tools/bpf/bpftool/cgroup.c

   1 // SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
   2 // Copyright (C) 2017 Facebook
   3 // Author: Roman Gushchin <[email protected]>
   4
   5 #define _XOPEN_SOURCE 500
   6 #include <errno.h>
   7 #include <fcntl.h>
   8 #include <ftw.h>
   9 #include <mntent.h>
  10 #include <stdio.h>
  11 #include <stdlib.h>
  12 #include <string.h>
  13 #include <sys/stat.h>
  14 #include <sys/types.h>
  15 #include <unistd.h>
  16
  17 #include <bpf/bpf.h>
  18 #include <bpf/btf.h>
  19
  20 #include "main.h"
  21
  22 static const int cgroup_attach_types[] = {
  23         BPF_CGROUP_INET_INGRESS,
  24         BPF_CGROUP_INET_EGRESS,
  25         BPF_CGROUP_INET_SOCK_CREATE,
  26         BPF_CGROUP_INET_SOCK_RELEASE,
  27         BPF_CGROUP_INET4_BIND,
  28         BPF_CGROUP_INET6_BIND,
  29         BPF_CGROUP_INET4_POST_BIND,
  30         BPF_CGROUP_INET6_POST_BIND,
  31         BPF_CGROUP_INET4_CONNECT,
  32         BPF_CGROUP_INET6_CONNECT,
  33         BPF_CGROUP_UNIX_CONNECT,
  34         BPF_CGROUP_INET4_GETPEERNAME,
  35         BPF_CGROUP_INET6_GETPEERNAME,
  36         BPF_CGROUP_UNIX_GETPEERNAME,
  37         BPF_CGROUP_INET4_GETSOCKNAME,
  38         BPF_CGROUP_INET6_GETSOCKNAME,
  39         BPF_CGROUP_UNIX_GETSOCKNAME,
  40         BPF_CGROUP_UDP4_SENDMSG,
  41         BPF_CGROUP_UDP6_SENDMSG,
  42         BPF_CGROUP_UNIX_SENDMSG,
  43         BPF_CGROUP_UDP4_RECVMSG,
  44         BPF_CGROUP_UDP6_RECVMSG,
  45         BPF_CGROUP_UNIX_RECVMSG,
  46         BPF_CGROUP_SOCK_OPS,
  47         BPF_CGROUP_DEVICE,
  48         BPF_CGROUP_SYSCTL,
  49         BPF_CGROUP_GETSOCKOPT,
  50         BPF_CGROUP_SETSOCKOPT,
  51         BPF_LSM_CGROUP
  52 };
  53
  54 #define HELP_SPEC_ATTACH_FLAGS                                          \
  55         "ATTACH_FLAGS := { multi | override }"
  56
  57 #define HELP_SPEC_ATTACH_TYPES                                          \
  58         "       ATTACH_TYPE := { cgroup_inet_ingress | cgroup_inet_egress |\n" \
  59         "                        cgroup_inet_sock_create | cgroup_sock_ops |\n" \
  60         "                        cgroup_device | cgroup_inet4_bind |\n" \
  61         "                        cgroup_inet6_bind | cgroup_inet4_post_bind |\n" \
  62         "                        cgroup_inet6_post_bind | cgroup_inet4_connect |\n" \
  63         "                        cgroup_inet6_connect | cgroup_unix_connect |\n" \
  64         "                        cgroup_inet4_getpeername | cgroup_inet6_getpeername |\n" \
  65         "                        cgroup_unix_getpeername | cgroup_inet4_getsockname |\n" \
  66         "                        cgroup_inet6_getsockname | cgroup_unix_getsockname |\n" \
  67         "                        cgroup_udp4_sendmsg | cgroup_udp6_sendmsg |\n" \
  68         "                        cgroup_unix_sendmsg | cgroup_udp4_recvmsg |\n" \
  69         "                        cgroup_udp6_recvmsg | cgroup_unix_recvmsg |\n" \
  70         "                        cgroup_sysctl | cgroup_getsockopt |\n" \
  71         "                        cgroup_setsockopt | cgroup_inet_sock_release }"
  72
  73 static unsigned int query_flags;
  74 static struct btf *btf_vmlinux;
  75 static __u32 btf_vmlinux_id;
  76
  77 static enum bpf_attach_type parse_attach_type(const char *str)
  78 {
  79         const char *attach_type_str;
  80         enum bpf_attach_type type;
  81
  82         for (type = 0; ; type++) {
  83                 attach_type_str = libbpf_bpf_attach_type_str(type);
  84                 if (!attach_type_str)
  85                         break;
  86                 if (!strcmp(str, attach_type_str))
  87                         return type;
  88         }
  89
  90         /* Also check traditionally used attach type strings. For these we keep
  91          * allowing prefixed usage.
