eBPF for Windows
ebpf_structs.h
Go to the documentation of this file.
1 // Copyright (c) eBPF for Windows contributors
2 // SPDX-License-Identifier: MIT
3 #pragma once
4 
11 #include "ebpf_windows.h"
12 
13 #define MAX_TAIL_CALL_CNT 33
14 
15 #define BPF_ENUM_TO_STRING(X) #X
16 
17 typedef enum bpf_map_type
18 {
19  BPF_MAP_TYPE_UNSPEC = 0,
20  BPF_MAP_TYPE_HASH = 1,
21  BPF_MAP_TYPE_ARRAY = 2,
22  BPF_MAP_TYPE_PROG_ARRAY =
23  3,
24  BPF_MAP_TYPE_PERCPU_HASH = 4,
25  BPF_MAP_TYPE_PERCPU_ARRAY = 5,
26  BPF_MAP_TYPE_HASH_OF_MAPS = 6,
27  BPF_MAP_TYPE_ARRAY_OF_MAPS = 7,
28  BPF_MAP_TYPE_LRU_HASH = 8,
29  BPF_MAP_TYPE_LPM_TRIE = 9,
30  BPF_MAP_TYPE_QUEUE = 10,
31  BPF_MAP_TYPE_LRU_PERCPU_HASH = 11,
32  BPF_MAP_TYPE_STACK = 12,
33  BPF_MAP_TYPE_RINGBUF = 13
34 } ebpf_map_type_t;
35 
36 #define BPF_MAP_TYPE_PER_CPU(X) \
37  ((X) == BPF_MAP_TYPE_PERCPU_HASH || (X) == BPF_MAP_TYPE_PERCPU_ARRAY || (X) == BPF_MAP_TYPE_LRU_PERCPU_HASH)
38 
39 static const char* const _ebpf_map_type_names[] = {
40  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_UNSPEC),
41  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_HASH),
42  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_ARRAY),
43  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_PROG_ARRAY),
44  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_PERCPU_HASH),
45  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_PERCPU_ARRAY),
46  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_HASH_OF_MAPS),
47  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_ARRAY_OF_MAPS),
48  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_LRU_HASH),
49  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_LPM_TRIE),
50  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_QUEUE),
51  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_LRU_PERCPU_HASH),
52  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_STACK),
53  BPF_ENUM_TO_STRING(BPF_MAP_TYPE_RINGBUF),
54 };
55 
56 static const char* const _ebpf_map_display_names[] = {
57  "unspec",
58  "hash",
59  "array",
60  "prog_array",
61  "percpu_hash",
62  "percpu_array",
63  "hash_of_maps",
64  "array_of_maps",
65  "lru_hash",
66  "lpm_trie",
67  "queue",
68  "lru_percpu_hash",
69  "stack",
70  "ringbuf",
71 };
72 
73 typedef enum ebpf_map_option
74 {
75  EBPF_ANY,
76  EBPF_NOEXIST,
77  EBPF_EXIST
78 } ebpf_map_option_t;
79 
84 typedef enum ebpf_pin_type
85 {
86  LIBBPF_PIN_NONE = 0,
87  LIBBPF_PIN_BY_NAME,
88 } ebpf_pin_type_t;
89 
90 static const char* const _ebpf_pin_type_names[] = {
91  BPF_ENUM_TO_STRING(LIBBPF_PIN_NONE),
92  BPF_ENUM_TO_STRING(LIBBPF_PIN_BY_NAME),
93 };
94 
95 typedef uint32_t ebpf_id_t;
96 #define EBPF_ID_NONE UINT32_MAX
97 
101 typedef struct _ebpf_map_definition_in_memory
102 {
103  ebpf_map_type_t type;
104  uint32_t key_size;
105  uint32_t value_size;
106  uint32_t max_entries;
107  ebpf_id_t inner_map_id;
108  ebpf_pin_type_t pinning;
109 } ebpf_map_definition_in_memory_t;
110 
114 typedef struct _ebpf_map_definition_in_file
115 {
116  ebpf_map_type_t type;
117  uint32_t key_size;
118  uint32_t value_size;
119  uint32_t max_entries;
120 
125  uint32_t inner_map_idx;
126  ebpf_pin_type_t pinning;
127 
130  uint32_t id;
133  uint32_t inner_id;
134 } ebpf_map_definition_in_file_t;
135 
136 typedef enum
137 {
138  BPF_FUNC_map_lookup_elem = 1,
139  BPF_FUNC_map_update_elem = 2,
140  BPF_FUNC_map_delete_elem = 3,
141  BPF_FUNC_map_lookup_and_delete_elem = 4,
142  BPF_FUNC_tail_call = 5,
143  BPF_FUNC_get_prandom_u32 = 6,
144  BPF_FUNC_ktime_get_boot_ns = 7,
145  BPF_FUNC_get_smp_processor_id = 8,
146  BPF_FUNC_ktime_get_ns = 9,
147  BPF_FUNC_csum_diff = 10,
148  BPF_FUNC_ringbuf_output = 11,
149  BPF_FUNC_trace_printk2 = 12,
150  BPF_FUNC_trace_printk3 = 13,
151  BPF_FUNC_trace_printk4 = 14,
152  BPF_FUNC_trace_printk5 = 15,
153  BPF_FUNC_map_push_elem = 16,
154  BPF_FUNC_map_pop_elem = 17,
155  BPF_FUNC_map_peek_elem = 18,
156  BPF_FUNC_get_current_pid_tgid = 19,
157  BPF_FUNC_get_current_logon_id = 20,
158  BPF_FUNC_is_current_admin = 21,
159  BPF_FUNC_memcpy = 22,
160  BPF_FUNC_memcmp = 23,
161  BPF_FUNC_memset = 24,
162  BPF_FUNC_memmove = 25,
163  BPF_FUNC_get_socket_cookie = 26,
164  BPF_FUNC_strncpy_s = 27,
165  BPF_FUNC_strncat_s = 28,
166  BPF_FUNC_strnlen_s = 29,
167  BPF_FUNC_ktime_get_boot_ms = 30,
168  BPF_FUNC_ktime_get_ms = 31,
169 } ebpf_helper_id_t;
170 
171 // Cross-platform BPF program types.
172 enum bpf_prog_type
173 {
174  BPF_PROG_TYPE_UNSPEC,
175 
184  BPF_PROG_TYPE_XDP,
185 
194  BPF_PROG_TYPE_BIND, // TODO(#333): replace with cross-platform program type
195 
208  BPF_PROG_TYPE_CGROUP_SOCK_ADDR,
209 
219  BPF_PROG_TYPE_SOCK_OPS,
220 
229  BPF_PROG_TYPE_XDP_TEST = 998,
230 
238  BPF_PROG_TYPE_SAMPLE = 999
239 };
240 
241 typedef enum bpf_prog_type bpf_prog_type_t;
242 
243 #define XDP_FLAGS_REPLACE 0x01
244 
245 // The link type is used to tell which union member is present
246 // in the bpf_link_info struct. There is exactly one non-zero value
247 // per union member.
248 enum bpf_link_type
249 {
250  BPF_LINK_TYPE_UNSPEC,
251  BPF_LINK_TYPE_PLAIN,
252  BPF_LINK_TYPE_CGROUP,
253  BPF_LINK_TYPE_XDP,
254  BPF_LINK_TYPE_MAX
255 };
256 
257 static const char* const _ebpf_link_display_names[] = {
258  "unspec",
259  "plain",
260 };
261 
262 enum bpf_attach_type
263 {
264  BPF_ATTACH_TYPE_UNSPEC,
265 
270  BPF_XDP,
271 
276  BPF_ATTACH_TYPE_BIND,
277 
283  BPF_CGROUP_INET4_CONNECT,
284 
290  BPF_CGROUP_INET6_CONNECT,
291 
297  BPF_CGROUP_INET4_RECV_ACCEPT,
298 
304  BPF_CGROUP_INET6_RECV_ACCEPT,
305 
310  BPF_CGROUP_SOCK_OPS,
311 
316  BPF_ATTACH_TYPE_SAMPLE,
317 
322  BPF_XDP_TEST,
323 
324  __MAX_BPF_ATTACH_TYPE,
325 };
326 
327 typedef enum bpf_attach_type bpf_attach_type_t;
328 
329 // Libbpf itself requires the following structs to be defined, but doesn't
330 // care what fields they have. Applications such as bpftool on the other
331 // hand depend on fields of specific names and types.
