eppolicymap

package
v1.7.12 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 4, 2020 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Overview

Package eppolicymap represents the map from an endpoint ID to its policy map. This map is of type BPF_MAP_TYPES_HASH_OF_MAPS where as noted above the key is the endpoint ID. It is used to lookup the policy from the socket context where unlike in the L2/L3 context, where the program has a direct lookup of the policy because each program is attached to an endpoint, socket programs run on all sockets regardless of endpoint. +groupName=maps

Index

Constants

View Source
const (
	// MaxEntries represents the maximum number of endpoints in the map
	MaxEntries = 65536
)

Variables

View Source
var (

	// EpPolicyMap is the global singleton of the endpoint policy map.
	EpPolicyMap *bpf.Map
)
View Source
var (
	MapName = "cilium_ep_to_policy"
)

Functions

func CreateEPPolicyMap

func CreateEPPolicyMap()

CreateEPPolicyMap will create both the innerMap (needed for map in map types) and then after BPFFS is mounted create the epPolicyMap. We only create the innerFd once to avoid having multiple inner maps.

func CreateWithName added in v1.7.0

func CreateWithName(mapName string) error

CreateWithName creates a new endpoint policy hash of maps for looking up an endpoint's policy map by the endpoint key.

The specified mapName allows non-standard map paths to be used, for instance for testing purposes.

func WriteEndpoint

func WriteEndpoint(f lxcmap.EndpointFrontend, pm *policymap.PolicyMap) error

WriteEndpoint writes the policy map file descriptor into the map so that the datapath side can do a lookup from EndpointKey->PolicyMap. Locking is handled in the usual way via Map lock. If sockops is disabled this will be a nop.

Types

type EPPolicyValue

type EPPolicyValue struct{ Fd uint32 }

+k8s:deepcopy-gen=true +k8s:deepcopy-gen:interfaces=github.com/cilium/cilium/pkg/bpf.MapValue

func (*EPPolicyValue) DeepCopy added in v1.5.1

func (in *EPPolicyValue) DeepCopy() *EPPolicyValue

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EPPolicyValue.

func (*EPPolicyValue) DeepCopyInto added in v1.5.1

func (in *EPPolicyValue) DeepCopyInto(out *EPPolicyValue)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*EPPolicyValue) DeepCopyMapValue added in v1.5.1

func (in *EPPolicyValue) DeepCopyMapValue() bpf.MapValue

DeepCopyMapValue is an autogenerated deepcopy function, copying the receiver, creating a new bpf.MapValue.

func (*EPPolicyValue) GetValuePtr

func (v *EPPolicyValue) GetValuePtr() unsafe.Pointer

GetValuePtr returns the unsafe value pointer to the Endpoint Policy fd

func (EPPolicyValue) String

func (v EPPolicyValue) String() string

type EndpointKey

type EndpointKey struct{ bpf.EndpointKey }

+k8s:deepcopy-gen=true +k8s:deepcopy-gen:interfaces=github.com/cilium/cilium/pkg/bpf.MapKey

func (*EndpointKey) DeepCopy added in v1.5.1

func (in *EndpointKey) DeepCopy() *EndpointKey

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EndpointKey.

func (*EndpointKey) DeepCopyInto added in v1.5.1

func (in *EndpointKey) DeepCopyInto(out *EndpointKey)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*EndpointKey) DeepCopyMapKey added in v1.5.1

func (in *EndpointKey) DeepCopyMapKey() bpf.MapKey

DeepCopyMapKey is an autogenerated deepcopy function, copying the receiver, creating a new bpf.MapKey.

func (EndpointKey) NewValue

func (k EndpointKey) NewValue() bpf.MapValue

NewValue returns a new empty instance of the Endpoint Policy fd

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL