1 /* This is auto-generated file. See bpf_doc.py for details. */ 2 3 /* Forward declarations of BPF structs */ 4 struct bpf_fib_lookup; 5 struct bpf_sk_lookup; 6 struct bpf_perf_event_data; 7 struct bpf_perf_event_value; 8 struct bpf_pidns_info; 9 struct bpf_redir_neigh; 10 struct bpf_sock; 11 struct bpf_sock_addr; 12 struct bpf_sock_ops; 13 struct bpf_sock_tuple; 14 struct bpf_spin_lock; 15 struct bpf_sysctl; 16 struct bpf_tcp_sock; 17 struct bpf_tunnel_key; 18 struct bpf_xfrm_state; 19 struct linux_binprm; 20 struct pt_regs; 21 struct sk_reuseport_md; 22 struct sockaddr; 23 struct tcphdr; 24 struct seq_file; 25 struct tcp6_sock; 26 struct tcp_sock; 27 struct tcp_timewait_sock; 28 struct tcp_request_sock; 29 struct udp6_sock; 30 struct unix_sock; 31 struct task_struct; 32 struct __sk_buff; 33 struct sk_msg_md; 34 struct xdp_md; 35 struct path; 36 struct btf_ptr; 37 struct inode; 38 struct socket; 39 struct file; 40 struct bpf_timer; 41 42 /* 43 * bpf_map_lookup_elem 44 * 45 * Perform a lookup in *map* for an entry associated to *key*. 46 * 47 * Returns 48 * Map value associated to *key*, or **NULL** if no entry was 49 * found. 50 */ 51 static void *(*bpf_map_lookup_elem)(void *map, const void *key) = (void *) 1; 52 53 /* 54 * bpf_map_update_elem 55 * 56 * Add or update the value of the entry associated to *key* in 57 * *map* with *value*. *flags* is one of: 58 * 59 * **BPF_NOEXIST** 60 * The entry for *key* must not exist in the map. 61 * **BPF_EXIST** 62 * The entry for *key* must already exist in the map. 63 * **BPF_ANY** 64 * No condition on the existence of the entry for *key*. 65 * 66 * Flag value **BPF_NOEXIST** cannot be used for maps of types 67 * **BPF_MAP_TYPE_ARRAY** or **BPF_MAP_TYPE_PERCPU_ARRAY** (all 68 * elements always exist), the helper would return an error. 69 * 70 * Returns 71 * 0 on success, or a negative error in case of failure. 72 */ 73 static long (*bpf_map_update_elem)(void *map, const void *key, const void *value, __u64 flags) = (void *) 2; 74 75 /* 76 * bpf_map_delete_elem 77 * 78 * Delete entry with *key* from *map*. 79 * 80 * Returns 81 * 0 on success, or a negative error in case of failure. 82 */ 83 static long (*bpf_map_delete_elem)(void *map, const void *key) = (void *) 3; 84 85 /* 86 * bpf_probe_read 87 * 88 * For tracing programs, safely attempt to read *size* bytes from 89 * kernel space address *unsafe_ptr* and store the data in *dst*. 90 * 91 * Generally, use **bpf_probe_read_user**\ () or 92 * **bpf_probe_read_kernel**\ () instead. 93 * 94 * Returns 95 * 0 on success, or a negative error in case of failure. 96 */ 97 static long (*bpf_probe_read)(void *dst, __u32 size, const void *unsafe_ptr) = (void *) 4; 98 99 /* 100 * bpf_ktime_get_ns 101 * 102 * Return the time elapsed since system boot, in nanoseconds. 103 * Does not include time the system was suspended. 104 * See: **clock_gettime**\ (**CLOCK_MONOTONIC**) 105 * 106 * Returns 107 * Current *ktime*. 108 */ 109 static __u64 (*bpf_ktime_get_ns)(void) = (void *) 5; 110 111 /* 112 * bpf_trace_printk 113 * 114 * This helper is a "printk()-like" facility for debugging. It 115 * prints a message defined by format *fmt* (of size *fmt_size*) 116 * to file *\/sys/kernel/debug/tracing/trace* from DebugFS, if 117 * available. It can take up to three additional **u64** 118 * arguments (as an eBPF helpers, the total number of arguments is 119 * limited to five). 120 * 121 * Each time the helper is called, it appends a line to the trace. 122 * Lines are discarded while *\/sys/kernel/debug/tracing/trace* is 123 * open, use *\/sys/kernel/debug/tracing/trace_pipe* to avoid this. 124 * The format of the trace is customizable, and the exact output 125 * one will get depends on the options set in 126 * *\/sys/kernel/debug/tracing/trace_options* (see also the 127 * *README* file under the same directory). However, it usually 128 * defaults to something like: 129 * 130 * :: 131 * 132 * telnet-470 [001] .N.. 419421.045894: 0x00000001: <formatted msg> 133 * 134 * In the above: 135 * 136 * * ``telnet`` is the name of the current task. 137 * * ``470`` is the PID of the current task. 138 * * ``001`` is the CPU number on which the task is 139 * running. 140 * * In ``.N..``, each character refers to a set of 141 * options (whether irqs are enabled, scheduling 142 * options, whether hard/softirqs are running, level of 143 * preempt_disabled respectively). **N** means that 144 * **TIF_NEED_RESCHED** and **PREEMPT_NEED_RESCHED** 145 * are set. 146 * * ``419421.045894`` is a timestamp. 147 * * ``0x00000001`` is a fake value used by BPF for the 148 * instruction pointer register. 149 * * ``<formatted msg>`` is the message formatted with 150 * *fmt*. 151 * 152 * The conversion specifiers supported by *fmt* are similar, but 153 * more limited than for printk(). They are **%d**, **%i**, 154 * **%u**, **%x**, **%ld**, **%li**, **%lu**, **%lx**, **%lld**, 155 * **%lli**, **%llu**, **%llx**, **%p**, **%s**. No modifier (size 156 * of field, padding with zeroes, etc.) is available, and the 157 * helper will return **-EINVAL** (but print nothing) if it 158 * encounters an unknown specifier. 159 * 160 * Also, note that **bpf_trace_printk**\ () is slow, and should 161 * only be used for debugging purposes. For this reason, a notice 162 * block (spanning several lines) is printed to kernel logs and 163 * states that the helper should not be used "for production use" 164 * the first time this helper is used (or more precisely, when 165 * **trace_printk**\ () buffers are allocated). For passing values 166 * to user space, perf events should be preferred. 167 * 168 * Returns 169 * The number of bytes written to the buffer, or a negative error 170 * in case of failure. 171 */ 172 static long (*bpf_trace_printk)(const char *fmt, __u32 fmt_size, ...) = (void *) 6; 173 174 /* 175 * bpf_get_prandom_u32 176 * 177 * Get a pseudo-random number. 178 * 179 * From a security point of view, this helper uses its own 180 * pseudo-random internal state, and cannot be used to infer the 181 * seed of other random functions in the kernel. However, it is 182 * essential to note that the generator used by the helper is not 183 * cryptographically secure. 184 * 185 * Returns 186 * A random 32-bit unsigned value. 187 */ 188 static __u32 (*bpf_get_prandom_u32)(void) = (void *) 7; 189 190 /* 191 * bpf_get_smp_processor_id 192 * 193 * Get the SMP (symmetric multiprocessing) processor id. Note that 194 * all programs run with migration disabled, which means that the 195 * SMP processor id is stable during all the execution of the 196 * program. 197 * 198 * Returns 199 * The SMP id of the processor running the program. 200 */ 201 static __u32 (*bpf_get_smp_processor_id)(void) = (void *) 8; 202 203 /* 204 * bpf_skb_store_bytes 205 * 206 * Store *len* bytes from address *from* into the packet 207 * associated to *skb*, at *offset*. *flags* are a combination of 208 * **BPF_F_RECOMPUTE_CSUM** (automatically recompute the 209 * checksum for the packet after storing the bytes) and 210 * **BPF_F_INVALIDATE_HASH** (set *skb*\ **->hash**, *skb*\ 211 * **->swhash** and *skb*\ **->l4hash** to 0). 212 * 213 * A call to this helper is susceptible to change the underlying 214 * packet buffer. Therefore, at load time, all checks on pointers 215 * previously done by the verifier are invalidated and must be 216 * performed again, if the helper is used in combination with 217 * direct packet access. 218 * 219 * Returns 220 * 0 on success, or a negative error in case of failure. 221 */ 222 static long (*bpf_skb_store_bytes)(struct __sk_buff *skb, __u32 offset, const void *from, __u32 len, __u64 flags) = (void *) 9; 223 224 /* 225 * bpf_l3_csum_replace 226 * 227 * Recompute the layer 3 (e.g. IP) checksum for the packet 228 * associated to *skb*. Computation is incremental, so the helper 229 * must know the former value of the header field that was 230 * modified (*from*), the new value of this field (*to*), and the 231 * number of bytes (2 or 4) for this field, stored in *size*. 232 * Alternatively, it is possible to store the difference between 233 * the previous and the new values of the header field in *to*, by 234 * setting *from* and *size* to 0. For both methods, *offset* 235 * indicates the location of the IP checksum within the packet. 236 * 237 * This helper works in combination with **bpf_csum_diff**\ (), 238 * which does not update the checksum in-place, but offers more 239 * flexibility and can handle sizes larger than 2 or 4 for the 240 * checksum to update. 241 * 242 * A call to this helper is susceptible to change the underlying 243 * packet buffer. Therefore, at load time, all checks on pointers 244 * previously done by the verifier are invalidated and must be 245 * performed again, if the helper is used in combination with 246 * direct packet access. 247 * 248 * Returns 249 * 0 on success, or a negative error in case of failure. 250 */ 251 static long (*bpf_l3_csum_replace)(struct __sk_buff *skb, __u32 offset, __u64 from, __u64 to, __u64 size) = (void *) 10; 252 253 /* 254 * bpf_l4_csum_replace 255 * 256 * Recompute the layer 4 (e.g. TCP, UDP or ICMP) checksum for the 257 * packet associated to *skb*. Computation is incremental, so the 258 * helper must know the former value of the header field that was 259 * modified (*from*), the new value of this field (*to*), and the 260 * number of bytes (2 or 4) for this field, stored on the lowest 261 * four bits of *flags*. Alternatively, it is possible to store 262 * the difference between the previous and the new values of the 263 * header field in *to*, by setting *from* and the four lowest 264 * bits of *flags* to 0. For both methods, *offset* indicates the 265 * location of the IP checksum within the packet. In addition to 266 * the size of the field, *flags* can be added (bitwise OR) actual 267 * flags. With **BPF_F_MARK_MANGLED_0**, a null checksum is left 268 * untouched (unless **BPF_F_MARK_ENFORCE** is added as well), and 269 * for updates resulting in a null checksum the value is set to 270 * **CSUM_MANGLED_0** instead. Flag **BPF_F_PSEUDO_HDR** indicates 271 * the checksum is to be computed against a pseudo-header. 272 * 273 * This helper works in combination with **bpf_csum_diff**\ (), 274 * which does not update the checksum in-place, but offers more 275 * flexibility and can handle sizes larger than 2 or 4 for the 276 * checksum to update. 277 * 278 * A call to this helper is susceptible to change the underlying 279 * packet buffer. Therefore, at load time, all checks on pointers 280 * previously done by the verifier are invalidated and must be 281 * performed again, if the helper is used in combination with 282 * direct packet access. 283 * 284 * Returns 285 * 0 on success, or a negative error in case of failure. 286 */ 287 static long (*bpf_l4_csum_replace)(struct __sk_buff *skb, __u32 offset, __u64 from, __u64 to, __u64 flags) = (void *) 11; 288 289 /* 290 * bpf_tail_call 291 * 292 * This special helper is used to trigger a "tail call", or in 293 * other words, to jump into another eBPF program. The same stack 294 * frame is used (but values on stack and in registers for the 295 * caller are not accessible to the callee). This mechanism allows 296 * for program chaining, either for raising the maximum number of 297 * available eBPF instructions, or to execute given programs in 298 * conditional blocks. For security reasons, there is an upper 299 * limit to the number of successive tail calls that can be 300 * performed. 301 * 302 * Upon call of this helper, the program attempts to jump into a 303 * program referenced at index *index* in *prog_array_map*, a 304 * special map of type **BPF_MAP_TYPE_PROG_ARRAY**, and passes 305 * *ctx*, a pointer to the context. 306 * 307 * If the call succeeds, the kernel immediately runs the first 308 * instruction of the new program. This is not a function call, 309 * and it never returns to the previous program. If the call 310 * fails, then the helper has no effect, and the caller continues 311 * to run its subsequent instructions. A call can fail if the 312 * destination program for the jump does not exist (i.e. *index* 313 * is superior to the number of entries in *prog_array_map*), or 314 * if the maximum number of tail calls has been reached for this 315 * chain of programs. This limit is defined in the kernel by the 316 * macro **MAX_TAIL_CALL_CNT** (not accessible to user space), 317 * which is currently set to 33. 318 * 319 * Returns 320 * 0 on success, or a negative error in case of failure. 321 */ 322 static long (*bpf_tail_call)(void *ctx, void *prog_array_map, __u32 index) = (void *) 12; 323 324 /* 325 * bpf_clone_redirect 326 * 327 * Clone and redirect the packet associated to *skb* to another 328 * net device of index *ifindex*. Both ingress and egress 329 * interfaces can be used for redirection. The **BPF_F_INGRESS** 330 * value in *flags* is used to make the distinction (ingress path 331 * is selected if the flag is present, egress path otherwise). 332 * This is the only flag supported for now. 333 * 334 * In comparison with **bpf_redirect**\ () helper, 335 * **bpf_clone_redirect**\ () has the associated cost of 336 * duplicating the packet buffer, but this can be executed out of 337 * the eBPF program. Conversely, **bpf_redirect**\ () is more 338 * efficient, but it is handled through an action code where the 339 * redirection happens only after the eBPF program has returned. 340 * 341 * A call to this helper is susceptible to change the underlying 342 * packet buffer. Therefore, at load time, all checks on pointers 343 * previously done by the verifier are invalidated and must be 344 * performed again, if the helper is used in combination with 345 * direct packet access. 346 * 347 * Returns 348 * 0 on success, or a negative error in case of failure. 349 */ 350 static long (*bpf_clone_redirect)(struct __sk_buff *skb, __u32 ifindex, __u64 flags) = (void *) 13; 351 352 /* 353 * bpf_get_current_pid_tgid 354 * 355 * Get the current pid and tgid. 356 * 357 * Returns 358 * A 64-bit integer containing the current tgid and pid, and 359 * created as such: 360 * *current_task*\ **->tgid << 32 \|** 361 * *current_task*\ **->pid**. 362 */ 363 static __u64 (*bpf_get_current_pid_tgid)(void) = (void *) 14; 364 365 /* 366 * bpf_get_current_uid_gid 367 * 368 * Get the current uid and gid. 369 * 370 * Returns 371 * A 64-bit integer containing the current GID and UID, and 372 * created as such: *current_gid* **<< 32 \|** *current_uid*. 373 */ 374 static __u64 (*bpf_get_current_uid_gid)(void) = (void *) 15; 375 376 /* 377 * bpf_get_current_comm 378 * 379 * Copy the **comm** attribute of the current task into *buf* of 380 * *size_of_buf*. The **comm** attribute contains the name of 381 * the executable (excluding the path) for the current task. The 382 * *size_of_buf* must be strictly positive. On success, the 383 * helper makes sure that the *buf* is NUL-terminated. On failure, 384 * it is filled with zeroes. 385 * 386 * Returns 387 * 0 on success, or a negative error in case of failure. 388 */ 389 static long (*bpf_get_current_comm)(void *buf, __u32 size_of_buf) = (void *) 16; 390 391 /* 392 * bpf_get_cgroup_classid 393 * 394 * Retrieve the classid for the current task, i.e. for the net_cls 395 * cgroup to which *skb* belongs. 396 * 397 * This helper can be used on TC egress path, but not on ingress. 398 * 399 * The net_cls cgroup provides an interface to tag network packets 400 * based on a user-provided identifier for all traffic coming from 401 * the tasks belonging to the related cgroup. See also the related 402 * kernel documentation, available from the Linux sources in file 403 * *Documentation/admin-guide/cgroup-v1/net_cls.rst*. 404 * 405 * The Linux kernel has two versions for cgroups: there are 406 * cgroups v1 and cgroups v2. Both are available to users, who can 407 * use a mixture of them, but note that the net_cls cgroup is for 408 * cgroup v1 only. This makes it incompatible with BPF programs 409 * run on cgroups, which is a cgroup-v2-only feature (a socket can 410 * only hold data for one version of cgroups at a time). 411 * 412 * This helper is only available is the kernel was compiled with 413 * the **CONFIG_CGROUP_NET_CLASSID** configuration option set to 414 * "**y**" or to "**m**". 415 * 416 * Returns 417 * The classid, or 0 for the default unconfigured classid. 418 */ 419 static __u32 (*bpf_get_cgroup_classid)(struct __sk_buff *skb) = (void *) 17; 420 421 /* 422 * bpf_skb_vlan_push 423 * 424 * Push a *vlan_tci* (VLAN tag control information) of protocol 425 * *vlan_proto* to the packet associated to *skb*, then update 426 * the checksum. Note that if *vlan_proto* is different from 427 * **ETH_P_8021Q** and **ETH_P_8021AD**, it is considered to 428 * be **ETH_P_8021Q**. 429 * 430 * A call to this helper is susceptible to change the underlying 431 * packet buffer. Therefore, at load time, all checks on pointers 432 * previously done by the verifier are invalidated and must be 433 * performed again, if the helper is used in combination with 434 * direct packet access. 435 * 436 * Returns 437 * 0 on success, or a negative error in case of failure. 438 */ 439 static long (*bpf_skb_vlan_push)(struct __sk_buff *skb, __be16 vlan_proto, __u16 vlan_tci) = (void *) 18; 440 441 /* 442 * bpf_skb_vlan_pop 443 * 444 * Pop a VLAN header from the packet associated to *skb*. 445 * 446 * A call to this helper is susceptible to change the underlying 447 * packet buffer. Therefore, at load time, all checks on pointers 448 * previously done by the verifier are invalidated and must be 449 * performed again, if the helper is used in combination with 450 * direct packet access. 451 * 452 * Returns 453 * 0 on success, or a negative error in case of failure. 454 */ 455 static long (*bpf_skb_vlan_pop)(struct __sk_buff *skb) = (void *) 19; 456 457 /* 458 * bpf_skb_get_tunnel_key 459 * 460 * Get tunnel metadata. This helper takes a pointer *key* to an 461 * empty **struct bpf_tunnel_key** of **size**, that will be 462 * filled with tunnel metadata for the packet associated to *skb*. 463 * The *flags* can be set to **BPF_F_TUNINFO_IPV6**, which 464 * indicates that the tunnel is based on IPv6 protocol instead of 465 * IPv4. 466 * 467 * The **struct bpf_tunnel_key** is an object that generalizes the 468 * principal parameters used by various tunneling protocols into a 469 * single struct. This way, it can be used to easily make a 470 * decision based on the contents of the encapsulation header, 471 * "summarized" in this struct. In particular, it holds the IP 472 * address of the remote end (IPv4 or IPv6, depending on the case) 473 * in *key*\ **->remote_ipv4** or *key*\ **->remote_ipv6**. Also, 474 * this struct exposes the *key*\ **->tunnel_id**, which is 475 * generally mapped to a VNI (Virtual Network Identifier), making 476 * it programmable together with the **bpf_skb_set_tunnel_key**\ 477 * () helper. 478 * 479 * Let's imagine that the following code is part of a program 480 * attached to the TC ingress interface, on one end of a GRE 481 * tunnel, and is supposed to filter out all messages coming from 482 * remote ends with IPv4 address other than 10.0.0.1: 483 * 484 * :: 485 * 486 * int ret; 487 * struct bpf_tunnel_key key = {}; 488 * 489 * ret = bpf_skb_get_tunnel_key(skb, &key, sizeof(key), 0); 490 * if (ret < 0) 491 * return TC_ACT_SHOT; // drop packet 492 * 493 * if (key.remote_ipv4 != 0x0a000001) 494 * return TC_ACT_SHOT; // drop packet 495 * 496 * return TC_ACT_OK; // accept packet 497 * 498 * This interface can also be used with all encapsulation devices 499 * that can operate in "collect metadata" mode: instead of having 500 * one network device per specific configuration, the "collect 501 * metadata" mode only requires a single device where the 502 * configuration can be extracted from this helper. 503 * 504 * This can be used together with various tunnels such as VXLan, 505 * Geneve, GRE or IP in IP (IPIP). 506 * 507 * Returns 508 * 0 on success, or a negative error in case of failure. 509 */ 510 static long (*bpf_skb_get_tunnel_key)(struct __sk_buff *skb, struct bpf_tunnel_key *key, __u32 size, __u64 flags) = (void *) 20; 511 512 /* 513 * bpf_skb_set_tunnel_key 514 * 515 * Populate tunnel metadata for packet associated to *skb.* The 516 * tunnel metadata is set to the contents of *key*, of *size*. The 517 * *flags* can be set to a combination of the following values: 518 * 519 * **BPF_F_TUNINFO_IPV6** 520 * Indicate that the tunnel is based on IPv6 protocol 521 * instead of IPv4. 522 * **BPF_F_ZERO_CSUM_TX** 523 * For IPv4 packets, add a flag to tunnel metadata 524 * indicating that checksum computation should be skipped 525 * and checksum set to zeroes. 526 * **BPF_F_DONT_FRAGMENT** 527 * Add a flag to tunnel metadata indicating that the 528 * packet should not be fragmented. 529 * **BPF_F_SEQ_NUMBER** 530 * Add a flag to tunnel metadata indicating that a 531 * sequence number should be added to tunnel header before 532 * sending the packet. This flag was added for GRE 533 * encapsulation, but might be used with other protocols 534 * as well in the future. 535 * 536 * Here is a typical usage on the transmit path: 537 * 538 * :: 539 * 540 * struct bpf_tunnel_key key; 541 * populate key ... 