eBPF for Windows
bpf.h
Go to the documentation of this file.
1 // Copyright (c) Microsoft Corporation
2 // SPDX-License-Identifier: MIT
3 #pragma once
4 
8 
9 #include "ebpf_structs.h"
10 
11 #include <stdint.h>
12 
13 #ifdef _MSC_VER
14 // This file is being included by a user-mode Windows application.
15 #include "ebpf_api.h"
16 #include "ebpf_program_types.h"
17 #define LIBBPF_API
18 #include "libbpf/src/libbpf_common.h"
19 #undef LIBBPF_DEPRECATED
20 #define LIBBPF_DEPRECATED(x)
21 #else
22 // This file is being included by an eBPF program.
23 typedef int32_t s32;
24 typedef uint8_t u8;
25 typedef uint32_t u32;
26 typedef uint64_t u64;
27 #endif
28 
29 #define __SIZEOF_SIZE_T__ 8 /* only x64 is supported */
30 #define __SIZEOF_LONG_LONG__ 8 /* only x64 is supported */
31 
32 typedef int32_t __s32;
33 
34 typedef uint8_t __u8;
35 typedef uint32_t __u32;
36 typedef uint64_t __u64;
37 typedef uint32_t pid_t;
38 
39 enum bpf_func_id
40 {
41  BPF_FUNC_ID_UNKNOWN
42 };
43 
44 enum bpf_stats_type
45 {
46  BPF_STATS_TYPE_UNKNOWN
47 };
48 
49 enum bpf_cmd_id
50 {
51  BPF_MAP_CREATE,
52  BPF_MAP_LOOKUP_ELEM,
53  BPF_MAP_UPDATE_ELEM,
54  BPF_MAP_DELETE_ELEM,
55  BPF_MAP_GET_NEXT_KEY,
56  BPF_PROG_LOAD,
57  BPF_OBJ_PIN,
58  BPF_OBJ_GET,
59  BPF_PROG_ATTACH,
60  BPF_PROG_DETACH,
61  BPF_PROG_GET_NEXT_ID,
62  BPF_MAP_GET_NEXT_ID,
63  BPF_LINK_GET_NEXT_ID,
64  BPF_PROG_GET_FD_BY_ID,
65  BPF_MAP_GET_FD_BY_ID,
66  BPF_MAP_LOOKUP_AND_DELETE_ELEM,
67  BPF_LINK_GET_FD_BY_ID,
68  BPF_OBJ_GET_INFO_BY_FD,
69  BPF_LINK_DETACH,
70  BPF_PROG_BIND_MAP,
71  BPF_PROG_TEST_RUN,
72  BPF_PROG_RUN = BPF_PROG_TEST_RUN,
73 };
74 
76 typedef struct
77 {
78  uint32_t bpf_fd;
79  uint64_t info;
80 
85  uint32_t info_len;
86 } bpf_obj_info_attr_t;
87 
89 typedef struct
90 {
91  uint32_t link_fd;
92 } bpf_link_detach_attr_t;
93 
95 typedef struct
96 {
97  uint32_t prog_fd;
98  uint32_t map_fd;
99  uint32_t flags;
100 } bpf_prog_bind_map_attr_t;
101 
102 #ifdef _MSC_VER
103 #pragma warning(push)
104 #pragma warning(disable : 4201) // nonstandard extension used: nameless struct/union
105 #endif
107 union bpf_attr
108 {
109  // BPF_MAP_CREATE
110  struct
111  {
112  enum bpf_map_type map_type;
113  uint32_t key_size;
114  uint32_t value_size;
115  uint32_t max_entries;
116  uint32_t map_flags;
117  };
118 
119  // BPF_MAP_LOOKUP_ELEM
120  // BPF_MAP_UPDATE_ELEM
121  // BPF_MAP_DELETE_ELEM
122  // BPF_MAP_GET_NEXT_KEY
123  struct
124  {
125  uint32_t map_fd;
126  uint64_t key;
127  union
128  {
129  uint64_t value;
130  uint64_t next_key;
131  };
132  uint64_t flags;
133  };
134 
135  // BPF_PROG_LOAD
136  struct
137  {
138  enum bpf_prog_type prog_type;
139  uint64_t insns;
140  uint32_t insn_cnt;
141  uint64_t license;
142  uint32_t log_level;
143  uint64_t log_buf;
144  uint32_t log_size;
145  uint32_t kern_version;
146  };
147 
148  // BPF_PROG_ATTACH
149  // BPF_PROG_DETACH
150  struct
151  {
152  uint32_t target_fd;
