eBPF for Windows
ebpf_structs.h
Go to the documentation of this file.
1 // Copyright (c) eBPF for Windows contributors
2 // SPDX-License-Identifier: MIT
3 #pragma once
4 
11 #include "ebpf_windows.h"
12 
13 #define MAX_TAIL_CALL_CNT 33
14 
15 #define BPF_ENUM_TO_STRING(X) #X
16 
17 typedef enum bpf_map_type
18 {
19  BPF_MAP_TYPE_UNSPEC = 0,
20  BPF_MAP_TYPE_HASH = 1,
21  BPF_MAP_TYPE_ARRAY = 2,
22  BPF_MAP_TYPE_PROG_ARRAY =
23  3,
24  BPF_MAP_TYPE_PERCPU_HASH = 4,
25  BPF_MAP_TYPE_PERCPU_ARRAY = 5,
26  BPF_MAP_TYPE_HASH_OF_MAPS = 6,
27  BPF_MAP_TYPE_ARRAY_OF_MAPS = 7,
28  BPF_MAP_TYPE_LRU_HASH = 8,
29  BPF_MAP_TYPE_LPM_TRIE = 9,
30  BPF_MAP_TYPE_QUEUE = 10,
31  BPF_MAP_TYPE_LRU_PERCPU_HASH = 11,
32  BPF_MAP_TYPE_STACK = 12,
33  BPF_MAP_TYPE_RINGBUF = 13
34 } ebpf_map_type_t;
35 
36 #define BPF_MAP_TYPE_PER_CPU(X) \
37  ((X) == BPF_MAP_TYPE_PERCPU_HASH || (X) == BPF_MAP_TYPE_PERCPU_ARRAY || (X) == BPF_MAP_TYPE_LRU_PERCPU_HASH)
38 
39 static const char* const _ebpf_map_type_names[] = {
40  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_UNSPEC),
41  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_HASH),
42  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_ARRAY),
43  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_PROG_ARRAY),
44  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_PERCPU_HASH),
45  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_PERCPU_ARRAY),
46  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_HASH_OF_MAPS),
47  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_ARRAY_OF_MAPS),
48  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_LRU_HASH),
49  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_LPM_TRIE),
50  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_QUEUE),
51  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_LRU_PERCPU_HASH),
52  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_STACK),
53  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_RINGBUF),
54 };
55 
56 static const char* const _ebpf_map_display_names[] = {
57  "unspec",
58  "hash",
59  "array",
60  "prog_array",
61  "percpu_hash",
62  "percpu_array",
63  "hash_of_maps",
64  "array_of_maps",
65  "lru_hash",
66  "lpm_trie",
67  "queue",
68  "lru_percpu_hash",
69  "stack",
70  "ringbuf",
71 };
72 
73 typedef enum ebpf_map_option
74 {
75  EBPF_ANY,
76  EBPF_NOEXIST,
77  EBPF_EXIST
78 } ebpf_map_option_t;
79 
84 typedef enum ebpf_pin_type
85 {
86  LIBBPF_PIN_NONE = 0,
87  LIBBPF_PIN_BY_NAME,
88 } ebpf_pin_type_t;
89 
90 static const char* const _ebpf_pin_type_names[] = {
91  BPF_ENUM_TO_STRING(LIBBPF_PIN_NONE),
92  BPF_ENUM_TO_STRING(LIBBPF_PIN_BY_NAME),
93 };
94 
95 typedef uint32_t ebpf_id_t;
96 #define EBPF_ID_NONE UINT32_MAX
97 
101 typedef struct _ebpf_map_definition_in_memory
102 {
103  ebpf_map_type_t type;
104  uint32_t key_size;
105  uint32_t value_size;
106  uint32_t max_entries;
107  ebpf_id_t inner_map_id;
108  ebpf_pin_type_t pinning;