542 * bpf_skb_set_tunnel_key(skb, &key, sizeof(key), 0); 543 * bpf_clone_redirect(skb, vxlan_dev_ifindex, 0); 544 * 545 * See also the description of the **bpf_skb_get_tunnel_key**\ () 546 * helper for additional information. 547 * 548 * Returns 549 * 0 on success, or a negative error in case of failure. 550 */ 551 static long (*bpf_skb_set_tunnel_key)(struct __sk_buff *skb, struct bpf_tunnel_key *key, __u32 size, __u64 flags) = (void *) 21; 552 553 /* 554 * bpf_perf_event_read 555 * 556 * Read the value of a perf event counter. This helper relies on a 557 * *map* of type **BPF_MAP_TYPE_PERF_EVENT_ARRAY**. The nature of 558 * the perf event counter is selected when *map* is updated with 559 * perf event file descriptors. The *map* is an array whose size 560 * is the number of available CPUs, and each cell contains a value 561 * relative to one CPU. The value to retrieve is indicated by 562 * *flags*, that contains the index of the CPU to look up, masked 563 * with **BPF_F_INDEX_MASK**. Alternatively, *flags* can be set to 564 * **BPF_F_CURRENT_CPU** to indicate that the value for the 565 * current CPU should be retrieved. 566 * 567 * Note that before Linux 4.13, only hardware perf event can be 568 * retrieved. 569 * 570 * Also, be aware that the newer helper 571 * **bpf_perf_event_read_value**\ () is recommended over 572 * **bpf_perf_event_read**\ () in general. The latter has some ABI 573 * quirks where error and counter value are used as a return code 574 * (which is wrong to do since ranges may overlap). This issue is 575 * fixed with **bpf_perf_event_read_value**\ (), which at the same 576 * time provides more features over the **bpf_perf_event_read**\ 577 * () interface. Please refer to the description of 578 * **bpf_perf_event_read_value**\ () for details. 579 * 580 * Returns 581 * The value of the perf event counter read from the map, or a 582 * negative error code in case of failure. 583 */ 584 static __u64 (*bpf_perf_event_read)(void *map, __u64 flags) = (void *) 22; 585 586 /* 587 * bpf_redirect 588 * 589 * Redirect the packet to another net device of index *ifindex*. 590 * This helper is somewhat similar to **bpf_clone_redirect**\ 591 * (), except that the packet is not cloned, which provides 592 * increased performance. 593 * 594 * Except for XDP, both ingress and egress interfaces can be used 595 * for redirection. The **BPF_F_INGRESS** value in *flags* is used 596 * to make the distinction (ingress path is selected if the flag 597 * is present, egress path otherwise). Currently, XDP only 598 * supports redirection to the egress interface, and accepts no 599 * flag at all. 600 * 601 * The same effect can also be attained with the more generic 602 * **bpf_redirect_map**\ (), which uses a BPF map to store the 603 * redirect target instead of providing it directly to the helper. 604 * 605 * Returns 606 * For XDP, the helper returns **XDP_REDIRECT** on success or 607 * **XDP_ABORTED** on error. For other program types, the values 608 * are **TC_ACT_REDIRECT** on success or **TC_ACT_SHOT** on 609 * error. 610 */ 611 static long (*bpf_redirect)(__u32 ifindex, __u64 flags) = (void *) 23; 612 613 /* 614 * bpf_get_route_realm 615 * 616 * Retrieve the realm or the route, that is to say the 617 * **tclassid** field of the destination for the *skb*. The 618 * identifier retrieved is a user-provided tag, similar to the 619 * one used with the net_cls cgroup (see description for 620 * **bpf_get_cgroup_classid**\ () helper), but here this tag is 621 * held by a route (a destination entry), not by a task. 622 * 623 * Retrieving this identifier works with the clsact TC egress hook 624 * (see also **tc-bpf(8)**), or alternatively on conventional 625 * classful egress qdiscs, but not on TC ingress path. In case of 626 * clsact TC egress hook, this has the advantage that, internally, 627 * the destination entry has not been dropped yet in the transmit 628 * path. Therefore, the destination entry does not need to be 629 * artificially held via **netif_keep_dst**\ () for a classful 630 * qdisc until the *skb* is freed. 631 * 632 * This helper is available only if the kernel was compiled with 633 * **CONFIG_IP_ROUTE_CLASSID** configuration option. 634 * 635 * Returns 636 * The realm of the route for the packet associated to *skb*, or 0 637 * if none was found. 638 */ 639 static __u32 (*bpf_get_route_realm)(struct __sk_buff *skb) = (void *) 24; 640 641 /* 642 * bpf_perf_event_output 643 * 644 * Write raw *data* blob into a special BPF perf event held by 645 * *map* of type **BPF_MAP_TYPE_PERF_EVENT_ARRAY**. This perf 646 * event must have the following attributes: **PERF_SAMPLE_RAW** 647 * as **sample_type**, **PERF_TYPE_SOFTWARE** as **type**, and 648 * **PERF_COUNT_SW_BPF_OUTPUT** as **config**. 649 * 650 * The *flags* are used to indicate the index in *map* for which 651 * the value must be put, masked with **BPF_F_INDEX_MASK**. 652 * Alternatively, *flags* can be set to **BPF_F_CURRENT_CPU** 653 * to indicate that the index of the current CPU core should be 654 * used. 655 * 656 * The value to write, of *size*, is passed through eBPF stack and 657 * pointed by *data*. 658 * 659 * The context of the program *ctx* needs also be passed to the 660 * helper. 661 * 662 * On user space, a program willing to read the values needs to 663 * call **perf_event_open**\ () on the perf event (either for 664 * one or for all CPUs) and to store the file descriptor into the 665 * *map*. This must be done before the eBPF program can send data 666 * into it. An example is available in file 667 * *samples/bpf/trace_output_user.c* in the Linux kernel source 668 * tree (the eBPF program counterpart is in 669 * *samples/bpf/trace_output_kern.c*). 670 * 671 * **bpf_perf_event_output**\ () achieves better performance 672 * than **bpf_trace_printk**\ () for sharing data with user 673 * space, and is much better suitable for streaming data from eBPF 674 * programs. 675 * 676 * Note that this helper is not restricted to tracing use cases 677 * and can be used with programs attached to TC or XDP as well, 678 * where it allows for passing data to user space listeners. Data 679 * can be: 680 * 681 * * Only custom structs, 682 * * Only the packet payload, or 683 * * A combination of both. 684 * 685 * Returns 686 * 0 on success, or a negative error in case of failure. 687 */ 688 static long (*bpf_perf_event_output)(void *ctx, void *map, __u64 flags, void *data, __u64 size) = (void *) 25; 689 690 /* 691 * bpf_skb_load_bytes 692 * 693 * This helper was provided as an easy way to load data from a 694 * packet. It can be used to load *len* bytes from *offset* from 695 * the packet associated to *skb*, into the buffer pointed by 696 * *to*. 697 * 698 * Since Linux 4.7, usage of this helper has mostly been replaced 699 * by "direct packet access", enabling packet data to be 700 * manipulated with *skb*\ **->data** and *skb*\ **->data_end** 701 * pointing respectively to the first byte of packet data and to 702 * the byte after the last byte of packet data. However, it 703 * remains useful if one wishes to read large quantities of data 704 * at once from a packet into the eBPF stack. 705 * 706 * Returns 707 * 0 on success, or a negative error in case of failure. 708 */ 709 static long (*bpf_skb_load_bytes)(const void *skb, __u32 offset, void *to, __u32 len) = (void *) 26; 710 711 /* 712 * bpf_get_stackid 713 * 714 * Walk a user or a kernel stack and return its id. To achieve 715 * this, the helper needs *ctx*, which is a pointer to the context 716 * on which the tracing program is executed, and a pointer to a 717 * *map* of type **BPF_MAP_TYPE_STACK_TRACE**. 718 * 719 * The last argument, *flags*, holds the number of stack frames to 720 * skip (from 0 to 255), masked with 721 * **BPF_F_SKIP_FIELD_MASK**. The next bits can be used to set 722 * a combination of the following flags: 723 * 724 * **BPF_F_USER_STACK** 725 * Collect a user space stack instead of a kernel stack. 726 * **BPF_F_FAST_STACK_CMP** 727 * Compare stacks by hash only. 728 * **BPF_F_REUSE_STACKID** 729 * If two different stacks hash into the same *stackid*, 730 * discard the old one. 731 * 732 * The stack id retrieved is a 32 bit long integer handle which 733 * can be further combined with other data (including other stack 734 * ids) and used as a key into maps. This can be useful for 735 * generating a variety of graphs (such as flame graphs or off-cpu 736 * graphs). 737 * 738 * For walking a stack, this helper is an improvement over 739 * **bpf_probe_read**\ (), which can be used with unrolled loops 740 * but is not efficient and consumes a lot of eBPF instructions. 741 * Instead, **bpf_get_stackid**\ () can collect up to 742 * **PERF_MAX_STACK_DEPTH** both kernel and user frames. Note that 743 * this limit can be controlled with the **sysctl** program, and 744 * that it should be manually increased in order to profile long 745 * user stacks (such as stacks for Java programs). To do so, use: 746 * 747 * :: 748 * 749 * # sysctl kernel.perf_event_max_stack=<new value> 750 * 751 * Returns 752 * The positive or null stack id on success, or a negative error 753 * in case of failure. 754 */ 755 static long (*bpf_get_stackid)(void *ctx, void *map, __u64 flags) = (void *) 27; 756 757 /* 758 * bpf_csum_diff 759 * 760 * Compute a checksum difference, from the raw buffer pointed by 761 * *from*, of length *from_size* (that must be a multiple of 4), 762 * towards the raw buffer pointed by *to*, of size *to_size* 763 * (same remark). An optional *seed* can be added to the value 764 * (this can be cascaded, the seed may come from a previous call 765 * to the helper). 766 * 767 * This is flexible enough to be used in several ways: 768 * 769 * * With *from_size* == 0, *to_size* > 0 and *seed* set to 770 * checksum, it can be used when pushing new data. 771 * * With *from_size* > 0, *to_size* == 0 and *seed* set to 772 * checksum, it can be used when removing data from a packet. 773 * * With *from_size* > 0, *to_size* > 0 and *seed* set to 0, it 774 * can be used to compute a diff. Note that *from_size* and 775 * *to_size* do not need to be equal. 776 * 777 * This helper can be used in combination with 778 * **bpf_l3_csum_replace**\ () and **bpf_l4_csum_replace**\ (), to 779 * which one can feed in the difference computed with 780 * **bpf_csum_diff**\ (). 781 * 782 * Returns 783 * The checksum result, or a negative error code in case of 784 * failure. 785 */ 786 static __s64 (*bpf_csum_diff)(__be32 *from, __u32 from_size, __be32 *to, __u32 to_size, __wsum seed) = (void *) 28; 787 788 /* 789 * bpf_skb_get_tunnel_opt 790 * 791 * Retrieve tunnel options metadata for the packet associated to 792 * *skb*, and store the raw tunnel option data to the buffer *opt* 793 * of *size*. 794 * 795 * This helper can be used with encapsulation devices that can 796 * operate in "collect metadata" mode (please refer to the related 797 * note in the description of **bpf_skb_get_tunnel_key**\ () for 798 * more details). A particular example where this can be used is 799 * in combination with the Geneve encapsulation protocol, where it 800 * allows for pushing (with **bpf_skb_get_tunnel_opt**\ () helper) 801 * and retrieving arbitrary TLVs (Type-Length-Value headers) from 802 * the eBPF program. This allows for full customization of these 803 * headers. 804 * 805 * Returns 806 * The size of the option data retrieved. 807 */ 808 static long (*bpf_skb_get_tunnel_opt)(struct __sk_buff *skb, void *opt, __u32 size) = (void *) 29; 809 810 /* 811 * bpf_skb_set_tunnel_opt 812 * 813 * Set tunnel options metadata for the packet associated to *skb* 814 * to the option data contained in the raw buffer *opt* of *size*. 815 * 816 * See also the description of the **bpf_skb_get_tunnel_opt**\ () 817 * helper for additional information. 818 * 819 * Returns 820 * 0 on success, or a negative error in case of failure. 821 */ 822 static long (*bpf_skb_set_tunnel_opt)(struct __sk_buff *skb, void *opt, __u32 size) = (void *) 30; 823 824 /* 825 * bpf_skb_change_proto 826 * 827 * Change the protocol of the *skb* to *proto*. Currently 828 * supported are transition from IPv4 to IPv6, and from IPv6 to 829 * IPv4. The helper takes care of the groundwork for the 830 * transition, including resizing the socket buffer. The eBPF 831 * program is expected to fill the new headers, if any, via 832 * **skb_store_bytes**\ () and to recompute the checksums with 833 * **bpf_l3_csum_replace**\ () and **bpf_l4_csum_replace**\ 834 * (). The main case for this helper is to perform NAT64 835 * operations out of an eBPF program. 836 * 837 * Internally, the GSO type is marked as dodgy so that headers are 838 * checked and segments are recalculated by the GSO/GRO engine. 839 * The size for GSO target is adapted as well. 840 * 841 * All values for *flags* are reserved for future usage, and must 842 * be left at zero. 843 * 844 * A call to this helper is susceptible to change the underlying 845 * packet buffer. Therefore, at load time, all checks on pointers 846 * previously done by the verifier are invalidated and must be 847 * performed again, if the helper is used in combination with 848 * direct packet access. 849 * 850 * Returns 851 * 0 on success, or a negative error in case of failure. 852 */ 853 static long (*bpf_skb_change_proto)(struct __sk_buff *skb, __be16 proto, __u64 flags) = (void *) 31; 854 855 /* 856 * bpf_skb_change_type 857 * 858 * Change the packet type for the packet associated to *skb*. This 859 * comes down to setting *skb*\ **->pkt_type** to *type*, except 860 * the eBPF program does not have a write access to *skb*\ 861 * **->pkt_type** beside this helper. Using a helper here allows 862 * for graceful handling of errors. 863 * 864 * The major use case is to change incoming *skb*s to 865 * **PACKET_HOST** in a programmatic way instead of having to 866 * recirculate via **redirect**\ (..., **BPF_F_INGRESS**), for 867 * example. 868 * 869 * Note that *type* only allows certain values. At this time, they 870 * are: 871 * 872 * **PACKET_HOST** 873 * Packet is for us. 874 * **PACKET_BROADCAST** 875 * Send packet to all. 876 * **PACKET_MULTICAST** 877 * Send packet to group. 878 * **PACKET_OTHERHOST** 879 * Send packet to someone else. 880 * 881 * Returns 882 * 0 on success, or a negative error in case of failure. 883 */ 884 static long (*bpf_skb_change_type)(struct __sk_buff *skb, __u32 type) = (void *) 32; 885 886 /* 887 * bpf_skb_under_cgroup 888 * 889 * Check whether *skb* is a descendant of the cgroup2 held by 890 * *map* of type **BPF_MAP_TYPE_CGROUP_ARRAY**, at *index*. 891 * 892 * Returns 893 * The return value depends on the result of the test, and can be: 894 * 895 * * 0, if the *skb* failed the cgroup2 descendant test. 896 * * 1, if the *skb* succeeded the cgroup2 descendant test. 897 * * A negative error code, if an error occurred. 898 */ 899 static long (*bpf_skb_under_cgroup)(struct __sk_buff *skb, void *map, __u32 index) = (void *) 33; 900 901 /* 902 * bpf_get_hash_recalc 903 * 904 * Retrieve the hash of the packet, *skb*\ **->hash**. If it is 905 * not set, in particular if the hash was cleared due to mangling, 906 * recompute this hash. Later accesses to the hash can be done 907 * directly with *skb*\ **->hash**. 908 * 909 * Calling **bpf_set_hash_invalid**\ (), changing a packet 910 * prototype with **bpf_skb_change_proto**\ (), or calling 911 * **bpf_skb_store_bytes**\ () with the 912 * **BPF_F_INVALIDATE_HASH** are actions susceptible to clear 913 * the hash and to trigger a new computation for the next call to 914 * **bpf_get_hash_recalc**\ (). 915 * 916 * Returns 917 * The 32-bit hash. 918 */ 919 static __u32 (*bpf_get_hash_recalc)(struct __sk_buff *skb) = (void *) 34; 920 921 /* 922 * bpf_get_current_task 923 * 924 * Get the current task. 925 * 926 * Returns 927 * A pointer to the current task struct. 928 */ 929 static __u64 (*bpf_get_current_task)(void) = (void *) 35; 930 931 /* 932 * bpf_probe_write_user 933 * 934 * Attempt in a safe way to write *len* bytes from the buffer 935 * *src* to *dst* in memory. It only works for threads that are in 936 * user context, and *dst* must be a valid user space address. 937 * 938 * This helper should not be used to implement any kind of 939 * security mechanism because of TOC-TOU attacks, but rather to 940 * debug, divert, and manipulate execution of semi-cooperative 941 * processes. 942 * 943 * Keep in mind that this feature is meant for experiments, and it 944 * has a risk of crashing the system and running programs. 945 * Therefore, when an eBPF program using this helper is attached, 946 * a warning including PID and process name is printed to kernel 947 * logs. 948 * 949 * Returns 950 * 0 on success, or a negative error in case of failure. 951 */ 952 static long (*bpf_probe_write_user)(void *dst, const void *src, __u32 len) = (void *) 36; 953 954 /* 955 * bpf_current_task_under_cgroup 956 * 957 * Check whether the probe is being run is the context of a given 958 * subset of the cgroup2 hierarchy. The cgroup2 to test is held by 959 * *map* of type **BPF_MAP_TYPE_CGROUP_ARRAY**, at *index*. 960 * 961 * Returns 962 * The return value depends on the result of the test, and can be: 963 * 964 * * 0, if current task belongs to the cgroup2. 965 * * 1, if current task does not belong to the cgroup2. 966 * * A negative error code, if an error occurred. 967 */ 968 static long (*bpf_current_task_under_cgroup)(void *map, __u32 index) = (void *) 37; 969 970 /* 971 * bpf_skb_change_tail 972 * 973 * Resize (trim or grow) the packet associated to *skb* to the 974 * new *len*. The *flags* are reserved for future usage, and must 975 * be left at zero. 976 * 977 * The basic idea is that the helper performs the needed work to 978 * change the size of the packet, then the eBPF program rewrites 979 * the rest via helpers like **bpf_skb_store_bytes**\ (), 980 * **bpf_l3_csum_replace**\ (), **bpf_l3_csum_replace**\ () 981 * and others. This helper is a slow path utility intended for 982 * replies with control messages. And because it is targeted for 983 * slow path, the helper itself can afford to be slow: it 984 * implicitly linearizes, unclones and drops offloads from the 985 * *skb*. 986 * 987 * A call to this helper is susceptible to change the underlying 988 * packet buffer. Therefore, at load time, all checks on pointers 989 * previously done by the verifier are invalidated and must be 990 * performed again, if the helper is used in combination with 991 * direct packet access. 992 * 993 * Returns 994 * 0 on success, or a negative error in case of failure. 995 */ 996 static long (*bpf_skb_change_tail)(struct __sk_buff *skb, __u32 len, __u64 flags) = (void *) 38; 997 998 /* 999 * bpf_skb_pull_data 1000 * 1001 * Pull in non-linear data in case the *skb* is non-linear and not 1002 * all of *len* are part of the linear section. Make *len* bytes 1003 * from *skb* readable and writable. If a zero value is passed for 1004 * *len*, then the whole length of the *skb* is pulled. 1005 * 1006 * This helper is only needed for reading and writing with direct 1007 * packet access. 1008 * 1009 * For direct packet access, testing that offsets to access 1010 * are within packet boundaries (test on *skb*\ **->data_end**) is 1011 * susceptible to fail if offsets are invalid, or if the requested 1012 * data is in non-linear parts of the *skb*. On failure the 1013 * program can just bail out, or in the case of a non-linear 1014 * buffer, use a helper to make the data available. The 1015 * **bpf_skb_load_bytes**\ () helper is a first solution to access 1016 * the data. Another one consists in using **bpf_skb_pull_data** 1017 * to pull in once the non-linear parts, then retesting and 1018 * eventually access the data. 1019 * 1020 * At the same time, this also makes sure the *skb* is uncloned, 1021 * which is a necessary condition for direct write. As this needs 1022 * to be an invariant for the write part only, the verifier 1023 * detects writes and adds a prologue that is calling 1024 * **bpf_skb_pull_data()** to effectively unclone the *skb* from 1025 * the very beginning in case it is indeed cloned. 1026 * 1027 * A call to this helper is susceptible to change the underlying 1028 * packet buffer. Therefore, at load time, all checks on pointers 1029 * previously done by the verifier are invalidated and must be 1030 * performed again, if the helper is used in combination with 1031 * direct packet access. 1032 * 1033 * Returns 1034 * 0 on success, or a negative error in case of failure. 1035 */ 1036 static long (*bpf_skb_pull_data)(struct __sk_buff *skb, __u32 len) = (void *) 39; 1037 1038 /* 1039 * bpf_csum_update 1040 * 1041 * Add the checksum *csum* into *skb*\ **->csum** in case the 1042 * driver has supplied a checksum for the entire packet into that 1043 * field. Return an error otherwise. This helper is intended to be 1044 * used in combination with **bpf_csum_diff**\ (), in particular 1045 * when the checksum needs to be updated after data has been 1046 * written into the packet through direct packet access. 1047 * 1048 * Returns 1049 * The checksum on success, or a negative error code in case of 1050 * failure. 1051 */ 1052 static __s64 (*bpf_csum_update)(struct __sk_buff *skb, __wsum csum) = (void *) 40; 1053 1054 /* 1055 * bpf_set_hash_invalid 1056 * 1057 * Invalidate the current *skb*\ **->hash**. It can be used after 1058 * mangling on headers through direct packet access, in order to 1059 * indicate that the hash is outdated and to trigger a 1060 * recalculation the next time the kernel tries to access this 1061 * hash or when the **bpf_get_hash_recalc**\ () helper is called. 