd_or_err()?; - let lircdev_fd = lircdev.as_raw_fd(); + let lircdev_fd = lircdev.as_fd(); bpf_prog_attach(prog_fd, lircdev_fd, BPF_LIRC_MODE2).map_err(|(_, io_error)| { SyscallError { @@ -74,7 +72,9 @@ impl LircMode2 { } })?; - self.data.links.insert(LircLink::new(prog_fd, lircdev_fd)) + self.data + .links + .insert(LircLink::new(prog_fd, lircdev_fd.try_clone_to_owned()?)) } /// Detaches the program. @@ -93,8 +93,8 @@ impl LircMode2 { } /// Queries the lirc device for attached programs. - pub fn query(target_fd: T) -> Result, ProgramError> { - let prog_ids = query(target_fd.as_raw_fd(), BPF_LIRC_MODE2, 0, &mut None)?; + pub fn query(target_fd: T) -> Result, ProgramError> { + let prog_ids = query(target_fd.as_fd(), BPF_LIRC_MODE2, 0, &mut None)?; let mut prog_fds = Vec::with_capacity(prog_ids.len()); @@ -103,17 +103,17 @@ impl LircMode2 { prog_fds.push(fd); } - Ok(prog_fds + prog_fds .into_iter() .map(|prog_fd| { - LircLink::new( + Ok(LircLink::new( // SAFETY: The file descriptor will stay valid because we are leaking it // TODO: Do not leak it? unsafe { BorrowedFd::borrow_raw(prog_fd.into_raw_fd()) }, - target_fd.as_raw_fd(), - ) + target_fd.as_fd().try_clone_to_owned()?, + )) }) - .collect()) + .collect() } } @@ -125,20 +125,20 @@ pub struct LircLinkId(RawFd, RawFd); /// An LircMode2 Link pub struct LircLink { prog_fd: RawFd, - target_fd: RawFd, + target_fd: OwnedFd, } impl LircLink { - pub(crate) fn new(prog_fd: BorrowedFd<'_>, target_fd: RawFd) -> LircLink { + pub(crate) fn new(prog_fd: BorrowedFd<'_>, target_fd: OwnedFd) -> LircLink { LircLink { prog_fd: prog_fd.as_raw_fd(), - target_fd: unsafe { dup(target_fd) }, + target_fd, } } /// Get ProgramInfo from this link pub fn info(&self) -> Result { - bpf_prog_get_info_by_fd(self.prog_fd) + bpf_prog_get_info_by_fd(unsafe { BorrowedFd::borrow_raw(self.prog_fd) }) .map(ProgramInfo) .map_err(Into::into) } @@ -148,12 +148,11 @@ impl Link for LircLink { type Id = LircLinkId; fn id(&self) -> Self::Id { - LircLinkId(self.prog_fd, self.target_fd) + LircLinkId(self.prog_fd, self.target_fd.as_raw_fd()) } fn detach(self) -> Result<(), ProgramError> { - let _ = bpf_prog_detach(self.prog_fd, self.target_fd, BPF_LIRC_MODE2); - unsafe { close(self.target_fd) }; + let _: SysResult<_> = bpf_prog_detach(self.prog_fd, self.target_fd.as_fd(), BPF_LIRC_MODE2); Ok(()) } } diff --git a/aya/src/programs/mod.rs b/aya/src/programs/mod.rs index e2792aa9..75231000 100644 --- a/aya/src/programs/mod.rs +++ b/aya/src/programs/mod.rs @@ -68,7 +68,7 @@ use libc::ENOSPC; use std::{ ffi::CString, io, - os::fd::{AsFd as _, AsRawFd, BorrowedFd, OwnedFd, RawFd}, + os::fd::{AsFd, AsRawFd, BorrowedFd, OwnedFd, RawFd}, path::{Path, PathBuf}, sync::Arc, }; @@ -211,7 +211,7 @@ pub enum ProgramError { } /// A [`Program`] file descriptor. -#[derive(Copy, Clone)] +#[derive(Copy, Clone, Debug)] pub struct ProgramFd(RawFd); impl AsRawFd for ProgramFd { @@ -220,6 +220,13 @@ impl AsRawFd for ProgramFd { } } +impl AsFd for ProgramFd { + fn as_fd(&self) -> BorrowedFd<'_> { + // SAFETY: We trust that the program fd is still valid. TODO: Enforce that + unsafe { BorrowedFd::borrow_raw(self.0) } + } +} + /// eBPF program type. #[derive(Debug)] pub enum Program { @@ -408,7 +415,7 @@ pub(crate) struct ProgramData { pub(crate) expected_attach_type: Option, pub(crate) attach_btf_obj_fd: Option, pub(crate) attach_btf_id: Option, - pub(crate) attach_prog_fd: Option, + pub(crate) attach_prog_fd: Option, pub(crate) btf_fd: Option>, pub(crate) verifier_log_level: VerifierLogLevel, pub(crate) path: Option, @@ -488,7 +495,7 @@ impl ProgramData { io_error, })?; - let info = bpf_prog_get_info_by_fd(fd.as_raw_fd())?; + let