diff options
author | Daniel Mack <daniel@zonque.org> | 2016-11-23 16:52:30 +0100 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2016-11-25 22:26:04 +0100 |
commit | d8c5b17f2bc0de09fbbfa14d90e8168163a579e7 (patch) | |
tree | 978eb5557eddcc244bc63b1098cdb3975b1dffcd /samples/bpf/libbpf.h | |
parent | net: ipv4, ipv6: run cgroup eBPF egress programs (diff) | |
download | linux-d8c5b17f2bc0de09fbbfa14d90e8168163a579e7.tar.xz linux-d8c5b17f2bc0de09fbbfa14d90e8168163a579e7.zip |
samples: bpf: add userspace example for attaching eBPF programs to cgroups
Add a simple userpace program to demonstrate the new API to attach eBPF
programs to cgroups. This is what it does:
* Create arraymap in kernel with 4 byte keys and 8 byte values
* Load eBPF program
The eBPF program accesses the map passed in to store two pieces of
information. The number of invocations of the program, which maps
to the number of packets received, is stored to key 0. Key 1 is
incremented on each iteration by the number of bytes stored in
the skb.
* Detach any eBPF program previously attached to the cgroup
* Attach the new program to the cgroup using BPF_PROG_ATTACH
* Once a second, read map[0] and map[1] to see how many bytes and
packets were seen on any socket of tasks in the given cgroup.
The program takes a cgroup path as 1st argument, and either "ingress"
or "egress" as 2nd. Optionally, "drop" can be passed as 3rd argument,
which will make the generated eBPF program return 0 instead of 1, so
the kernel will drop the packet.
libbpf gained two new wrappers for the new syscall commands.
Signed-off-by: Daniel Mack <daniel@zonque.org>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'samples/bpf/libbpf.h')
-rw-r--r-- | samples/bpf/libbpf.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/samples/bpf/libbpf.h b/samples/bpf/libbpf.h index de96a935068d..94a901d86fc2 100644 --- a/samples/bpf/libbpf.h +++ b/samples/bpf/libbpf.h @@ -15,6 +15,9 @@ int bpf_prog_load(enum bpf_prog_type prog_type, const struct bpf_insn *insns, int insn_len, const char *license, int kern_version); +int bpf_prog_attach(int prog_fd, int attachable_fd, enum bpf_attach_type type); +int bpf_prog_detach(int attachable_fd, enum bpf_attach_type type); + int bpf_obj_pin(int fd, const char *pathname); int bpf_obj_get(const char *pathname); |