github.com/cilium/ebpf@v0.15.1-0.20240517100537-8079b37aa138/types.go (about) 1 package ebpf 2 3 import ( 4 "github.com/cilium/ebpf/internal/sys" 5 "github.com/cilium/ebpf/internal/unix" 6 ) 7 8 //go:generate go run golang.org/x/tools/cmd/stringer@latest -output types_string.go -type=MapType,ProgramType,PinType 9 10 // MapType indicates the type map structure 11 // that will be initialized in the kernel. 12 type MapType uint32 13 14 // All the various map types that can be created 15 const ( 16 UnspecifiedMap MapType = iota 17 // Hash is a hash map 18 Hash 19 // Array is an array map 20 Array 21 // ProgramArray - A program array map is a special kind of array map whose map 22 // values contain only file descriptors referring to other eBPF 23 // programs. Thus, both the key_size and value_size must be 24 // exactly four bytes. This map is used in conjunction with the 25 // TailCall helper. 26 ProgramArray 27 // PerfEventArray - A perf event array is used in conjunction with PerfEventRead 28 // and PerfEventOutput calls, to read the raw bpf_perf_data from the registers. 29 PerfEventArray 30 // PerCPUHash - This data structure is useful for people who have high performance 31 // network needs and can reconcile adds at the end of some cycle, so that 32 // hashes can be lock free without the use of XAdd, which can be costly. 33 PerCPUHash 34 // PerCPUArray - This data structure is useful for people who have high performance 35 // network needs and can reconcile adds at the end of some cycle, so that 36 // hashes can be lock free without the use of XAdd, which can be costly. 37 // Each CPU gets a copy of this hash, the contents of all of which can be reconciled 38 // later. 39 PerCPUArray 40 // StackTrace - This holds whole user and kernel stack traces, it can be retrieved with 41 // GetStackID 42 StackTrace 43 // CGroupArray - This is a very niche structure used to help SKBInCGroup determine 44 // if an skb is from a socket belonging to a specific cgroup 45 CGroupArray 46 // LRUHash - This allows you to create a small hash structure that will purge the 47 // least recently used items rather than throw an error when you run out of memory 48 LRUHash 49 // LRUCPUHash - This is NOT like PerCPUHash, this structure is shared among the CPUs, 50 // it has more to do with including the CPU id with the LRU calculation so that if a 51 // particular CPU is using a value over-and-over again, then it will be saved, but if 52 // a value is being retrieved a lot but sparsely across CPUs it is not as important, basically 53 // giving weight to CPU locality over overall usage. 54 LRUCPUHash 55 // LPMTrie - This is an implementation of Longest-Prefix-Match Trie structure. It is useful, 56 // for storing things like IP addresses which can be bit masked allowing for keys of differing 57 // values to refer to the same reference based on their masks. See wikipedia for more details. 58 LPMTrie 59 // ArrayOfMaps - Each item in the array is another map. The inner map mustn't be a map of maps 60 // itself. 61 ArrayOfMaps 62 // HashOfMaps - Each item in the hash map is another map. The inner map mustn't be a map of maps 63 // itself. 64 HashOfMaps 65 // DevMap - Specialized map to store references to network devices. 66 DevMap 67 // SockMap - Specialized map to store references to sockets. 