github.com/cilium/ebpf@v0.15.1-0.20240517100537-8079b37aa138/types.go (about)

     1  package ebpf
     2  
     3  import (
     4  	"github.com/cilium/ebpf/internal/sys"
     5  	"github.com/cilium/ebpf/internal/unix"
     6  )
     7  
     8  //go:generate go run golang.org/x/tools/cmd/stringer@latest -output types_string.go -type=MapType,ProgramType,PinType
     9  
    10  // MapType indicates the type map structure
    11  // that will be initialized in the kernel.
    12  type MapType uint32
    13  
    14  // All the various map types that can be created
    15  const (
    16  	UnspecifiedMap MapType = iota
    17  	// Hash is a hash map
    18  	Hash
    19  	// Array is an array map
    20  	Array
    21  	// ProgramArray - A program array map is a special kind of array map whose map
    22  	// values contain only file descriptors referring to other eBPF
    23  	// programs.  Thus, both the key_size and value_size must be
    24  	// exactly four bytes.  This map is used in conjunction with the
    25  	// TailCall helper.
    26  	ProgramArray
    27  	// PerfEventArray - A perf event array is used in conjunction with PerfEventRead
    28  	// and PerfEventOutput calls, to read the raw bpf_perf_data from the registers.
    29  	PerfEventArray
    30  	// PerCPUHash - This data structure is useful for people who have high performance
    31  	// network needs and can reconcile adds at the end of some cycle, so that
    32  	// hashes can be lock free without the use of XAdd, which can be costly.
    33  	PerCPUHash
    34  	// PerCPUArray - This data structure is useful for people who have high performance
    35  	// network needs and can reconcile adds at the end of some cycle, so that
    36  	// hashes can be lock free without the use of XAdd, which can be costly.
    37  	// Each CPU gets a copy of this hash, the contents of all of which can be reconciled
    38  	// later.
    39  	PerCPUArray
    40  	// StackTrace - This holds whole user and kernel stack traces, it can be retrieved with
    41  	// GetStackID
    42  	StackTrace
    43  	// CGroupArray - This is a very niche structure used to help SKBInCGroup determine
    44  	// if an skb is from a socket belonging to a specific cgroup
    45  	CGroupArray
    46  	// LRUHash - This allows you to create a small hash structure that will purge the
    47  	// least recently used items rather than throw an error when you run out of memory
    48  	LRUHash
    49  	// LRUCPUHash - This is NOT like PerCPUHash, this structure is shared among the CPUs,
    50  	// it has more to do with including the CPU id with the LRU calculation so that if a
    51  	// particular CPU is using a value over-and-over again, then it will be saved, but if
    52  	// a value is being retrieved a lot but sparsely across CPUs it is not as important, basically
    53  	// giving weight to CPU locality over overall usage.
    54  	LRUCPUHash
    55  	// LPMTrie - This is an implementation of Longest-Prefix-Match Trie structure. It is useful,
    56  	// for storing things like IP addresses which can be bit masked allowing for keys of differing
    57  	// values to refer to the same reference based on their masks. See wikipedia for more details.
    58  	LPMTrie
    59  	// ArrayOfMaps - Each item in the array is another map. The inner map mustn't be a map of maps
    60  	// itself.
    61  	ArrayOfMaps
    62  	// HashOfMaps - Each item in the hash map is another map. The inner map mustn't be a map of maps
    63  	// itself.
    64  	HashOfMaps
    65  	// DevMap - Specialized map to store references to network devices.
    66  	DevMap
    67  	// SockMap - Specialized map to store references to sockets.
    68  	SockMap
    69  	// CPUMap - Specialized map to store references to CPUs.
    70  	CPUMap
    71  	// XSKMap - Specialized map for XDP programs to store references to open sockets.
    72  	XSKMap
    73  	// SockHash - Specialized hash to store references to sockets.
    74  	SockHash
    75  	// CGroupStorage - Special map for CGroups.
    76  	CGroupStorage
    77  	// ReusePortSockArray - Specialized map to store references to sockets that can be reused.
    78  	ReusePortSockArray
    79  	// PerCPUCGroupStorage - Special per CPU map for CGroups.
    80  	PerCPUCGroupStorage
    81  	// Queue - FIFO storage for BPF programs.
    82  	Queue
    83  	// Stack - LIFO storage for BPF programs.
    84  	Stack
    85  	// SkStorage - Specialized map for local storage at SK for BPF programs.
    86  	SkStorage
    87  	// DevMapHash - Hash-based indexing scheme for references to network devices.
    88  	DevMapHash
    89  	// StructOpsMap - This map holds a kernel struct with its function pointer implemented in a BPF
    90  	// program.
    91  	StructOpsMap
    92  	// RingBuf - Similar to PerfEventArray, but shared across all CPUs.
    93  	RingBuf
    94  	// InodeStorage - Specialized local storage map for inodes.
    95  	InodeStorage
    96  	// TaskStorage - Specialized local storage map for task_struct.
    97  	TaskStorage
    98  )
    99  
   100  // hasPerCPUValue returns true if the Map stores a value per CPU.
   101  func (mt MapType) hasPerCPUValue() bool {
   102  	return mt == PerCPUHash || mt == PerCPUArray || mt == LRUCPUHash || mt == PerCPUCGroupStorage
   103  }
   104  
   105  // canStoreMapOrProgram returns true if the Map stores references to another Map
   106  // or Program.
   107  func (mt MapType) canStoreMapOrProgram() bool {
   108  	return mt.canStoreMap() || mt.canStoreProgram()
   109  }
   110  
   111  // canStoreMap returns true if the map type accepts a map fd
   112  // for update and returns a map id for lookup.
   113  func (mt MapType) canStoreMap() bool {
   114  	return mt == ArrayOfMaps || mt == HashOfMaps
   115  }
   116  
   117  // canStoreProgram returns true if the map type accepts a program fd
   118  // for update and returns a program id for lookup.
   119  func (mt MapType) canStoreProgram() bool {
   120  	return mt == ProgramArray
   121  }
   122  
   123  // ProgramType of the eBPF program
   124  type ProgramType uint32
   125  
   126  // eBPF program types
   127  const (
   128  	UnspecifiedProgram    = ProgramType(sys.BPF_PROG_TYPE_UNSPEC)
   129  	SocketFilter          = ProgramType(sys.BPF_PROG_TYPE_SOCKET_FILTER)
   130  	Kprobe                = ProgramType(sys.BPF_PROG_TYPE_KPROBE)
   131  	SchedCLS              = ProgramType(sys.BPF_PROG_TYPE_SCHED_CLS)
   132  	SchedACT              = ProgramType(sys.BPF_PROG_TYPE_SCHED_ACT)
   133  	TracePoint            = ProgramType(sys.BPF_PROG_TYPE_TRACEPOINT)
   134  	XDP                   = ProgramType(sys.BPF_PROG_TYPE_XDP)
   135  	PerfEvent             = ProgramType(sys.BPF_PROG_TYPE_PERF_EVENT)
   136  	CGroupSKB             = ProgramType(sys.BPF_PROG_TYPE_CGROUP_SKB)
   137  	CGroupSock            = ProgramType(sys.BPF_PROG_TYPE_CGROUP_SOCK)
   138  	LWTIn                 = ProgramType(sys.BPF_PROG_TYPE_LWT_IN)
   139  	LWTOut                = ProgramType(sys.BPF_PROG_TYPE_LWT_OUT)