332 
333 #ifdef _MSC_VER
334 #pragma warning(push)
335 #pragma warning(disable : 4201) /* nameless struct/union */
336 #endif
341 struct bpf_link_info
342 {
343  ebpf_id_t id;
344  ebpf_id_t prog_id;
345  enum bpf_link_type type;
346  enum bpf_attach_type attach_type;
347  ebpf_attach_type_t attach_type_uuid;
348  ebpf_program_type_t program_type_uuid;
349  union
350  {
351  struct
352  {
353  uint32_t ifindex;
354  } xdp;
355  struct
356  {
357  uint64_t cgroup_id;
358  } cgroup;
359  uint8_t attach_data;
360  };
361 };
362 #ifdef _MSC_VER
363 #pragma warning(pop)
364 #endif
365 
366 #define BPF_OBJ_NAME_LEN 64
367 
372 struct bpf_map_info
373 {
374  // Cross-platform fields.
375  ebpf_id_t id;
376  ebpf_map_type_t type;
377  uint32_t key_size;
378  uint32_t value_size;
379  uint32_t max_entries;
380  char name[BPF_OBJ_NAME_LEN];
381  uint32_t map_flags;
382 
383  // Windows-specific fields.
384  ebpf_id_t inner_map_id;
385  uint32_t pinned_path_count;
386 };
387 
388 #define BPF_ANY 0x0
389 #define BPF_NOEXIST 0x1
390 #define BPF_EXIST 0x2
391 
396 struct bpf_prog_info
397 {
398  // Cross-platform fields.
399  ebpf_id_t id;
400  enum bpf_prog_type type;
401  uint32_t nr_map_ids;
402  uintptr_t map_ids;
403  char name[BPF_OBJ_NAME_LEN];
404 
405  // Windows-specific fields.
406  ebpf_program_type_t type_uuid;
407  ebpf_attach_type_t attach_type_uuid;
408  uint32_t pinned_path_count;
409  uint32_t link_count;
410 };
bpf_prog_type
bpf_prog_type
Definition: ebpf_structs.h:173
BPF_PROG_TYPE_XDP
@ BPF_PROG_TYPE_XDP
Program type for handling incoming packets as early as possible.
Definition: ebpf_structs.h:184
BPF_PROG_TYPE_BIND
@ BPF_PROG_TYPE_BIND
Program type for handling socket bind() requests.
Definition: ebpf_structs.h:194
BPF_PROG_TYPE_CGROUP_SOCK_ADDR
@ BPF_PROG_TYPE_CGROUP_SOCK_ADDR
Program type for handling various socket operations such as connect(), accept() etc.
Definition: ebpf_structs.h:208
BPF_PROG_TYPE_UNSPEC
@ BPF_PROG_TYPE_UNSPEC
Unspecified program type.
Definition: ebpf_structs.h:174
BPF_PROG_TYPE_XDP_TEST
@ BPF_PROG_TYPE_XDP_TEST
Program type for handling incoming packets as early as possible.
Definition: ebpf_structs.h:229
BPF_PROG_TYPE_SOCK_OPS
@ BPF_PROG_TYPE_SOCK_OPS
Program type for handling various socket event notifications such as connection established etc.
Definition: ebpf_structs.h:219
BPF_PROG_TYPE_SAMPLE
@ BPF_PROG_TYPE_SAMPLE
Program type for handling calls from the eBPF sample extension. Used for testing.