109 } ebpf_map_definition_in_memory_t;
110 
114 typedef struct _ebpf_map_definition_in_file
115 {
116  ebpf_map_type_t type;
117  uint32_t key_size;
118  uint32_t value_size;
119  uint32_t max_entries;
120 
125  uint32_t inner_map_idx;
126  ebpf_pin_type_t pinning;
127 
130  uint32_t id;
133  uint32_t inner_id;
134 } ebpf_map_definition_in_file_t;
135 
136 typedef enum
137 {
138  BPF_FUNC_map_lookup_elem = 1,
139  BPF_FUNC_map_update_elem = 2,
140  BPF_FUNC_map_delete_elem = 3,
141  BPF_FUNC_map_lookup_and_delete_elem = 4,
142  BPF_FUNC_tail_call = 5,
143  BPF_FUNC_get_prandom_u32 = 6,
144  BPF_FUNC_ktime_get_boot_ns = 7,
145  BPF_FUNC_get_smp_processor_id = 8,
146  BPF_FUNC_ktime_get_ns = 9,
147  BPF_FUNC_csum_diff = 10,
148  BPF_FUNC_ringbuf_output = 11,
149  BPF_FUNC_trace_printk2 = 12,
150  BPF_FUNC_trace_printk3 = 13,
151  BPF_FUNC_trace_printk4 = 14,
152  BPF_FUNC_trace_printk5 = 15,
153  BPF_FUNC_map_push_elem = 16,
154  BPF_FUNC_map_pop_elem = 17,
155  BPF_FUNC_map_peek_elem = 18,
156  BPF_FUNC_get_current_pid_tgid = 19,
157  BPF_FUNC_get_current_logon_id = 20,
158  BPF_FUNC_is_current_admin = 21,
159  BPF_FUNC_memcpy = 22,
160  BPF_FUNC_memcmp = 23,
161  BPF_FUNC_memset = 24,
162  BPF_FUNC_memmove = 25,
163  BPF_FUNC_get_socket_cookie = 26,
164  BPF_FUNC_strncpy_s = 27,
165  BPF_FUNC_strncat_s = 28,
166  BPF_FUNC_strnlen_s = 29,
167 } ebpf_helper_id_t;
168 
169 // Cross-platform BPF program types.
170 enum bpf_prog_type
171 {
172  BPF_PROG_TYPE_UNSPEC,
173 
182  BPF_PROG_TYPE_XDP,
183 
192  BPF_PROG_TYPE_BIND, // TODO(#333): replace with cross-platform program type
193 
206  BPF_PROG_TYPE_CGROUP_SOCK_ADDR,
207 
217  BPF_PROG_TYPE_SOCK_OPS,
218 
227  BPF_PROG_TYPE_XDP_TEST = 998,
228 
236  BPF_PROG_TYPE_SAMPLE = 999
237 };
238 
239 typedef enum bpf_prog_type bpf_prog_type_t;
240 
241 #define XDP_FLAGS_REPLACE 0x01
242 
243 // The link type is used to tell which union member is present
244 // in the bpf_link_info struct. There is exactly one non-zero value
245 // per union member.
246 enum bpf_link_type
247 {
248  BPF_LINK_TYPE_UNSPEC,
249  BPF_LINK_TYPE_PLAIN,
250  BPF_LINK_TYPE_CGROUP,
251  BPF_LINK_TYPE_XDP,
252  BPF_LINK_TYPE_MAX
253 };
254 
255 static const char* const _ebpf_link_display_names[] = {
256  "unspec",
257  "plain",
258 };
259 
260 enum bpf_attach_type
261 {
262  BPF_ATTACH_TYPE_UNSPEC,
263 
268  BPF_XDP,
269 
274  BPF_ATTACH_TYPE_BIND,
275 
281  BPF_CGROUP_INET4_CONNECT,
282 
288  BPF_CGROUP_INET6_CONNECT,
289 
295  BPF_CGROUP_INET4_RECV_ACCEPT,
296 
302  BPF_CGROUP_INET6_RECV_ACCEPT,
303 
308  BPF_CGROUP_SOCK_OPS,
309 
314  BPF_ATTACH_TYPE_SAMPLE,
315 
320  BPF_XDP_TEST,
321 
322  __MAX_BPF_ATTACH_TYPE,
323 };
324 
325 typedef enum bpf_attach_type bpf_attach_type_t;
326 
327 // Libbpf itself requires the following structs to be defined, but doesn't
328 // care what fields they have. Applications such as bpftool on the other
329 // hand depend on fields of specific names and types.
