diff options
Diffstat (limited to 'samples')
-rw-r--r-- | samples/bpf/map_perf_test_user.c | 2 | ||||
-rw-r--r-- | samples/bpf/xdp_router_ipv4_user.c | 2 | ||||
-rw-r--r-- | samples/landlock/sandboxer.c | 13 | ||||
-rw-r--r-- | samples/seccomp/user-trap.c | 8 | ||||
-rw-r--r-- | samples/trace_events/trace-events-sample.h | 18 | ||||
-rw-r--r-- | samples/vfio-mdev/mbochs.c | 18 | ||||
-rw-r--r-- | samples/vfio-mdev/mdpy.c | 18 |
7 files changed, 43 insertions, 36 deletions
diff --git a/samples/bpf/map_perf_test_user.c b/samples/bpf/map_perf_test_user.c index d2fbcf963c..07ff471ed6 100644 --- a/samples/bpf/map_perf_test_user.c +++ b/samples/bpf/map_perf_test_user.c @@ -370,7 +370,7 @@ static void run_perf_test(int tasks) static void fill_lpm_trie(void) { - struct bpf_lpm_trie_key *key; + struct bpf_lpm_trie_key_u8 *key; unsigned long value = 0; unsigned int i; int r; diff --git a/samples/bpf/xdp_router_ipv4_user.c b/samples/bpf/xdp_router_ipv4_user.c index 9d41db09c4..266fdd0b02 100644 --- a/samples/bpf/xdp_router_ipv4_user.c +++ b/samples/bpf/xdp_router_ipv4_user.c @@ -91,7 +91,7 @@ static int recv_msg(struct sockaddr_nl sock_addr, int sock) static void read_route(struct nlmsghdr *nh, int nll) { char dsts[24], gws[24], ifs[16], dsts_len[24], metrics[24]; - struct bpf_lpm_trie_key *prefix_key; + struct bpf_lpm_trie_key_u8 *prefix_key; struct rtattr *rt_attr; struct rtmsg *rt_msg; int rtm_family; diff --git a/samples/landlock/sandboxer.c b/samples/landlock/sandboxer.c index e6c59f6885..8b8ecd65c2 100644 --- a/samples/landlock/sandboxer.c +++ b/samples/landlock/sandboxer.c @@ -1,7 +1,7 @@ // SPDX-License-Identifier: BSD-3-Clause /* - * Simple Landlock sandbox manager able to launch a process restricted by a - * user-defined filesystem access control policy. + * Simple Landlock sandbox manager able to execute a process restricted by + * user-defined file system and network access control policies. * * Copyright © 2017-2020 Mickaël Salaün <mic@digikod.net> * Copyright © 2020 ANSSI @@ -120,9 +120,11 @@ static int populate_ruleset_fs(const char *const env_var, const int ruleset_fd, if (path_beneath.parent_fd < 0) { fprintf(stderr, "Failed to open \"%s\": %s\n", path_list[i], strerror(errno)); - goto out_free_name; + continue; } if (fstat(path_beneath.parent_fd, &statbuf)) { + fprintf(stderr, "Failed to stat \"%s\": %s\n", + path_list[i], strerror(errno)); close(path_beneath.parent_fd); goto out_free_name; } @@ -228,7 +230,7 @@ int main(const int argc, char *const argv[], char *const *const envp) ENV_FS_RO_NAME, ENV_FS_RW_NAME, ENV_TCP_BIND_NAME, ENV_TCP_CONNECT_NAME, argv[0]); fprintf(stderr, - "Launch a command in a restricted environment.\n\n"); + "Execute a command in a restricted environment.\n\n"); fprintf(stderr, "Environment variables containing paths and ports " "each separated by a colon:\n"); @@ -249,7 +251,7 @@ int main(const int argc, char *const argv[], char *const *const envp) ENV_TCP_CONNECT_NAME); fprintf(stderr, "\nexample:\n" - "%s=\"/bin:/lib:/usr:/proc:/etc:/dev/urandom\" " + "%s=\"${PATH}:/lib:/usr:/proc:/etc:/dev/urandom\" " "%s=\"/dev/null:/dev/full:/dev/zero:/dev/pts:/tmp\" " "%s=\"9418\" " "%s=\"80:443\" " @@ -384,6 +386,7 @@ int main(const int argc, char *const argv[], char *const *const envp) cmd_path = argv[1]; cmd_argv = argv + 1; + fprintf(stderr, "Executing the sandboxed command...