Definition: ebpf_structs.h:238
ebpf_map_option_t
enum ebpf_map_option ebpf_map_option_t
bpf_link_type
bpf_link_type
Definition: ebpf_structs.h:249
BPF_LINK_TYPE_UNSPEC
@ BPF_LINK_TYPE_UNSPEC
Unspecified link type.
Definition: ebpf_structs.h:250
BPF_LINK_TYPE_PLAIN
@ BPF_LINK_TYPE_PLAIN
No union members are used in bpf_link_info.
Definition: ebpf_structs.h:251
BPF_LINK_TYPE_CGROUP
@ BPF_LINK_TYPE_CGROUP
cgroup struct is present in bpf_link_info.
Definition: ebpf_structs.h:252
BPF_LINK_TYPE_XDP
@ BPF_LINK_TYPE_XDP
xdp struct is present in bpf_link_info.
Definition: ebpf_structs.h:253
BPF_LINK_TYPE_MAX
@ BPF_LINK_TYPE_MAX
Definition: ebpf_structs.h:254
bpf_prog_type_t
enum bpf_prog_type bpf_prog_type_t
Definition: ebpf_structs.h:241
ebpf_map_type_t
enum bpf_map_type ebpf_map_type_t
BPF_ENUM_TO_STRING
#define BPF_ENUM_TO_STRING(X)
Definition: ebpf_structs.h:15
ebpf_map_definition_in_memory_t
struct _ebpf_map_definition_in_memory ebpf_map_definition_in_memory_t
eBPF Map Definition as it is stored in memory.
ebpf_pin_type_t
enum ebpf_pin_type ebpf_pin_type_t
Pinning type for eBPF objects. The values should match the LIBBPF_PIN_* pin types defined in libbpf.
ebpf_pin_type
ebpf_pin_type
Pinning type for eBPF objects. The values should match the LIBBPF_PIN_* pin types defined in libbpf.
Definition: ebpf_structs.h:85
LIBBPF_PIN_NONE
@ LIBBPF_PIN_NONE
Object is not pinned.
Definition: ebpf_structs.h:86
LIBBPF_PIN_BY_NAME
@ LIBBPF_PIN_BY_NAME
Pinning with a global namespace.
Definition: ebpf_structs.h:87
ebpf_id_t
uint32_t ebpf_id_t
Definition: ebpf_structs.h:95
ebpf_helper_id_t
ebpf_helper_id_t
Definition: ebpf_structs.h:137
BPF_FUNC_trace_printk2
@ BPF_FUNC_trace_printk2
bpf_trace_printk2 (but use bpf_printk instead)
Definition: ebpf_structs.h:149
BPF_FUNC_tail_call
@ BPF_FUNC_tail_call
bpf_tail_call
Definition: ebpf_structs.h:142
BPF_FUNC_ktime_get_ns
@ BPF_FUNC_ktime_get_ns
bpf_ktime_get_ns
Definition: ebpf_structs.h:146
BPF_FUNC_memset
@ BPF_FUNC_memset
bpf_memset
Definition: ebpf_structs.h:161
BPF_FUNC_get_smp_processor_id
@ BPF_FUNC_get_smp_processor_id
bpf_get_smp_processor_id
Definition: ebpf_structs.h:145
BPF_FUNC_get_prandom_u32
@ BPF_FUNC_get_prandom_u32
bpf_get_prandom_u32
Definition: ebpf_structs.h:143
BPF_FUNC_get_socket_cookie
@ BPF_FUNC_get_socket_cookie
bpf_get_socket_cookie
Definition: ebpf_structs.h:163
BPF_FUNC_trace_printk3
@ BPF_FUNC_trace_printk3
bpf_trace_printk3 (but use bpf_printk instead)
Definition: ebpf_structs.h:150
BPF_FUNC_map_lookup_and_delete_elem
@ BPF_FUNC_map_lookup_and_delete_elem