330 
331 #ifdef _MSC_VER
332 #pragma warning(push)
333 #pragma warning(disable : 4201) /* nameless struct/union */
334 #endif
339 struct bpf_link_info
340 {
341  ebpf_id_t id;
342  ebpf_id_t prog_id;
343  enum bpf_link_type type;
344  enum bpf_attach_type attach_type;
345  ebpf_attach_type_t attach_type_uuid;
346  ebpf_program_type_t program_type_uuid;
347  union
348  {
349  struct
350  {
351  uint32_t ifindex;
352  } xdp;
353  struct
354  {
355  uint64_t cgroup_id;
356  } cgroup;
357  uint8_t attach_data;
358  };
359 };
360 #ifdef _MSC_VER
361 #pragma warning(pop)
362 #endif
363 
364 #define BPF_OBJ_NAME_LEN 64
365 
370 struct bpf_map_info
371 {
372  // Cross-platform fields.
373  ebpf_id_t id;
374  ebpf_map_type_t type;
375  uint32_t key_size;
376  uint32_t value_size;
377  uint32_t max_entries;
378  char name[BPF_OBJ_NAME_LEN];
379  uint32_t map_flags;
380 
381  // Windows-specific fields.
382  ebpf_id_t inner_map_id;
383  uint32_t pinned_path_count;
384 };
385 
386 #define BPF_ANY 0x0
387 #define BPF_NOEXIST 0x1
388 #define BPF_EXIST 0x2
389 
394 struct bpf_prog_info
395 {
396  // Cross-platform fields.
397  ebpf_id_t id;
398  enum bpf_prog_type type;
399  uint32_t nr_map_ids;
400  uintptr_t map_ids;
401  char name[BPF_OBJ_NAME_LEN];
402 
403  // Windows-specific fields.
404  ebpf_program_type_t type_uuid;
405  ebpf_attach_type_t attach_type_uuid;
406  uint32_t pinned_path_count;
407  uint32_t link_count;
408 };
bpf_prog_type
bpf_prog_type
Definition: ebpf_structs.h:171
BPF_PROG_TYPE_XDP
@ BPF_PROG_TYPE_XDP
Program type for handling incoming packets as early as possible.
Definition: ebpf_structs.h:182
BPF_PROG_TYPE_BIND
@ BPF_PROG_TYPE_BIND
Program type for handling socket bind() requests.
Definition: ebpf_structs.h:192
BPF_PROG_TYPE_CGROUP_SOCK_ADDR
@ BPF_PROG_TYPE_CGROUP_SOCK_ADDR
Program type for handling various socket operations such as connect(), accept() etc.
Definition: ebpf_structs.h:206
BPF_PROG_TYPE_UNSPEC
@ BPF_PROG_TYPE_UNSPEC
Unspecified program type.
Definition: ebpf_structs.h:172
BPF_PROG_TYPE_XDP_TEST
@ BPF_PROG_TYPE_XDP_TEST
Program type for handling incoming packets as early as possible.
Definition: ebpf_structs.h:227
BPF_PROG_TYPE_SOCK_OPS
@ BPF_PROG_TYPE_SOCK_OPS
Program type for handling various socket event notifications such as connection established etc.
Definition: ebpf_structs.h:217
BPF_PROG_TYPE_SAMPLE
@ BPF_PROG_TYPE_SAMPLE
Program type for handling calls from the eBPF sample extension. Used for testing.
