linux

Author SHA1 Message Date

Author	SHA1	Message	Date
Tao Chen	57cb269501	bpftool: Fix UAF in get_delegate_value The return value ret pointer is pointing opts_copy, but opts_copy gets freed in get_delegate_value before return, fix this by free the mntent->mnt_opts strdup memory after show delegate value. Fixes: `2d812311c2` ("bpftool: Add bpf_token show") Signed-off-by: Tao Chen <chen.dylane@linux.dev> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Reviewed-by: Quentin Monnet <qmo@kernel.org> Link: https://lore.kernel.org/bpf/20250919034816.1287280-2-chen.dylane@linux.dev	2025-09-19 15:37:30 -07:00
Tao Chen	bce5749b02	bpftool: Add HELP_SPEC_OPTIONS in token.c $ ./bpftool token help Usage: bpftool token { show \| list } bpftool token help OPTIONS := { {-j\|--json} [{-p\|--pretty}] \| {-d\|--debug} } Fixes: `2d812311c2` ("bpftool: Add bpf_token show") Signed-off-by: Tao Chen <chen.dylane@linux.dev> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Acked-by: Quentin Monnet <qmo@kernel.org> Link: https://lore.kernel.org/bpf/20250919034816.1287280-1-chen.dylane@linux.dev	2025-09-19 15:35:47 -07:00
Tao Chen	2d812311c2	bpftool: Add bpf_token show Add `bpftool token show` command to get token info from bpffs in /proc/mounts. Example plain output for `token show`: token_info /sys/fs/bpf/token allowed_cmds: map_create prog_load allowed_maps: allowed_progs: kprobe allowed_attachs: xdp token_info /sys/fs/bpf/token2 allowed_cmds: map_create prog_load allowed_maps: allowed_progs: kprobe allowed_attachs: xdp Example json output for `token show`: [{ "token_info": "/sys/fs/bpf/token", "allowed_cmds": ["map_create", "prog_load"], "allowed_maps": [], "allowed_progs": ["kprobe"], "allowed_attachs": ["xdp"] }, { "token_info": "/sys/fs/bpf/token2", "allowed_cmds": ["map_create", "prog_load"], "allowed_maps": [], "allowed_progs": ["kprobe"], "allowed_attachs": ["xdp"] }] Reviewed-by: Quentin Monnet <qmo@kernel.org> Signed-off-by: Tao Chen <chen.dylane@linux.dev> Link: https://lore.kernel.org/r/20250723144442.1427943-1-chen.dylane@linux.dev Signed-off-by: Alexei Starovoitov <ast@kernel.org>	2025-08-01 18:03:23 -07:00

Tao Chen

57cb269501

bpftool: Fix UAF in get_delegate_value

The return value ret pointer is pointing opts_copy, but opts_copy
gets freed in get_delegate_value before return, fix this by free
the mntent->mnt_opts strdup memory after show delegate value.

Fixes: 2d812311c2 ("bpftool: Add bpf_token show")
Signed-off-by: Tao Chen <chen.dylane@linux.dev>
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Reviewed-by: Quentin Monnet <qmo@kernel.org>
Link: https://lore.kernel.org/bpf/20250919034816.1287280-2-chen.dylane@linux.dev

2025-09-19 15:37:30 -07:00

Tao Chen

bce5749b02

bpftool: Add HELP_SPEC_OPTIONS in token.c

$ ./bpftool token help

Usage: bpftool token { show | list }
       bpftool token help
       OPTIONS := { {-j|--json} [{-p|--pretty}] | {-d|--debug} }

Fixes: 2d812311c2 ("bpftool: Add bpf_token show")
Signed-off-by: Tao Chen <chen.dylane@linux.dev>
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Acked-by: Quentin Monnet <qmo@kernel.org>
Link: https://lore.kernel.org/bpf/20250919034816.1287280-1-chen.dylane@linux.dev

2025-09-19 15:35:47 -07:00

Tao Chen

2d812311c2

bpftool: Add bpf_token show

Add `bpftool token show` command to get token info
from bpffs in /proc/mounts.

Example plain output for `token show`:
token_info  /sys/fs/bpf/token
	allowed_cmds:
	  map_create          prog_load
	allowed_maps:
	allowed_progs:
	  kprobe
	allowed_attachs:
	  xdp
token_info  /sys/fs/bpf/token2
	allowed_cmds:
	  map_create          prog_load
	allowed_maps:
	allowed_progs:
	  kprobe
	allowed_attachs:
	  xdp

Example json output for `token show`:
[{
	"token_info": "/sys/fs/bpf/token",
	"allowed_cmds": ["map_create", "prog_load"],
	"allowed_maps": [],
	"allowed_progs": ["kprobe"],
	"allowed_attachs": ["xdp"]
}, {
	"token_info": "/sys/fs/bpf/token2",
	"allowed_cmds": ["map_create", "prog_load"],
	"allowed_maps": [],
	"allowed_progs": ["kprobe"],
	"allowed_attachs": ["xdp"]
}]

Reviewed-by: Quentin Monnet <qmo@kernel.org>
Signed-off-by: Tao Chen <chen.dylane@linux.dev>
Link: https://lore.kernel.org/r/20250723144442.1427943-1-chen.dylane@linux.dev
Signed-off-by: Alexei Starovoitov <ast@kernel.org>

2025-08-01 18:03:23 -07:00

3 Commits