linux

package
v0.0.0-...-e27d27a Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 27, 2024 License: Apache-2.0, MIT Imports: 14 Imported by: 287

Documentation

Overview

Package linux contains the constants and types needed to interface with a Linux kernel.

Index

Constants

View Source
const (
	IOCB_CMD_PREAD  = 0
	IOCB_CMD_PWRITE = 1
	IOCB_CMD_FSYNC  = 2
	IOCB_CMD_FDSYNC = 3
	// 4 was the experimental IOCB_CMD_PREADX.
	IOCB_CMD_POLL    = 5
	IOCB_CMD_NOOP    = 6
	IOCB_CMD_PREADV  = 7
	IOCB_CMD_PWRITEV = 8
)

I/O commands.

View Source
const (
	IOCB_FLAG_RESFD  = 1
	IOCB_FLAG_IOPRIO = 2
)

I/O flags.

View Source
const (
	VSyscallStartAddr uint64 = 0xffffffffff600000
	VSyscallEndAddr   uint64 = 0xffffffffff601000
)

Start and end addresses of the vsyscall page.

View Source
const (
	// AUDIT_ARCH_X86_64 identifies AMD64.
	AUDIT_ARCH_X86_64 = 0xc000003e
	// AUDIT_ARCH_AARCH64 identifies ARM64.
	AUDIT_ARCH_AARCH64 = 0xc00000b7
)

Audit numbers identify different system call APIs, from <uapi/linux/audit.h>

View Source
const (
	CAP_CHOWN              = Capability(0)
	CAP_DAC_OVERRIDE       = Capability(1)
	CAP_DAC_READ_SEARCH    = Capability(2)
	CAP_FOWNER             = Capability(3)
	CAP_FSETID             = Capability(4)
	CAP_KILL               = Capability(5)
	CAP_SETGID             = Capability(6)
	CAP_SETUID             = Capability(7)
	CAP_SETPCAP            = Capability(8)
	CAP_LINUX_IMMUTABLE    = Capability(9)
	CAP_NET_BIND_SERVICE   = Capability(10)
	CAP_NET_BROADCAST      = Capability(11)
	CAP_NET_ADMIN          = Capability(12)
	CAP_NET_RAW            = Capability(13)
	CAP_IPC_LOCK           = Capability(14)
	CAP_IPC_OWNER          = Capability(15)
	CAP_SYS_MODULE         = Capability(16)
	CAP_SYS_RAWIO          = Capability(17)
	CAP_SYS_CHROOT         = Capability(18)
	CAP_SYS_PTRACE         = Capability(19)
	CAP_SYS_PACCT          = Capability(20)
	CAP_SYS_ADMIN          = Capability(21)
	CAP_SYS_BOOT           = Capability(22)
	CAP_SYS_NICE           = Capability(23)
	CAP_SYS_RESOURCE       = Capability(24)
	CAP_SYS_TIME           = Capability(25)
	CAP_SYS_TTY_CONFIG     = Capability(26)
	CAP_MKNOD              = Capability(27)
	CAP_LEASE              = Capability(28)
	CAP_AUDIT_WRITE        = Capability(29)
	CAP_AUDIT_CONTROL      = Capability(30)
	CAP_SETFCAP            = Capability(31)
	CAP_MAC_OVERRIDE       = Capability(32)
	CAP_MAC_ADMIN          = Capability(33)
	CAP_SYSLOG             = Capability(34)
	CAP_WAKE_ALARM         = Capability(35)
	CAP_BLOCK_SUSPEND      = Capability(36)
	CAP_AUDIT_READ         = Capability(37)
	CAP_PERFMON            = Capability(38)
	CAP_BPF                = Capability(39)
	CAP_CHECKPOINT_RESTORE = Capability(40)

	// CAP_LAST_CAP is the highest-numbered capability.
	// Search for "CAP_LAST_CAP" to find other places that need to change.
	CAP_LAST_CAP = CAP_CHECKPOINT_RESTORE
)

Capabilities defined by Linux. Taken from the kernel's include/uapi/linux/capability.h. See capabilities(7) or that file for more detailed capability descriptions.

View Source
const (
	// LINUX_CAPABILITY_VERSION_1 causes the data pointer to be
	// interpreted as a pointer to a single cap_user_data_t. Since capability
	// sets are 64 bits and the "capability sets" in cap_user_data_t are 32
	// bits only, this causes the upper 32 bits to be implicitly 0.
	LINUX_CAPABILITY_VERSION_1 = 0x19980330

	// LINUX_CAPABILITY_VERSION_2 and LINUX_CAPABILITY_VERSION_3 cause the
	// data pointer to be interpreted as a pointer to an array of 2
	// cap_user_data_t, using the second to store the 32 MSB of each capability
	// set. Versions 2 and 3 are identical, but Linux printk's a warning on use
	// of version 2 due to a userspace API defect.
	LINUX_CAPABILITY_VERSION_2 = 0x20071026
	LINUX_CAPABILITY_VERSION_3 = 0x20080522

	// HighestCapabilityVersion is the highest supported
	// LINUX_CAPABILITY_VERSION_* version.
	HighestCapabilityVersion = LINUX_CAPABILITY_VERSION_3
)

Version numbers used by the capget/capset syscalls, defined in Linux's include/uapi/linux/capability.h.

View Source
const (
	// The flag decides the value of effective file capabilit
	VFS_CAP_FLAGS_EFFECTIVE = 0x000001
	// VFS_CAP_REVISION_1 was the original file capability implementation,
	// which supported 32-bit masks for file capabilities.
	VFS_CAP_REVISION_1 = 0x01000000
	// VFS_CAP_REVISION_2 allows for file capability masks that are 64
	// bits in size, and was necessary as the number of supported
	// capabilities grew beyond 32.
	VFS_CAP_REVISION_2 = 0x02000000
	// VFS_CAP_REVISION_3 are provided to support namespaced file capabilities.
	// As with version 2 file capabilities, version 3 capability
	// masks are 64 bits in size.  But in addition, the root user
	// ID of namespace is encoded in the security.capability
	// extended attribute.
	VFS_CAP_REVISION_3    = 0x03000000
	VFS_CAP_REVISION_MASK = 0xFF000000
	// The encoded VFS_CAP_REVISION_1 data's number of bytes.
	XATTR_CAPS_SZ_1 = 12
	// The encoded VFS_CAP_REVISION_2 data's number of bytes.
	XATTR_CAPS_SZ_2 = 20
	// The encoded VFS_CAP_REVISION_3 data's number of bytes.
	XATTR_CAPS_SZ_3 = 24
)

Constants that are used by file capability extended attributes, defined in Linux's include/uapi/linux/capability.h.