bpf_map_lookup_and_delete_elem
Definition: ebpf_structs.h:141
BPF_FUNC_ringbuf_output
@ BPF_FUNC_ringbuf_output
bpf_ringbuf_output
Definition: ebpf_structs.h:148
BPF_FUNC_memcmp
@ BPF_FUNC_memcmp
bpf_memcmp
Definition: ebpf_structs.h:160
BPF_FUNC_ktime_get_ms
@ BPF_FUNC_ktime_get_ms
bpf_ktime_get_ms
Definition: ebpf_structs.h:168
BPF_FUNC_memmove
@ BPF_FUNC_memmove
bpf_memmove
Definition: ebpf_structs.h:162
BPF_FUNC_trace_printk5
@ BPF_FUNC_trace_printk5
bpf_trace_printk5 (but use bpf_printk instead)
Definition: ebpf_structs.h:152
BPF_FUNC_is_current_admin
@ BPF_FUNC_is_current_admin
bpf_is_current_admin
Definition: ebpf_structs.h:158
BPF_FUNC_map_pop_elem
@ BPF_FUNC_map_pop_elem
bpf_map_pop_elem
Definition: ebpf_structs.h:154
BPF_FUNC_map_update_elem
@ BPF_FUNC_map_update_elem
bpf_map_update_elem
Definition: ebpf_structs.h:139
BPF_FUNC_strnlen_s
@ BPF_FUNC_strnlen_s
bpf_strnlen_s
Definition: ebpf_structs.h:166
BPF_FUNC_csum_diff
@ BPF_FUNC_csum_diff
bpf_csum_diff
Definition: ebpf_structs.h:147
BPF_FUNC_map_delete_elem
@ BPF_FUNC_map_delete_elem
bpf_map_delete_elem
Definition: ebpf_structs.h:140
BPF_FUNC_map_lookup_elem
@ BPF_FUNC_map_lookup_elem
bpf_map_lookup_elem
Definition: ebpf_structs.h:138
BPF_FUNC_trace_printk4
@ BPF_FUNC_trace_printk4
bpf_trace_printk4 (but use bpf_printk instead)
Definition: ebpf_structs.h:151
BPF_FUNC_map_peek_elem
@ BPF_FUNC_map_peek_elem
bpf_map_peek_elem
Definition: ebpf_structs.h:155
BPF_FUNC_strncpy_s
@ BPF_FUNC_strncpy_s
bpf_strncpy_s
Definition: ebpf_structs.h:164
BPF_FUNC_strncat_s
@ BPF_FUNC_strncat_s
bpf_strncat_s
Definition: ebpf_structs.h:165
BPF_FUNC_ktime_get_boot_ns
@ BPF_FUNC_ktime_get_boot_ns
bpf_ktime_get_boot_ns
Definition: ebpf_structs.h:144
BPF_FUNC_ktime_get_boot_ms
@ BPF_FUNC_ktime_get_boot_ms
bpf_ktime_get_boot_ms
Definition: ebpf_structs.h:167
BPF_FUNC_get_current_logon_id
@ BPF_FUNC_get_current_logon_id
bpf_get_current_logon_id
Definition: ebpf_structs.h:157
BPF_FUNC_memcpy
@ BPF_FUNC_memcpy
bpf_memcpy
Definition: ebpf_structs.h:159
BPF_FUNC_map_push_elem
@ BPF_FUNC_map_push_elem
bpf_map_push_elem
Definition: ebpf_structs.h:153
BPF_FUNC_get_current_pid_tgid
@ BPF_FUNC_get_current_pid_tgid
bpf_get_current_pid_tgid
Definition: ebpf_structs.h:156
bpf_attach_type
bpf_attach_type
Definition: ebpf_structs.h:263
BPF_XDP
@ BPF_XDP
Attach type for handling incoming packets as early as possible.
Definition: ebpf_structs.h:270
BPF_CGROUP_INET6_CONNECT
@ BPF_CGROUP_INET6_CONNECT
Attach type for handling IPv6 TCP connect() or UDP send to a unique remote address/port tuple.
Definition: ebpf_structs.h:290
BPF_ATTACH_TYPE_UNSPEC
@ BPF_ATTACH_TYPE_UNSPEC
Unspecified attach type.
Definition: ebpf_structs.h:264
__MAX_BPF_ATTACH_TYPE
@ __MAX_BPF_ATTACH_TYPE
Definition: ebpf_structs.h:324
BPF_ATTACH_TYPE_BIND
@ BPF_ATTACH_TYPE_BIND
Attach type for handling socket bind() requests.
Definition: ebpf_structs.h:276
BPF_XDP_TEST
@ BPF_XDP_TEST
Attach type for handling incoming packets as early as possible.
Definition: ebpf_structs.h:322
BPF_CGROUP_INET6_RECV_ACCEPT
@ BPF_CGROUP_INET6_RECV_ACCEPT
Attach type for handling IPv6 TCP accept() or on receiving the first unicast UDP packet from a unique...
Definition: ebpf_structs.h:304
BPF_ATTACH_TYPE_SAMPLE
@ BPF_ATTACH_TYPE_SAMPLE
Attach type implemented by eBPF Sample Extension driver, used for testing.
Definition: ebpf_structs.h:316
BPF_CGROUP_SOCK_OPS
@ BPF_CGROUP_SOCK_OPS
Attach type for handling various socket event notifications.
Definition: ebpf_structs.h:310
BPF_CGROUP_INET4_RECV_ACCEPT
@ BPF_CGROUP_INET4_RECV_ACCEPT
Attach type for handling IPv4 TCP accept() or on receiving the first unicast UDP packet from a unique...
Definition: ebpf_structs.h:297
BPF_CGROUP_INET4_CONNECT
@ BPF_CGROUP_INET4_CONNECT
Attach type for handling IPv4 TCP connect() or UDP send to a unique remote address/port tuple.
Definition: ebpf_structs.h:283
ebpf_map_definition_in_file_t
struct _ebpf_map_definition_in_file ebpf_map_definition_in_file_t
eBPF Map Definition as it appears in the maps section of an ELF file.
BPF_OBJ_NAME_LEN
#define BPF_OBJ_NAME_LEN
Definition: ebpf_structs.h:366
bpf_attach_type_t
enum bpf_attach_type bpf_attach_type_t
Definition: ebpf_structs.h:327
ebpf_map_option
ebpf_map_option
Definition: ebpf_structs.h:74
EBPF_ANY
@ EBPF_ANY
Create a new element or update an existing element.
Definition: ebpf_structs.h:75
EBPF_EXIST
@ EBPF_EXIST
Update an existing element.
Definition: ebpf_structs.h:77
EBPF_NOEXIST
@ EBPF_NOEXIST
Create a new element only when it does not exist.
Definition: ebpf_structs.h:76
bpf_map_type
bpf_map_type
Definition: ebpf_structs.h:18
BPF_MAP_TYPE_STACK
@ BPF_MAP_TYPE_STACK
Stack.
Definition: ebpf_structs.h:32
BPF_MAP_TYPE_RINGBUF
@ BPF_MAP_TYPE_RINGBUF
Ring buffer.
Definition: ebpf_structs.h:33
BPF_MAP_TYPE_PERCPU_ARRAY
@ BPF_MAP_TYPE_PERCPU_ARRAY
Per-CPU array.
Definition: ebpf_structs.h:25
BPF_MAP_TYPE_QUEUE
@ BPF_MAP_TYPE_QUEUE
Queue.
Definition: ebpf_structs.h:30
BPF_MAP_TYPE_LRU_PERCPU_HASH
@ BPF_MAP_TYPE_LRU_PERCPU_HASH
Per-CPU least-recently-used hash table.
Definition: ebpf_structs.h:31
BPF_MAP_TYPE_LPM_TRIE
@ BPF_MAP_TYPE_LPM_TRIE
Longest prefix match trie.
Definition: ebpf_structs.h:29
BPF_MAP_TYPE_HASH_OF_MAPS
@ BPF_MAP_TYPE_HASH_OF_MAPS
Hash table, where the map value is another map.
Definition: ebpf_structs.h:26
BPF_MAP_TYPE_LRU_HASH
@ BPF_MAP_TYPE_LRU_HASH
Least-recently-used hash table.
Definition: ebpf_structs.h:28
BPF_MAP_TYPE_PERCPU_HASH
@ BPF_MAP_TYPE_PERCPU_HASH
Per-CPU hash table.
Definition: ebpf_structs.h:24
BPF_MAP_TYPE_ARRAY_OF_MAPS
@ BPF_MAP_TYPE_ARRAY_OF_MAPS
Array, where the map value is another map.
Definition: ebpf_structs.h:27
BPF_MAP_TYPE_UNSPEC
@ BPF_MAP_TYPE_UNSPEC
Unspecified map type.
Definition: ebpf_structs.h:19
BPF_MAP_TYPE_ARRAY
@ BPF_MAP_TYPE_ARRAY
Array, where the map key is the array index.
Definition: ebpf_structs.h:21
BPF_MAP_TYPE_PROG_ARRAY
@ BPF_MAP_TYPE_PROG_ARRAY
Array of program fds usable with bpf_tail_call, where the map key is the array index.
Definition: ebpf_structs.h:22
BPF_MAP_TYPE_HASH
@ BPF_MAP_TYPE_HASH
Hash table.
Definition: ebpf_structs.h:20
ebpf_windows.h
ebpf_attach_type_t
GUID ebpf_attach_type_t
Definition: ebpf_windows.h:62
ebpf_program_type_t
GUID ebpf_program_type_t
Definition: ebpf_windows.h:61
_ebpf_map_definition_in_file
eBPF Map Definition as it appears in the maps section of an ELF file.
Definition: ebpf_structs.h:115
_ebpf_map_definition_in_file::inner_id
uint32_t inner_id
Definition: ebpf_structs.h:133
_ebpf_map_definition_in_file::key_size
uint32_t key_size
Size in bytes of a map key.
Definition: ebpf_structs.h:117
_ebpf_map_definition_in_file::max_entries
uint32_t max_entries
Maximum number of entries allowed in the map.
Definition: ebpf_structs.h:119
_ebpf_map_definition_in_file::inner_map_idx
uint32_t inner_map_idx
Definition: ebpf_structs.h:125
_ebpf_map_definition_in_file::type
ebpf_map_type_t type
Type of map.
Definition: ebpf_structs.h:116
_ebpf_map_definition_in_file::value_size
uint32_t value_size
Size in bytes of a map value.
Definition: ebpf_structs.h:118
_ebpf_map_definition_in_file::pinning
ebpf_pin_type_t pinning
Definition: ebpf_structs.h:126
_ebpf_map_definition_in_file::id
uint32_t id
Definition: ebpf_structs.h:130
_ebpf_map_definition_in_memory
eBPF Map Definition as it is stored in memory.
Definition: ebpf_structs.h:102
_ebpf_map_definition_in_memory::type
ebpf_map_type_t type
Type of map.
Definition: ebpf_structs.h:103
_ebpf_map_definition_in_memory::key_size
uint32_t key_size
Size in bytes of a map key.
Definition: ebpf_structs.h:104
_ebpf_map_definition_in_memory::inner_map_id
ebpf_id_t inner_map_id
Definition: ebpf_structs.h:107
_ebpf_map_definition_in_memory::max_entries
uint32_t max_entries
Maximum number of entries allowed in the map.
Definition: ebpf_structs.h:106
_ebpf_map_definition_in_memory::pinning
ebpf_pin_type_t pinning
Definition: ebpf_structs.h:108
_ebpf_map_definition_in_memory::value_size
uint32_t value_size
Size in bytes of a map value.
Definition: ebpf_structs.h:105
bpf_link_info
eBPF link information. This structure can be retrieved by calling bpf_obj_get_info_by_fd on a link fd...