   140  	LWTXmit               = ProgramType(sys.BPF_PROG_TYPE_LWT_XMIT)
   141  	SockOps               = ProgramType(sys.BPF_PROG_TYPE_SOCK_OPS)
   142  	SkSKB                 = ProgramType(sys.BPF_PROG_TYPE_SK_SKB)
   143  	CGroupDevice          = ProgramType(sys.BPF_PROG_TYPE_CGROUP_DEVICE)
   144  	SkMsg                 = ProgramType(sys.BPF_PROG_TYPE_SK_MSG)
   145  	RawTracepoint         = ProgramType(sys.BPF_PROG_TYPE_RAW_TRACEPOINT)
   146  	CGroupSockAddr        = ProgramType(sys.BPF_PROG_TYPE_CGROUP_SOCK_ADDR)
   147  	LWTSeg6Local          = ProgramType(sys.BPF_PROG_TYPE_LWT_SEG6LOCAL)
   148  	LircMode2             = ProgramType(sys.BPF_PROG_TYPE_LIRC_MODE2)
   149  	SkReuseport           = ProgramType(sys.BPF_PROG_TYPE_SK_REUSEPORT)
   150  	FlowDissector         = ProgramType(sys.BPF_PROG_TYPE_FLOW_DISSECTOR)
   151  	CGroupSysctl          = ProgramType(sys.BPF_PROG_TYPE_CGROUP_SYSCTL)
   152  	RawTracepointWritable = ProgramType(sys.BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE)
   153  	CGroupSockopt         = ProgramType(sys.BPF_PROG_TYPE_CGROUP_SOCKOPT)
   154  	Tracing               = ProgramType(sys.BPF_PROG_TYPE_TRACING)
   155  	StructOps             = ProgramType(sys.BPF_PROG_TYPE_STRUCT_OPS)
   156  	Extension             = ProgramType(sys.BPF_PROG_TYPE_EXT)
   157  	LSM                   = ProgramType(sys.BPF_PROG_TYPE_LSM)
   158  	SkLookup              = ProgramType(sys.BPF_PROG_TYPE_SK_LOOKUP)
   159  	Syscall               = ProgramType(sys.BPF_PROG_TYPE_SYSCALL)
   160  	Netfilter             = ProgramType(sys.BPF_PROG_TYPE_NETFILTER)
   161  )
   162  
   163  // AttachType of the eBPF program, needed to differentiate allowed context accesses in
   164  // some newer program types like CGroupSockAddr. Should be set to AttachNone if not required.
   165  // Will cause invalid argument (EINVAL) at program load time if set incorrectly.
   166  type AttachType uint32
   167  
   168  //go:generate go run golang.org/x/tools/cmd/stringer@latest -type AttachType -trimprefix Attach
   169  
   170  // AttachNone is an alias for AttachCGroupInetIngress for readability reasons.
   171  const AttachNone AttachType = 0
   172  
   173  const (
   174  	AttachCGroupInetIngress          = AttachType(sys.BPF_CGROUP_INET_INGRESS)
   175  	AttachCGroupInetEgress           = AttachType(sys.BPF_CGROUP_INET_EGRESS)
   176  	AttachCGroupInetSockCreate       = AttachType(sys.BPF_CGROUP_INET_SOCK_CREATE)
   177  	AttachCGroupSockOps              = AttachType(sys.BPF_CGROUP_SOCK_OPS)
   178  	AttachSkSKBStreamParser          = AttachType(sys.BPF_SK_SKB_STREAM_PARSER)
   179  	AttachSkSKBStreamVerdict         = AttachType(sys.BPF_SK_SKB_STREAM_VERDICT)
   180  	AttachCGroupDevice               = AttachType(sys.BPF_CGROUP_DEVICE)
   181  	AttachSkMsgVerdict               = AttachType(sys.BPF_SK_MSG_VERDICT)
   182  	AttachCGroupInet4Bind            = AttachType(sys.BPF_CGROUP_INET4_BIND)
   183  	AttachCGroupInet6Bind            = AttachType(sys.BPF_CGROUP_INET6_BIND)