1062 * 1063 * Returns 1064 * void. 1065 */ 1066 static void (*bpf_set_hash_invalid)(struct __sk_buff *skb) = (void *) 41; 1067 1068 /* 1069 * bpf_get_numa_node_id 1070 * 1071 * Return the id of the current NUMA node. The primary use case 1072 * for this helper is the selection of sockets for the local NUMA 1073 * node, when the program is attached to sockets using the 1074 * **SO_ATTACH_REUSEPORT_EBPF** option (see also **socket(7)**), 1075 * but the helper is also available to other eBPF program types, 1076 * similarly to **bpf_get_smp_processor_id**\ (). 1077 * 1078 * Returns 1079 * The id of current NUMA node. 1080 */ 1081 static long (*bpf_get_numa_node_id)(void) = (void *) 42; 1082 1083 /* 1084 * bpf_skb_change_head 1085 * 1086 * Grows headroom of packet associated to *skb* and adjusts the 1087 * offset of the MAC header accordingly, adding *len* bytes of 1088 * space. It automatically extends and reallocates memory as 1089 * required. 1090 * 1091 * This helper can be used on a layer 3 *skb* to push a MAC header 1092 * for redirection into a layer 2 device. 1093 * 1094 * All values for *flags* are reserved for future usage, and must 1095 * be left at zero. 1096 * 1097 * A call to this helper is susceptible to change the underlying 1098 * packet buffer. Therefore, at load time, all checks on pointers 1099 * previously done by the verifier are invalidated and must be 1100 * performed again, if the helper is used in combination with 1101 * direct packet access. 1102 * 1103 * Returns 1104 * 0 on success, or a negative error in case of failure. 1105 */ 1106 static long (*bpf_skb_change_head)(struct __sk_buff *skb, __u32 len, __u64 flags) = (void *) 43; 1107 1108 /* 1109 * bpf_xdp_adjust_head 1110 * 1111 * Adjust (move) *xdp_md*\ **->data** by *delta* bytes. Note that 1112 * it is possible to use a negative value for *delta*. This helper 1113 * can be used to prepare the packet for pushing or popping 1114 * headers. 1115 * 1116 * A call to this helper is susceptible to change the underlying 1117 * packet buffer. Therefore, at load time, all checks on pointers 1118 * previously done by the verifier are invalidated and must be 1119 * performed again, if the helper is used in combination with 1120 * direct packet access. 1121 * 1122 * Returns 1123 * 0 on success, or a negative error in case of failure. 1124 */ 1125 static long (*bpf_xdp_adjust_head)(struct xdp_md *xdp_md, int delta) = (void *) 44; 1126 1127 /* 1128 * bpf_probe_read_str 1129 * 1130 * Copy a NUL terminated string from an unsafe kernel address 1131 * *unsafe_ptr* to *dst*. See **bpf_probe_read_kernel_str**\ () for 1132 * more details. 1133 * 1134 * Generally, use **bpf_probe_read_user_str**\ () or 1135 * **bpf_probe_read_kernel_str**\ () instead. 1136 * 1137 * Returns 1138 * On success, the strictly positive length of the string, 1139 * including the trailing NUL character. On error, a negative 1140 * value. 1141 */ 1142 static long (*bpf_probe_read_str)(void *dst, __u32 size, const void *unsafe_ptr) = (void *) 45; 1143 1144 /* 1145 * bpf_get_socket_cookie 1146 * 1147 * If the **struct sk_buff** pointed by *skb* has a known socket, 1148 * retrieve the cookie (generated by the kernel) of this socket. 1149 * If no cookie has been set yet, generate a new cookie. Once 1150 * generated, the socket cookie remains stable for the life of the 1151 * socket. This helper can be useful for monitoring per socket 1152 * networking traffic statistics as it provides a global socket 1153 * identifier that can be assumed unique. 1154 * 1155 * Returns 1156 * A 8-byte long unique number on success, or 0 if the socket 1157 * field is missing inside *skb*. 1158 */ 1159 static __u64 (*bpf_get_socket_cookie)(void *ctx) = (void *) 46; 1160 1161 /* 1162 * bpf_get_socket_uid 1163 * 1164 * Get the owner UID of the socked associated to *skb*. 1165 * 1166 * Returns 1167 * The owner UID of the socket associated to *skb*. If the socket 1168 * is **NULL**, or if it is not a full socket (i.e. if it is a 1169 * time-wait or a request socket instead), **overflowuid** value 1170 * is returned (note that **overflowuid** might also be the actual 1171 * UID value for the socket). 1172 */ 1173 static __u32 (*bpf_get_socket_uid)(struct __sk_buff *skb) = (void *) 47; 1174 1175 /* 1176 * bpf_set_hash 1177 * 1178 * Set the full hash for *skb* (set the field *skb*\ **->hash**) 1179 * to value *hash*. 1180 * 1181 * Returns 1182 * 0 1183 */ 1184 static long (*bpf_set_hash)(struct __sk_buff *skb, __u32 hash) = (void *) 48; 1185 1186 /* 1187 * bpf_setsockopt 1188 * 1189 * Emulate a call to **setsockopt()** on the socket associated to 1190 * *bpf_socket*, which must be a full socket. The *level* at 1191 * which the option resides and the name *optname* of the option 1192 * must be specified, see **setsockopt(2)** for more information. 1193 * The option value of length *optlen* is pointed by *optval*. 1194 * 1195 * *bpf_socket* should be one of the following: 1196 * 1197 * * **struct bpf_sock_ops** for **BPF_PROG_TYPE_SOCK_OPS**. 1198 * * **struct bpf_sock_addr** for **BPF_CGROUP_INET4_CONNECT** 1199 * and **BPF_CGROUP_INET6_CONNECT**. 1200 * 1201 * This helper actually implements a subset of **setsockopt()**. 1202 * It supports the following *level*\ s: 1203 * 1204 * * **SOL_SOCKET**, which supports the following *optname*\ s: 1205 * **SO_RCVBUF**, **SO_SNDBUF**, **SO_MAX_PACING_RATE**, 1206 * **SO_PRIORITY**, **SO_RCVLOWAT**, **SO_MARK**, 1207 * **SO_BINDTODEVICE**, **SO_KEEPALIVE**. 1208 * * **IPPROTO_TCP**, which supports the following *optname*\ s: 1209 * **TCP_CONGESTION**, **TCP_BPF_IW**, 1210 * **TCP_BPF_SNDCWND_CLAMP**, **TCP_SAVE_SYN**, 1211 * **TCP_KEEPIDLE**, **TCP_KEEPINTVL**, **TCP_KEEPCNT**, 1212 * **TCP_SYNCNT**, **TCP_USER_TIMEOUT**, **TCP_NOTSENT_LOWAT**. 1213 * * **IPPROTO_IP**, which supports *optname* **IP_TOS**. 1214 * * **IPPROTO_IPV6**, which supports *optname* **IPV6_TCLASS**. 1215 * 1216 * Returns 1217 * 0 on success, or a negative error in case of failure. 1218 */ 1219 static long (*bpf_setsockopt)(void *bpf_socket, int level, int optname, void *optval, int optlen) = (void *) 49; 1220 1221 /* 1222 * bpf_skb_adjust_room 1223 * 1224 * Grow or shrink the room for data in the packet associated to 1225 * *skb* by *len_diff*, and according to the selected *mode*. 1226 * 1227 * By default, the helper will reset any offloaded checksum 1228 * indicator of the skb to CHECKSUM_NONE. This can be avoided 1229 * by the following flag: 1230 * 1231 * * **BPF_F_ADJ_ROOM_NO_CSUM_RESET**: Do not reset offloaded 1232 * checksum data of the skb to CHECKSUM_NONE. 1233 * 1234 * There are two supported modes at this time: 1235 * 1236 * * **BPF_ADJ_ROOM_MAC**: Adjust room at the mac layer 1237 * (room space is added or removed below the layer 2 header). 1238 * 1239 * * **BPF_ADJ_ROOM_NET**: Adjust room at the network layer 1240 * (room space is added or removed below the layer 3 header). 1241 * 1242 * The following flags are supported at this time: 1243 * 1244 * * **BPF_F_ADJ_ROOM_FIXED_GSO**: Do not adjust gso_size. 1245 * Adjusting mss in this way is not allowed for datagrams. 1246 * 1247 * * **BPF_F_ADJ_ROOM_ENCAP_L3_IPV4**, 1248 * **BPF_F_ADJ_ROOM_ENCAP_L3_IPV6**: 1249 * Any new space is reserved to hold a tunnel header. 1250 * Configure skb offsets and other fields accordingly. 1251 * 1252 * * **BPF_F_ADJ_ROOM_ENCAP_L4_GRE**, 1253 * **BPF_F_ADJ_ROOM_ENCAP_L4_UDP**: 1254 * Use with ENCAP_L3 flags to further specify the tunnel type. 1255 * 1256 * * **BPF_F_ADJ_ROOM_ENCAP_L2**\ (*len*): 1257 * Use with ENCAP_L3/L4 flags to further specify the tunnel 1258 * type; *len* is the length of the inner MAC header. 1259 * 1260 * * **BPF_F_ADJ_ROOM_ENCAP_L2_ETH**: 1261 * Use with BPF_F_ADJ_ROOM_ENCAP_L2 flag to further specify the 1262 * L2 type as Ethernet. 1263 * 1264 * A call to this helper is susceptible to change the underlying 1265 * packet buffer. Therefore, at load time, all checks on pointers 1266 * previously done by the verifier are invalidated and must be 1267 * performed again, if the helper is used in combination with 1268 * direct packet access. 1269 * 1270 * Returns 1271 * 0 on success, or a negative error in case of failure. 1272 */ 1273 static long (*bpf_skb_adjust_room)(struct __sk_buff *skb, __s32 len_diff, __u32 mode, __u64 flags) = (void *) 50; 1274 1275 /* 1276 * bpf_redirect_map 1277 * 1278 * Redirect the packet to the endpoint referenced by *map* at 1279 * index *key*. Depending on its type, this *map* can contain 1280 * references to net devices (for forwarding packets through other 1281 * ports), or to CPUs (for redirecting XDP frames to another CPU; 1282 * but this is only implemented for native XDP (with driver 1283 * support) as of this writing). 1284 * 1285 * The lower two bits of *flags* are used as the return code if 1286 * the map lookup fails. This is so that the return value can be 1287 * one of the XDP program return codes up to **XDP_TX**, as chosen 1288 * by the caller. The higher bits of *flags* can be set to 1289 * BPF_F_BROADCAST or BPF_F_EXCLUDE_INGRESS as defined below. 1290 * 1291 * With BPF_F_BROADCAST the packet will be broadcasted to all the 1292 * interfaces in the map, with BPF_F_EXCLUDE_INGRESS the ingress 1293 * interface will be excluded when do broadcasting. 1294 * 1295 * See also **bpf_redirect**\ (), which only supports redirecting 1296 * to an ifindex, but doesn't require a map to do so. 1297 * 1298 * Returns 1299 * **XDP_REDIRECT** on success, or the value of the two lower bits 1300 * of the *flags* argument on error. 1301 */ 1302 static long (*bpf_redirect_map)(void *map, __u32 key, __u64 flags) = (void *) 51; 1303 1304 /* 1305 * bpf_sk_redirect_map 1306 * 1307 * Redirect the packet to the socket referenced by *map* (of type 1308 * **BPF_MAP_TYPE_SOCKMAP**) at index *key*. Both ingress and 1309 * egress interfaces can be used for redirection. The 1310 * **BPF_F_INGRESS** value in *flags* is used to make the 1311 * distinction (ingress path is selected if the flag is present, 1312 * egress path otherwise). This is the only flag supported for now. 1313 * 1314 * Returns 1315 * **SK_PASS** on success, or **SK_DROP** on error. 1316 */ 1317 static long (*bpf_sk_redirect_map)(struct __sk_buff *skb, void *map, __u32 key, __u64 flags) = (void *) 52; 1318 1319 /* 1320 * bpf_sock_map_update 1321 * 1322 * Add an entry to, or update a *map* referencing sockets. The 1323 * *skops* is used as a new value for the entry associated to 1324 * *key*. *flags* is one of: 1325 * 1326 * **BPF_NOEXIST** 1327 * The entry for *key* must not exist in the map. 1328 * **BPF_EXIST** 1329 * The entry for *key* must already exist in the map. 1330 * **BPF_ANY** 1331 * No condition on the existence of the entry for *key*. 1332 * 1333 * If the *map* has eBPF programs (parser and verdict), those will 1334 * be inherited by the socket being added. If the socket is 1335 * already attached to eBPF programs, this results in an error. 1336 * 1337 * Returns 1338 * 0 on success, or a negative error in case of failure. 1339 */ 1340 static long (*bpf_sock_map_update)(struct bpf_sock_ops *skops, void *map, void *key, __u64 flags) = (void *) 53; 1341 1342 /* 1343 * bpf_xdp_adjust_meta 1344 * 1345 * Adjust the address pointed by *xdp_md*\ **->data_meta** by 1346 * *delta* (which can be positive or negative). Note that this 1347 * operation modifies the address stored in *xdp_md*\ **->data**, 1348 * so the latter must be loaded only after the helper has been 1349 * called. 1350 * 1351 * The use of *xdp_md*\ **->data_meta** is optional and programs 1352 * are not required to use it. The rationale is that when the 1353 * packet is processed with XDP (e.g. as DoS filter), it is 1354 * possible to push further meta data along with it before passing 1355 * to the stack, and to give the guarantee that an ingress eBPF 1356 * program attached as a TC classifier on the same device can pick 1357 * this up for further post-processing. Since TC works with socket 1358 * buffers, it remains possible to set from XDP the **mark** or 1359 * **priority** pointers, or other pointers for the socket buffer. 1360 * Having this scratch space generic and programmable allows for 1361 * more flexibility as the user is free to store whatever meta 1362 * data they need. 1363 * 1364 * A call to this helper is susceptible to change the underlying 1365 * packet buffer. Therefore, at load time, all checks on pointers 1366 * previously done by the verifier are invalidated and must be 1367 * performed again, if the helper is used in combination with 1368 * direct packet access. 1369 * 1370 * Returns 1371 * 0 on success, or a negative error in case of failure. 1372 */ 1373 static long (*bpf_xdp_adjust_meta)(struct xdp_md *xdp_md, int delta) = (void *) 54; 1374 1375 /* 1376 * bpf_perf_event_read_value 1377 * 1378 * Read the value of a perf event counter, and store it into *buf* 1379 * of size *buf_size*. This helper relies on a *map* of type 1380 * **BPF_MAP_TYPE_PERF_EVENT_ARRAY**. The nature of the perf event 1381 * counter is selected when *map* is updated with perf event file 1382 * descriptors. The *map* is an array whose size is the number of 1383 * available CPUs, and each cell contains a value relative to one 1384 * CPU. The value to retrieve is indicated by *flags*, that 1385 * contains the index of the CPU to look up, masked with 1386 * **BPF_F_INDEX_MASK**. Alternatively, *flags* can be set to 1387 * **BPF_F_CURRENT_CPU** to indicate that the value for the 1388 * current CPU should be retrieved. 1389 * 1390 * This helper behaves in a way close to 1391 * **bpf_perf_event_read**\ () helper, save that instead of 1392 * just returning the value observed, it fills the *buf* 1393 * structure. This allows for additional data to be retrieved: in 1394 * particular, the enabled and running times (in *buf*\ 1395 * **->enabled** and *buf*\ **->running**, respectively) are 1396 * copied. In general, **bpf_perf_event_read_value**\ () is 1397 * recommended over **bpf_perf_event_read**\ (), which has some 1398 * ABI issues and provides fewer functionalities. 1399 * 1400 * These values are interesting, because hardware PMU (Performance 1401 * Monitoring Unit) counters are limited resources. When there are 1402 * more PMU based perf events opened than available counters, 1403 * kernel will multiplex these events so each event gets certain 1404 * percentage (but not all) of the PMU time. In case that 1405 * multiplexing happens, the number of samples or counter value 1406 * will not reflect the case compared to when no multiplexing 1407 * occurs. This makes comparison between different runs difficult. 1408 * Typically, the counter value should be normalized before 1409 * comparing to other experiments. The usual normalization is done 1410 * as follows. 1411 * 1412 * :: 1413 * 1414 * normalized_counter = counter * t_enabled / t_running 1415 * 1416 * Where t_enabled is the time enabled for event and t_running is 1417 * the time running for event since last normalization. The 1418 * enabled and running times are accumulated since the perf event 1419 * open. To achieve scaling factor between two invocations of an 1420 * eBPF program, users can use CPU id as the key (which is 1421 * typical for perf array usage model) to remember the previous 1422 * value and do the calculation inside the eBPF program. 1423 * 1424 * Returns 1425 * 0 on success, or a negative error in case of failure. 1426 */ 1427 static long (*bpf_perf_event_read_value)(void *map, __u64 flags, struct bpf_perf_event_value *buf, __u32 buf_size) = (void *) 55; 1428 1429 /* 1430 * bpf_perf_prog_read_value 1431 * 1432 * For en eBPF program attached to a perf event, retrieve the 1433 * value of the event counter associated to *ctx* and store it in 1434 * the structure pointed by *buf* and of size *buf_size*. Enabled 1435 * and running times are also stored in the structure (see 1436 * description of helper **bpf_perf_event_read_value**\ () for 1437 * more details). 1438 * 1439 * Returns 1440 * 0 on success, or a negative error in case of failure. 1441 */ 1442 static long (*bpf_perf_prog_read_value)(struct bpf_perf_event_data *ctx, struct bpf_perf_event_value *buf, __u32 buf_size) = (void *) 56; 1443 1444 /* 1445 * bpf_getsockopt 1446 * 1447 * Emulate a call to **getsockopt()** on the socket associated to 1448 * *bpf_socket*, which must be a full socket. The *level* at 1449 * which the option resides and the name *optname* of the option 1450 * must be specified, see **getsockopt(2)** for more information. 1451 * The retrieved value is stored in the structure pointed by 1452 * *opval* and of length *optlen*. 1453 * 1454 * *bpf_socket* should be one of the following: 1455 * 1456 * * **struct bpf_sock_ops** for **BPF_PROG_TYPE_SOCK_OPS**. 1457 * * **struct bpf_sock_addr** for **BPF_CGROUP_INET4_CONNECT** 1458 * and **BPF_CGROUP_INET6_CONNECT**. 1459 * 1460 * This helper actually implements a subset of **getsockopt()**. 1461 * It supports the following *level*\ s: 1462 * 1463 * * **IPPROTO_TCP**, which supports *optname* 1464 * **TCP_CONGESTION**. 1465 * * **IPPROTO_IP**, which supports *optname* **IP_TOS**. 1466 * * **IPPROTO_IPV6**, which supports *optname* **IPV6_TCLASS**. 1467 * 1468 * Returns 1469 * 0 on success, or a negative error in case of failure. 1470 */ 1471 static long (*bpf_getsockopt)(void *bpf_socket, int level, int optname, void *optval, int optlen) = (void *) 57; 1472 1473 /* 1474 * bpf_override_return 1475 * 1476 * Used for error injection, this helper uses kprobes to override 1477 * the return value of the probed function, and to set it to *rc*. 1478 * The first argument is the context *regs* on which the kprobe 1479 * works. 1480 * 1481 * This helper works by setting the PC (program counter) 1482 * to an override function which is run in place of the original 1483 * probed function. This means the probed function is not run at 1484 * all. The replacement function just returns with the required 1485 * value. 1486 * 1487 * This helper has security implications, and thus is subject to 1488 * restrictions. It is only available if the kernel was compiled 1489 * with the **CONFIG_BPF_KPROBE_OVERRIDE** configuration 1490 * option, and in this case it only works on functions tagged with 1491 * **ALLOW_ERROR_INJECTION** in the kernel code. 1492 * 1493 * Also, the helper is only available for the architectures having 1494 * the CONFIG_FUNCTION_ERROR_INJECTION option. As of this writing, 1495 * x86 architecture is the only one to support this feature. 1496 * 1497 * Returns 1498 * 0 1499 */ 1500 static long (*bpf_override_return)(struct pt_regs *regs, __u64 rc) = (void *) 58; 1501 1502 /* 1503 * bpf_sock_ops_cb_flags_set 1504 * 1505 * Attempt to set the value of the **bpf_sock_ops_cb_flags** field 1506 * for the full TCP socket associated to *bpf_sock_ops* to 1507 * *argval*. 1508 * 1509 * The primary use of this field is to determine if there should 1510 * be calls to eBPF programs of type 1511 * **BPF_PROG_TYPE_SOCK_OPS** at various points in the TCP 1512 * code. A program of the same type can change its value, per 1513 * connection and as necessary, when the connection is 1514 * established. This field is directly accessible for reading, but 1515 * this helper must be used for updates in order to return an 1516 * error if an eBPF program tries to set a callback that is not 1517 * supported in the current kernel. 1518 * 1519 * *argval* is a flag array which can combine these flags: 1520 * 1521 * * **BPF_SOCK_OPS_RTO_CB_FLAG** (retransmission time out) 1522 * * **BPF_SOCK_OPS_RETRANS_CB_FLAG** (retransmission) 1523 * * **BPF_SOCK_OPS_STATE_CB_FLAG** (TCP state change) 1524 * * **BPF_SOCK_OPS_RTT_CB_FLAG** (every RTT) 1525 * 1526 * Therefore, this function can be used to clear a callback flag by 1527 * setting the appropriate bit to zero. e.g. to disable the RTO 1528 * callback: 1529 * 1530 * **bpf_sock_ops_cb_flags_set(bpf_sock,** 1531 * **bpf_sock->bpf_sock_ops_cb_flags & ~BPF_SOCK_OPS_RTO_CB_FLAG)** 1532 * 1533 * Here are some examples of where one could call such eBPF 1534 * program: 1535 * 1536 * * When RTO fires. 1537 * * When a packet is retransmitted. 1538 * * When the connection terminates. 1539 * * When a packet is sent. 1540 * * When a packet is received. 1541 * 1542 * Returns 1543 * Code **-EINVAL** if the socket is not a full TCP socket; 1544 * otherwise, a positive number containing the bits that could not 1545 * be set is returned (which comes down to 0 if all bits were set 1546 * as required). 1547 */ 1548 static long (*bpf_sock_ops_cb_flags_set)(struct bpf_sock_ops *bpf_sock, int argval) = (void *) 59; 1549 1550 /* 1551 * bpf_msg_redirect_map 1552 * 1553 * This helper is used in programs implementing policies at the 1554 * socket level. If the message *msg* is allowed to pass (i.e. if 1555 * the verdict eBPF program returns **SK_PASS**), redirect it to 1556 * the socket referenced by *map* (of type 1557 * **BPF_MAP_TYPE_SOCKMAP**) at index *key*. Both ingress and 1558 * egress interfaces can be used for redirection. The 1559 * **BPF_F_INGRESS** value in *flags* is used to make the 1560 * distinction (ingress path is selected if the flag is present, 1561 * egress path otherwise). This is the only flag supported for now. 1562 * 1563 * Returns 1564 * **SK_PASS** on success, or **SK_DROP** on error. 