68 SockMap 69 // CPUMap - Specialized map to store references to CPUs. 70 CPUMap 71 // XSKMap - Specialized map for XDP programs to store references to open sockets. 72 XSKMap 73 // SockHash - Specialized hash to store references to sockets. 74 SockHash 75 // CGroupStorage - Special map for CGroups. 76 CGroupStorage 77 // ReusePortSockArray - Specialized map to store references to sockets that can be reused. 78 ReusePortSockArray 79 // PerCPUCGroupStorage - Special per CPU map for CGroups. 80 PerCPUCGroupStorage 81 // Queue - FIFO storage for BPF programs. 82 Queue 83 // Stack - LIFO storage for BPF programs. 84 Stack 85 // SkStorage - Specialized map for local storage at SK for BPF programs. 86 SkStorage 87 // DevMapHash - Hash-based indexing scheme for references to network devices. 88 DevMapHash 89 // StructOpsMap - This map holds a kernel struct with its function pointer implemented in a BPF 90 // program. 91 StructOpsMap 92 // RingBuf - Similar to PerfEventArray, but shared across all CPUs. 93 RingBuf 94 // InodeStorage - Specialized local storage map for inodes. 95 InodeStorage 96 // TaskStorage - Specialized local storage map for task_struct. 97 TaskStorage 98 ) 99 100 // hasPerCPUValue returns true if the Map stores a value per CPU. 101 func (mt MapType) hasPerCPUValue() bool { 102 return mt == PerCPUHash || mt == PerCPUArray || mt == LRUCPUHash || mt == PerCPUCGroupStorage 103 } 104 105 // canStoreMapOrProgram returns true if the Map stores references to another Map 106 // or Program. 107 func (mt MapType) canStoreMapOrProgram() bool { 108 return mt.canStoreMap() || mt.canStoreProgram() 109 } 110 111 // canStoreMap returns true if the map type accepts a map fd 112 // for update and returns a map id for lookup. 113 func (mt MapType) canStoreMap() bool { 114 return mt == ArrayOfMaps || mt == HashOfMaps 115 } 116 117 // canStoreProgram returns true if the map type accepts a program fd 118 // for update and returns a program id for lookup. 119 func (mt MapType) canStoreProgram() bool { 120 return mt == ProgramArray 121 } 122 123 // ProgramType of the eBPF program 124 type ProgramType uint32 125 126 // eBPF program types 127 const ( 128 UnspecifiedProgram = ProgramType(sys.BPF_PROG_TYPE_UNSPEC) 129 SocketFilter = ProgramType(sys.BPF_PROG_TYPE_SOCKET_FILTER) 130 Kprobe = ProgramType(sys.BPF_PROG_TYPE_KPROBE) 131 SchedCLS = ProgramType(sys.BPF_PROG_TYPE_SCHED_CLS) 132 SchedACT = ProgramType(sys.BPF_PROG_TYPE_SCHED_ACT) 133 TracePoint = ProgramType(sys.BPF_PROG_TYPE_TRACEPOINT) 134 XDP = ProgramType(sys.BPF_PROG_TYPE_XDP) 135 PerfEvent = ProgramType(sys.BPF_PROG_TYPE_PERF_EVENT) 136 CGroupSKB = ProgramType(sys.BPF_PROG_TYPE_CGROUP_SKB) 137 CGroupSock = ProgramType(sys.BPF_PROG_TYPE_CGROUP_SOCK) 138 LWTIn = ProgramType(sys.BPF_PROG_TYPE_LWT_IN) 139 LWTOut = ProgramType(sys.BPF_PROG_TYPE_LWT_OUT) 140 LWTXmit = ProgramType(sys.BPF_PROG_TYPE_LWT_XMIT) 141 SockOps = ProgramType(sys.BPF_PROG_TYPE_SOCK_OPS) 142 SkSKB = ProgramType(sys.BPF_PROG_TYPE_SK_SKB) 143 CGroupDevice = ProgramType(sys.BPF_PROG_TYPE_CGROUP_DEVICE) 144 SkMsg = ProgramType(sys.BPF_PROG_TYPE_SK_MSG) 145 RawTracepoint = ProgramType(sys.BPF_PROG_TYPE_RAW_TRACEPOINT) 146 CGroupSockAddr = ProgramType(sys.BPF_PROG_TYPE_CGROUP_SOCK_ADDR) 147 LWTSeg6Local = ProgramType(sys.BPF_PROG_TYPE_LWT_SEG6LOCAL) 148 LircMode2 = ProgramType(sys.BPF_PROG_TYPE_LIRC_MODE2) 149 SkReuseport = ProgramType(sys.BPF_PROG_TYPE_SK_REUSEPORT) 150 FlowDissector = ProgramType(sys.BPF_PROG_TYPE_FLOW_DISSECTOR) 151 CGroupSysctl = ProgramType(sys.BPF_PROG_TYPE_CGROUP_SYSCTL) 152 RawTracepointWritable = ProgramType(sys.BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE) 153 CGroupSockopt = ProgramType(sys.BPF_PROG_TYPE_CGROUP_SOCKOPT) 154 Tracing = ProgramType(sys.BPF_PROG_TYPE_TRACING) 155 StructOps = ProgramType(sys.BPF_PROG_TYPE_STRUCT_OPS) 156 Extension = ProgramType(sys.BPF_PROG_TYPE_EXT) 157 LSM = ProgramType(sys.BPF_PROG_TYPE_LSM) 158 SkLookup = ProgramType(sys.BPF_PROG_TYPE_SK_LOOKUP) 159 Syscall = ProgramType(sys.BPF_PROG_TYPE_SYSCALL) 160 Netfilter = ProgramType(sys.BPF_PROG_TYPE_NETFILTER) 161 ) 162 163 // AttachType of the eBPF program, needed to differentiate allowed context accesses in 164 // some newer program types like CGroupSockAddr. Should be set to AttachNone if not required. 165 // Will cause invalid argument (EINVAL) at program load time if set incorrectly. 166 type AttachType uint32 167 168 //go:generate go run golang.org/x/tools/cmd/stringer@latest -type AttachType -trimprefix Attach 169 170 // AttachNone is an alias for AttachCGroupInetIngress for readability reasons. 171 const AttachNone AttachType = 0 172 173 const ( 174 AttachCGroupInetIngress = AttachType(sys.BPF_CGROUP_INET_INGRESS) 175 AttachCGroupInetEgress = AttachType(sys.BPF_CGROUP_INET_EGRESS) 176 AttachCGroupInetSockCreate = AttachType(sys.BPF_CGROUP_INET_SOCK_CREATE) 177 AttachCGroupSockOps = AttachType(sys.BPF_CGROUP_SOCK_OPS) 178 AttachSkSKBStreamParser = AttachType(sys.BPF_SK_SKB_STREAM_PARSER) 179 AttachSkSKBStreamVerdict = AttachType(sys.BPF_SK_SKB_STREAM_VERDICT) 180 AttachCGroupDevice = AttachType(sys.BPF_CGROUP_DEVICE) 181 AttachSkMsgVerdict = AttachType(sys.BPF_SK_MSG_VERDICT) 182 AttachCGroupInet4Bind = AttachType(sys.BPF_CGROUP_INET4_BIND) 183 AttachCGroupInet6Bind = AttachType(sys.BPF_CGROUP_INET6_BIND) 184 AttachCGroupInet4Connect = AttachType(sys.BPF_CGROUP_INET4_CONNECT) 185 AttachCGroupInet6Connect = AttachType(sys.BPF_CGROUP_INET6_CONNECT) 186 AttachCGroupInet4PostBind = AttachType(sys.BPF_CGROUP_INET4_POST_BIND) 187 AttachCGroupInet6PostBind = AttachType(sys.BPF_CGROUP_INET6_POST_BIND) 188 AttachCGroupUDP4Sendmsg = AttachType(sys.BPF_CGROUP_UDP4_SENDMSG) 189 AttachCGroupUDP6Sendmsg = AttachType(sys.BPF_CGROUP_UDP6_SENDMSG) 190 AttachLircMode2 = AttachType(sys.BPF_LIRC_MODE2) 191 AttachFlowDissector = AttachType(sys.BPF_FLOW_DISSECTOR) 192 AttachCGroupSysctl = AttachType(sys.BPF_CGROUP_SYSCTL) 193 AttachCGroupUDP4Recvmsg = AttachType(sys.BPF_CGROUP_UDP4_RECVMSG) 194 AttachCGroupUDP6Recvmsg = AttachType(sys.BPF_CGROUP_UDP6_RECVMSG) 195 AttachCGroupGetsockopt = AttachType(sys.BPF_CGROUP_GETSOCKOPT) 196 AttachCGroupSetsockopt = AttachType(sys.BPF_CGROUP_SETSOCKOPT) 197 AttachTraceRawTp = AttachType(sys.BPF_TRACE_RAW_TP) 198 AttachTraceFEntry = AttachType(sys.BPF_TRACE_FENTRY) 199 AttachTraceFExit = AttachType(sys.BPF_TRACE_FEXIT) 200 AttachModifyReturn = AttachType(sys.BPF_MODIFY_RETURN) 201 AttachLSMMac = AttachType(sys.BPF_LSM_MAC) 202 AttachTraceIter = AttachType(sys.BPF_TRACE_ITER) 203 AttachCgroupInet4GetPeername = AttachType(sys.BPF_CGROUP_INET4_GETPEERNAME) 204 AttachCgroupInet6GetPeername = AttachType(sys.BPF_CGROUP_INET6_GETPEERNAME) 205 AttachCgroupInet4GetSockname = AttachType(sys.BPF_CGROUP_INET4_GETSOCKNAME) 206 AttachCgroupInet6GetSockname = AttachType(sys.BPF_CGROUP_INET6_GETSOCKNAME) 