[−][src]Crate redbpf_macros
Procedural macros to help writing eBPF programs using the redbpf-probes
crate.
Overview
redbpf-macros is part of the redbpf project. Together with
redbpf-probes, it
provides an idiomatic Rust API to write programs that can be compiled to eBPF
bytecode and executed by the linux in-kernel eBPF virtual machine.
To streamline the process of working with eBPF programs even further,
redbpf also provides
cargo-bpf - a cargo subcommand
to simplify creating and building eBPF programs.
Example
#![no_std] #![no_main] use redbpf_macros::{program, kprobe, xdp}; use redbpf_probes::bindings::*; use redbpf_probes::xdp::{XdpAction, XdpContext}; // configure kernel version compatibility and license program!(0xFFFFFFFE, "GPL"); #[xdp] pub extern "C" fn example_xdp_probe(ctx: XdpContext) -> XdpAction { ... XdpAction::Pass } #[kprobe("__x64_sys_clone")] pub extern "C" fn example_kprobe(ctx: *mut pt_regs) { ... }
Macros
| impl_network_buffer_array | |
| program | Generates program metadata. |
Attribute Macros
| kprobe | Attribute macro that must be used to define |
| kretprobe | Attribute macro that must be used to define |
| map | Attribute macro that must be used when creating eBPF maps. |
| socket_filter | |
| xdp | Attribute macro that must be used to define |