1565 */ 1566 static long (*bpf_msg_redirect_map)(struct sk_msg_md *msg, void *map, __u32 key, __u64 flags) = (void *) 60; 1567 1568 /* 1569 * bpf_msg_apply_bytes 1570 * 1571 * For socket policies, apply the verdict of the eBPF program to 1572 * the next *bytes* (number of bytes) of message *msg*. 1573 * 1574 * For example, this helper can be used in the following cases: 1575 * 1576 * * A single **sendmsg**\ () or **sendfile**\ () system call 1577 * contains multiple logical messages that the eBPF program is 1578 * supposed to read and for which it should apply a verdict. 1579 * * An eBPF program only cares to read the first *bytes* of a 1580 * *msg*. If the message has a large payload, then setting up 1581 * and calling the eBPF program repeatedly for all bytes, even 1582 * though the verdict is already known, would create unnecessary 1583 * overhead. 1584 * 1585 * When called from within an eBPF program, the helper sets a 1586 * counter internal to the BPF infrastructure, that is used to 1587 * apply the last verdict to the next *bytes*. If *bytes* is 1588 * smaller than the current data being processed from a 1589 * **sendmsg**\ () or **sendfile**\ () system call, the first 1590 * *bytes* will be sent and the eBPF program will be re-run with 1591 * the pointer for start of data pointing to byte number *bytes* 1592 * **+ 1**. If *bytes* is larger than the current data being 1593 * processed, then the eBPF verdict will be applied to multiple 1594 * **sendmsg**\ () or **sendfile**\ () calls until *bytes* are 1595 * consumed. 1596 * 1597 * Note that if a socket closes with the internal counter holding 1598 * a non-zero value, this is not a problem because data is not 1599 * being buffered for *bytes* and is sent as it is received. 1600 * 1601 * Returns 1602 * 0 1603 */ 1604 static long (*bpf_msg_apply_bytes)(struct sk_msg_md *msg, __u32 bytes) = (void *) 61; 1605 1606 /* 1607 * bpf_msg_cork_bytes 1608 * 1609 * For socket policies, prevent the execution of the verdict eBPF 1610 * program for message *msg* until *bytes* (byte number) have been 1611 * accumulated. 1612 * 1613 * This can be used when one needs a specific number of bytes 1614 * before a verdict can be assigned, even if the data spans 1615 * multiple **sendmsg**\ () or **sendfile**\ () calls. The extreme 1616 * case would be a user calling **sendmsg**\ () repeatedly with 1617 * 1-byte long message segments. Obviously, this is bad for 1618 * performance, but it is still valid. If the eBPF program needs 1619 * *bytes* bytes to validate a header, this helper can be used to 1620 * prevent the eBPF program to be called again until *bytes* have 1621 * been accumulated. 1622 * 1623 * Returns 1624 * 0 1625 */ 1626 static long (*bpf_msg_cork_bytes)(struct sk_msg_md *msg, __u32 bytes) = (void *) 62; 1627 1628 /* 1629 * bpf_msg_pull_data 1630 * 1631 * For socket policies, pull in non-linear data from user space 1632 * for *msg* and set pointers *msg*\ **->data** and *msg*\ 1633 * **->data_end** to *start* and *end* bytes offsets into *msg*, 1634 * respectively. 1635 * 1636 * If a program of type **BPF_PROG_TYPE_SK_MSG** is run on a 1637 * *msg* it can only parse data that the (**data**, **data_end**) 1638 * pointers have already consumed. For **sendmsg**\ () hooks this 1639 * is likely the first scatterlist element. But for calls relying 1640 * on the **sendpage** handler (e.g. **sendfile**\ ()) this will 1641 * be the range (**0**, **0**) because the data is shared with 1642 * user space and by default the objective is to avoid allowing 1643 * user space to modify data while (or after) eBPF verdict is 1644 * being decided. This helper can be used to pull in data and to 1645 * set the start and end pointer to given values. Data will be 1646 * copied if necessary (i.e. if data was not linear and if start 1647 * and end pointers do not point to the same chunk). 1648 * 1649 * A call to this helper is susceptible to change the underlying 1650 * packet buffer. Therefore, at load time, all checks on pointers 1651 * previously done by the verifier are invalidated and must be 1652 * performed again, if the helper is used in combination with 1653 * direct packet access. 1654 * 1655 * All values for *flags* are reserved for future usage, and must 1656 * be left at zero. 1657 * 1658 * Returns 1659 * 0 on success, or a negative error in case of failure. 1660 */ 1661 static long (*bpf_msg_pull_data)(struct sk_msg_md *msg, __u32 start, __u32 end, __u64 flags) = (void *) 63; 1662 1663 /* 1664 * bpf_bind 1665 * 1666 * Bind the socket associated to *ctx* to the address pointed by 1667 * *addr*, of length *addr_len*. This allows for making outgoing 1668 * connection from the desired IP address, which can be useful for 1669 * example when all processes inside a cgroup should use one 1670 * single IP address on a host that has multiple IP configured. 1671 * 1672 * This helper works for IPv4 and IPv6, TCP and UDP sockets. The 1673 * domain (*addr*\ **->sa_family**) must be **AF_INET** (or 1674 * **AF_INET6**). It's advised to pass zero port (**sin_port** 1675 * or **sin6_port**) which triggers IP_BIND_ADDRESS_NO_PORT-like 1676 * behavior and lets the kernel efficiently pick up an unused 1677 * port as long as 4-tuple is unique. Passing non-zero port might 1678 * lead to degraded performance. 1679 * 1680 * Returns 1681 * 0 on success, or a negative error in case of failure. 1682 */ 1683 static long (*bpf_bind)(struct bpf_sock_addr *ctx, struct sockaddr *addr, int addr_len) = (void *) 64; 1684 1685 /* 1686 * bpf_xdp_adjust_tail 1687 * 1688 * Adjust (move) *xdp_md*\ **->data_end** by *delta* bytes. It is 1689 * possible to both shrink and grow the packet tail. 1690 * Shrink done via *delta* being a negative integer. 1691 * 1692 * A call to this helper is susceptible to change the underlying 1693 * packet buffer. Therefore, at load time, all checks on pointers 1694 * previously done by the verifier are invalidated and must be 1695 * performed again, if the helper is used in combination with 1696 * direct packet access. 1697 * 1698 * Returns 1699 * 0 on success, or a negative error in case of failure. 1700 */ 1701 static long (*bpf_xdp_adjust_tail)(struct xdp_md *xdp_md, int delta) = (void *) 65; 1702 1703 /* 1704 * bpf_skb_get_xfrm_state 1705 * 1706 * Retrieve the XFRM state (IP transform framework, see also 1707 * **ip-xfrm(8)**) at *index* in XFRM "security path" for *skb*. 1708 * 1709 * The retrieved value is stored in the **struct bpf_xfrm_state** 1710 * pointed by *xfrm_state* and of length *size*. 1711 * 1712 * All values for *flags* are reserved for future usage, and must 1713 * be left at zero. 1714 * 1715 * This helper is available only if the kernel was compiled with 1716 * **CONFIG_XFRM** configuration option. 1717 * 1718 * Returns 1719 * 0 on success, or a negative error in case of failure. 1720 */ 1721 static long (*bpf_skb_get_xfrm_state)(struct __sk_buff *skb, __u32 index, struct bpf_xfrm_state *xfrm_state, __u32 size, __u64 flags) = (void *) 66; 1722 1723 /* 1724 * bpf_get_stack 1725 * 1726 * Return a user or a kernel stack in bpf program provided buffer. 1727 * To achieve this, the helper needs *ctx*, which is a pointer 1728 * to the context on which the tracing program is executed. 1729 * To store the stacktrace, the bpf program provides *buf* with 1730 * a nonnegative *size*. 1731 * 1732 * The last argument, *flags*, holds the number of stack frames to 1733 * skip (from 0 to 255), masked with 1734 * **BPF_F_SKIP_FIELD_MASK**. The next bits can be used to set 1735 * the following flags: 1736 * 1737 * **BPF_F_USER_STACK** 1738 * Collect a user space stack instead of a kernel stack. 1739 * **BPF_F_USER_BUILD_ID** 1740 * Collect buildid+offset instead of ips for user stack, 1741 * only valid if **BPF_F_USER_STACK** is also specified. 1742 * 1743 * **bpf_get_stack**\ () can collect up to 1744 * **PERF_MAX_STACK_DEPTH** both kernel and user frames, subject 1745 * to sufficient large buffer size. Note that 1746 * this limit can be controlled with the **sysctl** program, and 1747 * that it should be manually increased in order to profile long 1748 * user stacks (such as stacks for Java programs). To do so, use: 1749 * 1750 * :: 1751 * 1752 * # sysctl kernel.perf_event_max_stack=<new value> 1753 * 1754 * Returns 1755 * A non-negative value equal to or less than *size* on success, 1756 * or a negative error in case of failure. 1757 */ 1758 static long (*bpf_get_stack)(void *ctx, void *buf, __u32 size, __u64 flags) = (void *) 67; 1759 1760 /* 1761 * bpf_skb_load_bytes_relative 1762 * 1763 * This helper is similar to **bpf_skb_load_bytes**\ () in that 1764 * it provides an easy way to load *len* bytes from *offset* 1765 * from the packet associated to *skb*, into the buffer pointed 1766 * by *to*. The difference to **bpf_skb_load_bytes**\ () is that 1767 * a fifth argument *start_header* exists in order to select a 1768 * base offset to start from. *start_header* can be one of: 1769 * 1770 * **BPF_HDR_START_MAC** 1771 * Base offset to load data from is *skb*'s mac header. 1772 * **BPF_HDR_START_NET** 1773 * Base offset to load data from is *skb*'s network header. 1774 * 1775 * In general, "direct packet access" is the preferred method to 1776 * access packet data, however, this helper is in particular useful 1777 * in socket filters where *skb*\ **->data** does not always point 1778 * to the start of the mac header and where "direct packet access" 1779 * is not available. 1780 * 1781 * Returns 1782 * 0 on success, or a negative error in case of failure. 1783 */ 1784 static long (*bpf_skb_load_bytes_relative)(const void *skb, __u32 offset, void *to, __u32 len, __u32 start_header) = (void *) 68; 1785 1786 /* 1787 * bpf_fib_lookup 1788 * 1789 * Do FIB lookup in kernel tables using parameters in *params*. 1790 * If lookup is successful and result shows packet is to be 1791 * forwarded, the neighbor tables are searched for the nexthop. 1792 * If successful (ie., FIB lookup shows forwarding and nexthop 1793 * is resolved), the nexthop address is returned in ipv4_dst 1794 * or ipv6_dst based on family, smac is set to mac address of 1795 * egress device, dmac is set to nexthop mac address, rt_metric 1796 * is set to metric from route (IPv4/IPv6 only), and ifindex 1797 * is set to the device index of the nexthop from the FIB lookup. 1798 * 1799 * *plen* argument is the size of the passed in struct. 1800 * *flags* argument can be a combination of one or more of the 1801 * following values: 1802 * 1803 * **BPF_FIB_LOOKUP_DIRECT** 1804 * Do a direct table lookup vs full lookup using FIB 1805 * rules. 1806 * **BPF_FIB_LOOKUP_OUTPUT** 1807 * Perform lookup from an egress perspective (default is 1808 * ingress). 1809 * 1810 * *ctx* is either **struct xdp_md** for XDP programs or 1811 * **struct sk_buff** tc cls_act programs. 1812 * 1813 * Returns 1814 * * < 0 if any input argument is invalid 1815 * * 0 on success (packet is forwarded, nexthop neighbor exists) 1816 * * > 0 one of **BPF_FIB_LKUP_RET_** codes explaining why the 1817 * packet is not forwarded or needs assist from full stack 1818 * 1819 * If lookup fails with BPF_FIB_LKUP_RET_FRAG_NEEDED, then the MTU 1820 * was exceeded and output params->mtu_result contains the MTU. 1821 */ 1822 static long (*bpf_fib_lookup)(void *ctx, struct bpf_fib_lookup *params, int plen, __u32 flags) = (void *) 69; 1823 1824 /* 1825 * bpf_sock_hash_update 1826 * 1827 * Add an entry to, or update a sockhash *map* referencing sockets. 1828 * The *skops* is used as a new value for the entry associated to 1829 * *key*. *flags* is one of: 1830 * 1831 * **BPF_NOEXIST** 1832 * The entry for *key* must not exist in the map. 1833 * **BPF_EXIST** 1834 * The entry for *key* must already exist in the map. 1835 * **BPF_ANY** 1836 * No condition on the existence of the entry for *key*. 1837 * 1838 * If the *map* has eBPF programs (parser and verdict), those will 1839 * be inherited by the socket being added. If the socket is 1840 * already attached to eBPF programs, this results in an error. 1841 * 1842 * Returns 1843 * 0 on success, or a negative error in case of failure. 1844 */ 1845 static long (*bpf_sock_hash_update)(struct bpf_sock_ops *skops, void *map, void *key, __u64 flags) = (void *) 70; 1846 1847 /* 1848 * bpf_msg_redirect_hash 1849 * 1850 * This helper is used in programs implementing policies at the 1851 * socket level. If the message *msg* is allowed to pass (i.e. if 1852 * the verdict eBPF program returns **SK_PASS**), redirect it to 1853 * the socket referenced by *map* (of type 1854 * **BPF_MAP_TYPE_SOCKHASH**) using hash *key*. Both ingress and 1855 * egress interfaces can be used for redirection. The 1856 * **BPF_F_INGRESS** value in *flags* is used to make the 1857 * distinction (ingress path is selected if the flag is present, 1858 * egress path otherwise). This is the only flag supported for now. 1859 * 1860 * Returns 1861 * **SK_PASS** on success, or **SK_DROP** on error. 1862 */ 1863 static long (*bpf_msg_redirect_hash)(struct sk_msg_md *msg, void *map, void *key, __u64 flags) = (void *) 71; 1864 1865 /* 1866 * bpf_sk_redirect_hash 1867 * 1868 * This helper is used in programs implementing policies at the 1869 * skb socket level. If the sk_buff *skb* is allowed to pass (i.e. 1870 * if the verdict eBPF program returns **SK_PASS**), redirect it 1871 * to the socket referenced by *map* (of type 1872 * **BPF_MAP_TYPE_SOCKHASH**) using hash *key*. Both ingress and 1873 * egress interfaces can be used for redirection. The 1874 * **BPF_F_INGRESS** value in *flags* is used to make the 1875 * distinction (ingress path is selected if the flag is present, 1876 * egress otherwise). This is the only flag supported for now. 1877 * 1878 * Returns 1879 * **SK_PASS** on success, or **SK_DROP** on error. 1880 */ 1881 static long (*bpf_sk_redirect_hash)(struct __sk_buff *skb, void *map, void *key, __u64 flags) = (void *) 72; 1882 1883 /* 1884 * bpf_lwt_push_encap 1885 * 1886 * Encapsulate the packet associated to *skb* within a Layer 3 1887 * protocol header. This header is provided in the buffer at 1888 * address *hdr*, with *len* its size in bytes. *type* indicates 1889 * the protocol of the header and can be one of: 1890 * 1891 * **BPF_LWT_ENCAP_SEG6** 1892 * IPv6 encapsulation with Segment Routing Header 1893 * (**struct ipv6_sr_hdr**). *hdr* only contains the SRH, 1894 * the IPv6 header is computed by the kernel. 1895 * **BPF_LWT_ENCAP_SEG6_INLINE** 1896 * Only works if *skb* contains an IPv6 packet. Insert a 1897 * Segment Routing Header (**struct ipv6_sr_hdr**) inside 1898 * the IPv6 header. 1899 * **BPF_LWT_ENCAP_IP** 1900 * IP encapsulation (GRE/GUE/IPIP/etc). The outer header 1901 * must be IPv4 or IPv6, followed by zero or more 1902 * additional headers, up to **LWT_BPF_MAX_HEADROOM** 1903 * total bytes in all prepended headers. Please note that 1904 * if **skb_is_gso**\ (*skb*) is true, no more than two 1905 * headers can be prepended, and the inner header, if 1906 * present, should be either GRE or UDP/GUE. 1907 * 1908 * **BPF_LWT_ENCAP_SEG6**\ \* types can be called by BPF programs 1909 * of type **BPF_PROG_TYPE_LWT_IN**; **BPF_LWT_ENCAP_IP** type can 1910 * be called by bpf programs of types **BPF_PROG_TYPE_LWT_IN** and 1911 * **BPF_PROG_TYPE_LWT_XMIT**. 1912 * 1913 * A call to this helper is susceptible to change the underlying 1914 * packet buffer. Therefore, at load time, all checks on pointers 1915 * previously done by the verifier are invalidated and must be 1916 * performed again, if the helper is used in combination with 1917 * direct packet access. 1918 * 1919 * Returns 1920 * 0 on success, or a negative error in case of failure. 1921 */ 1922 static long (*bpf_lwt_push_encap)(struct __sk_buff *skb, __u32 type, void *hdr, __u32 len) = (void *) 73; 1923 1924 /* 1925 * bpf_lwt_seg6_store_bytes 1926 * 1927 * Store *len* bytes from address *from* into the packet 1928 * associated to *skb*, at *offset*. Only the flags, tag and TLVs 1929 * inside the outermost IPv6 Segment Routing Header can be 1930 * modified through this helper. 1931 * 1932 * A call to this helper is susceptible to change the underlying 1933 * packet buffer. Therefore, at load time, all checks on pointers 1934 * previously done by the verifier are invalidated and must be 1935 * performed again, if the helper is used in combination with 1936 * direct packet access. 1937 * 1938 * Returns 1939 * 0 on success, or a negative error in case of failure. 1940 */ 1941 static long (*bpf_lwt_seg6_store_bytes)(struct __sk_buff *skb, __u32 offset, const void *from, __u32 len) = (void *) 74; 1942 1943 /* 1944 * bpf_lwt_seg6_adjust_srh 1945 * 1946 * Adjust the size allocated to TLVs in the outermost IPv6 1947 * Segment Routing Header contained in the packet associated to 1948 * *skb*, at position *offset* by *delta* bytes. Only offsets 1949 * after the segments are accepted. *delta* can be as well 1950 * positive (growing) as negative (shrinking). 1951 * 1952 * A call to this helper is susceptible to change the underlying 1953 * packet buffer. Therefore, at load time, all checks on pointers 1954 * previously done by the verifier are invalidated and must be 1955 * performed again, if the helper is used in combination with 1956 * direct packet access. 1957 * 1958 * Returns 1959 * 0 on success, or a negative error in case of failure. 1960 */ 1961 static long (*bpf_lwt_seg6_adjust_srh)(struct __sk_buff *skb, __u32 offset, __s32 delta) = (void *) 75; 1962 1963 /* 1964 * bpf_lwt_seg6_action 1965 * 1966 * Apply an IPv6 Segment Routing action of type *action* to the 1967 * packet associated to *skb*. Each action takes a parameter 1968 * contained at address *param*, and of length *param_len* bytes. 1969 * *action* can be one of: 1970 * 1971 * **SEG6_LOCAL_ACTION_END_X** 1972 * End.X action: Endpoint with Layer-3 cross-connect. 1973 * Type of *param*: **struct in6_addr**. 1974 * **SEG6_LOCAL_ACTION_END_T** 1975 * End.T action: Endpoint with specific IPv6 table lookup. 1976 * Type of *param*: **int**. 1977 * **SEG6_LOCAL_ACTION_END_B6** 1978 * End.B6 action: Endpoint bound to an SRv6 policy. 1979 * Type of *param*: **struct ipv6_sr_hdr**. 1980 * **SEG6_LOCAL_ACTION_END_B6_ENCAP** 1981 * End.B6.Encap action: Endpoint bound to an SRv6 1982 * encapsulation policy. 1983 * Type of *param*: **struct ipv6_sr_hdr**. 1984 * 1985 * A call to this helper is susceptible to change the underlying 1986 * packet buffer. Therefore, at load time, all checks on pointers 1987 * previously done by the verifier are invalidated and must be 1988 * performed again, if the helper is used in combination with 1989 * direct packet access. 1990 * 1991 * Returns 1992 * 0 on success, or a negative error in case of failure. 1993 */ 1994 static long (*bpf_lwt_seg6_action)(struct __sk_buff *skb, __u32 action, void *param, __u32 param_len) = (void *) 76; 1995 1996 /* 1997 * bpf_rc_repeat 1998 * 1999 * This helper is used in programs implementing IR decoding, to 2000 * report a successfully decoded repeat key message. This delays 2001 * the generation of a key up event for previously generated 2002 * key down event. 2003 * 2004 * Some IR protocols like NEC have a special IR message for 2005 * repeating last button, for when a button is held down. 2006 * 2007 * The *ctx* should point to the lirc sample as passed into 2008 * the program. 2009 * 2010 * This helper is only available is the kernel was compiled with 2011 * the **CONFIG_BPF_LIRC_MODE2** configuration option set to 2012 * "**y**". 2013 * 2014 * Returns 2015 * 0 2016 */ 2017 static long (*bpf_rc_repeat)(void *ctx) = (void *) 77; 2018 2019 /* 2020 * bpf_rc_keydown 2021 * 2022 * This helper is used in programs implementing IR decoding, to 2023 * report a successfully decoded key press with *scancode*, 2024 * *toggle* value in the given *protocol*. The scancode will be 2025 * translated to a keycode using the rc keymap, and reported as 2026 * an input key down event. After a period a key up event is 2027 * generated. This period can be extended by calling either 2028 * **bpf_rc_keydown**\ () again with the same values, or calling 2029 * **bpf_rc_repeat**\ (). 2030 * 2031 * Some protocols include a toggle bit, in case the button was 2032 * released and pressed again between consecutive scancodes. 2033 * 2034 * The *ctx* should point to the lirc sample as passed into 2035 * the program. 2036 * 2037 * The *protocol* is the decoded protocol number (see 2038 * **enum rc_proto** for some predefined values). 2039 * 2040 * This helper is only available is the kernel was compiled with 2041 * the **CONFIG_BPF_LIRC_MODE2** configuration option set to 2042 * "**y**". 2043 * 2044 * Returns 2045 * 0 2046 */ 2047 static long (*bpf_rc_keydown)(void *ctx, __u32 protocol, __u64 scancode, __u32 toggle) = (void *) 78; 2048 2049 /* 2050 * bpf_skb_cgroup_id 2051 * 2052 * Return the cgroup v2 id of the socket associated with the *skb*. 