Definition: ebpf_structs.h:236
ebpf_map_option_t
enum ebpf_map_option ebpf_map_option_t
bpf_link_type
bpf_link_type
Definition: ebpf_structs.h:247
BPF_LINK_TYPE_UNSPEC
@ BPF_LINK_TYPE_UNSPEC
Unspecified link type.
Definition: ebpf_structs.h:248
BPF_LINK_TYPE_PLAIN
@ BPF_LINK_TYPE_PLAIN
No union members are used in bpf_link_info.
Definition: ebpf_structs.h:249
BPF_LINK_TYPE_CGROUP
@ BPF_LINK_TYPE_CGROUP
cgroup struct is present in bpf_link_info.
Definition: ebpf_structs.h:250
BPF_LINK_TYPE_XDP
@ BPF_LINK_TYPE_XDP
xdp struct is present in bpf_link_info.
Definition: ebpf_structs.h:251
BPF_LINK_TYPE_MAX
@ BPF_LINK_TYPE_MAX
Definition: ebpf_structs.h:252
bpf_prog_type_t
enum bpf_prog_type bpf_prog_type_t
Definition: ebpf_structs.h:239
ebpf_map_type_t
enum bpf_map_type ebpf_map_type_t
BPF_ENUM_TO_STRING
#define BPF_ENUM_TO_STRING(X)
Definition: ebpf_structs.h:15
ebpf_map_definition_in_memory_t
struct _ebpf_map_definition_in_memory ebpf_map_definition_in_memory_t
eBPF Map Definition as it is stored in memory.
ebpf_pin_type_t
enum ebpf_pin_type ebpf_pin_type_t
Pinning type for eBPF objects. The values should match the LIBBPF_PIN_* pin types defined in libbpf.
ebpf_pin_type
ebpf_pin_type
Pinning type for eBPF objects. The values should match the LIBBPF_PIN_* pin types defined in libbpf.
Definition: ebpf_structs.h:85
LIBBPF_PIN_NONE
@ LIBBPF_PIN_NONE
Object is not pinned.
Definition: ebpf_structs.h:86
LIBBPF_PIN_BY_NAME
@ LIBBPF_PIN_BY_NAME
Pinning with a global namespace.
Definition: ebpf_structs.h:87
ebpf_id_t
uint32_t ebpf_id_t
Definition: ebpf_structs.h:95
ebpf_helper_id_t
ebpf_helper_id_t
Definition: ebpf_structs.h:137
BPF_FUNC_trace_printk2
@ BPF_FUNC_trace_printk2
bpf_trace_printk2 (but use bpf_printk instead)
Definition: ebpf_structs.h:149
BPF_FUNC_tail_call
@ BPF_FUNC_tail_call
bpf_tail_call
Definition: ebpf_structs.h:142
BPF_FUNC_ktime_get_ns
@ BPF_FUNC_ktime_get_ns
bpf_ktime_get_ns
Definition: ebpf_structs.h:146
BPF_FUNC_memset
@ BPF_FUNC_memset
bpf_memset
Definition: ebpf_structs.h:161
BPF_FUNC_get_smp_processor_id
@ BPF_FUNC_get_smp_processor_id
bpf_get_smp_processor_id
Definition: ebpf_structs.h:145
BPF_FUNC_get_prandom_u32
@ BPF_FUNC_get_prandom_u32
bpf_get_prandom_u32
Definition: ebpf_structs.h:143
BPF_FUNC_get_socket_cookie
@ BPF_FUNC_get_socket_cookie
bpf_get_socket_cookie
Definition: ebpf_structs.h:163
BPF_FUNC_trace_printk3
@ BPF_FUNC_trace_printk3
bpf_trace_printk3 (but use bpf_printk instead)
Definition: ebpf_structs.h:150
BPF_FUNC_map_lookup_and_delete_elem
@ BPF_FUNC_map_lookup_and_delete_elem
bpf_map_lookup_and_delete_elem
Definition: ebpf_structs.h:141
BPF_FUNC_ringbuf_output
@ BPF_FUNC_ringbuf_output
bpf_ringbuf_output
Definition: ebpf_structs.h:148
BPF_FUNC_memcmp
@ BPF_FUNC_memcmp
bpf_memcmp
Definition: ebpf_structs.h:160
BPF_FUNC_memmove
@ BPF_FUNC_memmove
bpf_memmove
Definition: ebpf_structs.h:162
BPF_FUNC_trace_printk5
@ BPF_FUNC_trace_printk5
bpf_trace_printk5 (but use bpf_printk instead)
Definition: ebpf_structs.h:152
BPF_FUNC_is_current_admin
@ BPF_FUNC_is_current_admin
bpf_is_current_admin
Definition: ebpf_structs.h:158
BPF_FUNC_map_pop_elem
@ BPF_FUNC_map_pop_elem
bpf_map_pop_elem
Definition: ebpf_structs.h:154
BPF_FUNC_map_update_elem
@ BPF_FUNC_map_update_elem
bpf_map_update_elem
Definition: ebpf_structs.h:139
BPF_FUNC_strnlen_s
@ BPF_FUNC_strnlen_s
bpf_strnlen_s
Definition: ebpf_structs.h:166
BPF_FUNC_csum_diff
@ BPF_FUNC_csum_diff
bpf_csum_diff
Definition: ebpf_structs.h:147
BPF_FUNC_map_delete_elem
@ BPF_FUNC_map_delete_elem
bpf_map_delete_elem
Definition: ebpf_structs.h:140
BPF_FUNC_map_lookup_elem
@ BPF_FUNC_map_lookup_elem
bpf_map_lookup_elem
Definition: ebpf_structs.h:138
BPF_FUNC_trace_printk4
@ BPF_FUNC_trace_printk4
bpf_trace_printk4 (but use bpf_printk instead)
Definition: ebpf_structs.h:151
BPF_FUNC_map_peek_elem
@ BPF_FUNC_map_peek_elem
bpf_map_peek_elem
Definition: ebpf_structs.h:155
BPF_FUNC_strncpy_s
@ BPF_FUNC_strncpy_s
bpf_strncpy_s
Definition: ebpf_structs.h:164
BPF_FUNC_strncat_s
@ BPF_FUNC_strncat_s
bpf_strncat_s
Definition: ebpf_structs.h:165
BPF_FUNC_ktime_get_boot_ns
@ BPF_FUNC_ktime_get_boot_ns
bpf_ktime_get_boot_ns
Definition: ebpf_structs.h:144
BPF_FUNC_get_current_logon_id
@ BPF_FUNC_get_current_logon_id
bpf_get_current_logon_id
Definition: ebpf_structs.h:157
BPF_FUNC_memcpy
@ BPF_FUNC_memcpy
bpf_memcpy
Definition: ebpf_structs.h:159
BPF_FUNC_map_push_elem
@ BPF_FUNC_map_push_elem
bpf_map_push_elem
Definition: ebpf_structs.h:153
BPF_FUNC_get_current_pid_tgid
@ BPF_FUNC_get_current_pid_tgid
bpf_get_current_pid_tgid
Definition: ebpf_structs.h:156
bpf_attach_type
bpf_attach_type
Definition: ebpf_structs.h:261
BPF_XDP
@ BPF_XDP
Attach type for handling incoming packets as early as possible.
Definition: ebpf_structs.h:268
BPF_CGROUP_INET6_CONNECT
@ BPF_CGROUP_INET6_CONNECT
Attach type for handling IPv6 TCP connect() or UDP send to a unique remote address/port tuple.
Definition: ebpf_structs.h:288
BPF_ATTACH_TYPE_UNSPEC
@ BPF_ATTACH_TYPE_UNSPEC
Unspecified attach type.
