pub struct TcHook { /* private fields */ }
Expand description
The BPF TC subsystem has different control paths from other BPF programs As such a BPF program using a TC Hook (SEC(“classifier”) | SEC(“tc”)) must be operated more independently from other [libbpf-rs::Program]s.
Documentation about the libbpf TC interface can be found here https://lwn.net/ml/bpf/20210512103451.989420-3-memxor@gmail.com/
An example of using a BPF TC program can be seen in [examples/tc_whitelist_ports/src/main.rs]
Represents a Hook Point for a Traffic Control (TC) bpf program
The TcHook struct exposes operations to create, attach, query and destroy a bpf_tc_hook using the TC subsystem
Implementations
sourceimpl TcHook
impl TcHook
sourcepub fn new(fd: i32) -> Self
pub fn new(fd: i32) -> Self
Create a New TcHook given the file descriptor of the loaded SEC(“tc”) Program See: [libbpf-rs::Program]
sourcepub fn create(&mut self) -> Result<Self>
pub fn create(&mut self) -> Result<Self>
create a new TcHook
if a TcHook already exists with the same parameters as the hook calling create(), this function will still succeed.
Will always fail on a TC_CUSTOM hook
sourcepub fn ifindex(&mut self, idx: i32) -> &mut Self
pub fn ifindex(&mut self, idx: i32) -> &mut Self
Set the interface to be used
Interfaces can be listed by using ip link command from the iproute2 software package
sourcepub fn attach_point(&mut self, ap: TcAttachPoint) -> &mut Self
pub fn attach_point(&mut self, ap: TcAttachPoint) -> &mut Self
Set what type of TC point to attach onto
TC_EGRESS, TC_INGRESS, or TC_CUSTOM
An TC_EGRESS|TC_INGRESS hook can be used as an attach_point for calling the destroy() method to remove the clsact bpf tc qdisc, but cannot be used to attach()
sourcepub fn parent(&mut self, maj: u32, min: u32) -> &mut Self
pub fn parent(&mut self, maj: u32, min: u32) -> &mut Self
Set the parent of a hook Will cause an EINVAL upon attach() if set upon an TC_EGRESS/TC_INGRESS/TC_EGRESS|TC_INGRESS hook
Must be set on a TC_CUSTOM hook Current acceptable values are TC_H_CLSACT for maj, and TC_H_MIN_EGRESS or TC_H_MIN_INGRESS for min
sourcepub fn replace(&mut self, replace: bool) -> &mut Self
pub fn replace(&mut self, replace: bool) -> &mut Self
Set whether this hook should replace an existing hook
If replace is not true upon attach, and a hook already exists an EEXIST error will be returned from attach()
sourcepub fn handle(&mut self, handle: u32) -> &mut Self
pub fn handle(&mut self, handle: u32) -> &mut Self
Set the handle of a hook. If unset upon attach, the kernel will assign a handle for the hook
sourcepub fn priority(&mut self, priority: u32) -> &mut Self
pub fn priority(&mut self, priority: u32) -> &mut Self
Set the priority of a hook if unset upon attach, the kernel will assign a priority for the hook
sourcepub fn query(&mut self) -> Result<u32>
pub fn query(&mut self) -> Result<u32>
Query a hook to inspect the program identifier (prog_id)
sourcepub fn attach(&mut self) -> Result<Self>
pub fn attach(&mut self) -> Result<Self>
Attach a filter to the TcHook so that the program starts processing
Once the hook is processing, changing the values will have no effect unless the hook is attach()’d again (replace(true) being required)
Users can create a second hook by changing the handle, the priority or the attach_point and calling the attach() method again. Beware doing this. It might be better to Copy the TcHook and change the values on the copied hook for easier detach()
NOTE: Once a TcHook is attached, it, and the maps it uses, will outlive the userspace application that spawned them Make sure to detach if this is not desired
sourcepub fn destroy(&mut self) -> Result<()>
pub fn destroy(&mut self) -> Result<()>
Destroy attached filters
If called on a hook with an attach_point of EGRESS, will detach all EGRESS hooks If called on a hook with an attach_point of INGRESS, will detach all INGRESS hooks
If called on a hook with an attach_point of EGRESS|INGRESS, will destroy the clsact tc qdisc and detach all hooks
Will error with EOPNOTSUPP if attach_point is BPF_TC_CUSTOM
It is good practice to query before destroying as the tc qdisc may be used by multiple programs
Trait Implementations
Auto Trait Implementations
impl RefUnwindSafe for TcHook
impl Send for TcHook
impl Sync for TcHook
impl Unpin for TcHook
impl UnwindSafe for TcHook
Blanket Implementations
sourceimpl<T> BorrowMut<T> for T where
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
const: unstable · sourcefn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more