View Source
const (
	CSIGNAL = 0xff

	CLONE_VM             = 0x100
	CLONE_FS             = 0x200
	CLONE_FILES          = 0x400
	CLONE_SIGHAND        = 0x800
	CLONE_PIDFD          = 0x1000
	CLONE_PTRACE         = 0x2000
	CLONE_VFORK          = 0x4000
	CLONE_PARENT         = 0x8000
	CLONE_THREAD         = 0x10000
	CLONE_NEWNS          = 0x20000
	CLONE_SYSVSEM        = 0x40000
	CLONE_SETTLS         = 0x80000
	CLONE_PARENT_SETTID  = 0x100000
	CLONE_CHILD_CLEARTID = 0x200000
	CLONE_DETACHED       = 0x400000
	CLONE_UNTRACED       = 0x800000
	CLONE_CHILD_SETTID   = 0x1000000
	CLONE_NEWCGROUP      = 0x2000000
	CLONE_NEWUTS         = 0x4000000
	CLONE_NEWIPC         = 0x8000000
	CLONE_NEWUSER        = 0x10000000
	CLONE_NEWPID         = 0x20000000
	CLONE_NEWNET         = 0x40000000
	CLONE_IO             = 0x80000000

	// Only passable via clone3(2).
	CLONE_CLEAR_SIGHAND = 0x100000000
	CLONE_INTO_CGROUP   = 0x200000000

	// Sizeof first published struct.
	CLONE_ARGS_SIZE_VER0 = 64
	// Sizeof third published struct.
	CLONE_ARGS_SIZE_VER2 = 88
)

Clone constants per clone(2).

View Source
const (
	// UNNAMED_MAJOR is the major device number for "unnamed" devices, whose
	// minor numbers are dynamically allocated by the kernel.
	UNNAMED_MAJOR = 0

	// MEM_MAJOR is the major device number for "memory" character devices.
	MEM_MAJOR = 1

	// TTYAUX_MAJOR is the major device number for alternate TTY devices.
	TTYAUX_MAJOR = 5

	// MISC_MAJOR is the major device number for non-serial mice, misc feature
	// devices.
	MISC_MAJOR = 10

	// UNIX98_PTY_MASTER_MAJOR is the initial major device number for
	// Unix98 PTY masters.
	UNIX98_PTY_MASTER_MAJOR = 128

	// UNIX98_PTY_REPLICA_MAJOR is the initial major device number for
	// Unix98 PTY replicas.
	UNIX98_PTY_REPLICA_MAJOR = 136
)

Character device IDs.

See Documentations/devices.txt and uapi/linux/major.h.

View Source
const (
	// AT_NULL is the end of the auxiliary vector.
	AT_NULL = 0

	// AT_IGNORE should be ignored.
	AT_IGNORE = 1

	// AT_EXECFD is the file descriptor of the program.
	AT_EXECFD = 2

	// AT_PHDR points to the program headers.
	AT_PHDR = 3

	// AT_PHENT is the size of a program header entry.
	AT_PHENT = 4

	// AT_PHNUM is the number of program headers.
	AT_PHNUM = 5

	// AT_PAGESZ is the system page size.
	AT_PAGESZ = 6

	// AT_BASE is the base address of the interpreter.
	AT_BASE = 7

	// AT_FLAGS are flags.
	AT_FLAGS = 8

	// AT_ENTRY is the program entry point.
	AT_ENTRY = 9

	// AT_NOTELF indicates that the program is not an ELF binary.
	AT_NOTELF = 10

	// AT_UID is the real UID.
	AT_UID = 11

	// AT_EUID is the effective UID.
	AT_EUID = 12

	// AT_GID is the real GID.
	AT_GID = 13

	// AT_EGID is the effective GID.
	AT_EGID = 14

	// AT_PLATFORM is a string identifying the CPU.
	AT_PLATFORM = 15

	// AT_HWCAP are arch-dependent CPU capabilities.
	AT_HWCAP = 16

	// AT_CLKTCK is the frequency used by times(2).
	AT_CLKTCK = 17

	// AT_SECURE indicate secure mode.
	AT_SECURE = 23

	// AT_BASE_PLATFORM is a string identifying the "real" platform. It may
	// differ from AT_PLATFORM.
	AT_BASE_PLATFORM = 24

	// AT_RANDOM points to 16-bytes of random data.
	AT_RANDOM = 25

	// AT_HWCAP2 is an extension of AT_HWCAP.
	AT_HWCAP2 = 26

	// AT_EXECFN is the path used to execute the program.
	AT_EXECFN = 31

	// AT_SYSINFO_EHDR is the address of the VDSO.
	AT_SYSINFO_EHDR = 33
)

Linux auxiliary vector entry types.

View Source
const (
	// NT_PRSTATUS is for general purpose register.
	NT_PRSTATUS = 0x1

	// NT_PRFPREG is for float point register.
	NT_PRFPREG = 0x2

	// NT_X86_XSTATE is for x86 extended state using xsave.
	NT_X86_XSTATE = 0x202

	// NT_ARM_TLS is for ARM TLS register.
	NT_ARM_TLS = 0x401
)

ELF ET_CORE and ptrace GETREGSET/SETREGSET register set types.

See include/uapi/linux/elf.h.

View Source
const (
	EPOLLIN     = 0x1
	EPOLLPRI    = 0x2
	EPOLLOUT    = 0x4
	EPOLLERR    = 0x8
	EPOLLHUP    = 0x10
	EPOLLRDNORM = 0x40
	EPOLLRDBAND = 0x80
	EPOLLWRNORM = 0x100
	EPOLLWRBAND = 0x200
	EPOLLMSG    = 0x400
	EPOLLRDHUP  = 0x2000
)

Event masks.

View Source
const (
	EPOLLEXCLUSIVE = 1 << 28
	EPOLLWAKEUP    = 1 << 29
	EPOLLONESHOT   = 1 << 30
	EPOLLET        = 1 << 31

	// EP_PRIVATE_BITS is fs/eventpoll.c:EP_PRIVATE_BITS, the set of all bits
	// in an epoll event mask that correspond to flags rather than I/O events.
	EP_PRIVATE_BITS = EPOLLEXCLUSIVE | EPOLLWAKEUP | EPOLLONESHOT | EPOLLET
)

Per-file descriptor flags.

View Source
const (
	EPOLL_CLOEXEC  = 0x80000
	EPOLL_NONBLOCK = 0x800
)

Operation flags.

View Source
const (
	EPOLL_CTL_ADD = 0x1
	EPOLL_CTL_DEL = 0x2
	EPOLL_CTL_MOD = 0x3
)

Control operations.

View Source
const (
	SO_EE_ORIGIN_NONE  = 0
	SO_EE_ORIGIN_LOCAL = 1
	SO_EE_ORIGIN_ICMP  = 2
	SO_EE_ORIGIN_ICMP6 = 3
)

Socket error origin codes as defined in include/uapi/linux/errqueue.h.

View Source
const (
	EFD_SEMAPHORE = 0x1
	EFD_CLOEXEC   = O_CLOEXEC
	EFD_NONBLOCK  = O_NONBLOCK
)

Constants for eventfd2(2).

View Source
const (
	POSIX_FADV_NORMAL     = 0
	POSIX_FADV_RANDOM     = 1
	POSIX_FADV_SEQUENTIAL = 2
	POSIX_FADV_WILLNEED   = 3
	POSIX_FADV_DONTNEED   = 4
	POSIX_FADV_NOREUSE    = 5
)

Fadvise constants.

