1================ 2bpftool-cgroup 3================ 4------------------------------------------------------------------------------- 5tool for inspection and simple manipulation of eBPF progs 6------------------------------------------------------------------------------- 7 8:Manual section: 8 9 10SYNOPSIS 11======== 12 13 **bpftool** [*OPTIONS*] **cgroup** *COMMAND* 14 15 *OPTIONS* := { { **-j** | **--json** } [{ **-p** | **--pretty** }] | { **-f** | **--bpffs** } } 16 17 *COMMANDS* := 18 { **show** | **list** | **attach** | **detach** | **help** } 19 20MAP COMMANDS 21============= 22 23| **bpftool** **cgroup { show | list }** *CGROUP* 24| **bpftool** **cgroup attach** *CGROUP* *ATTACH_TYPE* *PROG* [*ATTACH_FLAGS*] 25| **bpftool** **cgroup detach** *CGROUP* *ATTACH_TYPE* *PROG* 26| **bpftool** **cgroup help** 27| 28| *PROG* := { **id** *PROG_ID* | **pinned** *FILE* | **tag** *PROG_TAG* } 29| *ATTACH_TYPE* := { **ingress** | **egress** | **sock_create** | **sock_ops** | **device** } 30| *ATTACH_FLAGS* := { **multi** | **override** } 31 32DESCRIPTION 33=========== 34 **bpftool cgroup { show | list }** *CGROUP* 35 List all programs attached to the cgroup *CGROUP*. 36 37 Output will start with program ID followed by attach type, 38 attach flags and program name. 39 40 **bpftool cgroup attach** *CGROUP* *ATTACH_TYPE* *PROG* [*ATTACH_FLAGS*] 41 Attach program *PROG* to the cgroup *CGROUP* with attach type 42 *ATTACH_TYPE* and optional *ATTACH_FLAGS*. 43 44 *ATTACH_FLAGS* can be one of: **override** if a sub-cgroup installs 45 some bpf program, the program in this cgroup yields to sub-cgroup 46 program; **multi** if a sub-cgroup installs some bpf program, 47 that cgroup program gets run in addition to the program in this 48 cgroup. 49 50 Only one program is allowed to be attached to a cgroup with 51 no attach flags or the **override** flag. Attaching another 52 program will release old program and attach the new one. 53 54 Multiple programs are allowed to be attached to a cgroup with 55 **multi**. They are executed in FIFO order (those that were 56 attached first, run first). 57 58 Non-default *ATTACH_FLAGS* are supported by kernel version 4.14 59 and later. 60 61 *ATTACH_TYPE* can be on of: 62 **ingress** ingress path of the inet socket (since 4.10); 63 **egress** egress path of the inet socket (since 4.10); 64 **sock_create** opening of an inet socket (since 4.10); 65 **sock_ops** various socket operations (since 4.12); 66 **device** device access (since 4.15). 67 68 **bpftool cgroup detach** *CGROUP* *ATTACH_TYPE* *PROG* 69 Detach *PROG* from the cgroup *CGROUP* and attach type 70 *ATTACH_TYPE*. 71 72 **bpftool prog help** 73 Print short help message. 74 75OPTIONS 76======= 77 -h, --help 78 Print short generic help message (similar to **bpftool help**). 79 80 -v, --version 81 Print version number (similar to **bpftool version**). 82 83 -j, --json 84 Generate JSON output. For commands that cannot produce JSON, this 85 option has no effect. 86 87 -p, --pretty 88 Generate human-readable JSON output. Implies **-j**. 89 90 -f, --bpffs 91 Show file names of pinned programs. 92 93EXAMPLES 94======== 95| 96| **# mount -t bpf none /sys/fs/bpf/** 97| **# mkdir /sys/fs/cgroup/test.slice** 98| **# bpftool prog load ./device_cgroup.o /sys/fs/bpf/prog** 99| **# bpftool cgroup attach /sys/fs/cgroup/test.slice/ device id 1 allow_multi** 100 101**# bpftool cgroup list /sys/fs/cgroup/test.slice/** 102 103:: 104 105 ID AttachType AttachFlags Name 106 1 device allow_multi bpf_prog1 107 108| 109| **# bpftool cgroup detach /sys/fs/cgroup/test.slice/ device id 1** 110| **# bpftool cgroup list /sys/fs/cgroup/test.slice/** 111 112:: 113 114 ID AttachType AttachFlags Name 115 116SEE ALSO 117======== 118 **bpftool**\ (8), **bpftool-prog**\ (8), **bpftool-map**\ (8) 119