2053 * This is roughly similar to the **bpf_get_cgroup_classid**\ () 2054 * helper for cgroup v1 by providing a tag resp. identifier that 2055 * can be matched on or used for map lookups e.g. to implement 2056 * policy. The cgroup v2 id of a given path in the hierarchy is 2057 * exposed in user space through the f_handle API in order to get 2058 * to the same 64-bit id. 2059 * 2060 * This helper can be used on TC egress path, but not on ingress, 2061 * and is available only if the kernel was compiled with the 2062 * **CONFIG_SOCK_CGROUP_DATA** configuration option. 2063 * 2064 * Returns 2065 * The id is returned or 0 in case the id could not be retrieved. 2066 */ 2067 static __u64 (*bpf_skb_cgroup_id)(struct __sk_buff *skb) = (void *) 79; 2068 2069 /* 2070 * bpf_get_current_cgroup_id 2071 * 2072 * Get the current cgroup id based on the cgroup within which 2073 * the current task is running. 2074 * 2075 * Returns 2076 * A 64-bit integer containing the current cgroup id based 2077 * on the cgroup within which the current task is running. 2078 */ 2079 static __u64 (*bpf_get_current_cgroup_id)(void) = (void *) 80; 2080 2081 /* 2082 * bpf_get_local_storage 2083 * 2084 * Get the pointer to the local storage area. 2085 * The type and the size of the local storage is defined 2086 * by the *map* argument. 2087 * The *flags* meaning is specific for each map type, 2088 * and has to be 0 for cgroup local storage. 2089 * 2090 * Depending on the BPF program type, a local storage area 2091 * can be shared between multiple instances of the BPF program, 2092 * running simultaneously. 2093 * 2094 * A user should care about the synchronization by himself. 2095 * For example, by using the **BPF_ATOMIC** instructions to alter 2096 * the shared data. 2097 * 2098 * Returns 2099 * A pointer to the local storage area. 2100 */ 2101 static void *(*bpf_get_local_storage)(void *map, __u64 flags) = (void *) 81; 2102 2103 /* 2104 * bpf_sk_select_reuseport 2105 * 2106 * Select a **SO_REUSEPORT** socket from a 2107 * **BPF_MAP_TYPE_REUSEPORT_SOCKARRAY** *map*. 2108 * It checks the selected socket is matching the incoming 2109 * request in the socket buffer. 2110 * 2111 * Returns 2112 * 0 on success, or a negative error in case of failure. 2113 */ 2114 static long (*bpf_sk_select_reuseport)(struct sk_reuseport_md *reuse, void *map, void *key, __u64 flags) = (void *) 82; 2115 2116 /* 2117 * bpf_skb_ancestor_cgroup_id 2118 * 2119 * Return id of cgroup v2 that is ancestor of cgroup associated 2120 * with the *skb* at the *ancestor_level*. The root cgroup is at 2121 * *ancestor_level* zero and each step down the hierarchy 2122 * increments the level. If *ancestor_level* == level of cgroup 2123 * associated with *skb*, then return value will be same as that 2124 * of **bpf_skb_cgroup_id**\ (). 2125 * 2126 * The helper is useful to implement policies based on cgroups 2127 * that are upper in hierarchy than immediate cgroup associated 2128 * with *skb*. 2129 * 2130 * The format of returned id and helper limitations are same as in 2131 * **bpf_skb_cgroup_id**\ (). 2132 * 2133 * Returns 2134 * The id is returned or 0 in case the id could not be retrieved. 2135 */ 2136 static __u64 (*bpf_skb_ancestor_cgroup_id)(struct __sk_buff *skb, int ancestor_level) = (void *) 83; 2137 2138 /* 2139 * bpf_sk_lookup_tcp 2140 * 2141 * Look for TCP socket matching *tuple*, optionally in a child 2142 * network namespace *netns*. The return value must be checked, 2143 * and if non-**NULL**, released via **bpf_sk_release**\ (). 2144 * 2145 * The *ctx* should point to the context of the program, such as 2146 * the skb or socket (depending on the hook in use). This is used 2147 * to determine the base network namespace for the lookup. 2148 * 2149 * *tuple_size* must be one of: 2150 * 2151 * **sizeof**\ (*tuple*\ **->ipv4**) 2152 * Look for an IPv4 socket. 2153 * **sizeof**\ (*tuple*\ **->ipv6**) 2154 * Look for an IPv6 socket. 2155 * 2156 * If the *netns* is a negative signed 32-bit integer, then the 2157 * socket lookup table in the netns associated with the *ctx* 2158 * will be used. For the TC hooks, this is the netns of the device 2159 * in the skb. For socket hooks, this is the netns of the socket. 2160 * If *netns* is any other signed 32-bit value greater than or 2161 * equal to zero then it specifies the ID of the netns relative to 2162 * the netns associated with the *ctx*. *netns* values beyond the 2163 * range of 32-bit integers are reserved for future use. 2164 * 2165 * All values for *flags* are reserved for future usage, and must 2166 * be left at zero. 2167 * 2168 * This helper is available only if the kernel was compiled with 2169 * **CONFIG_NET** configuration option. 2170 * 2171 * Returns 2172 * Pointer to **struct bpf_sock**, or **NULL** in case of failure. 2173 * For sockets with reuseport option, the **struct bpf_sock** 2174 * result is from *reuse*\ **->socks**\ [] using the hash of the 2175 * tuple. 2176 */ 2177 static struct bpf_sock *(*bpf_sk_lookup_tcp)(void *ctx, struct bpf_sock_tuple *tuple, __u32 tuple_size, __u64 netns, __u64 flags) = (void *) 84; 2178 2179 /* 2180 * bpf_sk_lookup_udp 2181 * 2182 * Look for UDP socket matching *tuple*, optionally in a child 2183 * network namespace *netns*. The return value must be checked, 2184 * and if non-**NULL**, released via **bpf_sk_release**\ (). 2185 * 2186 * The *ctx* should point to the context of the program, such as 2187 * the skb or socket (depending on the hook in use). This is used 2188 * to determine the base network namespace for the lookup. 2189 * 2190 * *tuple_size* must be one of: 2191 * 2192 * **sizeof**\ (*tuple*\ **->ipv4**) 2193 * Look for an IPv4 socket. 2194 * **sizeof**\ (*tuple*\ **->ipv6**) 2195 * Look for an IPv6 socket. 2196 * 2197 * If the *netns* is a negative signed 32-bit integer, then the 2198 * socket lookup table in the netns associated with the *ctx* 2199 * will be used. For the TC hooks, this is the netns of the device 2200 * in the skb. For socket hooks, this is the netns of the socket. 2201 * If *netns* is any other signed 32-bit value greater than or 2202 * equal to zero then it specifies the ID of the netns relative to 2203 * the netns associated with the *ctx*. *netns* values beyond the 2204 * range of 32-bit integers are reserved for future use. 2205 * 2206 * All values for *flags* are reserved for future usage, and must 2207 * be left at zero. 2208 * 2209 * This helper is available only if the kernel was compiled with 2210 * **CONFIG_NET** configuration option. 2211 * 2212 * Returns 2213 * Pointer to **struct bpf_sock**, or **NULL** in case of failure. 2214 * For sockets with reuseport option, the **struct bpf_sock** 2215 * result is from *reuse*\ **->socks**\ [] using the hash of the 2216 * tuple. 2217 */ 2218 static struct bpf_sock *(*bpf_sk_lookup_udp)(void *ctx, struct bpf_sock_tuple *tuple, __u32 tuple_size, __u64 netns, __u64 flags) = (void *) 85; 2219 2220 /* 2221 * bpf_sk_release 2222 * 2223 * Release the reference held by *sock*. *sock* must be a 2224 * non-**NULL** pointer that was returned from 2225 * **bpf_sk_lookup_xxx**\ (). 2226 * 2227 * Returns 2228 * 0 on success, or a negative error in case of failure. 2229 */ 2230 static long (*bpf_sk_release)(void *sock) = (void *) 86; 2231 2232 /* 2233 * bpf_map_push_elem 2234 * 2235 * Push an element *value* in *map*. *flags* is one of: 2236 * 2237 * **BPF_EXIST** 2238 * If the queue/stack is full, the oldest element is 2239 * removed to make room for this. 2240 * 2241 * Returns 2242 * 0 on success, or a negative error in case of failure. 2243 */ 2244 static long (*bpf_map_push_elem)(void *map, const void *value, __u64 flags) = (void *) 87; 2245 2246 /* 2247 * bpf_map_pop_elem 2248 * 2249 * Pop an element from *map*. 2250 * 2251 * Returns 2252 * 0 on success, or a negative error in case of failure. 2253 */ 2254 static long (*bpf_map_pop_elem)(void *map, void *value) = (void *) 88; 2255 2256 /* 2257 * bpf_map_peek_elem 2258 * 2259 * Get an element from *map* without removing it. 2260 * 2261 * Returns 2262 * 0 on success, or a negative error in case of failure. 2263 */ 2264 static long (*bpf_map_peek_elem)(void *map, void *value) = (void *) 89; 2265 2266 /* 2267 * bpf_msg_push_data 2268 * 2269 * For socket policies, insert *len* bytes into *msg* at offset 2270 * *start*. 2271 * 2272 * If a program of type **BPF_PROG_TYPE_SK_MSG** is run on a 2273 * *msg* it may want to insert metadata or options into the *msg*. 2274 * This can later be read and used by any of the lower layer BPF 2275 * hooks. 2276 * 2277 * This helper may fail if under memory pressure (a malloc 2278 * fails) in these cases BPF programs will get an appropriate 2279 * error and BPF programs will need to handle them. 2280 * 2281 * Returns 2282 * 0 on success, or a negative error in case of failure. 2283 */ 2284 static long (*bpf_msg_push_data)(struct sk_msg_md *msg, __u32 start, __u32 len, __u64 flags) = (void *) 90; 2285 2286 /* 2287 * bpf_msg_pop_data 2288 * 2289 * Will remove *len* bytes from a *msg* starting at byte *start*. 2290 * This may result in **ENOMEM** errors under certain situations if 2291 * an allocation and copy are required due to a full ring buffer. 2292 * However, the helper will try to avoid doing the allocation 2293 * if possible. Other errors can occur if input parameters are 2294 * invalid either due to *start* byte not being valid part of *msg* 2295 * payload and/or *pop* value being to large. 2296 * 2297 * Returns 2298 * 0 on success, or a negative error in case of failure. 2299 */ 2300 static long (*bpf_msg_pop_data)(struct sk_msg_md *msg, __u32 start, __u32 len, __u64 flags) = (void *) 91; 2301 2302 /* 2303 * bpf_rc_pointer_rel 2304 * 2305 * This helper is used in programs implementing IR decoding, to 2306 * report a successfully decoded pointer movement. 2307 * 2308 * The *ctx* should point to the lirc sample as passed into 2309 * the program. 2310 * 2311 * This helper is only available is the kernel was compiled with 2312 * the **CONFIG_BPF_LIRC_MODE2** configuration option set to 2313 * "**y**". 2314 * 2315 * Returns 2316 * 0 2317 */ 2318 static long (*bpf_rc_pointer_rel)(void *ctx, __s32 rel_x, __s32 rel_y) = (void *) 92; 2319 2320 /* 2321 * bpf_spin_lock 2322 * 2323 * Acquire a spinlock represented by the pointer *lock*, which is 2324 * stored as part of a value of a map. Taking the lock allows to 2325 * safely update the rest of the fields in that value. The 2326 * spinlock can (and must) later be released with a call to 2327 * **bpf_spin_unlock**\ (\ *lock*\ ). 2328 * 2329 * Spinlocks in BPF programs come with a number of restrictions 2330 * and constraints: 2331 * 2332 * * **bpf_spin_lock** objects are only allowed inside maps of 2333 * types **BPF_MAP_TYPE_HASH** and **BPF_MAP_TYPE_ARRAY** (this 2334 * list could be extended in the future). 2335 * * BTF description of the map is mandatory. 2336 * * The BPF program can take ONE lock at a time, since taking two 2337 * or more could cause dead locks. 2338 * * Only one **struct bpf_spin_lock** is allowed per map element. 2339 * * When the lock is taken, calls (either BPF to BPF or helpers) 2340 * are not allowed. 2341 * * The **BPF_LD_ABS** and **BPF_LD_IND** instructions are not 2342 * allowed inside a spinlock-ed region. 2343 * * The BPF program MUST call **bpf_spin_unlock**\ () to release 2344 * the lock, on all execution paths, before it returns. 2345 * * The BPF program can access **struct bpf_spin_lock** only via 2346 * the **bpf_spin_lock**\ () and **bpf_spin_unlock**\ () 2347 * helpers. Loading or storing data into the **struct 2348 * bpf_spin_lock** *lock*\ **;** field of a map is not allowed. 2349 * * To use the **bpf_spin_lock**\ () helper, the BTF description 2350 * of the map value must be a struct and have **struct 2351 * bpf_spin_lock** *anyname*\ **;** field at the top level. 2352 * Nested lock inside another struct is not allowed. 2353 * * The **struct bpf_spin_lock** *lock* field in a map value must 2354 * be aligned on a multiple of 4 bytes in that value. 2355 * * Syscall with command **BPF_MAP_LOOKUP_ELEM** does not copy 2356 * the **bpf_spin_lock** field to user space. 2357 * * Syscall with command **BPF_MAP_UPDATE_ELEM**, or update from 2358 * a BPF program, do not update the **bpf_spin_lock** field. 2359 * * **bpf_spin_lock** cannot be on the stack or inside a 2360 * networking packet (it can only be inside of a map values). 2361 * * **bpf_spin_lock** is available to root only. 2362 * * Tracing programs and socket filter programs cannot use 2363 * **bpf_spin_lock**\ () due to insufficient preemption checks 2364 * (but this may change in the future). 2365 * * **bpf_spin_lock** is not allowed in inner maps of map-in-map. 2366 * 2367 * Returns 2368 * 0 2369 */ 2370 static long (*bpf_spin_lock)(struct bpf_spin_lock *lock) = (void *) 93; 2371 2372 /* 2373 * bpf_spin_unlock 2374 * 2375 * Release the *lock* previously locked by a call to 2376 * **bpf_spin_lock**\ (\ *lock*\ ). 2377 * 2378 * Returns 2379 * 0 2380 */ 2381 static long (*bpf_spin_unlock)(struct bpf_spin_lock *lock) = (void *) 94; 2382 2383 /* 2384 * bpf_sk_fullsock 2385 * 2386 * This helper gets a **struct bpf_sock** pointer such 2387 * that all the fields in this **bpf_sock** can be accessed. 2388 * 2389 * Returns 2390 * A **struct bpf_sock** pointer on success, or **NULL** in 2391 * case of failure. 2392 */ 2393 static struct bpf_sock *(*bpf_sk_fullsock)(struct bpf_sock *sk) = (void *) 95; 2394 2395 /* 2396 * bpf_tcp_sock 2397 * 2398 * This helper gets a **struct bpf_tcp_sock** pointer from a 2399 * **struct bpf_sock** pointer. 2400 * 2401 * Returns 2402 * A **struct bpf_tcp_sock** pointer on success, or **NULL** in 2403 * case of failure. 2404 */ 2405 static struct bpf_tcp_sock *(*bpf_tcp_sock)(struct bpf_sock *sk) = (void *) 96; 2406 2407 /* 2408 * bpf_skb_ecn_set_ce 2409 * 2410 * Set ECN (Explicit Congestion Notification) field of IP header 2411 * to **CE** (Congestion Encountered) if current value is **ECT** 2412 * (ECN Capable Transport). Otherwise, do nothing. Works with IPv6 2413 * and IPv4. 2414 * 2415 * Returns 2416 * 1 if the **CE** flag is set (either by the current helper call 2417 * or because it was already present), 0 if it is not set. 2418 */ 2419 static long (*bpf_skb_ecn_set_ce)(struct __sk_buff *skb) = (void *) 97; 2420 2421 /* 2422 * bpf_get_listener_sock 2423 * 2424 * Return a **struct bpf_sock** pointer in **TCP_LISTEN** state. 2425 * **bpf_sk_release**\ () is unnecessary and not allowed. 2426 * 2427 * Returns 2428 * A **struct bpf_sock** pointer on success, or **NULL** in 2429 * case of failure. 2430 */ 2431 static struct bpf_sock *(*bpf_get_listener_sock)(struct bpf_sock *sk) = (void *) 98; 2432 2433 /* 2434 * bpf_skc_lookup_tcp 2435 * 2436 * Look for TCP socket matching *tuple*, optionally in a child 2437 * network namespace *netns*. The return value must be checked, 2438 * and if non-**NULL**, released via **bpf_sk_release**\ (). 2439 * 2440 * This function is identical to **bpf_sk_lookup_tcp**\ (), except 2441 * that it also returns timewait or request sockets. Use 2442 * **bpf_sk_fullsock**\ () or **bpf_tcp_sock**\ () to access the 2443 * full structure. 2444 * 2445 * This helper is available only if the kernel was compiled with 2446 * **CONFIG_NET** configuration option. 2447 * 2448 * Returns 2449 * Pointer to **struct bpf_sock**, or **NULL** in case of failure. 2450 * For sockets with reuseport option, the **struct bpf_sock** 2451 * result is from *reuse*\ **->socks**\ [] using the hash of the 2452 * tuple. 2453 */ 2454 static struct bpf_sock *(*bpf_skc_lookup_tcp)(void *ctx, struct bpf_sock_tuple *tuple, __u32 tuple_size, __u64 netns, __u64 flags) = (void *) 99; 2455 2456 /* 2457 * bpf_tcp_check_syncookie 2458 * 2459 * Check whether *iph* and *th* contain a valid SYN cookie ACK for 2460 * the listening socket in *sk*. 2461 * 2462 * *iph* points to the start of the IPv4 or IPv6 header, while 2463 * *iph_len* contains **sizeof**\ (**struct iphdr**) or 2464 * **sizeof**\ (**struct ip6hdr**). 2465 * 2466 * *th* points to the start of the TCP header, while *th_len* 2467 * contains **sizeof**\ (**struct tcphdr**). 2468 * 2469 * Returns 2470 * 0 if *iph* and *th* are a valid SYN cookie ACK, or a negative 2471 * error otherwise. 2472 */ 2473 static long (*bpf_tcp_check_syncookie)(void *sk, void *iph, __u32 iph_len, struct tcphdr *th, __u32 th_len) = (void *) 100; 2474 2475 /* 2476 * bpf_sysctl_get_name 2477 * 2478 * Get name of sysctl in /proc/sys/ and copy it into provided by 2479 * program buffer *buf* of size *buf_len*. 2480 * 2481 * The buffer is always NUL terminated, unless it's zero-sized. 2482 * 2483 * If *flags* is zero, full name (e.g. "net/ipv4/tcp_mem") is 2484 * copied. Use **BPF_F_SYSCTL_BASE_NAME** flag to copy base name 2485 * only (e.g. "tcp_mem"). 2486 * 2487 * Returns 2488 * Number of character copied (not including the trailing NUL). 2489 * 2490 * **-E2BIG** if the buffer wasn't big enough (*buf* will contain 2491 * truncated name in this case). 2492 */ 2493 static long (*bpf_sysctl_get_name)(struct bpf_sysctl *ctx, char *buf, unsigned long buf_len, __u64 flags) = (void *) 101; 2494 2495 /* 2496 * bpf_sysctl_get_current_value 2497 * 2498 * Get current value of sysctl as it is presented in /proc/sys 2499 * (incl. newline, etc), and copy it as a string into provided 2500 * by program buffer *buf* of size *buf_len*. 2501 * 2502 * The whole value is copied, no matter what file position user 2503 * space issued e.g. sys_read at. 2504 * 2505 * The buffer is always NUL terminated, unless it's zero-sized. 2506 * 2507 * Returns 2508 * Number of character copied (not including the trailing NUL). 2509 * 2510 * **-E2BIG** if the buffer wasn't big enough (*buf* will contain 2511 * truncated name in this case). 2512 * 2513 * **-EINVAL** if current value was unavailable, e.g. because 2514 * sysctl is uninitialized and read returns -EIO for it. 2515 */ 2516 static long (*bpf_sysctl_get_current_value)(struct bpf_sysctl *ctx, char *buf, unsigned long buf_len) = (void *) 102; 2517 2518 /* 2519 * bpf_sysctl_get_new_value 2520 * 2521 * Get new value being written by user space to sysctl (before 2522 * the actual write happens) and copy it as a string into 2523 * provided by program buffer *buf* of size *buf_len*. 2524 * 2525 * User space may write new value at file position > 0. 2526 * 2527 * The buffer is always NUL terminated, unless it's zero-sized. 2528 * 2529 * Returns 2530 * Number of character copied (not including the trailing NUL). 2531 * 2532 * **-E2BIG** if the buffer wasn't big enough (*buf* will contain 2533 * truncated name in this case). 2534 * 2535 * **-EINVAL** if sysctl is being read. 2536 */ 2537 static long (*bpf_sysctl_get_new_value)(struct bpf_sysctl *ctx, char *buf, unsigned long buf_len) = (void *) 103; 2538 2539 /* 2540 * bpf_sysctl_set_new_value 2541 * 2542 * Override new value being written by user space to sysctl with 2543 * value provided by program in buffer *buf* of size *buf_len*. 2544 * 2545 * *buf* should contain a string in same form as provided by user 2546 * space on sysctl write. 2547 * 2548 * User space may write new value at file position > 0. To override 2549 * the whole sysctl value file position should be set to zero. 2550 * 2551 * Returns 2552 * 0 on success. 2553 * 2554 * **-E2BIG** if the *buf_len* is too big. 2555 * 2556 * **-EINVAL** if sysctl is being read. 2557 */ 2558 static long (*bpf_sysctl_set_new_value)(struct bpf_sysctl *ctx, const char *buf, unsigned long buf_len) = (void *) 104; 2559 2560 /* 2561 * bpf_strtol 2562 * 2563 * Convert the initial part of the string from buffer *buf* of 2564 * size *buf_len* to a long integer according to the given base 2565 * and save the result in *res*. 2566 * 2567 * The string may begin with an arbitrary amount of white space 2568 * (as determined by **isspace**\ (3)) followed by a single 2569 * optional '**-**' sign. 2570 * 2571 * Five least significant bits of *flags* encode base, other bits 2572 * are currently unused. 2573 * 2574 * Base must be either 8, 10, 16 or 0 to detect it automatically 2575 * similar to user space **strtol**\ (3). 2576 * 2577 * Returns 2578 * Number of characters consumed on success. Must be positive but 2579 * no more than *buf_len*. 2580 * 2581 * **-EINVAL** if no valid digits were found or unsupported base 2582 * was provided. 2583 * 2584 * **-ERANGE** if resulting value was out of range. 2585 */ 2586 static long (*bpf_strtol)(const char *buf, unsigned long buf_len, __u64 flags, long *res) = (void *) 105; 2587 2588 /* 2589 * bpf_strtoul 2590 * 2591 * Convert the initial part of the string from buffer *buf* of 2592 * size *buf_len* to an unsigned long integer according to the 2593 * given base and save the result in *res*. 2594 * 2595 * The string may begin with an arbitrary amount of white space 2596 * (as determined by **isspace**\ (3)). 2597 * 2598 * Five least significant bits of *flags* encode base, other bits 2599 * are currently unused. 2600 * 2601 * Base must be either 8, 10, 16 or 0 to detect it automatically 2602 * similar to user space **strtoul**\ (3). 2603 * 2604 * Returns 2605 * Number of characters consumed on success. Must be positive but 2606 * no more than *buf_len*. 2607 * 2608 * **-EINVAL** if no valid digits were found or unsupported base 2609 * was provided. 2610 * 2611 * **-ERANGE** if resulting value was out of range. 2612 */ 2613 static long (*bpf_strtoul)(const char *buf, unsigned long buf_len, __u64 flags, unsigned long *res) = (void *) 106; 2614 2615 /* 2616 * bpf_sk_storage_get 2617 * 2618 * Get a bpf-local-storage from a *sk*. 