github.com/cilium/ebpf@v0.10.0/types.go (about) 1 package ebpf 2 3 import ( 4 "github.com/cilium/ebpf/internal/sys" 5 "github.com/cilium/ebpf/internal/unix" 6 ) 7 8 //go:generate stringer -output types_string.go -type=MapType,ProgramType,PinType 9 10 // MapType indicates the type map structure 11 // that will be initialized in the kernel. 12 type MapType uint32 13 14 // All the various map types that can be created 15 const ( 16 UnspecifiedMap MapType = iota 17 // Hash is a hash map 18 Hash 19 // Array is an array map 20 Array 21 // ProgramArray - A program array map is a special kind of array map whose map 22 // values contain only file descriptors referring to other eBPF 23 // programs. Thus, both the key_size and value_size must be 24 // exactly four bytes. This map is used in conjunction with the 25 // TailCall helper. 26 ProgramArray 27 // PerfEventArray - A perf event array is used in conjunction with PerfEventRead 28 // and PerfEventOutput calls, to read the raw bpf_perf_data from the registers. 29 PerfEventArray 30 // PerCPUHash - This data structure is useful for people who have high performance 31 // network needs and can reconcile adds at the end of some cycle, so that 32 // hashes can be lock free without the use of XAdd, which can be costly. 33 PerCPUHash 34 // PerCPUArray - This data structure is useful for people who have high performance 35 // network needs and can reconcile adds at the end of some cycle, so that 36 // hashes can be lock free without the use of XAdd, which can be costly. 37 // Each CPU gets a copy of this hash, the contents of all of which can be reconciled 38 // later. 39 PerCPUArray 40 // StackTrace - This holds whole user and kernel stack traces, it can be retrieved with 41 // GetStackID 42 StackTrace 43 // CGroupArray - This is a very niche structure used to help SKBInCGroup determine 44 // if an skb is from a socket belonging to a specific cgroup 45 CGroupArray 46 // LRUHash - This allows you to create a small hash structure that will purge the 47 // least recently used items rather than thow an error when you run out of memory 48 LRUHash 49 // LRUCPUHash - This is NOT like PerCPUHash, this structure is shared among the CPUs, 50 // it has more to do with including the CPU id with the LRU calculation so that if a 51 // particular CPU is using a value over-and-over again, then it will be saved, but if 52 // a value is being retrieved a lot but sparsely across CPUs it is not as important, basically 53 // giving weight to CPU locality over overall usage. 54 LRUCPUHash 55 // LPMTrie - This is an implementation of Longest-Prefix-Match Trie structure. It is useful, 56 // for storing things like IP addresses which can be bit masked allowing for keys of differing 57 // values to refer to the same reference based on their masks. See wikipedia for more details. 58 LPMTrie 59 // ArrayOfMaps - Each item in the array is another map. The inner map mustn't be a map of maps 60 // itself. 61 ArrayOfMaps 62 // HashOfMaps - Each item in the hash map is another map. The inner map mustn't be a map of maps 63 // itself. 64 HashOfMaps 65 // DevMap - Specialized map to store references to network devices. 66 DevMap 67 // SockMap - Specialized map to store references to sockets. 68 SockMap 69 // CPUMap - Specialized map to store references to CPUs. 70 CPUMap 71 // XSKMap - Specialized map for XDP programs to store references to open sockets. 72 XSKMap 73 // SockHash - Specialized hash to store references to sockets. 74 SockHash 75 // CGroupStorage - Special map for CGroups. 76 CGroupStorage 77 // ReusePortSockArray - Specialized map to store references to sockets that can be reused. 78 ReusePortSockArray 79 // PerCPUCGroupStorage - Special per CPU map for CGroups. 80 PerCPUCGroupStorage 81 // Queue - FIFO storage for BPF programs. 82 Queue 83 // Stack - LIFO storage for BPF programs. 84 Stack 85 // SkStorage - Specialized map for local storage at SK for BPF programs. 86 SkStorage 87 // DevMapHash - Hash-based indexing scheme for references to network devices. 88 DevMapHash 89 // StructOpsMap - This map holds a kernel struct with its function pointer implemented in a BPF 90 // program. 91 StructOpsMap 92 // RingBuf - Similar to PerfEventArray, but shared across all CPUs. 93 RingBuf 94 // InodeStorage - Specialized local storage map for inodes. 95 InodeStorage 96 // TaskStorage - Specialized local storage map for task_struct. 97 TaskStorage 98 ) 99 100 // hasPerCPUValue returns true if the Map stores a value per CPU. 101 func (mt MapType) hasPerCPUValue() bool { 102 return mt == PerCPUHash || mt == PerCPUArray || mt == LRUCPUHash || mt == PerCPUCGroupStorage 103 } 104 105 // canStoreMap returns true if the map type accepts a map fd 106 // for update and returns a map id for lookup. 