diff options
author | Julia Kartseva <hex@fb.com> | 2022-01-21 18:50:26 -0800 |
---|---|---|
committer | Yu Watanabe <watanabe.yu+github@gmail.com> | 2022-01-22 16:48:42 +0900 |
commit | 8fe9dbb9266988235a0590f76a4e77428540f900 (patch) | |
tree | f276616e4d75f7144ba78f4c0a55ecebc4026ba1 /src/test/test-bpf-firewall.c | |
parent | df4ec48f45f518b6926e02ef4d77c8ed1a8b4e2c (diff) | |
download | systemd-8fe9dbb9266988235a0590f76a4e77428540f900.tar.gz |
bpf: name unnamed bpf programs
bpf-firewall and bpf-devices do not have names. This complicates
debugging with bpftool(8).
Assign names starting with 'sd_' prefix:
* firewall program names are 'sd_fw_ingress' for ingress attach
point and 'sd_fw_egress' for egress.
* 'sd_devices' for devices prog
'sd_' prefix is already used in source-compiled programs, e.g.
sd_restrictif_i, sd_restrictif_e, sd_bind6.
The name must not be longer than 15 characters or BPF_OBJ_NAME_LEN - 1.
Assign names only to programs loaded to kernel by systemd since
programs pinned to bpffs are already loaded.
Diffstat (limited to 'src/test/test-bpf-firewall.c')
-rw-r--r-- | src/test/test-bpf-firewall.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/test/test-bpf-firewall.c b/src/test/test-bpf-firewall.c index 2e19db600e..cbcb525f52 100644 --- a/src/test/test-bpf-firewall.c +++ b/src/test/test-bpf-firewall.c @@ -55,7 +55,7 @@ int main(int argc, char *argv[]) { assert_se(set_unit_path(unit_dir) >= 0); assert_se(runtime_dir = setup_fake_runtime_dir()); - r = bpf_program_new(BPF_PROG_TYPE_CGROUP_SKB, &p); + r = bpf_program_new(BPF_PROG_TYPE_CGROUP_SKB, "sd_trivial", &p); assert_se(r == 0); r = bpf_program_add_instructions(p, exit_insn, ELEMENTSOF(exit_insn)); |