\n"); execvpe(cmd_path, cmd_argv, envp); fprintf(stderr, "Failed to execute \"%s\": %s\n", cmd_path, strerror(errno)); diff --git a/samples/seccomp/user-trap.c b/samples/seccomp/user-trap.c index 20291ec648..a23fec357b 100644 --- a/samples/seccomp/user-trap.c +++ b/samples/seccomp/user-trap.c @@ -33,6 +33,7 @@ static int send_fd(int sock, int fd) { struct msghdr msg = {}; struct cmsghdr *cmsg; + int *fd_ptr; char buf[CMSG_SPACE(sizeof(int))] = {0}, c = 'c'; struct iovec io = { .iov_base = &c, @@ -47,7 +48,8 @@ static int send_fd(int sock, int fd) cmsg->cmsg_level = SOL_SOCKET; cmsg->cmsg_type = SCM_RIGHTS; cmsg->cmsg_len = CMSG_LEN(sizeof(int)); - *((int *)CMSG_DATA(cmsg)) = fd; + fd_ptr = (int *)CMSG_DATA(cmsg); + *fd_ptr = fd; msg.msg_controllen = cmsg->cmsg_len; if (sendmsg(sock, &msg, 0) < 0) { @@ -62,6 +64,7 @@ static int recv_fd(int sock) { struct msghdr msg = {}; struct cmsghdr *cmsg; + int *fd_ptr; char buf[CMSG_SPACE(sizeof(int))] = {0}, c = 'c'; struct iovec io = { .iov_base = &c, @@ -79,8 +82,9 @@ static int recv_fd(int sock) } cmsg = CMSG_FIRSTHDR(&msg); + fd_ptr = (int *)CMSG_DATA(cmsg); - return *((int *)CMSG_DATA(cmsg)); + return *fd_ptr; } static int user_trap_syscall(int nr, unsigned int flags) diff --git a/samples/trace_events/trace-events-sample.h b/samples/trace_events/trace-events-sample.h index 23f923ccd5..500981eca7 100644 --- a/samples/trace_events/trace-events-sample.h +++ b/samples/trace_events/trace-events-sample.h @@ -163,8 +163,7 @@ * __string(). * * __string_len: This is a helper to a __dynamic_array, but it understands - * that the array has characters in it, and with the combined - * use of __assign_str_len(), it will allocate 'len' + 1 bytes + * that the array has characters in it, it will allocate 'len' + 1 bytes * in the ring buffer and add a '\0' to the string. This is * useful if the string being saved has no terminating '\0' byte. * It requires that the length of the string is known as it acts @@ -174,9 +173,11 @@ * * __string_len(foo, bar, len) * - * To assign this string, use the helper macro __assign_str_len(). + * To assign this string, use the helper macro __assign_str(). + * The length is saved via the __string_len() and is retrieved in + * __assign_str(). * - * __assign_str_len(foo, bar, len); + * __assign_str(foo, bar); * * Then len + 1 is allocated to the ring buffer, and a nul terminating * byte is added. This is similar to: @@ -302,6 +303,7 @@ TRACE_EVENT(foo_bar, __bitmask( cpus, num_possible_cpus() ) __cpumask( cpum ) __vstring( vstr, fmt, va ) + __string_len( lstr, foo, bar / 2 < strlen(foo) ? bar / 2 : strlen(foo) ) ), TP_fast_assign( @@ -310,12 +312,13 @@ TRACE_EVENT(foo_bar, memcpy(__get_dynamic_array(list), lst, __length_of(lst) * sizeof(int)); __assign_str(str, string); + __assign_str(lstr, foo); __assign_vstr(vstr, fmt, va); __assign_bitmask(cpus, cpumask_bits(mask), num_possible_cpus()); __assign_cpumask(cpum, cpumask_bits(mask)); ), - TP_printk("foo %s %d %s %s %s %s (%s) (%s) %s", __entry->foo, __entry->bar, + TP_printk("foo %s %d %s %s %s %s %s (%s) (%s) %s", __entry->foo, __entry->bar, /* * Notice here the use of some helper functions. This includes: @@ -359,7 +362,8 @@ TRACE_EVENT(foo_bar, __print_array(__get_dynamic_array(list), __get_dynamic_array_len(list) / sizeof(int), sizeof(int)), - __get_str(str), __get_bitmask(cpus), __get_cpumask(cpum), + __get_str(str), __get_str(lstr), + __get_bitmask(cpus), __get_cpumask(cpum), __get_str(vstr)) ); @@ -570,7 +574,7 @@ TRACE_EVENT(foo_rel_loc, ), TP_fast_assign( - __assign_rel_str(foo, foo); + __assign_rel_str(foo); __entry->bar = bar; __assign_rel_bitmask(bitmask, mask, BITS_PER_BYTE * sizeof(unsigned long)); diff --git a/samples/vfio-mdev/mbochs.c b/samples/vfio-mdev/mbochs.c index 93405264ff..9062598ea0 100644 --- a/samples/vfio-mdev/mbochs.c +++ b/samples/vfio-mdev/mbochs.c @@ -133,7 +133,9 @@ static struct mdev_type *mbochs_mdev_types[] = { }; static dev_t mbochs_devt; -static struct class *mbochs_class; +static const struct class mbochs_class = { + .name = MBOCHS_CLASS_NAME, +}; static struct cdev mbochs_cdev; static struct device mbochs_dev; static struct mdev_parent mbochs_parent; @@ -1422,13 +1424,10 @@ static int __init mbochs_dev_init(void) if (ret) goto err_cdev; - mbochs_class = class_create(MBOCHS_CLASS_NAME); - if (IS_ERR(mbochs_class)) { - pr_err("Error: failed to register mbochs_dev class\n"); - ret = PTR_ERR(mbochs_class); + ret = class_register(&mbochs_class); + if (ret) goto err_driver; - } - mbochs_dev.class = mbochs_class; + mbochs_dev.class = &mbochs_class; mbochs_dev.release = mbochs_device_release; dev_set_name(&mbochs_dev, "%s", MBOCHS_NAME); @@ -1448,7 +1447,7 @@ err_device: device_del(&mbochs_dev); err_put: put_device(&mbochs_dev); - class_destroy(mbochs_class); + class_unregister(&mbochs_class); err_driver: mdev_unregister_driver(&mbochs_driver); err_cdev: @@ -1466,8 +1465,7 @@ static void __exit mbochs_dev_exit(void) mdev_unregister_driver(&mbochs_driver); cdev_del(&mbochs_cdev); unregister_chrdev_region(mbochs_devt, MINORMASK + 1); - class_destroy(mbochs_class); - mbochs_class = NULL; + class_unregister(&mbochs_class); } MODULE_IMPORT_NS(DMA_BUF); diff --git a/samples/vfio-mdev/mdpy.c b/samples/vfio-mdev/mdpy.c index 72ea5832c9..27795501de 100644 --- a/samples/vfio-mdev/mdpy.c +++ b/samples/vfio-mdev/mdpy.c @@ -84,7 +84,9 @@ static struct mdev_type *mdpy_mdev_types[] = { }; static dev_t mdpy_devt; -static struct class *mdpy_class; +static const struct class mdpy_class = { + .name = MDPY_CLASS_NAME, +}; static struct cdev mdpy_cdev; static struct device mdpy_dev; static struct mdev_parent mdpy_parent; @@ -709,13 +711,10 @@ static int __init mdpy_dev_init(void) if (ret) goto err_cdev; - mdpy_class = class_create(MDPY_CLASS_NAME); - if (IS_ERR(mdpy_class)) { - pr_err("Error: failed to register mdpy_dev class\n"); - ret = PTR_ERR(mdpy_class); + ret = class_register(&mdpy_class); + if (ret) goto err_driver; - } - mdpy_dev.class = mdpy_class; + mdpy_dev.class = &mdpy_class; mdpy_dev.release = mdpy_device_release; dev_set_name(&mdpy_dev, "%s", MDPY_NAME); @@ -735,7 +734,7 @@ err_device: device_del(&mdpy_dev); err_put: put_device(&mdpy_dev); - class_destroy(mdpy_class); + class_unregister(&mdpy_class); err_driver: mdev_unregister_driver(&mdpy_driver); err_cdev: @@ -753,8 +752,7 @@ static void __exit mdpy_dev_exit(void) mdev_unregister_driver(&mdpy_driver); cdev_del(&mdpy_cdev); unregister_chrdev_region(mdpy_devt, MINORMASK + 1); - class_destroy(mdpy_class); - mdpy_class = NULL; + class_unregister(&mdpy_class); } module_param_named(count, mdpy_driver.max_instances, int, 0444); |