bcc

package
v0.2.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 27, 2024 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	BPF_PROBE_ENTRY = iota
	BPF_PROBE_RETURN
)
View Source 
const (
	XDP_FLAGS_UPDATE_IF_NOEXIST = uint32(1) << iota
	XDP_FLAGS_SKB_MODE
	XDP_FLAGS_DRV_MODE
	XDP_FLAGS_HW_MODE
	XDP_FLAGS_MODES = XDP_FLAGS_SKB_MODE | XDP_FLAGS_DRV_MODE | XDP_FLAGS_HW_MODE
	XDP_FLAGS_MASK  = XDP_FLAGS_UPDATE_IF_NOEXIST | XDP_FLAGS_MODES
)
View Source 
const BPF_PERF_READER_PAGE_CNT = 8

BPF_PERF_READER_PAGE_CNT is the default page_cnt used per cpu ring buffer

Variables

This section is empty.

Functions

func GetHostByteOrder 

func GetHostByteOrder() binary.ByteOrder

GetHostByteOrder returns the current byte-order.

func GetSyscallFnName 

func GetSyscallFnName(name string) string

func GetSyscallPrefix 

func GetSyscallPrefix() string

Types

type Module 

type Module struct {
	// contains filtered or unexported fields
}

Module type

func NewModule 

func NewModule(code string, cflags []string) *Module

NewModule asynchronously compiles the code, generates a new BPF module and returns it.

func (*Module) AttachKprobe 

func (bpf *Module) AttachKprobe(fnName string, fd int, maxActive int) error

AttachKprobe attaches a kprobe fd to a function.

func (*Module) AttachKretprobe 

func (bpf *Module) AttachKretprobe(fnName string, fd int, maxActive int) error

AttachKretprobe attaches a kretprobe fd to a function.

func (*Module) AttachMatchingUprobes 

func (bpf *Module) AttachMatchingUprobes(name, match string, fd, pid int) error

AttachMatchingUprobes attaches a uprobe fd to all symbols in the library or binary 'name' that match a given pattern. The 'name' argument can be given as either a full library path (/usr/lib/..), a library without the lib prefix, or as a binary with full path (/bin/bash) A pid can be given, or -1 to attach to all processes

Presently attempts to trace processes running in a different namespace to the tracer will fail due to limitations around namespace-switching in multi-threaded programs (such as Go programs)

func (*Module) AttachMatchingUretprobes 

func (bpf *Module) AttachMatchingUretprobes(name, match string, fd, pid int) error

AttachMatchingUretprobes attaches a uretprobe fd to all symbols in the library or binary 'name' that match a given pattern. The 'name' argument can be given as either a full library path (/usr/lib/..), a library without the lib prefix, or as a binary with full path (/bin/bash) A pid can be given, or -1 to attach to all processes

Presently attempts to trace processes running in a different namespace to the tracer will fail due to limitations around namespace-switching in multi-threaded programs (such as Go programs)

func (*Module) AttachPerfEvent 

func (bpf *Module) AttachPerfEvent(evType, evConfig int, samplePeriod int, sampleFreq int, pid, cpu, groupFd, fd int) error

AttachPerfEvent attaches a perf event fd to a function Argument 'evType' is a member of 'perf_type_id' enum in the kernel header 'include/uapi/linux/perf_event.h'. Argument 'evConfig' is one of PERF_COUNT_* constants in the same file.

func (*Module) AttachRawTracepoint 

func (bpf *Module) AttachRawTracepoint(name string, fd int) error

AttachRawTracepoint attaches a raw tracepoint fd to a function The 'name' argument is in the format 'name', there is no category

func (*Module) AttachSocketFilter 

func (bpf *Module) AttachSocketFilter(sockFd, socketFilterFd int) error

AttachSocketFilter attach a socket filter to a function

func (*Module) AttachTracepoint 

func (bpf *Module) AttachTracepoint(name string, fd int) error

AttachTracepoint attaches a tracepoint fd to a function The 'name' argument is in the format 'category:name'

func (*Module) AttachUprobe 

func (bpf *Module) AttachUprobe(name, symbol string, fd, pid int) error

AttachUprobe attaches a uprobe fd to the symbol in the library or binary 'name' The 'name' argument can be given as either a full library path (/usr/lib/..), a library without the lib prefix, or as a binary with full path (/bin/bash) A pid can be given to attach to, or -1 to attach to all processes

