bpf.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* RE: Question about LSM with eBPF
@ 2022-02-11 16:01 Roberto Sassu
  0 siblings, 0 replies; 3+ messages in thread
From: Roberto Sassu @ 2022-02-11 16:01 UTC (permalink / raw)
  To: bpf, kpsingh

> From: Roberto Sassu
> Sent: Friday, February 11, 2022 12:58 PM
> Hi
> 
> I'm working on an LSM implemented with eBPF. I have a
> question about persistence. Is it possible to keep the
> attached LSM running without the user space process
> that attached it?

Found a solution:

                        char path[PATH_MAX] = "/sys/fs/bpf/";

                        for (i = 0; i < skel->skeleton->prog_cnt; i++) {
                                snprintf(path + path_len,
                                         sizeof(path) - path_len, "%s",
                                         skel->skeleton->progs[i].name);
                                bpf_link__pin(*skel->skeleton->progs[i].link,
                                              path);
                        }

Roberto

HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Zhong Ronghua

> Thanks
> 
> Roberto
> 
> HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
> Managing Director: Li Peng, Zhong Ronghua


^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: Question about LSM with eBPF
  2022-02-11 11:57 Roberto Sassu
@ 2022-02-12  0:30 ` Michal Rostecki
  0 siblings, 0 replies; 3+ messages in thread
From: Michal Rostecki @ 2022-02-12  0:30 UTC (permalink / raw)
  To: Roberto Sassu, bpf, kpsingh

On 2/11/22 11:57, Roberto Sassu wrote:
> Hi
> 
> I'm working on an LSM implemented with eBPF. I have a
> question about persistence. Is it possible to keep the
> attached LSM running without the user space process
> that attached it?
> 
> Thanks
> 
> Roberto
> 
> HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
> Managing Director: Li Peng, Zhong Ronghua
> 

Hi Roberto,

Yes, it's possible if you pin the program in BPFFS.

If you are using libbpf, you can use the bpf_program__pin function:

https://github.com/libbpf/libbpf/blob/master/src/libbpf.h#L349-L359

If you are using libbpf-rs:

https://docs.rs/libbpf-rs/0.16.0/libbpf_rs/struct.Program.html#method.pin

If you are using Aya:

https://docs.rs/aya/0.10.6/aya/programs/enum.Program.html#method.pin

Cheers,
Michal

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Question about LSM with eBPF
@ 2022-02-11 11:57 Roberto Sassu
  2022-02-12  0:30 ` Michal Rostecki
  0 siblings, 1 reply; 3+ messages in thread
From: Roberto Sassu @ 2022-02-11 11:57 UTC (permalink / raw)
  To: bpf, kpsingh

Hi

I'm working on an LSM implemented with eBPF. I have a
question about persistence. Is it possible to keep the
attached LSM running without the user space process
that attached it?

Thanks

Roberto

HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Zhong Ronghua


^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-02-12  0:30 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-02-11 16:01 Question about LSM with eBPF Roberto Sassu
  -- strict thread matches above, loose matches on Subject: below --
2022-02-11 11:57 Roberto Sassu
2022-02-12  0:30 ` Michal Rostecki

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).