rxdp
Rust bindings for working with XDP programs & eBPF maps.
This library has bindings for some of the common, basic operations needed when working with XDP programs & eBPF maps from user-space. It is built on top of libbpf-sys. At the time of writing, it supports only a subset of all the possibe eBPF map types (see tests directory for a good indication of which maps are supported).
Prerequisites
- Linux OS
- libbpf-sys dependencies
Examples
Create an object from an ELF file
use rxdp;
let obj_path = "/path/to/elf/file";
let obj = match new ;
Set the pinned maps.
Maps that have already been pinned will be loaded from the fs, provided the map name matches the name in the fs. Any new maps in the HashSet will set the pin path so that once the program is loaded, they will get automatically pinned.
let mut pinned_maps = new;
pinned_maps.insert;
obj.pinned_maps.unwrap;
Load the object (programs + maps) into the kernel.
This will consume the XDPObject
created above and return an XDPLoadedObject
.
let obj = obj.load.unwrap;
Get a reference to an XDP program and attach it to an interface
let dev = "eth0";
let flags = SKB_MODE;
let prog = obj.get_program.unwrap;
match prog.attach_to_interface
Get access to an underlying eBPF Map
let m: Map = match new ;
NOTE: the key/value sizes MUST match the key/value sizes defined in the eBPF code, otherwise creating the map will fail.
Perform map operations
use MapLike;
let key = 0u32;
let value = 1000u64;
m.update.unwrap;
let got = m.lookup.unwrap;
assert_eq!;
// iterate through all items
for kv in m.items.unwrap
For per-cpu maps, use PerCpuMap
let m: PerCpuMap = new.unwrap;
NOTE: the key size MUST match the key size defined in the eBPF code, otherwise creating the map will fail.
Per CPU map operations
Per CPU maps return the MapValue::Multi(Vec<T>)
variant during lookup, one for each possible CPU:
use MapLike;
let key = 0u32;
let value = 1000u64;
m.update.unwrap;
let got = m.lookup.unwrap;
assert_eq!;
// iterate through all items
for kv in m.items.unwrap
Perf event Map
Perf events sent from eBPF can be retrieved via PerfMap
.
let mut perfmap = new.unwrap;
let r: = perfmap.start_polling;
// Wait for events on the receiver side of the channel
loop
Batching support (kernel dependent)
If the kernel supports it, you can do batch operations for update/lookups:
if is_batching_supported
Testing
Running tests requires root access, so it's best to run them in a Docker container:
Benchmarks
Running benchmarks requires root access, so it's best to run them in a Docker container:
Licensing
This crate is released under MIT license and has the following third party dependencies:
Website | License | Linkage | |
---|---|---|---|
libbpf-sys | github.com/alexforster/libbpf-sys | BSD-2-Clause |
Static |
libbpf | github.com/libbpf/libbpf | LGPL-2.1-only OR BSD-2-Clause |
Static |
libelf | sourceware.org/elfutils | LGPL-2.1-or-later OR LGPL-3.0-or-later |
Dynamic |
zlib | zlib.net | Zlib |
Dynamic |