View Source
const (
	F_DUPFD         = 0
	F_GETFD         = 1
	F_SETFD         = 2
	F_GETFL         = 3
	F_SETFL         = 4
	F_GETLK         = 5
	F_SETLK         = 6
	F_SETLKW        = 7
	F_SETOWN        = 8
	F_GETOWN        = 9
	F_SETSIG        = 10
	F_GETSIG        = 11
	F_SETOWN_EX     = 15
	F_GETOWN_EX     = 16
	F_OFD_GETLK     = 36
	F_OFD_SETLK     = 37
	F_OFD_SETLKW    = 38
	F_DUPFD_CLOEXEC = 1024 + 6
	F_SETPIPE_SZ    = 1024 + 7
	F_GETPIPE_SZ    = 1024 + 8
)

Commands from linux/fcntl.h.

View Source
const (
	F_RDLCK = 0
	F_WRLCK = 1
	F_UNLCK = 2
)

Commands for F_SETLK.

View Source
const (
	F_OWNER_TID  = 0
	F_OWNER_PID  = 1
	F_OWNER_PGRP = 2
)

Owner types for F_SETOWN_EX and F_GETOWN_EX.

View Source
const (
	O_ACCMODE  = 000000003
	O_RDONLY   = 000000000
	O_WRONLY   = 000000001
	O_RDWR     = 000000002
	O_CREAT    = 000000100
	O_EXCL     = 000000200
	O_NOCTTY   = 000000400
	O_TRUNC    = 000001000
	O_APPEND   = 000002000
	O_NONBLOCK = 000004000
	O_DSYNC    = 000010000
	O_ASYNC    = 000020000
	O_NOATIME  = 001000000
	O_CLOEXEC  = 002000000
	O_SYNC     = 004000000 // __O_SYNC in Linux
	O_PATH     = 010000000
	O_TMPFILE  = 020000000 // __O_TMPFILE in Linux
)

Constants for open(2).

View Source
const (
	MS_RDONLY      = 0x1
	MS_NOSUID      = 0x2
	MS_NODEV       = 0x4
	MS_NOEXEC      = 0x8
	MS_SYNCHRONOUS = 0x10
	MS_REMOUNT     = 0x20
	MS_MANDLOCK    = 0x40
	MS_DIRSYNC     = 0x80
	MS_NOATIME     = 0x400
	MS_NODIRATIME  = 0x800
	MS_BIND        = 0x1000
	MS_MOVE        = 0x2000
	MS_REC         = 0x4000

	MS_POSIXACL    = 0x10000
	MS_UNBINDABLE  = 0x20000
	MS_PRIVATE     = 0x40000
	MS_SLAVE       = 0x80000
	MS_SHARED      = 0x100000
	MS_RELATIME    = 0x200000
	MS_KERNMOUNT   = 0x400000
	MS_I_VERSION   = 0x800000
	MS_STRICTATIME = 0x1000000

	MS_MGC_VAL = 0xC0ED0000
	MS_MGC_MSK = 0xffff0000
)

Constants for mount(2).

View Source
const (
	MNT_FORCE       = 0x1
	MNT_DETACH      = 0x2
	MNT_EXPIRE      = 0x4
	UMOUNT_NOFOLLOW = 0x8
)

Constants for umount2(2).

View Source
const (
	AT_SYMLINK_FOLLOW = 0x400
	AT_EMPTY_PATH     = 0x1000
)

Constants for linkat(2) and fchownat(2).

View Source
const (
	UTIME_NOW  = ((1 << 30) - 1)
	UTIME_OMIT = ((1 << 30) - 2)
)

Special values for the ns field in utimensat(2).

View Source
const (
	LOCK_SH = 1 // shared lock
	LOCK_EX = 2 // exclusive lock
	LOCK_NB = 4 // or'd with one of the above to prevent blocking
	LOCK_UN = 8 // remove lock
)

Constants for flock(2).

View Source
const (
	S_IFMT   = 0170000
	S_IFSOCK = 0140000
	S_IFLNK  = 0120000
	S_IFREG  = 0100000
	S_IFBLK  = 060000
	S_IFDIR  = 040000
	S_IFCHR  = 020000
	S_IFIFO  = 010000

	FileTypeMask        = S_IFMT
	ModeSocket          = S_IFSOCK
	ModeSymlink         = S_IFLNK
	ModeRegular         = S_IFREG
	ModeBlockDevice     = S_IFBLK
	ModeDirectory       = S_IFDIR
	ModeCharacterDevice = S_IFCHR
	ModeNamedPipe       = S_IFIFO

	S_ISUID = 04000
	S_ISGID = 02000
	S_ISVTX = 01000

	ModeSetUID = S_ISUID
	ModeSetGID = S_ISGID
	ModeSticky = S_ISVTX

	ModeUserAll     = 0700
	ModeUserRead    = 0400
	ModeUserWrite   = 0200
	ModeUserExec    = 0100
	ModeGroupAll    = 0070
	ModeGroupRead   = 0040
	ModeGroupWrite  = 0020
	ModeGroupExec   = 0010
	ModeOtherAll    = 0007
	ModeOtherRead   = 0004
	ModeOtherWrite  = 0002
	ModeOtherExec   = 0001
	PermissionsMask = 0777
)

Values for mode_t.

View Source
const (
	DT_UNKNOWN = 0
	DT_FIFO    = 1
	DT_CHR     = 2
	DT_DIR     = 4
	DT_BLK     = 6
	DT_REG     = 8
	DT_LNK     = 10
	DT_SOCK    = 12
	DT_WHT     = 14
)

Values for linux_dirent64.d_type.

View Source
const (
	FT_UNKNOWN  = 0
	FT_REG_FILE = 1
	FT_DIR      = 2
	FT_CHRDEV   = 3
	FT_BLKDEV   = 4
	FT_FIFO     = 5
	FT_SOCK     = 6
	FT_SYMLINK  = 7
	FT_MAX      = 8
)

Values for fs on-disk file types.

View Source
const (
	// NOTE(b/120162627): gVisor does not implement the RWF_HIPRI feature, but
	// the flag is accepted as a valid flag argument for preadv2/pwritev2 and
	// silently ignored.
	RWF_HIPRI = 0x00000001
	RWF_DSYNC = 0x00000002
	RWF_SYNC  = 0x00000004
	RWF_VALID = RWF_HIPRI | RWF_DSYNC | RWF_SYNC
)

Values for preadv2/pwritev2.

View Source
const (
	AT_NO_AUTOMOUNT       = 0x800
	AT_STATX_SYNC_TYPE    = 0x6000
	AT_STATX_SYNC_AS_STAT = 0x0000
	AT_STATX_FORCE_SYNC   = 0x2000
	AT_STATX_DONT_SYNC    = 0x4000
)

Flags for statx.