Definition: ebpf_structs.h:262
__MAX_BPF_ATTACH_TYPE
@ __MAX_BPF_ATTACH_TYPE
Definition: ebpf_structs.h:322
BPF_ATTACH_TYPE_BIND
@ BPF_ATTACH_TYPE_BIND
Attach type for handling socket bind() requests.
Definition: ebpf_structs.h:274
BPF_XDP_TEST
@ BPF_XDP_TEST
Attach type for handling incoming packets as early as possible.
Definition: ebpf_structs.h:320
BPF_CGROUP_INET6_RECV_ACCEPT
@ BPF_CGROUP_INET6_RECV_ACCEPT
Attach type for handling IPv6 TCP accept() or on receiving the first unicast UDP packet from a unique...
Definition: ebpf_structs.h:302
BPF_ATTACH_TYPE_SAMPLE
@ BPF_ATTACH_TYPE_SAMPLE
Attach type implemented by eBPF Sample Extension driver, used for testing.
Definition: ebpf_structs.h:314
BPF_CGROUP_SOCK_OPS
@ BPF_CGROUP_SOCK_OPS
Attach type for handling various socket event notifications.
Definition: ebpf_structs.h:308
BPF_CGROUP_INET4_RECV_ACCEPT
@ BPF_CGROUP_INET4_RECV_ACCEPT
Attach type for handling IPv4 TCP accept() or on receiving the first unicast UDP packet from a unique...
Definition: ebpf_structs.h:295
BPF_CGROUP_INET4_CONNECT
@ BPF_CGROUP_INET4_CONNECT
Attach type for handling IPv4 TCP connect() or UDP send to a unique remote address/port tuple.
Definition: ebpf_structs.h:281
ebpf_map_definition_in_file_t
struct _ebpf_map_definition_in_file ebpf_map_definition_in_file_t
eBPF Map Definition as it appears in the maps section of an ELF file.
BPF_OBJ_NAME_LEN
#define BPF_OBJ_NAME_LEN
Definition: ebpf_structs.h:364
bpf_attach_type_t
enum bpf_attach_type bpf_attach_type_t
Definition: ebpf_structs.h:325
ebpf_map_option
ebpf_map_option
Definition: ebpf_structs.h:74
EBPF_ANY
@ EBPF_ANY
Create a new element or update an existing element.
Definition: ebpf_structs.h:75
EBPF_EXIST
@ EBPF_EXIST
Update an existing element.
Definition: ebpf_structs.h:77
EBPF_NOEXIST
@ EBPF_NOEXIST
Create a new element only when it does not exist.
Definition: ebpf_structs.h:76
bpf_map_type
bpf_map_type
Definition: ebpf_structs.h:18
BPF_MAP_TYPE_STACK
@ BPF_MAP_TYPE_STACK
Stack.
Definition: ebpf_structs.h:32
BPF_MAP_TYPE_RINGBUF
@ BPF_MAP_TYPE_RINGBUF
Ring buffer.
Definition: ebpf_structs.h:33
BPF_MAP_TYPE_PERCPU_ARRAY
@ BPF_MAP_TYPE_PERCPU_ARRAY
Per-CPU array.
Definition: ebpf_structs.h:25
BPF_MAP_TYPE_QUEUE
@ BPF_MAP_TYPE_QUEUE
Queue.
Definition: ebpf_structs.h:30
BPF_MAP_TYPE_LRU_PERCPU_HASH
@ BPF_MAP_TYPE_LRU_PERCPU_HASH
Per-CPU least-recently-used hash table.
Definition: ebpf_structs.h:31
BPF_MAP_TYPE_LPM_TRIE
@ BPF_MAP_TYPE_LPM_TRIE
Longest prefix match trie.
Definition: ebpf_structs.h:29
BPF_MAP_TYPE_HASH_OF_MAPS
@ BPF_MAP_TYPE_HASH_OF_MAPS
Hash table, where the map value is another map.
Definition: ebpf_structs.h:26
BPF_MAP_TYPE_LRU_HASH
@ BPF_MAP_TYPE_LRU_HASH
Least-recently-used hash table.
Definition: ebpf_structs.h:28
BPF_MAP_TYPE_PERCPU_HASH
@ BPF_MAP_TYPE_PERCPU_HASH
Per-CPU hash table.
Definition: ebpf_structs.h:24
BPF_MAP_TYPE_ARRAY_OF_MAPS
@ BPF_MAP_TYPE_ARRAY_OF_MAPS
Array, where the map value is another map.
Definition: ebpf_structs.h:27
BPF_MAP_TYPE_UNSPEC
@ BPF_MAP_TYPE_UNSPEC
Unspecified map type.
Definition: ebpf_structs.h:19
BPF_MAP_TYPE_ARRAY
@ BPF_MAP_TYPE_ARRAY
Array, where the map key is the array index.
Definition: ebpf_structs.h:21
BPF_MAP_TYPE_PROG_ARRAY
@ BPF_MAP_TYPE_PROG_ARRAY
Array of program fds usable with bpf_tail_call, where the map key is the array index.
Definition: ebpf_structs.h:22
BPF_MAP_TYPE_HASH
@ BPF_MAP_TYPE_HASH
Hash table.
Definition: ebpf_structs.h:20
ebpf_windows.h
ebpf_attach_type_t
GUID ebpf_attach_type_t
Definition: ebpf_windows.h:62
ebpf_program_type_t
GUID ebpf_program_type_t
Definition: ebpf_windows.h:61
_ebpf_map_definition_in_file
eBPF Map Definition as it appears in the maps section of an ELF file.
Definition: ebpf_structs.h:115
_ebpf_map_definition_in_file::inner_id
uint32_t inner_id
Definition: ebpf_structs.h:133
_ebpf_map_definition_in_file::key_size
uint32_t key_size
Size in bytes of a map key.
Definition: ebpf_structs.h:117
_ebpf_map_definition_in_file::max_entries
uint32_t max_entries
Maximum number of entries allowed in the map.
Definition: ebpf_structs.h:119
_ebpf_map_definition_in_file::inner_map_idx
uint32_t inner_map_idx
Definition: ebpf_structs.h:125
_ebpf_map_definition_in_file::type
ebpf_map_type_t type
Type of map.
Definition: ebpf_structs.h:116
_ebpf_map_definition_in_file::value_size
uint32_t value_size
Size in bytes of a map value.
Definition: ebpf_structs.h:118
_ebpf_map_definition_in_file::pinning
ebpf_pin_type_t pinning
Definition: ebpf_structs.h:126
_ebpf_map_definition_in_file::id
uint32_t id
Definition: ebpf_structs.h:130
_ebpf_map_definition_in_memory
eBPF Map Definition as it is stored in memory.
Definition: ebpf_structs.h:102
_ebpf_map_definition_in_memory::type
ebpf_map_type_t type
Type of map.
Definition: ebpf_structs.h:103
_ebpf_map_definition_in_memory::key_size
uint32_t key_size
Size in bytes of a map key.
Definition: ebpf_structs.h:104
_ebpf_map_definition_in_memory::inner_map_id
ebpf_id_t inner_map_id
Definition: ebpf_structs.h:107
_ebpf_map_definition_in_memory::max_entries
uint32_t max_entries
Maximum number of entries allowed in the map.
Definition: ebpf_structs.h:106
_ebpf_map_definition_in_memory::pinning
ebpf_pin_type_t pinning
Definition: ebpf_structs.h:108
_ebpf_map_definition_in_memory::value_size
uint32_t value_size
Size in bytes of a map value.
Definition: ebpf_structs.h:105
bpf_link_info
eBPF link information. This structure can be retrieved by calling bpf_obj_get_info_by_fd on a link fd...
Definition: ebpf_structs.h:340
bpf_link_info::program_type_uuid
ebpf_program_type_t program_type_uuid
Program type UUID.
