Commit | Line | Data |
---|---|---|
971e827b ACM |
1 | /* Copyright (c) 2011-2014 PLUMgrid, http://plumgrid.com |
2 | * | |
3 | * This program is free software; you can redistribute it and/or | |
4 | * modify it under the terms of version 2 of the GNU General Public | |
5 | * License as published by the Free Software Foundation. | |
6 | */ | |
7 | #ifndef _UAPI__LINUX_BPF_H__ | |
8 | #define _UAPI__LINUX_BPF_H__ | |
9 | ||
10 | #include <linux/types.h> | |
11 | #include <linux/bpf_common.h> | |
12 | ||
13 | /* Extended instruction set based on top of classic BPF */ | |
14 | ||
15 | /* instruction classes */ | |
16 | #define BPF_ALU64 0x07 /* alu mode in double word width */ | |
17 | ||
18 | /* ld/ldx fields */ | |
19 | #define BPF_DW 0x18 /* double word */ | |
20 | #define BPF_XADD 0xc0 /* exclusive add */ | |
21 | ||
22 | /* alu/jmp fields */ | |
23 | #define BPF_MOV 0xb0 /* mov reg to reg */ | |
24 | #define BPF_ARSH 0xc0 /* sign extending arithmetic shift right */ | |
25 | ||
26 | /* change endianness of a register */ | |
27 | #define BPF_END 0xd0 /* flags for endianness conversion: */ | |
28 | #define BPF_TO_LE 0x00 /* convert to little-endian */ | |
29 | #define BPF_TO_BE 0x08 /* convert to big-endian */ | |
30 | #define BPF_FROM_LE BPF_TO_LE | |
31 | #define BPF_FROM_BE BPF_TO_BE | |
32 | ||
33 | #define BPF_JNE 0x50 /* jump != */ | |
34 | #define BPF_JSGT 0x60 /* SGT is signed '>', GT in x86 */ | |
35 | #define BPF_JSGE 0x70 /* SGE is signed '>=', GE in x86 */ | |
36 | #define BPF_CALL 0x80 /* function call */ | |
37 | #define BPF_EXIT 0x90 /* function return */ | |
38 | ||
39 | /* Register numbers */ | |
40 | enum { | |
41 | BPF_REG_0 = 0, | |
42 | BPF_REG_1, | |
43 | BPF_REG_2, | |
44 | BPF_REG_3, | |
45 | BPF_REG_4, | |
46 | BPF_REG_5, | |
47 | BPF_REG_6, | |
48 | BPF_REG_7, | |
49 | BPF_REG_8, | |
50 | BPF_REG_9, | |
51 | BPF_REG_10, | |
52 | __MAX_BPF_REG, | |
53 | }; | |
54 | ||
55 | /* BPF has 10 general purpose 64-bit registers and stack frame. */ | |
56 | #define MAX_BPF_REG __MAX_BPF_REG | |
57 | ||
58 | struct bpf_insn { | |
59 | __u8 code; /* opcode */ | |
60 | __u8 dst_reg:4; /* dest register */ | |
61 | __u8 src_reg:4; /* source register */ | |
62 | __s16 off; /* signed offset */ | |
63 | __s32 imm; /* signed immediate constant */ | |
64 | }; | |
65 | ||
66 | /* BPF syscall commands, see bpf(2) man-page for details. */ | |
67 | enum bpf_cmd { | |
68 | BPF_MAP_CREATE, | |
69 | BPF_MAP_LOOKUP_ELEM, | |
70 | BPF_MAP_UPDATE_ELEM, | |
71 | BPF_MAP_DELETE_ELEM, | |
72 | BPF_MAP_GET_NEXT_KEY, | |
73 | BPF_PROG_LOAD, | |
74 | BPF_OBJ_PIN, | |
75 | BPF_OBJ_GET, | |
76 | }; | |
77 | ||
78 | enum bpf_map_type { | |
79 | BPF_MAP_TYPE_UNSPEC, | |
80 | BPF_MAP_TYPE_HASH, | |
81 | BPF_MAP_TYPE_ARRAY, | |
82 | BPF_MAP_TYPE_PROG_ARRAY, | |
83 | BPF_MAP_TYPE_PERF_EVENT_ARRAY, | |
84 | BPF_MAP_TYPE_PERCPU_HASH, | |
85 | BPF_MAP_TYPE_PERCPU_ARRAY, | |