Definition: ebpf_structs.h:342
bpf_link_info::program_type_uuid
ebpf_program_type_t program_type_uuid
Program type UUID.
Definition: ebpf_structs.h:348
bpf_link_info::attach_data
uint8_t attach_data
Definition: ebpf_structs.h:359
bpf_link_info::prog_id
ebpf_id_t prog_id
Program ID.
Definition: ebpf_structs.h:344
bpf_link_info::xdp
struct bpf_link_info::@26::@28 xdp
bpf_link_info::attach_type
enum bpf_attach_type attach_type
Attach type.
Definition: ebpf_structs.h:346
bpf_link_info::ifindex
uint32_t ifindex
Definition: ebpf_structs.h:353
bpf_link_info::type
enum bpf_link_type type
Link type.
Definition: ebpf_structs.h:345
bpf_link_info::attach_type_uuid
ebpf_attach_type_t attach_type_uuid
Attach type UUID.
Definition: ebpf_structs.h:347
bpf_link_info::cgroup_id
uint64_t cgroup_id
Definition: ebpf_structs.h:357
bpf_link_info::cgroup
struct bpf_link_info::@26::@29 cgroup
bpf_link_info::id
ebpf_id_t id
Link ID.
Definition: ebpf_structs.h:343
bpf_map_info
eBPF map information. This structure can be retrieved by calling bpf_obj_get_info_by_fd on a map fd.
Definition: ebpf_structs.h:373
bpf_map_info::max_entries
uint32_t max_entries
Maximum number of entries allowed in the map.
Definition: ebpf_structs.h:379
bpf_map_info::name
char name[BPF_OBJ_NAME_LEN]
Null-terminated map name.
Definition: ebpf_structs.h:380
bpf_map_info::type
ebpf_map_type_t type
Type of map.
Definition: ebpf_structs.h:376
bpf_map_info::key_size
uint32_t key_size
Size in bytes of a map key.
Definition: ebpf_structs.h:377
bpf_map_info::id
ebpf_id_t id
Map ID.
Definition: ebpf_structs.h:375
bpf_map_info::map_flags
uint32_t map_flags
Map flags.
Definition: ebpf_structs.h:381
bpf_map_info::pinned_path_count
uint32_t pinned_path_count
Number of pinned paths.
Definition: ebpf_structs.h:385
bpf_map_info::value_size
uint32_t value_size
Size in bytes of a map value.
Definition: ebpf_structs.h:378
bpf_map_info::inner_map_id
ebpf_id_t inner_map_id
ID of inner map template.
Definition: ebpf_structs.h:384
bpf_prog_info
eBPF program information. This structure can be retrieved by calling bpf_obj_get_info_by_fd on a prog...
Definition: ebpf_structs.h:397
bpf_prog_info::attach_type_uuid
ebpf_attach_type_t attach_type_uuid
Attach type UUID.
Definition: ebpf_structs.h:407
bpf_prog_info::pinned_path_count
uint32_t pinned_path_count
Number of pinned paths.
Definition: ebpf_structs.h:408
bpf_prog_info::link_count
uint32_t link_count
Number of attached links.
Definition: ebpf_structs.h:409
bpf_prog_info::type
enum bpf_prog_type type
Program type, if a cross-platform type.
Definition: ebpf_structs.h:400
bpf_prog_info::name
char name[BPF_OBJ_NAME_LEN]
Null-terminated program name.
Definition: ebpf_structs.h:403
bpf_prog_info::map_ids
uintptr_t map_ids
Pointer to caller-allocated array to fill map IDs into.
Definition: ebpf_structs.h:402
bpf_prog_info::nr_map_ids
uint32_t nr_map_ids
Number of maps associated with this program.
Definition: ebpf_structs.h:401
bpf_prog_info::id
ebpf_id_t id
Program ID.
Definition: ebpf_structs.h:399
bpf_prog_info::type_uuid
ebpf_program_type_t type_uuid
Program type UUID.
Definition: ebpf_structs.h:406
Generated by doxygen 1.9.1