1 /* This is auto-generated file. See bpf_doc.py for details. */ 2 3 /* Forward declarations of BPF structs */ 4 struct bpf_fib_lookup; 5 struct bpf_sk_lookup; 6 struct bpf_perf_event_data; 7 struct bpf_perf_event_value; 8 struct bpf_pidns_info; 9 struct bpf_redir_neigh; 10 struct bpf_sock; 11 struct bpf_sock_addr; 12 struct bpf_sock_ops; 13 struct bpf_sock_tuple; 14 struct bpf_spin_lock; 15 struct bpf_sysctl; 16 struct bpf_tcp_sock; 17 struct bpf_tunnel_key; 18 struct bpf_xfrm_state; 19 struct linux_binprm; 20 struct pt_regs; 21 struct sk_reuseport_md; 22 struct sockaddr; 23 struct tcphdr; 24 struct seq_file; 25 struct tcp6_sock; 26 struct tcp_sock; 27 struct tcp_timewait_sock; 28 struct tcp_request_sock; 29 struct udp6_sock; 30 struct unix_sock; 31 struct task_struct; 32 struct cgroup; 33 struct __sk_buff; 34 struct sk_msg_md; 35 struct xdp_md; 36 struct path; 37 struct btf_ptr; 38 struct inode; 39 struct socket; 40 struct file; 41 struct bpf_timer; 42 struct mptcp_sock; 43 struct bpf_dynptr; 44 struct iphdr; 45 struct ipv6hdr; 46 47 /* 48 * bpf_map_lookup_elem 49 * 50 * Perform a lookup in *map* for an entry associated to *key*. 51 * 52 * Returns 53 * Map value associated to *key*, or **NULL** if no entry was 54 * found. 55 */ 56 static void *(*bpf_map_lookup_elem)(void *map, const void *key) = (void *) 1; 57 58 /* 59 * bpf_map_update_elem 60 * 61 * Add or update the value of the entry associated to *key* in 62 * *map* with *value*. *flags* is one of: 63 * 64 * **BPF_NOEXIST** 65 * The entry for *key* must not exist in the map. 66 * **BPF_EXIST** 67 * The entry for *key* must already exist in the map. 68 * **BPF_ANY** 69 * No condition on the existence of the entry for *key*. 70 * 71 * Flag value **BPF_NOEXIST** cannot be used for maps of types 72 * **BPF_MAP_TYPE_ARRAY** or **BPF_MAP_TYPE_PERCPU_ARRAY** (all 73 * elements always exist), the helper would return an error. 74 * 75 * Returns 76 * 0 on success, or a negative error in case of failure. 77 */ 78 static long (*bpf_map_update_elem)(void *map, const void *key, const void *value, __u64 flags) = (void *) 2; 79 80 /* 81 * bpf_map_delete_elem 82 * 83 * Delete entry with *key* from *map*. 84 * 85 * Returns 86 * 0 on success, or a negative error in case of failure. 87 */ 88 static long (*bpf_map_delete_elem)(void *map, const void *key) = (void *) 3; 89 90 /* 91 * bpf_probe_read 92 * 93 * For tracing programs, safely attempt to read *size* bytes from 94 * kernel space address *unsafe_ptr* and store the data in *dst*. 95 * 96 * Generally, use **bpf_probe_read_user**\ () or 97 * **bpf_probe_read_kernel**\ () instead. 98 * 99 * Returns 100 * 0 on success, or a negative error in case of failure. 101 */ 102 static long (*bpf_probe_read)(void *dst, __u32 size, const void *unsafe_ptr) = (void *) 4; 103 104 /* 105 * bpf_ktime_get_ns 106 * 107 * Return the time elapsed since system boot, in nanoseconds. 108 * Does not include time the system was suspended. 109 * See: **clock_gettime**\ (**CLOCK_MONOTONIC**) 110 * 111 * Returns 112 * Current *ktime*. 113 */ 114 static __u64 (*bpf_ktime_get_ns)(void) = (void *) 5; 115 116 /* 117 * bpf_trace_printk 118 * 119 * This helper is a "printk()-like" facility for debugging. It 120 * prints a message defined by format *fmt* (of size *fmt_size*) 121 * to file *\/sys/kernel/tracing/trace* from TraceFS, if 122 * available. It can take up to three additional **u64** 123 * arguments (as an eBPF helpers, the total number of arguments is 124 * limited to five). 125 * 126 * Each time the helper is called, it appends a line to the trace. 127 * Lines are discarded while *\/sys/kernel/tracing/trace* is 128 * open, use *\/sys/kernel/tracing/trace_pipe* to avoid this. 129 * The format of the trace is customizable, and the exact output 130 * one will get depends on the options set in 131 * *\/sys/kernel/tracing/trace_options* (see also the 132 * *README* file under the same directory). However, it usually 133 * defaults to something like: 134 * 135 * :: 136 * 137 * telnet-470 [001] .N.. 419421.045894: 0x00000001: <formatted msg> 138 * 139 * In the above: 140 * 141 * * ``telnet`` is the name of the current task. 142 * * ``470`` is the PID of the current task. 143 * * ``001`` is the CPU number on which the task is 144 * running. 145 * * In ``.N..``, each character refers to a set of 146 * options (whether irqs are enabled, scheduling 147 * options, whether hard/softirqs are running, level of 148 * preempt_disabled respectively). **N** means that 149 * **TIF_NEED_RESCHED** and **PREEMPT_NEED_RESCHED** 150 * are set. 151 * * ``419421.045894`` is a timestamp. 152 * * ``0x00000001`` is a fake value used by BPF for the 153 * instruction pointer register. 154 * * ``<formatted msg>`` is the message formatted with 155 * *fmt*. 156 * 157 * The conversion specifiers supported by *fmt* are similar, but 158 * more limited than for printk(). They are **%d**, **%i**, 159 * **%u**, **%x**, **%ld**, **%li**, **%lu**, **%lx**, **%lld**, 160 * **%lli**, **%llu**, **%llx**, **%p**, **%s**. No modifier (size 161 * of field, padding with zeroes, etc.) is available, and the 162 * helper will return **-EINVAL** (but print nothing) if it 163 * encounters an unknown specifier. 164 * 165 * Also, note that **bpf_trace_printk**\ () is slow, and should 166 * only be used for debugging purposes. For this reason, a notice 167 * block (spanning several lines) is printed to kernel logs and 168 * states that the helper should not be used "for production use" 169 * the first time this helper is used (or more precisely, when 170 * **trace_printk**\ () buffers are allocated). For passing values 171 * to user space, perf events should be preferred. 172 * 173 * Returns 174 * The number of bytes written to the buffer, or a negative error 175 * in case of failure. 176 */ 177 static long (*bpf_trace_printk)(const char *fmt, __u32 fmt_size, ...) = (void *) 6; 178 179 /* 180 * bpf_get_prandom_u32 181 * 182 * Get a pseudo-random number. 183 * 184 * From a security point of view, this helper uses its own 185 * pseudo-random internal state, and cannot be used to infer the 186 * seed of other random functions in the kernel. However, it is 187 * essential to note that the generator used by the helper is not 188 * cryptographically secure. 189 * 190 * Returns 191 * A random 32-bit unsigned value. 192 */ 193 static __u32 (*bpf_get_prandom_u32)(void) = (void *) 7; 194 195 /* 196 * bpf_get_smp_processor_id 197 * 198 * Get the SMP (symmetric multiprocessing) processor id. Note that 199 * all programs run with migration disabled, which means that the 200 * SMP processor id is stable during all the execution of the 201 * program. 202 * 203 * Returns 204 * The SMP id of the processor running the program. 205 */ 206 static __u32 (*bpf_get_smp_processor_id)(void) = (void *) 8; 207 208 /* 209 * bpf_skb_store_bytes 210 * 211 * Store *len* bytes from address *from* into the packet 212 * associated to *skb*, at *offset*. *flags* are a combination of 213 * **BPF_F_RECOMPUTE_CSUM** (automatically recompute the 214 * checksum for the packet after storing the bytes) and 215 * **BPF_F_INVALIDATE_HASH** (set *skb*\ **->hash**, *skb*\ 216 * **->swhash** and *skb*\ **->l4hash** to 0). 217 * 218 * A call to this helper is susceptible to change the underlying 219 * packet buffer. Therefore, at load time, all checks on pointers 220 * previously done by the verifier are invalidated and must be 221 * performed again, if the helper is used in combination with 222 * direct packet access. 223 * 224 * Returns 225 * 0 on success, or a negative error in case of failure. 226 */ 227 static long (*bpf_skb_store_bytes)(struct __sk_buff *skb, __u32 offset, const void *from, __u32 len, __u64 flags) = (void *) 9; 228 229 /* 230 * bpf_l3_csum_replace 231 * 232 * Recompute the layer 3 (e.g. IP) checksum for the packet 233 * associated to *skb*. Computation is incremental, so the helper 234 * must know the former value of the header field that was 235 * modified (*from*), the new value of this field (*to*), and the 236 * number of bytes (2 or 4) for this field, stored in *size*. 237 * Alternatively, it is possible to store the difference between 238 * the previous and the new values of the header field in *to*, by 239 * setting *from* and *size* to 0. For both methods, *offset* 240 * indicates the location of the IP checksum within the packet. 241 * 242 * This helper works in combination with **bpf_csum_diff**\ (), 243 * which does not update the checksum in-place, but offers more 244 * flexibility and can handle sizes larger than 2 or 4 for the 245 * checksum to update. 246 * 247 * A call to this helper is susceptible to change the underlying 248 * packet buffer. Therefore, at load time, all checks on pointers 249 * previously done by the verifier are invalidated and must be 250 * performed again, if the helper is used in combination with 251 * direct packet access. 252 * 253 * Returns 254 * 0 on success, or a negative error in case of failure. 255 */ 256 static long (*bpf_l3_csum_replace)(struct __sk_buff *skb, __u32 offset, __u64 from, __u64 to, __u64 size) = (void *) 10; 257 258 /* 259 * bpf_l4_csum_replace 260 * 261 * Recompute the layer 4 (e.g. TCP, UDP or ICMP) checksum for the 262 * packet associated to *skb*. Computation is incremental, so the 263 * helper must know the former value of the header field that was 264 * modified (*from*), the new value of this field (*to*), and the 265 * number of bytes (2 or 4) for this field, stored on the lowest 266 * four bits of *flags*. Alternatively, it is possible to store 267 * the difference between the previous and the new values of the 268 * header field in *to*, by setting *from* and the four lowest 269 * bits of *flags* to 0. For both methods, *offset* indicates the 270 * location of the IP checksum within the packet. In addition to 271 * the size of the field, *flags* can be added (bitwise OR) actual 272 * flags. With **BPF_F_MARK_MANGLED_0**, a null checksum is left 273 * untouched (unless **BPF_F_MARK_ENFORCE** is added as well), and 274 * for updates resulting in a null checksum the value is set to 275 * **CSUM_MANGLED_0** instead. Flag **BPF_F_PSEUDO_HDR** indicates 276 * the checksum is to be computed against a pseudo-header. 277 * 278 * This helper works in combination with **bpf_csum_diff**\ (), 279 * which does not update the checksum in-place, but offers more 280 * flexibility and can handle sizes larger than 2 or 4 for the 281 * checksum to update. 282 * 283 * A call to this helper is susceptible to change the underlying 284 * packet buffer. Therefore, at load time, all checks on pointers 285 * previously done by the verifier are invalidated and must be 286 * performed again, if the helper is used in combination with 287 * direct packet access. 288 * 289 * Returns 290 * 0 on success, or a negative error in case of failure. 291 */ 292 static long (*bpf_l4_csum_replace)(struct __sk_buff *skb, __u32 offset, __u64 from, __u64 to, __u64 flags) = (void *) 11; 293 294 /* 295 * bpf_tail_call 296 * 297 * This special helper is used to trigger a "tail call", or in 298 * other words, to jump into another eBPF program. The same stack 299 * frame is used (but values on stack and in registers for the 300 * caller are not accessible to the callee). This mechanism allows 301 * for program chaining, either for raising the maximum number of 302 * available eBPF instructions, or to execute given programs in 303 * conditional blocks. For security reasons, there is an upper 304 * limit to the number of successive tail calls that can be 305 * performed. 306 * 307 * Upon call of this helper, the program attempts to jump into a 308 * program referenced at index *index* in *prog_array_map*, a 309 * special map of type **BPF_MAP_TYPE_PROG_ARRAY**, and passes 310 * *ctx*, a pointer to the context. 311 * 312 * If the call succeeds, the kernel immediately runs the first 313 * instruction of the new program. This is not a function call, 314 * and it never returns to the previous program. If the call 315 * fails, then the helper has no effect, and the caller continues 316 * to run its subsequent instructions. A call can fail if the 317 * destination program for the jump does not exist (i.e. *index* 318 * is superior to the number of entries in *prog_array_map*), or 319 * if the maximum number of tail calls has been reached for this 320 * chain of programs. This limit is defined in the kernel by the 321 * macro **MAX_TAIL_CALL_CNT** (not accessible to user space), 322 * which is currently set to 33. 323 * 324 * Returns 325 * 0 on success, or a negative error in case of failure. 326 */ 327 static long (*bpf_tail_call)(void *ctx, void *prog_array_map, __u32 index) = (void *) 12; 328 329 /* 330 * bpf_clone_redirect 331 * 332 * Clone and redirect the packet associated to *skb* to another 333 * net device of index *ifindex*. Both ingress and egress 334 * interfaces can be used for redirection. The **BPF_F_INGRESS** 335 * value in *flags* is used to make the distinction (ingress path 336 * is selected if the flag is present, egress path otherwise). 337 * This is the only flag supported for now. 338 * 339 * In comparison with **bpf_redirect**\ () helper, 340 * **bpf_clone_redirect**\ () has the associated cost of 341 * duplicating the packet buffer, but this can be executed out of 342 * the eBPF program. Conversely, **bpf_redirect**\ () is more 343 * efficient, but it is handled through an action code where the 344 * redirection happens only after the eBPF program has returned. 345 * 346 * A call to this helper is susceptible to change the underlying 347 * packet buffer. Therefore, at load time, all checks on pointers 348 * previously done by the verifier are invalidated and must be 349 * performed again, if the helper is used in combination with 350 * direct packet access. 351 * 352 * Returns 353 * 0 on success, or a negative error in case of failure. Positive 354 * error indicates a potential drop or congestion in the target 355 * device. The particular positive error codes are not defined. 356 */ 357 static long (*bpf_clone_redirect)(struct __sk_buff *skb, __u32 ifindex, __u64 flags) = (void *) 13; 358 359 /* 360 * bpf_get_current_pid_tgid 361 * 362 * Get the current pid and tgid. 363 * 364 * Returns 365 * A 64-bit integer containing the current tgid and pid, and 366 * created as such: 367 * *current_task*\ **->tgid << 32 \|** 368 * *current_task*\ **->pid**. 369 */ 370 static __u64 (*bpf_get_current_pid_tgid)(void) = (void *) 14; 371 372 /* 373 * bpf_get_current_uid_gid 374 * 375 * Get the current uid and gid. 376 * 377 * Returns 378 * A 64-bit integer containing the current GID and UID, and 379 * created as such: *current_gid* **<< 32 \|** *current_uid*. 380 */ 381 static __u64 (*bpf_get_current_uid_gid)(void) = (void *) 15; 382 383 /* 384 * bpf_get_current_comm 385 * 386 * Copy the **comm** attribute of the current task into *buf* of 387 * *size_of_buf*. The **comm** attribute contains the name of 388 * the executable (excluding the path) for the current task. The 389 * *size_of_buf* must be strictly positive. On success, the 390 * helper makes sure that the *buf* is NUL-terminated. On failure, 391 * it is filled with zeroes. 392 * 393 * Returns 394 * 0 on success, or a negative error in case of failure. 395 */ 396 static long (*bpf_get_current_comm)(void *buf, __u32 size_of_buf) = (void *) 16; 397 398 /* 399 * bpf_get_cgroup_classid 400 * 401 * Retrieve the classid for the current task, i.e. for the net_cls 402 * cgroup to which *skb* belongs. 403 * 404 * This helper can be used on TC egress path, but not on ingress. 405 * 406 * The net_cls cgroup provides an interface to tag network packets 407 * based on a user-provided identifier for all traffic coming from 408 * the tasks belonging to the related cgroup. See also the related 409 * kernel documentation, available from the Linux sources in file 410 * *Documentation/admin-guide/cgroup-v1/net_cls.rst*. 411 * 412 * The Linux kernel has two versions for cgroups: there are 413 * cgroups v1 and cgroups v2. Both are available to users, who can 414 * use a mixture of them, but note that the net_cls cgroup is for 415 * cgroup v1 only. This makes it incompatible with BPF programs 416 * run on cgroups, which is a cgroup-v2-only feature (a socket can 417 * only hold data for one version of cgroups at a time). 418 * 419 * This helper is only available is the kernel was compiled with 420 * the **CONFIG_CGROUP_NET_CLASSID** configuration option set to 421 * "**y**" or to "**m**". 422 * 423 * Returns 424 * The classid, or 0 for the default unconfigured classid. 425 */ 426 static __u32 (*bpf_get_cgroup_classid)(struct __sk_buff *skb) = (void *) 17; 427 428 /* 429 * bpf_skb_vlan_push 430 * 431 * Push a *vlan_tci* (VLAN tag control information) of protocol 432 * *vlan_proto* to the packet associated to *skb*, then update 433 * the checksum. Note that if *vlan_proto* is different from 434 * **ETH_P_8021Q** and **ETH_P_8021AD**, it is considered to 435 * be **ETH_P_8021Q**. 436 * 437 * A call to this helper is susceptible to change the underlying 438 * packet buffer. Therefore, at load time, all checks on pointers 439 * previously done by the verifier are invalidated and must be 440 * performed again, if the helper is used in combination with 441 * direct packet access. 442 * 443 * Returns 444 * 0 on success, or a negative error in case of failure. 445 */ 446 static long (*bpf_skb_vlan_push)(struct __sk_buff *skb, __be16 vlan_proto, __u16 vlan_tci) = (void *) 18; 447 448 /* 449 * bpf_skb_vlan_pop 450 * 451 * Pop a VLAN header from the packet associated to *skb*. 452 * 453 * A call to this helper is susceptible to change the underlying 454 * packet buffer. Therefore, at load time, all checks on pointers 455 * previously done by the verifier are invalidated and must be 456 * performed again, if the helper is used in combination with 457 * direct packet access. 458 * 459 * Returns 460 * 0 on success, or a negative error in case of failure. 461 */ 462 static long (*bpf_skb_vlan_pop)(struct __sk_buff *skb) = (void *) 19; 463 464 /* 465 * bpf_skb_get_tunnel_key 466 * 467 * Get tunnel metadata. This helper takes a pointer *key* to an 468 * empty **struct bpf_tunnel_key** of **size**, that will be 469 * filled with tunnel metadata for the packet associated to *skb*. 470 * The *flags* can be set to **BPF_F_TUNINFO_IPV6**, which 471 * indicates that the tunnel is based on IPv6 protocol instead of 472 * IPv4. 473 * 474 * The **struct bpf_tunnel_key** is an object that generalizes the 475 * principal parameters used by various tunneling protocols into a 476 * single struct. This way, it can be used to easily make a 477 * decision based on the contents of the encapsulation header, 478 * "summarized" in this struct. In particular, it holds the IP 479 * address of the remote end (IPv4 or IPv6, depending on the case) 480 * in *key*\ **->remote_ipv4** or *key*\ **->remote_ipv6**. Also, 481 * this struct exposes the *key*\ **->tunnel_id**, which is 482 * generally mapped to a VNI (Virtual Network Identifier), making 483 * it programmable together with the **bpf_skb_set_tunnel_key**\ 484 * () helper. 485 * 486 * Let's imagine that the following code is part of a program 487 * attached to the TC ingress interface, on one end of a GRE 488 * tunnel, and is supposed to filter out all messages coming from 489 * remote ends with IPv4 address other than 10.0.0.1: 490 * 491 * :: 492 * 493 * int ret; 494 * struct bpf_tunnel_key key = {}; 495 * 496 * ret = bpf_skb_get_tunnel_key(skb, &key, sizeof(key), 0); 497 * if (ret < 0) 498 * return TC_ACT_SHOT; // drop packet 499 * 500 * if (key.remote_ipv4 != 0x0a000001) 501 * return TC_ACT_SHOT; // drop packet 502 * 503 * return TC_ACT_OK; // accept packet 504 * 505 * This interface can also be used with all encapsulation devices 506 * that can operate in "collect metadata" mode: instead of having 507 * one network device per specific configuration, the "collect 508 * metadata" mode only requires a single device where the 509 * configuration can be extracted from this helper. 510 * 511 * This can be used together with various tunnels such as VXLan, 512 * Geneve, GRE or IP in IP (IPIP). 513 * 514 * Returns 515 * 0 on success, or a negative error in case of failure. 516 */ 517 static long (*bpf_skb_get_tunnel_key)(struct __sk_buff *skb, struct bpf_tunnel_key *key, __u32 size, __u64 flags) = (void *) 20; 518 519 /* 520 * bpf_skb_set_tunnel_key 521 * 522 * Populate tunnel metadata for packet associated to *skb.* The 523 * tunnel metadata is set to the contents of *key*, of *size*. The 524 * *flags* can be set to a combination of the following values: 525 * 526 * **BPF_F_TUNINFO_IPV6** 527 * Indicate that the tunnel is based on IPv6 protocol 528 * instead of IPv4. 529 * **BPF_F_ZERO_CSUM_TX** 530 * For IPv4 packets, add a flag to tunnel metadata 531 * indicating that checksum computation should be skipped 532 * and checksum set to zeroes. 533 * **BPF_F_DONT_FRAGMENT** 534 * Add a flag to tunnel metadata indicating that the 535 * packet should not be fragmented. 536 * **BPF_F_SEQ_NUMBER** 537 * Add a flag to tunnel metadata indicating that a 538 * sequence number should be added to tunnel header before 539 * sending the packet. This flag was added for GRE 540 * encapsulation, but might be used with other protocols 541 * as well in the future. 542 * **BPF_F_NO_TUNNEL_KEY** 543 * Add a flag to tunnel metadata indicating that no tunnel 544 * key should be set in the resulting tunnel header. 545 * 546 * Here is a typical usage on the transmit path: 547 * 548 * :: 549 * 550 * struct bpf_tunnel_key key; 551 * populate key ... 552 * bpf_skb_set_tunnel_key(skb, &key, sizeof(key), 0); 553 * bpf_clone_redirect(skb, vxlan_dev_ifindex, 0); 554 * 555 * See also the description of the **bpf_skb_get_tunnel_key**\ () 556 * helper for additional information. 557 * 558 * Returns 559 * 0 on success, or a negative error in case of failure. 560 */ 561 static long (*bpf_skb_set_tunnel_key)(struct __sk_buff *skb, struct bpf_tunnel_key *key, __u32 size, __u64 flags) = (void *) 21; 562 563 /* 564 * bpf_perf_event_read 565 * 566 * Read the value of a perf event counter. This helper relies on a 567 * *map* of type **BPF_MAP_TYPE_PERF_EVENT_ARRAY**. The nature of 568 * the perf event counter is selected when *map* is updated with 569 * perf event file descriptors. The *map* is an array whose size 570 * is the number of available CPUs, and each cell contains a value 571 * relative to one CPU. The value to retrieve is indicated by 572 * *flags*, that contains the index of the CPU to look up, masked 573 * with **BPF_F_INDEX_MASK**. Alternatively, *flags* can be set to 574 * **BPF_F_CURRENT_CPU** to indicate that the value for the 575 * current CPU should be retrieved. 576 * 577 * Note that before Linux 4.13, only hardware perf event can be 578 * retrieved. 579 * 580 * Also, be aware that the newer helper 581 * **bpf_perf_event_read_value**\ () is recommended over 582 * **bpf_perf_event_read**\ () in general. The latter has some ABI 583 * quirks where error and counter value are used as a return code 584 * (which is wrong to do since ranges may overlap). This issue is 585 * fixed with **bpf_perf_event_read_value**\ (), which at the same 586 * time provides more features over the **bpf_perf_event_read**\ 587 * () interface. Please refer to the description of 588 * **bpf_perf_event_read_value**\ () for details. 589 * 590 * Returns 591 * The value of the perf event counter read from the map, or a 592 * negative error code in case of failure. 593 */ 594 static __u64 (*bpf_perf_event_read)(void *map, __u64 flags) = (void *) 22; 595 596 /* 597 * bpf_redirect 598 * 599 * Redirect the packet to another net device of index *ifindex*. 600 * This helper is somewhat similar to **bpf_clone_redirect**\ 601 * (), except that the packet is not cloned, which provides 602 * increased performance. 603 * 604 * Except for XDP, both ingress and egress interfaces can be used 605 * for redirection. The **BPF_F_INGRESS** value in *flags* is used 606 * to make the distinction (ingress path is selected if the flag 607 * is present, egress path otherwise). Currently, XDP only 608 * supports redirection to the egress interface, and accepts no 609 * flag at all. 610 * 611 * The same effect can also be attained with the more generic 612 * **bpf_redirect_map**\ (), which uses a BPF map to store the 613 * redirect target instead of providing it directly to the helper. 614 * 615 * Returns 616 * For XDP, the helper returns **XDP_REDIRECT** on success or 617 * **XDP_ABORTED** on error. For other program types, the values 618 * are **TC_ACT_REDIRECT** on success or **TC_ACT_SHOT** on 619 * error. 620 */ 621 static long (*bpf_redirect)(__u32 ifindex, __u64 flags) = (void *) 23; 622 623 /* 624 * bpf_get_route_realm 625 * 626 * Retrieve the realm or the route, that is to say the 627 * **tclassid** field of the destination for the *skb*. The 628 * identifier retrieved is a user-provided tag, similar to the 629 * one used with the net_cls cgroup (see description for 630 * **bpf_get_cgroup_classid**\ () helper), but here this tag is 631 * held by a route (a destination entry), not by a task. 632 * 633 * Retrieving this identifier works with the clsact TC egress hook 634 * (see also **tc-bpf(8)**), or alternatively on conventional 635 * classful egress qdiscs, but not on TC ingress path. In case of 636 * clsact TC egress hook, this has the advantage that, internally, 637 * the destination entry has not been dropped yet in the transmit 638 * path. Therefore, the destination entry does not need to be 639 * artificially held via **netif_keep_dst**\ () for a classful 640 * qdisc until the *skb* is freed. 641 * 642 * This helper is available only if the kernel was compiled with 643 * **CONFIG_IP_ROUTE_CLASSID** configuration option. 644 * 645 * Returns 646 * The realm of the route for the packet associated to *skb*, or 0 647 * if none was found. 648 */ 649 static __u32 (*bpf_get_route_realm)(struct __sk_buff *skb) = (void *) 24; 650 651 /* 652 * bpf_perf_event_output 653 * 654 * Write raw *data* blob into a special BPF perf event held by 655 * *map* of type **BPF_MAP_TYPE_PERF_EVENT_ARRAY**. This perf 656 * event must have the following attributes: **PERF_SAMPLE_RAW** 657 * as **sample_type**, **PERF_TYPE_SOFTWARE** as **type**, and 658 * **PERF_COUNT_SW_BPF_OUTPUT** as **config**. 659 * 660 * The *flags* are used to indicate the index in *map* for which 661 * the value must be put, masked with **BPF_F_INDEX_MASK**. 662 * Alternatively, *flags* can be set to **BPF_F_CURRENT_CPU** 663 * to indicate that the index of the current CPU core should be 664 * used. 665 * 666 * The value to write, of *size*, is passed through eBPF stack and 667 * pointed by *data*. 668 * 669 * The context of the program *ctx* needs also be passed to the 670 * helper. 671 * 672 * On user space, a program willing to read the values needs to 673 * call **perf_event_open**\ () on the perf event (either for 674 * one or for all CPUs) and to store the file descriptor into the 675 * *map*. This must be done before the eBPF program can send data 676 * into it. An example is available in file 677 * *samples/bpf/trace_output_user.c* in the Linux kernel source 678 * tree (the eBPF program counterpart is in 679 * *samples/bpf/trace_output_kern.c*). 680 * 681 * **bpf_perf_event_output**\ () achieves better performance 682 * than **bpf_trace_printk**\ () for sharing data with user 683 * space, and is much better suitable for streaming data from eBPF 684 * programs. 685 * 686 * Note that this helper is not restricted to tracing use cases 687 * and can be used with programs attached to TC or XDP as well, 688 * where it allows for passing data to user space listeners. Data 689 * can be: 690 * 691 * * Only custom structs, 692 * * Only the packet payload, or 693 * * A combination of both. 694 * 695 * Returns 696 * 0 on success, or a negative error in case of failure. 697 */ 698 static long (*bpf_perf_event_output)(void *ctx, void *map, __u64 flags, void *data, __u64 size) = (void *) 25; 699 700 /* 701 * bpf_skb_load_bytes 702 * 703 * This helper was provided as an easy way to load data from a 704 * packet. It can be used to load *len* bytes from *offset* from 705 * the packet associated to *skb*, into the buffer pointed by 706 * *to*. 707 * 708 * Since Linux 4.7, usage of this helper has mostly been replaced 709 * by "direct packet access", enabling packet data to be 710 * manipulated with *skb*\ **->data** and *skb*\ **->data_end** 711 * pointing respectively to the first byte of packet data and to 712 * the byte after the last byte of packet data. However, it 713 * remains useful if one wishes to read large quantities of data 714 * at once from a packet into the eBPF stack. 715 * 716 * Returns 717 * 0 on success, or a negative error in case of failure. 718 */ 719 static long (*bpf_skb_load_bytes)(const void *skb, __u32 offset, void *to, __u32 len) = (void *) 26; 720 721 /* 722 * bpf_get_stackid 723 * 724 * Walk a user or a kernel stack and return its id. To achieve 725 * this, the helper needs *ctx*, which is a pointer to the context 726 * on which the tracing program is executed, and a pointer to a 727 * *map* of type **BPF_MAP_TYPE_STACK_TRACE**. 728 * 729 * The last argument, *flags*, holds the number of stack frames to 730 * skip (from 0 to 255), masked with 731 * **BPF_F_SKIP_FIELD_MASK**. The next bits can be used to set 732 * a combination of the following flags: 733 * 734 * **BPF_F_USER_STACK** 735 * Collect a user space stack instead of a kernel stack. 736 * **BPF_F_FAST_STACK_CMP** 737 * Compare stacks by hash only. 738 * **BPF_F_REUSE_STACKID** 739 * If two different stacks hash into the same *stackid*, 740 * discard the old one. 741 * 742 * The stack id retrieved is a 32 bit long integer handle which 743 * can be further combined with other data (including other stack 744 * ids) and used as a key into maps. This can be useful for 745 * generating a variety of graphs (such as flame graphs or off-cpu 746 * graphs). 747 * 748 * For walking a stack, this helper is an improvement over 749 * **bpf_probe_read**\ (), which can be used with unrolled loops 750 * but is not efficient and consumes a lot of eBPF instructions. 751 * Instead, **bpf_get_stackid**\ () can collect up to 752 * **PERF_MAX_STACK_DEPTH** both kernel and user frames. Note that 753 * this limit can be controlled with the **sysctl** program, and 754 * that it should be manually increased in order to profile long 755 * user stacks (such as stacks for Java programs). To do so, use: 756 * 757 * :: 758 * 759 * # sysctl kernel.perf_event_max_stack=<new value> 760 * 761 * Returns 762 * The positive or null stack id on success, or a negative error 763 * in case of failure. 764 */ 765 static long (*bpf_get_stackid)(void *ctx, void *map, __u64 flags) = (void *) 27; 766 767 /* 768 * bpf_csum_diff 769 * 770 * Compute a checksum difference, from the raw buffer pointed by 771 * *from*, of length *from_size* (that must be a multiple of 4), 772 * towards the raw buffer pointed by *to*, of size *to_size* 773 * (same remark). An optional *seed* can be added to the value 774 * (this can be cascaded, the seed may come from a previous call 775 * to the helper). 776 * 777 * This is flexible enough to be used in several ways: 778 * 779 * * With *from_size* == 0, *to_size* > 0 and *seed* set to 780 * checksum, it can be used when pushing new data. 781 * * With *from_size* > 0, *to_size* == 0 and *seed* set to 782 * checksum, it can be used when removing data from a packet. 783 * * With *from_size* > 0, *to_size* > 0 and *seed* set to 0, it 784 * can be used to compute a diff. Note that *from_size* and 785 * *to_size* do not need to be equal. 786 * 787 * This helper can be used in combination with 788 * **bpf_l3_csum_replace**\ () and **bpf_l4_csum_replace**\ (), to 789 * which one can feed in the difference computed with 790 * **bpf_csum_diff**\ (). 791 * 792 * Returns 793 * The checksum result, or a negative error code in case of 794 * failure. 795 */ 796 static __s64 (*bpf_csum_diff)(__be32 *from, __u32 from_size, __be32 *to, __u32 to_size, __wsum seed) = (void *) 28; 797 798 /* 799 * bpf_skb_get_tunnel_opt 800 * 801 * Retrieve tunnel options metadata for the packet associated to 802 * *skb*, and store the raw tunnel option data to the buffer *opt* 803 * of *size*. 804 * 805 * This helper can be used with encapsulation devices that can 806 * operate in "collect metadata" mode (please refer to the related 807 * note in the description of **bpf_skb_get_tunnel_key**\ () for 808 * more details). A particular example where this can be used is 809 * in combination with the Geneve encapsulation protocol, where it 810 * allows for pushing (with **bpf_skb_get_tunnel_opt**\ () helper) 811 * and retrieving arbitrary TLVs (Type-Length-Value headers) from 812 * the eBPF program. This allows for full customization of these 813 * headers. 814 * 815 * Returns 816 * The size of the option data retrieved. 817 */ 818 static long (*bpf_skb_get_tunnel_opt)(struct __sk_buff *skb, void *opt, __u32 size) = (void *) 29; 819 820 /* 821 * bpf_skb_set_tunnel_opt 822 * 823 * Set tunnel options metadata for the packet associated to *skb* 824 * to the option data contained in the raw buffer *opt* of *size*. 825 * 826 * See also the description of the **bpf_skb_get_tunnel_opt**\ () 827 * helper for additional information. 828 * 829 * Returns 830 * 0 on success, or a negative error in case of failure. 831 */ 832 static long (*bpf_skb_set_tunnel_opt)(struct __sk_buff *skb, void *opt, __u32 size) = (void *) 30; 833 834 /* 835 * bpf_skb_change_proto 836 * 837 * Change the protocol of the *skb* to *proto*. Currently 838 * supported are transition from IPv4 to IPv6, and from IPv6 to 839 * IPv4. The helper takes care of the groundwork for the 840 * transition, including resizing the socket buffer. The eBPF 841 * program is expected to fill the new headers, if any, via 842 * **skb_store_bytes**\ () and to recompute the checksums with 843 * **bpf_l3_csum_replace**\ () and **bpf_l4_csum_replace**\ 844 * (). The main case for this helper is to perform NAT64 845 * operations out of an eBPF program. 846 * 847 * Internally, the GSO type is marked as dodgy so that headers are 848 * checked and segments are recalculated by the GSO/GRO engine. 849 * The size for GSO target is adapted as well. 850 * 851 * All values for *flags* are reserved for future usage, and must 852 * be left at zero. 853 * 854 * A call to this helper is susceptible to change the underlying 855 * packet buffer. Therefore, at load time, all checks on pointers 856 * previously done by the verifier are invalidated and must be 857 * performed again, if the helper is used in combination with 858 * direct packet access. 859 * 860 * Returns 861 * 0 on success, or a negative error in case of failure. 862 */ 863 static long (*bpf_skb_change_proto)(struct __sk_buff *skb, __be16 proto, __u64 flags) = (void *) 31; 864 865 /* 866 * bpf_skb_change_type 867 * 868 * Change the packet type for the packet associated to *skb*. This 869 * comes down to setting *skb*\ **->pkt_type** to *type*, except 870 * the eBPF program does not have a write access to *skb*\ 871 * **->pkt_type** beside this helper. Using a helper here allows 872 * for graceful handling of errors. 873 * 874 * The major use case is to change incoming *skb*s to 875 * **PACKET_HOST** in a programmatic way instead of having to 876 * recirculate via **redirect**\ (..., **BPF_F_INGRESS**), for 877 * example. 878 * 879 * Note that *type* only allows certain values. At this time, they 880 * are: 881 * 882 * **PACKET_HOST** 883 * Packet is for us. 884 * **PACKET_BROADCAST** 885 * Send packet to all. 886 * **PACKET_MULTICAST** 887 * Send packet to group. 888 * **PACKET_OTHERHOST** 889 * Send packet to someone else. 890 * 891 * Returns 892 * 0 on success, or a negative error in case of failure. 893 */ 894 static long (*bpf_skb_change_type)(struct __sk_buff *skb, __u32 type) = (void *) 32; 895 896 /* 897 * bpf_skb_under_cgroup 898 * 899 * Check whether *skb* is a descendant of the cgroup2 held by 900 * *map* of type **BPF_MAP_TYPE_CGROUP_ARRAY**, at *index*. 901 * 902 * Returns 903 * The return value depends on the result of the test, and can be: 904 * 905 * * 0, if the *skb* failed the cgroup2 descendant test. 906 * * 1, if the *skb* succeeded the cgroup2 descendant test. 907 * * A negative error code, if an error occurred. 908 */ 909 static long (*bpf_skb_under_cgroup)(struct __sk_buff *skb, void *map, __u32 index) = (void *) 33; 910 911 /* 912 * bpf_get_hash_recalc 913 * 914 * Retrieve the hash of the packet, *skb*\ **->hash**. If it is 915 * not set, in particular if the hash was cleared due to mangling, 916 * recompute this hash. Later accesses to the hash can be done 917 * directly with *skb*\ **->hash**. 918 * 919 * Calling **bpf_set_hash_invalid**\ (), changing a packet 920 * prototype with **bpf_skb_change_proto**\ (), or calling 921 * **bpf_skb_store_bytes**\ () with the 922 * **BPF_F_INVALIDATE_HASH** are actions susceptible to clear 923 * the hash and to trigger a new computation for the next call to 924 * **bpf_get_hash_recalc**\ (). 925 * 926 * Returns 927 * The 32-bit hash. 928 */ 929 static __u32 (*bpf_get_hash_recalc)(struct __sk_buff *skb) = (void *) 34; 930 931 /* 932 * bpf_get_current_task 933 * 934 * Get the current task. 935 * 936 * Returns 937 * A pointer to the current task struct. 938 */ 939 static __u64 (*bpf_get_current_task)(void) = (void *) 35; 940 941 /* 942 * bpf_probe_write_user 943 * 944 * Attempt in a safe way to write *len* bytes from the buffer 945 * *src* to *dst* in memory. It only works for threads that are in 946 * user context, and *dst* must be a valid user space address. 947 * 948 * This helper should not be used to implement any kind of 949 * security mechanism because of TOC-TOU attacks, but rather to 950 * debug, divert, and manipulate execution of semi-cooperative 951 * processes. 952 * 953 * Keep in mind that this feature is meant for experiments, and it 954 * has a risk of crashing the system and running programs. 955 * Therefore, when an eBPF program using this helper is attached, 956 * a warning including PID and process name is printed to kernel 957 * logs. 958 * 959 * Returns 960 * 0 on success, or a negative error in case of failure. 961 */ 962 static long (*bpf_probe_write_user)(void *dst, const void *src, __u32 len) = (void *) 36; 963 964 /* 965 * bpf_current_task_under_cgroup 966 * 967 * Check whether the probe is being run is the context of a given 968 * subset of the cgroup2 hierarchy. The cgroup2 to test is held by 969 * *map* of type **BPF_MAP_TYPE_CGROUP_ARRAY**, at *index*. 970 * 971 * Returns 972 * The return value depends on the result of the test, and can be: 973 * 974 * * 1, if current task belongs to the cgroup2. 975 * * 0, if current task does not belong to the cgroup2. 976 * * A negative error code, if an error occurred. 977 */ 978 static long (*bpf_current_task_under_cgroup)(void *map, __u32 index) = (void *) 37; 979 980 /* 981 * bpf_skb_change_tail 982 * 983 * Resize (trim or grow) the packet associated to *skb* to the 984 * new *len*. The *flags* are reserved for future usage, and must 985 * be left at zero. 986 * 987 * The basic idea is that the helper performs the needed work to 988 * change the size of the packet, then the eBPF program rewrites 989 * the rest via helpers like **bpf_skb_store_bytes**\ (), 990 * **bpf_l3_csum_replace**\ (), **bpf_l3_csum_replace**\ () 991 * and others. This helper is a slow path utility intended for 992 * replies with control messages. And because it is targeted for 993 * slow path, the helper itself can afford to be slow: it 994 * implicitly linearizes, unclones and drops offloads from the 995 * *skb*. 996 * 997 * A call to this helper is susceptible to change the underlying 998 * packet buffer. Therefore, at load time, all checks on pointers 999 * previously done by the verifier are invalidated and must be 1000 * performed again, if the helper is used in combination with 1001 * direct packet access. 1002 * 1003 * Returns 1004 * 0 on success, or a negative error in case of failure. 1005 */ 1006 static long (*bpf_skb_change_tail)(struct __sk_buff *skb, __u32 len, __u64 flags) = (void *) 38; 1007 1008 /* 1009 * bpf_skb_pull_data 1010 * 1011 * Pull in non-linear data in case the *skb* is non-linear and not 1012 * all of *len* are part of the linear section. Make *len* bytes 1013 * from *skb* readable and writable. If a zero value is passed for 1014 * *len*, then all bytes in the linear part of *skb* will be made 1015 * readable and writable. 1016 * 1017 * This helper is only needed for reading and writing with direct 1018 * packet access. 1019 * 1020 * For direct packet access, testing that offsets to access 1021 * are within packet boundaries (test on *skb*\ **->data_end**) is 1022 * susceptible to fail if offsets are invalid, or if the requested 1023 * data is in non-linear parts of the *skb*. On failure the 1024 * program can just bail out, or in the case of a non-linear 1025 * buffer, use a helper to make the data available. The 1026 * **bpf_skb_load_bytes**\ () helper is a first solution to access 1027 * the data. Another one consists in using **bpf_skb_pull_data** 1028 * to pull in once the non-linear parts, then retesting and 1029 * eventually access the data. 1030 * 1031 * At the same time, this also makes sure the *skb* is uncloned, 1032 * which is a necessary condition for direct write. As this needs 1033 * to be an invariant for the write part only, the verifier 1034 * detects writes and adds a prologue that is calling 1035 * **bpf_skb_pull_data()** to effectively unclone the *skb* from 1036 * the very beginning in case it is indeed cloned. 1037 * 1038 * A call to this helper is susceptible to change the underlying 1039 * packet buffer. Therefore, at load time, all checks on pointers 1040 * previously done by the verifier are invalidated and must be 1041 * performed again, if the helper is used in combination with 1042 * direct packet access. 1043 * 1044 * Returns 1045 * 0 on success, or a negative error in case of failure. 1046 */ 1047 static long (*bpf_skb_pull_data)(struct __sk_buff *skb, __u32 len) = (void *) 39; 1048 1049 /* 1050 * bpf_csum_update 1051 * 1052 * Add the checksum *csum* into *skb*\ **->csum** in case the 1053 * driver has supplied a checksum for the entire packet into that 1054 * field. Return an error otherwise. This helper is intended to be 1055 * used in combination with **bpf_csum_diff**\ (), in particular 1056 * when the checksum needs to be updated after data has been 1057 * written into the packet through direct packet access. 1058 * 1059 * Returns 1060 * The checksum on success, or a negative error code in case of 1061 * failure. 1062 */ 1063 static __s64 (*bpf_csum_update)(struct __sk_buff *skb, __wsum csum) = (void *) 40; 1064 1065 /* 1066 * bpf_set_hash_invalid 1067 * 1068 * Invalidate the current *skb*\ **->hash**. It can be used after 1069 * mangling on headers through direct packet access, in order to 1070 * indicate that the hash is outdated and to trigger a 1071 * recalculation the next time the kernel tries to access this 1072 * hash or when the **bpf_get_hash_recalc**\ () helper is called. 1073 * 1074 * Returns 1075 * void. 1076 */ 1077 static void (*bpf_set_hash_invalid)(struct __sk_buff *skb) = (void *) 41; 1078 1079 /* 1080 * bpf_get_numa_node_id 1081 * 1082 * Return the id of the current NUMA node. The primary use case 1083 * for this helper is the selection of sockets for the local NUMA 1084 * node, when the program is attached to sockets using the 1085 * **SO_ATTACH_REUSEPORT_EBPF** option (see also **socket(7)**), 1086 * but the helper is also available to other eBPF program types, 1087 * similarly to **bpf_get_smp_processor_id**\ (). 1088 * 1089 * Returns 1090 * The id of current NUMA node. 1091 */ 1092 static long (*bpf_get_numa_node_id)(void) = (void *) 42; 1093 1094 /* 1095 * bpf_skb_change_head 1096 * 1097 * Grows headroom of packet associated to *skb* and adjusts the 1098 * offset of the MAC header accordingly, adding *len* bytes of 1099 * space. It automatically extends and reallocates memory as 1100 * required. 1101 * 1102 * This helper can be used on a layer 3 *skb* to push a MAC header 1103 * for redirection into a layer 2 device. 1104 * 1105 * All values for *flags* are reserved for future usage, and must 1106 * be left at zero. 1107 * 1108 * A call to this helper is susceptible to change the underlying 1109 * packet buffer. Therefore, at load time, all checks on pointers 1110 * previously done by the verifier are invalidated and must be 1111 * performed again, if the helper is used in combination with 1112 * direct packet access. 1113 * 1114 * Returns 1115 * 0 on success, or a negative error in case of failure. 1116 */ 1117 static long (*bpf_skb_change_head)(struct __sk_buff *skb, __u32 len, __u64 flags) = (void *) 43; 1118 1119 /* 1120 * bpf_xdp_adjust_head 1121 * 1122 * Adjust (move) *xdp_md*\ **->data** by *delta* bytes. Note that 1123 * it is possible to use a negative value for *delta*. This helper 1124 * can be used to prepare the packet for pushing or popping 1125 * headers. 1126 * 1127 * A call to this helper is susceptible to change the underlying 1128 * packet buffer. Therefore, at load time, all checks on pointers 1129 * previously done by the verifier are invalidated and must be 1130 * performed again, if the helper is used in combination with 1131 * direct packet access. 1132 * 1133 * Returns 1134 * 0 on success, or a negative error in case of failure. 1135 */ 1136 static long (*bpf_xdp_adjust_head)(struct xdp_md *xdp_md, int delta) = (void *) 44; 1137 1138 /* 1139 * bpf_probe_read_str 1140 * 1141 * Copy a NUL terminated string from an unsafe kernel address 1142 * *unsafe_ptr* to *dst*. See **bpf_probe_read_kernel_str**\ () for 1143 * more details. 1144 * 1145 * Generally, use **bpf_probe_read_user_str**\ () or 1146 * **bpf_probe_read_kernel_str**\ () instead. 1147 * 1148 * Returns 1149 * On success, the strictly positive length of the string, 1150 * including the trailing NUL character. On error, a negative 1151 * value. 1152 */ 1153 static long (*bpf_probe_read_str)(void *dst, __u32 size, const void *unsafe_ptr) = (void *) 45; 1154 1155 /* 1156 * bpf_get_socket_cookie 1157 * 1158 * If the **struct sk_buff** pointed by *skb* has a known socket, 1159 * retrieve the cookie (generated by the kernel) of this socket. 1160 * If no cookie has been set yet, generate a new cookie. Once 1161 * generated, the socket cookie remains stable for the life of the 1162 * socket. This helper can be useful for monitoring per socket 1163 * networking traffic statistics as it provides a global socket 1164 * identifier that can be assumed unique. 1165 * 1166 * Returns 1167 * A 8-byte long unique number on success, or 0 if the socket 1168 * field is missing inside *skb*. 1169 */ 1170 static __u64 (*bpf_get_socket_cookie)(void *ctx) = (void *) 46; 1171 1172 /* 1173 * bpf_get_socket_uid 1174 * 1175 * Get the owner UID of the socked associated to *skb*. 