bpf: convert 'c'/'b' to bpf_type at the very end

This makes the code a bit longer, but easier to read I think, because the cgroup v1 and v2 code paths are more similar. And whent he type is a char, any backtrace is easier to interpret.
author: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> 2019-11-09 12:32:44 +0100
committer: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> 2019-11-11 15:13:56 +0100
commit: 8ad08622d6f818f65e56b1e588221a4d546ab9bb (patch)
tree: a0c4b447d5869b884b92eb39f44fb2ac57452f6e /src/core/bpf-devices.c
parent: test-bpf-devices: new test for the devices bpf code (diff)
download: systemd-8ad08622d6f818f65e56b1e588221a4d546ab9bb.tar.xz
systemd-8ad08622d6f818f65e56b1e588221a4d546ab9bb.zip
1 files changed, 18 insertions, 10 deletions
diff --git a/src/core/bpf-devices.c b/src/core/bpf-devices.c
index 2683db8e71..932c73033a 100644
--- a/src/core/bpf-devices.c
+++ b/src/core/bpf-devices.c
@@ -38,7 +38,7 @@ static int bpf_access_type(const char *acc) {
         return r;
 }
 
-static int bpf_prog_whitelist_device(BPFProgram *prog, int type, int major, int minor, const char *acc) {
+static int bpf_prog_whitelist_device(BPFProgram *prog, char type, int major, int minor, const char *acc) {
         int r, access;
 
         assert(prog);
@@ -50,8 +50,11 @@ static int bpf_prog_whitelist_device(BPFProgram *prog, int type, int major, int
         if (access <= 0)
                 return -EINVAL;
 
+        assert(IN_SET(type, 'b', 'c'));
+        const int bpf_type = type == 'c' ? BPF_DEVCG_DEV_CHAR : BPF_DEVCG_DEV_BLOCK;
+
         const struct bpf_insn insn[] = {
-                BPF_JMP_IMM(BPF_JNE, BPF_REG_2, type, 6), /* compare device type */
+                BPF_JMP_IMM(BPF_JNE, BPF_REG_2, bpf_type, 6), /* compare device type */
                 BPF_MOV32_REG(BPF_REG_1, BPF_REG_3), /* calculate access type */
                 BPF_ALU32_IMM(BPF_AND, BPF_REG_1, access),
                 BPF_JMP_REG(BPF_JNE, BPF_REG_1, BPF_REG_3, 3), /* compare access type */
@@ -67,7 +70,7 @@ static int bpf_prog_whitelist_device(BPFProgram *prog, int type, int major, int
         return r;
 }
 
-static int bpf_prog_whitelist_major(BPFProgram *prog, int type, int major, const char *acc) {
+static int bpf_prog_whitelist_major(BPFProgram *prog, char type, int major, const char *acc) {
         int r, access;
 
         assert(prog);
@@ -79,8 +82,11 @@ static int bpf_prog_whitelist_major(BPFProgram *prog, int type, int major, const
         if (access <= 0)
                 return -EINVAL;
 
+        assert(IN_SET(type, 'b', 'c'));
+        const int bpf_type = type == 'c' ? BPF_DEVCG_DEV_CHAR : BPF_DEVCG_DEV_BLOCK;
+
         const struct bpf_insn insn[] = {
-                BPF_JMP_IMM(BPF_JNE, BPF_REG_2, type, 5), /* compare device type */
+                BPF_JMP_IMM(BPF_JNE, BPF_REG_2, bpf_type, 5), /* compare device type */
                 BPF_MOV32_REG(BPF_REG_1, BPF_REG_3), /* calculate access type */
                 BPF_ALU32_IMM(BPF_AND, BPF_REG_1, access),
                 BPF_JMP_REG(BPF_JNE, BPF_REG_1, BPF_REG_3, 2), /* compare access type */
@@ -95,7 +101,7 @@ static int bpf_prog_whitelist_major(BPFProgram *prog, int type, int major, const
         return r;
 }
 
-static int bpf_prog_whitelist_class(BPFProgram *prog, int type, const char *acc) {
+static int bpf_prog_whitelist_class(BPFProgram *prog, char type, const char *acc) {
         int r, access;
 
         assert(prog);
@@ -107,8 +113,11 @@ static int bpf_prog_whitelist_class(BPFProgram *prog, int type, const char *acc)
         if (access <= 0)
                 return -EINVAL;
 
+        assert(IN_SET(type, 'b', 'c'));
+        const int bpf_type = type == 'c' ? BPF_DEVCG_DEV_CHAR : BPF_DEVCG_DEV_BLOCK;
+
         const struct bpf_insn insn[] = {
-                BPF_JMP_IMM(BPF_JNE, BPF_REG_2, type, 4), /* compare device type */
+                BPF_JMP_IMM(BPF_JNE, BPF_REG_2, bpf_type, 4), /* compare device type */
                 BPF_MOV32_REG(BPF_REG_1, BPF_REG_3), /* calculate access type */
                 BPF_ALU32_IMM(BPF_AND, BPF_REG_1, access),
                 BPF_JMP_REG(BPF_JNE, BPF_REG_1, BPF_REG_3, 1), /* compare access type */
@@ -292,13 +301,12 @@ static int whitelist_device_pattern(BPFProgram *prog, const char *path, char typ
                 if (!prog)
                         return 0;
 
-                const int bpf_type = type == 'c' ? BPF_DEVCG_DEV_CHAR : BPF_DEVCG_DEV_BLOCK;
                 if (maj && min)
-                        return bpf_prog_whitelist_device(prog, bpf_type, *maj, *min, acc);
+                        return bpf_prog_whitelist_device(prog, type, *maj, *min, acc);
                 else if (maj)
-                        return bpf_prog_whitelist_major(prog, bpf_type, *maj, acc);
+                        return bpf_prog_whitelist_major(prog, type, *maj, acc);
                 else
-                        return bpf_prog_whitelist_class(prog, bpf_type, acc);
+                        return bpf_prog_whitelist_class(prog, type, acc);
 
         } else {
                 char buf[2+DECIMAL_STR_MAX(unsigned)*2+2+4];
author	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>	2019-11-09 12:32:44 +0100
committer	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>	2019-11-11 15:13:56 +0100
commit	8ad08622d6f818f65e56b1e588221a4d546ab9bb (patch)
tree	a0c4b447d5869b884b92eb39f44fb2ac57452f6e /src/core/bpf-devices.c
parent	test-bpf-devices: new test for the devices bpf code (diff)
download	systemd-8ad08622d6f818f65e56b1e588221a4d546ab9bb.tar.xz systemd-8ad08622d6f818f65e56b1e588221a4d546ab9bb.zip