107 func (mt MapType) canStoreMap() bool { 108 return mt == ArrayOfMaps || mt == HashOfMaps 109 } 110 111 // canStoreProgram returns true if the map type accepts a program fd 112 // for update and returns a program id for lookup. 113 func (mt MapType) canStoreProgram() bool { 114 return mt == ProgramArray 115 } 116 117 // ProgramType of the eBPF program 118 type ProgramType uint32 119 120 // eBPF program types 121 const ( 122 UnspecifiedProgram ProgramType = iota 123 SocketFilter 124 Kprobe 125 SchedCLS 126 SchedACT 127 TracePoint 128 XDP 129 PerfEvent 130 CGroupSKB 131 CGroupSock 132 LWTIn 133 LWTOut 134 LWTXmit 135 SockOps 136 SkSKB 137 CGroupDevice 138 SkMsg 139 RawTracepoint 140 CGroupSockAddr 141 LWTSeg6Local 142 LircMode2 143 SkReuseport 144 FlowDissector 145 CGroupSysctl 146 RawTracepointWritable 147 CGroupSockopt 148 Tracing 149 StructOps 150 Extension 151 LSM 152 SkLookup 153 Syscall 154 ) 155 156 // AttachType of the eBPF program, needed to differentiate allowed context accesses in 157 // some newer program types like CGroupSockAddr. Should be set to AttachNone if not required. 158 // Will cause invalid argument (EINVAL) at program load time if set incorrectly. 159 type AttachType uint32 160 161 //go:generate stringer -type AttachType -trimprefix Attach 162 163 // AttachNone is an alias for AttachCGroupInetIngress for readability reasons. 164 const AttachNone AttachType = 0 165 166 const ( 167 AttachCGroupInetIngress AttachType = iota 168 AttachCGroupInetEgress 169 AttachCGroupInetSockCreate 170 AttachCGroupSockOps 171 AttachSkSKBStreamParser 172 AttachSkSKBStreamVerdict 173 AttachCGroupDevice 174 AttachSkMsgVerdict 175 AttachCGroupInet4Bind 176 AttachCGroupInet6Bind 177 AttachCGroupInet4Connect 178 AttachCGroupInet6Connect 179 AttachCGroupInet4PostBind 180 AttachCGroupInet6PostBind 181 AttachCGroupUDP4Sendmsg 182 AttachCGroupUDP6Sendmsg 183 AttachLircMode2 184 AttachFlowDissector 185 AttachCGroupSysctl 186 AttachCGroupUDP4Recvmsg 187 AttachCGroupUDP6Recvmsg 188 AttachCGroupGetsockopt 189 AttachCGroupSetsockopt 190 AttachTraceRawTp 191 AttachTraceFEntry 192 AttachTraceFExit 193 AttachModifyReturn 194 AttachLSMMac 195 AttachTraceIter 196 AttachCgroupInet4GetPeername 197 AttachCgroupInet6GetPeername 198 AttachCgroupInet4GetSockname 199 AttachCgroupInet6GetSockname 200 AttachXDPDevMap 201 AttachCgroupInetSockRelease 202 AttachXDPCPUMap 203 AttachSkLookup 204 AttachXDP 205 AttachSkSKBVerdict 206 AttachSkReuseportSelect 207 AttachSkReuseportSelectOrMigrate 208 AttachPerfEvent 209 AttachTraceKprobeMulti 210 ) 211 212 // AttachFlags of the eBPF program used in BPF_PROG_ATTACH command 213 type AttachFlags uint32 214 215 // PinType determines whether a map is pinned into a BPFFS. 216 type PinType int 217 218 // Valid pin types. 219 // 220 // Mirrors enum libbpf_pin_type. 221 const ( 222 PinNone PinType = iota 223 // Pin an object by using its name as the filename. 224 PinByName 225 ) 226 227 // LoadPinOptions control how a pinned object is loaded. 228 type LoadPinOptions struct { 229 // Request a read-only or write-only object. The default is a read-write 230 // object. Only one of the flags may be set. 231 ReadOnly bool 232 WriteOnly bool 233 234 // Raw flags for the syscall. Other fields of this struct take precedence. 235 Flags uint32 236 } 237 238 // Marshal returns a value suitable for BPF_OBJ_GET syscall file_flags parameter. 239 func (lpo *LoadPinOptions) Marshal() uint32 { 240 if lpo == nil { 241 return 0 242 } 243 244 flags := lpo.Flags 245 if lpo.ReadOnly { 246 flags |= unix.BPF_F_RDONLY 247 } 248 if lpo.WriteOnly { 249 flags |= unix.BPF_F_WRONLY 250 } 251 return flags 252 } 253 254 // BatchOptions batch map operations options 255 // 256 // Mirrors libbpf struct bpf_map_batch_opts 257 // Currently BPF_F_FLAG is the only supported 258 // flag (for ElemFlags). 259 type BatchOptions struct { 260 ElemFlags uint64 261 Flags uint64 262 } 263 264 // LogLevel controls the verbosity of the kernel's eBPF program verifier. 265 // These constants can be used for the ProgramOptions.LogLevel field. 266 type LogLevel = sys.LogLevel 267 268 const ( 269 // Print verifier state at branch points. 270 LogLevelBranch = sys.BPF_LOG_LEVEL1 271 272 // Print verifier state for every instruction. 273 // Available since Linux v5.2. 274 LogLevelInstruction = sys.BPF_LOG_LEVEL2 275 276 // Print verifier errors and stats at the end of the verification process. 277 // Available since Linux v5.2. 278 LogLevelStats = sys.BPF_LOG_STATS 279 )