Documentation
¶
Overview ¶
Package link allows attaching eBPF programs to various kernel hooks.
Index ¶
- Variables
- func RawAttachProgram(opts RawAttachProgramOptions) error
- func RawDetachProgram(opts RawDetachProgramOptions) error
- type CgroupOptions
- type ID
- type Iter
- type IterOptions
- type Link
- type NetNsInfo
- type NetNsLink
- type RawAttachProgramOptions
- type RawDetachProgramOptions
- type RawLink
- type RawLinkInfo
- type RawLinkOptions
- type RawLinkUpdateOptions
- type RawTracepointOptions
- type Type
Examples ¶
Constants ¶
This section is empty.
Variables ¶
var ErrNotSupported = internal.ErrNotSupported
Functions ¶
func RawAttachProgram ¶
func RawAttachProgram(opts RawAttachProgramOptions) error
RawAttachProgram is a low level wrapper around BPF_PROG_ATTACH.
You should use one of the higher level abstractions available in this package if possible.
func RawDetachProgram ¶
func RawDetachProgram(opts RawDetachProgramOptions) error
RawDetachProgram is a low level wrapper around BPF_PROG_DETACH.
You should use one of the higher level abstractions available in this package if possible.
Types ¶
type CgroupOptions ¶
type CgroupOptions struct {
// Path to a cgroupv2 folder.
Path string
// One of the AttachCgroup* constants
Attach ebpf.AttachType
// Program must be of type CGroup*, and the attach type must match Attach.
Program *ebpf.Program
}
type Iter ¶
type Iter struct {
// contains filtered or unexported fields
}
Iter represents an attached bpf_iter.
func AttachIter ¶
func AttachIter(opts IterOptions) (*Iter, error)
AttachIter attaches a BPF seq_file iterator.
func LoadPinnedIter ¶
LoadPinnedIter loads a pinned iterator from a bpffs.
type IterOptions ¶
type IterOptions struct {
// Program must be of type Tracing with attach type
// AttachTraceIter. The kind of iterator to attach to is
// determined at load time via the AttachTo field.
//
// AttachTo requires the kernel to include BTF of itself,
// and it to be compiled with a recent pahole (>= 1.16).
Program *ebpf.Program
}
type Link ¶
type Link interface {
// Replace the current program with a new program.
//
// Passing a nil program is an error. May return an error wrapping ErrNotSupported.
Update(*ebpf.Program) error
// Persist a link by pinning it into a bpffs.
//
// May return an error wrapping ErrNotSupported.
Pin(string) error
// Close frees resources.
//
// The link will be broken unless it has been pinned. A link
// may continue past the lifetime of the process if Close is
// not called.
Close() error
// contains filtered or unexported methods
}
Link represents a Program attached to a BPF hook.
func AttachCgroup ¶
func AttachCgroup(opts CgroupOptions) (Link, error)
AttachCgroup links a BPF program to a cgroup.
func AttachRawTracepoint ¶
func AttachRawTracepoint(opts RawTracepointOptions) (Link, error)
AttachRawTracepoint links a BPF program to a raw_tracepoint.
Requires at least Linux 4.17.
func LoadPinnedCgroup ¶
LoadPinnedCgroup loads a pinned cgroup from a bpffs.
type NetNsInfo ¶ added in v0.2.0
type NetNsInfo struct {
RawLinkInfo
}
NetNsInfo contains metadata about a network namespace link.
type NetNsLink ¶ added in v0.2.0
type NetNsLink struct {
*RawLink
}
NetNsLink is a program attached to a network namespace.
func AttachNetNs ¶ added in v0.2.0
AttachNetNs attaches a program to a network namespace.
Example ¶
prog, err := createSkLookupProgram()
if err != nil {
panic(err)
}
defer prog.Close()
// This can be a path to another netns as well.
netns, err := os.Open("/proc/self/ns/net")
if err != nil {
panic(err)
}
defer netns.Close()
link, err := AttachNetNs(int(netns.Fd()), prog)
if err != nil {
panic(err)
}
// The socket lookup program is now active until Close().
link.Close()
func LoadPinnedNetNs ¶ added in v0.2.0
LoadPinnedNetNs loads a network namespace link from bpffs.
type RawAttachProgramOptions ¶
type RawAttachProgramOptions struct {
// File descriptor to attach to. This differs for each attach type.
Target int
// Program to attach.
Program *ebpf.Program
// Program to replace (cgroups).
Replace *ebpf.Program
// Attach must match the attach type of Program (and Replace).
Attach ebpf.AttachType
// Flags control the attach behaviour. This differs for each attach type.
Flags uint32
}
type RawDetachProgramOptions ¶
type RawDetachProgramOptions struct {
Target int
Program *ebpf.Program
Attach ebpf.AttachType
}
type RawLink ¶
type RawLink struct {
// contains filtered or unexported fields
}
RawLink is the low-level API to bpf_link.
You should consider using the higher level interfaces in this package instead.
func AttachRawLink ¶
func AttachRawLink(opts RawLinkOptions) (*RawLink, error)
AttachRawLink creates a raw link.
func LoadPinnedRawLink ¶
LoadPinnedRawLink loads a persisted link from a bpffs.
func (*RawLink) Info ¶ added in v0.2.0
func (l *RawLink) Info() (*RawLinkInfo, error)
Info returns metadata about the link.
func (*RawLink) Pin ¶
Pin persists a link past the lifetime of the process.
Calling Close on a pinned Link will not break the link until the pin is removed.
func (*RawLink) UpdateArgs ¶
func (l *RawLink) UpdateArgs(opts RawLinkUpdateOptions) error
UpdateArgs updates a link based on args.
type RawLinkInfo ¶ added in v0.2.0
RawLinkInfo contains metadata on a link.
type RawLinkOptions ¶
type RawLinkOptions struct {
// File descriptor to attach to. This differs for each attach type.
Target int
// Program to attach.
Program *ebpf.Program
// Attach must match the attach type of Program.
Attach ebpf.AttachType
}
RawLinkOptions control the creation of a raw link.
type RawLinkUpdateOptions ¶
RawLinkUpdateOptions control the behaviour of RawLink.UpdateArgs.
Source Files