  92          */
  93         for (type = 0; ; type++) {
  94                 attach_type_str = bpf_attach_type_input_str(type);
  95                 if (!attach_type_str)
  96                         break;
  97                 if (is_prefix(str, attach_type_str))
  98                         return type;
  99         }
 100
 101         return __MAX_BPF_ATTACH_TYPE;
 102 }
 103
 104 static void guess_vmlinux_btf_id(__u32 attach_btf_obj_id)
 105 {
 106         struct bpf_btf_info btf_info = {};
 107         __u32 btf_len = sizeof(btf_info);
 108         char name[16] = {};
 109         int err;
 110         int fd;
 111
 112         btf_info.name = ptr_to_u64(name);
 113         btf_info.name_len = sizeof(name);
 114
 115         fd = bpf_btf_get_fd_by_id(attach_btf_obj_id);
 116         if (fd < 0)
 117                 return;
 118
 119         err = bpf_btf_get_info_by_fd(fd, &btf_info, &btf_len);
 120         if (err)
 121                 goto out;
 122
 123         if (btf_info.kernel_btf && strncmp(name, "vmlinux", sizeof(name)) == 0)
 124                 btf_vmlinux_id = btf_info.id;
 125
 126 out:
 127         close(fd);
 128 }
 129
 130 static int show_bpf_prog(int id, enum bpf_attach_type attach_type,
 131                          const char *attach_flags_str,
 132                          int level)
 133 {
 134         char prog_name[MAX_PROG_FULL_NAME];
 135         const char *attach_btf_name = NULL;
 136         struct bpf_prog_info info = {};
 137         const char *attach_type_str;
 138         __u32 info_len = sizeof(info);
 139         int prog_fd;
 140
 141         prog_fd = bpf_prog_get_fd_by_id(id);
 142         if (prog_fd < 0)
 143                 return -1;
 144
 145         if (bpf_prog_get_info_by_fd(prog_fd, &info, &info_len)) {
 146                 close(prog_fd);
 147                 return -1;
 148         }
 149
 150         attach_type_str = libbpf_bpf_attach_type_str(attach_type);
 151
 152         if (btf_vmlinux) {
 153                 if (!btf_vmlinux_id)
 154                         guess_vmlinux_btf_id(info.attach_btf_obj_id);
 155
 156                 if (btf_vmlinux_id == info.attach_btf_obj_id &&
 157                     info.attach_btf_id < btf__type_cnt(btf_vmlinux)) {
 158                         const struct btf_type *t =
 159                                 btf__type_by_id(btf_vmlinux, info.attach_btf_id);
 160                         attach_btf_name =
 161                                 btf__name_by_offset(btf_vmlinux, t->name_off);
 162                 }
 163         }
 164
 165         get_prog_full_name(&info, prog_fd, prog_name, sizeof(prog_name));
 166         if (json_output) {
 167                 jsonw_start_object(json_wtr);
 168                 jsonw_uint_field(json_wtr, "id", info.id);
 169                 if (attach_type_str)
 170                         jsonw_string_field(json_wtr, "attach_type", attach_type_str);
 171                 else
 172                         jsonw_uint_field(json_wtr, "attach_type", attach_type);
 173                 if (!(query_flags & BPF_F_QUERY_EFFECTIVE))
 174                         jsonw_string_field(json_wtr, "attach_flags", attach_flags_str);
 175                 jsonw_string_field(json_wtr, "name", prog_name);
 176                 if (attach_btf_name)
 177                         jsonw_string_field(json_wtr, "attach_btf_name", attach_btf_name);
 178                 jsonw_uint_field(json_wtr, "attach_btf_obj_id", info.attach_btf_obj_id);
 179                 jsonw_uint_field(json_wtr, "attach_btf_id", info.attach_btf_id);
 180                 jsonw_end_object(json_wtr);
 181         } else {
 182                 printf("%s%-8u ", level ? "    " : "", info.id);
 183                 if (attach_type_str)
 184                         printf("%-15s", attach_type_str);
 185                 else
 186                         printf("type %-10u", attach_type);
 187                 if (query_flags & BPF_F_QUERY_EFFECTIVE)
 188                         printf(" %-15s", prog_name);
 189                 else
 190                         printf(" %-15s %-15s", attach_flags_str, prog_name);