2619 * 2620 * Logically, it could be thought of getting the value from 2621 * a *map* with *sk* as the **key**. From this 2622 * perspective, the usage is not much different from 2623 * **bpf_map_lookup_elem**\ (*map*, **&**\ *sk*) except this 2624 * helper enforces the key must be a full socket and the map must 2625 * be a **BPF_MAP_TYPE_SK_STORAGE** also. 2626 * 2627 * Underneath, the value is stored locally at *sk* instead of 2628 * the *map*. The *map* is used as the bpf-local-storage 2629 * "type". The bpf-local-storage "type" (i.e. the *map*) is 2630 * searched against all bpf-local-storages residing at *sk*. 2631 * 2632 * *sk* is a kernel **struct sock** pointer for LSM program. 2633 * *sk* is a **struct bpf_sock** pointer for other program types. 2634 * 2635 * An optional *flags* (**BPF_SK_STORAGE_GET_F_CREATE**) can be 2636 * used such that a new bpf-local-storage will be 2637 * created if one does not exist. *value* can be used 2638 * together with **BPF_SK_STORAGE_GET_F_CREATE** to specify 2639 * the initial value of a bpf-local-storage. If *value* is 2640 * **NULL**, the new bpf-local-storage will be zero initialized. 2641 * 2642 * Returns 2643 * A bpf-local-storage pointer is returned on success. 2644 * 2645 * **NULL** if not found or there was an error in adding 2646 * a new bpf-local-storage. 2647 */ 2648 static void *(*bpf_sk_storage_get)(void *map, void *sk, void *value, __u64 flags) = (void *) 107; 2649 2650 /* 2651 * bpf_sk_storage_delete 2652 * 2653 * Delete a bpf-local-storage from a *sk*. 2654 * 2655 * Returns 2656 * 0 on success. 2657 * 2658 * **-ENOENT** if the bpf-local-storage cannot be found. 2659 * **-EINVAL** if sk is not a fullsock (e.g. a request_sock). 2660 */ 2661 static long (*bpf_sk_storage_delete)(void *map, void *sk) = (void *) 108; 2662 2663 /* 2664 * bpf_send_signal 2665 * 2666 * Send signal *sig* to the process of the current task. 2667 * The signal may be delivered to any of this process's threads. 2668 * 2669 * Returns 2670 * 0 on success or successfully queued. 2671 * 2672 * **-EBUSY** if work queue under nmi is full. 2673 * 2674 * **-EINVAL** if *sig* is invalid. 2675 * 2676 * **-EPERM** if no permission to send the *sig*. 2677 * 2678 * **-EAGAIN** if bpf program can try again. 2679 */ 2680 static long (*bpf_send_signal)(__u32 sig) = (void *) 109; 2681 2682 /* 2683 * bpf_tcp_gen_syncookie 2684 * 2685 * Try to issue a SYN cookie for the packet with corresponding 2686 * IP/TCP headers, *iph* and *th*, on the listening socket in *sk*. 2687 * 2688 * *iph* points to the start of the IPv4 or IPv6 header, while 2689 * *iph_len* contains **sizeof**\ (**struct iphdr**) or 2690 * **sizeof**\ (**struct ip6hdr**). 2691 * 2692 * *th* points to the start of the TCP header, while *th_len* 2693 * contains the length of the TCP header. 2694 * 2695 * Returns 2696 * On success, lower 32 bits hold the generated SYN cookie in 2697 * followed by 16 bits which hold the MSS value for that cookie, 2698 * and the top 16 bits are unused. 2699 * 2700 * On failure, the returned value is one of the following: 2701 * 2702 * **-EINVAL** SYN cookie cannot be issued due to error 2703 * 2704 * **-ENOENT** SYN cookie should not be issued (no SYN flood) 2705 * 2706 * **-EOPNOTSUPP** kernel configuration does not enable SYN cookies 2707 * 2708 * **-EPROTONOSUPPORT** IP packet version is not 4 or 6 2709 */ 2710 static __s64 (*bpf_tcp_gen_syncookie)(void *sk, void *iph, __u32 iph_len, struct tcphdr *th, __u32 th_len) = (void *) 110; 2711 2712 /* 2713 * bpf_skb_output 2714 * 2715 * Write raw *data* blob into a special BPF perf event held by 2716 * *map* of type **BPF_MAP_TYPE_PERF_EVENT_ARRAY**. This perf 2717 * event must have the following attributes: **PERF_SAMPLE_RAW** 2718 * as **sample_type**, **PERF_TYPE_SOFTWARE** as **type**, and 2719 * **PERF_COUNT_SW_BPF_OUTPUT** as **config**. 2720 * 2721 * The *flags* are used to indicate the index in *map* for which 2722 * the value must be put, masked with **BPF_F_INDEX_MASK**. 2723 * Alternatively, *flags* can be set to **BPF_F_CURRENT_CPU** 2724 * to indicate that the index of the current CPU core should be 2725 * used. 2726 * 2727 * The value to write, of *size*, is passed through eBPF stack and 2728 * pointed by *data*. 2729 * 2730 * *ctx* is a pointer to in-kernel struct sk_buff. 2731 * 2732 * This helper is similar to **bpf_perf_event_output**\ () but 2733 * restricted to raw_tracepoint bpf programs. 2734 * 2735 * Returns 2736 * 0 on success, or a negative error in case of failure. 2737 */ 2738 static long (*bpf_skb_output)(void *ctx, void *map, __u64 flags, void *data, __u64 size) = (void *) 111; 2739 2740 /* 2741 * bpf_probe_read_user 2742 * 2743 * Safely attempt to read *size* bytes from user space address 2744 * *unsafe_ptr* and store the data in *dst*. 2745 * 2746 * Returns 2747 * 0 on success, or a negative error in case of failure. 2748 */ 2749 static long (*bpf_probe_read_user)(void *dst, __u32 size, const void *unsafe_ptr) = (void *) 112; 2750 2751 /* 2752 * bpf_probe_read_kernel 2753 * 2754 * Safely attempt to read *size* bytes from kernel space address 2755 * *unsafe_ptr* and store the data in *dst*. 2756 * 2757 * Returns 2758 * 0 on success, or a negative error in case of failure. 2759 */ 2760 static long (*bpf_probe_read_kernel)(void *dst, __u32 size, const void *unsafe_ptr) = (void *) 113; 2761 2762 /* 2763 * bpf_probe_read_user_str 2764 * 2765 * Copy a NUL terminated string from an unsafe user address 2766 * *unsafe_ptr* to *dst*. The *size* should include the 2767 * terminating NUL byte. In case the string length is smaller than 2768 * *size*, the target is not padded with further NUL bytes. If the 2769 * string length is larger than *size*, just *size*-1 bytes are 2770 * copied and the last byte is set to NUL. 2771 * 2772 * On success, returns the number of bytes that were written, 2773 * including the terminal NUL. This makes this helper useful in 2774 * tracing programs for reading strings, and more importantly to 2775 * get its length at runtime. See the following snippet: 2776 * 2777 * :: 2778 * 2779 * SEC("kprobe/sys_open") 2780 * void bpf_sys_open(struct pt_regs *ctx) 2781 * { 2782 * char buf[PATHLEN]; // PATHLEN is defined to 256 2783 * int res = bpf_probe_read_user_str(buf, sizeof(buf), 2784 * ctx->di); 2785 * 2786 * // Consume buf, for example push it to 2787 * // userspace via bpf_perf_event_output(); we 2788 * // can use res (the string length) as event 2789 * // size, after checking its boundaries. 2790 * } 2791 * 2792 * In comparison, using **bpf_probe_read_user**\ () helper here 2793 * instead to read the string would require to estimate the length 2794 * at compile time, and would often result in copying more memory 2795 * than necessary. 2796 * 2797 * Another useful use case is when parsing individual process 2798 * arguments or individual environment variables navigating 2799 * *current*\ **->mm->arg_start** and *current*\ 2800 * **->mm->env_start**: using this helper and the return value, 2801 * one can quickly iterate at the right offset of the memory area. 2802 * 2803 * Returns 2804 * On success, the strictly positive length of the output string, 2805 * including the trailing NUL character. On error, a negative 2806 * value. 2807 */ 2808 static long (*bpf_probe_read_user_str)(void *dst, __u32 size, const void *unsafe_ptr) = (void *) 114; 2809 2810 /* 2811 * bpf_probe_read_kernel_str 2812 * 2813 * Copy a NUL terminated string from an unsafe kernel address *unsafe_ptr* 2814 * to *dst*. Same semantics as with **bpf_probe_read_user_str**\ () apply. 2815 * 2816 * Returns 2817 * On success, the strictly positive length of the string, including 2818 * the trailing NUL character. On error, a negative value. 2819 */ 2820 static long (*bpf_probe_read_kernel_str)(void *dst, __u32 size, const void *unsafe_ptr) = (void *) 115; 2821 2822 /* 2823 * bpf_tcp_send_ack 2824 * 2825 * Send out a tcp-ack. *tp* is the in-kernel struct **tcp_sock**. 2826 * *rcv_nxt* is the ack_seq to be sent out. 2827 * 2828 * Returns 2829 * 0 on success, or a negative error in case of failure. 2830 */ 2831 static long (*bpf_tcp_send_ack)(void *tp, __u32 rcv_nxt) = (void *) 116; 2832 2833 /* 2834 * bpf_send_signal_thread 2835 * 2836 * Send signal *sig* to the thread corresponding to the current task. 2837 * 2838 * Returns 2839 * 0 on success or successfully queued. 2840 * 2841 * **-EBUSY** if work queue under nmi is full. 2842 * 2843 * **-EINVAL** if *sig* is invalid. 2844 * 2845 * **-EPERM** if no permission to send the *sig*. 2846 * 2847 * **-EAGAIN** if bpf program can try again. 2848 */ 2849 static long (*bpf_send_signal_thread)(__u32 sig) = (void *) 117; 2850 2851 /* 2852 * bpf_jiffies64 2853 * 2854 * Obtain the 64bit jiffies 2855 * 2856 * Returns 2857 * The 64 bit jiffies 2858 */ 2859 static __u64 (*bpf_jiffies64)(void) = (void *) 118; 2860 2861 /* 2862 * bpf_read_branch_records 2863 * 2864 * For an eBPF program attached to a perf event, retrieve the 2865 * branch records (**struct perf_branch_entry**) associated to *ctx* 2866 * and store it in the buffer pointed by *buf* up to size 2867 * *size* bytes. 2868 * 2869 * Returns 2870 * On success, number of bytes written to *buf*. On error, a 2871 * negative value. 2872 * 2873 * The *flags* can be set to **BPF_F_GET_BRANCH_RECORDS_SIZE** to 2874 * instead return the number of bytes required to store all the 2875 * branch entries. If this flag is set, *buf* may be NULL. 2876 * 2877 * **-EINVAL** if arguments invalid or **size** not a multiple 2878 * of **sizeof**\ (**struct perf_branch_entry**\ ). 2879 * 2880 * **-ENOENT** if architecture does not support branch records. 2881 */ 2882 static long (*bpf_read_branch_records)(struct bpf_perf_event_data *ctx, void *buf, __u32 size, __u64 flags) = (void *) 119; 2883 2884 /* 2885 * bpf_get_ns_current_pid_tgid 2886 * 2887 * Returns 0 on success, values for *pid* and *tgid* as seen from the current 2888 * *namespace* will be returned in *nsdata*. 2889 * 2890 * Returns 2891 * 0 on success, or one of the following in case of failure: 2892 * 2893 * **-EINVAL** if dev and inum supplied don't match dev_t and inode number 2894 * with nsfs of current task, or if dev conversion to dev_t lost high bits. 2895 * 2896 * **-ENOENT** if pidns does not exists for the current task. 2897 */ 2898 static long (*bpf_get_ns_current_pid_tgid)(__u64 dev, __u64 ino, struct bpf_pidns_info *nsdata, __u32 size) = (void *) 120; 2899 2900 /* 2901 * bpf_xdp_output 2902 * 2903 * Write raw *data* blob into a special BPF perf event held by 2904 * *map* of type **BPF_MAP_TYPE_PERF_EVENT_ARRAY**. This perf 2905 * event must have the following attributes: **PERF_SAMPLE_RAW** 2906 * as **sample_type**, **PERF_TYPE_SOFTWARE** as **type**, and 2907 * **PERF_COUNT_SW_BPF_OUTPUT** as **config**. 2908 * 2909 * The *flags* are used to indicate the index in *map* for which 2910 * the value must be put, masked with **BPF_F_INDEX_MASK**. 2911 * Alternatively, *flags* can be set to **BPF_F_CURRENT_CPU** 2912 * to indicate that the index of the current CPU core should be 2913 * used. 2914 * 2915 * The value to write, of *size*, is passed through eBPF stack and 2916 * pointed by *data*. 2917 * 2918 * *ctx* is a pointer to in-kernel struct xdp_buff. 2919 * 2920 * This helper is similar to **bpf_perf_eventoutput**\ () but 2921 * restricted to raw_tracepoint bpf programs. 2922 * 2923 * Returns 2924 * 0 on success, or a negative error in case of failure. 2925 */ 2926 static long (*bpf_xdp_output)(void *ctx, void *map, __u64 flags, void *data, __u64 size) = (void *) 121; 2927 2928 /* 2929 * bpf_get_netns_cookie 2930 * 2931 * Retrieve the cookie (generated by the kernel) of the network 2932 * namespace the input *ctx* is associated with. The network 2933 * namespace cookie remains stable for its lifetime and provides 2934 * a global identifier that can be assumed unique. If *ctx* is 2935 * NULL, then the helper returns the cookie for the initial 2936 * network namespace. The cookie itself is very similar to that 2937 * of **bpf_get_socket_cookie**\ () helper, but for network 2938 * namespaces instead of sockets. 2939 * 2940 * Returns 2941 * A 8-byte long opaque number. 2942 */ 2943 static __u64 (*bpf_get_netns_cookie)(void *ctx) = (void *) 122; 2944 2945 /* 2946 * bpf_get_current_ancestor_cgroup_id 2947 * 2948 * Return id of cgroup v2 that is ancestor of the cgroup associated 2949 * with the current task at the *ancestor_level*. The root cgroup 2950 * is at *ancestor_level* zero and each step down the hierarchy 2951 * increments the level. If *ancestor_level* == level of cgroup 2952 * associated with the current task, then return value will be the 2953 * same as that of **bpf_get_current_cgroup_id**\ (). 2954 * 2955 * The helper is useful to implement policies based on cgroups 2956 * that are upper in hierarchy than immediate cgroup associated 2957 * with the current task. 2958 * 2959 * The format of returned id and helper limitations are same as in 2960 * **bpf_get_current_cgroup_id**\ (). 2961 * 2962 * Returns 2963 * The id is returned or 0 in case the id could not be retrieved. 2964 */ 2965 static __u64 (*bpf_get_current_ancestor_cgroup_id)(int ancestor_level) = (void *) 123; 2966 2967 /* 2968 * bpf_sk_assign 2969 * 2970 * Helper is overloaded depending on BPF program type. This 2971 * description applies to **BPF_PROG_TYPE_SCHED_CLS** and 2972 * **BPF_PROG_TYPE_SCHED_ACT** programs. 2973 * 2974 * Assign the *sk* to the *skb*. When combined with appropriate 2975 * routing configuration to receive the packet towards the socket, 2976 * will cause *skb* to be delivered to the specified socket. 2977 * Subsequent redirection of *skb* via **bpf_redirect**\ (), 2978 * **bpf_clone_redirect**\ () or other methods outside of BPF may 2979 * interfere with successful delivery to the socket. 2980 * 2981 * This operation is only valid from TC ingress path. 2982 * 2983 * The *flags* argument must be zero. 2984 * 2985 * Returns 2986 * 0 on success, or a negative error in case of failure: 2987 * 2988 * **-EINVAL** if specified *flags* are not supported. 2989 * 2990 * **-ENOENT** if the socket is unavailable for assignment. 2991 * 2992 * **-ENETUNREACH** if the socket is unreachable (wrong netns). 2993 * 2994 * **-EOPNOTSUPP** if the operation is not supported, for example 2995 * a call from outside of TC ingress. 2996 * 2997 * **-ESOCKTNOSUPPORT** if the socket type is not supported 2998 * (reuseport). 2999 */ 3000 static long (*bpf_sk_assign)(void *ctx, void *sk, __u64 flags) = (void *) 124; 3001 3002 /* 3003 * bpf_ktime_get_boot_ns 3004 * 3005 * Return the time elapsed since system boot, in nanoseconds. 3006 * Does include the time the system was suspended. 3007 * See: **clock_gettime**\ (**CLOCK_BOOTTIME**) 3008 * 3009 * Returns 3010 * Current *ktime*. 3011 */ 3012 static __u64 (*bpf_ktime_get_boot_ns)(void) = (void *) 125; 3013 3014 /* 3015 * bpf_seq_printf 3016 * 3017 * **bpf_seq_printf**\ () uses seq_file **seq_printf**\ () to print 3018 * out the format string. 3019 * The *m* represents the seq_file. The *fmt* and *fmt_size* are for 3020 * the format string itself. The *data* and *data_len* are format string 3021 * arguments. The *data* are a **u64** array and corresponding format string 3022 * values are stored in the array. For strings and pointers where pointees 3023 * are accessed, only the pointer values are stored in the *data* array. 3024 * The *data_len* is the size of *data* in bytes - must be a multiple of 8. 3025 * 3026 * Formats **%s**, **%p{i,I}{4,6}** requires to read kernel memory. 3027 * Reading kernel memory may fail due to either invalid address or 3028 * valid address but requiring a major memory fault. If reading kernel memory 3029 * fails, the string for **%s** will be an empty string, and the ip 3030 * address for **%p{i,I}{4,6}** will be 0. Not returning error to 3031 * bpf program is consistent with what **bpf_trace_printk**\ () does for now. 3032 * 3033 * Returns 3034 * 0 on success, or a negative error in case of failure: 3035 * 3036 * **-EBUSY** if per-CPU memory copy buffer is busy, can try again 3037 * by returning 1 from bpf program. 3038 * 3039 * **-EINVAL** if arguments are invalid, or if *fmt* is invalid/unsupported. 3040 * 3041 * **-E2BIG** if *fmt* contains too many format specifiers. 3042 * 3043 * **-EOVERFLOW** if an overflow happened: The same object will be tried again. 3044 */ 3045 static long (*bpf_seq_printf)(struct seq_file *m, const char *fmt, __u32 fmt_size, const void *data, __u32 data_len) = (void *) 126; 3046 3047 /* 3048 * bpf_seq_write 3049 * 3050 * **bpf_seq_write**\ () uses seq_file **seq_write**\ () to write the data. 3051 * The *m* represents the seq_file. The *data* and *len* represent the 3052 * data to write in bytes. 3053 * 3054 * Returns 3055 * 0 on success, or a negative error in case of failure: 3056 * 3057 * **-EOVERFLOW** if an overflow happened: The same object will be tried again. 3058 */ 3059 static long (*bpf_seq_write)(struct seq_file *m, const void *data, __u32 len) = (void *) 127; 3060 3061 /* 3062 * bpf_sk_cgroup_id 3063 * 3064 * Return the cgroup v2 id of the socket *sk*. 3065 * 3066 * *sk* must be a non-**NULL** pointer to a socket, e.g. one 3067 * returned from **bpf_sk_lookup_xxx**\ (), 3068 * **bpf_sk_fullsock**\ (), etc. The format of returned id is 3069 * same as in **bpf_skb_cgroup_id**\ (). 3070 * 3071 * This helper is available only if the kernel was compiled with 3072 * the **CONFIG_SOCK_CGROUP_DATA** configuration option. 3073 * 3074 * Returns 3075 * The id is returned or 0 in case the id could not be retrieved. 3076 */ 3077 static __u64 (*bpf_sk_cgroup_id)(void *sk) = (void *) 128; 3078 3079 /* 3080 * bpf_sk_ancestor_cgroup_id 3081 * 3082 * Return id of cgroup v2 that is ancestor of cgroup associated 3083 * with the *sk* at the *ancestor_level*. The root cgroup is at 3084 * *ancestor_level* zero and each step down the hierarchy 3085 * increments the level. If *ancestor_level* == level of cgroup 3086 * associated with *sk*, then return value will be same as that 3087 * of **bpf_sk_cgroup_id**\ (). 3088 * 3089 * The helper is useful to implement policies based on cgroups 3090 * that are upper in hierarchy than immediate cgroup associated 3091 * with *sk*. 3092 * 3093 * The format of returned id and helper limitations are same as in 3094 * **bpf_sk_cgroup_id**\ (). 3095 * 3096 * Returns 3097 * The id is returned or 0 in case the id could not be retrieved. 3098 */ 3099 static __u64 (*bpf_sk_ancestor_cgroup_id)(void *sk, int ancestor_level) = (void *) 129; 3100 3101 /* 3102 * bpf_ringbuf_output 3103 * 3104 * Copy *size* bytes from *data* into a ring buffer *ringbuf*. 3105 * If **BPF_RB_NO_WAKEUP** is specified in *flags*, no notification 3106 * of new data availability is sent. 3107 * If **BPF_RB_FORCE_WAKEUP** is specified in *flags*, notification 3108 * of new data availability is sent unconditionally. 3109 * If **0** is specified in *flags*, an adaptive notification 3110 * of new data availability is sent. 3111 * 3112 * An adaptive notification is a notification sent whenever the user-space 3113 * process has caught up and consumed all available payloads. In case the user-space 3114 * process is still processing a previous payload, then no notification is needed 3115 * as it will process the newly added payload automatically. 3116 * 3117 * Returns 3118 * 0 on success, or a negative error in case of failure. 3119 */ 3120 static long (*bpf_ringbuf_output)(void *ringbuf, void *data, __u64 size, __u64 flags) = (void *) 130; 3121 3122 /* 3123 * bpf_ringbuf_reserve 3124 * 3125 * Reserve *size* bytes of payload in a ring buffer *ringbuf*. 3126 * *flags* must be 0. 3127 * 3128 * Returns 3129 * Valid pointer with *size* bytes of memory available; NULL, 3130 * otherwise. 3131 */ 3132 static void *(*bpf_ringbuf_reserve)(void *ringbuf, __u64 size, __u64 flags) = (void *) 131; 3133 3134 /* 3135 * bpf_ringbuf_submit 3136 * 3137 * Submit reserved ring buffer sample, pointed to by *data*. 3138 * If **BPF_RB_NO_WAKEUP** is specified in *flags*, no notification 3139 * of new data availability is sent. 3140 * If **BPF_RB_FORCE_WAKEUP** is specified in *flags*, notification 3141 * of new data availability is sent unconditionally. 3142 * If **0** is specified in *flags*, an adaptive notification 3143 * of new data availability is sent. 3144 * 3145 * See 'bpf_ringbuf_output()' for the definition of adaptive notification. 3146 * 3147 * Returns 3148 * Nothing. Always succeeds. 3149 */ 3150 static void (*bpf_ringbuf_submit)(void *data, __u64 flags) = (void *) 132; 3151 3152 /* 3153 * bpf_ringbuf_discard 3154 * 3155 * Discard reserved ring buffer sample, pointed to by *data*. 3156 * If **BPF_RB_NO_WAKEUP** is specified in *flags*, no notification 3157 * of new data availability is sent. 3158 * If **BPF_RB_FORCE_WAKEUP** is specified in *flags*, notification 3159 * of new data availability is sent unconditionally. 3160 * If **0** is specified in *flags*, an adaptive notification 3161 * of new data availability is sent. 3162 * 3163 * See 'bpf_ringbuf_output()' for the definition of adaptive notification. 3164 * 3165 * Returns 3166 * Nothing. Always succeeds. 