Re: [PATCH bpf-next v2 1/3] bpftool: Add bpf_token show

From: Quentin Monnet
Date: Tue Jul 22 2025 - 11:04:12 EST

Next message: Danilo Krummrich: "[PATCH v2 1/3] device: rust: expand documentation for DeviceContext"
Previous message: Mike Leach: "Re: [PATCH v3 1/2] dt-bindings: arm: Add Qualcomm extended CTI"
In reply to: Tao Chen: "Re: [PATCH bpf-next v2 1/3] bpftool: Add bpf_token show"
Next in thread: Tao Chen: "Re: [PATCH bpf-next v2 1/3] bpftool: Add bpf_token show"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

2025-07-22 19:58 UTC+0800 ~ Tao Chen <chen.dylane@xxxxxxxxx>
> Add `bpftool token show` command to get token info
> from bpffs in /proc/mounts.
>
> Example plain output for `token show`:
> token_info /sys/fs/bpf/token
> allowed_cmds:
> map_create prog_load
> allowed_maps:
> allowed_progs:
> kprobe
> allowed_attachs:
> xdp
> token_info /sys/fs/bpf/token2
> allowed_cmds:
> map_create prog_load
> allowed_maps:
> allowed_progs:
> kprobe
> allowed_attachs:
> xdp
>
> Example json output for `token show`:
> [{
> "token_info": "/sys/fs/bpf/token",
> "allowed_cmds": ["map_create", "prog_load"],
> "allowed_maps": [],
> "allowed_progs": ["kprobe"],
> "allowed_attachs": ["xdp"]
> }, {
> "token_info": "/sys/fs/bpf/token2",
> "allowed_cmds": ["map_create", "prog_load"],
> "allowed_maps": [],
> "allowed_progs": ["kprobe"],
> "allowed_attachs": ["xdp"]
> }]
>
> Signed-off-by: Tao Chen <chen.dylane@xxxxxxxxx>
> ---

> diff --git a/tools/bpf/bpftool/token.c b/tools/bpf/bpftool/token.c
> new file mode 100644
> index 00000000000..f72a116f9c6
> --- /dev/null
> +++ b/tools/bpf/bpftool/token.c

> +static int show_token_info(void)
> +{
> + FILE *fp;
> + struct mntent *ent;
> + bool hit = false;
> +
> + fp = setmntent(MOUNTS_FILE, "r");
> + if (!fp) {
> + p_err("Failed to open: %s", MOUNTS_FILE);
> + return -1;
> + }
> +
> + if (json_output)
> + jsonw_start_array(json_wtr);
> +
> + while ((ent = getmntent(fp)) != NULL) {
> + if (strncmp(ent->mnt_type, "bpf", 3) == 0) {
> + if (has_delegate_options(ent->mnt_opts)) {
> + __show_token_info(ent);
> + hit = true;
> + }
> + }
> + }
> +
> + if (json_output)
> + jsonw_end_array(json_wtr);
> +
> + if (!hit)
> + p_info("Token info not found");

Woops I take this one back. It made sense to have a p_info() message in
your v1 because you were only looking at one bpffs mount point, but now
we list all the ones we find, we should remove this message and silently
ignore mount points without token info (and I think we can remove the
"hit" variable entirely). Sorry! :)

The rest of this patch looks good to me, thank you

Quentin

Next message: Danilo Krummrich: "[PATCH v2 1/3] device: rust: expand documentation for DeviceContext"
Previous message: Mike Leach: "Re: [PATCH v3 1/2] dt-bindings: arm: Add Qualcomm extended CTI"
In reply to: Tao Chen: "Re: [PATCH bpf-next v2 1/3] bpftool: Add bpf_token show"
Next in thread: Tao Chen: "Re: [PATCH bpf-next v2 1/3] bpftool: Add bpf_token show"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]