1176 * 1177 * Returns 1178 * The owner UID of the socket associated to *skb*. If the socket 1179 * is **NULL**, or if it is not a full socket (i.e. if it is a 1180 * time-wait or a request socket instead), **overflowuid** value 1181 * is returned (note that **overflowuid** might also be the actual 1182 * UID value for the socket). 1183 */ 1184 static __u32 (*bpf_get_socket_uid)(struct __sk_buff *skb) = (void *) 47; 1185 1186 /* 1187 * bpf_set_hash 1188 * 1189 * Set the full hash for *skb* (set the field *skb*\ **->hash**) 1190 * to value *hash*. 1191 * 1192 * Returns 1193 * 0 1194 */ 1195 static long (*bpf_set_hash)(struct __sk_buff *skb, __u32 hash) = (void *) 48; 1196 1197 /* 1198 * bpf_setsockopt 1199 * 1200 * Emulate a call to **setsockopt()** on the socket associated to 1201 * *bpf_socket*, which must be a full socket. The *level* at 1202 * which the option resides and the name *optname* of the option 1203 * must be specified, see **setsockopt(2)** for more information. 1204 * The option value of length *optlen* is pointed by *optval*. 1205 * 1206 * *bpf_socket* should be one of the following: 1207 * 1208 * * **struct bpf_sock_ops** for **BPF_PROG_TYPE_SOCK_OPS**. 1209 * * **struct bpf_sock_addr** for **BPF_CGROUP_INET4_CONNECT** 1210 * and **BPF_CGROUP_INET6_CONNECT**. 1211 * 1212 * This helper actually implements a subset of **setsockopt()**. 1213 * It supports the following *level*\ s: 1214 * 1215 * * **SOL_SOCKET**, which supports the following *optname*\ s: 1216 * **SO_RCVBUF**, **SO_SNDBUF**, **SO_MAX_PACING_RATE**, 1217 * **SO_PRIORITY**, **SO_RCVLOWAT**, **SO_MARK**, 1218 * **SO_BINDTODEVICE**, **SO_KEEPALIVE**, **SO_REUSEADDR**, 1219 * **SO_REUSEPORT**, **SO_BINDTOIFINDEX**, **SO_TXREHASH**. 1220 * * **IPPROTO_TCP**, which supports the following *optname*\ s: 1221 * **TCP_CONGESTION**, **TCP_BPF_IW**, 1222 * **TCP_BPF_SNDCWND_CLAMP**, **TCP_SAVE_SYN**, 1223 * **TCP_KEEPIDLE**, **TCP_KEEPINTVL**, **TCP_KEEPCNT**, 1224 * **TCP_SYNCNT**, **TCP_USER_TIMEOUT**, **TCP_NOTSENT_LOWAT**, 1225 * **TCP_NODELAY**, **TCP_MAXSEG**, **TCP_WINDOW_CLAMP**, 1226 * **TCP_THIN_LINEAR_TIMEOUTS**, **TCP_BPF_DELACK_MAX**, 1227 * **TCP_BPF_RTO_MIN**. 1228 * * **IPPROTO_IP**, which supports *optname* **IP_TOS**. 1229 * * **IPPROTO_IPV6**, which supports the following *optname*\ s: 1230 * **IPV6_TCLASS**, **IPV6_AUTOFLOWLABEL**. 1231 * 1232 * Returns 1233 * 0 on success, or a negative error in case of failure. 1234 */ 1235 static long (*bpf_setsockopt)(void *bpf_socket, int level, int optname, void *optval, int optlen) = (void *) 49; 1236 1237 /* 1238 * bpf_skb_adjust_room 1239 * 1240 * Grow or shrink the room for data in the packet associated to 1241 * *skb* by *len_diff*, and according to the selected *mode*. 1242 * 1243 * By default, the helper will reset any offloaded checksum 1244 * indicator of the skb to CHECKSUM_NONE. This can be avoided 1245 * by the following flag: 1246 * 1247 * * **BPF_F_ADJ_ROOM_NO_CSUM_RESET**: Do not reset offloaded 1248 * checksum data of the skb to CHECKSUM_NONE. 1249 * 1250 * There are two supported modes at this time: 1251 * 1252 * * **BPF_ADJ_ROOM_MAC**: Adjust room at the mac layer 1253 * (room space is added or removed between the layer 2 and 1254 * layer 3 headers). 1255 * 1256 * * **BPF_ADJ_ROOM_NET**: Adjust room at the network layer 1257 * (room space is added or removed between the layer 3 and 1258 * layer 4 headers). 1259 * 1260 * The following flags are supported at this time: 1261 * 1262 * * **BPF_F_ADJ_ROOM_FIXED_GSO**: Do not adjust gso_size. 1263 * Adjusting mss in this way is not allowed for datagrams. 1264 * 1265 * * **BPF_F_ADJ_ROOM_ENCAP_L3_IPV4**, 1266 * **BPF_F_ADJ_ROOM_ENCAP_L3_IPV6**: 1267 * Any new space is reserved to hold a tunnel header. 1268 * Configure skb offsets and other fields accordingly. 1269 * 1270 * * **BPF_F_ADJ_ROOM_ENCAP_L4_GRE**, 1271 * **BPF_F_ADJ_ROOM_ENCAP_L4_UDP**: 1272 * Use with ENCAP_L3 flags to further specify the tunnel type. 1273 * 1274 * * **BPF_F_ADJ_ROOM_ENCAP_L2**\ (*len*): 1275 * Use with ENCAP_L3/L4 flags to further specify the tunnel 1276 * type; *len* is the length of the inner MAC header. 1277 * 1278 * * **BPF_F_ADJ_ROOM_ENCAP_L2_ETH**: 1279 * Use with BPF_F_ADJ_ROOM_ENCAP_L2 flag to further specify the 1280 * L2 type as Ethernet. 1281 * 1282 * * **BPF_F_ADJ_ROOM_DECAP_L3_IPV4**, 1283 * **BPF_F_ADJ_ROOM_DECAP_L3_IPV6**: 1284 * Indicate the new IP header version after decapsulating the outer 1285 * IP header. Used when the inner and outer IP versions are different. 1286 * 1287 * A call to this helper is susceptible to change the underlying 1288 * packet buffer. Therefore, at load time, all checks on pointers 1289 * previously done by the verifier are invalidated and must be 1290 * performed again, if the helper is used in combination with 1291 * direct packet access. 1292 * 1293 * Returns 1294 * 0 on success, or a negative error in case of failure. 1295 */ 1296 static long (*bpf_skb_adjust_room)(struct __sk_buff *skb, __s32 len_diff, __u32 mode, __u64 flags) = (void *) 50; 1297 1298 /* 1299 * bpf_redirect_map 1300 * 1301 * Redirect the packet to the endpoint referenced by *map* at 1302 * index *key*. Depending on its type, this *map* can contain 1303 * references to net devices (for forwarding packets through other 1304 * ports), or to CPUs (for redirecting XDP frames to another CPU; 1305 * but this is only implemented for native XDP (with driver 1306 * support) as of this writing). 1307 * 1308 * The lower two bits of *flags* are used as the return code if 1309 * the map lookup fails. This is so that the return value can be 1310 * one of the XDP program return codes up to **XDP_TX**, as chosen 1311 * by the caller. The higher bits of *flags* can be set to 1312 * BPF_F_BROADCAST or BPF_F_EXCLUDE_INGRESS as defined below. 1313 * 1314 * With BPF_F_BROADCAST the packet will be broadcasted to all the 1315 * interfaces in the map, with BPF_F_EXCLUDE_INGRESS the ingress 1316 * interface will be excluded when do broadcasting. 1317 * 1318 * See also **bpf_redirect**\ (), which only supports redirecting 1319 * to an ifindex, but doesn't require a map to do so. 1320 * 1321 * Returns 1322 * **XDP_REDIRECT** on success, or the value of the two lower bits 1323 * of the *flags* argument on error. 1324 */ 1325 static long (*bpf_redirect_map)(void *map, __u64 key, __u64 flags) = (void *) 51; 1326 1327 /* 1328 * bpf_sk_redirect_map 1329 * 1330 * Redirect the packet to the socket referenced by *map* (of type 1331 * **BPF_MAP_TYPE_SOCKMAP**) at index *key*. Both ingress and 1332 * egress interfaces can be used for redirection. The 1333 * **BPF_F_INGRESS** value in *flags* is used to make the 1334 * distinction (ingress path is selected if the flag is present, 1335 * egress path otherwise). This is the only flag supported for now. 1336 * 1337 * Returns 1338 * **SK_PASS** on success, or **SK_DROP** on error. 1339 */ 1340 static long (*bpf_sk_redirect_map)(struct __sk_buff *skb, void *map, __u32 key, __u64 flags) = (void *) 52; 1341 1342 /* 1343 * bpf_sock_map_update 1344 * 1345 * Add an entry to, or update a *map* referencing sockets. The 1346 * *skops* is used as a new value for the entry associated to 1347 * *key*. *flags* is one of: 1348 * 1349 * **BPF_NOEXIST** 1350 * The entry for *key* must not exist in the map. 1351 * **BPF_EXIST** 1352 * The entry for *key* must already exist in the map. 1353 * **BPF_ANY** 1354 * No condition on the existence of the entry for *key*. 1355 * 1356 * If the *map* has eBPF programs (parser and verdict), those will 1357 * be inherited by the socket being added. If the socket is 1358 * already attached to eBPF programs, this results in an error. 1359 * 1360 * Returns 1361 * 0 on success, or a negative error in case of failure. 1362 */ 1363 static long (*bpf_sock_map_update)(struct bpf_sock_ops *skops, void *map, void *key, __u64 flags) = (void *) 53; 1364 1365 /* 1366 * bpf_xdp_adjust_meta 1367 * 1368 * Adjust the address pointed by *xdp_md*\ **->data_meta** by 1369 * *delta* (which can be positive or negative). Note that this 1370 * operation modifies the address stored in *xdp_md*\ **->data**, 1371 * so the latter must be loaded only after the helper has been 1372 * called. 1373 * 1374 * The use of *xdp_md*\ **->data_meta** is optional and programs 1375 * are not required to use it. The rationale is that when the 1376 * packet is processed with XDP (e.g. as DoS filter), it is 1377 * possible to push further meta data along with it before passing 1378 * to the stack, and to give the guarantee that an ingress eBPF 1379 * program attached as a TC classifier on the same device can pick 1380 * this up for further post-processing. Since TC works with socket 1381 * buffers, it remains possible to set from XDP the **mark** or 1382 * **priority** pointers, or other pointers for the socket buffer. 1383 * Having this scratch space generic and programmable allows for 1384 * more flexibility as the user is free to store whatever meta 1385 * data they need. 1386 * 1387 * A call to this helper is susceptible to change the underlying 1388 * packet buffer. Therefore, at load time, all checks on pointers 1389 * previously done by the verifier are invalidated and must be 1390 * performed again, if the helper is used in combination with 1391 * direct packet access. 1392 * 1393 * Returns 1394 * 0 on success, or a negative error in case of failure. 1395 */ 1396 static long (*bpf_xdp_adjust_meta)(struct xdp_md *xdp_md, int delta) = (void *) 54; 1397 1398 /* 1399 * bpf_perf_event_read_value 1400 * 1401 * Read the value of a perf event counter, and store it into *buf* 1402 * of size *buf_size*. This helper relies on a *map* of type 1403 * **BPF_MAP_TYPE_PERF_EVENT_ARRAY**. The nature of the perf event 1404 * counter is selected when *map* is updated with perf event file 1405 * descriptors. The *map* is an array whose size is the number of 1406 * available CPUs, and each cell contains a value relative to one 1407 * CPU. The value to retrieve is indicated by *flags*, that 1408 * contains the index of the CPU to look up, masked with 1409 * **BPF_F_INDEX_MASK**. Alternatively, *flags* can be set to 1410 * **BPF_F_CURRENT_CPU** to indicate that the value for the 1411 * current CPU should be retrieved. 1412 * 1413 * This helper behaves in a way close to 1414 * **bpf_perf_event_read**\ () helper, save that instead of 1415 * just returning the value observed, it fills the *buf* 1416 * structure. This allows for additional data to be retrieved: in 1417 * particular, the enabled and running times (in *buf*\ 1418 * **->enabled** and *buf*\ **->running**, respectively) are 1419 * copied. In general, **bpf_perf_event_read_value**\ () is 1420 * recommended over **bpf_perf_event_read**\ (), which has some 1421 * ABI issues and provides fewer functionalities. 1422 * 1423 * These values are interesting, because hardware PMU (Performance 1424 * Monitoring Unit) counters are limited resources. When there are 1425 * more PMU based perf events opened than available counters, 1426 * kernel will multiplex these events so each event gets certain 1427 * percentage (but not all) of the PMU time. In case that 1428 * multiplexing happens, the number of samples or counter value 1429 * will not reflect the case compared to when no multiplexing 1430 * occurs. This makes comparison between different runs difficult. 1431 * Typically, the counter value should be normalized before 1432 * comparing to other experiments. The usual normalization is done 1433 * as follows. 1434 * 1435 * :: 1436 * 1437 * normalized_counter = counter * t_enabled / t_running 1438 * 1439 * Where t_enabled is the time enabled for event and t_running is 1440 * the time running for event since last normalization. The 1441 * enabled and running times are accumulated since the perf event 1442 * open. To achieve scaling factor between two invocations of an 1443 * eBPF program, users can use CPU id as the key (which is 1444 * typical for perf array usage model) to remember the previous 1445 * value and do the calculation inside the eBPF program. 1446 * 1447 * Returns 1448 * 0 on success, or a negative error in case of failure. 1449 */ 1450 static long (*bpf_perf_event_read_value)(void *map, __u64 flags, struct bpf_perf_event_value *buf, __u32 buf_size) = (void *) 55; 1451 1452 /* 1453 * bpf_perf_prog_read_value 1454 * 1455 * For an eBPF program attached to a perf event, retrieve the 1456 * value of the event counter associated to *ctx* and store it in 1457 * the structure pointed by *buf* and of size *buf_size*. Enabled 1458 * and running times are also stored in the structure (see 1459 * description of helper **bpf_perf_event_read_value**\ () for 1460 * more details). 1461 * 1462 * Returns 1463 * 0 on success, or a negative error in case of failure. 1464 */ 1465 static long (*bpf_perf_prog_read_value)(struct bpf_perf_event_data *ctx, struct bpf_perf_event_value *buf, __u32 buf_size) = (void *) 56; 1466 1467 /* 1468 * bpf_getsockopt 1469 * 1470 * Emulate a call to **getsockopt()** on the socket associated to 1471 * *bpf_socket*, which must be a full socket. The *level* at 1472 * which the option resides and the name *optname* of the option 1473 * must be specified, see **getsockopt(2)** for more information. 1474 * The retrieved value is stored in the structure pointed by 1475 * *opval* and of length *optlen*. 1476 * 1477 * *bpf_socket* should be one of the following: 1478 * 1479 * * **struct bpf_sock_ops** for **BPF_PROG_TYPE_SOCK_OPS**. 1480 * * **struct bpf_sock_addr** for **BPF_CGROUP_INET4_CONNECT** 1481 * and **BPF_CGROUP_INET6_CONNECT**. 1482 * 1483 * This helper actually implements a subset of **getsockopt()**. 1484 * It supports the same set of *optname*\ s that is supported by 1485 * the **bpf_setsockopt**\ () helper. The exceptions are 1486 * **TCP_BPF_*** is **bpf_setsockopt**\ () only and 1487 * **TCP_SAVED_SYN** is **bpf_getsockopt**\ () only. 1488 * 1489 * Returns 1490 * 0 on success, or a negative error in case of failure. 1491 */ 1492 static long (*bpf_getsockopt)(void *bpf_socket, int level, int optname, void *optval, int optlen) = (void *) 57; 1493 1494 /* 1495 * bpf_override_return 1496 * 1497 * Used for error injection, this helper uses kprobes to override 1498 * the return value of the probed function, and to set it to *rc*. 1499 * The first argument is the context *regs* on which the kprobe 1500 * works. 1501 * 1502 * This helper works by setting the PC (program counter) 1503 * to an override function which is run in place of the original 1504 * probed function. This means the probed function is not run at 1505 * all. The replacement function just returns with the required 1506 * value. 1507 * 1508 * This helper has security implications, and thus is subject to 1509 * restrictions. It is only available if the kernel was compiled 1510 * with the **CONFIG_BPF_KPROBE_OVERRIDE** configuration 1511 * option, and in this case it only works on functions tagged with 1512 * **ALLOW_ERROR_INJECTION** in the kernel code. 1513 * 1514 * Also, the helper is only available for the architectures having 1515 * the CONFIG_FUNCTION_ERROR_INJECTION option. As of this writing, 1516 * x86 architecture is the only one to support this feature. 1517 * 1518 * Returns 1519 * 0 1520 */ 1521 static long (*bpf_override_return)(struct pt_regs *regs, __u64 rc) = (void *) 58; 1522 1523 /* 1524 * bpf_sock_ops_cb_flags_set 1525 * 1526 * Attempt to set the value of the **bpf_sock_ops_cb_flags** field 1527 * for the full TCP socket associated to *bpf_sock_ops* to 1528 * *argval*. 1529 * 1530 * The primary use of this field is to determine if there should 1531 * be calls to eBPF programs of type 1532 * **BPF_PROG_TYPE_SOCK_OPS** at various points in the TCP 1533 * code. A program of the same type can change its value, per 1534 * connection and as necessary, when the connection is 1535 * established. This field is directly accessible for reading, but 1536 * this helper must be used for updates in order to return an 1537 * error if an eBPF program tries to set a callback that is not 1538 * supported in the current kernel. 1539 * 1540 * *argval* is a flag array which can combine these flags: 1541 * 1542 * * **BPF_SOCK_OPS_RTO_CB_FLAG** (retransmission time out) 1543 * * **BPF_SOCK_OPS_RETRANS_CB_FLAG** (retransmission) 1544 * * **BPF_SOCK_OPS_STATE_CB_FLAG** (TCP state change) 1545 * * **BPF_SOCK_OPS_RTT_CB_FLAG** (every RTT) 1546 * 1547 * Therefore, this function can be used to clear a callback flag by 1548 * setting the appropriate bit to zero. e.g. to disable the RTO 1549 * callback: 1550 * 1551 * **bpf_sock_ops_cb_flags_set(bpf_sock,** 1552 * **bpf_sock->bpf_sock_ops_cb_flags & ~BPF_SOCK_OPS_RTO_CB_FLAG)** 1553 * 1554 * Here are some examples of where one could call such eBPF 1555 * program: 1556 * 1557 * * When RTO fires. 1558 * * When a packet is retransmitted. 1559 * * When the connection terminates. 1560 * * When a packet is sent. 1561 * * When a packet is received. 1562 * 1563 * Returns 1564 * Code **-EINVAL** if the socket is not a full TCP socket; 1565 * otherwise, a positive number containing the bits that could not 1566 * be set is returned (which comes down to 0 if all bits were set 1567 * as required). 1568 */ 1569 static long (*bpf_sock_ops_cb_flags_set)(struct bpf_sock_ops *bpf_sock, int argval) = (void *) 59; 1570 1571 /* 1572 * bpf_msg_redirect_map 1573 * 1574 * This helper is used in programs implementing policies at the 1575 * socket level. If the message *msg* is allowed to pass (i.e. if 1576 * the verdict eBPF program returns **SK_PASS**), redirect it to 1577 * the socket referenced by *map* (of type 1578 * **BPF_MAP_TYPE_SOCKMAP**) at index *key*. Both ingress and 1579 * egress interfaces can be used for redirection. The 1580 * **BPF_F_INGRESS** value in *flags* is used to make the 1581 * distinction (ingress path is selected if the flag is present, 1582 * egress path otherwise). This is the only flag supported for now. 1583 * 1584 * Returns 1585 * **SK_PASS** on success, or **SK_DROP** on error. 1586 */ 1587 static long (*bpf_msg_redirect_map)(struct sk_msg_md *msg, void *map, __u32 key, __u64 flags) = (void *) 60; 1588 1589 /* 1590 * bpf_msg_apply_bytes 1591 * 1592 * For socket policies, apply the verdict of the eBPF program to 1593 * the next *bytes* (number of bytes) of message *msg*. 1594 * 1595 * For example, this helper can be used in the following cases: 1596 * 1597 * * A single **sendmsg**\ () or **sendfile**\ () system call 1598 * contains multiple logical messages that the eBPF program is 1599 * supposed to read and for which it should apply a verdict. 1600 * * An eBPF program only cares to read the first *bytes* of a 1601 * *msg*. If the message has a large payload, then setting up 1602 * and calling the eBPF program repeatedly for all bytes, even 1603 * though the verdict is already known, would create unnecessary 1604 * overhead. 1605 * 1606 * When called from within an eBPF program, the helper sets a 1607 * counter internal to the BPF infrastructure, that is used to 1608 * apply the last verdict to the next *bytes*. If *bytes* is 1609 * smaller than the current data being processed from a 1610 * **sendmsg**\ () or **sendfile**\ () system call, the first 1611 * *bytes* will be sent and the eBPF program will be re-run with 1612 * the pointer for start of data pointing to byte number *bytes* 1613 * **+ 1**. If *bytes* is larger than the current data being 1614 * processed, then the eBPF verdict will be applied to multiple 1615 * **sendmsg**\ () or **sendfile**\ () calls until *bytes* are 1616 * consumed. 1617 * 1618 * Note that if a socket closes with the internal counter holding 1619 * a non-zero value, this is not a problem because data is not 1620 * being buffered for *bytes* and is sent as it is received. 1621 * 1622 * Returns 1623 * 0 1624 */ 1625 static long (*bpf_msg_apply_bytes)(struct sk_msg_md *msg, __u32 bytes) = (void *) 61; 1626 1627 /* 1628 * bpf_msg_cork_bytes 1629 * 1630 * For socket policies, prevent the execution of the verdict eBPF 1631 * program for message *msg* until *bytes* (byte number) have been 1632 * accumulated. 1633 * 1634 * This can be used when one needs a specific number of bytes 1635 * before a verdict can be assigned, even if the data spans 1636 * multiple **sendmsg**\ () or **sendfile**\ () calls. The extreme 1637 * case would be a user calling **sendmsg**\ () repeatedly with 1638 * 1-byte long message segments. Obviously, this is bad for 1639 * performance, but it is still valid. If the eBPF program needs 1640 * *bytes* bytes to validate a header, this helper can be used to 1641 * prevent the eBPF program to be called again until *bytes* have 1642 * been accumulated. 1643 * 1644 * Returns 1645 * 0 1646 */ 1647 static long (*bpf_msg_cork_bytes)(struct sk_msg_md *msg, __u32 bytes) = (void *) 62; 1648 1649 /* 1650 * bpf_msg_pull_data 1651 * 1652 * For socket policies, pull in non-linear data from user space 1653 * for *msg* and set pointers *msg*\ **->data** and *msg*\ 1654 * **->data_end** to *start* and *end* bytes offsets into *msg*, 1655 * respectively. 1656 * 1657 * If a program of type **BPF_PROG_TYPE_SK_MSG** is run on a 1658 * *msg* it can only parse data that the (**data**, **data_end**) 1659 * pointers have already consumed. For **sendmsg**\ () hooks this 1660 * is likely the first scatterlist element. But for calls relying 1661 * on the **sendpage** handler (e.g. **sendfile**\ ()) this will 1662 * be the range (**0**, **0**) because the data is shared with 1663 * user space and by default the objective is to avoid allowing 1664 * user space to modify data while (or after) eBPF verdict is 1665 * being decided. This helper can be used to pull in data and to 1666 * set the start and end pointer to given values. Data will be 1667 * copied if necessary (i.e. if data was not linear and if start 1668 * and end pointers do not point to the same chunk). 1669 * 1670 * A call to this helper is susceptible to change the underlying 1671 * packet buffer. Therefore, at load time, all checks on pointers 1672 * previously done by the verifier are invalidated and must be 1673 * performed again, if the helper is used in combination with 1674 * direct packet access. 1675 * 1676 * All values for *flags* are reserved for future usage, and must 1677 * be left at zero. 1678 * 1679 * Returns 1680 * 0 on success, or a negative error in case of failure. 1681 */ 1682 static long (*bpf_msg_pull_data)(struct sk_msg_md *msg, __u32 start, __u32 end, __u64 flags) = (void *) 63; 1683 1684 /* 1685 * bpf_bind 1686 * 1687 * Bind the socket associated to *ctx* to the address pointed by 1688 * *addr*, of length *addr_len*. This allows for making outgoing 1689 * connection from the desired IP address, which can be useful for 1690 * example when all processes inside a cgroup should use one 1691 * single IP address on a host that has multiple IP configured. 1692 * 1693 * This helper works for IPv4 and IPv6, TCP and UDP sockets. The 1694 * domain (*addr*\ **->sa_family**) must be **AF_INET** (or 1695 * **AF_INET6**). It's advised to pass zero port (**sin_port** 1696 * or **sin6_port**) which triggers IP_BIND_ADDRESS_NO_PORT-like 1697 * behavior and lets the kernel efficiently pick up an unused 1698 * port as long as 4-tuple is unique. Passing non-zero port might 1699 * lead to degraded performance. 1700 * 1701 * Returns 1702 * 0 on success, or a negative error in case of failure. 