 191                 if (attach_btf_name)
 192                         printf(" %-15s", attach_btf_name);
 193                 else if (info.attach_btf_id)
 194                         printf(" attach_btf_obj_id=%d attach_btf_id=%d",
 195                                info.attach_btf_obj_id, info.attach_btf_id);
 196                 printf("\n");
 197         }
 198
 199         close(prog_fd);
 200         return 0;
 201 }
 202
 203 static int count_attached_bpf_progs(int cgroup_fd, enum bpf_attach_type type)
 204 {
 205         __u32 prog_cnt = 0;
 206         int ret;
 207
 208         ret = bpf_prog_query(cgroup_fd, type, query_flags, NULL,
 209                              NULL, &prog_cnt);
 210         if (ret)
 211                 return -1;
 212
 213         return prog_cnt;
 214 }
 215
 216 static int cgroup_has_attached_progs(int cgroup_fd)
 217 {
 218         unsigned int i = 0;
 219         bool no_prog = true;
 220
 221         for (i = 0; i < ARRAY_SIZE(cgroup_attach_types); i++) {
 222                 int count = count_attached_bpf_progs(cgroup_fd, cgroup_attach_types[i]);
 223
 224                 if (count < 0)
 225                         return -1;
 226
 227                 if (count > 0) {
 228                         no_prog = false;
 229                         break;
 230                 }
 231         }
 232
 233         return no_prog ? 0 : 1;
 234 }
 235
 236 static int show_effective_bpf_progs(int cgroup_fd, enum bpf_attach_type type,
 237                                     int level)
 238 {
 239         LIBBPF_OPTS(bpf_prog_query_opts, p);
 240         __u32 prog_ids[1024] = {0};
 241         __u32 iter;
 242         int ret;
 243
 244         p.query_flags = query_flags;
 245         p.prog_cnt = ARRAY_SIZE(prog_ids);
 246         p.prog_ids = prog_ids;
 247
 248         ret = bpf_prog_query_opts(cgroup_fd, type, &p);
 249         if (ret)
 250                 return ret;
 251
 252         if (p.prog_cnt == 0)
 253                 return 0;
 254
 255         for (iter = 0; iter < p.prog_cnt; iter++)
 256                 show_bpf_prog(prog_ids[iter], type, NULL, level);
 257
 258         return 0;
 259 }
 260
 261 static int show_attached_bpf_progs(int cgroup_fd, enum bpf_attach_type type,
 262                                    int level)
 263 {
 264         LIBBPF_OPTS(bpf_prog_query_opts, p);
 265         __u32 prog_attach_flags[1024] = {0};
 266         const char *attach_flags_str;
 267         __u32 prog_ids[1024] = {0};
 268         char buf[32];
 269         __u32 iter;
 270         int ret;
 271
 272         p.query_flags = query_flags;
 273         p.prog_cnt = ARRAY_SIZE(prog_ids);
 274         p.prog_ids = prog_ids;
 275         p.prog_attach_flags = prog_attach_flags;
 276
 277         ret = bpf_prog_query_opts(cgroup_fd, type, &p);
 278         if (ret)
 279                 return ret;
 280
 281         if (p.prog_cnt == 0)
 282                 return 0;
 283
 284         for (iter = 0; iter < p.prog_cnt; iter++) {
 285                 __u32 attach_flags;
 286
 287                 attach_flags = prog_attach_flags[iter] ?: p.attach_flags;
 288
 289                 switch (attach_flags) {
 290                 case BPF_F_ALLOW_MULTI:
 291                         attach_flags_str = "multi";
 292                         break;
 293                 case BPF_F_ALLOW_OVERRIDE:
 294                         attach_flags_str = "override";
 295                         break;
 296                 case 0:
 297                         attach_flags_str = "";
 298                         break;
 299                 default:
 300                         snprintf(buf, sizeof(buf), "unknown(%x)", attach_flags);
 301                         attach_flags_str = buf;
 302                 }
 303
 304                 show_bpf_prog(prog_ids[iter], type,
 305                               attach_flags_str, level);
 306         }
 307
 308         return 0;
 309 }
 310
 311 static int show_bpf_progs(int cgroup_fd, enum bpf_attach_type type,
 312                           int level)
 313 {
 314         return query_flags & BPF_F_QUERY_EFFECTIVE ?