3167 */ 3168 static void (*bpf_ringbuf_discard)(void *data, __u64 flags) = (void *) 133; 3169 3170 /* 3171 * bpf_ringbuf_query 3172 * 3173 * Query various characteristics of provided ring buffer. What 3174 * exactly is queries is determined by *flags*: 3175 * 3176 * * **BPF_RB_AVAIL_DATA**: Amount of data not yet consumed. 3177 * * **BPF_RB_RING_SIZE**: The size of ring buffer. 3178 * * **BPF_RB_CONS_POS**: Consumer position (can wrap around). 3179 * * **BPF_RB_PROD_POS**: Producer(s) position (can wrap around). 3180 * 3181 * Data returned is just a momentary snapshot of actual values 3182 * and could be inaccurate, so this facility should be used to 3183 * power heuristics and for reporting, not to make 100% correct 3184 * calculation. 3185 * 3186 * Returns 3187 * Requested value, or 0, if *flags* are not recognized. 3188 */ 3189 static __u64 (*bpf_ringbuf_query)(void *ringbuf, __u64 flags) = (void *) 134; 3190 3191 /* 3192 * bpf_csum_level 3193 * 3194 * Change the skbs checksum level by one layer up or down, or 3195 * reset it entirely to none in order to have the stack perform 3196 * checksum validation. The level is applicable to the following 3197 * protocols: TCP, UDP, GRE, SCTP, FCOE. For example, a decap of 3198 * | ETH | IP | UDP | GUE | IP | TCP | into | ETH | IP | TCP | 3199 * through **bpf_skb_adjust_room**\ () helper with passing in 3200 * **BPF_F_ADJ_ROOM_NO_CSUM_RESET** flag would require one call 3201 * to **bpf_csum_level**\ () with **BPF_CSUM_LEVEL_DEC** since 3202 * the UDP header is removed. Similarly, an encap of the latter 3203 * into the former could be accompanied by a helper call to 3204 * **bpf_csum_level**\ () with **BPF_CSUM_LEVEL_INC** if the 3205 * skb is still intended to be processed in higher layers of the 3206 * stack instead of just egressing at tc. 3207 * 3208 * There are three supported level settings at this time: 3209 * 3210 * * **BPF_CSUM_LEVEL_INC**: Increases skb->csum_level for skbs 3211 * with CHECKSUM_UNNECESSARY. 3212 * * **BPF_CSUM_LEVEL_DEC**: Decreases skb->csum_level for skbs 3213 * with CHECKSUM_UNNECESSARY. 3214 * * **BPF_CSUM_LEVEL_RESET**: Resets skb->csum_level to 0 and 3215 * sets CHECKSUM_NONE to force checksum validation by the stack. 3216 * * **BPF_CSUM_LEVEL_QUERY**: No-op, returns the current 3217 * skb->csum_level. 3218 * 3219 * Returns 3220 * 0 on success, or a negative error in case of failure. In the 3221 * case of **BPF_CSUM_LEVEL_QUERY**, the current skb->csum_level 3222 * is returned or the error code -EACCES in case the skb is not 3223 * subject to CHECKSUM_UNNECESSARY. 3224 */ 3225 static long (*bpf_csum_level)(struct __sk_buff *skb, __u64 level) = (void *) 135; 3226 3227 /* 3228 * bpf_skc_to_tcp6_sock 3229 * 3230 * Dynamically cast a *sk* pointer to a *tcp6_sock* pointer. 3231 * 3232 * Returns 3233 * *sk* if casting is valid, or **NULL** otherwise. 3234 */ 3235 static struct tcp6_sock *(*bpf_skc_to_tcp6_sock)(void *sk) = (void *) 136; 3236 3237 /* 3238 * bpf_skc_to_tcp_sock 3239 * 3240 * Dynamically cast a *sk* pointer to a *tcp_sock* pointer. 3241 * 3242 * Returns 3243 * *sk* if casting is valid, or **NULL** otherwise. 3244 */ 3245 static struct tcp_sock *(*bpf_skc_to_tcp_sock)(void *sk) = (void *) 137; 3246 3247 /* 3248 * bpf_skc_to_tcp_timewait_sock 3249 * 3250 * Dynamically cast a *sk* pointer to a *tcp_timewait_sock* pointer. 3251 * 3252 * Returns 3253 * *sk* if casting is valid, or **NULL** otherwise. 3254 */ 3255 static struct tcp_timewait_sock *(*bpf_skc_to_tcp_timewait_sock)(void *sk) = (void *) 138; 3256 3257 /* 3258 * bpf_skc_to_tcp_request_sock 3259 * 3260 * Dynamically cast a *sk* pointer to a *tcp_request_sock* pointer. 3261 * 3262 * Returns 3263 * *sk* if casting is valid, or **NULL** otherwise. 3264 */ 3265 static struct tcp_request_sock *(*bpf_skc_to_tcp_request_sock)(void *sk) = (void *) 139; 3266 3267 /* 3268 * bpf_skc_to_udp6_sock 3269 * 3270 * Dynamically cast a *sk* pointer to a *udp6_sock* pointer. 3271 * 3272 * Returns 3273 * *sk* if casting is valid, or **NULL** otherwise. 3274 */ 3275 static struct udp6_sock *(*bpf_skc_to_udp6_sock)(void *sk) = (void *) 140; 3276 3277 /* 3278 * bpf_get_task_stack 3279 * 3280 * Return a user or a kernel stack in bpf program provided buffer. 3281 * To achieve this, the helper needs *task*, which is a valid 3282 * pointer to **struct task_struct**. To store the stacktrace, the 3283 * bpf program provides *buf* with a nonnegative *size*. 3284 * 3285 * The last argument, *flags*, holds the number of stack frames to 3286 * skip (from 0 to 255), masked with 3287 * **BPF_F_SKIP_FIELD_MASK**. The next bits can be used to set 3288 * the following flags: 3289 * 3290 * **BPF_F_USER_STACK** 3291 * Collect a user space stack instead of a kernel stack. 3292 * **BPF_F_USER_BUILD_ID** 3293 * Collect buildid+offset instead of ips for user stack, 3294 * only valid if **BPF_F_USER_STACK** is also specified. 3295 * 3296 * **bpf_get_task_stack**\ () can collect up to 3297 * **PERF_MAX_STACK_DEPTH** both kernel and user frames, subject 3298 * to sufficient large buffer size. Note that 3299 * this limit can be controlled with the **sysctl** program, and 3300 * that it should be manually increased in order to profile long 3301 * user stacks (such as stacks for Java programs). To do so, use: 3302 * 3303 * :: 3304 * 3305 * # sysctl kernel.perf_event_max_stack=<new value> 3306 * 3307 * Returns 3308 * A non-negative value equal to or less than *size* on success, 3309 * or a negative error in case of failure. 3310 */ 3311 static long (*bpf_get_task_stack)(struct task_struct *task, void *buf, __u32 size, __u64 flags) = (void *) 141; 3312 3313 /* 3314 * bpf_load_hdr_opt 3315 * 3316 * Load header option. Support reading a particular TCP header 3317 * option for bpf program (**BPF_PROG_TYPE_SOCK_OPS**). 3318 * 3319 * If *flags* is 0, it will search the option from the 3320 * *skops*\ **->skb_data**. The comment in **struct bpf_sock_ops** 3321 * has details on what skb_data contains under different 3322 * *skops*\ **->op**. 3323 * 3324 * The first byte of the *searchby_res* specifies the 3325 * kind that it wants to search. 3326 * 3327 * If the searching kind is an experimental kind 3328 * (i.e. 253 or 254 according to RFC6994). It also 3329 * needs to specify the "magic" which is either 3330 * 2 bytes or 4 bytes. It then also needs to 3331 * specify the size of the magic by using 3332 * the 2nd byte which is "kind-length" of a TCP 3333 * header option and the "kind-length" also 3334 * includes the first 2 bytes "kind" and "kind-length" 3335 * itself as a normal TCP header option also does. 3336 * 3337 * For example, to search experimental kind 254 with 3338 * 2 byte magic 0xeB9F, the searchby_res should be 3339 * [ 254, 4, 0xeB, 0x9F, 0, 0, .... 0 ]. 3340 * 3341 * To search for the standard window scale option (3), 3342 * the *searchby_res* should be [ 3, 0, 0, .... 0 ]. 3343 * Note, kind-length must be 0 for regular option. 3344 * 3345 * Searching for No-Op (0) and End-of-Option-List (1) are 3346 * not supported. 3347 * 3348 * *len* must be at least 2 bytes which is the minimal size 3349 * of a header option. 3350 * 3351 * Supported flags: 3352 * 3353 * * **BPF_LOAD_HDR_OPT_TCP_SYN** to search from the 3354 * saved_syn packet or the just-received syn packet. 3355 * 3356 * 3357 * Returns 3358 * > 0 when found, the header option is copied to *searchby_res*. 3359 * The return value is the total length copied. On failure, a 3360 * negative error code is returned: 3361 * 3362 * **-EINVAL** if a parameter is invalid. 3363 * 3364 * **-ENOMSG** if the option is not found. 3365 * 3366 * **-ENOENT** if no syn packet is available when 3367 * **BPF_LOAD_HDR_OPT_TCP_SYN** is used. 3368 * 3369 * **-ENOSPC** if there is not enough space. Only *len* number of 3370 * bytes are copied. 3371 * 3372 * **-EFAULT** on failure to parse the header options in the 3373 * packet. 3374 * 3375 * **-EPERM** if the helper cannot be used under the current 3376 * *skops*\ **->op**. 3377 */ 3378 static long (*bpf_load_hdr_opt)(struct bpf_sock_ops *skops, void *searchby_res, __u32 len, __u64 flags) = (void *) 142; 3379 3380 /* 3381 * bpf_store_hdr_opt 3382 * 3383 * Store header option. The data will be copied 3384 * from buffer *from* with length *len* to the TCP header. 3385 * 3386 * The buffer *from* should have the whole option that 3387 * includes the kind, kind-length, and the actual 3388 * option data. The *len* must be at least kind-length 3389 * long. The kind-length does not have to be 4 byte 3390 * aligned. The kernel will take care of the padding 3391 * and setting the 4 bytes aligned value to th->doff. 3392 * 3393 * This helper will check for duplicated option 3394 * by searching the same option in the outgoing skb. 3395 * 3396 * This helper can only be called during 3397 * **BPF_SOCK_OPS_WRITE_HDR_OPT_CB**. 3398 * 3399 * 3400 * Returns 3401 * 0 on success, or negative error in case of failure: 3402 * 3403 * **-EINVAL** If param is invalid. 3404 * 3405 * **-ENOSPC** if there is not enough space in the header. 3406 * Nothing has been written 3407 * 3408 * **-EEXIST** if the option already exists. 3409 * 3410 * **-EFAULT** on failrue to parse the existing header options. 3411 * 3412 * **-EPERM** if the helper cannot be used under the current 3413 * *skops*\ **->op**. 3414 */ 3415 static long (*bpf_store_hdr_opt)(struct bpf_sock_ops *skops, const void *from, __u32 len, __u64 flags) = (void *) 143; 3416 3417 /* 3418 * bpf_reserve_hdr_opt 3419 * 3420 * Reserve *len* bytes for the bpf header option. The 3421 * space will be used by **bpf_store_hdr_opt**\ () later in 3422 * **BPF_SOCK_OPS_WRITE_HDR_OPT_CB**. 3423 * 3424 * If **bpf_reserve_hdr_opt**\ () is called multiple times, 3425 * the total number of bytes will be reserved. 3426 * 3427 * This helper can only be called during 3428 * **BPF_SOCK_OPS_HDR_OPT_LEN_CB**. 3429 * 3430 * 3431 * Returns 3432 * 0 on success, or negative error in case of failure: 3433 * 3434 * **-EINVAL** if a parameter is invalid. 3435 * 3436 * **-ENOSPC** if there is not enough space in the header. 3437 * 3438 * **-EPERM** if the helper cannot be used under the current 3439 * *skops*\ **->op**. 3440 */ 3441 static long (*bpf_reserve_hdr_opt)(struct bpf_sock_ops *skops, __u32 len, __u64 flags) = (void *) 144; 3442 3443 /* 3444 * bpf_inode_storage_get 3445 * 3446 * Get a bpf_local_storage from an *inode*. 3447 * 3448 * Logically, it could be thought of as getting the value from 3449 * a *map* with *inode* as the **key**. From this 3450 * perspective, the usage is not much different from 3451 * **bpf_map_lookup_elem**\ (*map*, **&**\ *inode*) except this 3452 * helper enforces the key must be an inode and the map must also 3453 * be a **BPF_MAP_TYPE_INODE_STORAGE**. 3454 * 3455 * Underneath, the value is stored locally at *inode* instead of 3456 * the *map*. The *map* is used as the bpf-local-storage 3457 * "type". The bpf-local-storage "type" (i.e. the *map*) is 3458 * searched against all bpf_local_storage residing at *inode*. 3459 * 3460 * An optional *flags* (**BPF_LOCAL_STORAGE_GET_F_CREATE**) can be 3461 * used such that a new bpf_local_storage will be 3462 * created if one does not exist. *value* can be used 3463 * together with **BPF_LOCAL_STORAGE_GET_F_CREATE** to specify 3464 * the initial value of a bpf_local_storage. If *value* is 3465 * **NULL**, the new bpf_local_storage will be zero initialized. 3466 * 3467 * Returns 3468 * A bpf_local_storage pointer is returned on success. 3469 * 3470 * **NULL** if not found or there was an error in adding 3471 * a new bpf_local_storage. 3472 */ 3473 static void *(*bpf_inode_storage_get)(void *map, void *inode, void *value, __u64 flags) = (void *) 145; 3474 3475 /* 3476 * bpf_inode_storage_delete 3477 * 3478 * Delete a bpf_local_storage from an *inode*. 3479 * 3480 * Returns 3481 * 0 on success. 3482 * 3483 * **-ENOENT** if the bpf_local_storage cannot be found. 3484 */ 3485 static int (*bpf_inode_storage_delete)(void *map, void *inode) = (void *) 146; 3486 3487 /* 3488 * bpf_d_path 3489 * 3490 * Return full path for given **struct path** object, which 3491 * needs to be the kernel BTF *path* object. The path is 3492 * returned in the provided buffer *buf* of size *sz* and 3493 * is zero terminated. 3494 * 3495 * 3496 * Returns 3497 * On success, the strictly positive length of the string, 3498 * including the trailing NUL character. On error, a negative 3499 * value. 3500 */ 3501 static long (*bpf_d_path)(struct path *path, char *buf, __u32 sz) = (void *) 147; 3502 3503 /* 3504 * bpf_copy_from_user 3505 * 3506 * Read *size* bytes from user space address *user_ptr* and store 3507 * the data in *dst*. This is a wrapper of **copy_from_user**\ (). 3508 * 3509 * Returns 3510 * 0 on success, or a negative error in case of failure. 3511 */ 3512 static long (*bpf_copy_from_user)(void *dst, __u32 size, const void *user_ptr) = (void *) 148; 3513 3514 /* 3515 * bpf_snprintf_btf 3516 * 3517 * Use BTF to store a string representation of *ptr*->ptr in *str*, 3518 * using *ptr*->type_id. This value should specify the type 3519 * that *ptr*->ptr points to. LLVM __builtin_btf_type_id(type, 1) 3520 * can be used to look up vmlinux BTF type ids. Traversing the 3521 * data structure using BTF, the type information and values are 3522 * stored in the first *str_size* - 1 bytes of *str*. Safe copy of 3523 * the pointer data is carried out to avoid kernel crashes during 3524 * operation. Smaller types can use string space on the stack; 3525 * larger programs can use map data to store the string 3526 * representation. 3527 * 3528 * The string can be subsequently shared with userspace via 3529 * bpf_perf_event_output() or ring buffer interfaces. 3530 * bpf_trace_printk() is to be avoided as it places too small 3531 * a limit on string size to be useful. 3532 * 3533 * *flags* is a combination of 3534 * 3535 * **BTF_F_COMPACT** 3536 * no formatting around type information 3537 * **BTF_F_NONAME** 3538 * no struct/union member names/types 3539 * **BTF_F_PTR_RAW** 3540 * show raw (unobfuscated) pointer values; 3541 * equivalent to printk specifier %px. 3542 * **BTF_F_ZERO** 3543 * show zero-valued struct/union members; they 3544 * are not displayed by default 3545 * 3546 * 3547 * Returns 3548 * The number of bytes that were written (or would have been 3549 * written if output had to be truncated due to string size), 3550 * or a negative error in cases of failure. 3551 */ 3552 static long (*bpf_snprintf_btf)(char *str, __u32 str_size, struct btf_ptr *ptr, __u32 btf_ptr_size, __u64 flags) = (void *) 149; 3553 3554 /* 3555 * bpf_seq_printf_btf 3556 * 3557 * Use BTF to write to seq_write a string representation of 3558 * *ptr*->ptr, using *ptr*->type_id as per bpf_snprintf_btf(). 3559 * *flags* are identical to those used for bpf_snprintf_btf. 3560 * 3561 * Returns 3562 * 0 on success or a negative error in case of failure. 3563 */ 3564 static long (*bpf_seq_printf_btf)(struct seq_file *m, struct btf_ptr *ptr, __u32 ptr_size, __u64 flags) = (void *) 150; 3565 3566 /* 3567 * bpf_skb_cgroup_classid 3568 * 3569 * See **bpf_get_cgroup_classid**\ () for the main description. 3570 * This helper differs from **bpf_get_cgroup_classid**\ () in that 3571 * the cgroup v1 net_cls class is retrieved only from the *skb*'s 3572 * associated socket instead of the current process. 3573 * 3574 * Returns 3575 * The id is returned or 0 in case the id could not be retrieved. 3576 */ 3577 static __u64 (*bpf_skb_cgroup_classid)(struct __sk_buff *skb) = (void *) 151; 3578 3579 /* 3580 * bpf_redirect_neigh 3581 * 3582 * Redirect the packet to another net device of index *ifindex* 3583 * and fill in L2 addresses from neighboring subsystem. This helper 3584 * is somewhat similar to **bpf_redirect**\ (), except that it 3585 * populates L2 addresses as well, meaning, internally, the helper 3586 * relies on the neighbor lookup for the L2 address of the nexthop. 3587 * 3588 * The helper will perform a FIB lookup based on the skb's 3589 * networking header to get the address of the next hop, unless 3590 * this is supplied by the caller in the *params* argument. The 3591 * *plen* argument indicates the len of *params* and should be set 3592 * to 0 if *params* is NULL. 3593 * 3594 * The *flags* argument is reserved and must be 0. The helper is 3595 * currently only supported for tc BPF program types, and enabled 3596 * for IPv4 and IPv6 protocols. 3597 * 3598 * Returns 3599 * The helper returns **TC_ACT_REDIRECT** on success or 3600 * **TC_ACT_SHOT** on error. 3601 */ 3602 static long (*bpf_redirect_neigh)(__u32 ifindex, struct bpf_redir_neigh *params, int plen, __u64 flags) = (void *) 152; 3603 3604 /* 3605 * bpf_per_cpu_ptr 3606 * 3607 * Take a pointer to a percpu ksym, *percpu_ptr*, and return a 3608 * pointer to the percpu kernel variable on *cpu*. A ksym is an 3609 * extern variable decorated with '__ksym'. For ksym, there is a 3610 * global var (either static or global) defined of the same name 3611 * in the kernel. The ksym is percpu if the global var is percpu. 3612 * The returned pointer points to the global percpu var on *cpu*. 3613 * 3614 * bpf_per_cpu_ptr() has the same semantic as per_cpu_ptr() in the 3615 * kernel, except that bpf_per_cpu_ptr() may return NULL. This 3616 * happens if *cpu* is larger than nr_cpu_ids. The caller of 3617 * bpf_per_cpu_ptr() must check the returned value. 3618 * 3619 * Returns 3620 * A pointer pointing to the kernel percpu variable on *cpu*, or 3621 * NULL, if *cpu* is invalid. 3622 */ 3623 static void *(*bpf_per_cpu_ptr)(const void *percpu_ptr, __u32 cpu) = (void *) 153; 3624 3625 /* 3626 * bpf_this_cpu_ptr 3627 * 3628 * Take a pointer to a percpu ksym, *percpu_ptr*, and return a 3629 * pointer to the percpu kernel variable on this cpu. See the 3630 * description of 'ksym' in **bpf_per_cpu_ptr**\ (). 3631 * 3632 * bpf_this_cpu_ptr() has the same semantic as this_cpu_ptr() in 3633 * the kernel. Different from **bpf_per_cpu_ptr**\ (), it would 3634 * never return NULL. 3635 * 3636 * Returns 3637 * A pointer pointing to the kernel percpu variable on this cpu. 3638 */ 3639 static void *(*bpf_this_cpu_ptr)(const void *percpu_ptr) = (void *) 154; 3640 3641 /* 3642 * bpf_redirect_peer 3643 * 3644 * Redirect the packet to another net device of index *ifindex*. 3645 * This helper is somewhat similar to **bpf_redirect**\ (), except 3646 * that the redirection happens to the *ifindex*' peer device and 3647 * the netns switch takes place from ingress to ingress without 3648 * going through the CPU's backlog queue. 3649 * 3650 * The *flags* argument is reserved and must be 0. The helper is 3651 * currently only supported for tc BPF program types at the ingress 3652 * hook and for veth device types. The peer device must reside in a 3653 * different network namespace. 3654 * 3655 * Returns 3656 * The helper returns **TC_ACT_REDIRECT** on success or 3657 * **TC_ACT_SHOT** on error. 3658 */ 3659 static long (*bpf_redirect_peer)(__u32 ifindex, __u64 flags) = (void *) 155; 3660 3661 /* 3662 * bpf_task_storage_get 3663 * 3664 * Get a bpf_local_storage from the *task*. 3665 * 3666 * Logically, it could be thought of as getting the value from 3667 * a *map* with *task* as the **key**. From this 3668 * perspective, the usage is not much different from 3669 * **bpf_map_lookup_elem**\ (*map*, **&**\ *task*) except this 3670 * helper enforces the key must be an task_struct and the map must also 3671 * be a **BPF_MAP_TYPE_TASK_STORAGE**. 3672 * 3673 * Underneath, the value is stored locally at *task* instead of 3674 * the *map*. The *map* is used as the bpf-local-storage 3675 * "type". The bpf-local-storage "type" (i.e. the *map*) is 3676 * searched against all bpf_local_storage residing at *task*. 3677 * 3678 * An optional *flags* (**BPF_LOCAL_STORAGE_GET_F_CREATE**) can be 3679 * used such that a new bpf_local_storage will be 3680 * created if one does not exist. *value* can be used 3681 * together with **BPF_LOCAL_STORAGE_GET_F_CREATE** to specify 3682 * the initial value of a bpf_local_storage. If *value* is 3683 * **NULL**, the new bpf_local_storage will be zero initialized. 3684 * 3685 * Returns 3686 * A bpf_local_storage pointer is returned on success. 3687 * 3688 * **NULL** if not found or there was an error in adding 3689 * a new bpf_local_storage. 3690 */ 3691 static void *(*bpf_task_storage_get)(void *map, struct task_struct *task, void *value, __u64 flags) = (void *) 156; 3692 3693 /* 3694 * bpf_task_storage_delete 3695 * 3696 * Delete a bpf_local_storage from a *task*. 3697 * 3698 * Returns 3699 * 0 on success. 3700 * 3701 * **-ENOENT** if the bpf_local_storage cannot be found. 3702 */ 3703 static long (*bpf_task_storage_delete)(void *map, struct task_struct *task) = (void *) 157; 3704 3705 /* 3706 * bpf_get_current_task_btf 3707 * 3708 * Return a BTF pointer to the "current" task. 3709 * This pointer can also be used in helpers that accept an 3710 * *ARG_PTR_TO_BTF_ID* of type *task_struct*. 3711 * 3712 * Returns 3713 * Pointer to the current task. 3714 */ 3715 static struct task_struct *(*bpf_get_current_task_btf)(void) = (void *) 158; 3716 3717 /* 3718 * bpf_bprm_opts_set 3719 * 3720 * Set or clear certain options on *bprm*: 3721 * 3722 * **BPF_F_BPRM_SECUREEXEC** Set the secureexec bit 3723 * which sets the **AT_SECURE** auxv for glibc. The bit 3724 * is cleared if the flag is not specified. 3725 * 3726 * Returns 3727 * **-EINVAL** if invalid *flags* are passed, zero otherwise. 