1703 */ 1704 static long (*bpf_bind)(struct bpf_sock_addr *ctx, struct sockaddr *addr, int addr_len) = (void *) 64; 1705 1706 /* 1707 * bpf_xdp_adjust_tail 1708 * 1709 * Adjust (move) *xdp_md*\ **->data_end** by *delta* bytes. It is 1710 * possible to both shrink and grow the packet tail. 1711 * Shrink done via *delta* being a negative integer. 1712 * 1713 * A call to this helper is susceptible to change the underlying 1714 * packet buffer. Therefore, at load time, all checks on pointers 1715 * previously done by the verifier are invalidated and must be 1716 * performed again, if the helper is used in combination with 1717 * direct packet access. 1718 * 1719 * Returns 1720 * 0 on success, or a negative error in case of failure. 1721 */ 1722 static long (*bpf_xdp_adjust_tail)(struct xdp_md *xdp_md, int delta) = (void *) 65; 1723 1724 /* 1725 * bpf_skb_get_xfrm_state 1726 * 1727 * Retrieve the XFRM state (IP transform framework, see also 1728 * **ip-xfrm(8)**) at *index* in XFRM "security path" for *skb*. 1729 * 1730 * The retrieved value is stored in the **struct bpf_xfrm_state** 1731 * pointed by *xfrm_state* and of length *size*. 1732 * 1733 * All values for *flags* are reserved for future usage, and must 1734 * be left at zero. 1735 * 1736 * This helper is available only if the kernel was compiled with 1737 * **CONFIG_XFRM** configuration option. 1738 * 1739 * Returns 1740 * 0 on success, or a negative error in case of failure. 1741 */ 1742 static long (*bpf_skb_get_xfrm_state)(struct __sk_buff *skb, __u32 index, struct bpf_xfrm_state *xfrm_state, __u32 size, __u64 flags) = (void *) 66; 1743 1744 /* 1745 * bpf_get_stack 1746 * 1747 * Return a user or a kernel stack in bpf program provided buffer. 1748 * To achieve this, the helper needs *ctx*, which is a pointer 1749 * to the context on which the tracing program is executed. 1750 * To store the stacktrace, the bpf program provides *buf* with 1751 * a nonnegative *size*. 1752 * 1753 * The last argument, *flags*, holds the number of stack frames to 1754 * skip (from 0 to 255), masked with 1755 * **BPF_F_SKIP_FIELD_MASK**. The next bits can be used to set 1756 * the following flags: 1757 * 1758 * **BPF_F_USER_STACK** 1759 * Collect a user space stack instead of a kernel stack. 1760 * **BPF_F_USER_BUILD_ID** 1761 * Collect (build_id, file_offset) instead of ips for user 1762 * stack, only valid if **BPF_F_USER_STACK** is also 1763 * specified. 1764 * 1765 * *file_offset* is an offset relative to the beginning 1766 * of the executable or shared object file backing the vma 1767 * which the *ip* falls in. It is *not* an offset relative 1768 * to that object's base address. Accordingly, it must be 1769 * adjusted by adding (sh_addr - sh_offset), where 1770 * sh_{addr,offset} correspond to the executable section 1771 * containing *file_offset* in the object, for comparisons 1772 * to symbols' st_value to be valid. 1773 * 1774 * **bpf_get_stack**\ () can collect up to 1775 * **PERF_MAX_STACK_DEPTH** both kernel and user frames, subject 1776 * to sufficient large buffer size. Note that 1777 * this limit can be controlled with the **sysctl** program, and 1778 * that it should be manually increased in order to profile long 1779 * user stacks (such as stacks for Java programs). To do so, use: 1780 * 1781 * :: 1782 * 1783 * # sysctl kernel.perf_event_max_stack=<new value> 1784 * 1785 * Returns 1786 * The non-negative copied *buf* length equal to or less than 1787 * *size* on success, or a negative error in case of failure. 1788 */ 1789 static long (*bpf_get_stack)(void *ctx, void *buf, __u32 size, __u64 flags) = (void *) 67; 1790 1791 /* 1792 * bpf_skb_load_bytes_relative 1793 * 1794 * This helper is similar to **bpf_skb_load_bytes**\ () in that 1795 * it provides an easy way to load *len* bytes from *offset* 1796 * from the packet associated to *skb*, into the buffer pointed 1797 * by *to*. The difference to **bpf_skb_load_bytes**\ () is that 1798 * a fifth argument *start_header* exists in order to select a 1799 * base offset to start from. *start_header* can be one of: 1800 * 1801 * **BPF_HDR_START_MAC** 1802 * Base offset to load data from is *skb*'s mac header. 1803 * **BPF_HDR_START_NET** 1804 * Base offset to load data from is *skb*'s network header. 1805 * 1806 * In general, "direct packet access" is the preferred method to 1807 * access packet data, however, this helper is in particular useful 1808 * in socket filters where *skb*\ **->data** does not always point 1809 * to the start of the mac header and where "direct packet access" 1810 * is not available. 1811 * 1812 * Returns 1813 * 0 on success, or a negative error in case of failure. 1814 */ 1815 static long (*bpf_skb_load_bytes_relative)(const void *skb, __u32 offset, void *to, __u32 len, __u32 start_header) = (void *) 68; 1816 1817 /* 1818 * bpf_fib_lookup 1819 * 1820 * Do FIB lookup in kernel tables using parameters in *params*. 1821 * If lookup is successful and result shows packet is to be 1822 * forwarded, the neighbor tables are searched for the nexthop. 1823 * If successful (ie., FIB lookup shows forwarding and nexthop 1824 * is resolved), the nexthop address is returned in ipv4_dst 1825 * or ipv6_dst based on family, smac is set to mac address of 1826 * egress device, dmac is set to nexthop mac address, rt_metric 1827 * is set to metric from route (IPv4/IPv6 only), and ifindex 1828 * is set to the device index of the nexthop from the FIB lookup. 1829 * 1830 * *plen* argument is the size of the passed in struct. 1831 * *flags* argument can be a combination of one or more of the 1832 * following values: 1833 * 1834 * **BPF_FIB_LOOKUP_DIRECT** 1835 * Do a direct table lookup vs full lookup using FIB 1836 * rules. 1837 * **BPF_FIB_LOOKUP_TBID** 1838 * Used with BPF_FIB_LOOKUP_DIRECT. 1839 * Use the routing table ID present in *params*->tbid 1840 * for the fib lookup. 1841 * **BPF_FIB_LOOKUP_OUTPUT** 1842 * Perform lookup from an egress perspective (default is 1843 * ingress). 1844 * **BPF_FIB_LOOKUP_SKIP_NEIGH** 1845 * Skip the neighbour table lookup. *params*->dmac 1846 * and *params*->smac will not be set as output. A common 1847 * use case is to call **bpf_redirect_neigh**\ () after 1848 * doing **bpf_fib_lookup**\ (). 1849 * 1850 * *ctx* is either **struct xdp_md** for XDP programs or 1851 * **struct sk_buff** tc cls_act programs. 1852 * 1853 * Returns 1854 * * < 0 if any input argument is invalid 1855 * * 0 on success (packet is forwarded, nexthop neighbor exists) 1856 * * > 0 one of **BPF_FIB_LKUP_RET_** codes explaining why the 1857 * packet is not forwarded or needs assist from full stack 1858 * 1859 * If lookup fails with BPF_FIB_LKUP_RET_FRAG_NEEDED, then the MTU 1860 * was exceeded and output params->mtu_result contains the MTU. 1861 */ 1862 static long (*bpf_fib_lookup)(void *ctx, struct bpf_fib_lookup *params, int plen, __u32 flags) = (void *) 69; 1863 1864 /* 1865 * bpf_sock_hash_update 1866 * 1867 * Add an entry to, or update a sockhash *map* referencing sockets. 1868 * The *skops* is used as a new value for the entry associated to 1869 * *key*. *flags* is one of: 1870 * 1871 * **BPF_NOEXIST** 1872 * The entry for *key* must not exist in the map. 1873 * **BPF_EXIST** 1874 * The entry for *key* must already exist in the map. 1875 * **BPF_ANY** 1876 * No condition on the existence of the entry for *key*. 1877 * 1878 * If the *map* has eBPF programs (parser and verdict), those will 1879 * be inherited by the socket being added. If the socket is 1880 * already attached to eBPF programs, this results in an error. 1881 * 1882 * Returns 1883 * 0 on success, or a negative error in case of failure. 1884 */ 1885 static long (*bpf_sock_hash_update)(struct bpf_sock_ops *skops, void *map, void *key, __u64 flags) = (void *) 70; 1886 1887 /* 1888 * bpf_msg_redirect_hash 1889 * 1890 * This helper is used in programs implementing policies at the 1891 * socket level. If the message *msg* is allowed to pass (i.e. if 1892 * the verdict eBPF program returns **SK_PASS**), redirect it to 1893 * the socket referenced by *map* (of type 1894 * **BPF_MAP_TYPE_SOCKHASH**) using hash *key*. Both ingress and 1895 * egress interfaces can be used for redirection. The 1896 * **BPF_F_INGRESS** value in *flags* is used to make the 1897 * distinction (ingress path is selected if the flag is present, 1898 * egress path otherwise). This is the only flag supported for now. 1899 * 1900 * Returns 1901 * **SK_PASS** on success, or **SK_DROP** on error. 1902 */ 1903 static long (*bpf_msg_redirect_hash)(struct sk_msg_md *msg, void *map, void *key, __u64 flags) = (void *) 71; 1904 1905 /* 1906 * bpf_sk_redirect_hash 1907 * 1908 * This helper is used in programs implementing policies at the 1909 * skb socket level. If the sk_buff *skb* is allowed to pass (i.e. 1910 * if the verdict eBPF program returns **SK_PASS**), redirect it 1911 * to the socket referenced by *map* (of type 1912 * **BPF_MAP_TYPE_SOCKHASH**) using hash *key*. Both ingress and 1913 * egress interfaces can be used for redirection. The 1914 * **BPF_F_INGRESS** value in *flags* is used to make the 1915 * distinction (ingress path is selected if the flag is present, 1916 * egress otherwise). This is the only flag supported for now. 1917 * 1918 * Returns 1919 * **SK_PASS** on success, or **SK_DROP** on error. 1920 */ 1921 static long (*bpf_sk_redirect_hash)(struct __sk_buff *skb, void *map, void *key, __u64 flags) = (void *) 72; 1922 1923 /* 1924 * bpf_lwt_push_encap 1925 * 1926 * Encapsulate the packet associated to *skb* within a Layer 3 1927 * protocol header. This header is provided in the buffer at 1928 * address *hdr*, with *len* its size in bytes. *type* indicates 1929 * the protocol of the header and can be one of: 1930 * 1931 * **BPF_LWT_ENCAP_SEG6** 1932 * IPv6 encapsulation with Segment Routing Header 1933 * (**struct ipv6_sr_hdr**). *hdr* only contains the SRH, 1934 * the IPv6 header is computed by the kernel. 1935 * **BPF_LWT_ENCAP_SEG6_INLINE** 1936 * Only works if *skb* contains an IPv6 packet. Insert a 1937 * Segment Routing Header (**struct ipv6_sr_hdr**) inside 1938 * the IPv6 header. 1939 * **BPF_LWT_ENCAP_IP** 1940 * IP encapsulation (GRE/GUE/IPIP/etc). The outer header 1941 * must be IPv4 or IPv6, followed by zero or more 1942 * additional headers, up to **LWT_BPF_MAX_HEADROOM** 1943 * total bytes in all prepended headers. Please note that 1944 * if **skb_is_gso**\ (*skb*) is true, no more than two 1945 * headers can be prepended, and the inner header, if 1946 * present, should be either GRE or UDP/GUE. 1947 * 1948 * **BPF_LWT_ENCAP_SEG6**\ \* types can be called by BPF programs 1949 * of type **BPF_PROG_TYPE_LWT_IN**; **BPF_LWT_ENCAP_IP** type can 1950 * be called by bpf programs of types **BPF_PROG_TYPE_LWT_IN** and 1951 * **BPF_PROG_TYPE_LWT_XMIT**. 1952 * 1953 * A call to this helper is susceptible to change the underlying 1954 * packet buffer. Therefore, at load time, all checks on pointers 1955 * previously done by the verifier are invalidated and must be 1956 * performed again, if the helper is used in combination with 1957 * direct packet access. 1958 * 1959 * Returns 1960 * 0 on success, or a negative error in case of failure. 1961 */ 1962 static long (*bpf_lwt_push_encap)(struct __sk_buff *skb, __u32 type, void *hdr, __u32 len) = (void *) 73; 1963 1964 /* 1965 * bpf_lwt_seg6_store_bytes 1966 * 1967 * Store *len* bytes from address *from* into the packet 1968 * associated to *skb*, at *offset*. Only the flags, tag and TLVs 1969 * inside the outermost IPv6 Segment Routing Header can be 1970 * modified through this helper. 1971 * 1972 * A call to this helper is susceptible to change the underlying 1973 * packet buffer. Therefore, at load time, all checks on pointers 1974 * previously done by the verifier are invalidated and must be 1975 * performed again, if the helper is used in combination with 1976 * direct packet access. 1977 * 1978 * Returns 1979 * 0 on success, or a negative error in case of failure. 1980 */ 1981 static long (*bpf_lwt_seg6_store_bytes)(struct __sk_buff *skb, __u32 offset, const void *from, __u32 len) = (void *) 74; 1982 1983 /* 1984 * bpf_lwt_seg6_adjust_srh 1985 * 1986 * Adjust the size allocated to TLVs in the outermost IPv6 1987 * Segment Routing Header contained in the packet associated to 1988 * *skb*, at position *offset* by *delta* bytes. Only offsets 1989 * after the segments are accepted. *delta* can be as well 1990 * positive (growing) as negative (shrinking). 1991 * 1992 * A call to this helper is susceptible to change the underlying 1993 * packet buffer. Therefore, at load time, all checks on pointers 1994 * previously done by the verifier are invalidated and must be 1995 * performed again, if the helper is used in combination with 1996 * direct packet access. 1997 * 1998 * Returns 1999 * 0 on success, or a negative error in case of failure. 2000 */ 2001 static long (*bpf_lwt_seg6_adjust_srh)(struct __sk_buff *skb, __u32 offset, __s32 delta) = (void *) 75; 2002 2003 /* 2004 * bpf_lwt_seg6_action 2005 * 2006 * Apply an IPv6 Segment Routing action of type *action* to the 2007 * packet associated to *skb*. Each action takes a parameter 2008 * contained at address *param*, and of length *param_len* bytes. 2009 * *action* can be one of: 2010 * 2011 * **SEG6_LOCAL_ACTION_END_X** 2012 * End.X action: Endpoint with Layer-3 cross-connect. 2013 * Type of *param*: **struct in6_addr**. 2014 * **SEG6_LOCAL_ACTION_END_T** 2015 * End.T action: Endpoint with specific IPv6 table lookup. 2016 * Type of *param*: **int**. 2017 * **SEG6_LOCAL_ACTION_END_B6** 2018 * End.B6 action: Endpoint bound to an SRv6 policy. 2019 * Type of *param*: **struct ipv6_sr_hdr**. 2020 * **SEG6_LOCAL_ACTION_END_B6_ENCAP** 2021 * End.B6.Encap action: Endpoint bound to an SRv6 2022 * encapsulation policy. 2023 * Type of *param*: **struct ipv6_sr_hdr**. 2024 * 2025 * A call to this helper is susceptible to change the underlying 2026 * packet buffer. Therefore, at load time, all checks on pointers 2027 * previously done by the verifier are invalidated and must be 2028 * performed again, if the helper is used in combination with 2029 * direct packet access. 2030 * 2031 * Returns 2032 * 0 on success, or a negative error in case of failure. 2033 */ 2034 static long (*bpf_lwt_seg6_action)(struct __sk_buff *skb, __u32 action, void *param, __u32 param_len) = (void *) 76; 2035 2036 /* 2037 * bpf_rc_repeat 2038 * 2039 * This helper is used in programs implementing IR decoding, to 2040 * report a successfully decoded repeat key message. This delays 2041 * the generation of a key up event for previously generated 2042 * key down event. 2043 * 2044 * Some IR protocols like NEC have a special IR message for 2045 * repeating last button, for when a button is held down. 2046 * 2047 * The *ctx* should point to the lirc sample as passed into 2048 * the program. 2049 * 2050 * This helper is only available is the kernel was compiled with 2051 * the **CONFIG_BPF_LIRC_MODE2** configuration option set to 2052 * "**y**". 2053 * 2054 * Returns 2055 * 0 2056 */ 2057 static long (*bpf_rc_repeat)(void *ctx) = (void *) 77; 2058 2059 /* 2060 * bpf_rc_keydown 2061 * 2062 * This helper is used in programs implementing IR decoding, to 2063 * report a successfully decoded key press with *scancode*, 2064 * *toggle* value in the given *protocol*. The scancode will be 2065 * translated to a keycode using the rc keymap, and reported as 2066 * an input key down event. After a period a key up event is 2067 * generated. This period can be extended by calling either 2068 * **bpf_rc_keydown**\ () again with the same values, or calling 2069 * **bpf_rc_repeat**\ (). 2070 * 2071 * Some protocols include a toggle bit, in case the button was 2072 * released and pressed again between consecutive scancodes. 2073 * 2074 * The *ctx* should point to the lirc sample as passed into 2075 * the program. 2076 * 2077 * The *protocol* is the decoded protocol number (see 2078 * **enum rc_proto** for some predefined values). 2079 * 2080 * This helper is only available is the kernel was compiled with 2081 * the **CONFIG_BPF_LIRC_MODE2** configuration option set to 2082 * "**y**". 2083 * 2084 * Returns 2085 * 0 2086 */ 2087 static long (*bpf_rc_keydown)(void *ctx, __u32 protocol, __u64 scancode, __u32 toggle) = (void *) 78; 2088 2089 /* 2090 * bpf_skb_cgroup_id 2091 * 2092 * Return the cgroup v2 id of the socket associated with the *skb*. 2093 * This is roughly similar to the **bpf_get_cgroup_classid**\ () 2094 * helper for cgroup v1 by providing a tag resp. identifier that 2095 * can be matched on or used for map lookups e.g. to implement 2096 * policy. The cgroup v2 id of a given path in the hierarchy is 2097 * exposed in user space through the f_handle API in order to get 2098 * to the same 64-bit id. 2099 * 2100 * This helper can be used on TC egress path, but not on ingress, 2101 * and is available only if the kernel was compiled with the 2102 * **CONFIG_SOCK_CGROUP_DATA** configuration option. 2103 * 2104 * Returns 2105 * The id is returned or 0 in case the id could not be retrieved. 2106 */ 2107 static __u64 (*bpf_skb_cgroup_id)(struct __sk_buff *skb) = (void *) 79; 2108 2109 /* 2110 * bpf_get_current_cgroup_id 2111 * 2112 * Get the current cgroup id based on the cgroup within which 2113 * the current task is running. 2114 * 2115 * Returns 2116 * A 64-bit integer containing the current cgroup id based 2117 * on the cgroup within which the current task is running. 2118 */ 2119 static __u64 (*bpf_get_current_cgroup_id)(void) = (void *) 80; 2120 2121 /* 2122 * bpf_get_local_storage 2123 * 2124 * Get the pointer to the local storage area. 2125 * The type and the size of the local storage is defined 2126 * by the *map* argument. 2127 * The *flags* meaning is specific for each map type, 2128 * and has to be 0 for cgroup local storage. 2129 * 2130 * Depending on the BPF program type, a local storage area 2131 * can be shared between multiple instances of the BPF program, 2132 * running simultaneously. 2133 * 2134 * A user should care about the synchronization by himself. 2135 * For example, by using the **BPF_ATOMIC** instructions to alter 2136 * the shared data. 2137 * 2138 * Returns 2139 * A pointer to the local storage area. 2140 */ 2141 static void *(*bpf_get_local_storage)(void *map, __u64 flags) = (void *) 81; 2142 2143 /* 2144 * bpf_sk_select_reuseport 2145 * 2146 * Select a **SO_REUSEPORT** socket from a 2147 * **BPF_MAP_TYPE_REUSEPORT_SOCKARRAY** *map*. 2148 * It checks the selected socket is matching the incoming 2149 * request in the socket buffer. 2150 * 2151 * Returns 2152 * 0 on success, or a negative error in case of failure. 2153 */ 2154 static long (*bpf_sk_select_reuseport)(struct sk_reuseport_md *reuse, void *map, void *key, __u64 flags) = (void *) 82; 2155 2156 /* 2157 * bpf_skb_ancestor_cgroup_id 2158 * 2159 * Return id of cgroup v2 that is ancestor of cgroup associated 2160 * with the *skb* at the *ancestor_level*. The root cgroup is at 2161 * *ancestor_level* zero and each step down the hierarchy 2162 * increments the level. If *ancestor_level* == level of cgroup 2163 * associated with *skb*, then return value will be same as that 2164 * of **bpf_skb_cgroup_id**\ (). 2165 * 2166 * The helper is useful to implement policies based on cgroups 2167 * that are upper in hierarchy than immediate cgroup associated 2168 * with *skb*. 2169 * 2170 * The format of returned id and helper limitations are same as in 2171 * **bpf_skb_cgroup_id**\ (). 2172 * 2173 * Returns 2174 * The id is returned or 0 in case the id could not be retrieved. 2175 */ 2176 static __u64 (*bpf_skb_ancestor_cgroup_id)(struct __sk_buff *skb, int ancestor_level) = (void *) 83; 2177 2178 /* 2179 * bpf_sk_lookup_tcp 2180 * 2181 * Look for TCP socket matching *tuple*, optionally in a child 2182 * network namespace *netns*. The return value must be checked, 2183 * and if non-**NULL**, released via **bpf_sk_release**\ (). 2184 * 2185 * The *ctx* should point to the context of the program, such as 2186 * the skb or socket (depending on the hook in use). This is used 2187 * to determine the base network namespace for the lookup. 2188 * 2189 * *tuple_size* must be one of: 2190 * 2191 * **sizeof**\ (*tuple*\ **->ipv4**) 2192 * Look for an IPv4 socket. 2193 * **sizeof**\ (*tuple*\ **->ipv6**) 2194 * Look for an IPv6 socket. 2195 * 2196 * If the *netns* is a negative signed 32-bit integer, then the 2197 * socket lookup table in the netns associated with the *ctx* 2198 * will be used. For the TC hooks, this is the netns of the device 2199 * in the skb. For socket hooks, this is the netns of the socket. 2200 * If *netns* is any other signed 32-bit value greater than or 2201 * equal to zero then it specifies the ID of the netns relative to 2202 * the netns associated with the *ctx*. *netns* values beyond the 2203 * range of 32-bit integers are reserved for future use. 2204 * 2205 * All values for *flags* are reserved for future usage, and must 2206 * be left at zero. 2207 * 2208 * This helper is available only if the kernel was compiled with 2209 * **CONFIG_NET** configuration option. 2210 * 2211 * Returns 2212 * Pointer to **struct bpf_sock**, or **NULL** in case of failure. 2213 * For sockets with reuseport option, the **struct bpf_sock** 2214 * result is from *reuse*\ **->socks**\ [] using the hash of the 2215 * tuple. 2216 */ 2217 static struct bpf_sock *(*bpf_sk_lookup_tcp)(void *ctx, struct bpf_sock_tuple *tuple, __u32 tuple_size, __u64 netns, __u64 flags) = (void *) 84; 2218 2219 /* 2220 * bpf_sk_lookup_udp 2221 * 2222 * Look for UDP socket matching *tuple*, optionally in a child 2223 * network namespace *netns*. The return value must be checked, 2224 * and if non-**NULL**, released via **bpf_sk_release**\ (). 2225 * 2226 * The *ctx* should point to the context of the program, such as 2227 * the skb or socket (depending on the hook in use). This is used 2228 * to determine the base network namespace for the lookup. 2229 * 2230 * *tuple_size* must be one of: 2231 * 2232 * **sizeof**\ (*tuple*\ **->ipv4**) 2233 * Look for an IPv4 socket. 2234 * **sizeof**\ (*tuple*\ **->ipv6**) 2235 * Look for an IPv6 socket. 2236 * 2237 * If the *netns* is a negative signed 32-bit integer, then the 2238 * socket lookup table in the netns associated with the *ctx* 2239 * will be used. For the TC hooks, this is the netns of the device 2240 * in the skb. For socket hooks, this is the netns of the socket. 2241 * If *netns* is any other signed 32-bit value greater than or 2242 * equal to zero then it specifies the ID of the netns relative to 2243 * the netns associated with the *ctx*. *netns* values beyond the 2244 * range of 32-bit integers are reserved for future use. 2245 * 2246 * All values for *flags* are reserved for future usage, and must 2247 * be left at zero. 2248 * 2249 * This helper is available only if the kernel was compiled with 2250 * **CONFIG_NET** configuration option. 2251 * 2252 * Returns 2253 * Pointer to **struct bpf_sock**, or **NULL** in case of failure. 2254 * For sockets with reuseport option, the **struct bpf_sock** 2255 * result is from *reuse*\ **->socks**\ [] using the hash of the 2256 * tuple. 2257 */ 2258 static struct bpf_sock *(*bpf_sk_lookup_udp)(void *ctx, struct bpf_sock_tuple *tuple, __u32 tuple_size, __u64 netns, __u64 flags) = (void *) 85; 2259 2260 /* 2261 * bpf_sk_release 2262 * 2263 * Release the reference held by *sock*. *sock* must be a 2264 * non-**NULL** pointer that was returned from 2265 * **bpf_sk_lookup_xxx**\ (). 2266 * 2267 * Returns 2268 * 0 on success, or a negative error in case of failure. 