return 0;
}
-int bpf_program_cgroup_detach(int type, const char *path) {
+int bpf_program_cgroup_detach(BPFProgram *p, int type, const char *path) {
_cleanup_close_ int fd = -1;
union bpf_attr attr;
+ assert(type >= 0);
assert(path);
+ /* Note that 'p' may be NULL, in which case any program is detached. However, note that if BPF_F_ALLOW_MULTI is
+ * used 'p' is not optional. */
+
fd = open(path, O_DIRECTORY|O_RDONLY|O_CLOEXEC);
if (fd < 0)
return -errno;
attr = (union bpf_attr) {
.attach_type = type,
.target_fd = fd,
+ .attach_bpf_fd = p ? p->kernel_fd : -1,
};
if (bpf(BPF_PROG_DETACH, &attr, sizeof(attr)) < 0)
int bpf_program_load_kernel(BPFProgram *p, char *log_buf, size_t log_size);
int bpf_program_cgroup_attach(BPFProgram *p, int type, const char *path, uint32_t flags);
-int bpf_program_cgroup_detach(int type, const char *path);
+int bpf_program_cgroup_detach(BPFProgram *p, int type, const char *path);
int bpf_map_new(enum bpf_map_type type, size_t key_size, size_t value_size, size_t max_entries, uint32_t flags);
int bpf_map_update_element(int fd, const void *key, void *value);
if (r < 0)
return log_error_errno(r, "Attaching egress BPF program to cgroup %s failed: %m", path);
} else {
- r = bpf_program_cgroup_detach(BPF_CGROUP_INET_EGRESS, path);
+ r = bpf_program_cgroup_detach(NULL, BPF_CGROUP_INET_EGRESS, path);
if (r < 0)
return log_full_errno(r == -ENOENT ? LOG_DEBUG : LOG_ERR, r,
"Detaching egress BPF program from cgroup failed: %m");
if (r < 0)
return log_error_errno(r, "Attaching ingress BPF program to cgroup %s failed: %m", path);
} else {
- r = bpf_program_cgroup_detach(BPF_CGROUP_INET_INGRESS, path);
+ r = bpf_program_cgroup_detach(NULL, BPF_CGROUP_INET_INGRESS, path);
if (r < 0)
return log_full_errno(r == -ENOENT ? LOG_DEBUG : LOG_ERR, r,
"Detaching ingress BPF program from cgroup failed: %m");