在 2025/7/22 23:01, Quentin Monnet 写道:
2025-07-22 19:58 UTC+0800 ~ Tao Chen <chen.dylane@xxxxxxxxx>Add `bpftool token show` command to get token info from bpffs in /proc/mounts. Example plain output for `token show`: token_info /sys/fs/bpf/token allowed_cmds: map_create prog_load allowed_maps: allowed_progs: kprobe allowed_attachs: xdp token_info /sys/fs/bpf/token2 allowed_cmds: map_create prog_load allowed_maps: allowed_progs: kprobe allowed_attachs: xdp Example json output for `token show`: [{ "token_info": "/sys/fs/bpf/token", "allowed_cmds": ["map_create", "prog_load"], "allowed_maps": [], "allowed_progs": ["kprobe"], "allowed_attachs": ["xdp"] }, { "token_info": "/sys/fs/bpf/token2", "allowed_cmds": ["map_create", "prog_load"], "allowed_maps": [], "allowed_progs": ["kprobe"], "allowed_attachs": ["xdp"] }] Signed-off-by: Tao Chen <chen.dylane@xxxxxxxxx> ---diff --git a/tools/bpf/bpftool/token.c b/tools/bpf/bpftool/token.c new file mode 100644 index 00000000000..f72a116f9c6 --- /dev/null +++ b/tools/bpf/bpftool/token.c+static int show_token_info(void) +{ + FILE *fp; + struct mntent *ent; + bool hit = false; + + fp = setmntent(MOUNTS_FILE, "r"); + if (!fp) { + p_err("Failed to open: %s", MOUNTS_FILE); + return -1; + } + + if (json_output) + jsonw_start_array(json_wtr); + + while ((ent = getmntent(fp)) != NULL) { + if (strncmp(ent->mnt_type, "bpf", 3) == 0) { + if (has_delegate_options(ent->mnt_opts)) { + __show_token_info(ent); + hit = true; + } + } + } + + if (json_output) + jsonw_end_array(json_wtr); + + if (!hit) + p_info("Token info not found");Woops I take this one back. It made sense to have a p_info() message in your v1 because you were only looking at one bpffs mount point, but now we list all the ones we find, we should remove this message and silently ignore mount points without token info (and I think we can remove the "hit" variable entirely). Sorry! :)
It‘s okay, i will remove it in v3, thanks anyway.
The rest of this patch looks good to me, thank you Quentin
-- Best Regards Tao Chen