View Source
const (
	STATX_TYPE        = 0x00000001
	STATX_MODE        = 0x00000002
	STATX_NLINK       = 0x00000004
	STATX_UID         = 0x00000008
	STATX_GID         = 0x00000010
	STATX_ATIME       = 0x00000020
	STATX_MTIME       = 0x00000040
	STATX_CTIME       = 0x00000080
	STATX_INO         = 0x00000100
	STATX_SIZE        = 0x00000200
	STATX_BLOCKS      = 0x00000400
	STATX_BASIC_STATS = 0x000007ff
	STATX_BTIME       = 0x00000800
	STATX_ALL         = 0x00000fff
	STATX__RESERVED   = 0x80000000
)

Mask values for statx.

View Source
const (
	STATX_ATTR_COMPRESSED = 0x00000004
	STATX_ATTR_IMMUTABLE  = 0x00000010
	STATX_ATTR_APPEND     = 0x00000020
	STATX_ATTR_NODUMP     = 0x00000040
	STATX_ATTR_ENCRYPTED  = 0x00000800
	STATX_ATTR_AUTOMOUNT  = 0x00001000
)

Bitmasks for Statx.Attributes and Statx.AttributesMask, from include/uapi/linux/stat.h.

View Source
const (
	MFD_CLOEXEC       = 0x0001
	MFD_ALLOW_SEALING = 0x0002
)

Constants for memfd_create(2). Source: include/uapi/linux/memfd.h

View Source
const (
	F_LINUX_SPECIFIC_BASE = 1024
	F_ADD_SEALS           = F_LINUX_SPECIFIC_BASE + 9
	F_GET_SEALS           = F_LINUX_SPECIFIC_BASE + 10

	F_SEAL_SEAL   = 0x0001 // Prevent further seals from being set.
	F_SEAL_SHRINK = 0x0002 // Prevent file from shrinking.
	F_SEAL_GROW   = 0x0004 // Prevent file from growing.
	F_SEAL_WRITE  = 0x0008 // Prevent writes.
)

Constants related to file seals. Source: include/uapi/{asm-generic,linux}/fcntl.h

View Source
const (
	FALLOC_FL_KEEP_SIZE      = 0x01
	FALLOC_FL_PUNCH_HOLE     = 0x02
	FALLOC_FL_NO_HIDE_STALE  = 0x04
	FALLOC_FL_COLLAPSE_RANGE = 0x08
	FALLOC_FL_ZERO_RANGE     = 0x10
	FALLOC_FL_INSERT_RANGE   = 0x20
	FALLOC_FL_UNSHARE_RANGE  = 0x40
)

Constants related to fallocate(2). Source: include/uapi/linux/falloc.h

View Source
const (
	CLOSE_RANGE_UNSHARE = uint32(1 << 1)
	CLOSE_RANGE_CLOEXEC = uint32(1 << 2)
)

Constants related to close_range(2). Source: /include/uapi/linux/close_range.h

View Source
const (
	O_DIRECT    = 000040000
	O_LARGEFILE = 000100000
	O_DIRECTORY = 000200000
	O_NOFOLLOW  = 000400000
)

Constants for open(2).

View Source
const (
	ANON_INODE_FS_MAGIC   = 0x09041934
	CGROUP_SUPER_MAGIC    = 0x27e0eb
	DEVPTS_SUPER_MAGIC    = 0x00001cd1
	EXT_SUPER_MAGIC       = 0xef53
	FUSE_SUPER_MAGIC      = 0x65735546
	MQUEUE_MAGIC          = 0x19800202
	NSFS_MAGIC            = 0x6e736673
	OVERLAYFS_SUPER_MAGIC = 0x794c7630
	PIPEFS_MAGIC          = 0x50495045
	PROC_SUPER_MAGIC      = 0x9fa0
	RAMFS_MAGIC           = 0x09041934
	SOCKFS_MAGIC          = 0x534F434B
	SYSFS_MAGIC           = 0x62656572
	TMPFS_MAGIC           = 0x01021994
	V9FS_MAGIC            = 0x01021997
)

Filesystem types used in statfs(2).

See linux/magic.h.

View Source
const (
	NAME_MAX = 255
	PATH_MAX = 4096
)

Filesystem path limits, from uapi/linux/limits.h.

View Source
const (
	ST_RDONLY      = 0x0001
	ST_NOSUID      = 0x0002
	ST_NODEV       = 0x0004
	ST_NOEXEC      = 0x0008
	ST_SYNCHRONOUS = 0x0010
	ST_VALID       = 0x0020
	ST_MANDLOCK    = 0x0040
	ST_NOATIME     = 0x0400
	ST_NODIRATIME  = 0x0800
	ST_RELATIME    = 0x1000
	ST_NOSYMFOLLOW = 0x2000
)

The bit mask f_flags in struct statfs, from include/linux/statfs.h

View Source
const (
	SEEK_SET  = 0
	SEEK_CUR  = 1
	SEEK_END  = 2
	SEEK_DATA = 3
	SEEK_HOLE = 4
)

Whence argument to lseek(2), from include/uapi/linux/fs.h.

View Source
const (
	SYNC_FILE_RANGE_WAIT_BEFORE = 1
	SYNC_FILE_RANGE_WRITE       = 2
	SYNC_FILE_RANGE_WAIT_AFTER  = 4
)

Sync_file_range flags, from include/uapi/linux/fs.h

View Source
const (
	RENAME_NOREPLACE = (1 << 0) // Don't overwrite target.
	RENAME_EXCHANGE  = (1 << 1) // Exchange src and dst.
	RENAME_WHITEOUT  = (1 << 2) // Whiteout src.
)

Flag argument to renameat2(2), from include/uapi/linux/fs.h.

View Source
const (
	FUSE_LOOKUP   FUSEOpcode = 1
	FUSE_FORGET              = 2 /* no reply */
	FUSE_GETATTR             = 3
	FUSE_SETATTR             = 4
	FUSE_READLINK            = 5
	FUSE_SYMLINK             = 6

	FUSE_MKNOD   = 8
	FUSE_MKDIR   = 9
	FUSE_UNLINK  = 10
	FUSE_RMDIR   = 11
	FUSE_RENAME  = 12
	FUSE_LINK    = 13
	FUSE_OPEN    = 14
	FUSE_READ    = 15
	FUSE_WRITE   = 16
	FUSE_STATFS  = 17
	FUSE_RELEASE = 18

	FUSE_FSYNC        = 20
	FUSE_SETXATTR     = 21
	FUSE_GETXATTR     = 22
	FUSE_LISTXATTR    = 23
	FUSE_REMOVEXATTR  = 24
	FUSE_FLUSH        = 25
	FUSE_INIT         = 26
	FUSE_OPENDIR      = 27
	FUSE_READDIR      = 28
	FUSE_RELEASEDIR   = 29
	FUSE_FSYNCDIR     = 30
	FUSE_GETLK        = 31
	FUSE_SETLK        = 32
	FUSE_SETLKW       = 33
	FUSE_ACCESS       = 34
	FUSE_CREATE       = 35
	FUSE_INTERRUPT    = 36
	FUSE_BMAP         = 37
	FUSE_DESTROY      = 38
	FUSE_IOCTL        = 39
	FUSE_POLL         = 40
	FUSE_NOTIFY_REPLY = 41
	FUSE_BATCH_FORGET = 42
	FUSE_FALLOCATE    = 43
)

Opcodes for FUSE operations.