153  uint32_t attach_bpf_fd;
154  enum bpf_attach_type attach_type;
155  uint32_t attach_flags;
156  };
157 
158  // BPF_OBJ_PIN
159  // BPF_OBJ_GET
160  struct
161  {
162  uint64_t pathname;
163  uint32_t bpf_fd;
164  };
165 
166  // BPF_PROG_GET_NEXT_ID
167  // BPF_MAP_GET_NEXT_ID
168  // BPF_LINK_GET_NEXT_ID
169  struct
170  {
171  uint32_t start_id;
172  uint32_t next_id;
173  };
174 
175  // BPF_MAP_GET_FD_BY_ID
176  uint32_t map_id;
177 
178  // BPF_PROG_GET_FD_BY_ID
179  uint32_t prog_id;
180 
181  // BPF_LINK_GET_FD_BY_ID
182  uint32_t link_id;
183 
184  // BPF_OBJ_GET_INFO_BY_FD
185  bpf_obj_info_attr_t info;
186 
187  // BPF_LINK_DETACH
188  bpf_link_detach_attr_t link_detach;
189 
190  // BPF_PROG_BIND_MAP
191  bpf_prog_bind_map_attr_t prog_bind_map;
192 
193  // BPF_PROG_TEST_RUN
194  struct
195  {
196  uint32_t prog_fd;
197  uint32_t retval;
198  uint32_t data_size_in;
199  uint32_t data_size_out;
200  uint64_t data_in;
201  uint64_t data_out;
202  uint32_t repeat;
203  uint32_t duration;
204  uint32_t ctx_size_in;
205  uint32_t ctx_size_out;
206  uint64_t ctx_in;
207  uint64_t ctx_out;
208  uint32_t flags;
209  uint32_t cpu;
210  uint32_t batch_size;
211  } test;
212 };
213 #ifdef _MSC_VER
214 #pragma warning(pop)
215 #endif
216 
217 int
218 bpf(int cmd, union bpf_attr* attr, unsigned int size);
ebpf_api.h
ebpf_program_types.h
ebpf_structs.h
This file contains eBPF definitions common to eBPF programs, core execution engine as well as eBPF AP...
bpf_prog_type
bpf_prog_type
Definition: ebpf_structs.h:167
bpf_attach_type
bpf_attach_type
Definition: ebpf_structs.h:257
bpf_map_type
bpf_map_type
Definition: ebpf_structs.h:18
__s32
int32_t __s32
Definition: bpf.h:32
__u32
uint32_t __u32
Definition: bpf.h:35
u64
uint64_t u64
Definition: bpf.h:26
bpf_func_id
bpf_func_id
Definition: bpf.h:40
BPF_FUNC_ID_UNKNOWN
@ BPF_FUNC_ID_UNKNOWN
Definition: bpf.h:41
__u8
uint8_t __u8
Definition: bpf.h:34
pid_t
uint32_t pid_t
Definition: bpf.h:37
u8
uint8_t u8
Definition: bpf.h:24
bpf_cmd_id
bpf_cmd_id
Definition: bpf.h:50
BPF_MAP_LOOKUP_AND_DELETE_ELEM
@ BPF_MAP_LOOKUP_AND_DELETE_ELEM
Definition: bpf.h:66
BPF_PROG_RUN
@ BPF_PROG_RUN
Definition: bpf.h:72
BPF_MAP_CREATE
@ BPF_MAP_CREATE
Definition: bpf.h:51
BPF_OBJ_GET
@ BPF_OBJ_GET
Definition: bpf.h:58
BPF_PROG_LOAD
@ BPF_PROG_LOAD
Definition: bpf.h:56
BPF_PROG_DETACH
@ BPF_PROG_DETACH
Definition: bpf.h:60
BPF_PROG_GET_NEXT_ID
@ BPF_PROG_GET_NEXT_ID
Definition: bpf.h:61
BPF_PROG_ATTACH
@ BPF_PROG_ATTACH
Definition: bpf.h:59
BPF_OBJ_PIN
@ BPF_OBJ_PIN
Definition: bpf.h:57
BPF_MAP_GET_FD_BY_ID
@ BPF_MAP_GET_FD_BY_ID
Definition: bpf.h:65
BPF_LINK_GET_NEXT_ID
@ BPF_LINK_GET_NEXT_ID
Definition: bpf.h:63
BPF_LINK_DETACH
@ BPF_LINK_DETACH
Definition: bpf.h:69
BPF_PROG_TEST_RUN
@ BPF_PROG_TEST_RUN
Definition: bpf.h:71
BPF_PROG_BIND_MAP
@ BPF_PROG_BIND_MAP
Definition: bpf.h:70
BPF_MAP_GET_NEXT_KEY
@ BPF_MAP_GET_NEXT_KEY
Definition: bpf.h:55
