|
eBPF for Windows
|
This file contains eBPF definitions common to eBPF programs, core execution engine as well as eBPF API library. More...
#include "ebpf_windows.h"Go to the source code of this file.
Data Structures | |
| struct | _ebpf_map_definition_in_memory |
| eBPF Map Definition as it is stored in memory. More... | |
| struct | _ebpf_map_definition_in_file |
| eBPF Map Definition as it appears in the maps section of an ELF file. More... | |
| struct | bpf_link_info |
| eBPF link information. This structure can be retrieved by calling bpf_obj_get_info_by_fd on a link fd. More... | |
| struct | bpf_map_info |
| eBPF map information. This structure can be retrieved by calling bpf_obj_get_info_by_fd on a map fd. More... | |
| struct | bpf_prog_info |
| eBPF program information. This structure can be retrieved by calling bpf_obj_get_info_by_fd on a program fd. More... | |
Macros | |
| #define | MAX_TAIL_CALL_CNT 33 |
| #define | BPF_ENUM_TO_STRING(X) #X |
| #define | BPF_MAP_TYPE_PER_CPU(X) ((X) == BPF_MAP_TYPE_PERCPU_HASH || (X) == BPF_MAP_TYPE_PERCPU_ARRAY || (X) == BPF_MAP_TYPE_LRU_PERCPU_HASH) |
| #define | EBPF_ID_NONE UINT32_MAX |
| #define | XDP_FLAGS_REPLACE 0x01 |
| #define | BPF_OBJ_NAME_LEN 64 |
| #define | BPF_ANY 0x0 |
| #define | BPF_NOEXIST 0x1 |
| #define | BPF_EXIST 0x2 |
Typedefs | |
| typedef enum bpf_map_type | ebpf_map_type_t |
| typedef enum ebpf_map_option | ebpf_map_option_t |
| typedef enum ebpf_pin_type | ebpf_pin_type_t |
| Pinning type for eBPF objects. The values should match the LIBBPF_PIN_* pin types defined in libbpf. More... | |
| typedef uint32_t | ebpf_id_t |
| typedef struct _ebpf_map_definition_in_memory | ebpf_map_definition_in_memory_t |
| eBPF Map Definition as it is stored in memory. More... | |
| typedef struct _ebpf_map_definition_in_file | ebpf_map_definition_in_file_t |
| eBPF Map Definition as it appears in the maps section of an ELF file. More... | |
| typedef enum bpf_prog_type | bpf_prog_type_t |
| typedef enum bpf_attach_type | bpf_attach_type_t |
This file contains eBPF definitions common to eBPF programs, core execution engine as well as eBPF API library.
| #define BPF_ANY 0x0 |
| #define BPF_ENUM_TO_STRING | ( | X | ) | #X |
| #define BPF_EXIST 0x2 |
| #define BPF_MAP_TYPE_PER_CPU | ( | X | ) | ((X) == BPF_MAP_TYPE_PERCPU_HASH || (X) == BPF_MAP_TYPE_PERCPU_ARRAY || (X) == BPF_MAP_TYPE_LRU_PERCPU_HASH) |
| #define BPF_NOEXIST 0x1 |
| #define BPF_OBJ_NAME_LEN 64 |
| #define EBPF_ID_NONE UINT32_MAX |
| #define MAX_TAIL_CALL_CNT 33 |
| #define XDP_FLAGS_REPLACE 0x01 |
| typedef enum bpf_attach_type bpf_attach_type_t |
| typedef enum bpf_prog_type bpf_prog_type_t |
| typedef uint32_t ebpf_id_t |
| typedef struct _ebpf_map_definition_in_file ebpf_map_definition_in_file_t |
eBPF Map Definition as it appears in the maps section of an ELF file.
| typedef struct _ebpf_map_definition_in_memory ebpf_map_definition_in_memory_t |
eBPF Map Definition as it is stored in memory.
| typedef enum ebpf_map_option ebpf_map_option_t |
| typedef enum bpf_map_type ebpf_map_type_t |
| typedef enum ebpf_pin_type ebpf_pin_type_t |
Pinning type for eBPF objects. The values should match the LIBBPF_PIN_* pin types defined in libbpf.