 315                show_effective_bpf_progs(cgroup_fd, type, level) :
 316                show_attached_bpf_progs(cgroup_fd, type, level);
 317 }
 318
 319 static int do_show(int argc, char **argv)
 320 {
 321         enum bpf_attach_type type;
 322         int has_attached_progs;
 323         const char *path;
 324         int cgroup_fd;
 325         int ret = -1;
 326
 327         query_flags = 0;
 328
 329         if (!REQ_ARGS(1))
 330                 return -1;
 331         path = GET_ARG();
 332
 333         while (argc) {
 334                 if (is_prefix(*argv, "effective")) {
 335                         if (query_flags & BPF_F_QUERY_EFFECTIVE) {
 336                                 p_err("duplicated argument: %s", *argv);
 337                                 return -1;
 338                         }
 339                         query_flags |= BPF_F_QUERY_EFFECTIVE;
 340                         NEXT_ARG();
 341                 } else {
 342                         p_err("expected no more arguments, 'effective', got: '%s'?",
 343                               *argv);
 344                         return -1;
 345                 }
 346         }
 347
 348         cgroup_fd = open(path, O_RDONLY);
 349         if (cgroup_fd < 0) {
 350                 p_err("can't open cgroup %s", path);
 351                 goto exit;
 352         }
 353
 354         has_attached_progs = cgroup_has_attached_progs(cgroup_fd);
 355         if (has_attached_progs < 0) {
 356                 p_err("can't query bpf programs attached to %s: %s",
 357                       path, strerror(errno));
 358                 goto exit_cgroup;
 359         } else if (!has_attached_progs) {
 360                 ret = 0;
 361                 goto exit_cgroup;
 362         }
 363
 364         if (json_output)
 365                 jsonw_start_array(json_wtr);
 366         else if (query_flags & BPF_F_QUERY_EFFECTIVE)
 367                 printf("%-8s %-15s %-15s\n", "ID", "AttachType", "Name");
 368         else
 369                 printf("%-8s %-15s %-15s %-15s\n", "ID", "AttachType",
 370                        "AttachFlags", "Name");
 371
 372         btf_vmlinux = libbpf_find_kernel_btf();
 373         for (type = 0; type < __MAX_BPF_ATTACH_TYPE; type++) {
 374                 /*
 375                  * Not all attach types may be supported, so it's expected,
 376                  * that some requests will fail.
 377                  * If we were able to get the show for at least one
 378                  * attach type, let's return 0.
 379                  */
 380                 if (show_bpf_progs(cgroup_fd, type, 0) == 0)
 381                         ret = 0;
 382         }
 383
 384         if (json_output)
 385                 jsonw_end_array(json_wtr);
 386
 387 exit_cgroup:
 388         close(cgroup_fd);
 389 exit:
 390         return ret;
 391 }
 392
 393 /*
 394  * To distinguish nftw() errors and do_show_tree_fn() errors
 395  * and avoid duplicating error messages, let's return -2
 396  * from do_show_tree_fn() in case of error.
 397  */
 398 #define NFTW_ERR                -1
 399 #define SHOW_TREE_FN_ERR        -2
 400 static int do_show_tree_fn(const char *fpath, const struct stat *sb,
 401                            int typeflag, struct FTW *ftw)
 402 {
 403         enum bpf_attach_type type;
 404         int has_attached_progs;
 405         int cgroup_fd;
 406
 407         if (typeflag != FTW_D)
 408                 return 0;
 409
 410         cgroup_fd = open(fpath, O_RDONLY);
 411         if (cgroup_fd < 0) {
 412                 p_err("can't open cgroup %s: %s", fpath, strerror(errno));
 413                 return SHOW_TREE_FN_ERR;
 414         }
 415
 416         has_attached_progs = cgroup_has_attached_progs(cgroup_fd);
 417         if (has_attached_progs < 0) {
 418                 p_err("can't query bpf programs attached to %s: %s",
 419                       fpath, strerror(errno));
 420                 close(cgroup_fd);
 421                 return SHOW_TREE_FN_ERR;
 422         } else if (!has_attached_progs) {
 423                 close(cgroup_fd);
 424                 return 0;
 425         }
 426
 427         if (json_output) {
 428                 jsonw_start_object(json_wtr);
 429                 jsonw_string_field(json_wtr, "cgroup", fpath);
 430                 jsonw_name(json_wtr, "programs");
 431                 jsonw_start_array(json_wtr);
 432         } else {
 433                 printf("%s\n", fpath);
 434         }
 435
 436         btf_vmlinux = libbpf_find_kernel_btf();
 437         for (type = 0; type < __MAX_BPF_ATTACH_TYPE; type++)
 438                 show_bpf_progs(cgroup_fd, type, ftw->level);
 439
 440         if (errno == EINVAL)
 441                 /* Last attach type does not support query.