BPF_LINK_GET_FD_BY_ID
@ BPF_LINK_GET_FD_BY_ID
Definition: bpf.h:67
BPF_PROG_GET_FD_BY_ID
@ BPF_PROG_GET_FD_BY_ID
Definition: bpf.h:64
BPF_OBJ_GET_INFO_BY_FD
@ BPF_OBJ_GET_INFO_BY_FD
Definition: bpf.h:68
BPF_MAP_GET_NEXT_ID
@ BPF_MAP_GET_NEXT_ID
Definition: bpf.h:62
BPF_MAP_UPDATE_ELEM
@ BPF_MAP_UPDATE_ELEM
Definition: bpf.h:53
BPF_MAP_LOOKUP_ELEM
@ BPF_MAP_LOOKUP_ELEM
Definition: bpf.h:52
BPF_MAP_DELETE_ELEM
@ BPF_MAP_DELETE_ELEM
Definition: bpf.h:54
__u64
uint64_t __u64
Definition: bpf.h:36
bpf
int bpf(int cmd, union bpf_attr *attr, unsigned int size)
s32
int32_t s32
Definition: bpf.h:23
bpf_stats_type
bpf_stats_type
Definition: bpf.h:45
BPF_STATS_TYPE_UNKNOWN
@ BPF_STATS_TYPE_UNKNOWN
Definition: bpf.h:46
u32
uint32_t u32
Definition: bpf.h:25
bpf_link_detach_attr_t
Attributes used by BPF_LINK_DETACH.
Definition: bpf.h:90
bpf_link_detach_attr_t::link_fd
uint32_t link_fd
File descriptor of link to detach.
Definition: bpf.h:91
bpf_obj_info_attr_t
Attributes used by BPF_OBJ_GET_INFO_BY_FD.
Definition: bpf.h:77
bpf_obj_info_attr_t::info_len
uint32_t info_len
On input, contains the maximum number of bytes to write into the info. On output, contains the actual...
Definition: bpf.h:85
bpf_obj_info_attr_t::bpf_fd
uint32_t bpf_fd
File descriptor referring to an eBPF object.
Definition: bpf.h:78
bpf_obj_info_attr_t::info
uint64_t info
Pointer to memory in which to write the info obtained.
Definition: bpf.h:79
bpf_prog_bind_map_attr_t
Attributes used by BPF_PROG_BIND_MAP.
Definition: bpf.h:96
bpf_prog_bind_map_attr_t::prog_fd
uint32_t prog_fd
File descriptor of program to bind map to.
Definition: bpf.h:97
bpf_prog_bind_map_attr_t::map_fd
uint32_t map_fd
File descriptor of map to bind.
Definition: bpf.h:98
bpf_prog_bind_map_attr_t::flags
uint32_t flags
Flags affecting the bind operation.
Definition: bpf.h:99
bpf_attr
Parameters used by the bpf() API.
Definition: bpf.h:108
bpf_attr::insn_cnt
uint32_t insn_cnt
Number of instructions in the array.
Definition: bpf.h:140
bpf_attr::map_id
uint32_t map_id
ID of map for BPF_MAP_GET_FD_BY_ID to find.
Definition: bpf.h:176
bpf_attr::log_level
uint32_t log_level
Logging level (currently ignored on Windows).
Definition: bpf.h:142
bpf_attr::next_id
uint32_t next_id
On return, contains the next ID.
Definition: bpf.h:172
bpf_attr::attach_type
enum bpf_attach_type attach_type
Type of program to attach/detach to/from.
Definition: bpf.h:154
bpf_attr::pathname
uint64_t pathname
Path name for pinning.
Definition: bpf.h:162
bpf_attr::data_size_out
uint32_t data_size_out
Size in bytes of output data.
Definition: bpf.h:199
bpf_attr::data_out
uint64_t data_out
Pointer to output data.
Definition: bpf.h:201
bpf_attr::log_size
uint32_t log_size
Size in bytes of the log buffer.
Definition: bpf.h:144
bpf_attr::test
struct bpf_attr::@40 test
Attributes used by BPF_PROG_TEST_RUN.
bpf_attr::bpf_fd
uint32_t bpf_fd
File descriptor referring to the program or map.