info = bpf_prog_get_info_by_fd(fd.as_fd())?; let name = ProgramInfo(info).name_as_str().map(|s| s.to_string()); ProgramData::from_bpf_prog_info(name, fd, path.as_ref(), info, verifier_log_level) } @@ -606,7 +613,7 @@ fn load_program( prog_btf_fd: btf_fd.as_ref().map(|f| f.as_fd()), attach_btf_obj_fd: *attach_btf_obj_fd, attach_btf_id: *attach_btf_id, - attach_prog_fd: *attach_prog_fd, + attach_prog_fd: attach_prog_fd.as_ref().map(|fd| fd.as_fd()), func_info_rec_size: *func_info_rec_size, func_info: func_info.clone(), line_info_rec_size: *line_info_rec_size, @@ -952,7 +959,7 @@ impl ProgramInfo { io_error, })?; - let info = bpf_prog_get_info_by_fd(fd.as_raw_fd())?; + let info = bpf_prog_get_info_by_fd(fd.as_fd())?; Ok(ProgramInfo(info)) } } @@ -988,7 +995,7 @@ pub fn loaded_programs() -> impl Iterator Result { if FEATURES.bpf_perf_link() { - let link_fd = bpf_link_create(prog_fd, fd.as_raw_fd(), BPF_PERF_EVENT, None, 0).map_err( - |(_, io_error)| SyscallError { + let link_fd = bpf_link_create(prog_fd, LinkTarget::Fd(fd.as_fd()), BPF_PERF_EVENT, None, 0) + .map_err(|(_, io_error)| SyscallError { call: "bpf_link_create", io_error, - }, - )?; + })?; Ok(PerfLinkInner::FdLink(FdLink::new(link_fd))) } else { perf_attach_either(prog_fd, fd, None) diff --git a/aya/src/programs/sk_lookup.rs b/aya/src/programs/sk_lookup.rs index 15687e43..b6e2f225 100644 --- a/aya/src/programs/sk_lookup.rs +++ b/aya/src/programs/sk_lookup.rs @@ -1,9 +1,9 @@ -use std::os::fd::AsRawFd; +use std::os::fd::AsFd; use crate::{ generated::{bpf_attach_type::BPF_SK_LOOKUP, bpf_prog_type::BPF_PROG_TYPE_SK_LOOKUP}, programs::{define_link_wrapper, load_program, FdLinkId, ProgramData, ProgramError}, - sys::{bpf_link_create, SyscallError}, + sys::{bpf_link_create, LinkTarget, SyscallError}, }; use super::links::FdLink; @@ -60,16 +60,15 @@ impl SkLookup { /// Attaches the program to the given network namespace. /// /// The returned value can be used to detach, see [SkLookup::detach]. - pub fn attach(&mut self, netns: T) -> Result { + pub fn attach(&mut self, netns: T) -> Result { let prog_fd = self.data.fd_or_err()?; - let netns_fd = netns.as_raw_fd(); + let netns_fd = netns.as_fd(); - let link_fd = bpf_link_create(prog_fd, netns_fd, BPF_SK_LOOKUP, None, 0).map_err( - |(_, io_error)| SyscallError { + let link_fd = bpf_link_create(prog_fd, LinkTarget::Fd(netns_fd), BPF_SK_LOOKUP, None, 0) + .map_err(|(_, io_error)| SyscallError { call: "bpf_link_create", io_error, - }, - )?; + })?; self.data .links .insert(SkLookupLink::new(FdLink::new(link_fd))) diff --git a/aya/src/programs/sk_msg.rs b/aya/src/programs/sk_msg.rs index 93819fbe..cbaf7991 100644 --- a/aya/src/programs/sk_msg.rs +++ b/aya/src/programs/sk_msg.rs @@ -1,6 +1,6 @@ //! Skmsg programs. -use std::os::fd::AsRawFd; +use std::os::fd::AsFd as _; use crate::{ generated::{bpf_attach_type::BPF_SK_MSG_VERDICT, bpf_prog_type::BPF_PROG_TYPE_SK_MSG}, @@ -80,7 +80,7 @@ impl SkMsg { /// The returned value can be used to detach, see [SkMsg::detach]. pub fn attach(&mut self, map: SockMapFd) -> Result { let prog_fd = self.data.fd_or_err()?; - let map_fd = map.as_raw_fd(); + let map_fd = map.as_fd(); bpf_prog_attach(prog_fd, map_fd, BPF_SK_MSG_VERDICT).map_err(|(_, io_error)| { SyscallError { @@ -88,6 +88,7 @@ impl SkMsg { io_error, } })?; + let map_fd = map_fd.try_clone_to_owned()?; self.data.links.insert(SkMsgLink::new(ProgAttachLink::new( prog_fd, map_fd, diff --git a/aya/src/programs/sk_skb.rs b/aya/src/programs/sk_skb.rs index 70960265..4a0fc32d 100644 --- a/aya/src/programs/sk_skb.rs +++ b/aya/src/programs/sk_skb.rs @@ -1,6 +1,6 @@ //! Skskb programs. -use