3728 */ 3729 static long (*bpf_bprm_opts_set)(struct linux_binprm *bprm, __u64 flags) = (void *) 159; 3730 3731 /* 3732 * bpf_ktime_get_coarse_ns 3733 * 3734 * Return a coarse-grained version of the time elapsed since 3735 * system boot, in nanoseconds. Does not include time the system 3736 * was suspended. 3737 * 3738 * See: **clock_gettime**\ (**CLOCK_MONOTONIC_COARSE**) 3739 * 3740 * Returns 3741 * Current *ktime*. 3742 */ 3743 static __u64 (*bpf_ktime_get_coarse_ns)(void) = (void *) 160; 3744 3745 /* 3746 * bpf_ima_inode_hash 3747 * 3748 * Returns the stored IMA hash of the *inode* (if it's avaialable). 3749 * If the hash is larger than *size*, then only *size* 3750 * bytes will be copied to *dst* 3751 * 3752 * Returns 3753 * The **hash_algo** is returned on success, 3754 * **-EOPNOTSUP** if IMA is disabled or **-EINVAL** if 3755 * invalid arguments are passed. 3756 */ 3757 static long (*bpf_ima_inode_hash)(struct inode *inode, void *dst, __u32 size) = (void *) 161; 3758 3759 /* 3760 * bpf_sock_from_file 3761 * 3762 * If the given file represents a socket, returns the associated 3763 * socket. 3764 * 3765 * Returns 3766 * A pointer to a struct socket on success or NULL if the file is 3767 * not a socket. 3768 */ 3769 static struct socket *(*bpf_sock_from_file)(struct file *file) = (void *) 162; 3770 3771 /* 3772 * bpf_check_mtu 3773 * 3774 * Check packet size against exceeding MTU of net device (based 3775 * on *ifindex*). This helper will likely be used in combination 3776 * with helpers that adjust/change the packet size. 3777 * 3778 * The argument *len_diff* can be used for querying with a planned 3779 * size change. This allows to check MTU prior to changing packet 3780 * ctx. Providing an *len_diff* adjustment that is larger than the 3781 * actual packet size (resulting in negative packet size) will in 3782 * principle not exceed the MTU, why it is not considered a 3783 * failure. Other BPF-helpers are needed for performing the 3784 * planned size change, why the responsability for catch a negative 3785 * packet size belong in those helpers. 3786 * 3787 * Specifying *ifindex* zero means the MTU check is performed 3788 * against the current net device. This is practical if this isn't 3789 * used prior to redirect. 3790 * 3791 * On input *mtu_len* must be a valid pointer, else verifier will 3792 * reject BPF program. If the value *mtu_len* is initialized to 3793 * zero then the ctx packet size is use. When value *mtu_len* is 3794 * provided as input this specify the L3 length that the MTU check 3795 * is done against. Remember XDP and TC length operate at L2, but 3796 * this value is L3 as this correlate to MTU and IP-header tot_len 3797 * values which are L3 (similar behavior as bpf_fib_lookup). 3798 * 3799 * The Linux kernel route table can configure MTUs on a more 3800 * specific per route level, which is not provided by this helper. 3801 * For route level MTU checks use the **bpf_fib_lookup**\ () 3802 * helper. 3803 * 3804 * *ctx* is either **struct xdp_md** for XDP programs or 3805 * **struct sk_buff** for tc cls_act programs. 3806 * 3807 * The *flags* argument can be a combination of one or more of the 3808 * following values: 3809 * 3810 * **BPF_MTU_CHK_SEGS** 3811 * This flag will only works for *ctx* **struct sk_buff**. 3812 * If packet context contains extra packet segment buffers 3813 * (often knows as GSO skb), then MTU check is harder to 3814 * check at this point, because in transmit path it is 3815 * possible for the skb packet to get re-segmented 3816 * (depending on net device features). This could still be 3817 * a MTU violation, so this flag enables performing MTU 3818 * check against segments, with a different violation 3819 * return code to tell it apart. Check cannot use len_diff. 3820 * 3821 * On return *mtu_len* pointer contains the MTU value of the net 3822 * device. Remember the net device configured MTU is the L3 size, 3823 * which is returned here and XDP and TC length operate at L2. 3824 * Helper take this into account for you, but remember when using 3825 * MTU value in your BPF-code. 3826 * 3827 * 3828 * Returns 3829 * * 0 on success, and populate MTU value in *mtu_len* pointer. 3830 * 3831 * * < 0 if any input argument is invalid (*mtu_len* not updated) 3832 * 3833 * MTU violations return positive values, but also populate MTU 3834 * value in *mtu_len* pointer, as this can be needed for 3835 * implementing PMTU handing: 3836 * 3837 * * **BPF_MTU_CHK_RET_FRAG_NEEDED** 3838 * * **BPF_MTU_CHK_RET_SEGS_TOOBIG** 3839 */ 3840 static long (*bpf_check_mtu)(void *ctx, __u32 ifindex, __u32 *mtu_len, __s32 len_diff, __u64 flags) = (void *) 163; 3841 3842 /* 3843 * bpf_for_each_map_elem 3844 * 3845 * For each element in **map**, call **callback_fn** function with 3846 * **map**, **callback_ctx** and other map-specific parameters. 3847 * The **callback_fn** should be a static function and 3848 * the **callback_ctx** should be a pointer to the stack. 3849 * The **flags** is used to control certain aspects of the helper. 3850 * Currently, the **flags** must be 0. 3851 * 3852 * The following are a list of supported map types and their 3853 * respective expected callback signatures: 3854 * 3855 * BPF_MAP_TYPE_HASH, BPF_MAP_TYPE_PERCPU_HASH, 3856 * BPF_MAP_TYPE_LRU_HASH, BPF_MAP_TYPE_LRU_PERCPU_HASH, 3857 * BPF_MAP_TYPE_ARRAY, BPF_MAP_TYPE_PERCPU_ARRAY 3858 * 3859 * long (\*callback_fn)(struct bpf_map \*map, const void \*key, void \*value, void \*ctx); 3860 * 3861 * For per_cpu maps, the map_value is the value on the cpu where the 3862 * bpf_prog is running. 3863 * 3864 * If **callback_fn** return 0, the helper will continue to the next 3865 * element. If return value is 1, the helper will skip the rest of 3866 * elements and return. Other return values are not used now. 3867 * 3868 * 3869 * Returns 3870 * The number of traversed map elements for success, **-EINVAL** for 3871 * invalid **flags**. 3872 */ 3873 static long (*bpf_for_each_map_elem)(void *map, void *callback_fn, void *callback_ctx, __u64 flags) = (void *) 164; 3874 3875 /* 3876 * bpf_snprintf 3877 * 3878 * Outputs a string into the **str** buffer of size **str_size** 3879 * based on a format string stored in a read-only map pointed by 3880 * **fmt**. 3881 * 3882 * Each format specifier in **fmt** corresponds to one u64 element 3883 * in the **data** array. For strings and pointers where pointees 3884 * are accessed, only the pointer values are stored in the *data* 3885 * array. The *data_len* is the size of *data* in bytes - must be 3886 * a multiple of 8. 3887 * 3888 * Formats **%s** and **%p{i,I}{4,6}** require to read kernel 3889 * memory. Reading kernel memory may fail due to either invalid 3890 * address or valid address but requiring a major memory fault. If 3891 * reading kernel memory fails, the string for **%s** will be an 3892 * empty string, and the ip address for **%p{i,I}{4,6}** will be 0. 3893 * Not returning error to bpf program is consistent with what 3894 * **bpf_trace_printk**\ () does for now. 3895 * 3896 * 3897 * Returns 3898 * The strictly positive length of the formatted string, including 3899 * the trailing zero character. If the return value is greater than 3900 * **str_size**, **str** contains a truncated string, guaranteed to 3901 * be zero-terminated except when **str_size** is 0. 3902 * 3903 * Or **-EBUSY** if the per-CPU memory copy buffer is busy. 3904 */ 3905 static long (*bpf_snprintf)(char *str, __u32 str_size, const char *fmt, __u64 *data, __u32 data_len) = (void *) 165; 3906 3907 /* 3908 * bpf_sys_bpf 3909 * 3910 * Execute bpf syscall with given arguments. 3911 * 3912 * Returns 3913 * A syscall result. 3914 */ 3915 static long (*bpf_sys_bpf)(__u32 cmd, void *attr, __u32 attr_size) = (void *) 166; 3916 3917 /* 3918 * bpf_btf_find_by_name_kind 3919 * 3920 * Find BTF type with given name and kind in vmlinux BTF or in module's BTFs. 3921 * 3922 * Returns 3923 * Returns btf_id and btf_obj_fd in lower and upper 32 bits. 3924 */ 3925 static long (*bpf_btf_find_by_name_kind)(char *name, int name_sz, __u32 kind, int flags) = (void *) 167; 3926 3927 /* 3928 * bpf_sys_close 3929 * 3930 * Execute close syscall for given FD. 3931 * 3932 * Returns 3933 * A syscall result. 3934 */ 3935 static long (*bpf_sys_close)(__u32 fd) = (void *) 168; 3936 3937 /* 3938 * bpf_timer_init 3939 * 3940 * Initialize the timer. 3941 * First 4 bits of *flags* specify clockid. 3942 * Only CLOCK_MONOTONIC, CLOCK_REALTIME, CLOCK_BOOTTIME are allowed. 3943 * All other bits of *flags* are reserved. 3944 * The verifier will reject the program if *timer* is not from 3945 * the same *map*. 3946 * 3947 * Returns 3948 * 0 on success. 3949 * **-EBUSY** if *timer* is already initialized. 3950 * **-EINVAL** if invalid *flags* are passed. 3951 * **-EPERM** if *timer* is in a map that doesn't have any user references. 3952 * The user space should either hold a file descriptor to a map with timers 3953 * or pin such map in bpffs. When map is unpinned or file descriptor is 3954 * closed all timers in the map will be cancelled and freed. 3955 */ 3956 static long (*bpf_timer_init)(struct bpf_timer *timer, void *map, __u64 flags) = (void *) 169; 3957 3958 /* 3959 * bpf_timer_set_callback 3960 * 3961 * Configure the timer to call *callback_fn* static function. 3962 * 3963 * Returns 3964 * 0 on success. 3965 * **-EINVAL** if *timer* was not initialized with bpf_timer_init() earlier. 3966 * **-EPERM** if *timer* is in a map that doesn't have any user references. 3967 * The user space should either hold a file descriptor to a map with timers 3968 * or pin such map in bpffs. When map is unpinned or file descriptor is 3969 * closed all timers in the map will be cancelled and freed. 3970 */ 3971 static long (*bpf_timer_set_callback)(struct bpf_timer *timer, void *callback_fn) = (void *) 170; 3972 3973 /* 3974 * bpf_timer_start 3975 * 3976 * Set timer expiration N nanoseconds from the current time. The 3977 * configured callback will be invoked in soft irq context on some cpu 3978 * and will not repeat unless another bpf_timer_start() is made. 3979 * In such case the next invocation can migrate to a different cpu. 3980 * Since struct bpf_timer is a field inside map element the map 3981 * owns the timer. The bpf_timer_set_callback() will increment refcnt 3982 * of BPF program to make sure that callback_fn code stays valid. 3983 * When user space reference to a map reaches zero all timers 3984 * in a map are cancelled and corresponding program's refcnts are 3985 * decremented. This is done to make sure that Ctrl-C of a user 3986 * process doesn't leave any timers running. If map is pinned in 3987 * bpffs the callback_fn can re-arm itself indefinitely. 3988 * bpf_map_update/delete_elem() helpers and user space sys_bpf commands 3989 * cancel and free the timer in the given map element. 3990 * The map can contain timers that invoke callback_fn-s from different 3991 * programs. The same callback_fn can serve different timers from 3992 * different maps if key/value layout matches across maps. 3993 * Every bpf_timer_set_callback() can have different callback_fn. 3994 * 3995 * 3996 * Returns 3997 * 0 on success. 3998 * **-EINVAL** if *timer* was not initialized with bpf_timer_init() earlier 3999 * or invalid *flags* are passed. 4000 */ 4001 static long (*bpf_timer_start)(struct bpf_timer *timer, __u64 nsecs, __u64 flags) = (void *) 171; 4002 4003 /* 4004 * bpf_timer_cancel 4005 * 4006 * Cancel the timer and wait for callback_fn to finish if it was running. 4007 * 4008 * Returns 4009 * 0 if the timer was not active. 4010 * 1 if the timer was active. 4011 * **-EINVAL** if *timer* was not initialized with bpf_timer_init() earlier. 4012 * **-EDEADLK** if callback_fn tried to call bpf_timer_cancel() on its 4013 * own timer which would have led to a deadlock otherwise. 4014 */ 4015 static long (*bpf_timer_cancel)(struct bpf_timer *timer) = (void *) 172; 4016 4017 /* 4018 * bpf_get_func_ip 4019 * 4020 * Get address of the traced function (for tracing and kprobe programs). 4021 * 4022 * Returns 4023 * Address of the traced function. 4024 */ 4025 static __u64 (*bpf_get_func_ip)(void *ctx) = (void *) 173; 4026 4027 /* 4028 * bpf_get_attach_cookie 4029 * 4030 * Get bpf_cookie value provided (optionally) during the program 4031 * attachment. It might be different for each individual 4032 * attachment, even if BPF program itself is the same. 4033 * Expects BPF program context *ctx* as a first argument. 4034 * 4035 * Supported for the following program types: 4036 * - kprobe/uprobe; 4037 * - tracepoint; 4038 * - perf_event. 4039 * 4040 * Returns 4041 * Value specified by user at BPF link creation/attachment time 4042 * or 0, if it was not specified. 4043 */ 4044 static __u64 (*bpf_get_attach_cookie)(void *ctx) = (void *) 174; 4045 4046 /* 4047 * bpf_task_pt_regs 4048 * 4049 * Get the struct pt_regs associated with **task**. 4050 * 4051 * Returns 4052 * A pointer to struct pt_regs. 4053 */ 4054 static long (*bpf_task_pt_regs)(struct task_struct *task) = (void *) 175; 4055 4056 /* 4057 * bpf_get_branch_snapshot 4058 * 4059 * Get branch trace from hardware engines like Intel LBR. The 4060 * hardware engine is stopped shortly after the helper is 4061 * called. Therefore, the user need to filter branch entries 4062 * based on the actual use case. To capture branch trace 4063 * before the trigger point of the BPF program, the helper 4064 * should be called at the beginning of the BPF program. 4065 * 4066 * The data is stored as struct perf_branch_entry into output 4067 * buffer *entries*. *size* is the size of *entries* in bytes. 4068 * *flags* is reserved for now and must be zero. 4069 * 4070 * 4071 * Returns 4072 * On success, number of bytes written to *buf*. On error, a 4073 * negative value. 4074 * 4075 * **-EINVAL** if *flags* is not zero. 4076 * 4077 * **-ENOENT** if architecture does not support branch records. 4078 */ 4079 static long (*bpf_get_branch_snapshot)(void *entries, __u32 size, __u64 flags) = (void *) 176; 4080 4081 /* 4082 * bpf_trace_vprintk 4083 * 4084 * Behaves like **bpf_trace_printk**\ () helper, but takes an array of u64 4085 * to format and can handle more format args as a result. 4086 * 4087 * Arguments are to be used as in **bpf_seq_printf**\ () helper. 4088 * 4089 * Returns 4090 * The number of bytes written to the buffer, or a negative error 4091 * in case of failure. 4092 */ 4093 static long (*bpf_trace_vprintk)(const char *fmt, __u32 fmt_size, const void *data, __u32 data_len) = (void *) 177; 4094 4095 /* 4096 * bpf_skc_to_unix_sock 4097 * 4098 * Dynamically cast a *sk* pointer to a *unix_sock* pointer. 4099 * 4100 * Returns 4101 * *sk* if casting is valid, or **NULL** otherwise. 4102 */ 4103 static struct unix_sock *(*bpf_skc_to_unix_sock)(void *sk) = (void *) 178; 4104 4105 /* 4106 * bpf_kallsyms_lookup_name 4107 * 4108 * Get the address of a kernel symbol, returned in *res*. *res* is 4109 * set to 0 if the symbol is not found. 4110 * 4111 * Returns 4112 * On success, zero. On error, a negative value. 4113 * 4114 * **-EINVAL** if *flags* is not zero. 4115 * 4116 * **-EINVAL** if string *name* is not the same size as *name_sz*. 4117 * 4118 * **-ENOENT** if symbol is not found. 4119 * 4120 * **-EPERM** if caller does not have permission to obtain kernel address. 4121 */ 4122 static long (*bpf_kallsyms_lookup_name)(const char *name, int name_sz, int flags, __u64 *res) = (void *) 179; 4123 4124 /* 4125 * bpf_find_vma 4126 * 4127 * Find vma of *task* that contains *addr*, call *callback_fn* 4128 * function with *task*, *vma*, and *callback_ctx*. 4129 * The *callback_fn* should be a static function and 4130 * the *callback_ctx* should be a pointer to the stack. 4131 * The *flags* is used to control certain aspects of the helper. 4132 * Currently, the *flags* must be 0. 4133 * 4134 * The expected callback signature is 4135 * 4136 * long (\*callback_fn)(struct task_struct \*task, struct vm_area_struct \*vma, void \*callback_ctx); 4137 * 4138 * 4139 * Returns 4140 * 0 on success. 4141 * **-ENOENT** if *task->mm* is NULL, or no vma contains *addr*. 4142 * **-EBUSY** if failed to try lock mmap_lock. 4143 * **-EINVAL** for invalid **flags**. 4144 */ 4145 static long (*bpf_find_vma)(struct task_struct *task, __u64 addr, void *callback_fn, void *callback_ctx, __u64 flags) = (void *) 180; 4146 4147 /* 4148 * bpf_loop 4149 * 4150 * For **nr_loops**, call **callback_fn** function 4151 * with **callback_ctx** as the context parameter. 4152 * The **callback_fn** should be a static function and 4153 * the **callback_ctx** should be a pointer to the stack. 4154 * The **flags** is used to control certain aspects of the helper. 4155 * Currently, the **flags** must be 0. Currently, nr_loops is 4156 * limited to 1 << 23 (~8 million) loops. 4157 * 4158 * long (\*callback_fn)(u32 index, void \*ctx); 4159 * 4160 * where **index** is the current index in the loop. The index 4161 * is zero-indexed. 4162 * 4163 * If **callback_fn** returns 0, the helper will continue to the next 4164 * loop. If return value is 1, the helper will skip the rest of 4165 * the loops and return. Other return values are not used now, 4166 * and will be rejected by the verifier. 4167 * 4168 * 4169 * Returns 4170 * The number of loops performed, **-EINVAL** for invalid **flags**, 4171 * **-E2BIG** if **nr_loops** exceeds the maximum number of loops. 4172 */ 4173 static long (*bpf_loop)(__u32 nr_loops, void *callback_fn, void *callback_ctx, __u64 flags) = (void *) 181; 4174 4175 /* 4176 * bpf_strncmp 4177 * 4178 * Do strncmp() between **s1** and **s2**. **s1** doesn't need 4179 * to be null-terminated and **s1_sz** is the maximum storage 4180 * size of **s1**. **s2** must be a read-only string. 4181 * 4182 * Returns 4183 * An integer less than, equal to, or greater than zero 4184 * if the first **s1_sz** bytes of **s1** is found to be 4185 * less than, to match, or be greater than **s2**. 4186 */ 4187 static long (*bpf_strncmp)(const char *s1, __u32 s1_sz, const char *s2) = (void *) 182; 4188 4189 /* 4190 * bpf_get_func_arg 4191 * 4192 * Get **n**-th argument (zero based) of the traced function (for tracing programs) 4193 * returned in **value**. 4194 * 4195 * 4196 * Returns 4197 * 0 on success. 4198 * **-EINVAL** if n >= arguments count of traced function. 4199 */ 4200 static long (*bpf_get_func_arg)(void *ctx, __u32 n, __u64 *value) = (void *) 183; 4201 4202 /* 4203 * bpf_get_func_ret 4204 * 4205 * Get return value of the traced function (for tracing programs) 4206 * in **value**. 4207 * 4208 * 4209 * Returns 4210 * 0 on success. 4211 * **-EOPNOTSUPP** for tracing programs other than BPF_TRACE_FEXIT or BPF_MODIFY_RETURN. 4212 */ 4213 static long (*bpf_get_func_ret)(void *ctx, __u64 *value) = (void *) 184; 4214 4215 /* 4216 * bpf_get_func_arg_cnt 4217 * 4218 * Get number of arguments of the traced function (for tracing programs). 4219 * 4220 * 4221 * Returns 4222 * The number of arguments of the traced function. 4223 */ 4224 static long (*bpf_get_func_arg_cnt)(void *ctx) = (void *) 185; 4225 4226 /* 4227 * bpf_get_retval 4228 * 4229 * Get the syscall's return value that will be returned to userspace. 4230 * 4231 * This helper is currently supported by cgroup programs only. 4232 * 4233 * Returns 4234 * The syscall's return value. 4235 */ 4236 static int (*bpf_get_retval)(void) = (void *) 186; 4237 4238 /* 4239 * bpf_set_retval 4240 * 4241 * Set the syscall's return value that will be returned to userspace. 4242 * 4243 * This helper is currently supported by cgroup programs only. 4244 * 4245 * Returns 4246 * 0 on success, or a negative error in case of failure. 4247 */ 4248 static int (*bpf_set_retval)(int retval) = (void *) 187; 4249 4250 /* 4251 * bpf_xdp_get_buff_len 4252 * 4253 * Get the total size of a given xdp buff (linear and paged area) 4254 * 4255 * Returns 4256 * The total size of a given xdp buffer. 4257 */ 4258 static __u64 (*bpf_xdp_get_buff_len)(struct xdp_md *xdp_md) = (void *) 188; 4259 4260 /* 4261 * bpf_xdp_load_bytes 4262 * 4263 * This helper is provided as an easy way to load data from a 4264 * xdp buffer. It can be used to load *len* bytes from *offset* from 4265 * the frame associated to *xdp_md*, into the buffer pointed by 4266 * *buf*. 4267 * 4268 * Returns 4269 * 0 on success, or a negative error in case of failure. 4270 */ 4271 static long (*bpf_xdp_load_bytes)(struct xdp_md *xdp_md, __u32 offset, void *buf, __u32 len) = (void *) 189; 4272 4273 /* 4274 * bpf_xdp_store_bytes 4275 * 4276 * Store *len* bytes from buffer *buf* into the frame 4277 * associated to *xdp_md*, at *offset*. 4278 * 4279 * Returns 4280 * 0 on success, or a negative error in case of failure. 4281 */ 4282 static long (*bpf_xdp_store_bytes)(struct xdp_md *xdp_md, __u32 offset, void *buf, __u32 len) = (void *) 190; 4283 4284 /* 4285 * bpf_copy_from_user_task 4286 * 4287 * Read *size* bytes from user space address *user_ptr* in *tsk*'s 4288 * address space, and stores the data in *dst*. *flags* is not 4289 * used yet and is provided for future extensibility. This helper 4290 * can only be used by sleepable programs. 4291 * 4292 * Returns 4293 * 0 on success, or a negative error in case of failure. On error 4294 * *dst* buffer is zeroed out. 4295 */ 4296 static long (*bpf_copy_from_user_task)(void *dst, __u32 size, const void *user_ptr, struct task_struct *tsk, __u64 flags) = (void *) 191; 4297 4298 4299