Presently attempts to trace processes running in a different namespace to the tracer will fail due to limitations around namespace-switching in multi-threaded programs (such as Go programs)

func (*Module) AttachUretprobe 

func (bpf *Module) AttachUretprobe(name, symbol string, fd, pid int) error

AttachUretprobe attaches a uretprobe fd to the symbol in the library or binary 'name' The 'name' argument can be given as either a full library path (/usr/lib/..), a library without the lib prefix, or as a binary with full path (/bin/bash) A pid can be given to attach to, or -1 to attach to all processes

Presently attempts to trace processes running in a different namespace to the tracer will fail due to limitations around namespace-switching in multi-threaded programs (such as Go programs)

func (*Module) AttachXDP 

func (bpf *Module) AttachXDP(devName string, fd int) error

AttachXDP attaches a xdp fd to a device.

func (*Module) AttachXDPWithFlags 

func (bpf *Module) AttachXDPWithFlags(devName string, fd int, flags uint32) error

AttachXDPWithFlags attaches a xdp fd to a device with flags.

func (*Module) Close 

func (bpf *Module) Close()

Close takes care of closing all kprobes opened by this modules and destroys the underlying libbpf module.

func (*Module) GetProgramTag 

func (bpf *Module) GetProgramTag(fd int) (tag uint64, err error)

GetProgramTag returns a tag for ebpf program under passed fd

func (*Module) Load 

func (bpf *Module) Load(name string, progType int, logLevel, logSize uint) (int, error)

Load a program.

func (*Module) LoadKprobe 

func (bpf *Module) LoadKprobe(name string) (int, error)

LoadKprobe loads a program of type BPF_PROG_TYPE_KPROBE.

func (*Module) LoadNet 

func (bpf *Module) LoadNet(name string) (int, error)

LoadNet loads a program of type BPF_PROG_TYPE_SCHED_ACT.

func (*Module) LoadPerfEvent 

func (bpf *Module) LoadPerfEvent(name string) (int, error)

LoadPerfEvent loads a program of type BPF_PROG_TYPE_PERF_EVENT

func (*Module) LoadRawTracepoint 

func (bpf *Module) LoadRawTracepoint(name string) (int, error)

LoadRawTracepoint loads a program of type BPF_PROG_TYPE_RAW_TRACEPOINT

func (*Module) LoadSocketFilter 

func (bpf *Module) LoadSocketFilter(name string) (int, error)

LoadSocketFilter loads a program of type BPF_PROG_TYPE_SOCKET_FILTER.

func (*Module) LoadTracepoint 

func (bpf *Module) LoadTracepoint(name string) (int, error)

LoadTracepoint loads a program of type BPF_PROG_TYPE_TRACEPOINT

func (*Module) LoadUprobe 

func (bpf *Module) LoadUprobe(name string) (int, error)

LoadUprobe loads a program of type BPF_PROG_TYPE_KPROBE.

func (*Module) RemoveXDP 

func (bpf *Module) RemoveXDP(devName string) error

RemoveXDP removes any xdp from this device.

func (*Module) TableDesc 

func (bpf *Module) TableDesc(id uint64) map[string]interface{}

TableDesc returns a map with table properties (name, fd, ...).

func (*Module) TableId 

func (bpf *Module) TableId(name string) C.size_t

TableId returns the id of a table.

func (*Module) TableIter 

func (bpf *Module) TableIter() <-chan map[string]interface{}

TableIter returns a receveier channel to iterate over entries.

func (*Module) TableSize 

func (bpf *Module) TableSize() uint64

TableSize returns the number of tables in the module.

