Struct libbpf_rs::TcHook

source · 
pub struct TcHook { /* private fields */ }
Expand description

Represents a location where a TC-BPF filter can be attached.

The BPF TC subsystem has different control paths from other BPF programs. As such a BPF program using a TC Hook (SEC("classifier") or SEC("tc")) must be operated more independently from other Programs.

This struct exposes operations to create, attach, query and destroy a bpf_tc_hook using the TC subsystem.

Documentation about the libbpf TC interface can be found here.

An example of using a BPF TC program can found here.

Implementations§

source§

impl TcHook

source

pub fn new(fd: BorrowedFd<'_>) -> Self

Create a new TcHook given the file descriptor of the loaded SEC("tc") Program.

source

pub fn create(&mut self) -> Result<Self>

Create a new TcHook as well as the underlying qdiscs

If a TcHook already exists with the same parameters as the hook calling Self::create(), this function will still succeed.

Will always fail on a TC_CUSTOM hook

source

pub fn ifindex(&mut self, idx: i32) -> &mut Self

Set the interface to attach to

Interfaces can be listed by using ip link command from the iproute2 software package

source

pub fn attach_point(&mut self, ap: TcAttachPoint) -> &mut Self

Set what type of TC point to attach onto

TC_EGRESS, TC_INGRESS, or TC_CUSTOM

An TC_EGRESS|TC_INGRESS hook can be used as an attach point for calling Self::destroy() to remove the clsact bpf tc qdisc, but cannot be used for an Self::attach() operation

source

pub fn parent(&mut self, maj: u32, min: u32) -> &mut Self

Set the parent of a hook

Will cause an EINVAL upon Self::attach() if set upon an TC_EGRESS/TC_INGRESS/(TC_EGRESS|TC_INGRESS) hook

Must be set on a TC_CUSTOM hook

Current acceptable values are TC_H_CLSACT for maj, and TC_H_MIN_EGRESS or TC_H_MIN_INGRESS for min

source

pub fn replace(&mut self, replace: bool) -> &mut Self

Set whether this hook should replace an existing hook

If replace is not true upon attach, and a hook already exists an EEXIST error will be returned from Self::attach()

source

pub fn handle(&mut self, handle: u32) -> &mut Self

Set the handle of a hook. If unset upon attach, the kernel will assign a handle for the hook

source

pub fn get_handle(&self) -> u32

Get the handle of a hook. Only has meaning after hook is attached

source

pub fn priority(&mut self, priority: u32) -> &mut Self

Set the priority of a hook If unset upon attach, the kernel will assign a priority for the hook

source

pub fn get_priority(&self) -> u32

Get the priority of a hook Only has meaning after hook is attached

source

pub fn query(&mut self) -> Result<u32>

Query a hook to inspect the program identifier (prog_id)

source

pub fn attach(&mut self) -> Result<Self>

Attach a filter to the TcHook so that the program starts processing

Once the hook is processing, changing the values will have no effect unless the hook is Self::attach()’d again (replace=true being required)

Users can create a second hook by changing the handle, the priority or the attach_point and calling the Self::attach() method again. Beware doing this. It might be better to Copy the TcHook and change the values on the copied hook for easier Self::detach()

NOTE: Once a TcHook is attached, it, and the maps it uses, will outlive the userspace application that spawned them Make sure to detach if this is not desired

source

pub fn detach(&mut self) -> Result<()>

Detach a filter from a TcHook

source

pub fn destroy(&mut self) -> Result<()>

Destroy attached filters

If called on a hook with an attach_point of TC_EGRESS, will detach all egress hooks

If called on a hook with an attach_point of TC_INGRESS, will detach all ingress hooks

If called on a hook with an attach_point of TC_EGRESS|TC_INGRESS, will destroy the clsact tc qdisc and detach all hooks

Will error with EOPNOTSUPP if attach_point is TC_CUSTOM

It is good practice to query before destroying as the tc qdisc may be used by multiple programs

Trait Implementations§

source§

impl Clone for TcHook

source§

fn clone(&self) -> TcHook

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for TcHook

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl Copy for TcHook

Auto Trait Implementations§

§

impl Freeze for TcHook

§

impl RefUnwindSafe for TcHook

§

impl Send for TcHook

§

impl Sync for TcHook

§

impl Unpin for TcHook

§

impl UnwindSafe for TcHook

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.