86 | BPF_MAP_TYPE_STACK_TRACE, | |
791cceb8 | 87 | BPF_MAP_TYPE_CGROUP_ARRAY, |
971e827b ACM |
88 | }; |
89 | ||
90 | enum bpf_prog_type { | |
91 | BPF_PROG_TYPE_UNSPEC, | |
92 | BPF_PROG_TYPE_SOCKET_FILTER, | |
93 | BPF_PROG_TYPE_KPROBE, | |
94 | BPF_PROG_TYPE_SCHED_CLS, | |
95 | BPF_PROG_TYPE_SCHED_ACT, | |
96 | BPF_PROG_TYPE_TRACEPOINT, | |
791cceb8 | 97 | BPF_PROG_TYPE_XDP, |
971e827b ACM |
98 | }; |
99 | ||
100 | #define BPF_PSEUDO_MAP_FD 1 | |
101 | ||
102 | /* flags for BPF_MAP_UPDATE_ELEM command */ | |
103 | #define BPF_ANY 0 /* create new element or update existing */ | |
104 | #define BPF_NOEXIST 1 /* create new element if it didn't exist */ | |
105 | #define BPF_EXIST 2 /* update existing element */ | |
106 | ||
107 | #define BPF_F_NO_PREALLOC (1U << 0) | |
108 | ||
109 | union bpf_attr { | |
110 | struct { /* anonymous struct used by BPF_MAP_CREATE command */ | |
111 | __u32 map_type; /* one of enum bpf_map_type */ | |
112 | __u32 key_size; /* size of key in bytes */ | |
113 | __u32 value_size; /* size of value in bytes */ | |
114 | __u32 max_entries; /* max number of entries in a map */ | |
115 | __u32 map_flags; /* prealloc or not */ | |
116 | }; | |
117 | ||
118 | struct { /* anonymous struct used by BPF_MAP_*_ELEM commands */ | |
119 | __u32 map_fd; | |
120 | __aligned_u64 key; | |
121 | union { | |
122 | __aligned_u64 value; | |
123 | __aligned_u64 next_key; | |
124 | }; | |
125 | __u64 flags; | |
126 | }; | |
127 | ||
128 | struct { /* anonymous struct used by BPF_PROG_LOAD command */ | |
129 | __u32 prog_type; /* one of enum bpf_prog_type */ | |
130 | __u32 insn_cnt; | |
131 | __aligned_u64 insns; | |
132 | __aligned_u64 license; | |
133 | __u32 log_level; /* verbosity level of verifier */ | |
134 | __u32 log_size; /* size of user buffer */ | |
135 | __aligned_u64 log_buf; /* user supplied buffer */ | |
136 | __u32 kern_version; /* checked when prog_type=kprobe */ | |
137 | }; | |
138 | ||
139 | struct { /* anonymous struct used by BPF_OBJ_* commands */ | |
140 | __aligned_u64 pathname; | |
141 | __u32 bpf_fd; | |
142 | }; | |
143 | } __attribute__((aligned(8))); | |
144 | ||
145 | /* integer value in 'imm' field of BPF_CALL instruction selects which helper | |
146 | * function eBPF program intends to call | |
147 | */ | |
148 | enum bpf_func_id { | |
149 | BPF_FUNC_unspec, | |
150 | BPF_FUNC_map_lookup_elem, /* void *map_lookup_elem(&map, &key) */ | |
151 | BPF_FUNC_map_update_elem, /* int map_update_elem(&map, &key, &value, flags) */ | |
152 | BPF_FUNC_map_delete_elem, /* int map_delete_elem(&map, &key) */ | |
153 | BPF_FUNC_probe_read, /* int bpf_probe_read(void *dst, int size, void *src) */ | |
154 | BPF_FUNC_ktime_get_ns, /* u64 bpf_ktime_get_ns(void) */ | |
155 | BPF_FUNC_trace_printk, /* int bpf_trace_printk(const char *fmt, int fmt_size, ...) */ | |
156 | BPF_FUNC_get_prandom_u32, /* u32 prandom_u32(void) */ | |
157 | BPF_FUNC_get_smp_processor_id, /* u32 raw_smp_processor_id(void) */ | |
158 | ||
159 | /** | |
160 | * skb_store_bytes(skb, offset, from, len, flags) - store bytes into packet | |
161 | * @skb: pointer to skb | |
162 | * @offset: offset within packet from skb->mac_header | |
163 | * @from: pointer where to copy bytes from | |
164 | * @len: number of bytes to store into packet | |
165 | * @flags: bit 0 - if true, recompute skb->csum | |
166 | * other bits - reserved | |
167 | * Return: 0 on success | |
168 | */ | |
169 | BPF_FUNC_skb_store_bytes, | |
170 | ||
171 | /** | |
172 | * l3_csum_replace(skb, offset, from, to, flags) - recompute IP checksum | |
173 | * @skb: pointer to skb | |
174 | * @offset: offset within packet where IP checksum is located | |
175 | * @from: old value of header field | |
176 | * @to: new value of header field | |
177 | * @flags: bits 0-3 - size of header field | |
178 | * other bits - reserved | |
179 | * Return: 0 on success | |
180 | */ | |
181 | BPF_FUNC_l3_csum_replace, | |
182 | ||
183 | /** | |
184 | * l4_csum_replace(skb, offset, from, to, flags) - recompute TCP/UDP checksum | |
185 | * @skb: pointer to skb | |
186 | * @offset: offset within packet where TCP/UDP checksum is located | |
187 | * @from: old value of header field | |
188 | * @to: new value of header field | |
189 | * @flags: bits 0-3 - size of header field | |
190 | * bit 4 - is pseudo header | |
191 | * other bits - reserved | |
192 | * Return: 0 on success | |
193 | */ | |
194 | BPF_FUNC_l4_csum_replace, | |
195 | ||
196 | /** | |
197 | * bpf_tail_call(ctx, prog_array_map, index) - jump into another BPF program | |
198 | * @ctx: context pointer passed to next program | |
199 | * @prog_array_map: pointer to map which type is BPF_MAP_TYPE_PROG_ARRAY | |
200 | * @index: index inside array that selects specific program to run | |
201 | * Return: 0 on success | |
202 | */ | |
203 | BPF_FUNC_tail_call, | |
204 | ||
205 | /** | |
206 | * bpf_clone_redirect(skb, ifindex, flags) - redirect to another netdev | |
207 | * @skb: pointer to skb | |
208 | * @ifindex: ifindex of the net device | |
209 | * @flags: bit 0 - if set, redirect to ingress instead of egress | |
210 | * other bits - reserved | |
211 | * Return: 0 on success | |
212 | */ | |
213 | BPF_FUNC_clone_redirect, | |
214 | ||
215 | /** | |
216 | * u64 bpf_get_current_pid_tgid(void) | |
217 | * Return: current->tgid << 32 | current->pid | |
218 | */ | |
219 | BPF_FUNC_get_current_pid_tgid, | |
220 | ||
221 | /** | |
222 | * u64 bpf_get_current_uid_gid(void) | |
223 | * Return: current_gid << 32 | current_uid | |
224 | */ | |
225 | BPF_FUNC_get_current_uid_gid, | |
226 | ||
227 | /** | |
228 | * bpf_get_current_comm(char *buf, int size_of_buf) | |
229 | * stores current->comm into buf | |
230 | * Return: 0 on success | |
231 | */ | |
232 | BPF_FUNC_get_current_comm, | |
233 | ||
234 | /** | |
235 | * bpf_get_cgroup_classid(skb) - retrieve a proc's classid | |
236 | * @skb: pointer to skb | |
237 | * Return: classid if != 0 | |
238 | */ | |
239 | BPF_FUNC_get_cgroup_classid, | |
240 | BPF_FUNC_skb_vlan_push, /* bpf_skb_vlan_push(skb, vlan_proto, vlan_tci) */ | |
241 | BPF_FUNC_skb_vlan_pop, /* bpf_skb_vlan_pop(skb) */ | |
242 | ||
243 | /** | |
244 | * bpf_skb_[gs]et_tunnel_key(skb, key, size, flags) | |
245 | * retrieve or populate tunnel metadata | |
246 | * @skb: pointer to skb | |
247 | * @key: pointer to 'struct bpf_tunnel_key' | |
248 | * @size: size of 'struct bpf_tunnel_key' | |
249 | * @flags: room for future extensions | |
250 | * Retrun: 0 on success | |
251 | */ | |
252 | BPF_FUNC_skb_get_tunnel_key, | |
253 | BPF_FUNC_skb_set_tunnel_key, | |
254 | BPF_FUNC_perf_event_read, /* u64 bpf_perf_event_read(&map, index) */ | |
255 | /** | |
256 | * bpf_redirect(ifindex, flags) - redirect to another netdev | |
257 | * @ifindex: ifindex of the net device | |
258 | * @flags: bit 0 - if set, redirect to ingress instead of egress | |
259 | * other bits - reserved | |
260 | * Return: TC_ACT_REDIRECT | |
261 | */ | |
262 | BPF_FUNC_redirect, | |
263 | ||
264 | /** | |
265 | * bpf_get_route_realm(skb) - retrieve a dst's tclassid | |
266 | * @skb: pointer to skb | |
267 | * Return: realm if != 0 | |
268 | */ | |
269 | BPF_FUNC_get_route_realm, | |
270 | ||
271 | /** | |
272 | * bpf_perf_event_output(ctx, map, index, data, size) - output perf raw sample | |
273 | * @ctx: struct pt_regs* | |
274 | * @map: pointer to perf_event_array map | |
275 | * @index: index of event in the map | |
276 | * @data: data on stack to be output as raw data | |
277 | * @size: size of data | |
278 | * Return: 0 on success | |
279 | */ | |
280 | BPF_FUNC_perf_event_output, | |
281 | BPF_FUNC_skb_load_bytes, | |
282 | ||
283 | /** | |
284 | * bpf_get_stackid(ctx, map, flags) - walk user or kernel stack and return id | |
285 | * @ctx: struct pt_regs* | |
286 | * @map: pointer to stack_trace map | |
287 | * @flags: bits 0-7 - numer of stack frames to skip | |
288 | * bit 8 - collect user stack instead of kernel | |
289 | * bit 9 - compare stacks by hash only | |
290 | * bit 10 - if two different stacks hash into the same stackid | |
291 | * discard old | |
292 | * other bits - reserved | |
293 | * Return: >= 0 stackid on success or negative error | |
294 | */ | |
295 | BPF_FUNC_get_stackid, | |
296 | ||
297 | /** | |
298 | * bpf_csum_diff(from, from_size, to, to_size, seed) - calculate csum diff | |
299 | * @from: raw from buffer | |
300 | * @from_size: length of from buffer | |
301 | * @to: raw to buffer | |
302 | * @to_size: length of to buffer | |
303 | * @seed: optional seed | |
304 | * Return: csum result | |
305 | */ | |
306 | BPF_FUNC_csum_diff, | |
307 | ||
308 | /** | |
309 | * bpf_skb_[gs]et_tunnel_opt(skb, opt, size) | |
310 | * retrieve or populate tunnel options metadata | |
311 | * @skb: pointer to skb | |
312 | * @opt: pointer to raw tunnel option data | |
313 | * @size: size of @opt | |
314 | * Return: 0 on success for set, option size for get | |
315 | */ | |
316 | BPF_FUNC_skb_get_tunnel_opt, | |
317 | BPF_FUNC_skb_set_tunnel_opt, | |
791cceb8 ACM |
318 | |
319 | /** | |
320 | * bpf_skb_change_proto(skb, proto, flags) | |
321 | * Change protocol of the skb. Currently supported is | |
322 | * v4 -> v6, v6 -> v4 transitions. The helper will also | |
323 | * resize the skb. eBPF program is expected to fill the | |
324 | * new headers via skb_store_bytes and lX_csum_replace. | |
325 | * @skb: pointer to skb | |
326 | * @proto: new skb->protocol type | |
327 | * @flags: reserved | |
328 | * Return: 0 on success or negative error | |
329 | */ | |
330 | BPF_FUNC_skb_change_proto, | |
331 | ||
332 | /** | |
333 | * bpf_skb_change_type(skb, type) | |
334 | * Change packet type of skb. | |
335 | * @skb: pointer to skb | |
336 | * @type: new skb->pkt_type type | |
337 | * Return: 0 on success or negative error | |
338 | */ | |
339 | BPF_FUNC_skb_change_type, | |
340 | ||
341 | /** | |
dcfc3a67 | 342 | * bpf_skb_under_cgroup(skb, map, index) - Check cgroup2 membership of skb |
791cceb8 ACM |
343 | * @skb: pointer to skb |
344 | * @map: pointer to bpf_map in BPF_MAP_TYPE_CGROUP_ARRAY type | |
345 | * @index: index of the cgroup in the bpf_map | |
346 | * Return: | |
347 | * == 0 skb failed the cgroup2 descendant test | |
348 | * == 1 skb succeeded the cgroup2 descendant test | |
349 | * < 0 error | |
350 | */ | |
dcfc3a67 | 351 | BPF_FUNC_skb_under_cgroup, |
791cceb8 ACM |
352 | |
353 | /** | |
354 | * bpf_get_hash_recalc(skb) | |
355 | * Retrieve and possibly recalculate skb->hash. | |
356 | * @skb: pointer to skb | |
357 | * Return: hash | |
358 | */ | |
359 | BPF_FUNC_get_hash_recalc, | |
360 | ||
361 | /** | |
362 | * u64 bpf_get_current_task(void) | |
363 | * Returns current task_struct | |
364 | * Return: current | |
365 | */ | |
366 | BPF_FUNC_get_current_task, | |
367 | ||
368 | /** | |
369 | * bpf_probe_write_user(void *dst, void *src, int len) | |
370 | * safely attempt to write to a location | |
371 | * @dst: destination address in userspace | |
372 | * @src: source address on stack | |
373 | * @len: number of bytes to copy | |
374 | * Return: 0 on success or negative error | |
375 | */ | |
376 | BPF_FUNC_probe_write_user, | |
377 | ||
971e827b ACM |
378 | __BPF_FUNC_MAX_ID, |
379 | }; | |
380 | ||
381 | /* All flags used by eBPF helper functions, placed here. */ | |
382 | ||
383 | /* BPF_FUNC_skb_store_bytes flags. */ | |
384 | #define BPF_F_RECOMPUTE_CSUM (1ULL << 0) | |
385 | #define BPF_F_INVALIDATE_HASH (1ULL << 1) | |
386 | ||
387 | /* BPF_FUNC_l3_csum_replace and BPF_FUNC_l4_csum_replace flags. | |
388 | * First 4 bits are for passing the header field size. | |
389 | */ | |
390 | #define BPF_F_HDR_FIELD_MASK 0xfULL | |
391 | ||
392 | /* BPF_FUNC_l4_csum_replace flags. */ | |
393 | #define BPF_F_PSEUDO_HDR (1ULL << 4) | |
394 | #define BPF_F_MARK_MANGLED_0 (1ULL << 5) | |
395 | ||
396 | /* BPF_FUNC_clone_redirect and BPF_FUNC_redirect flags. */ | |
397 | #define BPF_F_INGRESS (1ULL << 0) | |
398 | ||
399 | /* BPF_FUNC_skb_set_tunnel_key and BPF_FUNC_skb_get_tunnel_key flags. */ | |
400 | #define BPF_F_TUNINFO_IPV6 (1ULL << 0) | |
401 | ||
402 | /* BPF_FUNC_get_stackid flags. */ | |
403 | #define BPF_F_SKIP_FIELD_MASK 0xffULL | |
404 | #define BPF_F_USER_STACK (1ULL << 8) | |
405 | #define BPF_F_FAST_STACK_CMP (1ULL << 9) | |
406 | #define BPF_F_REUSE_STACKID (1ULL << 10) | |
407 | ||
408 | /* BPF_FUNC_skb_set_tunnel_key flags. */ | |
409 | #define BPF_F_ZERO_CSUM_TX (1ULL << 1) | |
410 | #define BPF_F_DONT_FRAGMENT (1ULL << 2) | |
411 | ||
791cceb8 | 412 | /* BPF_FUNC_perf_event_output and BPF_FUNC_perf_event_read flags. */ |
971e827b ACM |
413 | #define BPF_F_INDEX_MASK 0xffffffffULL |
414 | #define BPF_F_CURRENT_CPU BPF_F_INDEX_MASK | |
791cceb8 ACM |
415 | /* BPF_FUNC_perf_event_output for sk_buff input context. */ |
416 | #define BPF_F_CTXLEN_MASK (0xfffffULL << 32) | |
971e827b ACM |
417 | |
418 | /* user accessible mirror of in-kernel sk_buff. | |
419 | * new fields can only be added to the end of this structure | |
420 | */ | |
421 | struct __sk_buff { | |
422 | __u32 len; | |
423 | __u32 pkt_type; | |
424 | __u32 mark; | |
425 | __u32 queue_mapping; | |
426 | __u32 protocol; | |
427 | __u32 vlan_present; | |
428 | __u32 vlan_tci; | |
429 | __u32 vlan_proto; | |
430 | __u32 priority; | |
431 | __u32 ingress_ifindex; | |
432 | __u32 ifindex; | |
433 | __u32 tc_index; | |
434 | __u32 cb[5]; | |
435 | __u32 hash; | |
436 | __u32 tc_classid; | |
437 | __u32 data; | |
438 | __u32 data_end; | |
439 | }; | |
440 | ||
441 | struct bpf_tunnel_key { | |
442 | __u32 tunnel_id; | |
443 | union { | |
444 | __u32 remote_ipv4; | |
445 | __u32 remote_ipv6[4]; | |
446 | }; | |
447 | __u8 tunnel_tos; | |
448 | __u8 tunnel_ttl; | |
449 | __u16 tunnel_ext; | |
450 | __u32 tunnel_label; | |
451 | }; | |
452 | ||
791cceb8 ACM |
453 | /* User return codes for XDP prog type. |
454 | * A valid XDP program must return one of these defined values. All other | |
455 | * return codes are reserved for future use. Unknown return codes will result | |
456 | * in packet drop. | |
457 | */ | |
458 | enum xdp_action { | |
459 | XDP_ABORTED = 0, | |
460 | XDP_DROP, | |
461 | XDP_PASS, | |
462 | XDP_TX, | |
463 | }; | |
464 | ||
465 | /* user accessible metadata for XDP packet hook | |
466 | * new fields must be added to the end of this structure | |
467 | */ | |
468 | struct xdp_md { | |
469 | __u32 data; | |
470 | __u32 data_end; | |
471 | }; | |
472 | ||
971e827b | 473 | #endif /* _UAPI__LINUX_BPF_H__ */ |