207 AttachXDPDevMap = AttachType(sys.BPF_XDP_DEVMAP) 208 AttachCgroupInetSockRelease = AttachType(sys.BPF_CGROUP_INET_SOCK_RELEASE) 209 AttachXDPCPUMap = AttachType(sys.BPF_XDP_CPUMAP) 210 AttachSkLookup = AttachType(sys.BPF_SK_LOOKUP) 211 AttachXDP = AttachType(sys.BPF_XDP) 212 AttachSkSKBVerdict = AttachType(sys.BPF_SK_SKB_VERDICT) 213 AttachSkReuseportSelect = AttachType(sys.BPF_SK_REUSEPORT_SELECT) 214 AttachSkReuseportSelectOrMigrate = AttachType(sys.BPF_SK_REUSEPORT_SELECT_OR_MIGRATE) 215 AttachPerfEvent = AttachType(sys.BPF_PERF_EVENT) 216 AttachTraceKprobeMulti = AttachType(sys.BPF_TRACE_KPROBE_MULTI) 217 AttachLSMCgroup = AttachType(sys.BPF_LSM_CGROUP) 218 AttachStructOps = AttachType(sys.BPF_STRUCT_OPS) 219 AttachNetfilter = AttachType(sys.BPF_NETFILTER) 220 AttachTCXIngress = AttachType(sys.BPF_TCX_INGRESS) 221 AttachTCXEgress = AttachType(sys.BPF_TCX_EGRESS) 222 AttachTraceUprobeMulti = AttachType(sys.BPF_TRACE_UPROBE_MULTI) 223 AttachCgroupUnixConnect = AttachType(sys.BPF_CGROUP_UNIX_CONNECT) 224 AttachCgroupUnixSendmsg = AttachType(sys.BPF_CGROUP_UNIX_SENDMSG) 225 AttachCgroupUnixRecvmsg = AttachType(sys.BPF_CGROUP_UNIX_RECVMSG) 226 AttachCgroupUnixGetpeername = AttachType(sys.BPF_CGROUP_UNIX_GETPEERNAME) 227 AttachCgroupUnixGetsockname = AttachType(sys.BPF_CGROUP_UNIX_GETSOCKNAME) 228 AttachNetkitPrimary = AttachType(sys.BPF_NETKIT_PRIMARY) 229 AttachNetkitPeer = AttachType(sys.BPF_NETKIT_PEER) 230 ) 231 232 // AttachFlags of the eBPF program used in BPF_PROG_ATTACH command 233 type AttachFlags uint32 234 235 // PinType determines whether a map is pinned into a BPFFS. 236 type PinType uint32 237 238 // Valid pin types. 239 // 240 // Mirrors enum libbpf_pin_type. 241 const ( 242 PinNone PinType = iota 243 // Pin an object by using its name as the filename. 244 PinByName 245 ) 246 247 // LoadPinOptions control how a pinned object is loaded. 248 type LoadPinOptions struct { 249 // Request a read-only or write-only object. The default is a read-write 250 // object. Only one of the flags may be set. 251 ReadOnly bool 252 WriteOnly bool 253 254 // Raw flags for the syscall. Other fields of this struct take precedence. 255 Flags uint32 256 } 257 258 // Marshal returns a value suitable for BPF_OBJ_GET syscall file_flags parameter. 259 func (lpo *LoadPinOptions) Marshal() uint32 { 260 if lpo == nil { 261 return 0 262 } 263 264 flags := lpo.Flags 265 if lpo.ReadOnly { 266 flags |= unix.BPF_F_RDONLY 267 } 268 if lpo.WriteOnly { 269 flags |= unix.BPF_F_WRONLY 270 } 271 return flags 272 } 273 274 // BatchOptions batch map operations options 275 // 276 // Mirrors libbpf struct bpf_map_batch_opts 277 // Currently BPF_F_FLAG is the only supported 278 // flag (for ElemFlags). 279 type BatchOptions struct { 280 ElemFlags uint64 281 Flags uint64 282 } 283 284 // LogLevel controls the verbosity of the kernel's eBPF program verifier. 285 // These constants can be used for the ProgramOptions.LogLevel field. 286 type LogLevel = sys.LogLevel 287 288 const ( 289 // Print verifier state at branch points. 290 LogLevelBranch = sys.BPF_LOG_LEVEL1 291 292 // Print verifier state for every instruction. 293 // Available since Linux v5.2. 294 LogLevelInstruction = sys.BPF_LOG_LEVEL2 295 296 // Print verifier errors and stats at the end of the verification process. 297 // Available since Linux v5.2. 298 LogLevelStats = sys.BPF_LOG_STATS 299 )