On Fri, Sep 25, 2020 at 3:54 PM John McDowall
<jmcdowall@xxxxxxxxxxxxxxxxxxxx> wrote:
>
> Song,
>
> You are right the issue is that in a new namespace /sys/fs/bpf is readonly.
>
> On host system (Centos 8.2)
>
> [jmcdowall@jed102 framework]$ ls -al /sys/fs
> total 0
> drwxr-xr-x. 9 root root 0 Jul 15 16:01 .
> dr-xr-xr-x. 13 root root 0 Jul 15 16:02 ..
> drwx-----T. 2 root root 0 Jul 15 16:01 bpf
You probably called
mount -t bpf bpf /sys/fs/bpf
with additional mode options to mount bffs.
> drwxr-xr-x. 14 root root 360 Jul 15 16:01 cgroup
> drwxr-xr-x. 4 root root 0 Jul 22 11:58 ext4
> drwxr-xr-x. 3 root root 0 Jul 16 11:05 fuse
> drwxr-x---. 2 root root 0 Jul 15 16:01 pstore
> drwxr-xr-x. 7 root root 0 Jul 15 16:01 selinux
> drwxr-xr-x. 5 root root 0 Jul 29 18:58 xfs
> [jmcdowall@jed102 framework]$
>
> Then create a network namespace
>
> [jmcdowall@jed102 framework]$ sudo ip netns add test
> [sudo] password for jmcdowall:
> [jmcdowall@jed102 framework]$ sudo ip netns exec test ls -la /sys/fs
> total 0
> drwxr-xr-x. 9 root root 0 Sep 25 14:31 .
> dr-xr-xr-x. 13 root root 0 Jul 15 16:02 ..
> dr-xr-xr-x. 2 root root 0 Sep 25 14:31 bpf
This is just the default directory. It is not mounted with bpffs.
> dr-xr-xr-x. 2 root root 0 Sep 25 14:31 cgroup
> drwxr-xr-x. 4 root root 0 Sep 25 14:31 ext4
> drwxr-xr-x. 3 root root 0 Sep 25 14:31 fuse
> dr-xr-xr-x. 2 root root 0 Sep 25 14:31 pstore
> dr-xr-xr-x. 2 root root 0 Sep 25 14:31 selinux
> drwxr-xr-x. 5 root root 0 Sep 25 14:31 xfs
> [jmcdowall@jed102 framework]$
>
> and the bpf directory is readonly.
>
> There does not seem to be a way to make the directory writable.
>
> Does anyone have any ideas?
somethings like this may help.
mkdir /tmp/t
mount -t bpf bpf /tmp/t
ip netns exec test mount --bind /root/t /tmp/t
ip netns exec test mount | grep bpf
none on /root/t type bpf (rw,relatime)
Now inside namespace, you will have a bpffs.
Based on my experience, you cannot create bpffs (like `mount -t bpf
bpf <...>`) inside the net namespace.
>
> Regards
>
> John
>
>
>
> On Tue, Sep 15, 2020 at 10:12 PM Y Song <ys114321@xxxxxxxxx> wrote:
> >
> > On Tue, Sep 15, 2020 at 11:46 AM John McDowall
> > <jmcdowall@xxxxxxxxxxxxxxxxxxxx> wrote:
> > >
> > > Hi everyone,
> > >
> > > This may be a dumb question, I have set up a simple test environment
> > > with multiple network namespaces running on a ubuntu 20.04 vagrant
> > > box, with the latest github libbpf.
> > >
> > > I want to use a pinned map, I can make /sys/fs/bpf shared by:
> > >
> > > $ mount mount --make-shared /sys/fs/bpf
> > > $ mount --bind /sys/fs/bpf /sys/fs/bpf
> >
> > Similar commands `mount --bind /sys/fs/bpf /sys/fs/bpf1` in the same namespace
> > works fine.
> >
> > Maybe there are restrictions related to namespace? Maybe it becomes readonly?
> > Could you print out the error code below?
> >
> > >
> > > but when I try access the maps from a C program running in a namespace
> > > using bpf I get
> > >
> > > Access to /sys/fs/bpf/lwtconfig map failed obj_pin errno: No such
> > > file or directory
> > >
> > > The code snippet is:
> > >
> > > mapfd = bpf_obj_pin(pin_fd,CONFIG_MAP_PATH);
> > > if (mapfd < 0) {
> > > jed_info(jed_logfile,"Access to %s map failed obj_pin ",
> > > CONFIG_MAP_PATH);
> > > pin_fd = bpf_obj_get(CONFIG_MAP_PATH);
> > > if (pin_fd < 0){
> > > jed_error(jed_logfile,"Access to %s map failed with
> > > obj_get ", CONFIG_MAP_PATH);
> > > }
> > > }
> > >
> > > Is this possible, and if so what am I missing?
> > >
> > > Regards
> > >
> > > John
|