type PerfMap 

type PerfMap struct {
	// contains filtered or unexported fields
}

func InitPerfMap 

func InitPerfMap(table *Table, receiverChan chan []byte, lostChan chan uint64) (*PerfMap, error)

InitPerfMap initializes a perf map with a receiver channel, with a default page_cnt.

func InitPerfMapWithPageCnt 

func InitPerfMapWithPageCnt(table *Table, receiverChan chan []byte, lostChan chan uint64, pageCnt int) (*PerfMap, error)

InitPerfMapWithPageCnt initializes a perf map with a receiver channel with a specified page_cnt.

func (*PerfMap) Start 

func (pm *PerfMap) Start()

Start to poll the perf map reader and send back event data over the connected channel.

func (*PerfMap) Stop 

func (pm *PerfMap) Stop()

Stop to poll the perf map readers after a maximum of 500ms (the timeout we use for perf_reader_poll). Ideally we would have a way to cancel the poll, but perf_reader_poll doesn't support that yet.

type Table 

type Table struct {
	// contains filtered or unexported fields
}

Table references a BPF table. The zero value cannot be used.

func NewTable 

func NewTable(id C.size_t, module *Module) *Table

New tables returns a refernce to a BPF table.

func (*Table) Config 

func (table *Table) Config() map[string]interface{}

Config returns the table properties (name, fd, ...).

func (*Table) Delete 

func (table *Table) Delete(key []byte) error

Delete a key.

func (*Table) DeleteAll 

func (table *Table) DeleteAll() error

DeleteAll deletes all entries from the table

func (*Table) DeleteP 

func (table *Table) DeleteP(key unsafe.Pointer) error

DeleteP a key.

func (*Table) Get 

func (table *Table) Get(key []byte) ([]byte, error)

Get takes a key and returns the value or nil, and an 'ok' style indicator.

func (*Table) GetP 

func (table *Table) GetP(key unsafe.Pointer) (unsafe.Pointer, error)

GetP takes a key and returns the value or nil.

func (*Table) ID 

func (table *Table) ID() string

ID returns the table id.

func (*Table) Iter 

func (table *Table) Iter() *TableIterator

Iter returns an iterator to list all table entries available as raw bytes.

func (*Table) KeyBytesToStr 

func (table *Table) KeyBytesToStr(key []byte) (string, error)

KeyBytesToStr returns the given key value formatted using the bcc-table's key string printer.

func (*Table) KeyStrToBytes 

func (table *Table) KeyStrToBytes(keyStr string) ([]byte, error)

func (*Table) LeafBytesToStr 

func (table *Table) LeafBytesToStr(leaf []byte) (string, error)

LeafBytesToStr returns the given leaf value formatted using the bcc-table's leaf string printer.

func (*Table) LeafStrToBytes 

func (table *Table) LeafStrToBytes(leafStr string) ([]byte, error)

func (*Table) Name 

func (table *Table) Name() string

Name returns the table name.

func (*Table) Set 

func (table *Table) Set(key, leaf []byte) error

Set a key to a value.

func (*Table) SetP 

func (table *Table) SetP(key, leaf unsafe.Pointer) error

SetP a key to a value as unsafe.Pointer.

type TableIterator 

type TableIterator struct {
	// contains filtered or unexported fields
}

TableIterator contains the current position for iteration over a *bcc.Table and provides methods for iteration.

func (*TableIterator) Err 

func (it *TableIterator) Err() error

Err returns the last error that ocurred while table.Iter oder iter.Next

func (*TableIterator) Key 

func (it *TableIterator) Key() []byte

Key returns the current key value of the iterator, if the most recent call to Next returned true. The slice is valid only until the next call to Next.

func (*TableIterator) Leaf 

func (it *TableIterator) Leaf() []byte

Leaf returns the current leaf value of the iterator, if the most recent call to Next returned true. The slice is valid only until the next call to Next.

func (*TableIterator) Next 

func (it *TableIterator) Next() bool

Next looks up the next element and return true if one is available.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.