   184  	AttachCGroupInet4Connect         = AttachType(sys.BPF_CGROUP_INET4_CONNECT)
   185  	AttachCGroupInet6Connect         = AttachType(sys.BPF_CGROUP_INET6_CONNECT)
   186  	AttachCGroupInet4PostBind        = AttachType(sys.BPF_CGROUP_INET4_POST_BIND)
   187  	AttachCGroupInet6PostBind        = AttachType(sys.BPF_CGROUP_INET6_POST_BIND)
   188  	AttachCGroupUDP4Sendmsg          = AttachType(sys.BPF_CGROUP_UDP4_SENDMSG)
   189  	AttachCGroupUDP6Sendmsg          = AttachType(sys.BPF_CGROUP_UDP6_SENDMSG)
   190  	AttachLircMode2                  = AttachType(sys.BPF_LIRC_MODE2)
   191  	AttachFlowDissector              = AttachType(sys.BPF_FLOW_DISSECTOR)
   192  	AttachCGroupSysctl               = AttachType(sys.BPF_CGROUP_SYSCTL)
   193  	AttachCGroupUDP4Recvmsg          = AttachType(sys.BPF_CGROUP_UDP4_RECVMSG)
   194  	AttachCGroupUDP6Recvmsg          = AttachType(sys.BPF_CGROUP_UDP6_RECVMSG)
   195  	AttachCGroupGetsockopt           = AttachType(sys.BPF_CGROUP_GETSOCKOPT)
   196  	AttachCGroupSetsockopt           = AttachType(sys.BPF_CGROUP_SETSOCKOPT)
   197  	AttachTraceRawTp                 = AttachType(sys.BPF_TRACE_RAW_TP)
   198  	AttachTraceFEntry                = AttachType(sys.BPF_TRACE_FENTRY)
   199  	AttachTraceFExit                 = AttachType(sys.BPF_TRACE_FEXIT)
   200  	AttachModifyReturn               = AttachType(sys.BPF_MODIFY_RETURN)
   201  	AttachLSMMac                     = AttachType(sys.BPF_LSM_MAC)
   202  	AttachTraceIter                  = AttachType(sys.BPF_TRACE_ITER)
   203  	AttachCgroupInet4GetPeername     = AttachType(sys.BPF_CGROUP_INET4_GETPEERNAME)
   204  	AttachCgroupInet6GetPeername     = AttachType(sys.BPF_CGROUP_INET6_GETPEERNAME)
   205  	AttachCgroupInet4GetSockname     = AttachType(sys.BPF_CGROUP_INET4_GETSOCKNAME)
   206  	AttachCgroupInet6GetSockname     = AttachType(sys.BPF_CGROUP_INET6_GETSOCKNAME)
   207  	AttachXDPDevMap                  = AttachType(sys.BPF_XDP_DEVMAP)
   208  	AttachCgroupInetSockRelease      = AttachType(sys.BPF_CGROUP_INET_SOCK_RELEASE)
   209  	AttachXDPCPUMap                  = AttachType(sys.BPF_XDP_CPUMAP)
   210  	AttachSkLookup                   = AttachType(sys.BPF_SK_LOOKUP)
   211  	AttachXDP                        = AttachType(sys.BPF_XDP)
   212  	AttachSkSKBVerdict               = AttachType(sys.BPF_SK_SKB_VERDICT)
   213  	AttachSkReuseportSelect          = AttachType(sys.BPF_SK_REUSEPORT_SELECT)
   214  	AttachSkReuseportSelectOrMigrate = AttachType(sys.BPF_SK_REUSEPORT_SELECT_OR_MIGRATE)
   215  	AttachPerfEvent                  = AttachType(sys.BPF_PERF_EVENT)
   216  	AttachTraceKprobeMulti           = AttachType(sys.BPF_TRACE_KPROBE_MULTI)
   217  	AttachLSMCgroup                  = AttachType(sys.BPF_LSM_CGROUP)
   218  	AttachStructOps                  = AttachType(sys.BPF_STRUCT_OPS)
   219  	AttachNetfilter                  = AttachType(sys.BPF_NETFILTER)
   220  	AttachTCXIngress                 = AttachType(sys.BPF_TCX_INGRESS)