| enum bpf_attach_type |
| Enumerator | |
|---|---|
| BPF_ATTACH_TYPE_UNSPEC | Unspecified attach type. |
| BPF_XDP | Attach type for handling incoming packets as early as possible. Program type: BPF_PROG_TYPE_XDP |
| BPF_ATTACH_TYPE_BIND | Attach type for handling socket bind() requests. Program type: BPF_PROG_TYPE_BIND |
| BPF_CGROUP_INET4_CONNECT | Attach type for handling IPv4 TCP connect() or UDP send to a unique remote address/port tuple. Program type: BPF_PROG_TYPE_CGROUP_SOCK_ADDR |
| BPF_CGROUP_INET6_CONNECT | Attach type for handling IPv6 TCP connect() or UDP send to a unique remote address/port tuple. Program type: BPF_PROG_TYPE_CGROUP_SOCK_ADDR |
| BPF_CGROUP_INET4_RECV_ACCEPT | Attach type for handling IPv4 TCP accept() or on receiving the first unicast UDP packet from a unique remote address/port tuple. Program type: BPF_PROG_TYPE_CGROUP_SOCK_ADDR |
| BPF_CGROUP_INET6_RECV_ACCEPT | Attach type for handling IPv6 TCP accept() or on receiving the first unicast UDP packet from a unique remote address/port tuple. Program type: BPF_PROG_TYPE_CGROUP_SOCK_ADDR |
| BPF_CGROUP_SOCK_OPS | Attach type for handling various socket event notifications. Program type: BPF_PROG_TYPE_SOCK_OPS |
| BPF_ATTACH_TYPE_SAMPLE | Attach type implemented by eBPF Sample Extension driver, used for testing. Program type: BPF_PROG_TYPE_SAMPLE |
| BPF_XDP_TEST | Attach type for handling incoming packets as early as possible. Program type: BPF_PROG_TYPE_XDP_TEST |
| __MAX_BPF_ATTACH_TYPE | |
| enum bpf_link_type |
| Enumerator | |
|---|---|
| BPF_LINK_TYPE_UNSPEC | Unspecified link type. |
| BPF_LINK_TYPE_PLAIN | No union members are used in bpf_link_info. |
| BPF_LINK_TYPE_CGROUP | cgroup struct is present in bpf_link_info. |
| BPF_LINK_TYPE_XDP | xdp struct is present in bpf_link_info. |
| BPF_LINK_TYPE_MAX | |
| enum bpf_map_type |
| enum bpf_prog_type |
| Enumerator | |
|---|---|
| BPF_PROG_TYPE_UNSPEC | Unspecified program type. |
| BPF_PROG_TYPE_XDP | Program type for handling incoming packets as early as possible. eBPF program prototype: xdp_hook_t Attach type(s): BPF_XDP Helpers available: all helpers defined in bpf_helpers.h |
| BPF_PROG_TYPE_BIND | Program type for handling socket bind() requests. eBPF program prototype: bind_hook_t Attach type(s): BPF_ATTACH_TYPE_BIND Helpers available: all helpers defined in bpf_helpers.h |
| BPF_PROG_TYPE_CGROUP_SOCK_ADDR | Program type for handling various socket operations such as connect(), accept() etc. eBPF program prototype: sock_addr_hook_t Attach type(s): BPF_CGROUP_INET4_CONNECT BPF_CGROUP_INET6_CONNECT BPF_CGROUP_INET4_RECV_ACCEPT BPF_CGROUP_INET6_RECV_ACCEPT Helpers available: all helpers defined in bpf_helpers.h |
| BPF_PROG_TYPE_SOCK_OPS | Program type for handling various socket event notifications such as connection established etc. eBPF program prototype: sock_ops_hook_t Attach type(s): BPF_CGROUP_SOCK_OPS Helpers available: all helpers defined in bpf_helpers.h |
| BPF_PROG_TYPE_XDP_TEST | Program type for handling incoming packets as early as possible. eBPF program prototype: xdp_hook_t Attach type(s): BPF_XDP_TEST Helpers available: all helpers defined in bpf_helpers.h |
| BPF_PROG_TYPE_SAMPLE | Program type for handling calls from the eBPF sample extension. Used for testing. eBPF program prototype: see the eBPF sample extension. Attach type(s): BPF_ATTACH_TYPE_SAMPLE |
| enum ebpf_helper_id_t |
| Enumerator | |
|---|---|
| BPF_FUNC_map_lookup_elem | |
| BPF_FUNC_map_update_elem | |
| BPF_FUNC_map_delete_elem | |
| BPF_FUNC_map_lookup_and_delete_elem | |
| BPF_FUNC_tail_call | |
| BPF_FUNC_get_prandom_u32 | |
| BPF_FUNC_ktime_get_boot_ns | |
| BPF_FUNC_get_smp_processor_id | |
| BPF_FUNC_ktime_get_ns | |
| BPF_FUNC_csum_diff | |
| BPF_FUNC_ringbuf_output | |
| BPF_FUNC_trace_printk2 | bpf_trace_printk2 (but use bpf_printk instead) |
| BPF_FUNC_trace_printk3 | bpf_trace_printk3 (but use bpf_printk instead) |
| BPF_FUNC_trace_printk4 | bpf_trace_printk4 (but use bpf_printk instead) |
| BPF_FUNC_trace_printk5 | bpf_trace_printk5 (but use bpf_printk instead) |
| BPF_FUNC_map_push_elem | |
| BPF_FUNC_map_pop_elem | |
| BPF_FUNC_map_peek_elem | |
| BPF_FUNC_get_current_pid_tgid | |
| BPF_FUNC_get_current_logon_id | |
| BPF_FUNC_is_current_admin | |
| BPF_FUNC_memcpy | |
| BPF_FUNC_memcmp | |
| BPF_FUNC_memset | |
| BPF_FUNC_memmove | |
| BPF_FUNC_get_socket_cookie | |
| BPF_FUNC_strncpy_s | |
| BPF_FUNC_strncat_s | |
| BPF_FUNC_strnlen_s | |
| enum ebpf_map_option |
| enum ebpf_pin_type |
1.9.1