sys/linux: cover BPF tokens

The new BPF_TOKEN_CREATE bpf(2) command was introduced in commit [1]
upstream. This command takes a BPF filesystem fd and returns a BPF
token [2]. This token can then be passed to commands BPF_PROG_LOAD,
BPF_MAP_CREATE, and BPF_BTF_LOAD and the kernel will use it to check if
the operation is allowed. What operations a token allows is defined by
the mount options of the BPF filesystem.

No flags are currently supported for the BPF_TOKEN_CREATE command.

The fd should point to the BPF filesystem, but we don't have a specific
resource for this yet so just point to a generic fd. This command also
doesn't add support for the new mount options.

1 - https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=35f96de04127
2 - https://lwn.net/Articles/947173/
Signed-off-by: Paul Chaignon <paul.chaignon@gmail.com>

1 files changed, 1 insertions, 1 deletions

diff --git a/sys/linux/test/bpf_cgroup b/sys/linux/test/bpf_cgroup
index 1e480b46a..0c31e3442 100644
--- a/sys/linux/test/bpf_cgroup
+++ b/sys/linux/test/bpf_cgroup
@@ -6,7 +6,7 @@ r1 = write$tcp_congestion(r0, &AUTO='reno\x00', AUTO)
 
 # Now, load a BPF_PROG_TYPE_CGROUP_SYSCTL that simply returns 0, which will block all writes to /proc/sys
 
-r2 = bpf$PROG_LOAD(AUTO, &AUTO={0x17, AUTO, &AUTO=@framed={{AUTO, AUTO, AUTO, AUTO, 0x0, AUTO, AUTO, AUTO, 0x0}, [], AUTO}, &AUTO='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000000000", 0x0, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0)
+r2 = bpf$PROG_LOAD(AUTO, &AUTO={0x17, AUTO, &AUTO=@framed={{AUTO, AUTO, AUTO, AUTO, 0x0, AUTO, AUTO, AUTO, 0x0}, [], AUTO}, &AUTO='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000000000000000", 0x0, 0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value=AUTO}, 0xa0)
 
 r3 = openat(0xffffffffffffff9c, &AUTO='./cgroup\x00', 0x0, 0x0)