Definition: ebpf_structs.h:346
bpf_link_info::attach_data
uint8_t attach_data
Definition: ebpf_structs.h:357
bpf_link_info::prog_id
ebpf_id_t prog_id
Program ID.
Definition: ebpf_structs.h:342
bpf_link_info::xdp
struct bpf_link_info::@26::@28 xdp
bpf_link_info::attach_type
enum bpf_attach_type attach_type
Attach type.
Definition: ebpf_structs.h:344
bpf_link_info::ifindex
uint32_t ifindex
Definition: ebpf_structs.h:351
bpf_link_info::type
enum bpf_link_type type
Link type.
Definition: ebpf_structs.h:343
bpf_link_info::attach_type_uuid
ebpf_attach_type_t attach_type_uuid
Attach type UUID.
Definition: ebpf_structs.h:345
bpf_link_info::cgroup_id
uint64_t cgroup_id
Definition: ebpf_structs.h:355
bpf_link_info::cgroup
struct bpf_link_info::@26::@29 cgroup
bpf_link_info::id
ebpf_id_t id
Link ID.
Definition: ebpf_structs.h:341
bpf_map_info
eBPF map information. This structure can be retrieved by calling bpf_obj_get_info_by_fd on a map fd.
Definition: ebpf_structs.h:371
bpf_map_info::max_entries
uint32_t max_entries
Maximum number of entries allowed in the map.
Definition: ebpf_structs.h:377
bpf_map_info::name
char name[BPF_OBJ_NAME_LEN]
Null-terminated map name.
Definition: ebpf_structs.h:378
bpf_map_info::type
ebpf_map_type_t type
Type of map.
Definition: ebpf_structs.h:374
bpf_map_info::key_size
uint32_t key_size
Size in bytes of a map key.
Definition: ebpf_structs.h:375
bpf_map_info::id
ebpf_id_t id
Map ID.
Definition: ebpf_structs.h:373
bpf_map_info::map_flags
uint32_t map_flags
Map flags.
Definition: ebpf_structs.h:379
bpf_map_info::pinned_path_count
uint32_t pinned_path_count
Number of pinned paths.
Definition: ebpf_structs.h:383
bpf_map_info::value_size
uint32_t value_size
Size in bytes of a map value.
Definition: ebpf_structs.h:376
bpf_map_info::inner_map_id
ebpf_id_t inner_map_id
ID of inner map template.
Definition: ebpf_structs.h:382
bpf_prog_info
eBPF program information. This structure can be retrieved by calling bpf_obj_get_info_by_fd on a prog...
Definition: ebpf_structs.h:395
bpf_prog_info::attach_type_uuid
ebpf_attach_type_t attach_type_uuid
Attach type UUID.
Definition: ebpf_structs.h:405
bpf_prog_info::pinned_path_count
uint32_t pinned_path_count
Number of pinned paths.
Definition: ebpf_structs.h:406
bpf_prog_info::link_count
uint32_t link_count
Number of attached links.
Definition: ebpf_structs.h:407
bpf_prog_info::type
enum bpf_prog_type type
Program type, if a cross-platform type.
Definition: ebpf_structs.h:398
bpf_prog_info::name
char name[BPF_OBJ_NAME_LEN]
Null-terminated program name.
Definition: ebpf_structs.h:401
bpf_prog_info::map_ids
uintptr_t map_ids
Pointer to caller-allocated array to fill map IDs into.
Definition: ebpf_structs.h:400
bpf_prog_info::nr_map_ids
uint32_t nr_map_ids
Number of maps associated with this program.
Definition: ebpf_structs.h:399
bpf_prog_info::id
ebpf_id_t id
Program ID.
Definition: ebpf_structs.h:397
bpf_prog_info::type_uuid
ebpf_program_type_t type_uuid
Program type UUID.
Definition: ebpf_structs.h:404
Generated by doxygen 1.9.1