   221  	AttachTCXEgress                  = AttachType(sys.BPF_TCX_EGRESS)
   222  	AttachTraceUprobeMulti           = AttachType(sys.BPF_TRACE_UPROBE_MULTI)
   223  	AttachCgroupUnixConnect          = AttachType(sys.BPF_CGROUP_UNIX_CONNECT)
   224  	AttachCgroupUnixSendmsg          = AttachType(sys.BPF_CGROUP_UNIX_SENDMSG)
   225  	AttachCgroupUnixRecvmsg          = AttachType(sys.BPF_CGROUP_UNIX_RECVMSG)
   226  	AttachCgroupUnixGetpeername      = AttachType(sys.BPF_CGROUP_UNIX_GETPEERNAME)
   227  	AttachCgroupUnixGetsockname      = AttachType(sys.BPF_CGROUP_UNIX_GETSOCKNAME)
   228  	AttachNetkitPrimary              = AttachType(sys.BPF_NETKIT_PRIMARY)
   229  	AttachNetkitPeer                 = AttachType(sys.BPF_NETKIT_PEER)
   230  )
   231  
   232  // AttachFlags of the eBPF program used in BPF_PROG_ATTACH command
   233  type AttachFlags uint32
   234  
   235  // PinType determines whether a map is pinned into a BPFFS.
   236  type PinType uint32
   237  
   238  // Valid pin types.
   239  //
   240  // Mirrors enum libbpf_pin_type.
   241  const (
   242  	PinNone PinType = iota
   243  	// Pin an object by using its name as the filename.
   244  	PinByName
   245  )
   246  
   247  // LoadPinOptions control how a pinned object is loaded.
   248  type LoadPinOptions struct {
   249  	// Request a read-only or write-only object. The default is a read-write
   250  	// object. Only one of the flags may be set.
   251  	ReadOnly  bool
   252  	WriteOnly bool
   253  
   254  	// Raw flags for the syscall. Other fields of this struct take precedence.
   255  	Flags uint32
   256  }
   257  
   258  // Marshal returns a value suitable for BPF_OBJ_GET syscall file_flags parameter.
   259  func (lpo *LoadPinOptions) Marshal() uint32 {
   260  	if lpo == nil {
   261  		return 0
   262  	}
   263  
   264  	flags := lpo.Flags
   265  	if lpo.ReadOnly {
   266  		flags |= unix.BPF_F_RDONLY
   267  	}
   268  	if lpo.WriteOnly {
   269  		flags |= unix.BPF_F_WRONLY
   270  	}
   271  	return flags
   272  }
   273  
   274  // BatchOptions batch map operations options
   275  //
   276  // Mirrors libbpf struct bpf_map_batch_opts
   277  // Currently BPF_F_FLAG is the only supported
   278  // flag (for ElemFlags).
   279  type BatchOptions struct {
   280  	ElemFlags uint64
   281  	Flags     uint64
   282  }
   283  
   284  // LogLevel controls the verbosity of the kernel's eBPF program verifier.
   285  // These constants can be used for the ProgramOptions.LogLevel field.
   286  type LogLevel = sys.LogLevel
   287  
   288  const (
   289  	// Print verifier state at branch points.
   290  	LogLevelBranch = sys.BPF_LOG_LEVEL1
   291  
   292  	// Print verifier state for every instruction.
   293  	// Available since Linux v5.2.
   294  	LogLevelInstruction = sys.BPF_LOG_LEVEL2
   295  
   296  	// Print verifier errors and stats at the end of the verification process.
   297  	// Available since Linux v5.2.
   298  	LogLevelStats = sys.BPF_LOG_STATS
   299  )