Definition: bpf.h:163
bpf_attr::prog_id
uint32_t prog_id
ID of program for BPF_PROG_GET_FD_BY_ID to find.
Definition: bpf.h:179
bpf_attr::repeat
uint32_t repeat
Number of times to repeat the program.
Definition: bpf.h:202
bpf_attr::link_detach
bpf_link_detach_attr_t link_detach
Attributes used by BPF_LINK_DETACH.
Definition: bpf.h:188
bpf_attr::link_id
uint32_t link_id
ID of link for BPF_LINK_GET_FD_BY_ID to find.
Definition: bpf.h:182
bpf_attr::start_id
uint32_t start_id
ID to look for an ID after. The start_id need not exist.
Definition: bpf.h:171
bpf_attr::data_size_in
uint32_t data_size_in
Size in bytes of input data.
Definition: bpf.h:198
bpf_attr::ctx_out
uint64_t ctx_out
Pointer to output context.
Definition: bpf.h:207
bpf_attr::insns
uint64_t insns
Array of instructions.
Definition: bpf.h:139
bpf_attr::prog_bind_map
bpf_prog_bind_map_attr_t prog_bind_map
Attributes used by BPF_PROG_BIND_MAP.
Definition: bpf.h:191
bpf_attr::key
uint64_t key
Pointer to key to look up.
Definition: bpf.h:126
bpf_attr::retval
uint32_t retval
On return, contains the return value of the program.
Definition: bpf.h:197
bpf_attr::map_fd
uint32_t map_fd
File descriptor of map.
Definition: bpf.h:125
bpf_attr::duration
uint32_t duration
Duration in milliseconds to run the program.
Definition: bpf.h:203
bpf_attr::license
uint64_t license
Optional pointer to a string specifying the license (currently ignored on Windows).
Definition: bpf.h:141
bpf_attr::log_buf
uint64_t log_buf
Pointer to a buffer in which log info can be written.
Definition: bpf.h:143
bpf_attr::key_size
uint32_t key_size
Size in bytes of keys.
Definition: bpf.h:113
bpf_attr::next_key
uint64_t next_key
Pointer to next key.
Definition: bpf.h:130
bpf_attr::attach_flags
uint32_t attach_flags
Flags affecting the attach operation.
Definition: bpf.h:155
bpf_attr::value_size
uint32_t value_size
Size in bytes of values.
Definition: bpf.h:114
bpf_attr::ctx_in
uint64_t ctx_in
Pointer to input context.
Definition: bpf.h:206
bpf_attr::map_flags
uint32_t map_flags
Flags (currently 0).
Definition: bpf.h:116
bpf_attr::info
bpf_obj_info_attr_t info
Attributes used by BPF_OBJ_GET_INFO_BY_FD.
Definition: bpf.h:185
bpf_attr::flags
uint64_t flags
Flags (currently 0).
Definition: bpf.h:132
bpf_attr::kern_version
uint32_t kern_version
Kernel version (currently ignored on Windows).
Definition: bpf.h:145
bpf_attr::prog_type
enum bpf_prog_type prog_type
Program type to use for loading the program.
Definition: bpf.h:138
bpf_attr::value
uint64_t value
Pointer to value.
Definition: bpf.h:129
bpf_attr::ctx_size_out
uint32_t ctx_size_out
Size in bytes of output context.
Definition: bpf.h:205
bpf_attr::target_fd
uint32_t target_fd
eBPF target to attach/detach to/from.
Definition: bpf.h:152
bpf_attr::prog_fd
uint32_t prog_fd
File descriptor of program to run.
Definition: bpf.h:196
bpf_attr::data_in
uint64_t data_in
Pointer to input data.
Definition: bpf.h:200
bpf_attr::cpu
uint32_t cpu
CPU to run the program on.
Definition: bpf.h:209
bpf_attr::map_type
enum bpf_map_type map_type
Type of map to create.
Definition: bpf.h:112
bpf_attr::max_entries
uint32_t max_entries
Maximum number of entries in the map.
Definition: bpf.h:115
bpf_attr::flags
uint32_t flags
Flags (currently 0).
Definition: bpf.h:208
bpf_attr::ctx_size_in
uint32_t ctx_size_in
Size in bytes of input context.
Definition: bpf.h:204
bpf_attr::attach_bpf_fd
uint32_t attach_bpf_fd
File descriptor of program to attach to.
Definition: bpf.h:153
bpf_attr::batch_size
uint32_t batch_size
Number of times to run the program in a batch.
Definition: bpf.h:210
Generated by doxygen 1.9.1