Analogous to the opcodes in include/linux/fuse.h.

View Source
const (
	FUSE_ASYNC_READ       = 1 << 0
	FUSE_POSIX_LOCKS      = 1 << 1
	FUSE_FILE_OPS         = 1 << 2
	FUSE_ATOMIC_O_TRUNC   = 1 << 3
	FUSE_EXPORT_SUPPORT   = 1 << 4
	FUSE_BIG_WRITES       = 1 << 5
	FUSE_DONT_MASK        = 1 << 6
	FUSE_SPLICE_WRITE     = 1 << 7
	FUSE_SPLICE_MOVE      = 1 << 8
	FUSE_SPLICE_READ      = 1 << 9
	FUSE_FLOCK_LOCKS      = 1 << 10
	FUSE_HAS_IOCTL_DIR    = 1 << 11
	FUSE_AUTO_INVAL_DATA  = 1 << 12
	FUSE_DO_READDIRPLUS   = 1 << 13
	FUSE_READDIRPLUS_AUTO = 1 << 14
	FUSE_ASYNC_DIO        = 1 << 15
	FUSE_WRITEBACK_CACHE  = 1 << 16
	FUSE_NO_OPEN_SUPPORT  = 1 << 17
	FUSE_MAX_PAGES        = 1 << 22 // From FUSE 7.28
)

FUSE_INIT flags, consistent with the ones in include/uapi/linux/fuse.h. Our target version is 7.23 but we have few implemented in advance.

View Source
const (
	FUSE_KERNEL_VERSION       = 7
	FUSE_KERNEL_MINOR_VERSION = 31
)

currently supported FUSE protocol version numbers.

View Source
const (
	FUSE_NAME_MAX     = 1024
	FUSE_PAGE_SIZE    = 4096
	FUSE_DIRENT_ALIGN = 8
)

Constants relevant to FUSE operations.

View Source
const (
	// FOPEN_DIRECT_IO indicates bypassing page cache for this opened file.
	FOPEN_DIRECT_IO = 1 << 0
	// FOPEN_KEEP_CACHE avoids invalidating the data cache on open.
	FOPEN_KEEP_CACHE = 1 << 1
	// FOPEN_NONSEEKABLE indicates the file cannot be seeked.
	FOPEN_NONSEEKABLE = 1 << 2
)

flags returned by OPEN request.

View Source
const (
	FATTR_MODE      = (1 << 0)
	FATTR_UID       = (1 << 1)
	FATTR_GID       = (1 << 2)
	FATTR_SIZE      = (1 << 3)
	FATTR_ATIME     = (1 << 4)
	FATTR_MTIME     = (1 << 5)
	FATTR_FH        = (1 << 6)
	FATTR_ATIME_NOW = (1 << 7)
	FATTR_MTIME_NOW = (1 << 8)
	FATTR_LOCKOWNER = (1 << 9)
	FATTR_CTIME     = (1 << 10)
)

FATTR_* consts are the attribute flags defined in include/uapi/linux/fuse.h. These should be or-ed together for setattr to know what has been changed.

View Source
const (
	FUTEX_WAIT            = 0
	FUTEX_WAKE            = 1
	FUTEX_FD              = 2
	FUTEX_REQUEUE         = 3
	FUTEX_CMP_REQUEUE     = 4
	FUTEX_WAKE_OP         = 5
	FUTEX_LOCK_PI         = 6
	FUTEX_UNLOCK_PI       = 7
	FUTEX_TRYLOCK_PI      = 8
	FUTEX_WAIT_BITSET     = 9
	FUTEX_WAKE_BITSET     = 10
	FUTEX_WAIT_REQUEUE_PI = 11
	FUTEX_CMP_REQUEUE_PI  = 12

	FUTEX_PRIVATE_FLAG   = 128
	FUTEX_CLOCK_REALTIME = 256
)

From <linux/futex.h> and <sys/time.h>. Flags are used in syscall futex(2).

View Source
const (
	FUTEX_OP_SET         = 0
	FUTEX_OP_ADD         = 1
	FUTEX_OP_OR          = 2
	FUTEX_OP_ANDN        = 3
	FUTEX_OP_XOR         = 4
	FUTEX_OP_OPARG_SHIFT = 8
	FUTEX_OP_CMP_EQ      = 0
	FUTEX_OP_CMP_NE      = 1
	FUTEX_OP_CMP_LT      = 2
	FUTEX_OP_CMP_LE      = 3
	FUTEX_OP_CMP_GT      = 4
	FUTEX_OP_CMP_GE      = 5
)

These are flags are from <linux/futex.h> and are used in FUTEX_WAKE_OP to define the operations.

View Source
const (
	FUTEX_WAITERS    = 0x80000000
	FUTEX_OWNER_DIED = 0x40000000
)

Constants used for priority-inheritance futexes.

View Source
const (
	// IN_ACCESS indicates a file was accessed.
	IN_ACCESS = 0x00000001
	// IN_MODIFY indicates a file was modified.
	IN_MODIFY = 0x00000002
	// IN_ATTRIB indicates a watch target's metadata changed.
	IN_ATTRIB = 0x00000004
	// IN_CLOSE_WRITE indicates a writable file was closed.
	IN_CLOSE_WRITE = 0x00000008
	// IN_CLOSE_NOWRITE indicates a non-writable file was closed.
	IN_CLOSE_NOWRITE = 0x00000010
	// IN_OPEN indicates a file was opened.
	IN_OPEN = 0x00000020
	// IN_MOVED_FROM indicates a file was moved from X.
	IN_MOVED_FROM = 0x00000040
	// IN_MOVED_TO indicates a file was moved to Y.
	IN_MOVED_TO = 0x00000080
	// IN_CREATE indicates a file was created in a watched directory.
	IN_CREATE = 0x00000100
	// IN_DELETE indicates a file was deleted in a watched directory.
	IN_DELETE = 0x00000200
	// IN_DELETE_SELF indicates a watch target itself was deleted.
	IN_DELETE_SELF = 0x00000400
	// IN_MOVE_SELF indicates a watch target itself was moved.
	IN_MOVE_SELF = 0x00000800
	// IN_ALL_EVENTS is a mask for all observable userspace events.
	IN_ALL_EVENTS = 0x00000fff
)

Inotify events observable by userspace. These directly correspond to filesystem operations and there may only be a single of them per inotify event read from an inotify fd.

View Source
const (
	// IN_UNMOUNT indicates the backing filesystem was unmounted.
	IN_UNMOUNT = 0x00002000
	// IN_Q_OVERFLOW indicates the event queued overflowed.
	IN_Q_OVERFLOW = 0x00004000
	// IN_IGNORED indicates a watch was removed, either implicitly or through
	// inotify_rm_watch(2).
	IN_IGNORED = 0x00008000
	// IN_ISDIR indicates the subject of an event was a directory.
	IN_ISDIR = 0x40000000
)

Inotify control events. These may be present in their own events, or ORed with other observable events.

