github.com/cilium/cilium@v1.16.2/pkg/maps/policymap/callmap.go (about) 1 // SPDX-License-Identifier: Apache-2.0 2 // Copyright Authors of Cilium 3 4 package policymap 5 6 import ( 7 "fmt" 8 9 "github.com/cilium/cilium/pkg/bpf" 10 ) 11 12 // PolicyPlumbingMap maps endpoint IDs to the fd for the program which 13 // implements its policy. 14 type PolicyPlumbingMap struct { 15 *bpf.Map 16 } 17 18 type PlumbingKey struct { 19 key uint32 20 } 21 22 type PlumbingValue struct { 23 fd uint32 24 } 25 26 func (k *PlumbingKey) String() string { 27 return fmt.Sprintf("Endpoint: %d", k.key) 28 } 29 func (k *PlumbingKey) New() bpf.MapKey { return &PlumbingKey{} } 30 31 func (v *PlumbingValue) String() string { 32 return fmt.Sprintf("fd: %d", v.fd) 33 } 34 35 func (k *PlumbingValue) New() bpf.MapValue { return &PlumbingValue{} } 36 37 // RemoveGlobalMapping removes the mapping from the specified endpoint ID to 38 // the BPF policy program for that endpoint. 39 func RemoveGlobalMapping(id uint32, haveEgressCallMap bool) error { 40 gpm, err := OpenCallMap(PolicyCallMapName) 41 if err == nil { 42 k := PlumbingKey{ 43 key: id, 44 } 45 err = gpm.Map.Delete(&k) 46 gpm.Close() 47 } 48 if haveEgressCallMap { 49 gpm, err2 := OpenCallMap(PolicyEgressCallMapName) 50 if err2 == nil { 51 k := PlumbingKey{ 52 key: id, 53 } 54 err2 = gpm.Map.Delete(&k) 55 gpm.Close() 56 } 57 if err == nil { 58 return err2 59 } 60 } 61 62 return err 63 } 64 65 // OpenCallMap opens the map that maps endpoint IDs to program file 66 // descriptors, which allows tail calling into the policy datapath code from 67 // other BPF programs. 68 func OpenCallMap(name string) (*PolicyPlumbingMap, error) { 69 m, err := bpf.OpenMap(bpf.MapPath(name), &PlumbingKey{}, &PlumbingValue{}) 70 if err != nil { 71 return nil, err 72 } 73 return &PolicyPlumbingMap{Map: m}, nil 74 }