std::{os::fd::AsRawFd, path::Path}; +use std::{os::fd::AsFd as _, path::Path}; use crate::{ generated::{ @@ -73,7 +73,7 @@ impl SkSkb { /// The returned value can be used to detach, see [SkSkb::detach]. pub fn attach(&mut self, map: SockMapFd) -> Result { let prog_fd = self.data.fd_or_err()?; - let map_fd = map.as_raw_fd(); + let map_fd = map.as_fd(); let attach_type = match self.kind { SkSkbKind::StreamParser => BPF_SK_SKB_STREAM_PARSER, @@ -83,6 +83,7 @@ impl SkSkb { call: "bpf_prog_attach", io_error, })?; + let map_fd = map_fd.try_clone_to_owned()?; self.data.links.insert(SkSkbLink::new(ProgAttachLink::new( prog_fd, map_fd, diff --git a/aya/src/programs/sock_ops.rs b/aya/src/programs/sock_ops.rs index 6b68873f..d4b79696 100644 --- a/aya/src/programs/sock_ops.rs +++ b/aya/src/programs/sock_ops.rs @@ -1,5 +1,5 @@ //! Socket option programs. -use std::os::fd::{AsFd as _, AsRawFd}; +use std::os::fd::AsFd; use crate::{ generated::{bpf_attach_type::BPF_CGROUP_SOCK_OPS, bpf_prog_type::BPF_PROG_TYPE_SOCK_OPS}, @@ -58,9 +58,9 @@ impl SockOps { /// Attaches the program to the given cgroup. /// /// The returned value can be used to detach, see [SockOps::detach]. - pub fn attach(&mut self, cgroup: T) -> Result { + pub fn attach(&mut self, cgroup: T) -> Result { let prog_fd = self.data.fd_or_err()?; - let cgroup_fd = cgroup.as_raw_fd(); + let cgroup_fd = cgroup.as_fd(); bpf_prog_attach(prog_fd, cgroup_fd, BPF_CGROUP_SOCK_OPS).map_err(|(_, io_error)| { SyscallError { @@ -68,6 +68,7 @@ impl SockOps { io_error, } })?; + let cgroup_fd = cgroup_fd.try_clone_to_owned()?; self.data.links.insert(SockOpsLink::new(ProgAttachLink::new( prog_fd.as_fd(), cgroup_fd, diff --git a/aya/src/programs/xdp.rs b/aya/src/programs/xdp.rs index b7f9def1..0a6e6737 100644 --- a/aya/src/programs/xdp.rs +++ b/aya/src/programs/xdp.rs @@ -1,6 +1,9 @@ //! eXpress Data Path (XDP) programs. -use crate::{sys::SyscallError, util::KernelVersion}; +use crate::{ + sys::{LinkTarget, SyscallError}, + util::KernelVersion, +}; use bitflags; use libc::if_nametoindex; use std::{ @@ -129,19 +132,24 @@ impl Xdp { flags: XdpFlags, ) -> Result { let prog_fd = self.data.fd_or_err()?; - let if_index = if_index as RawFd; if KernelVersion::current().unwrap() >= KernelVersion::new(5, 9, 0) { - let link_fd = bpf_link_create(prog_fd, if_index, BPF_XDP, None, flags.bits()).map_err( - |(_, io_error)| SyscallError { - call: "bpf_link_create", - io_error, - }, - )?; + let link_fd = bpf_link_create( + prog_fd, + LinkTarget::IfIndex(if_index), + BPF_XDP, + None, + flags.bits(), + ) + .map_err(|(_, io_error)| SyscallError { + call: "bpf_link_create", + io_error, + })?; self.data .links .insert(XdpLink::new(XdpLinkInner::FdLink(FdLink::new(link_fd)))) } else { + let if_index = if_index as i32; unsafe { netlink_set_xdp_fd(if_index, Some(prog_fd), None, flags.bits()) } .map_err(|io_error| XdpError::NetlinkError { io_error })?; diff --git a/aya/src/sys/bpf.rs b/aya/src/sys/bpf.rs index f560d6d5..90c8538d 100644 --- a/aya/src/sys/bpf.rs +++ b/aya/src/sys/bpf.rs @@ -10,6 +10,7 @@ use std::{ use crate::util::KernelVersion; use libc::{c_char, c_long, ENOENT, ENOSPC}; use obj::{ + generated::bpf_attr__bindgen_ty_14__bindgen_ty_2, maps::{bpf_map_def, LegacyMap}, BpfSectionKind, VerifierLog, }; @@ -119,7 +120,7 @@ pub(crate) struct BpfLoadProgramAttrs<'a> { pub(crate) prog_btf_fd: Option>, pub(crate) attach_btf_obj_fd: Option, pub(crate) attach_btf_id: Option, - pub(crate) attach_prog_fd: Option, + pub(crate) attach_prog_fd: Option>, pub(crate) func_info_rec_size: usize, pub(crate) func_info: FuncSecInfo, pub(crate) line_info_rec_size: usize, @@ -183,7 +184,7 @@ pub(crate) fn bpf_load_program( u.