 442                  * Do not report an error for this, especially because batch
 443                  * mode would stop processing commands.
 444                  */
 445                 errno = 0;
 446
 447         if (json_output) {
 448                 jsonw_end_array(json_wtr);
 449                 jsonw_end_object(json_wtr);
 450         }
 451
 452         close(cgroup_fd);
 453
 454         return 0;
 455 }
 456
 457 static char *find_cgroup_root(void)
 458 {
 459         struct mntent *mnt;
 460         FILE *f;
 461
 462         f = fopen("/proc/mounts", "r");
 463         if (f == NULL)
 464                 return NULL;
 465
 466         while ((mnt = getmntent(f))) {
 467                 if (strcmp(mnt->mnt_type, "cgroup2") == 0) {
 468                         fclose(f);
 469                         return strdup(mnt->mnt_dir);
 470                 }
 471         }
 472
 473         fclose(f);
 474         return NULL;
 475 }
 476
 477 static int do_show_tree(int argc, char **argv)
 478 {
 479         char *cgroup_root, *cgroup_alloced = NULL;
 480         int ret;
 481
 482         query_flags = 0;
 483
 484         if (!argc) {
 485                 cgroup_alloced = find_cgroup_root();
 486                 if (!cgroup_alloced) {
 487                         p_err("cgroup v2 isn't mounted");
 488                         return -1;
 489                 }
 490                 cgroup_root = cgroup_alloced;
 491         } else {
 492                 cgroup_root = GET_ARG();
 493
 494                 while (argc) {
 495                         if (is_prefix(*argv, "effective")) {
 496                                 if (query_flags & BPF_F_QUERY_EFFECTIVE) {
 497                                         p_err("duplicated argument: %s", *argv);
 498                                         return -1;
 499                                 }
 500                                 query_flags |= BPF_F_QUERY_EFFECTIVE;
 501                                 NEXT_ARG();
 502                         } else {
 503                                 p_err("expected no more arguments, 'effective', got: '%s'?",
 504                                       *argv);
 505                                 return -1;
 506                         }
 507                 }
 508         }
 509
 510         if (json_output)
 511                 jsonw_start_array(json_wtr);
 512         else if (query_flags & BPF_F_QUERY_EFFECTIVE)
 513                 printf("%s\n"
 514                        "%-8s %-15s %-15s\n",
 515                        "CgroupPath",
 516                        "ID", "AttachType", "Name");
 517         else
 518                 printf("%s\n"
 519                        "%-8s %-15s %-15s %-15s\n",
 520                        "CgroupPath",
 521                        "ID", "AttachType", "AttachFlags", "Name");
 522
 523         switch (nftw(cgroup_root, do_show_tree_fn, 1024, FTW_MOUNT)) {
 524         case NFTW_ERR:
 525                 p_err("can't iterate over %s: %s", cgroup_root,
 526                       strerror(errno));
 527                 ret = -1;
 528                 break;
 529         case SHOW_TREE_FN_ERR:
 530                 ret = -1;
 531                 break;
 532         default:
 533                 ret = 0;
 534         }
 535
 536         if (json_output)
 537                 jsonw_end_array(json_wtr);
 538
 539         free(cgroup_alloced);
 540
 541         return ret;
 542 }
 543
 544 static int do_attach(int argc, char **argv)
 545 {
 546         enum bpf_attach_type attach_type;
 547         int cgroup_fd, prog_fd;
 548         int attach_flags = 0;
 549         int ret = -1;
 550         int i;
 551
 552         if (argc < 4) {
 553                 p_err("too few parameters for cgroup attach");
 554                 goto exit;
 555         }
 556
 557         cgroup_fd = open(argv[0], O_RDONLY);
 558         if (cgroup_fd < 0) {
 559                 p_err("can't open cgroup %s", argv[0]);
 560                 goto exit;
 561         }
 562
 563         attach_type = parse_attach_type(argv[1]);
 564         if (attach_type == __MAX_BPF_ATTACH_TYPE) {
 565                 p_err("invalid attach type");
 566                 goto exit_cgroup;
 567         }
 568
 569         argc -= 2;
 570         argv = &argv[2];
 571         prog_fd = prog_parse_fd(&argc, &argv);
 572         if (prog_fd < 0)
 573                 goto exit_cgroup;
 574
 575         for (i = 0; i < argc; i++) {
 576                 if (is_prefix(argv[i], "multi")) {
 577                         attach_flags |= BPF_F_ALLOW_MULTI;
 578                 } else if (is_prefix(argv[i], "override")) {
 579                         attach_flags |= BPF_F_ALLOW_OVERRIDE;
 580                 } else {
 581                         p_err("unknown option: %s", argv[i]);
 582                         goto exit_cgroup;
 583                 }
 584         }
 585
 586         if (bpf_prog_attach(prog_fd, cgroup_fd, attach_type, attach_flags)) {
 587                 p_err("failed to attach program");
 588                 goto exit_prog;
 589         }
 590
 591         if (json_output)
 592                 jsonw_null(json_wtr);
 593
 594         ret = 0;
 595
 596 exit_prog:
 597         close(prog_fd);
 598 exit_cgroup:
 599         close(cgroup_fd);
 600 exit:
 601         return ret;
 602 }
 603
 604 static int do_detach(int argc, char **argv)
 605 {
 606         enum bpf_attach_type attach_type;
 607         int prog_fd, cgroup_fd;
 608         int ret = -1;
 609
 610         if (argc < 4) {
 611                 p_err("too few parameters for cgroup detach");
 612                 goto exit;
 613         }
 614
 615         cgroup_fd = open(argv[0], O_RDONLY);
 616         if (cgroup_fd < 0) {
 617                 p_err("can't open cgroup %s", argv[0]);
 618                 goto exit;
 619         }
 620
 621         attach_type = parse_attach_type(argv[1]);
 622         if (attach_type == __MAX_BPF_ATTACH_TYPE) {
 623                 p_err("invalid attach type");
 624                 goto exit_cgroup;
 625         }
 626
 627         argc -= 2;
 628         argv = &argv[2];
 629         prog_fd = prog_parse_fd(&argc, &argv);
 630         if (prog_fd < 0)
 631                 goto exit_cgroup;
 632
 633         if (bpf_prog_detach2(prog_fd, cgroup_fd, attach_type)) {
 634                 p_err("failed to detach program");
 635                 goto exit_prog;
 636         }
 637
 638         if (json_output)
 639                 jsonw_null(json_wtr);
 640
 641         ret = 0;
 642
 643 exit_prog:
 644         close(prog_fd);
 645 exit_cgroup:
 646         close(cgroup_fd);
 647 exit:
 648         return ret;
 649 }
 650
 651 static int do_help(int argc, char **argv)
 652 {
 653         if (json_output) {
 654                 jsonw_null(json_wtr);
 655                 return 0;
 656         }
 657
 658         fprintf(stderr,
 659                 "Usage: %1$s %2$s { show | list } CGROUP [**effective**]\n"
 660                 "       %1$s %2$s tree [CGROUP_ROOT] [**effective**]\n"
 661                 "       %1$s %2$s attach CGROUP ATTACH_TYPE PROG [ATTACH_FLAGS]\n"
 662                 "       %1$s %2$s detach CGROUP ATTACH_TYPE PROG\n"
 663                 "       %1$s %2$s help\n"
 664                 "\n"
 665                 HELP_SPEC_ATTACH_TYPES "\n"
 666                 "       " HELP_SPEC_ATTACH_FLAGS "\n"
 667                 "       " HELP_SPEC_PROGRAM "\n"
 668                 "       " HELP_SPEC_OPTIONS " |\n"
 669                 "                    {-f|--bpffs} }\n"
 670                 "",
 671                 bin_name, argv[-2]);
 672
 673         return 0;
 674 }
 675
 676 static const struct cmd cmds[] = {
 677         { "show",       do_show },
 678         { "list",       do_show },
 679         { "tree",       do_show_tree },
 680         { "attach",     do_attach },
 681         { "detach",     do_detach },
 682         { "help",       do_help },
 683         { 0 }
 684 };
 685
 686 int do_cgroup(int argc, char **argv)
 687 {
 688         return cmd_select(cmds, argc, argv, do_help);
 689 }