Commit 33221307 authored by Quentin Monnet's avatar Quentin Monnet Committed by Daniel Borkmann

tools: bpftool: add an option to prevent auto-mount of bpffs, tracefs

In order to make life easier for users, bpftool automatically attempts
to mount the BPF virtual file system, if it is not mounted already,
before trying to pin objects in it. Similarly, it attempts to mount
tracefs if necessary before trying to dump the trace pipe to the
console.

While mounting file systems on-the-fly can improve user experience, some
administrators might prefer to avoid that. Let's add an option to block
these mount attempts. Note that it does not prevent automatic mounting
of tracefs by debugfs for the "bpftool prog tracelog" command.
Signed-off-by: default avatarQuentin Monnet <quentin.monnet@netronome.com>
Reviewed-by: default avatarJakub Kicinski <jakub.kicinski@netronome.com>
Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
parent be3245e2
...@@ -128,6 +128,10 @@ OPTIONS ...@@ -128,6 +128,10 @@ OPTIONS
-f, --bpffs -f, --bpffs
Show file names of pinned maps. Show file names of pinned maps.
-n, --nomount
Do not automatically attempt to mount any virtual file system
(such as tracefs or BPF virtual file system) when necessary.
EXAMPLES EXAMPLES
======== ========
**# bpftool map show** **# bpftool map show**
......
...@@ -161,6 +161,10 @@ OPTIONS ...@@ -161,6 +161,10 @@ OPTIONS
-m, --mapcompat -m, --mapcompat
Allow loading maps with unknown map definitions. Allow loading maps with unknown map definitions.
-n, --nomount
Do not automatically attempt to mount any virtual file system
(such as tracefs or BPF virtual file system) when necessary.
EXAMPLES EXAMPLES
======== ========
**# bpftool prog show** **# bpftool prog show**
......
...@@ -60,6 +60,10 @@ OPTIONS ...@@ -60,6 +60,10 @@ OPTIONS
-m, --mapcompat -m, --mapcompat
Allow loading maps with unknown map definitions. Allow loading maps with unknown map definitions.
-n, --nomount
Do not automatically attempt to mount any virtual file system
(such as tracefs or BPF virtual file system) when necessary.
SEE ALSO SEE ALSO
======== ========
......
...@@ -177,6 +177,12 @@ int mount_bpffs_for_pin(const char *name) ...@@ -177,6 +177,12 @@ int mount_bpffs_for_pin(const char *name)
/* nothing to do if already mounted */ /* nothing to do if already mounted */
goto out_free; goto out_free;
if (block_mount) {
p_err("no BPF file system found, not mounting it due to --nomount option");
err = -1;
goto out_free;
}
err = mnt_fs(dir, "bpf", err_str, ERR_MAX_LEN); err = mnt_fs(dir, "bpf", err_str, ERR_MAX_LEN);
if (err) { if (err) {
err_str[ERR_MAX_LEN - 1] = '\0'; err_str[ERR_MAX_LEN - 1] = '\0';
......
...@@ -24,6 +24,7 @@ json_writer_t *json_wtr; ...@@ -24,6 +24,7 @@ json_writer_t *json_wtr;
bool pretty_output; bool pretty_output;
bool json_output; bool json_output;
bool show_pinned; bool show_pinned;
bool block_mount;
int bpf_flags; int bpf_flags;
struct pinned_obj_table prog_table; struct pinned_obj_table prog_table;
struct pinned_obj_table map_table; struct pinned_obj_table map_table;
...@@ -313,6 +314,7 @@ int main(int argc, char **argv) ...@@ -313,6 +314,7 @@ int main(int argc, char **argv)
{ "version", no_argument, NULL, 'V' }, { "version", no_argument, NULL, 'V' },
{ "bpffs", no_argument, NULL, 'f' }, { "bpffs", no_argument, NULL, 'f' },
{ "mapcompat", no_argument, NULL, 'm' }, { "mapcompat", no_argument, NULL, 'm' },
{ "nomount", no_argument, NULL, 'n' },
{ 0 } { 0 }
}; };
int opt, ret; int opt, ret;
...@@ -321,13 +323,14 @@ int main(int argc, char **argv) ...@@ -321,13 +323,14 @@ int main(int argc, char **argv)
pretty_output = false; pretty_output = false;
json_output = false; json_output = false;
show_pinned = false; show_pinned = false;
block_mount = false;
bin_name = argv[0]; bin_name = argv[0];
hash_init(prog_table.table); hash_init(prog_table.table);
hash_init(map_table.table); hash_init(map_table.table);
opterr = 0; opterr = 0;
while ((opt = getopt_long(argc, argv, "Vhpjfm", while ((opt = getopt_long(argc, argv, "Vhpjfmn",
options, NULL)) >= 0) { options, NULL)) >= 0) {
switch (opt) { switch (opt) {
case 'V': case 'V':
...@@ -354,6 +357,9 @@ int main(int argc, char **argv) ...@@ -354,6 +357,9 @@ int main(int argc, char **argv)
case 'm': case 'm':
bpf_flags = MAPS_RELAX_COMPAT; bpf_flags = MAPS_RELAX_COMPAT;
break; break;
case 'n':
block_mount = true;
break;
default: default:
p_err("unrecognized option '%s'", argv[optind - 1]); p_err("unrecognized option '%s'", argv[optind - 1]);
if (json_output) if (json_output)
......
...@@ -44,7 +44,8 @@ ...@@ -44,7 +44,8 @@
#define HELP_SPEC_PROGRAM \ #define HELP_SPEC_PROGRAM \
"PROG := { id PROG_ID | pinned FILE | tag PROG_TAG }" "PROG := { id PROG_ID | pinned FILE | tag PROG_TAG }"
#define HELP_SPEC_OPTIONS \ #define HELP_SPEC_OPTIONS \
"OPTIONS := { {-j|--json} [{-p|--pretty}] | {-f|--bpffs} | {-m|--mapcompat}" "OPTIONS := { {-j|--json} [{-p|--pretty}] | {-f|--bpffs} |\n" \
"\t {-m|--mapcompat} | {-n|--nomount} }"
#define HELP_SPEC_MAP \ #define HELP_SPEC_MAP \
"MAP := { id MAP_ID | pinned FILE }" "MAP := { id MAP_ID | pinned FILE }"
...@@ -85,6 +86,7 @@ extern const char *bin_name; ...@@ -85,6 +86,7 @@ extern const char *bin_name;
extern json_writer_t *json_wtr; extern json_writer_t *json_wtr;
extern bool json_output; extern bool json_output;
extern bool show_pinned; extern bool show_pinned;
extern bool block_mount;
extern int bpf_flags; extern int bpf_flags;
extern struct pinned_obj_table prog_table; extern struct pinned_obj_table prog_table;
extern struct pinned_obj_table map_table; extern struct pinned_obj_table map_table;
......
...@@ -91,6 +91,9 @@ static bool get_tracefs_pipe(char *mnt) ...@@ -91,6 +91,9 @@ static bool get_tracefs_pipe(char *mnt)
if (found && validate_tracefs_mnt(mnt, TRACEFS_MAGIC)) if (found && validate_tracefs_mnt(mnt, TRACEFS_MAGIC))
goto exit_found; goto exit_found;
if (block_mount)
return false;
p_info("could not find tracefs, attempting to mount it now"); p_info("could not find tracefs, attempting to mount it now");
/* Most of the time, tracefs is automatically mounted by debugfs at /* Most of the time, tracefs is automatically mounted by debugfs at
* /sys/kernel/debug/tracing when we try to access it. If we could not * /sys/kernel/debug/tracing when we try to access it. If we could not
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment