/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
/* Copyright (c) 2011-2014 PLUMgrid, http://plumgrid.com
* This program is free software; you can redistribute it and/or
* modify it under the terms of version 2 of the GNU General Public
* License as published by the Free Software Foundation.
#include <linux/bpf_common.h>
/* Extended instruction set based on top of classic BPF */
/* instruction classes */
#define BPF_JMP32 0x06 /* jmp mode in word width */
#define BPF_ALU64 0x07 /* alu mode in double word width */
#define BPF_DW 0x18 /* double word (64-bit) */
#define BPF_ATOMIC 0xc0 /* atomic memory ops - op type in immediate */
#define BPF_XADD 0xc0 /* exclusive add - legacy name */
#define BPF_MOV 0xb0 /* mov reg to reg */
#define BPF_ARSH 0xc0 /* sign extending arithmetic shift right */
/* change endianness of a register */
#define BPF_END 0xd0 /* flags for endianness conversion: */
#define BPF_TO_LE 0x00 /* convert to little-endian */
#define BPF_TO_BE 0x08 /* convert to big-endian */
#define BPF_FROM_LE BPF_TO_LE
#define BPF_FROM_BE BPF_TO_BE
#define BPF_JNE 0x50 /* jump != */
#define BPF_JLT 0xa0 /* LT is unsigned, '<' */
#define BPF_JLE 0xb0 /* LE is unsigned, '<=' */
#define BPF_JSGT 0x60 /* SGT is signed '>', GT in x86 */
#define BPF_JSGE 0x70 /* SGE is signed '>=', GE in x86 */
#define BPF_JSLT 0xc0 /* SLT is signed, '<' */
#define BPF_JSLE 0xd0 /* SLE is signed, '<=' */
#define BPF_CALL 0x80 /* function call */
#define BPF_EXIT 0x90 /* function return */
/* atomic op type fields (stored in immediate) */
#define BPF_FETCH 0x01 /* not an opcode on its own, used to build others */
#define BPF_XCHG (0xe0 | BPF_FETCH) /* atomic exchange */
#define BPF_CMPXCHG (0xf0 | BPF_FETCH) /* atomic compare-and-write */
/* BPF has 10 general purpose 64-bit registers and stack frame. */
#define MAX_BPF_REG __MAX_BPF_REG
__u8 dst_reg:4; /* dest register */
__u8 src_reg:4; /* source register */
__s16 off; /* signed offset */
__s32 imm; /* signed immediate constant */
/* Key of an a BPF_MAP_TYPE_LPM_TRIE entry */
struct bpf_lpm_trie_key {
__u32 prefixlen; /* up to 32 for AF_INET, 128 for AF_INET6 */
__u8 data[0]; /* Arbitrary size */
struct bpf_cgroup_storage_key {
__u64 cgroup_inode_id; /* cgroup inode id */
__u32 attach_type; /* program attach type */
union bpf_iter_link_info {
/* BPF syscall commands, see bpf(2) man-page for more details. */
* DOC: eBPF Syscall Preamble
* The operation to be performed by the **bpf**\ () system call is determined
* by the *cmd* argument. Each operation takes an accompanying argument,
* provided via *attr*, which is a pointer to a union of type *bpf_attr* (see
* below). The size argument is the size of the union pointed to by *attr*.
* DOC: eBPF Syscall Commands
* Create a map and return a file descriptor that refers to the
* map. The close-on-exec file descriptor flag (see **fcntl**\ (2))
* is automatically enabled for the new file descriptor.
* Applying **close**\ (2) to the file descriptor returned by
* **BPF_MAP_CREATE** will delete the map (but see NOTES).
* A new file descriptor (a nonnegative integer), or -1 if an
* error occurred (in which case, *errno* is set appropriately).
* Look up an element with a given *key* in the map referred to
* by the file descriptor *map_fd*.
* The *flags* argument may be specified as one of the
* Look up the value of a spin-locked map without
* returning the lock. This must be specified if the
* elements contain a spinlock.
* Returns zero on success. On error, -1 is returned and *errno*
* Create or update an element (key/value pair) in a specified map.
* The *flags* argument should be specified as one of the
* Create a new element or update an existing element.
* Create a new element only if it did not exist.
* Update an existing element.
* Update a spin_lock-ed map element.
* Returns zero on success. On error, -1 is returned and *errno*
* May set *errno* to **EINVAL**, **EPERM**, **ENOMEM**,
* **E2BIG**, **EEXIST**, or **ENOENT**.
* The number of elements in the map reached the
* *max_entries* limit specified at map creation time.
* If *flags* specifies **BPF_NOEXIST** and the element
* with *key* already exists in the map.
* If *flags* specifies **BPF_EXIST** and the element with
* *key* does not exist in the map.
* Look up and delete an element by key in a specified map.
* Returns zero on success. On error, -1 is returned and *errno*
* Look up an element by key in a specified map and return the key
* of the next element. Can be used to iterate over all elements
* Returns zero on success. On error, -1 is returned and *errno*
* The following cases can be used to iterate over all elements of
* * If *key* is not found, the operation returns zero and sets
* the *next_key* pointer to the key of the first element.
* * If *key* is found, the operation returns zero and sets the
* *next_key* pointer to the key of the next element.
* * If *key* is the last element, returns -1 and *errno* is set
* May set *errno* to **ENOMEM**, **EFAULT**, **EPERM**, or
* Verify and load an eBPF program, returning a new file
* descriptor associated with the program.
* Applying **close**\ (2) to the file descriptor returned by
* **BPF_PROG_LOAD** will unload the eBPF program (but see NOTES).
* The close-on-exec file descriptor flag (see **fcntl**\ (2)) is
* automatically enabled for the new file descriptor.
* A new file descriptor (a nonnegative integer), or -1 if an
* error occurred (in which case, *errno* is set appropriately).
* Pin an eBPF program or map referred by the specified *bpf_fd*
* to the provided *pathname* on the filesystem.
* The *pathname* argument must not contain a dot (".").
* On success, *pathname* retains a reference to the eBPF object,
* preventing deallocation of the object when the original
* *bpf_fd* is closed. This allow the eBPF object to live beyond
* **close**\ (\ *bpf_fd*\ ), and hence the lifetime of the parent
* Applying **unlink**\ (2) or similar calls to the *pathname*
* unpins the object from the filesystem, removing the reference.
* If no other file descriptors or filesystem nodes refer to the
* same object, it will be deallocated (see NOTES).
* The filesystem type for the parent directory of *pathname* must
* Returns zero on success. On error, -1 is returned and *errno*
* Open a file descriptor for the eBPF object pinned to the
* A new file descriptor (a nonnegative integer), or -1 if an
* error occurred (in which case, *errno* is set appropriately).
* Attach an eBPF program to a *target_fd* at the specified
* The *attach_type* specifies the eBPF attachment point to
* attach the program to, and must be one of *bpf_attach_type*
* The *attach_bpf_fd* must be a valid file descriptor for a
* loaded eBPF program of a cgroup, flow dissector, LIRC, sockmap
* or sock_ops type corresponding to the specified *attach_type*.
* The *target_fd* must be a valid file descriptor for a kernel
* object which depends on the attach type of *attach_bpf_fd*:
* **BPF_PROG_TYPE_CGROUP_DEVICE**,
* **BPF_PROG_TYPE_CGROUP_SKB**,
* **BPF_PROG_TYPE_CGROUP_SOCK**,
* **BPF_PROG_TYPE_CGROUP_SOCK_ADDR**,
* **BPF_PROG_TYPE_CGROUP_SOCKOPT**,
* **BPF_PROG_TYPE_CGROUP_SYSCTL**,
* **BPF_PROG_TYPE_SOCK_OPS**
* Control Group v2 hierarchy with the eBPF controller
* enabled. Requires the kernel to be compiled with
* **BPF_PROG_TYPE_FLOW_DISSECTOR**
* Network namespace (eg /proc/self/ns/net).
* **BPF_PROG_TYPE_LIRC_MODE2**
* LIRC device path (eg /dev/lircN). Requires the kernel
* to be compiled with **CONFIG_BPF_LIRC_MODE2**.
* **BPF_PROG_TYPE_SK_SKB**,
* **BPF_PROG_TYPE_SK_MSG**
* eBPF map of socket type (eg **BPF_MAP_TYPE_SOCKHASH**).
* Returns zero on success. On error, -1 is returned and *errno*
* Detach the eBPF program associated with the *target_fd* at the
* hook specified by *attach_type*. The program must have been
* previously attached using **BPF_PROG_ATTACH**.
* Returns zero on success. On error, -1 is returned and *errno*
* Run the eBPF program associated with the *prog_fd* a *repeat*
* number of times against a provided program context *ctx_in* and
* data *data_in*, and return the modified program context
* *ctx_out*, *data_out* (for example, packet data), result of the
* execution *retval*, and *duration* of the test run.
* The sizes of the buffers provided as input and output
* parameters *ctx_in*, *ctx_out*, *data_in*, and *data_out* must
* be provided in the corresponding variables *ctx_size_in*,
* *ctx_size_out*, *data_size_in*, and/or *data_size_out*. If any
* of these parameters are not provided (ie set to NULL), the
* corresponding size field must be zero.
* Some program types have particular requirements:
* **BPF_PROG_TYPE_SK_LOOKUP**
* *data_in* and *data_out* must be NULL.
* *ctx_in* and *ctx_out* must be NULL.
* **BPF_PROG_TYPE_RAW_TRACEPOINT**,
* **BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE**
* *ctx_out*, *data_in* and *data_out* must be NULL.
* Returns zero on success. On error, -1 is returned and *errno*
* Either *data_size_out* or *ctx_size_out* is too small.
* This command is not supported by the program type of
* the program referred to by *prog_fd*.
* Fetch the next eBPF program currently loaded into the kernel.
* Looks for the eBPF program with an id greater than *start_id*
* and updates *next_id* on success. If no other eBPF programs
* remain with ids higher than *start_id*, returns -1 and sets
* Returns zero on success. On error, or when no id remains, -1
* is returned and *errno* is set appropriately.
* Fetch the next eBPF map currently loaded into the kernel.
* Looks for the eBPF map with an id greater than *start_id*
* and updates *next_id* on success. If no other eBPF maps
* remain with ids higher than *start_id*, returns -1 and sets
* Returns zero on success. On error, or when no id remains, -1
* is returned and *errno* is set appropriately.
* Open a file descriptor for the eBPF program corresponding to
* A new file descriptor (a nonnegative integer), or -1 if an
* error occurred (in which case, *errno* is set appropriately).
* Open a file descriptor for the eBPF map corresponding to
* A new file descriptor (a nonnegative integer), or -1 if an
* error occurred (in which case, *errno* is set appropriately).
* Obtain information about the eBPF object corresponding to
* Populates up to *info_len* bytes of *info*, which will be in
* one of the following formats depending on the eBPF object type
* * **struct bpf_prog_info**
* * **struct bpf_map_info**
* * **struct bpf_btf_info**
* * **struct bpf_link_info**
* Returns zero on success. On error, -1 is returned and *errno*
* Obtain information about eBPF programs associated with the
* specified *attach_type* hook.
* The *target_fd* must be a valid file descriptor for a kernel
* object which depends on the attach type of *attach_bpf_fd*:
* **BPF_PROG_TYPE_CGROUP_DEVICE**,
* **BPF_PROG_TYPE_CGROUP_SKB**,
* **BPF_PROG_TYPE_CGROUP_SOCK**,
* **BPF_PROG_TYPE_CGROUP_SOCK_ADDR**,
* **BPF_PROG_TYPE_CGROUP_SOCKOPT**,
* **BPF_PROG_TYPE_CGROUP_SYSCTL**,
* **BPF_PROG_TYPE_SOCK_OPS**
* Control Group v2 hierarchy with the eBPF controller
* enabled. Requires the kernel to be compiled with
* **BPF_PROG_TYPE_FLOW_DISSECTOR**
* Network namespace (eg /proc/self/ns/net).
* **BPF_PROG_TYPE_LIRC_MODE2**
* LIRC device path (eg /dev/lircN). Requires the kernel
* to be compiled with **CONFIG_BPF_LIRC_MODE2**.
* **BPF_PROG_QUERY** always fetches the number of programs
* attached and the *attach_flags* which were used to attach those
* programs. Additionally, if *prog_ids* is nonzero and the number
* of attached programs is less than *prog_cnt*, populates
* *prog_ids* with the eBPF program ids of the programs attached
* The following flags may alter the result:
* **BPF_F_QUERY_EFFECTIVE**
* Only return information regarding programs which are
* currently effective at the specified *target_fd*.
* Returns zero on success. On error, -1 is returned and *errno*
* BPF_RAW_TRACEPOINT_OPEN
* Attach an eBPF program to a tracepoint *name* to access kernel
* internal arguments of the tracepoint in their raw form.
* The *prog_fd* must be a valid file descriptor associated with
* a loaded eBPF program of type **BPF_PROG_TYPE_RAW_TRACEPOINT**.
* No ABI guarantees are made about the content of tracepoint
* arguments exposed to the corresponding eBPF program.
* Applying **close**\ (2) to the file descriptor returned by
* **BPF_RAW_TRACEPOINT_OPEN** will delete the map (but see NOTES).
* A new file descriptor (a nonnegative integer), or -1 if an
* error occurred (in which case, *errno* is set appropriately).
* Verify and load BPF Type Format (BTF) metadata into the kernel,
* returning a new file descriptor associated with the metadata.
* BTF is described in more detail at
* https://www.kernel.org/doc/html/latest/bpf/btf.html.
* The *btf* parameter must point to valid memory providing
* *btf_size* bytes of BTF binary metadata.
* The returned file descriptor can be passed to other **bpf**\ ()
* subcommands such as **BPF_PROG_LOAD** or **BPF_MAP_CREATE** to
* associate the BTF with those objects.
* Similar to **BPF_PROG_LOAD**, **BPF_BTF_LOAD** has optional
* parameters to specify a *btf_log_buf*, *btf_log_size* and
* *btf_log_level* which allow the kernel to return freeform log
* output regarding the BTF verification process.
* A new file descriptor (a nonnegative integer), or -1 if an
* error occurred (in which case, *errno* is set appropriately).
* Open a file descriptor for the BPF Type Format (BTF)
* corresponding to *btf_id*.
It is recommended that you Edit text format, this type of Fix handles quite a lot in one request