__bindgen_anon_1.attach_btf_obj_fd = v; } if let Some(v) = aya_attr.attach_prog_fd { - u.__bindgen_anon_1.attach_prog_fd = v as u32; + u.__bindgen_anon_1.attach_prog_fd = v.as_raw_fd() as u32; } if let Some(v) = aya_attr.attach_btf_id { @@ -365,10 +366,15 @@ pub(crate) fn bpf_map_freeze(fd: RawFd) -> SysResult { sys_bpf(bpf_cmd::BPF_MAP_FREEZE, &mut attr) } +pub(crate) enum LinkTarget<'f> { + Fd(BorrowedFd<'f>), + IfIndex(u32), +} + // since kernel 5.7 pub(crate) fn bpf_link_create( prog_fd: BorrowedFd<'_>, - target_fd: RawFd, + target: LinkTarget<'_>, attach_type: bpf_attach_type, btf_id: Option, flags: u32, @@ -376,7 +382,14 @@ pub(crate) fn bpf_link_create( let mut attr = unsafe { mem::zeroed::() }; attr.link_create.__bindgen_anon_1.prog_fd = prog_fd.as_raw_fd() as u32; - attr.link_create.__bindgen_anon_2.target_fd = target_fd as u32; + attr.link_create.__bindgen_anon_2 = match target { + LinkTarget::Fd(fd) => bpf_attr__bindgen_ty_14__bindgen_ty_2 { + target_fd: fd.as_raw_fd() as u32, + }, + LinkTarget::IfIndex(ifindex) => bpf_attr__bindgen_ty_14__bindgen_ty_2 { + target_ifindex: ifindex, + }, + }; attr.link_create.attach_type = attach_type as u32; attr.link_create.flags = flags; if let Some(btf_id) = btf_id { @@ -410,13 +423,13 @@ pub(crate) fn bpf_link_update( pub(crate) fn bpf_prog_attach( prog_fd: BorrowedFd<'_>, - target_fd: RawFd, + target_fd: BorrowedFd<'_>, attach_type: bpf_attach_type, ) -> SysResult { let mut attr = unsafe { mem::zeroed::() }; attr.__bindgen_anon_5.attach_bpf_fd = prog_fd.as_raw_fd() as u32; - attr.__bindgen_anon_5.target_fd = target_fd as u32; + attr.__bindgen_anon_5.target_fd = target_fd.as_raw_fd() as u32; attr.__bindgen_anon_5.attach_type = attach_type as u32; sys_bpf(bpf_cmd::BPF_PROG_ATTACH, &mut attr) @@ -424,13 +437,13 @@ pub(crate) fn bpf_prog_attach( pub(crate) fn bpf_prog_detach( prog_fd: RawFd, - map_fd: RawFd, + target_fd: BorrowedFd<'_>, attach_type: bpf_attach_type, ) -> SysResult { let mut attr = unsafe { mem::zeroed::() }; attr.__bindgen_anon_5.attach_bpf_fd = prog_fd as u32; - attr.__bindgen_anon_5.target_fd = map_fd as u32; + attr.__bindgen_anon_5.target_fd = target_fd.as_raw_fd() as u32; attr.__bindgen_anon_5.attach_type = attach_type as u32; sys_bpf(bpf_cmd::BPF_PROG_DETACH, &mut attr) @@ -501,8 +514,7 @@ fn bpf_obj_get_info_by_fd(fd: BorrowedFd<'_>) -> Result { } } -pub(crate) fn bpf_prog_get_info_by_fd(fd: RawFd) -> Result { - let fd = unsafe { BorrowedFd::borrow_raw(fd) }; +pub(crate) fn bpf_prog_get_info_by_fd(fd: BorrowedFd<'_>) -> Result { bpf_obj_get_info_by_fd::(fd) } @@ -675,11 +687,19 @@ pub(crate) fn is_perf_link_supported() -> bool { u.insns = insns.as_ptr() as u64; u.prog_type = bpf_prog_type::BPF_PROG_TYPE_TRACEPOINT as u32; - let Ok(fd) = bpf_prog_load(&mut attr) else { return false }; + let Ok(fd) = bpf_prog_load(&mut attr) else { + return false; + }; if let Err((_, e)) = // Uses an invalid target FD so we get EBADF if supported. - bpf_link_create(fd.as_fd(), -1, bpf_attach_type::BPF_PERF_EVENT, None, 0) + bpf_link_create( + fd.as_fd(), + LinkTarget::IfIndex(u32::MAX), + bpf_attach_type::BPF_PERF_EVENT, + None, + 0, + ) { // Returns EINVAL if unsupported. EBADF if supported. return e.raw_os_error() == Some(libc::EBADF); @@ -721,7 +741,9 @@ pub(crate) fn is_bpf_global_data_supported() -> bool { btf_fd: None, }; - let Ok(map_fd) = map_data.create("aya_global") else { return false }; + let Ok(map_fd) = map_data.create("aya_global") else { + return false; + }; insns[0].imm = map_fd; diff --git a/xtask/public-api/aya.txt b/xtask/public-api/aya.txt index 02e3eb94..10d75355 100644 --- a/xtask/public-api/aya.txt +++ b/xtask/public-api/aya.txt @@ -638,6 +638,8 @@ pub fn aya::maps::SockMap::borrow_mut(&mut self) -> &mut T impl core::convert::From for aya::maps::SockMap pub fn aya::maps::SockMap::from(t: T) -> T pub struct aya::maps::sock::SockMapFd(_) +impl std::os::fd::owned::AsFd for aya::maps::sock::SockMapFd +pub fn aya::maps::sock::SockMapFd::as_fd(&self) -> std::os::fd::owned::BorrowedFd<'_> impl std::os::fd::raw::AsRawFd for aya::maps::sock::SockMapFd pub fn aya::maps::sock::SockMapFd::as_raw_fd(&self) -> std::os::fd::raw::RawFd impl core::clone::Clone for aya::maps::sock::SockMapFd @@ -1805,7 +1807,7 @@ pub use aya::programs::CgroupSockoptAttachType pub mod aya::programs::cgroup_device pub struct aya::programs::cgroup_device::CgroupDevice impl aya::programs::cgroup_device::CgroupDevice -pub fn aya::programs::cgroup_device::CgroupDevice::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_device::CgroupDevice::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_device::CgroupDevice::detach(&mut self, link_id: aya::programs::cgroup_device::CgroupDeviceLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_device::CgroupDevice::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_device::CgroupDevice::take_link(&mut self, link_id: aya::programs::cgroup_device::CgroupDeviceLinkId) -> core::result::Result @@ -1946,7 +1948,7 @@ impl core::convert::From for aya::programs::cgroup_skb::CgroupSkbAttachTyp pub fn aya::programs::cgroup_skb::CgroupSkbAttachType::from(t: T) -> T pub struct aya::programs::cgroup_skb::CgroupSkb impl aya::programs::cgroup_skb::CgroupSkb -pub fn aya::programs::cgroup_skb::CgroupSkb::attach(&mut self, cgroup: T, attach_type: aya::programs::cgroup_skb::CgroupSkbAttachType) -> core::result::Result +pub fn aya::programs::cgroup_skb::CgroupSkb::attach(&mut self, cgroup: T, attach_type: aya::programs::cgroup_skb::CgroupSkbAttachType) -> core::result::Result pub fn aya::programs::cgroup_skb::CgroupSkb::detach(&mut self, link_id: aya::programs::cgroup_skb::CgroupSkbLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_skb::CgroupSkb::expected_attach_type(&self) -> &core::option::Option pub fn aya::programs::cgroup_skb::CgroupSkb::from_pin>(path: P, expected_attach_type: aya::programs::cgroup_skb::CgroupSkbAttachType) -> core::result::Result @@ -2055,7 +2057,7 @@ pub mod aya::programs::cgroup_sock pub use aya::programs::cgroup_sock::CgroupSockAttachType pub struct aya::programs::cgroup_sock::CgroupSock impl aya::programs::cgroup_sock::CgroupSock -pub fn aya::programs::cgroup_sock::CgroupSock::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_sock::CgroupSock::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_sock::CgroupSock::detach(&mut self, link_id: aya::programs::cgroup_sock::CgroupSockLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sock::CgroupSock::from_pin>(path: P, attach_type: aya_obj::programs::cgroup_sock::CgroupSockAttachType) -> core::result::Result pub fn aya::programs::cgroup_sock::CgroupSock::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> @@ -2163,7 +2165,7 @@ pub mod aya::programs::cgroup_sock_addr pub use aya::programs::cgroup_sock_addr::CgroupSockAddrAttachType pub struct aya::programs::cgroup_sock_addr::CgroupSockAddr impl aya::programs::cgroup_sock_addr::CgroupSockAddr -pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::detach(&mut self, link_id: aya::programs::cgroup_sock_addr::CgroupSockAddrLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::from_pin>(path: P, attach_type: aya_obj::programs::cgroup_sock_addr::CgroupSockAddrAttachType) -> core::result::Result pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> @@ -2271,7 +2273,7 @@ pub mod aya::programs::cgroup_sockopt pub use aya::programs::cgroup_sockopt::CgroupSockoptAttachType pub struct aya::programs::cgroup_sockopt::CgroupSockopt impl aya::programs::cgroup_sockopt::CgroupSockopt -pub fn aya::programs::cgroup_sockopt::CgroupSockopt::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_sockopt::CgroupSockopt::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_sockopt::CgroupSockopt::detach(&mut self, link_id: aya::programs::cgroup_sockopt::CgroupSockoptLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sockopt::CgroupSockopt::from_pin>(path: P, attach_type: aya_obj::programs::cgroup_sockopt::CgroupSockoptAttachType) -> core::result::Result pub fn aya::programs::cgroup_sockopt::CgroupSockopt::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> @@ -2378,7 +2380,7 @@ pub fn aya::programs::cgroup_sockopt::CgroupSockoptLinkId::from(t: T) -> T pub mod aya::programs::cgroup_sysctl pub struct aya::programs::cgroup_sysctl::CgroupSysctl impl aya::programs::cgroup_sysctl::CgroupSysctl -pub fn aya::programs::cgroup_sysctl::CgroupSysctl::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_sysctl::CgroupSysctl::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_sysctl::CgroupSysctl::detach(&mut self, link_id: aya::programs::cgroup_sysctl::CgroupSysctlLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sysctl::CgroupSysctl::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sysctl::CgroupSysctl::take_link(&mut self, link_id: aya::programs::cgroup_sysctl::CgroupSysctlLinkId) -> core::result::Result @@ -3393,10 +3395,10 @@ impl core::convert::From for aya::programs::lirc_mode2::LircLinkId pub fn aya::programs::lirc_mode2::LircLinkId::from(t: T) -> T pub struct aya::programs::lirc_mode2::LircMode2 impl aya::programs::lirc_mode2::LircMode2 -pub fn aya::programs::lirc_mode2::LircMode2::attach(&mut self, lircdev: T) -> core::result::Result +pub fn aya::programs::lirc_mode2::LircMode2::attach(&mut self, lircdev: T) -> core::result::Result pub fn aya::programs::lirc_mode2::LircMode2::detach(&mut self, link_id: aya::programs::lirc_mode2::LircLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::lirc_mode2::LircMode2::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> -pub fn aya::programs::lirc_mode2::LircMode2::query(target_fd: T) -> core::result::Result, aya::programs::ProgramError> +pub fn aya::programs::lirc_mode2::LircMode2::query(target_fd: T) -> core::result::Result, aya::programs::ProgramError> pub fn aya::programs::lirc_mode2::LircMode2::take_link(&mut self, link_id: aya::programs::lirc_mode2::LircLinkId) -> core::result::Result impl aya::programs::lirc_mode2::LircMode2 pub fn aya::programs::lirc_mode2::LircMode2::fd(&self) -> core::option::Option @@ -5574,7 +5576,7 @@ impl core::convert::From for aya::programs::tp_btf::BtfTracePoint pub fn aya::programs::tp_btf::BtfTracePoint::from(t: T) -> T pub struct aya::programs::CgroupDevice impl aya::programs::cgroup_device::CgroupDevice -pub fn aya::programs::cgroup_device::CgroupDevice::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_device::CgroupDevice::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_device::CgroupDevice::detach(&mut self, link_id: aya::programs::cgroup_device::CgroupDeviceLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_device::CgroupDevice::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_device::CgroupDevice::take_link(&mut self, link_id: aya::programs::cgroup_device::CgroupDeviceLinkId) -> core::result::Result @@ -5620,7 +5622,7 @@ impl core::convert::From for aya::programs::cgroup_device::CgroupDevice pub fn