2269 */ 2270 static long (*bpf_sk_release)(void *sock) = (void *) 86; 2271 2272 /* 2273 * bpf_map_push_elem 2274 * 2275 * Push an element *value* in *map*. *flags* is one of: 2276 * 2277 * **BPF_EXIST** 2278 * If the queue/stack is full, the oldest element is 2279 * removed to make room for this. 2280 * 2281 * Returns 2282 * 0 on success, or a negative error in case of failure. 2283 */ 2284 static long (*bpf_map_push_elem)(void *map, const void *value, __u64 flags) = (void *) 87; 2285 2286 /* 2287 * bpf_map_pop_elem 2288 * 2289 * Pop an element from *map*. 2290 * 2291 * Returns 2292 * 0 on success, or a negative error in case of failure. 2293 */ 2294 static long (*bpf_map_pop_elem)(void *map, void *value) = (void *) 88; 2295 2296 /* 2297 * bpf_map_peek_elem 2298 * 2299 * Get an element from *map* without removing it. 2300 * 2301 * Returns 2302 * 0 on success, or a negative error in case of failure. 2303 */ 2304 static long (*bpf_map_peek_elem)(void *map, void *value) = (void *) 89; 2305 2306 /* 2307 * bpf_msg_push_data 2308 * 2309 * For socket policies, insert *len* bytes into *msg* at offset 2310 * *start*. 2311 * 2312 * If a program of type **BPF_PROG_TYPE_SK_MSG** is run on a 2313 * *msg* it may want to insert metadata or options into the *msg*. 2314 * This can later be read and used by any of the lower layer BPF 2315 * hooks. 2316 * 2317 * This helper may fail if under memory pressure (a malloc 2318 * fails) in these cases BPF programs will get an appropriate 2319 * error and BPF programs will need to handle them. 2320 * 2321 * Returns 2322 * 0 on success, or a negative error in case of failure. 2323 */ 2324 static long (*bpf_msg_push_data)(struct sk_msg_md *msg, __u32 start, __u32 len, __u64 flags) = (void *) 90; 2325 2326 /* 2327 * bpf_msg_pop_data 2328 * 2329 * Will remove *len* bytes from a *msg* starting at byte *start*. 2330 * This may result in **ENOMEM** errors under certain situations if 2331 * an allocation and copy are required due to a full ring buffer. 2332 * However, the helper will try to avoid doing the allocation 2333 * if possible. Other errors can occur if input parameters are 2334 * invalid either due to *start* byte not being valid part of *msg* 2335 * payload and/or *pop* value being to large. 2336 * 2337 * Returns 2338 * 0 on success, or a negative error in case of failure. 2339 */ 2340 static long (*bpf_msg_pop_data)(struct sk_msg_md *msg, __u32 start, __u32 len, __u64 flags) = (void *) 91; 2341 2342 /* 2343 * bpf_rc_pointer_rel 2344 * 2345 * This helper is used in programs implementing IR decoding, to 2346 * report a successfully decoded pointer movement. 2347 * 2348 * The *ctx* should point to the lirc sample as passed into 2349 * the program. 2350 * 2351 * This helper is only available is the kernel was compiled with 2352 * the **CONFIG_BPF_LIRC_MODE2** configuration option set to 2353 * "**y**". 2354 * 2355 * Returns 2356 * 0 2357 */ 2358 static long (*bpf_rc_pointer_rel)(void *ctx, __s32 rel_x, __s32 rel_y) = (void *) 92; 2359 2360 /* 2361 * bpf_spin_lock 2362 * 2363 * Acquire a spinlock represented by the pointer *lock*, which is 2364 * stored as part of a value of a map. Taking the lock allows to 2365 * safely update the rest of the fields in that value. The 2366 * spinlock can (and must) later be released with a call to 2367 * **bpf_spin_unlock**\ (\ *lock*\ ). 2368 * 2369 * Spinlocks in BPF programs come with a number of restrictions 2370 * and constraints: 2371 * 2372 * * **bpf_spin_lock** objects are only allowed inside maps of 2373 * types **BPF_MAP_TYPE_HASH** and **BPF_MAP_TYPE_ARRAY** (this 2374 * list could be extended in the future). 2375 * * BTF description of the map is mandatory. 2376 * * The BPF program can take ONE lock at a time, since taking two 2377 * or more could cause dead locks. 2378 * * Only one **struct bpf_spin_lock** is allowed per map element. 2379 * * When the lock is taken, calls (either BPF to BPF or helpers) 2380 * are not allowed. 2381 * * The **BPF_LD_ABS** and **BPF_LD_IND** instructions are not 2382 * allowed inside a spinlock-ed region. 2383 * * The BPF program MUST call **bpf_spin_unlock**\ () to release 2384 * the lock, on all execution paths, before it returns. 2385 * * The BPF program can access **struct bpf_spin_lock** only via 2386 * the **bpf_spin_lock**\ () and **bpf_spin_unlock**\ () 2387 * helpers. Loading or storing data into the **struct 2388 * bpf_spin_lock** *lock*\ **;** field of a map is not allowed. 2389 * * To use the **bpf_spin_lock**\ () helper, the BTF description 2390 * of the map value must be a struct and have **struct 2391 * bpf_spin_lock** *anyname*\ **;** field at the top level. 2392 * Nested lock inside another struct is not allowed. 2393 * * The **struct bpf_spin_lock** *lock* field in a map value must 2394 * be aligned on a multiple of 4 bytes in that value. 2395 * * Syscall with command **BPF_MAP_LOOKUP_ELEM** does not copy 2396 * the **bpf_spin_lock** field to user space. 2397 * * Syscall with command **BPF_MAP_UPDATE_ELEM**, or update from 2398 * a BPF program, do not update the **bpf_spin_lock** field. 2399 * * **bpf_spin_lock** cannot be on the stack or inside a 2400 * networking packet (it can only be inside of a map values). 2401 * * **bpf_spin_lock** is available to root only. 2402 * * Tracing programs and socket filter programs cannot use 2403 * **bpf_spin_lock**\ () due to insufficient preemption checks 2404 * (but this may change in the future). 2405 * * **bpf_spin_lock** is not allowed in inner maps of map-in-map. 2406 * 2407 * Returns 2408 * 0 2409 */ 2410 static long (*bpf_spin_lock)(struct bpf_spin_lock *lock) = (void *) 93; 2411 2412 /* 2413 * bpf_spin_unlock 2414 * 2415 * Release the *lock* previously locked by a call to 2416 * **bpf_spin_lock**\ (\ *lock*\ ). 2417 * 2418 * Returns 2419 * 0 2420 */ 2421 static long (*bpf_spin_unlock)(struct bpf_spin_lock *lock) = (void *) 94; 2422 2423 /* 2424 * bpf_sk_fullsock 2425 * 2426 * This helper gets a **struct bpf_sock** pointer such 2427 * that all the fields in this **bpf_sock** can be accessed. 2428 * 2429 * Returns 2430 * A **struct bpf_sock** pointer on success, or **NULL** in 2431 * case of failure. 2432 */ 2433 static struct bpf_sock *(*bpf_sk_fullsock)(struct bpf_sock *sk) = (void *) 95; 2434 2435 /* 2436 * bpf_tcp_sock 2437 * 2438 * This helper gets a **struct bpf_tcp_sock** pointer from a 2439 * **struct bpf_sock** pointer. 2440 * 2441 * Returns 2442 * A **struct bpf_tcp_sock** pointer on success, or **NULL** in 2443 * case of failure. 2444 */ 2445 static struct bpf_tcp_sock *(*bpf_tcp_sock)(struct bpf_sock *sk) = (void *) 96; 2446 2447 /* 2448 * bpf_skb_ecn_set_ce 2449 * 2450 * Set ECN (Explicit Congestion Notification) field of IP header 2451 * to **CE** (Congestion Encountered) if current value is **ECT** 2452 * (ECN Capable Transport). Otherwise, do nothing. Works with IPv6 2453 * and IPv4. 2454 * 2455 * Returns 2456 * 1 if the **CE** flag is set (either by the current helper call 2457 * or because it was already present), 0 if it is not set. 2458 */ 2459 static long (*bpf_skb_ecn_set_ce)(struct __sk_buff *skb) = (void *) 97; 2460 2461 /* 2462 * bpf_get_listener_sock 2463 * 2464 * Return a **struct bpf_sock** pointer in **TCP_LISTEN** state. 2465 * **bpf_sk_release**\ () is unnecessary and not allowed. 2466 * 2467 * Returns 2468 * A **struct bpf_sock** pointer on success, or **NULL** in 2469 * case of failure. 2470 */ 2471 static struct bpf_sock *(*bpf_get_listener_sock)(struct bpf_sock *sk) = (void *) 98; 2472 2473 /* 2474 * bpf_skc_lookup_tcp 2475 * 2476 * Look for TCP socket matching *tuple*, optionally in a child 2477 * network namespace *netns*. The return value must be checked, 2478 * and if non-**NULL**, released via **bpf_sk_release**\ (). 2479 * 2480 * This function is identical to **bpf_sk_lookup_tcp**\ (), except 2481 * that it also returns timewait or request sockets. Use 2482 * **bpf_sk_fullsock**\ () or **bpf_tcp_sock**\ () to access the 2483 * full structure. 2484 * 2485 * This helper is available only if the kernel was compiled with 2486 * **CONFIG_NET** configuration option. 2487 * 2488 * Returns 2489 * Pointer to **struct bpf_sock**, or **NULL** in case of failure. 2490 * For sockets with reuseport option, the **struct bpf_sock** 2491 * result is from *reuse*\ **->socks**\ [] using the hash of the 2492 * tuple. 2493 */ 2494 static struct bpf_sock *(*bpf_skc_lookup_tcp)(void *ctx, struct bpf_sock_tuple *tuple, __u32 tuple_size, __u64 netns, __u64 flags) = (void *) 99; 2495 2496 /* 2497 * bpf_tcp_check_syncookie 2498 * 2499 * Check whether *iph* and *th* contain a valid SYN cookie ACK for 2500 * the listening socket in *sk*. 2501 * 2502 * *iph* points to the start of the IPv4 or IPv6 header, while 2503 * *iph_len* contains **sizeof**\ (**struct iphdr**) or 2504 * **sizeof**\ (**struct ipv6hdr**). 2505 * 2506 * *th* points to the start of the TCP header, while *th_len* 2507 * contains the length of the TCP header (at least 2508 * **sizeof**\ (**struct tcphdr**)). 2509 * 2510 * Returns 2511 * 0 if *iph* and *th* are a valid SYN cookie ACK, or a negative 2512 * error otherwise. 2513 */ 2514 static long (*bpf_tcp_check_syncookie)(void *sk, void *iph, __u32 iph_len, struct tcphdr *th, __u32 th_len) = (void *) 100; 2515 2516 /* 2517 * bpf_sysctl_get_name 2518 * 2519 * Get name of sysctl in /proc/sys/ and copy it into provided by 2520 * program buffer *buf* of size *buf_len*. 2521 * 2522 * The buffer is always NUL terminated, unless it's zero-sized. 2523 * 2524 * If *flags* is zero, full name (e.g. "net/ipv4/tcp_mem") is 2525 * copied. Use **BPF_F_SYSCTL_BASE_NAME** flag to copy base name 2526 * only (e.g. "tcp_mem"). 2527 * 2528 * Returns 2529 * Number of character copied (not including the trailing NUL). 2530 * 2531 * **-E2BIG** if the buffer wasn't big enough (*buf* will contain 2532 * truncated name in this case). 2533 */ 2534 static long (*bpf_sysctl_get_name)(struct bpf_sysctl *ctx, char *buf, unsigned long buf_len, __u64 flags) = (void *) 101; 2535 2536 /* 2537 * bpf_sysctl_get_current_value 2538 * 2539 * Get current value of sysctl as it is presented in /proc/sys 2540 * (incl. newline, etc), and copy it as a string into provided 2541 * by program buffer *buf* of size *buf_len*. 2542 * 2543 * The whole value is copied, no matter what file position user 2544 * space issued e.g. sys_read at. 2545 * 2546 * The buffer is always NUL terminated, unless it's zero-sized. 2547 * 2548 * Returns 2549 * Number of character copied (not including the trailing NUL). 2550 * 2551 * **-E2BIG** if the buffer wasn't big enough (*buf* will contain 2552 * truncated name in this case). 2553 * 2554 * **-EINVAL** if current value was unavailable, e.g. because 2555 * sysctl is uninitialized and read returns -EIO for it. 2556 */ 2557 static long (*bpf_sysctl_get_current_value)(struct bpf_sysctl *ctx, char *buf, unsigned long buf_len) = (void *) 102; 2558 2559 /* 2560 * bpf_sysctl_get_new_value 2561 * 2562 * Get new value being written by user space to sysctl (before 2563 * the actual write happens) and copy it as a string into 2564 * provided by program buffer *buf* of size *buf_len*. 2565 * 2566 * User space may write new value at file position > 0. 2567 * 2568 * The buffer is always NUL terminated, unless it's zero-sized. 2569 * 2570 * Returns 2571 * Number of character copied (not including the trailing NUL). 2572 * 2573 * **-E2BIG** if the buffer wasn't big enough (*buf* will contain 2574 * truncated name in this case). 2575 * 2576 * **-EINVAL** if sysctl is being read. 2577 */ 2578 static long (*bpf_sysctl_get_new_value)(struct bpf_sysctl *ctx, char *buf, unsigned long buf_len) = (void *) 103; 2579 2580 /* 2581 * bpf_sysctl_set_new_value 2582 * 2583 * Override new value being written by user space to sysctl with 2584 * value provided by program in buffer *buf* of size *buf_len*. 2585 * 2586 * *buf* should contain a string in same form as provided by user 2587 * space on sysctl write. 2588 * 2589 * User space may write new value at file position > 0. To override 2590 * the whole sysctl value file position should be set to zero. 2591 * 2592 * Returns 2593 * 0 on success. 2594 * 2595 * **-E2BIG** if the *buf_len* is too big. 2596 * 2597 * **-EINVAL** if sysctl is being read. 2598 */ 2599 static long (*bpf_sysctl_set_new_value)(struct bpf_sysctl *ctx, const char *buf, unsigned long buf_len) = (void *) 104; 2600 2601 /* 2602 * bpf_strtol 2603 * 2604 * Convert the initial part of the string from buffer *buf* of 2605 * size *buf_len* to a long integer according to the given base 2606 * and save the result in *res*. 2607 * 2608 * The string may begin with an arbitrary amount of white space 2609 * (as determined by **isspace**\ (3)) followed by a single 2610 * optional '**-**' sign. 2611 * 2612 * Five least significant bits of *flags* encode base, other bits 2613 * are currently unused. 2614 * 2615 * Base must be either 8, 10, 16 or 0 to detect it automatically 2616 * similar to user space **strtol**\ (3). 2617 * 2618 * Returns 2619 * Number of characters consumed on success. Must be positive but 2620 * no more than *buf_len*. 2621 * 2622 * **-EINVAL** if no valid digits were found or unsupported base 2623 * was provided. 2624 * 2625 * **-ERANGE** if resulting value was out of range. 2626 */ 2627 static long (*bpf_strtol)(const char *buf, unsigned long buf_len, __u64 flags, long *res) = (void *) 105; 2628 2629 /* 2630 * bpf_strtoul 2631 * 2632 * Convert the initial part of the string from buffer *buf* of 2633 * size *buf_len* to an unsigned long integer according to the 2634 * given base and save the result in *res*. 2635 * 2636 * The string may begin with an arbitrary amount of white space 2637 * (as determined by **isspace**\ (3)). 2638 * 2639 * Five least significant bits of *flags* encode base, other bits 2640 * are currently unused. 2641 * 2642 * Base must be either 8, 10, 16 or 0 to detect it automatically 2643 * similar to user space **strtoul**\ (3). 2644 * 2645 * Returns 2646 * Number of characters consumed on success. Must be positive but 2647 * no more than *buf_len*. 2648 * 2649 * **-EINVAL** if no valid digits were found or unsupported base 2650 * was provided. 2651 * 2652 * **-ERANGE** if resulting value was out of range. 2653 */ 2654 static long (*bpf_strtoul)(const char *buf, unsigned long buf_len, __u64 flags, unsigned long *res) = (void *) 106; 2655 2656 /* 2657 * bpf_sk_storage_get 2658 * 2659 * Get a bpf-local-storage from a *sk*. 2660 * 2661 * Logically, it could be thought of getting the value from 2662 * a *map* with *sk* as the **key**. From this 2663 * perspective, the usage is not much different from 2664 * **bpf_map_lookup_elem**\ (*map*, **&**\ *sk*) except this 2665 * helper enforces the key must be a full socket and the map must 2666 * be a **BPF_MAP_TYPE_SK_STORAGE** also. 2667 * 2668 * Underneath, the value is stored locally at *sk* instead of 2669 * the *map*. The *map* is used as the bpf-local-storage 2670 * "type". The bpf-local-storage "type" (i.e. the *map*) is 2671 * searched against all bpf-local-storages residing at *sk*. 2672 * 2673 * *sk* is a kernel **struct sock** pointer for LSM program. 2674 * *sk* is a **struct bpf_sock** pointer for other program types. 2675 * 2676 * An optional *flags* (**BPF_SK_STORAGE_GET_F_CREATE**) can be 2677 * used such that a new bpf-local-storage will be 2678 * created if one does not exist. *value* can be used 2679 * together with **BPF_SK_STORAGE_GET_F_CREATE** to specify 2680 * the initial value of a bpf-local-storage. If *value* is 2681 * **NULL**, the new bpf-local-storage will be zero initialized. 2682 * 2683 * Returns 2684 * A bpf-local-storage pointer is returned on success. 2685 * 2686 * **NULL** if not found or there was an error in adding 2687 * a new bpf-local-storage. 2688 */ 2689 static void *(*bpf_sk_storage_get)(void *map, void *sk, void *value, __u64 flags) = (void *) 107; 2690 2691 /* 2692 * bpf_sk_storage_delete 2693 * 2694 * Delete a bpf-local-storage from a *sk*. 2695 * 2696 * Returns 2697 * 0 on success. 2698 * 2699 * **-ENOENT** if the bpf-local-storage cannot be found. 2700 * **-EINVAL** if sk is not a fullsock (e.g. a request_sock). 2701 */ 2702 static long (*bpf_sk_storage_delete)(void *map, void *sk) = (void *) 108; 2703 2704 /* 2705 * bpf_send_signal 2706 * 2707 * Send signal *sig* to the process of the current task. 2708 * The signal may be delivered to any of this process's threads. 2709 * 2710 * Returns 2711 * 0 on success or successfully queued. 2712 * 2713 * **-EBUSY** if work queue under nmi is full. 2714 * 2715 * **-EINVAL** if *sig* is invalid. 2716 * 2717 * **-EPERM** if no permission to send the *sig*. 2718 * 2719 * **-EAGAIN** if bpf program can try again. 2720 */ 2721 static long (*bpf_send_signal)(__u32 sig) = (void *) 109; 2722 2723 /* 2724 * bpf_tcp_gen_syncookie 2725 * 2726 * Try to issue a SYN cookie for the packet with corresponding 2727 * IP/TCP headers, *iph* and *th*, on the listening socket in *sk*. 2728 * 2729 * *iph* points to the start of the IPv4 or IPv6 header, while 2730 * *iph_len* contains **sizeof**\ (**struct iphdr**) or 2731 * **sizeof**\ (**struct ipv6hdr**). 2732 * 2733 * *th* points to the start of the TCP header, while *th_len* 2734 * contains the length of the TCP header with options (at least 2735 * **sizeof**\ (**struct tcphdr**)). 2736 * 2737 * Returns 2738 * On success, lower 32 bits hold the generated SYN cookie in 2739 * followed by 16 bits which hold the MSS value for that cookie, 2740 * and the top 16 bits are unused. 2741 * 2742 * On failure, the returned value is one of the following: 2743 * 2744 * **-EINVAL** SYN cookie cannot be issued due to error 2745 * 2746 * **-ENOENT** SYN cookie should not be issued (no SYN flood) 2747 * 2748 * **-EOPNOTSUPP** kernel configuration does not enable SYN cookies 2749 * 2750 * **-EPROTONOSUPPORT** IP packet version is not 4 or 6 2751 */ 2752 static __s64 (*bpf_tcp_gen_syncookie)(void *sk, void *iph, __u32 iph_len, struct tcphdr *th, __u32 th_len) = (void *) 110; 2753 2754 /* 2755 * bpf_skb_output 2756 * 2757 * Write raw *data* blob into a special BPF perf event held by 2758 * *map* of type **BPF_MAP_TYPE_PERF_EVENT_ARRAY**. This perf 2759 * event must have the following attributes: **PERF_SAMPLE_RAW** 2760 * as **sample_type**, **PERF_TYPE_SOFTWARE** as **type**, and 2761 * **PERF_COUNT_SW_BPF_OUTPUT** as **config**. 2762 * 2763 * The *flags* are used to indicate the index in *map* for which 2764 * the value must be put, masked with **BPF_F_INDEX_MASK**. 2765 * Alternatively, *flags* can be set to **BPF_F_CURRENT_CPU** 2766 * to indicate that the index of the current CPU core should be 2767 * used. 2768 * 2769 * The value to write, of *size*, is passed through eBPF stack and 2770 * pointed by *data*. 2771 * 2772 * *ctx* is a pointer to in-kernel struct sk_buff. 2773 * 2774 * This helper is similar to **bpf_perf_event_output**\ () but 2775 * restricted to raw_tracepoint bpf programs. 2776 * 2777 * Returns 2778 * 0 on success, or a negative error in case of failure. 2779 */ 2780 static long (*bpf_skb_output)(void *ctx, void *map, __u64 flags, void *data, __u64 size) = (void *) 111; 2781 2782 /* 2783 * bpf_probe_read_user 2784 * 2785 * Safely attempt to read *size* bytes from user space address 2786 * *unsafe_ptr* and store the data in *dst*. 2787 * 2788 * Returns 2789 * 0 on success, or a negative error in case of failure. 2790 */ 2791 static long (*bpf_probe_read_user)(void *dst, __u32 size, const void *unsafe_ptr) = (void *) 112; 2792 2793 /* 2794 * bpf_probe_read_kernel 2795 * 2796 * Safely attempt to read *size* bytes from kernel space address 2797 * *unsafe_ptr* and store the data in *dst*. 2798 * 2799 * Returns 2800 * 0 on success, or a negative error in case of failure. 2801 */ 2802 static long (*bpf_probe_read_kernel)(void *dst, __u32 size, const void *unsafe_ptr) = (void *) 113; 2803 2804 /* 2805 * bpf_probe_read_user_str 2806 * 2807 * Copy a NUL terminated string from an unsafe user address 2808 * *unsafe_ptr* to *dst*. The *size* should include the 2809 * terminating NUL byte. In case the string length is smaller than 2810 * *size*, the target is not padded with further NUL bytes. If the 2811 * string length is larger than *size*, just *size*-1 bytes are 2812 * copied and the last byte is set to NUL. 2813 * 2814 * On success, returns the number of bytes that were written, 2815 * including the terminal NUL. This makes this helper useful in 2816 * tracing programs for reading strings, and more importantly to 2817 * get its length at runtime. See the following snippet: 2818 * 2819 * :: 2820 * 2821 * SEC("kprobe/sys_open") 2822 * void bpf_sys_open(struct pt_regs *ctx) 2823 * { 2824 * char buf[PATHLEN]; // PATHLEN is defined to 256 2825 * int res = bpf_probe_read_user_str(buf, sizeof(buf), 2826 * ctx->di); 2827 * 2828 * // Consume buf, for example push it to 2829 * // userspace via bpf_perf_event_output(); we 2830 * // can use res (the string length) as event 2831 * // size, after checking its boundaries. 2832 * } 2833 * 2834 * In comparison, using **bpf_probe_read_user**\ () helper here 2835 * instead to read the string would require to estimate the length 2836 * at compile time, and would often result in copying more memory 2837 * than necessary. 2838 * 2839 * Another useful use case is when parsing individual process 2840 * arguments or individual environment variables navigating 2841 * *current*\ **->mm->arg_start** and *current*\ 2842 * **->mm->env_start**: using this helper and the return value, 2843 * one can quickly iterate at the right offset of the memory area. 2844 * 2845 * Returns 2846 * On success, the strictly positive length of the output string, 2847 * including the trailing NUL character. On error, a negative 2848 * value. 2849 */ 2850 static long (*bpf_probe_read_user_str)(void *dst, __u32 size, const void *unsafe_ptr) = (void *) 114; 2851 2852 /* 2853 * bpf_probe_read_kernel_str 2854 * 2855 * Copy a NUL terminated string from an unsafe kernel address *unsafe_ptr* 2856 * to *dst*. Same semantics as with **bpf_probe_read_user_str**\ () apply. 2857 * 2858 * Returns 2859 * On success, the strictly positive length of the string, including 2860 * the trailing NUL character. On error, a negative value. 2861 */ 2862 static long (*bpf_probe_read_kernel_str)(void *dst, __u32 size, const void *unsafe_ptr) = (void *) 115; 2863 2864 /* 2865 * bpf_tcp_send_ack 2866 * 2867 * Send out a tcp-ack. *tp* is the in-kernel struct **tcp_sock**. 2868 * *rcv_nxt* is the ack_seq to be sent out. 2869 * 2870 * Returns 2871 * 0 on success, or a negative error in case of failure. 2872 */ 2873 static long (*bpf_tcp_send_ack)(void *tp, __u32 rcv_nxt) = (void *) 116; 2874 2875 /* 2876 * bpf_send_signal_thread 2877 * 2878 * Send signal *sig* to the thread corresponding to the current task. 2879 * 2880 * Returns 2881 * 0 on success or successfully queued. 2882 * 2883 * **-EBUSY** if work queue under nmi is full. 2884 * 2885 * **-EINVAL** if *sig* is invalid. 2886 * 2887 * **-EPERM** if no permission to send the *sig*. 2888 * 2889 * **-EAGAIN** if bpf program can try again. 2890 */ 2891 static long (*bpf_send_signal_thread)(__u32 sig) = (void *) 117; 2892 2893 /* 2894 * bpf_jiffies64 2895 * 2896 * Obtain the 64bit jiffies 2897 * 2898 * Returns 2899 * The 64 bit jiffies 2900 */ 2901 static __u64 (*bpf_jiffies64)(void) = (void *) 118; 2902 2903 /* 2904 * bpf_read_branch_records 2905 * 2906 * For an eBPF program attached to a perf event, retrieve the 2907 * branch records (**struct perf_branch_entry**) associated to *ctx* 2908 * and store it in the buffer pointed by *buf* up to size 2909 * *size* bytes. 2910 * 2911 * Returns 2912 * On success, number of bytes written to *buf*. On error, a 2913 * negative value. 2914 * 2915 * The *flags* can be set to **BPF_F_GET_BRANCH_RECORDS_SIZE** to 2916 * instead return the number of bytes required to store all the 2917 * branch entries. If this flag is set, *buf* may be NULL. 2918 * 2919 * **-EINVAL** if arguments invalid or **size** not a multiple 2920 * of **sizeof**\ (**struct perf_branch_entry**\ ). 2921 * 2922 * **-ENOENT** if architecture does not support branch records. 2923 */ 2924 static long (*bpf_read_branch_records)(struct bpf_perf_event_data *ctx, void *buf, __u32 size, __u64 flags) = (void *) 119; 2925 2926 /* 2927 * bpf_get_ns_current_pid_tgid 2928 * 2929 * Returns 0 on success, values for *pid* and *tgid* as seen from the current 2930 * *namespace* will be returned in *nsdata*. 2931 * 2932 * Returns 2933 * 0 on success, or one of the following in case of failure: 2934 * 2935 * **-EINVAL** if dev and inum supplied don't match dev_t and inode number 2936 * with nsfs of current task, or if dev conversion to dev_t lost high bits. 2937 * 2938 * **-ENOENT** if pidns does not exists for the current task. 2939 */ 2940 static long (*bpf_get_ns_current_pid_tgid)(__u64 dev, __u64 ino, struct bpf_pidns_info *nsdata, __u32 size) = (void *) 120; 2941 2942 /* 2943 * bpf_xdp_output 2944 * 2945 * Write raw *data* blob into a special BPF perf event held by 2946 * *map* of type **BPF_MAP_TYPE_PERF_EVENT_ARRAY**. This perf 2947 * event must have the following attributes: **PERF_SAMPLE_RAW** 2948 * as **sample_type**, **PERF_TYPE_SOFTWARE** as **type**, and 2949 * **PERF_COUNT_SW_BPF_OUTPUT** as **config**. 2950 * 2951 * The *flags* are used to indicate the index in *map* for which 2952 * the value must be put, masked with **BPF_F_INDEX_MASK**. 2953 * Alternatively, *flags* can be set to **BPF_F_CURRENT_CPU** 2954 * to indicate that the index of the current CPU core should be 2955 * used. 2956 * 2957 * The value to write, of *size*, is passed through eBPF stack and 2958 * pointed by *data*. 2959 * 2960 * *ctx* is a pointer to in-kernel struct xdp_buff. 2961 * 2962 * This helper is similar to **bpf_perf_eventoutput**\ () but 2963 * restricted to raw_tracepoint bpf programs. 2964 * 2965 * Returns 2966 * 0 on success, or a negative error in case of failure. 2967 */ 2968 static long (*bpf_xdp_output)(void *ctx, void *map, __u64 flags, void *data, __u64 size) = (void *) 121; 2969 2970 /* 2971 * bpf_get_netns_cookie 2972 * 2973 * Retrieve the cookie (generated by the kernel) of the network 2974 * namespace the input *ctx* is associated with. The network 2975 * namespace cookie remains stable for its lifetime and provides 2976 * a global identifier that can be assumed unique. If *ctx* is 2977 * NULL, then the helper returns the cookie for the initial 2978 * network namespace. The cookie itself is very similar to that 2979 * of **bpf_get_socket_cookie**\ () helper, but for network 2980 * namespaces instead of sockets. 2981 * 2982 * Returns 2983 * A 8-byte long opaque number. 2984 */ 2985 static __u64 (*bpf_get_netns_cookie)(void *ctx) = (void *) 122; 2986 2987 /* 2988 * bpf_get_current_ancestor_cgroup_id 2989 * 2990 * Return id of cgroup v2 that is ancestor of the cgroup associated 2991 * with the current task at the *ancestor_level*. The root cgroup 2992 * is at *ancestor_level* zero and each step down the hierarchy 2993 * increments the level. If *ancestor_level* == level of cgroup 2994 * associated with the current task, then return value will be the 2995 * same as that of **bpf_get_current_cgroup_id**\ (). 2996 * 2997 * The helper is useful to implement policies based on cgroups 2998 * that are upper in hierarchy than immediate cgroup associated 2999 * with the current task. 3000 * 3001 * The format of returned id and helper limitations are same as in 3002 * **bpf_get_current_cgroup_id**\ (). 3003 * 3004 * Returns 3005 * The id is returned or 0 in case the id could not be retrieved. 3006 */ 3007 static __u64 (*bpf_get_current_ancestor_cgroup_id)(int ancestor_level) = (void *) 123; 3008 3009 /* 3010 * bpf_sk_assign 3011 * 3012 * Helper is overloaded depending on BPF program type. This 3013 * description applies to **BPF_PROG_TYPE_SCHED_CLS** and 3014 * **BPF_PROG_TYPE_SCHED_ACT** programs. 3015 * 3016 * Assign the *sk* to the *skb*. When combined with appropriate 3017 * routing configuration to receive the packet towards the socket, 3018 * will cause *skb* to be delivered to the specified socket. 3019 * Subsequent redirection of *skb* via **bpf_redirect**\ (), 3020 * **bpf_clone_redirect**\ () or other methods outside of BPF may 3021 * interfere with successful delivery to the socket. 3022 * 3023 * This operation is only valid from TC ingress path. 3024 * 3025 * The *flags* argument must be zero. 3026 * 3027 * Returns 3028 * 0 on success, or a negative error in case of failure: 3029 * 3030 * **-EINVAL** if specified *flags* are not supported. 3031 * 3032 * **-ENOENT** if the socket is unavailable for assignment. 3033 * 3034 * **-ENETUNREACH** if the socket is unreachable (wrong netns). 3035 * 3036 * **-EOPNOTSUPP** if the operation is not supported, for example 3037 * a call from outside of TC ingress. 3038 */ 3039 static long (*bpf_sk_assign)(void *ctx, void *sk, __u64 flags) = (void *) 124; 3040 3041 /* 3042 * bpf_ktime_get_boot_ns 3043 * 3044 * Return the time elapsed since system boot, in nanoseconds. 3045 * Does include the time the system was suspended. 3046 * See: **clock_gettime**\ (**CLOCK_BOOTTIME**) 3047 * 3048 * Returns 3049 * Current *ktime*. 3050 */ 3051 static __u64 (*bpf_ktime_get_boot_ns)(void) = (void *) 125; 3052 3053 /* 3054 * bpf_seq_printf 3055 * 3056 * **bpf_seq_printf**\ () uses seq_file **seq_printf**\ () to print 3057 * out the format string. 3058 * The *m* represents the seq_file. The *fmt* and *fmt_size* are for 3059 * the format string itself. The *data* and *data_len* are format string 3060 * arguments. The *data* are a **u64** array and corresponding format string 3061 * values are stored in the array. For strings and pointers where pointees 3062 * are accessed, only the pointer values are stored in the *data* array. 3063 * The *data_len* is the size of *data* in bytes - must be a multiple of 8. 3064 * 3065 * Formats **%s**, **%p{i,I}{4,6}** requires to read kernel memory. 3066 * Reading kernel memory may fail due to either invalid address or 3067 * valid address but requiring a major memory fault. If reading kernel memory 3068 * fails, the string for **%s** will be an empty string, and the ip 3069 * address for **%p{i,I}{4,6}** will be 0. Not returning error to 3070 * bpf program is consistent with what **bpf_trace_printk**\ () does for now. 3071 * 3072 * Returns 3073 * 0 on success, or a negative error in case of failure: 3074 * 3075 * **-EBUSY** if per-CPU memory copy buffer is busy, can try again 3076 * by returning 1 from bpf program. 3077 * 3078 * **-EINVAL** if arguments are invalid, or if *fmt* is invalid/unsupported. 3079 * 3080 * **-E2BIG** if *fmt* contains too many format specifiers. 3081 * 3082 * **-EOVERFLOW** if an overflow happened: The same object will be tried again. 3083 */ 3084 static long (*bpf_seq_printf)(struct seq_file *m, const char *fmt, __u32 fmt_size, const void *data, __u32 data_len) = (void *) 126; 3085 3086 /* 3087 * bpf_seq_write 3088 * 3089 * **bpf_seq_write**\ () uses seq_file **seq_write**\ () to write the data. 3090 * The *m* represents the seq_file. The *data* and *len* represent the 3091 * data to write in bytes. 3092 * 3093 * Returns 3094 * 0 on success, or a negative error in case of failure: 3095 * 3096 * **-EOVERFLOW** if an overflow happened: The same object will be tried again. 3097 */ 3098 static long (*bpf_seq_write)(struct seq_file *m, const void *data, __u32 len) = (void *) 127; 3099 3100 /* 3101 * bpf_sk_cgroup_id 3102 * 3103 * Return the cgroup v2 id of the socket *sk*. 3104 * 3105 * *sk* must be a non-**NULL** pointer to a socket, e.g. one 3106 * returned from **bpf_sk_lookup_xxx**\ (), 3107 * **bpf_sk_fullsock**\ (), etc. The format of returned id is 3108 * same as in **bpf_skb_cgroup_id**\ (). 3109 * 3110 * This helper is available only if the kernel was compiled with 3111 * the **CONFIG_SOCK_CGROUP_DATA** configuration option. 3112 * 3113 * Returns 3114 * The id is returned or 0 in case the id could not be retrieved. 3115 */ 3116 static __u64 (*bpf_sk_cgroup_id)(void *sk) = (void *) 128; 3117 3118 /* 3119 * bpf_sk_ancestor_cgroup_id 3120 * 3121 * Return id of cgroup v2 that is ancestor of cgroup associated 3122 * with the *sk* at the *ancestor_level*. The root cgroup is at 3123 * *ancestor_level* zero and each step down the hierarchy 3124 * increments the level. If *ancestor_level* == level of cgroup 3125 * associated with *sk*, then return value will be same as that 3126 * of **bpf_sk_cgroup_id**\ (). 3127 * 3128 * The helper is useful to implement policies based on cgroups 3129 * that are upper in hierarchy than immediate cgroup associated 3130 * with *sk*. 3131 * 3132 * The format of returned id and helper limitations are same as in 3133 * **bpf_sk_cgroup_id**\ (). 3134 * 3135 * Returns 3136 * The id is returned or 0 in case the id could not be retrieved. 3137 */ 3138 static __u64 (*bpf_sk_ancestor_cgroup_id)(void *sk, int ancestor_level) = (void *) 129; 3139 3140 /* 3141 * bpf_ringbuf_output 3142 * 3143 * Copy *size* bytes from *data* into a ring buffer *ringbuf*. 3144 * If **BPF_RB_NO_WAKEUP** is specified in *flags*, no notification 3145 * of new data availability is sent. 3146 * If **BPF_RB_FORCE_WAKEUP** is specified in *flags*, notification 3147 * of new data availability is sent unconditionally. 3148 * If **0** is specified in *flags*, an adaptive notification 3149 * of new data availability is sent. 3150 * 3151 * An adaptive notification is a notification sent whenever the user-space 3152 * process has caught up and consumed all available payloads. In case the user-space 3153 * process is still processing a previous payload, then no notification is needed 3154 * as it will process the newly added payload automatically. 3155 * 3156 * Returns 3157 * 0 on success, or a negative error in case of failure. 3158 */ 3159 static long (*bpf_ringbuf_output)(void *ringbuf, void *data, __u64 size, __u64 flags) = (void *) 130; 3160 3161 /* 3162 * bpf_ringbuf_reserve 3163 * 3164 * Reserve *size* bytes of payload in a ring buffer *ringbuf*. 3165 * *flags* must be 0. 3166 * 3167 * Returns 3168 * Valid pointer with *size* bytes of memory available; NULL, 3169 * otherwise. 3170 */ 3171 static void *(*bpf_ringbuf_reserve)(void *ringbuf, __u64 size, __u64 flags) = (void *) 131; 3172 3173 /* 3174 * bpf_ringbuf_submit 3175 * 3176 * Submit reserved ring buffer sample, pointed to by *data*. 3177 * If **BPF_RB_NO_WAKEUP** is specified in *flags*, no notification 3178 * of new data availability is sent. 3179 * If **BPF_RB_FORCE_WAKEUP** is specified in *flags*, notification 3180 * of new data availability is sent unconditionally. 3181 * If **0** is specified in *flags*, an adaptive notification 3182 * of new data availability is sent. 3183 * 3184 * See 'bpf_ringbuf_output()' for the definition of adaptive notification. 3185 * 3186 * Returns 3187 * Nothing. Always succeeds. 3188 */ 3189 static void (*bpf_ringbuf_submit)(void *data, __u64 flags) = (void *) 132; 3190 3191 /* 3192 * bpf_ringbuf_discard 3193 * 3194 * Discard reserved ring buffer sample, pointed to by *data*. 3195 * If **BPF_RB_NO_WAKEUP** is specified in *flags*, no notification 3196 * of new data availability is sent. 3197 * If **BPF_RB_FORCE_WAKEUP** is specified in *flags*, notification 3198 * of new data availability is sent unconditionally. 3199 * If **0** is specified in *flags*, an adaptive notification 3200 * of new data availability is sent. 3201 * 3202 * See 'bpf_ringbuf_output()' for the definition of adaptive notification. 3203 * 3204 * Returns 3205 * Nothing. Always succeeds. 3206 */ 3207 static void (*bpf_ringbuf_discard)(void *data, __u64 flags) = (void *) 133; 3208 3209 /* 3210 * bpf_ringbuf_query 3211 * 3212 * Query various characteristics of provided ring buffer. What 3213 * exactly is queries is determined by *flags*: 3214 * 3215 * * **BPF_RB_AVAIL_DATA**: Amount of data not yet consumed. 3216 * * **BPF_RB_RING_SIZE**: The size of ring buffer. 3217 * * **BPF_RB_CONS_POS**: Consumer position (can wrap around). 3218 * * **BPF_RB_PROD_POS**: Producer(s) position (can wrap around). 3219 * 3220 * Data returned is just a momentary snapshot of actual values 3221 * and could be inaccurate, so this facility should be used to 3222 * power heuristics and for reporting, not to make 100% correct 3223 * calculation. 3224 * 3225 * Returns 3226 * Requested value, or 0, if *flags* are not recognized. 3227 */ 3228 static __u64 (*bpf_ringbuf_query)(void *ringbuf, __u64 flags) = (void *) 134; 3229 3230 /* 3231 * bpf_csum_level 3232 * 3233 * Change the skbs checksum level by one layer up or down, or 3234 * reset it entirely to none in order to have the stack perform 3235 * checksum validation. The level is applicable to the following 3236 * protocols: TCP, UDP, GRE, SCTP, FCOE. For example, a decap of 3237 * | ETH | IP | UDP | GUE | IP | TCP | into | ETH | IP | TCP | 3238 * through **bpf_skb_adjust_room**\ () helper with passing in 3239 * **BPF_F_ADJ_ROOM_NO_CSUM_RESET** flag would require one call 3240 * to **bpf_csum_level**\ () with **BPF_CSUM_LEVEL_DEC** since 3241 * the UDP header is removed. Similarly, an encap of the latter 3242 * into the former could be accompanied by a helper call to 3243 * **bpf_csum_level**\ () with **BPF_CSUM_LEVEL_INC** if the 3244 * skb is still intended to be processed in higher layers of the 3245 * stack instead of just egressing at tc. 3246 * 3247 * There are three supported level settings at this time: 3248 * 3249 * * **BPF_CSUM_LEVEL_INC**: Increases skb->csum_level for skbs 3250 * with CHECKSUM_UNNECESSARY. 3251 * * **BPF_CSUM_LEVEL_DEC**: Decreases skb->csum_level for skbs 3252 * with CHECKSUM_UNNECESSARY. 3253 * * **BPF_CSUM_LEVEL_RESET**: Resets skb->csum_level to 0 and 3254 * sets CHECKSUM_NONE to force checksum validation by the stack. 3255 * * **BPF_CSUM_LEVEL_QUERY**: No-op, returns the current 3256 * skb->csum_level. 3257 * 3258 * Returns 3259 * 0 on success, or a negative error in case of failure. In the 3260 * case of **BPF_CSUM_LEVEL_QUERY**, the current skb->csum_level 3261 * is returned or the error code -EACCES in case the skb is not 3262 * subject to CHECKSUM_UNNECESSARY. 3263 */ 3264 static long (*bpf_csum_level)(struct __sk_buff *skb, __u64 level) = (void *) 135; 3265 3266 /* 3267 * bpf_skc_to_tcp6_sock 3268 * 3269 * Dynamically cast a *sk* pointer to a *tcp6_sock* pointer. 3270 * 3271 * Returns 3272 * *sk* if casting is valid, or **NULL** otherwise. 3273 */ 3274 static struct tcp6_sock *(*bpf_skc_to_tcp6_sock)(void *sk) = (void *) 136; 3275 3276 /* 3277 * bpf_skc_to_tcp_sock 3278 * 3279 * Dynamically cast a *sk* pointer to a *tcp_sock* pointer. 3280 * 3281 * Returns 3282 * *sk* if casting is valid, or **NULL** otherwise. 3283 */ 3284 static struct tcp_sock *(*bpf_skc_to_tcp_sock)(void *sk) = (void *) 137; 3285 3286 /* 3287 * bpf_skc_to_tcp_timewait_sock 3288 * 3289 * Dynamically cast a *sk* pointer to a *tcp_timewait_sock* pointer. 3290 * 3291 * Returns 3292 * *sk* if casting is valid, or **NULL** otherwise. 3293 */ 3294 static struct tcp_timewait_sock *(*bpf_skc_to_tcp_timewait_sock)(void *sk) = (void *) 138; 3295 3296 /* 3297 * bpf_skc_to_tcp_request_sock 3298 * 3299 * Dynamically cast a *sk* pointer to a *tcp_request_sock* pointer. 3300 * 3301 * Returns 3302 * *sk* if casting is valid, or **NULL** otherwise. 3303 */ 3304 static struct tcp_request_sock *(*bpf_skc_to_tcp_request_sock)(void *sk) = (void *) 139; 3305 3306 /* 3307 * bpf_skc_to_udp6_sock 3308 * 3309 * Dynamically cast a *sk* pointer to a *udp6_sock* pointer. 3310 * 3311 * Returns 3312 * *sk* if casting is valid, or **NULL** otherwise. 3313 */ 3314 static struct udp6_sock *(*bpf_skc_to_udp6_sock)(void *sk) = (void *) 140; 3315 3316 /* 3317 * bpf_get_task_stack 3318 * 3319 * Return a user or a kernel stack in bpf program provided buffer. 3320 * To achieve this, the helper needs *task*, which is a valid 3321 * pointer to **struct task_struct**. To store the stacktrace, the 3322 * bpf program provides *buf* with a nonnegative *size*. 3323 * 3324 * The last argument, *flags*, holds the number of stack frames to 3325 * skip (from 0 to 255), masked with 3326 * **BPF_F_SKIP_FIELD_MASK**. The next bits can be used to set 3327 * the following flags: 3328 * 3329 * **BPF_F_USER_STACK** 3330 * Collect a user space stack instead of a kernel stack. 3331 * **BPF_F_USER_BUILD_ID** 3332 * Collect buildid+offset instead of ips for user stack, 3333 * only valid if **BPF_F_USER_STACK** is also specified. 3334 * 3335 * **bpf_get_task_stack**\ () can collect up to 3336 * **PERF_MAX_STACK_DEPTH** both kernel and user frames, subject 3337 * to sufficient large buffer size. Note that 3338 * this limit can be controlled with the **sysctl** program, and 3339 * that it should be manually increased in order to profile long 3340 * user stacks (such as stacks for Java programs). To do so, use: 3341 * 3342 * :: 3343 * 3344 * # sysctl kernel.perf_event_max_stack=<new value> 3345 * 3346 * Returns 3347 * The non-negative copied *buf* length equal to or less than 3348 * *size* on success, or a negative error in case of failure. 3349 */ 3350 static long (*bpf_get_task_stack)(struct task_struct *task, void *buf, __u32 size, __u64 flags) = (void *) 141; 3351 3352 /* 3353 * bpf_load_hdr_opt 3354 * 3355 * Load header option. Support reading a particular TCP header 3356 * option for bpf program (**BPF_PROG_TYPE_SOCK_OPS**). 3357 * 3358 * If *flags* is 0, it will search the option from the 3359 * *skops*\ **->skb_data**. The comment in **struct bpf_sock_ops** 3360 * has details on what skb_data contains under different 3361 * *skops*\ **->op**. 3362 * 3363 * The first byte of the *searchby_res* specifies the 3364 * kind that it wants to search. 3365 * 3366 * If the searching kind is an experimental kind 3367 * (i.e. 253 or 254 according to RFC6994). It also 3368 * needs to specify the "magic" which is either 3369 * 2 bytes or 4 bytes. It then also needs to 3370 * specify the size of the magic by using 3371 * the 2nd byte which is "kind-length" of a TCP 3372 * header option and the "kind-length" also 3373 * includes the first 2 bytes "kind" and "kind-length" 3374 * itself as a normal TCP header option also does. 3375 * 3376 * For example, to search experimental kind 254 with 3377 * 2 byte magic 0xeB9F, the searchby_res should be 3378 * [ 254, 4, 0xeB, 0x9F, 0, 0, .... 0 ]. 3379 * 3380 * To search for the standard window scale option (3), 3381 * the *searchby_res* should be [ 3, 0, 0, .... 0 ]. 3382 * Note, kind-length must be 0 for regular option. 3383 * 3384 * Searching for No-Op (0) and End-of-Option-List (1) are 3385 * not supported. 3386 * 3387 * *len* must be at least 2 bytes which is the minimal size 3388 * of a header option. 3389 * 3390 * Supported flags: 3391 * 3392 * * **BPF_LOAD_HDR_OPT_TCP_SYN** to search from the 3393 * saved_syn packet or the just-received syn packet. 3394 * 3395 * 3396 * Returns 3397 * > 0 when found, the header option is copied to *searchby_res*. 3398 * The return value is the total length copied. On failure, a 3399 * negative error code is returned: 3400 * 3401 * **-EINVAL** if a parameter is invalid. 3402 * 3403 * **-ENOMSG** if the option is not found. 3404 * 3405 * **-ENOENT** if no syn packet is available when 3406 * **BPF_LOAD_HDR_OPT_TCP_SYN** is used. 3407 * 3408 * **-ENOSPC** if there is not enough space. Only *len* number of 3409 * bytes are copied. 3410 * 3411 * **-EFAULT** on failure to parse the header options in the 3412 * packet. 3413 * 3414 * **-EPERM** if the helper cannot be used under the current 3415 * *skops*\ **->op**. 3416 */ 3417 static long (*bpf_load_hdr_opt)(struct bpf_sock_ops *skops, void *searchby_res, __u32 len, __u64 flags) = (void *) 142; 3418 3419 /* 3420 * bpf_store_hdr_opt 3421 * 3422 * Store header option. The data will be copied 3423 * from buffer *from* with length *len* to the TCP header. 3424 * 3425 * The buffer *from* should have the whole option that 3426 * includes the kind, kind-length, and the actual 3427 * option data. The *len* must be at least kind-length 3428 * long. The kind-length does not have to be 4 byte 3429 * aligned. The kernel will take care of the padding 3430 * and setting the 4 bytes aligned value to th->doff. 3431 * 3432 * This helper will check for duplicated option 3433 * by searching the same option in the outgoing skb. 3434 * 3435 * This helper can only be called during 3436 * **BPF_SOCK_OPS_WRITE_HDR_OPT_CB**. 3437 * 3438 * 3439 * Returns 3440 * 0 on success, or negative error in case of failure: 3441 * 3442 * **-EINVAL** If param is invalid. 3443 * 3444 * **-ENOSPC** if there is not enough space in the header. 3445 * Nothing has been written 3446 * 3447 * **-EEXIST** if the option already exists. 3448 * 3449 * **-EFAULT** on failure to parse the existing header options. 3450 * 3451 * **-EPERM** if the helper cannot be used under the current 3452 * *skops*\ **->op**. 3453 */ 3454 static long (*bpf_store_hdr_opt)(struct bpf_sock_ops *skops, const void *from, __u32 len, __u64 flags) = (void *) 143; 3455 3456 /* 3457 * bpf_reserve_hdr_opt 3458 * 3459 * Reserve *len* bytes for the bpf header option. The 3460 * space will be used by **bpf_store_hdr_opt**\ () later in 3461 * **BPF_SOCK_OPS_WRITE_HDR_OPT_CB**. 3462 * 3463 * If **bpf_reserve_hdr_opt**\ () is called multiple times, 3464 * the total number of bytes will be reserved. 3465 * 3466 * This helper can only be called during 3467 * **BPF_SOCK_OPS_HDR_OPT_LEN_CB**. 3468 * 3469 * 3470 * Returns 3471 * 0 on success, or negative error in case of failure: 3472 * 3473 * **-EINVAL** if a parameter is invalid. 3474 * 3475 * **-ENOSPC** if there is not enough space in the header. 3476 * 3477 * **-EPERM** if the helper cannot be used under the current 3478 * *skops*\ **->op**. 3479 */ 3480 static long (*bpf_reserve_hdr_opt)(struct bpf_sock_ops *skops, __u32 len, __u64 flags) = (void *) 144; 3481 3482 /* 3483 * bpf_inode_storage_get 3484 * 3485 * Get a bpf_local_storage from an *inode*. 3486 * 3487 * Logically, it could be thought of as getting the value from 3488 * a *map* with *inode* as the **key**. From this 3489 * perspective, the usage is not much different from 3490 * **bpf_map_lookup_elem**\ (*map*, **&**\ *inode*) except this 3491 * helper enforces the key must be an inode and the map must also 3492 * be a **BPF_MAP_TYPE_INODE_STORAGE**. 3493 * 3494 * Underneath, the value is stored locally at *inode* instead of 3495 * the *map*. The *map* is used as the bpf-local-storage 3496 * "type". The bpf-local-storage "type" (i.e. the *map*) is 3497 * searched against all bpf_local_storage residing at *inode*. 3498 * 3499 * An optional *flags* (**BPF_LOCAL_STORAGE_GET_F_CREATE**) can be 3500 * used such that a new bpf_local_storage will be 3501 * created if one does not exist. *value* can be used 3502 * together with **BPF_LOCAL_STORAGE_GET_F_CREATE** to specify 3503 * the initial value of a bpf_local_storage. If *value* is 3504 * **NULL**, the new bpf_local_storage will be zero initialized. 3505 * 3506 * Returns 3507 * A bpf_local_storage pointer is returned on success. 3508 * 3509 * **NULL** if not found or there was an error in adding 3510 * a new bpf_local_storage. 3511 */ 3512 static void *(*bpf_inode_storage_get)(void *map, void *inode, void *value, __u64 flags) = (void *) 145; 3513 3514 /* 3515 * bpf_inode_storage_delete 3516 * 3517 * Delete a bpf_local_storage from an *inode*. 3518 * 3519 * Returns 3520 * 0 on success. 3521 * 3522 * **-ENOENT** if the bpf_local_storage cannot be found. 3523 */ 3524 static int (*bpf_inode_storage_delete)(void *map, void *inode) = (void *) 146; 3525 3526 /* 3527 * bpf_d_path 3528 * 3529 * Return full path for given **struct path** object, which 3530 * needs to be the kernel BTF *path* object. The path is 3531 * returned in the provided buffer *buf* of size *sz* and 3532 * is zero terminated. 3533 * 3534 * 3535 * Returns 3536 * On success, the strictly positive length of the string, 3537 * including the trailing NUL character. On error, a negative 3538 * value. 3539 */ 3540 static long (*bpf_d_path)(struct path *path, char *buf, __u32 sz) = (void *) 147; 3541 3542 /* 3543 * bpf_copy_from_user 3544 * 3545 * Read *size* bytes from user space address *user_ptr* and store 3546 * the data in *dst*. This is a wrapper of **copy_from_user**\ (). 3547 * 3548 * Returns 3549 * 0 on success, or a negative error in case of failure. 3550 */ 3551 static long (*bpf_copy_from_user)(void *dst, __u32 size, const void *user_ptr) = (void *) 148; 3552 3553 /* 3554 * bpf_snprintf_btf 3555 * 3556 * Use BTF to store a string representation of *ptr*->ptr in *str*, 3557 * using *ptr*->type_id. This value should specify the type 3558 * that *ptr*->ptr points to. LLVM __builtin_btf_type_id(type, 1) 3559 * can be used to look up vmlinux BTF type ids. Traversing the 3560 * data structure using BTF, the type information and values are 3561 * stored in the first *str_size* - 1 bytes of *str*. Safe copy of 3562 * the pointer data is carried out to avoid kernel crashes during 3563 * operation. Smaller types can use string space on the stack; 3564 * larger programs can use map data to store the string 3565 * representation. 3566 * 3567 * The string can be subsequently shared with userspace via 3568 * bpf_perf_event_output() or ring buffer interfaces. 3569 * bpf_trace_printk() is to be avoided as it places too small 3570 * a limit on string size to be useful. 3571 * 3572 * *flags* is a combination of 3573 * 3574 * **BTF_F_COMPACT** 3575 * no formatting around type information 3576 * **BTF_F_NONAME** 3577 * no struct/union member names/types 3578 * **BTF_F_PTR_RAW** 3579 * show raw (unobfuscated) pointer values; 3580 * equivalent to printk specifier %px. 3581 * **BTF_F_ZERO** 3582 * show zero-valued struct/union members; they 3583 * are not displayed by default 3584 * 3585 * 3586 * Returns 3587 * The number of bytes that were written (or would have been 3588 * written if output had to be truncated due to string size), 3589 * or a negative error in cases of failure. 3590 */ 3591 static long (*bpf_snprintf_btf)(char *str, __u32 str_size, struct btf_ptr *ptr, __u32 btf_ptr_size, __u64 flags) = (void *) 149; 3592 3593 /* 3594 * bpf_seq_printf_btf 3595 * 3596 * Use BTF to write to seq_write a string representation of 3597 * *ptr*->ptr, using *ptr*->type_id as per bpf_snprintf_btf(). 3598 * *flags* are identical to those used for bpf_snprintf_btf. 3599 * 3600 * Returns 3601 * 0 on success or a negative error in case of failure. 3602 */ 3603 static long (*bpf_seq_printf_btf)(struct seq_file *m, struct btf_ptr *ptr, __u32 ptr_size, __u64 flags) = (void *) 150; 3604 3605 /* 3606 * bpf_skb_cgroup_classid 3607 * 3608 * See **bpf_get_cgroup_classid**\ () for the main description. 3609 * This helper differs from **bpf_get_cgroup_classid**\ () in that 3610 * the cgroup v1 net_cls class is retrieved only from the *skb*'s 3611 * associated socket instead of the current process. 3612 * 3613 * Returns 3614 * The id is returned or 0 in case the id could not be retrieved. 3615 */ 3616 static __u64 (*bpf_skb_cgroup_classid)(struct __sk_buff *skb) = (void *) 151; 3617 3618 /* 3619 * bpf_redirect_neigh 3620 * 3621 * Redirect the packet to another net device of index *ifindex* 3622 * and fill in L2 addresses from neighboring subsystem. This helper 3623 * is somewhat similar to **bpf_redirect**\ (), except that it 3624 * populates L2 addresses as well, meaning, internally, the helper 3625 * relies on the neighbor lookup for the L2 address of the nexthop. 3626 * 3627 * The helper will perform a FIB lookup based on the skb's 3628 * networking header to get the address of the next hop, unless 3629 * this is supplied by the caller in the *params* argument. The 3630 * *plen* argument indicates the len of *params* and should be set 3631 * to 0 if *params* is NULL. 3632 * 3633 * The *flags* argument is reserved and must be 0. The helper is 3634 * currently only supported for tc BPF program types, and enabled 3635 * for IPv4 and IPv6 protocols. 3636 * 3637 * Returns 3638 * The helper returns **TC_ACT_REDIRECT** on success or 3639 * **TC_ACT_SHOT** on error. 3640 */ 3641 static long (*bpf_redirect_neigh)(__u32 ifindex, struct bpf_redir_neigh *params, int plen, __u64 flags) = (void *) 152; 3642 3643 /* 3644 * bpf_per_cpu_ptr 3645 * 3646 * Take a pointer to a percpu ksym, *percpu_ptr*, and return a 3647 * pointer to the percpu kernel variable on *cpu*. A ksym is an 3648 * extern variable decorated with '__ksym'. For ksym, there is a 3649 * global var (either static or global) defined of the same name 3650 * in the kernel. The ksym is percpu if the global var is percpu. 3651 * The returned pointer points to the global percpu var on *cpu*. 3652 * 3653 * bpf_per_cpu_ptr() has the same semantic as per_cpu_ptr() in the 3654 * kernel, except that bpf_per_cpu_ptr() may return NULL. This 3655 * happens if *cpu* is larger than nr_cpu_ids. The caller of 3656 * bpf_per_cpu_ptr() must check the returned value. 3657 * 3658 * Returns 3659 * A pointer pointing to the kernel percpu variable on *cpu*, or 3660 * NULL, if *cpu* is invalid. 3661 */ 3662 static void *(*bpf_per_cpu_ptr)(const void *percpu_ptr, __u32 cpu) = (void *) 153; 3663 3664 /* 3665 * bpf_this_cpu_ptr 3666 * 3667 * Take a pointer to a percpu ksym, *percpu_ptr*, and return a 3668 * pointer to the percpu kernel variable on this cpu. See the 3669 * description of 'ksym' in **bpf_per_cpu_ptr**\ (). 3670 * 3671 * bpf_this_cpu_ptr() has the same semantic as this_cpu_ptr() in 3672 * the kernel. Different from **bpf_per_cpu_ptr**\ (), it would 3673 * never return NULL. 3674 * 3675 * Returns 3676 * A pointer pointing to the kernel percpu variable on this cpu. 3677 */ 3678 static void *(*bpf_this_cpu_ptr)(const void *percpu_ptr) = (void *) 154; 3679 3680 /* 3681 * bpf_redirect_peer 3682 * 3683 * Redirect the packet to another net device of index *ifindex*. 3684 * This helper is somewhat similar to **bpf_redirect**\ (), except 3685 * that the redirection happens to the *ifindex*' peer device and 3686 * the netns switch takes place from ingress to ingress without 3687 * going through the CPU's backlog queue. 3688 * 3689 * The *flags* argument is reserved and must be 0. The helper is 3690 * currently only supported for tc BPF program types at the ingress 3691 * hook and for veth device types. The peer device must reside in a 3692 * different network namespace. 3693 * 3694 * Returns 3695 * The helper returns **TC_ACT_REDIRECT** on success or 3696 * **TC_ACT_SHOT** on error. 3697 */ 3698 static long (*bpf_redirect_peer)(__u32 ifindex, __u64 flags) = (void *) 155; 3699 3700 /* 3701 * bpf_task_storage_get 3702 * 3703 * Get a bpf_local_storage from the *task*. 3704 * 3705 * Logically, it could be thought of as getting the value from 3706 * a *map* with *task* as the **key**. From this 3707 * perspective, the usage is not much different from 3708 * **bpf_map_lookup_elem**\ (*map*, **&**\ *task*) except this 3709 * helper enforces the key must be a task_struct and the map must also 3710 * be a **BPF_MAP_TYPE_TASK_STORAGE**. 3711 * 3712 * Underneath, the value is stored locally at *task* instead of 3713 * the *map*. The *map* is used as the bpf-local-storage 3714 * "type". The bpf-local-storage "type" (i.e. the *map*) is 3715 * searched against all bpf_local_storage residing at *task*. 3716 * 3717 * An optional *flags* (**BPF_LOCAL_STORAGE_GET_F_CREATE**) can be 3718 * used such that a new bpf_local_storage will be 3719 * created if one does not exist. *value* can be used 3720 * together with **BPF_LOCAL_STORAGE_GET_F_CREATE** to specify 3721 * the initial value of a bpf_local_storage. If *value* is 3722 * **NULL**, the new bpf_local_storage will be zero initialized. 3723 * 3724 * Returns 3725 * A bpf_local_storage pointer is returned on success. 3726 * 3727 * **NULL** if not found or there was an error in adding 3728 * a new bpf_local_storage. 3729 */ 3730 static void *(*bpf_task_storage_get)(void *map, struct task_struct *task, void *value, __u64 flags) = (void *) 156; 3731 3732 /* 3733 * bpf_task_storage_delete 3734 * 3735 * Delete a bpf_local_storage from a *task*. 3736 * 3737 * Returns 3738 * 0 on success. 3739 * 3740 * **-ENOENT** if the bpf_local_storage cannot be found. 3741 */ 3742 static long (*bpf_task_storage_delete)(void *map, struct task_struct *task) = (void *) 157; 3743 3744 /* 3745 * bpf_get_current_task_btf 3746 * 3747 * Return a BTF pointer to the "current" task. 3748 * This pointer can also be used in helpers that accept an 3749 * *ARG_PTR_TO_BTF_ID* of type *task_struct*. 3750 * 3751 * Returns 3752 * Pointer to the current task. 3753 */ 3754 static struct task_struct *(*bpf_get_current_task_btf)(void) = (void *) 158; 3755 3756 /* 3757 * bpf_bprm_opts_set 3758 * 3759 * Set or clear certain options on *bprm*: 3760 * 3761 * **BPF_F_BPRM_SECUREEXEC** Set the secureexec bit 3762 * which sets the **AT_SECURE** auxv for glibc. The bit 3763 * is cleared if the flag is not specified. 3764 * 3765 * Returns 3766 * **-EINVAL** if invalid *flags* are passed, zero otherwise. 3767 */ 3768 static long (*bpf_bprm_opts_set)(struct linux_binprm *bprm, __u64 flags) = (void *) 159; 3769 3770 /* 3771 * bpf_ktime_get_coarse_ns 3772 * 3773 * Return a coarse-grained version of the time elapsed since 3774 * system boot, in nanoseconds. Does not include time the system 3775 * was suspended. 3776 * 3777 * See: **clock_gettime**\ (**CLOCK_MONOTONIC_COARSE**) 3778 * 3779 * Returns 3780 * Current *ktime*. 3781 */ 3782 static __u64 (*bpf_ktime_get_coarse_ns)(void) = (void *) 160; 3783 3784 /* 3785 * bpf_ima_inode_hash 3786 * 3787 * Returns the stored IMA hash of the *inode* (if it's available). 3788 * If the hash is larger than *size*, then only *size* 3789 * bytes will be copied to *dst* 3790 * 3791 * Returns 3792 * The **hash_algo** is returned on success, 3793 * **-EOPNOTSUP** if IMA is disabled or **-EINVAL** if 3794 * invalid arguments are passed. 3795 */ 3796 static long (*bpf_ima_inode_hash)(struct inode *inode, void *dst, __u32 size) = (void *) 161; 3797 3798 /* 3799 * bpf_sock_from_file 3800 * 3801 * If the given file represents a socket, returns the associated 3802 * socket. 3803 * 3804 * Returns 3805 * A pointer to a struct socket on success or NULL if the file is 3806 * not a socket. 3807 */ 3808 static struct socket *(*bpf_sock_from_file)(struct file *file) = (void *) 162; 3809 3810 /* 3811 * bpf_check_mtu 3812 * 3813 * Check packet size against exceeding MTU of net device (based 3814 * on *ifindex*). This helper will likely be used in combination 3815 * with helpers that adjust/change the packet size. 3816 * 3817 * The argument *len_diff* can be used for querying with a planned 3818 * size change. This allows to check MTU prior to changing packet 3819 * ctx. Providing a *len_diff* adjustment that is larger than the 3820 * actual packet size (resulting in negative packet size) will in 3821 * principle not exceed the MTU, which is why it is not considered 3822 * a failure. Other BPF helpers are needed for performing the 3823 * planned size change; therefore the responsibility for catching 3824 * a negative packet size belongs in those helpers. 3825 * 3826 * Specifying *ifindex* zero means the MTU check is performed 3827 * against the current net device. This is practical if this isn't 3828 * used prior to redirect. 3829 * 3830 * On input *mtu_len* must be a valid pointer, else verifier will 3831 * reject BPF program. If the value *mtu_len* is initialized to 3832 * zero then the ctx packet size is use. When value *mtu_len* is 3833 * provided as input this specify the L3 length that the MTU check 3834 * is done against. Remember XDP and TC length operate at L2, but 3835 * this value is L3 as this correlate to MTU and IP-header tot_len 3836 * values which are L3 (similar behavior as bpf_fib_lookup). 3837 * 3838 * The Linux kernel route table can configure MTUs on a more 3839 * specific per route level, which is not provided by this helper. 3840 * For route level MTU checks use the **bpf_fib_lookup**\ () 3841 * helper. 3842 * 3843 * *ctx* is either **struct xdp_md** for XDP programs or 3844 * **struct sk_buff** for tc cls_act programs. 3845 * 3846 * The *flags* argument can be a combination of one or more of the 3847 * following values: 3848 * 3849 * **BPF_MTU_CHK_SEGS** 3850 * This flag will only works for *ctx* **struct sk_buff**. 3851 * If packet context contains extra packet segment buffers 3852 * (often knows as GSO skb), then MTU check is harder to 3853 * check at this point, because in transmit path it is 3854 * possible for the skb packet to get re-segmented 3855 * (depending on net device features). This could still be 3856 * a MTU violation, so this flag enables performing MTU 3857 * check against segments, with a different violation 3858 * return code to tell it apart. Check cannot use len_diff. 3859 * 3860 * On return *mtu_len* pointer contains the MTU value of the net 3861 * device. Remember the net device configured MTU is the L3 size, 3862 * which is returned here and XDP and TC length operate at L2. 3863 * Helper take this into account for you, but remember when using 3864 * MTU value in your BPF-code. 3865 * 3866 * 3867 * Returns 3868 * * 0 on success, and populate MTU value in *mtu_len* pointer. 3869 * 3870 * * < 0 if any input argument is invalid (*mtu_len* not updated) 3871 * 3872 * MTU violations return positive values, but also populate MTU 3873 * value in *mtu_len* pointer, as this can be needed for 3874 * implementing PMTU handing: 3875 * 3876 * * **BPF_MTU_CHK_RET_FRAG_NEEDED** 3877 * * **BPF_MTU_CHK_RET_SEGS_TOOBIG** 3878 */ 3879 static long (*bpf_check_mtu)(void *ctx, __u32 ifindex, __u32 *mtu_len, __s32 len_diff, __u64 flags) = (void *) 163; 3880 3881 /* 3882 * bpf_for_each_map_elem 3883 * 3884 * For each element in **map**, call **callback_fn** function with 3885 * **map**, **callback_ctx** and other map-specific parameters. 3886 * The **callback_fn** should be a static function and 3887 * the **callback_ctx** should be a pointer to the stack. 3888 * The **flags** is used to control certain aspects of the helper. 3889 * Currently, the **flags** must be 0. 3890 * 3891 * The following are a list of supported map types and their 3892 * respective expected callback signatures: 3893 * 3894 * BPF_MAP_TYPE_HASH, BPF_MAP_TYPE_PERCPU_HASH, 3895 * BPF_MAP_TYPE_LRU_HASH, BPF_MAP_TYPE_LRU_PERCPU_HASH, 3896 * BPF_MAP_TYPE_ARRAY, BPF_MAP_TYPE_PERCPU_ARRAY 3897 * 3898 * long (\*callback_fn)(struct bpf_map \*map, const void \*key, void \*value, void \*ctx); 3899 * 3900 * For per_cpu maps, the map_value is the value on the cpu where the 3901 * bpf_prog is running. 3902 * 3903 * If **callback_fn** return 0, the helper will continue to the next 3904 * element. If return value is 1, the helper will skip the rest of 3905 * elements and return. Other return values are not used now. 3906 * 3907 * 3908 * Returns 3909 * The number of traversed map elements for success, **-EINVAL** for 3910 * invalid **flags**. 3911 */ 3912 static long (*bpf_for_each_map_elem)(void *map, void *callback_fn, void *callback_ctx, __u64 flags) = (void *) 164; 3913 3914 /* 3915 * bpf_snprintf 3916 * 3917 * Outputs a string into the **str** buffer of size **str_size** 3918 * based on a format string stored in a read-only map pointed by 3919 * **fmt**. 3920 * 3921 * Each format specifier in **fmt** corresponds to one u64 element 3922 * in the **data** array. For strings and pointers where pointees 3923 * are accessed, only the pointer values are stored in the *data* 3924 * array. The *data_len* is the size of *data* in bytes - must be 3925 * a multiple of 8. 3926 * 3927 * Formats **%s** and **%p{i,I}{4,6}** require to read kernel 3928 * memory. Reading kernel memory may fail due to either invalid 3929 * address or valid address but requiring a major memory fault. If 3930 * reading kernel memory fails, the string for **%s** will be an 3931 * empty string, and the ip address for **%p{i,I}{4,6}** will be 0. 3932 * Not returning error to bpf program is consistent with what 3933 * **bpf_trace_printk**\ () does for now. 3934 * 3935 * 3936 * Returns 3937 * The strictly positive length of the formatted string, including 3938 * the trailing zero character. If the return value is greater than 3939 * **str_size**, **str** contains a truncated string, guaranteed to 3940 * be zero-terminated except when **str_size** is 0. 3941 * 3942 * Or **-EBUSY** if the per-CPU memory copy buffer is busy. 3943 */ 3944 static long (*bpf_snprintf)(char *str, __u32 str_size, const char *fmt, __u64 *data, __u32 data_len) = (void *) 165; 3945 3946 /* 3947 * bpf_sys_bpf 3948 * 3949 * Execute bpf syscall with given arguments. 3950 * 3951 * Returns 3952 * A syscall result. 3953 */ 3954 static long (*bpf_sys_bpf)(__u32 cmd, void *attr, __u32 attr_size) = (void *) 166; 3955 3956 /* 3957 * bpf_btf_find_by_name_kind 3958 * 3959 * Find BTF type with given name and kind in vmlinux BTF or in module's BTFs. 3960 * 3961 * Returns 3962 * Returns btf_id and btf_obj_fd in lower and upper 32 bits. 3963 */ 3964 static long (*bpf_btf_find_by_name_kind)(char *name, int name_sz, __u32 kind, int flags) = (void *) 167; 3965 3966 /* 3967 * bpf_sys_close 3968 * 3969 * Execute close syscall for given FD. 3970 * 3971 * Returns 3972 * A syscall result. 3973 */ 3974 static long (*bpf_sys_close)(__u32 fd) = (void *) 168; 3975 3976 /* 3977 * bpf_timer_init 3978 * 3979 * Initialize the timer. 3980 * First 4 bits of *flags* specify clockid. 3981 * Only CLOCK_MONOTONIC, CLOCK_REALTIME, CLOCK_BOOTTIME are allowed. 3982 * All other bits of *flags* are reserved. 3983 * The verifier will reject the program if *timer* is not from 3984 * the same *map*. 3985 * 3986 * Returns 3987 * 0 on success. 3988 * **-EBUSY** if *timer* is already initialized. 3989 * **-EINVAL** if invalid *flags* are passed. 3990 * **-EPERM** if *timer* is in a map that doesn't have any user references. 3991 * The user space should either hold a file descriptor to a map with timers 3992 * or pin such map in bpffs. When map is unpinned or file descriptor is 3993 * closed all timers in the map will be cancelled and freed. 3994 */ 3995 static long (*bpf_timer_init)(struct bpf_timer *timer, void *map, __u64 flags) = (void *) 169; 3996 3997 /* 3998 * bpf_timer_set_callback 3999 * 4000 * Configure the timer to call *callback_fn* static function. 4001 * 4002 * Returns 4003 * 0 on success. 4004 * **-EINVAL** if *timer* was not initialized with bpf_timer_init() earlier. 4005 * **-EPERM** if *timer* is in a map that doesn't have any user references. 4006 * The user space should either hold a file descriptor to a map with timers 4007 * or pin such map in bpffs. When map is unpinned or file descriptor is 4008 * closed all timers in the map will be cancelled and freed. 4009 */ 4010 static long (*bpf_timer_set_callback)(struct bpf_timer *timer, void *callback_fn) = (void *) 170; 4011 4012 /* 4013 * bpf_timer_start 4014 * 4015 * Set timer expiration N nanoseconds from the current time. The 4016 * configured callback will be invoked in soft irq context on some cpu 4017 * and will not repeat unless another bpf_timer_start() is made. 4018 * In such case the next invocation can migrate to a different cpu. 4019 * Since struct bpf_timer is a field inside map element the map 4020 * owns the timer. The bpf_timer_set_callback() will increment refcnt 4021 * of BPF program to make sure that callback_fn code stays valid. 4022 * When user space reference to a map reaches zero all timers 4023 * in a map are cancelled and corresponding program's refcnts are 4024 * decremented. This is done to make sure that Ctrl-C of a user 4025 * process doesn't leave any timers running. If map is pinned in 4026 * bpffs the callback_fn can re-arm itself indefinitely. 4027 * bpf_map_update/delete_elem() helpers and user space sys_bpf commands 4028 * cancel and free the timer in the given map element. 4029 * The map can contain timers that invoke callback_fn-s from different 4030 * programs. The same callback_fn can serve different timers from 4031 * different maps if key/value layout matches across maps. 4032 * Every bpf_timer_set_callback() can have different callback_fn. 4033 * 4034 * *flags* can be one of: 4035 * 4036 * **BPF_F_TIMER_ABS** 4037 * Start the timer in absolute expire value instead of the 4038 * default relative one. 4039 * 4040 * 4041 * Returns 4042 * 0 on success. 4043 * **-EINVAL** if *timer* was not initialized with bpf_timer_init() earlier 4044 * or invalid *flags* are passed. 4045 */ 4046 static long (*bpf_timer_start)(struct bpf_timer *timer, __u64 nsecs, __u64 flags) = (void *) 171; 4047 4048 /* 4049 * bpf_timer_cancel 4050 * 4051 * Cancel the timer and wait for callback_fn to finish if it was running. 4052 * 4053 * Returns 4054 * 0 if the timer was not active. 4055 * 1 if the timer was active. 4056 * **-EINVAL** if *timer* was not initialized with bpf_timer_init() earlier. 4057 * **-EDEADLK** if callback_fn tried to call bpf_timer_cancel() on its 4058 * own timer which would have led to a deadlock otherwise. 4059 */ 4060 static long (*bpf_timer_cancel)(struct bpf_timer *timer) = (void *) 172; 4061 4062 /* 4063 * bpf_get_func_ip 4064 * 4065 * Get address of the traced function (for tracing and kprobe programs). 4066 * 4067 * When called for kprobe program attached as uprobe it returns 4068 * probe address for both entry and return uprobe. 4069 * 4070 * 4071 * Returns 4072 * Address of the traced function for kprobe. 4073 * 0 for kprobes placed within the function (not at the entry). 4074 * Address of the probe for uprobe and return uprobe. 4075 */ 4076 static __u64 (*bpf_get_func_ip)(void *ctx) = (void *) 173; 4077 4078 /* 4079 * bpf_get_attach_cookie 4080 * 4081 * Get bpf_cookie value provided (optionally) during the program 4082 * attachment. It might be different for each individual 4083 * attachment, even if BPF program itself is the same. 4084 * Expects BPF program context *ctx* as a first argument. 4085 * 4086 * Supported for the following program types: 4087 * - kprobe/uprobe; 4088 * - tracepoint; 4089 * - perf_event. 4090 * 4091 * Returns 4092 * Value specified by user at BPF link creation/attachment time 4093 * or 0, if it was not specified. 4094 */ 4095 static __u64 (*bpf_get_attach_cookie)(void *ctx) = (void *) 174; 4096 4097 /* 4098 * bpf_task_pt_regs 4099 * 4100 * Get the struct pt_regs associated with **task**. 4101 * 4102 * Returns 4103 * A pointer to struct pt_regs. 4104 */ 4105 static long (*bpf_task_pt_regs)(struct task_struct *task) = (void *) 175; 4106 4107 /* 4108 * bpf_get_branch_snapshot 4109 * 4110 * Get branch trace from hardware engines like Intel LBR. The 4111 * hardware engine is stopped shortly after the helper is 4112 * called. Therefore, the user need to filter branch entries 4113 * based on the actual use case. To capture branch trace 4114 * before the trigger point of the BPF program, the helper 4115 * should be called at the beginning of the BPF program. 4116 * 4117 * The data is stored as struct perf_branch_entry into output 4118 * buffer *entries*. *size* is the size of *entries* in bytes. 4119 * *flags* is reserved for now and must be zero. 4120 * 4121 * 4122 * Returns 4123 * On success, number of bytes written to *buf*. On error, a 4124 * negative value. 4125 * 4126 * **-EINVAL** if *flags* is not zero. 4127 * 4128 * **-ENOENT** if architecture does not support branch records. 4129 */ 4130 static long (*bpf_get_branch_snapshot)(void *entries, __u32 size, __u64 flags) = (void *) 176; 4131 4132 /* 4133 * bpf_trace_vprintk 4134 * 4135 * Behaves like **bpf_trace_printk**\ () helper, but takes an array of u64 4136 * to format and can handle more format args as a result. 4137 * 4138 * Arguments are to be used as in **bpf_seq_printf**\ () helper. 4139 * 4140 * Returns 4141 * The number of bytes written to the buffer, or a negative error 4142 * in case of failure. 4143 */ 4144 static long (*bpf_trace_vprintk)(const char *fmt, __u32 fmt_size, const void *data, __u32 data_len) = (void *) 177; 4145 4146 /* 4147 * bpf_skc_to_unix_sock 4148 * 4149 * Dynamically cast a *sk* pointer to a *unix_sock* pointer. 4150 * 4151 * Returns 4152 * *sk* if casting is valid, or **NULL** otherwise. 4153 */ 4154 static struct unix_sock *(*bpf_skc_to_unix_sock)(void *sk) = (void *) 178; 4155 4156 /* 4157 * bpf_kallsyms_lookup_name 4158 * 4159 * Get the address of a kernel symbol, returned in *res*. *res* is 4160 * set to 0 if the symbol is not found. 4161 * 4162 * Returns 4163 * On success, zero. On error, a negative value. 4164 * 4165 * **-EINVAL** if *flags* is not zero. 4166 * 4167 * **-EINVAL** if string *name* is not the same size as *name_sz*. 4168 * 4169 * **-ENOENT** if symbol is not found. 4170 * 4171 * **-EPERM** if caller does not have permission to obtain kernel address. 4172 */ 4173 static long (*bpf_kallsyms_lookup_name)(const char *name, int name_sz, int flags, __u64 *res) = (void *) 179; 4174 4175 /* 4176 * bpf_find_vma 4177 * 4178 * Find vma of *task* that contains *addr*, call *callback_fn* 4179 * function with *task*, *vma*, and *callback_ctx*. 4180 * The *callback_fn* should be a static function and 4181 * the *callback_ctx* should be a pointer to the stack. 4182 * The *flags* is used to control certain aspects of the helper. 4183 * Currently, the *flags* must be 0. 4184 * 4185 * The expected callback signature is 4186 * 4187 * long (\*callback_fn)(struct task_struct \*task, struct vm_area_struct \*vma, void \*callback_ctx); 4188 * 4189 * 4190 * Returns 4191 * 0 on success. 4192 * **-ENOENT** if *task->mm* is NULL, or no vma contains *addr*. 4193 * **-EBUSY** if failed to try lock mmap_lock. 4194 * **-EINVAL** for invalid **flags**. 4195 */ 4196 static long (*bpf_find_vma)(struct task_struct *task, __u64 addr, void *callback_fn, void *callback_ctx, __u64 flags) = (void *) 180; 4197 4198 /* 4199 * bpf_loop 4200 * 4201 * For **nr_loops**, call **callback_fn** function 4202 * with **callback_ctx** as the context parameter. 4203 * The **callback_fn** should be a static function and 4204 * the **callback_ctx** should be a pointer to the stack. 4205 * The **flags** is used to control certain aspects of the helper. 4206 * Currently, the **flags** must be 0. Currently, nr_loops is 4207 * limited to 1 << 23 (~8 million) loops. 4208 * 4209 * long (\*callback_fn)(u32 index, void \*ctx); 4210 * 4211 * where **index** is the current index in the loop. The index 4212 * is zero-indexed. 4213 * 4214 * If **callback_fn** returns 0, the helper will continue to the next 4215 * loop. If return value is 1, the helper will skip the rest of 4216 * the loops and return. Other return values are not used now, 4217 * and will be rejected by the verifier. 4218 * 4219 * 4220 * Returns 4221 * The number of loops performed, **-EINVAL** for invalid **flags**, 4222 * **-E2BIG** if **nr_loops** exceeds the maximum number of loops. 4223 */ 4224 static long (*bpf_loop)(__u32 nr_loops, void *callback_fn, void *callback_ctx, __u64 flags) = (void *) 181; 4225 4226 /* 4227 * bpf_strncmp 4228 * 4229 * Do strncmp() between **s1** and **s2**. **s1** doesn't need 4230 * to be null-terminated and **s1_sz** is the maximum storage 4231 * size of **s1**. **s2** must be a read-only string. 4232 * 4233 * Returns 4234 * An integer less than, equal to, or greater than zero 4235 * if the first **s1_sz** bytes of **s1** is found to be 4236 * less than, to match, or be greater than **s2**. 4237 */ 4238 static long (*bpf_strncmp)(const char *s1, __u32 s1_sz, const char *s2) = (void *) 182; 4239 4240 /* 4241 * bpf_get_func_arg 4242 * 4243 * Get **n**-th argument register (zero based) of the traced function (for tracing programs) 4244 * returned in **value**. 4245 * 4246 * 4247 * Returns 4248 * 0 on success. 4249 * **-EINVAL** if n >= argument register count of traced function. 4250 */ 4251 static long (*bpf_get_func_arg)(void *ctx, __u32 n, __u64 *value) = (void *) 183; 4252 4253 /* 4254 * bpf_get_func_ret 4255 * 4256 * Get return value of the traced function (for tracing programs) 4257 * in **value**. 4258 * 4259 * 4260 * Returns 4261 * 0 on success. 4262 * **-EOPNOTSUPP** for tracing programs other than BPF_TRACE_FEXIT or BPF_MODIFY_RETURN. 4263 */ 4264 static long (*bpf_get_func_ret)(void *ctx, __u64 *value) = (void *) 184; 4265 4266 /* 4267 * bpf_get_func_arg_cnt 4268 * 4269 * Get number of registers of the traced function (for tracing programs) where 4270 * function arguments are stored in these registers. 4271 * 4272 * 4273 * Returns 4274 * The number of argument registers of the traced function. 4275 */ 4276 static long (*bpf_get_func_arg_cnt)(void *ctx) = (void *) 185; 4277 4278 /* 4279 * bpf_get_retval 4280 * 4281 * Get the BPF program's return value that will be returned to the upper layers. 4282 * 4283 * This helper is currently supported by cgroup programs and only by the hooks 4284 * where BPF program's return value is returned to the userspace via errno. 4285 * 4286 * Returns 4287 * The BPF program's return value. 4288 */ 4289 static int (*bpf_get_retval)(void) = (void *) 186; 4290 4291 /* 4292 * bpf_set_retval 4293 * 4294 * Set the BPF program's return value that will be returned to the upper layers. 4295 * 4296 * This helper is currently supported by cgroup programs and only by the hooks 4297 * where BPF program's return value is returned to the userspace via errno. 4298 * 4299 * Note that there is the following corner case where the program exports an error 4300 * via bpf_set_retval but signals success via 'return 1': 4301 * 4302 * bpf_set_retval(-EPERM); 4303 * return 1; 4304 * 4305 * In this case, the BPF program's return value will use helper's -EPERM. This 4306 * still holds true for cgroup/bind{4,6} which supports extra 'return 3' success case. 4307 * 4308 * 4309 * Returns 4310 * 0 on success, or a negative error in case of failure. 4311 */ 4312 static int (*bpf_set_retval)(int retval) = (void *) 187; 4313 4314 /* 4315 * bpf_xdp_get_buff_len 4316 * 4317 * Get the total size of a given xdp buff (linear and paged area) 4318 * 4319 * Returns 4320 * The total size of a given xdp buffer. 4321 */ 4322 static __u64 (*bpf_xdp_get_buff_len)(struct xdp_md *xdp_md) = (void *) 188; 4323 4324 /* 4325 * bpf_xdp_load_bytes 4326 * 4327 * This helper is provided as an easy way to load data from a 4328 * xdp buffer. It can be used to load *len* bytes from *offset* from 4329 * the frame associated to *xdp_md*, into the buffer pointed by 4330 * *buf*. 4331 * 4332 * Returns 4333 * 0 on success, or a negative error in case of failure. 4334 */ 4335 static long (*bpf_xdp_load_bytes)(struct xdp_md *xdp_md, __u32 offset, void *buf, __u32 len) = (void *) 189; 4336 4337 /* 4338 * bpf_xdp_store_bytes 4339 * 4340 * Store *len* bytes from buffer *buf* into the frame 4341 * associated to *xdp_md*, at *offset*. 4342 * 4343 * Returns 4344 * 0 on success, or a negative error in case of failure. 4345 */ 4346 static long (*bpf_xdp_store_bytes)(struct xdp_md *xdp_md, __u32 offset, void *buf, __u32 len) = (void *) 190; 4347 4348 /* 4349 * bpf_copy_from_user_task 4350 * 4351 * Read *size* bytes from user space address *user_ptr* in *tsk*'s 4352 * address space, and stores the data in *dst*. *flags* is not 4353 * used yet and is provided for future extensibility. This helper 4354 * can only be used by sleepable programs. 4355 * 4356 * Returns 4357 * 0 on success, or a negative error in case of failure. On error 4358 * *dst* buffer is zeroed out. 4359 */ 4360 static long (*bpf_copy_from_user_task)(void *dst, __u32 size, const void *user_ptr, struct task_struct *tsk, __u64 flags) = (void *) 191; 4361 4362 /* 4363 * bpf_skb_set_tstamp 4364 * 4365 * Change the __sk_buff->tstamp_type to *tstamp_type* 4366 * and set *tstamp* to the __sk_buff->tstamp together. 4367 * 4368 * If there is no need to change the __sk_buff->tstamp_type, 4369 * the tstamp value can be directly written to __sk_buff->tstamp 4370 * instead. 4371 * 4372 * BPF_SKB_TSTAMP_DELIVERY_MONO is the only tstamp that 4373 * will be kept during bpf_redirect_*(). A non zero 4374 * *tstamp* must be used with the BPF_SKB_TSTAMP_DELIVERY_MONO 4375 * *tstamp_type*. 4376 * 4377 * A BPF_SKB_TSTAMP_UNSPEC *tstamp_type* can only be used 4378 * with a zero *tstamp*. 4379 * 4380 * Only IPv4 and IPv6 skb->protocol are supported. 4381 * 4382 * This function is most useful when it needs to set a 4383 * mono delivery time to __sk_buff->tstamp and then 4384 * bpf_redirect_*() to the egress of an iface. For example, 4385 * changing the (rcv) timestamp in __sk_buff->tstamp at 4386 * ingress to a mono delivery time and then bpf_redirect_*() 4387 * to sch_fq@phy-dev. 4388 * 4389 * Returns 4390 * 0 on success. 4391 * **-EINVAL** for invalid input 4392 * **-EOPNOTSUPP** for unsupported protocol 4393 */ 4394 static long (*bpf_skb_set_tstamp)(struct __sk_buff *skb, __u64 tstamp, __u32 tstamp_type) = (void *) 192; 4395 4396 /* 4397 * bpf_ima_file_hash 4398 * 4399 * Returns a calculated IMA hash of the *file*. 4400 * If the hash is larger than *size*, then only *size* 4401 * bytes will be copied to *dst* 4402 * 4403 * Returns 4404 * The **hash_algo** is returned on success, 4405 * **-EOPNOTSUP** if the hash calculation failed or **-EINVAL** if 4406 * invalid arguments are passed. 4407 */ 4408 static long (*bpf_ima_file_hash)(struct file *file, void *dst, __u32 size) = (void *) 193; 4409 4410 /* 4411 * bpf_kptr_xchg 4412 * 4413 * Exchange kptr at pointer *map_value* with *ptr*, and return the 4414 * old value. *ptr* can be NULL, otherwise it must be a referenced 4415 * pointer which will be released when this helper is called. 4416 * 4417 * Returns 4418 * The old value of kptr (which can be NULL). The returned pointer 4419 * if not NULL, is a reference which must be released using its 4420 * corresponding release function, or moved into a BPF map before 4421 * program exit. 4422 */ 4423 static void *(*bpf_kptr_xchg)(void *map_value, void *ptr) = (void *) 194; 4424 4425 /* 4426 * bpf_map_lookup_percpu_elem 4427 * 4428 * Perform a lookup in *percpu map* for an entry associated to 4429 * *key* on *cpu*. 4430 * 4431 * Returns 4432 * Map value associated to *key* on *cpu*, or **NULL** if no entry 4433 * was found or *cpu* is invalid. 4434 */ 4435 static void *(*bpf_map_lookup_percpu_elem)(void *map, const void *key, __u32 cpu) = (void *) 195; 4436 4437 /* 4438 * bpf_skc_to_mptcp_sock 4439 * 4440 * Dynamically cast a *sk* pointer to a *mptcp_sock* pointer. 4441 * 4442 * Returns 4443 * *sk* if casting is valid, or **NULL** otherwise. 4444 */ 4445 static struct mptcp_sock *(*bpf_skc_to_mptcp_sock)(void *sk) = (void *) 196; 4446 4447 /* 4448 * bpf_dynptr_from_mem 4449 * 4450 * Get a dynptr to local memory *data*. 4451 * 4452 * *data* must be a ptr to a map value. 4453 * The maximum *size* supported is DYNPTR_MAX_SIZE. 4454 * *flags* is currently unused. 4455 * 4456 * Returns 4457 * 0 on success, -E2BIG if the size exceeds DYNPTR_MAX_SIZE, 4458 * -EINVAL if flags is not 0. 4459 */ 4460 static long (*bpf_dynptr_from_mem)(void *data, __u32 size, __u64 flags, struct bpf_dynptr *ptr) = (void *) 197; 4461 4462 /* 4463 * bpf_ringbuf_reserve_dynptr 4464 * 4465 * Reserve *size* bytes of payload in a ring buffer *ringbuf* 4466 * through the dynptr interface. *flags* must be 0. 4467 * 4468 * Please note that a corresponding bpf_ringbuf_submit_dynptr or 4469 * bpf_ringbuf_discard_dynptr must be called on *ptr*, even if the 4470 * reservation fails. This is enforced by the verifier. 4471 * 4472 * Returns 4473 * 0 on success, or a negative error in case of failure. 4474 */ 4475 static long (*bpf_ringbuf_reserve_dynptr)(void *ringbuf, __u32 size, __u64 flags, struct bpf_dynptr *ptr) = (void *) 198; 4476 4477 /* 4478 * bpf_ringbuf_submit_dynptr 4479 * 4480 * Submit reserved ring buffer sample, pointed to by *data*, 4481 * through the dynptr interface. This is a no-op if the dynptr is 4482 * invalid/null. 4483 * 4484 * For more information on *flags*, please see 4485 * 'bpf_ringbuf_submit'. 4486 * 4487 * Returns 4488 * Nothing. Always succeeds. 4489 */ 4490 static void (*bpf_ringbuf_submit_dynptr)(struct bpf_dynptr *ptr, __u64 flags) = (void *) 199; 4491 4492 /* 4493 * bpf_ringbuf_discard_dynptr 4494 * 4495 * Discard reserved ring buffer sample through the dynptr 4496 * interface. This is a no-op if the dynptr is invalid/null. 4497 * 4498 * For more information on *flags*, please see 4499 * 'bpf_ringbuf_discard'. 4500 * 4501 * Returns 4502 * Nothing. Always succeeds. 4503 */ 4504 static void (*bpf_ringbuf_discard_dynptr)(struct bpf_dynptr *ptr, __u64 flags) = (void *) 200; 4505 4506 /* 4507 * bpf_dynptr_read 4508 * 4509 * Read *len* bytes from *src* into *dst*, starting from *offset* 4510 * into *src*. 4511 * *flags* is currently unused. 4512 * 4513 * Returns 4514 * 0 on success, -E2BIG if *offset* + *len* exceeds the length 4515 * of *src*'s data, -EINVAL if *src* is an invalid dynptr or if 4516 * *flags* is not 0. 4517 */ 4518 static long (*bpf_dynptr_read)(void *dst, __u32 len, const struct bpf_dynptr *src, __u32 offset, __u64 flags) = (void *) 201; 4519 4520 /* 4521 * bpf_dynptr_write 4522 * 4523 * Write *len* bytes from *src* into *dst*, starting from *offset* 4524 * into *dst*. 4525 * 4526 * *flags* must be 0 except for skb-type dynptrs. 4527 * 4528 * For skb-type dynptrs: 4529 * * All data slices of the dynptr are automatically 4530 * invalidated after **bpf_dynptr_write**\ (). This is 4531 * because writing may pull the skb and change the 4532 * underlying packet buffer. 4533 * 4534 * * For *flags*, please see the flags accepted by 4535 * **bpf_skb_store_bytes**\ (). 4536 * 4537 * Returns 4538 * 0 on success, -E2BIG if *offset* + *len* exceeds the length 4539 * of *dst*'s data, -EINVAL if *dst* is an invalid dynptr or if *dst* 4540 * is a read-only dynptr or if *flags* is not correct. For skb-type dynptrs, 4541 * other errors correspond to errors returned by **bpf_skb_store_bytes**\ (). 4542 */ 4543 static long (*bpf_dynptr_write)(const struct bpf_dynptr *dst, __u32 offset, void *src, __u32 len, __u64 flags) = (void *) 202; 4544 4545 /* 4546 * bpf_dynptr_data 4547 * 4548 * Get a pointer to the underlying dynptr data. 4549 * 4550 * *len* must be a statically known value. The returned data slice 4551 * is invalidated whenever the dynptr is invalidated. 4552 * 4553 * skb and xdp type dynptrs may not use bpf_dynptr_data. They should 4554 * instead use bpf_dynptr_slice and bpf_dynptr_slice_rdwr. 4555 * 4556 * Returns 4557 * Pointer to the underlying dynptr data, NULL if the dynptr is 4558 * read-only, if the dynptr is invalid, or if the offset and length 4559 * is out of bounds. 4560 */ 4561 static void *(*bpf_dynptr_data)(const struct bpf_dynptr *ptr, __u32 offset, __u32 len) = (void *) 203; 4562 4563 /* 4564 * bpf_tcp_raw_gen_syncookie_ipv4 4565 * 4566 * Try to issue a SYN cookie for the packet with corresponding 4567 * IPv4/TCP headers, *iph* and *th*, without depending on a 4568 * listening socket. 4569 * 4570 * *iph* points to the IPv4 header. 4571 * 4572 * *th* points to the start of the TCP header, while *th_len* 4573 * contains the length of the TCP header (at least 4574 * **sizeof**\ (**struct tcphdr**)). 4575 * 4576 * Returns 4577 * On success, lower 32 bits hold the generated SYN cookie in 4578 * followed by 16 bits which hold the MSS value for that cookie, 4579 * and the top 16 bits are unused. 4580 * 4581 * On failure, the returned value is one of the following: 4582 * 4583 * **-EINVAL** if *th_len* is invalid. 4584 */ 4585 static __s64 (*bpf_tcp_raw_gen_syncookie_ipv4)(struct iphdr *iph, struct tcphdr *th, __u32 th_len) = (void *) 204; 4586 4587 /* 4588 * bpf_tcp_raw_gen_syncookie_ipv6 4589 * 4590 * Try to issue a SYN cookie for the packet with corresponding 4591 * IPv6/TCP headers, *iph* and *th*, without depending on a 4592 * listening socket. 4593 * 4594 * *iph* points to the IPv6 header. 4595 * 4596 * *th* points to the start of the TCP header, while *th_len* 4597 * contains the length of the TCP header (at least 4598 * **sizeof**\ (**struct tcphdr**)). 4599 * 4600 * Returns 4601 * On success, lower 32 bits hold the generated SYN cookie in 4602 * followed by 16 bits which hold the MSS value for that cookie, 4603 * and the top 16 bits are unused. 4604 * 4605 * On failure, the returned value is one of the following: 4606 * 4607 * **-EINVAL** if *th_len* is invalid. 4608 * 4609 * **-EPROTONOSUPPORT** if CONFIG_IPV6 is not builtin. 4610 */ 4611 static __s64 (*bpf_tcp_raw_gen_syncookie_ipv6)(struct ipv6hdr *iph, struct tcphdr *th, __u32 th_len) = (void *) 205; 4612 4613 /* 4614 * bpf_tcp_raw_check_syncookie_ipv4 4615 * 4616 * Check whether *iph* and *th* contain a valid SYN cookie ACK 4617 * without depending on a listening socket. 4618 * 4619 * *iph* points to the IPv4 header. 4620 * 4621 * *th* points to the TCP header. 4622 * 4623 * Returns 4624 * 0 if *iph* and *th* are a valid SYN cookie ACK. 4625 * 4626 * On failure, the returned value is one of the following: 4627 * 4628 * **-EACCES** if the SYN cookie is not valid. 4629 */ 4630 static long (*bpf_tcp_raw_check_syncookie_ipv4)(struct iphdr *iph, struct tcphdr *th) = (void *) 206; 4631 4632 /* 4633 * bpf_tcp_raw_check_syncookie_ipv6 4634 * 4635 * Check whether *iph* and *th* contain a valid SYN cookie ACK 4636 * without depending on a listening socket. 4637 * 4638 * *iph* points to the IPv6 header. 4639 * 4640 * *th* points to the TCP header. 4641 * 4642 * Returns 4643 * 0 if *iph* and *th* are a valid SYN cookie ACK. 4644 * 4645 * On failure, the returned value is one of the following: 4646 * 4647 * **-EACCES** if the SYN cookie is not valid. 4648 * 4649 * **-EPROTONOSUPPORT** if CONFIG_IPV6 is not builtin. 4650 */ 4651 static long (*bpf_tcp_raw_check_syncookie_ipv6)(struct ipv6hdr *iph, struct tcphdr *th) = (void *) 207; 4652 4653 /* 4654 * bpf_ktime_get_tai_ns 4655 * 4656 * A nonsettable system-wide clock derived from wall-clock time but 4657 * ignoring leap seconds. This clock does not experience 4658 * discontinuities and backwards jumps caused by NTP inserting leap 4659 * seconds as CLOCK_REALTIME does. 4660 * 4661 * See: **clock_gettime**\ (**CLOCK_TAI**) 4662 * 4663 * Returns 4664 * Current *ktime*. 4665 */ 4666 static __u64 (*bpf_ktime_get_tai_ns)(void) = (void *) 208; 4667 4668 /* 4669 * bpf_user_ringbuf_drain 4670 * 4671 * Drain samples from the specified user ring buffer, and invoke 4672 * the provided callback for each such sample: 4673 * 4674 * long (\*callback_fn)(const struct bpf_dynptr \*dynptr, void \*ctx); 4675 * 4676 * If **callback_fn** returns 0, the helper will continue to try 4677 * and drain the next sample, up to a maximum of 4678 * BPF_MAX_USER_RINGBUF_SAMPLES samples. If the return value is 1, 4679 * the helper will skip the rest of the samples and return. Other 4680 * return values are not used now, and will be rejected by the 4681 * verifier. 4682 * 4683 * Returns 4684 * The number of drained samples if no error was encountered while 4685 * draining samples, or 0 if no samples were present in the ring 4686 * buffer. If a user-space producer was epoll-waiting on this map, 4687 * and at least one sample was drained, they will receive an event 4688 * notification notifying them of available space in the ring 4689 * buffer. If the BPF_RB_NO_WAKEUP flag is passed to this 4690 * function, no wakeup notification will be sent. If the 4691 * BPF_RB_FORCE_WAKEUP flag is passed, a wakeup notification will 4692 * be sent even if no sample was drained. 4693 * 4694 * On failure, the returned value is one of the following: 4695 * 4696 * **-EBUSY** if the ring buffer is contended, and another calling 4697 * context was concurrently draining the ring buffer. 4698 * 4699 * **-EINVAL** if user-space is not properly tracking the ring 4700 * buffer due to the producer position not being aligned to 8 4701 * bytes, a sample not being aligned to 8 bytes, or the producer 4702 * position not matching the advertised length of a sample. 4703 * 4704 * **-E2BIG** if user-space has tried to publish a sample which is 4705 * larger than the size of the ring buffer, or which cannot fit 4706 * within a struct bpf_dynptr. 4707 */ 4708 static long (*bpf_user_ringbuf_drain)(void *map, void *callback_fn, void *ctx, __u64 flags) = (void *) 209; 4709 4710 /* 4711 * bpf_cgrp_storage_get 4712 * 4713 * Get a bpf_local_storage from the *cgroup*. 4714 * 4715 * Logically, it could be thought of as getting the value from 4716 * a *map* with *cgroup* as the **key**. From this 4717 * perspective, the usage is not much different from 4718 * **bpf_map_lookup_elem**\ (*map*, **&**\ *cgroup*) except this 4719 * helper enforces the key must be a cgroup struct and the map must also 4720 * be a **BPF_MAP_TYPE_CGRP_STORAGE**. 4721 * 4722 * In reality, the local-storage value is embedded directly inside of the 4723 * *cgroup* object itself, rather than being located in the 4724 * **BPF_MAP_TYPE_CGRP_STORAGE** map. When the local-storage value is 4725 * queried for some *map* on a *cgroup* object, the kernel will perform an 4726 * O(n) iteration over all of the live local-storage values for that 4727 * *cgroup* object until the local-storage value for the *map* is found. 4728 * 4729 * An optional *flags* (**BPF_LOCAL_STORAGE_GET_F_CREATE**) can be 4730 * used such that a new bpf_local_storage will be 4731 * created if one does not exist. *value* can be used 4732 * together with **BPF_LOCAL_STORAGE_GET_F_CREATE** to specify 4733 * the initial value of a bpf_local_storage. If *value* is 4734 * **NULL**, the new bpf_local_storage will be zero initialized. 4735 * 4736 * Returns 4737 * A bpf_local_storage pointer is returned on success. 4738 * 4739 * **NULL** if not found or there was an error in adding 4740 * a new bpf_local_storage. 4741 */ 4742 static void *(*bpf_cgrp_storage_get)(void *map, struct cgroup *cgroup, void *value, __u64 flags) = (void *) 210; 4743 4744 /* 4745 * bpf_cgrp_storage_delete 4746 * 4747 * Delete a bpf_local_storage from a *cgroup*. 4748 * 4749 * Returns 4750 * 0 on success. 4751 * 4752 * **-ENOENT** if the bpf_local_storage cannot be found. 4753 */ 4754 static long (*bpf_cgrp_storage_delete)(void *map, struct cgroup *cgroup) = (void *) 211; 4755 4756 4757