Struct SkMsg

Source

pub struct SkMsg { /* private fields */ }

Expand description

A program used to intercept messages sent with sendmsg()/sendfile().

SkMsg programs are attached to socket maps, and can be used inspect, filter and redirect messages sent on sockets. See also SockMap and SockHash.

§Minimum kernel version

The minimum kernel version required to use this feature is 4.17.

§Examples

use std::io::Write;
use std::net::TcpStream;
use std::os::fd::AsRawFd;
use aya::maps::SockHash;
use aya::programs::SkMsg;

let intercept_egress: SockHash<_, u32> = bpf.map("INTERCEPT_EGRESS").unwrap().try_into()?;
let map_fd = intercept_egress.fd().try_clone()?;

let prog: &mut SkMsg = bpf.program_mut("intercept_egress_packet").unwrap().try_into()?;
prog.load()?;
prog.attach(&map_fd)?;

let mut client = TcpStream::connect("127.0.0.1:1234")?;
let mut intercept_egress: SockHash<_, u32> = bpf.map_mut("INTERCEPT_EGRESS").unwrap().try_into()?;

intercept_egress.insert(1234, client.as_raw_fd(), 0)?;

// the write will be intercepted
client.write_all(b"foo")?;

Implementations§

Source §

impl SkMsg

Source

pub const PROGRAM_TYPE: ProgramType = ProgramType::SkMsg

The type of the program according to the kernel.

Source

pub fn load(&mut self) -> Result<(), ProgramError>

Loads the program inside the kernel.

Source

pub fn attach(&mut self, map: &SockMapFd) -> Result<SkMsgLinkId, ProgramError>

Attaches the program to the given sockmap.

The returned value can be used to detach, see SkMsg::detach.

Source §

impl SkMsg

Source

pub fn detach(&mut self, link_id: SkMsgLinkId) -> Result<(), ProgramError>

Detaches the program.

See Self::attach.

Source

pub fn take_link( &mut self, link_id: SkMsgLinkId, ) -> Result<SkMsgLink, ProgramError>

Takes ownership of the link referenced by the provided link_id.

The caller takes the responsibility of managing the lifetime of the link. When the returned SkMsgLink is dropped, the link will be detached.

Source §

impl SkMsg

Source

pub fn unload(&mut self) -> Result<(), ProgramError>

Unloads the program from the kernel.

Tracked links will be detached before unloading the program. Attachment mechanisms that do not create tracked links are not affected. Note that owned links obtained using take_link() will not be detached.

Source §

impl SkMsg

Source

pub fn fd(&self) -> Result<&ProgramFd, ProgramError>

Returns the file descriptor of this Program.

Source §

impl SkMsg

Source

pub fn pin<P: AsRef<Path>>(&mut self, path: P) -> Result<(), PinError>

Pins the program to a BPF filesystem.

When a BPF object is pinned to a BPF filesystem it will remain loaded after Aya has unloaded the program. To remove the program, the file on the BPF filesystem must be removed. Any directories in the the path provided should have been created by the caller.

Source

pub fn unpin(&mut self) -> Result<(), Error>

Removes the pinned link from the filesystem.

Source §

impl SkMsg

Source

pub fn from_pin<P: AsRef<Path>>(path: P) -> Result<Self, ProgramError>

Creates a program from a pinned entry on a bpffs.

Existing links will not be populated. To work with existing links you should use crate::programs::links::PinnedLink.

On drop, any managed links are detached and the program is unloaded. This will not result in the program being unloaded from the kernel if it is still pinned.

Source §