aya::programs::cgroup_device::CgroupDevice::from(t: T) -> T pub struct aya::programs::CgroupSkb impl aya::programs::cgroup_skb::CgroupSkb -pub fn aya::programs::cgroup_skb::CgroupSkb::attach(&mut self, cgroup: T, attach_type: aya::programs::cgroup_skb::CgroupSkbAttachType) -> core::result::Result +pub fn aya::programs::cgroup_skb::CgroupSkb::attach(&mut self, cgroup: T, attach_type: aya::programs::cgroup_skb::CgroupSkbAttachType) -> core::result::Result pub fn aya::programs::cgroup_skb::CgroupSkb::detach(&mut self, link_id: aya::programs::cgroup_skb::CgroupSkbLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_skb::CgroupSkb::expected_attach_type(&self) -> &core::option::Option pub fn aya::programs::cgroup_skb::CgroupSkb::from_pin>(path: P, expected_attach_type: aya::programs::cgroup_skb::CgroupSkbAttachType) -> core::result::Result @@ -5666,7 +5668,7 @@ impl core::convert::From for aya::programs::cgroup_skb::CgroupSkb pub fn aya::programs::cgroup_skb::CgroupSkb::from(t: T) -> T pub struct aya::programs::CgroupSock impl aya::programs::cgroup_sock::CgroupSock -pub fn aya::programs::cgroup_sock::CgroupSock::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_sock::CgroupSock::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_sock::CgroupSock::detach(&mut self, link_id: aya::programs::cgroup_sock::CgroupSockLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sock::CgroupSock::from_pin>(path: P, attach_type: aya_obj::programs::cgroup_sock::CgroupSockAttachType) -> core::result::Result pub fn aya::programs::cgroup_sock::CgroupSock::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> @@ -5711,7 +5713,7 @@ impl core::convert::From for aya::programs::cgroup_sock::CgroupSock pub fn aya::programs::cgroup_sock::CgroupSock::from(t: T) -> T pub struct aya::programs::CgroupSockAddr impl aya::programs::cgroup_sock_addr::CgroupSockAddr -pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::detach(&mut self, link_id: aya::programs::cgroup_sock_addr::CgroupSockAddrLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::from_pin>(path: P, attach_type: aya_obj::programs::cgroup_sock_addr::CgroupSockAddrAttachType) -> core::result::Result pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> @@ -5756,7 +5758,7 @@ impl core::convert::From for aya::programs::cgroup_sock_addr::CgroupSockAd pub fn aya::programs::cgroup_sock_addr::CgroupSockAddr::from(t: T) -> T pub struct aya::programs::CgroupSockopt impl aya::programs::cgroup_sockopt::CgroupSockopt -pub fn aya::programs::cgroup_sockopt::CgroupSockopt::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_sockopt::CgroupSockopt::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_sockopt::CgroupSockopt::detach(&mut self, link_id: aya::programs::cgroup_sockopt::CgroupSockoptLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sockopt::CgroupSockopt::from_pin>(path: P, attach_type: aya_obj::programs::cgroup_sockopt::CgroupSockoptAttachType) -> core::result::Result pub fn aya::programs::cgroup_sockopt::CgroupSockopt::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> @@ -5801,7 +5803,7 @@ impl core::convert::From for aya::programs::cgroup_sockopt::CgroupSockopt pub fn aya::programs::cgroup_sockopt::CgroupSockopt::from(t: T) -> T pub struct aya::programs::CgroupSysctl impl aya::programs::cgroup_sysctl::CgroupSysctl -pub fn aya::programs::cgroup_sysctl::CgroupSysctl::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::cgroup_sysctl::CgroupSysctl::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::cgroup_sysctl::CgroupSysctl::detach(&mut self, link_id: aya::programs::cgroup_sysctl::CgroupSysctlLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sysctl::CgroupSysctl::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::cgroup_sysctl::CgroupSysctl::take_link(&mut self, link_id: aya::programs::cgroup_sysctl::CgroupSysctlLinkId) -> core::result::Result @@ -6032,10 +6034,10 @@ impl core::convert::From for aya::programs::kprobe::KProbe pub fn aya::programs::kprobe::KProbe::from(t: T) -> T pub struct aya::programs::LircMode2 impl aya::programs::lirc_mode2::LircMode2 -pub fn aya::programs::lirc_mode2::LircMode2::attach(&mut self, lircdev: T) -> core::result::Result +pub fn aya::programs::lirc_mode2::LircMode2::attach(&mut self, lircdev: T) -> core::result::Result pub fn aya::programs::lirc_mode2::LircMode2::detach(&mut self, link_id: aya::programs::lirc_mode2::LircLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::lirc_mode2::LircMode2::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> -pub fn aya::programs::lirc_mode2::LircMode2::query(target_fd: T) -> core::result::Result, aya::programs::ProgramError> +pub fn aya::programs::lirc_mode2::LircMode2::query(target_fd: T) -> core::result::Result, aya::programs::ProgramError> pub fn aya::programs::lirc_mode2::LircMode2::take_link(&mut self, link_id: aya::programs::lirc_mode2::LircLinkId) -> core::result::Result impl aya::programs::lirc_mode2::LircMode2 pub fn aya::programs::lirc_mode2::LircMode2::fd(&self) -> core::option::Option @@ -6170,10 +6172,14 @@ pub fn aya::programs::perf_event::PerfEvent::borrow_mut(&mut self) -> &mut T impl core::convert::From for aya::programs::perf_event::PerfEvent pub fn aya::programs::perf_event::PerfEvent::from(t: T) -> T pub struct aya::programs::ProgramFd(_) +impl std::os::fd::owned::AsFd for aya::programs::ProgramFd +pub fn aya::programs::ProgramFd::as_fd(&self) -> std::os::fd::owned::BorrowedFd<'_> impl std::os::fd::raw::AsRawFd for aya::programs::ProgramFd pub fn aya::programs::ProgramFd::as_raw_fd(&self) -> std::os::fd::raw::RawFd impl core::clone::Clone for aya::programs::ProgramFd pub fn aya::programs::ProgramFd::clone(&self) -> aya::programs::ProgramFd +impl core::fmt::Debug for aya::programs::ProgramFd +pub fn aya::programs::ProgramFd::fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result impl core::marker::Copy for aya::programs::ProgramFd impl core::marker::Send for aya::programs::ProgramFd impl core::marker::Sync for aya::programs::ProgramFd @@ -6324,7 +6330,7 @@ impl core::convert::From for aya::programs::tc::SchedClassifier pub fn aya::programs::tc::SchedClassifier::from(t: T) -> T pub struct aya::programs::SkLookup impl aya::programs::SkLookup -pub fn aya::programs::SkLookup::attach(&mut self, netns: T) -> core::result::Result +pub fn aya::programs::SkLookup::attach(&mut self, netns: T) -> core::result::Result pub fn aya::programs::SkLookup::detach(&mut self, link_id: SkLookupLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::SkLookup::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::SkLookup::take_link(&mut self, link_id: SkLookupLinkId) -> core::result::Result @@ -6461,7 +6467,7 @@ impl core::convert::From for aya::programs::SkSkb pub fn aya::programs::SkSkb::from(t: T) -> T pub struct aya::programs::SockOps impl aya::programs::SockOps -pub fn aya::programs::SockOps::attach(&mut self, cgroup: T) -> core::result::Result +pub fn aya::programs::SockOps::attach(&mut self, cgroup: T) -> core::result::Result pub fn aya::programs::SockOps::detach(&mut self, link_id: SockOpsLinkId) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::SockOps::load(&mut self) -> core::result::Result<(), aya::programs::ProgramError> pub fn aya::programs::SockOps::take_link(&mut self, link_id: SockOpsLinkId) -> core::result::Result