View Source
const (
	// IN_ONLYDIR indicates that a path should be watched only if it's a
	// directory.
	IN_ONLYDIR = 0x01000000
	// IN_DONT_FOLLOW indicates that the watch path shouldn't be resolved if
	// it's a symlink.
	IN_DONT_FOLLOW = 0x02000000
	// IN_EXCL_UNLINK indicates events to this watch from unlinked objects
	// should be filtered out.
	IN_EXCL_UNLINK = 0x04000000
	// IN_MASK_ADD indicates the provided mask should be ORed into any existing
	// watch on the provided path.
	IN_MASK_ADD = 0x20000000
	// IN_ONESHOT indicates the watch should be removed after one event.
	IN_ONESHOT = 0x80000000
)

Feature flags for inotify_add_watch(2).

View Source
const (
	// IN_CLOEXEC is an alias for O_CLOEXEC. It indicates that the inotify
	// fd should be closed on exec(2) and friends.
	IN_CLOEXEC = 0x00080000
	// IN_NONBLOCK is an alias for O_NONBLOCK. It indicates I/O syscall on the
	// inotify fd should not block.
	IN_NONBLOCK = 0x00000800
)

Feature flags for inotify_init1(2).

View Source
const (
	TCGETS      = 0x00005401
	TCSETS      = 0x00005402
	TCSETSW     = 0x00005403
	TCSETSF     = 0x00005404
	TCSBRK      = 0x00005409
	TIOCEXCL    = 0x0000540c
	TIOCNXCL    = 0x0000540d
	TIOCSCTTY   = 0x0000540e
	TIOCGPGRP   = 0x0000540f
	TIOCSPGRP   = 0x00005410
	TIOCOUTQ    = 0x00005411
	TIOCSTI     = 0x00005412
	TIOCGWINSZ  = 0x00005413
	TIOCSWINSZ  = 0x00005414
	TIOCMGET    = 0x00005415
	TIOCMBIS    = 0x00005416
	TIOCMBIC    = 0x00005417
	TIOCMSET    = 0x00005418
	TIOCINQ     = 0x0000541b
	FIONREAD    = TIOCINQ
	FIONBIO     = 0x00005421
	TIOCSETD    = 0x00005423
	TIOCNOTTY   = 0x00005422
	TIOCGETD    = 0x00005424
	TCSBRKP     = 0x00005425
	TIOCSBRK    = 0x00005427
	TIOCCBRK    = 0x00005428
	TIOCGSID    = 0x00005429
	TIOCGPTN    = 0x80045430
	TIOCSPTLCK  = 0x40045431
	TIOCGDEV    = 0x80045432
	TIOCVHANGUP = 0x00005437
	TCFLSH      = 0x0000540b
	TIOCCONS    = 0x0000541d
	TIOCSSERIAL = 0x0000541f
	TIOCGEXCL   = 0x80045440
	TIOCGPTPEER = 0x80045441
	TIOCGICOUNT = 0x0000545d
	FIONCLEX    = 0x00005450
	FIOCLEX     = 0x00005451
	FIOASYNC    = 0x00005452
	FIOSETOWN   = 0x00008901
	SIOCSPGRP   = 0x00008902
	FIOGETOWN   = 0x00008903
	SIOCGPGRP   = 0x00008904
)

ioctl(2) requests provided by asm-generic/ioctls.h

These are ordered by request number (low byte).

View Source
const (
	SIOCGIFNAME    = 0x8910
	SIOCGIFCONF    = 0x8912
	SIOCGIFFLAGS   = 0x8913
	SIOCGIFADDR    = 0x8915
	SIOCGIFDSTADDR = 0x8917
	SIOCGIFBRDADDR = 0x8919
	SIOCGIFNETMASK = 0x891b
	SIOCGIFMETRIC  = 0x891d
	SIOCGIFMTU     = 0x8921
	SIOCGIFMEM     = 0x891f
	SIOCGIFHWADDR  = 0x8927
	SIOCGIFINDEX   = 0x8933
	SIOCGIFPFLAGS  = 0x8935
	SIOCGIFTXQLEN  = 0x8942
	SIOCETHTOOL    = 0x8946
	SIOCGMIIPHY    = 0x8947
	SIOCGMIIREG    = 0x8948
	SIOCGIFMAP     = 0x8970
)

ioctl(2) requests provided by uapi/linux/sockios.h

View Source
const (
	IOC_NONE  = 0
	IOC_WRITE = 1
	IOC_READ  = 2
)

ioctl(2) directions. Used to calculate requests number. Constants from asm-generic/ioctl.h.

View Source
const (
	IOC_NRBITS   = 8
	IOC_TYPEBITS = 8
	IOC_SIZEBITS = 14
	IOC_DIRBITS  = 2

	IOC_NRSHIFT   = 0
	IOC_TYPESHIFT = IOC_NRSHIFT + IOC_NRBITS
	IOC_SIZESHIFT = IOC_TYPESHIFT + IOC_TYPEBITS
	IOC_DIRSHIFT  = IOC_SIZESHIFT + IOC_SIZEBITS
)

Constants from asm-generic/ioctl.h.

View Source
const (
	KCOV_TRACE_PC  = 0
	KCOV_TRACE_CMP = 1
)

Kcov trace types from include/uapi/linux/kcov.h.

View Source
const (
	KCOV_MODE_DISABLED  = 0
	KCOV_MODE_INIT      = 1
	KCOV_MODE_TRACE_PC  = 2
	KCOV_MODE_TRACE_CMP = 3
)

Kcov state constants from include/uapi/linux/kcov.h.

View Source
const (
	IFF_TUN      = 0x0001
	IFF_TAP      = 0x0002
	IFF_NO_PI    = 0x1000
	IFF_NOFILTER = 0x1000

	// According to linux/if_tun.h "This flag has no real effect"
	IFF_ONE_QUEUE = 0x2000
)

Flags from net/if_tun.h

View Source
const (
	IORING_SETUP_IOPOLL     = (1 << 0)
	IORING_SETUP_SQPOLL     = (1 << 1)
	IORING_SETUP_SQ_AFF     = (1 << 2)
	IORING_SETUP_CQSIZE     = (1 << 3)
	IORING_SETUP_CLAMP      = (1 << 4)
	IORING_SETUP_ATTACH_WQ  = (1 << 5)
	IORING_SETUP_R_DISABLED = (1 << 6)
	IORING_SETUP_SUBMIT_ALL = (1 << 7)
)

Constants for io_uring_setup(2). See include/uapi/linux/io_uring.h.

View Source
const (
	IORING_SETUP_COOP_TASKRUN = (1 << 8)
	IORING_SETUP_TASKRUN_FLAG = (1 << 9)
	IORING_SETUP_SQE128       = (1 << 10)
	IORING_SETUP_CQE32        = (1 << 11)
)

Constants for IO_URING. See include/uapi/linux/io_uring.h.

View Source
const (
	IORING_MAX_ENTRIES    = (1 << 15) // 32768
	IORING_MAX_CQ_ENTRIES = (2 * IORING_MAX_ENTRIES)
)

Constants for IO_URING. See io_uring/io_uring.c.

View Source
const (
	IORING_OFF_SQ_RING = 0
	IORING_OFF_CQ_RING = 0x8000000
	IORING_OFF_SQES    = 0x10000000
)

Constants for the offsets for the application to mmap the data it needs. See include/uapi/linux/io_uring.h.

View Source
const (
	IORING_OP_NOP   = 0
	IORING_OP_READV = 1
)

Constants for the IO_URING opcodes. See include/uapi/linux/io_uring.h.

View Source
const (
	IPPROTO_IP      = 0
	IPPROTO_ICMP    = 1
	IPPROTO_IGMP    = 2
	IPPROTO_IPIP    = 4
	IPPROTO_TCP     = 6
	IPPROTO_EGP     = 8
	IPPROTO_PUP     = 12
	IPPROTO_UDP     = 17
	IPPROTO_IDP     = 22
	IPPROTO_TP      = 29
	IPPROTO_DCCP    = 33
	IPPROTO_IPV6    = 41
	IPPROTO_RSVP    = 46
	IPPROTO_GRE     = 47
	IPPROTO_ESP     = 50
	IPPROTO_AH      = 51
	IPPROTO_ICMPV6  = 58
	IPPROTO_MTP     = 92
	IPPROTO_BEETPH  = 94
	IPPROTO_ENCAP   = 98
	IPPROTO_PIM     = 103
	IPPROTO_COMP    = 108
	IPPROTO_SCTP    = 132
	IPPROTO_UDPLITE = 136
	IPPROTO_MPLS    = 137
	IPPROTO_RAW     = 255
)

IP protocols

View Source
const (
	IP_TOS                    = 1
	IP_TTL                    = 2
	IP_HDRINCL                = 3
	IP_OPTIONS                = 4
	IP_ROUTER_ALERT           = 5
	IP_RECVOPTS               = 6
	IP_RETOPTS                = 7
	IP_PKTINFO                = 8
	IP_PKTOPTIONS             = 9
	IP_MTU_DISCOVER           = 10
	IP_RECVERR                = 11
	IP_RECVTTL                = 12
	IP_RECVTOS                = 13
	IP_MTU                    = 14
	IP_FREEBIND               = 15
	IP_IPSEC_POLICY           = 16
	IP_XFRM_POLICY            = 17
	IP_PASSSEC                = 18
	IP_TRANSPARENT            = 19
	IP_ORIGDSTADDR            = 20
	IP_RECVORIGDSTADDR        = IP_ORIGDSTADDR
	IP_MINTTL                 = 21
	IP_NODEFRAG               = 22
	IP_CHECKSUM               = 23
	IP_BIND_ADDRESS_NO_PORT   = 24
	IP_RECVFRAGSIZE           = 25
	IP_MULTICAST_IF           = 32
	IP_MULTICAST_TTL          = 33
	IP_MULTICAST_LOOP         = 34
	IP_ADD_MEMBERSHIP         = 35
	IP_DROP_MEMBERSHIP        = 36
	IP_UNBLOCK_SOURCE         = 37
	IP_BLOCK_SOURCE           = 38
	IP_ADD_SOURCE_MEMBERSHIP  = 39
	IP_DROP_SOURCE_MEMBERSHIP = 40
	IP_MSFILTER               = 41
	MCAST_JOIN_GROUP          = 42
	MCAST_BLOCK_SOURCE        = 43
	MCAST_UNBLOCK_SOURCE      = 44
	MCAST_LEAVE_GROUP         = 45
	MCAST_JOIN_SOURCE_GROUP   = 46
	MCAST_LEAVE_SOURCE_GROUP  = 47
	MCAST_MSFILTER            = 48
	IP_MULTICAST_ALL          = 49
	IP_UNICAST_IF             = 50
)

Socket options from uapi/linux/in.h

View Source
const (
	IP_PMTUDISC_DONT      = 0
	IP_PMTUDISC_WANT      = 1
	IP_PMTUDISC_DO        = 2
	IP_PMTUDISC_PROBE     = 3
	IP_PMTUDISC_INTERFACE = 4
	IP_PMTUDISC_OMIT      = 5
)

IP_MTU_DISCOVER values from uapi/linux/in.h

View Source
const (
	IPV6_ADDRFORM         = 1
	IPV6_2292PKTINFO      = 2
	IPV6_2292HOPOPTS      = 3
	IPV6_2292DSTOPTS      = 4
	IPV6_2292RTHDR        = 5
	IPV6_2292PKTOPTIONS   = 6
	IPV6_CHECKSUM         = 7
	IPV6_2292HOPLIMIT     = 8
	IPV6_NEXTHOP          = 9
	IPV6_FLOWINFO         = 11
	IPV6_UNICAST_HOPS     = 16
	IPV6_MULTICAST_IF     = 17
	IPV6_MULTICAST_HOPS   = 18
	IPV6_MULTICAST_LOOP   = 19
	IPV6_ADD_MEMBERSHIP   = 20
	IPV6_DROP_MEMBERSHIP  = 21
	IPV6_ROUTER_ALERT     = 22
	IPV6_MTU_DISCOVER     = 23
	IPV6_MTU              = 24
	IPV6_RECVERR          = 25
	IPV6_V6ONLY           = 26
	IPV6_JOIN_ANYCAST     = 27
	IPV6_LEAVE_ANYCAST    = 28
	IPV6_MULTICAST_ALL    = 29
	IPV6_FLOWLABEL_MGR    = 32
	IPV6_FLOWINFO_SEND    = 33
	IPV6_IPSEC_POLICY     = 34
	IPV6_XFRM_POLICY      = 35
	IPV6_HDRINCL          = 36
	IPV6_RECVPKTINFO      = 49
	IPV6_PKTINFO          = 50
	IPV6_RECVHOPLIMIT     = 51
	IPV6_HOPLIMIT         = 52
	IPV6_RECVHOPOPTS      = 53
	IPV6_HOPOPTS          = 54
	IPV6_RTHDRDSTOPTS     = 55
	IPV6_RECVRTHDR        = 56
	IPV6_RTHDR            = 57
	IPV6_RECVDSTOPTS      = 58
	IPV6_DSTOPTS          = 59
	IPV6_RECVPATHMTU      = 60
	IPV6_PATHMTU          = 61
	IPV6_DONTFRAG         = 62
	IPV6_RECVTCLASS       = 66
	IPV6_TCLASS           = 67
	IPV6_AUTOFLOWLABEL    = 70
	IPV6_ADDR_PREFERENCES = 72
	IPV6_MINHOPCOUNT      = 73
	IPV6_ORIGDSTADDR      = 74
	IPV6_RECVORIGDSTADDR  = IPV6_ORIGDSTADDR
	IPV6_TRANSPARENT      = 75
	IPV6_UNICAST_IF       = 76
	IPV6_RECVFRAGSIZE     = 77
	IPV6_FREEBIND         = 78
)

Socket options from uapi/linux/in6.h

View Source
const (
	IPC_RMID = 0
	IPC_SET  = 1
	IPC_STAT = 2
	IPC_INFO = 3
)

Control commands used with semctl, shmctl, and msgctl.

Source: include/uapi/linux/ipc.h.

View Source
const (
	IPC_CREAT  = 00001000
	IPC_EXCL   = 00002000
	IPC_NOWAIT = 00004000
)

Resource get request flags.

Source: include/uapi/linux/ipc.h

View Source
const (
	KEYCTL_GET_KEYRING_ID       = 0
	KEYCTL_JOIN_SESSION_KEYRING = 1
	KEYCTL_SETPERM              = 5
	KEYCTL_DESCRIBE             = 6
)
View Source
const (
	RLIMIT_CPU        = 0
	RLIMIT_FSIZE      = 1
	RLIMIT_DATA       = 2
	RLIMIT_STACK      = 3
	RLIMIT_CORE       = 4
	RLIMIT_RSS        = 5
	RLIMIT_NPROC      = 6
	RLIMIT_NOFILE     = 7
	RLIMIT_MEMLOCK    = 8
	RLIMIT_AS         = 9
	RLIMIT_LOCKS      = 10
	RLIMIT_SIGPENDING = 11
	RLIMIT_MSGQUEUE   = 12
	RLIMIT_NICE       = 13
	RLIMIT_RTPRIO     = 14
	RLIMIT_RTTIME     = 15
)

Resources for getrlimit(2)/setrlimit(2)/prlimit(2).

View Source
const (
	// RLimInfinity is RLIM_INFINITY on Linux.
	RLimInfinity = ^uint64(0)

	// DefaultStackSoftLimit is called _STK_LIM in Linux.
	DefaultStackSoftLimit = 8 * 1024 * 1024

	// DefaultNprocLimit is defined in kernel/fork.c:set_max_threads, and
	// called MAX_THREADS / 2 in Linux.
	DefaultNprocLimit = FUTEX_TID_MASK / 2

	// DefaultNofileSoftLimit is called INR_OPEN_CUR in Linux.
	DefaultNofileSoftLimit = 1024

	// DefaultNofileHardLimit is called INR_OPEN_MAX in Linux.
	DefaultNofileHardLimit = 4096

	// DefaultMemlockLimit is called MLOCK_LIMIT in Linux.
	DefaultMemlockLimit = 64 * 1024

	// DefaultMsgqueueLimit is called MQ_BYTES_MAX in Linux.
	DefaultMsgqueueLimit = 819200
)
View Source
const (
	MEMBARRIER_CMD_QUERY                                = 0
	MEMBARRIER_CMD_GLOBAL                               = (1 << 0)
	MEMBARRIER_CMD_GLOBAL_EXPEDITED                     = (1 << 1)
	MEMBARRIER_CMD_REGISTER_GLOBAL_EXPEDITED            = (1 << 2)
	MEMBARRIER_CMD_PRIVATE_EXPEDITED                    = (1 << 3)
	MEMBARRIER_CMD_REGISTER_PRIVATE_EXPEDITED           = (1 << 4)
	MEMBARRIER_CMD_PRIVATE_EXPEDITED_SYNC_CORE          = (1 << 5)
	MEMBARRIER_CMD_REGISTER_PRIVATE_EXPEDITED_SYNC_CORE = (1 << 6)
	MEMBARRIER_CMD_PRIVATE_EXPEDITED_RSEQ               = (1 << 7)
	MEMBARRIER_CMD_REGISTER_PRIVATE_EXPEDITED_RSEQ      = (1 << 8)
)

membarrier(2) commands, from include/uapi/linux/membarrier.h.

View Source
const (
	PROT_NONE      = 0
	PROT_READ      = 1 << 0
	PROT_WRITE     = 1 << 1
	PROT_EXEC      = 1 << 2
	PROT_SEM       = 1 << 3
	PROT_GROWSDOWN = 1 << 24
	PROT_GROWSUP   = 1 << 25
)

Protections for mmap(2).

View Source
const (
	MAP_SHARED     = 1 << 0
	MAP_PRIVATE    = 1 << 1
	MAP_FIXED      = 1 << 4
	MAP_ANONYMOUS  = 1 << 5
	MAP_32BIT      = 1 << 6 // arch/x86/include/uapi/asm/mman.h
	MAP_GROWSDOWN  = 1 << 8
	MAP_DENYWRITE  = 1 << 11
	MAP_EXECUTABLE = 1 << 12
	MAP_LOCKED     = 1 << 13
	MAP_NORESERVE  = 1 << 14
	MAP_POPULATE   = 1 << 15
	MAP_NONBLOCK   = 1 << 16
	MAP_STACK      = 1 << 17
	MAP_HUGETLB    = 1 << 18
)

Flags for mmap(2).

View Source
const (
	MREMAP_MAYMOVE = 1 << 0
	MREMAP_FIXED   = 1 << 1
)

Flags for mremap(2).

View Source
const (
	MCL_CURRENT = 1
	MCL_FUTURE  = 2
	MCL_ONFAULT = 4
)

Flags for mlockall(2).

View Source
const (
	MADV_NORMAL       = 0
	MADV_RANDOM       = 1
	MADV_SEQUENTIAL   = 2
	MADV_WILLNEED     = 3
	MADV_DONTNEED     = 4
	MADV_REMOVE       = 9
	MADV_DONTFORK     = 10
	MADV_DOFORK       = 11
	MADV_MERGEABLE    = 12
	MADV_UNMERGEABLE  = 13
	MADV_HUGEPAGE     = 14
	MADV_NOHUGEPAGE   = 15
	MADV_DONTDUMP     = 16
	MADV_DODUMP       = 17
	MADV_HWPOISON     = 100
	MADV_SOFT_OFFLINE = 101
	MADV_NOMAJFAULT   = 200
	MADV_DONTCHGME    = 201
)

Advice for madvise(2).

View Source
const (
	MS_ASYNC      = 1 << 0
	MS_INVALIDATE = 1 << 1
	MS_SYNC       = 1 << 2
)

Flags for msync(2).

View Source
const (
	MPOL_F_NODE         = 1 << 0
	MPOL_F_ADDR         = 1 << 1
	MPOL_F_MEMS_ALLOWED = 1 << 2
)

Flags for get_mempolicy(2).

View Source
const (
	MPOL_F_RELATIVE_NODES = 1 << 14
	MPOL_F_STATIC_NODES   = 1 << 15

	MPOL_MODE_FLAGS = (MPOL_F_STATIC_NODES | MPOL_F_RELATIVE_NODES)
)

Flags for set_mempolicy(2).

View Source
const (
	MPOL_MF_STRICT   = 1 << 0
	MPOL_MF_MOVE     = 1 << 1
	MPOL_MF_MOVE_ALL = 1 << 2

	MPOL_MF_VALID = MPOL_MF_STRICT | MPOL_MF_MOVE | MPOL_MF_MOVE_ALL
)

Flags for mbind(2).

View Source
const (
	X86_PF_PROT = 1 << iota
	X86_PF_WRITE
	X86_PF_USER
	X86_PF_RSVD
	X86_PF_INSTR
)

Page fault error codes

View Source
const (
	DFLT_QUEUESMAX       = 256
	MIN_MSGMAX           = 1
	DFLT_MSG        uint = 10
	DFLT_MSGMAX          = 10
	HARD_MSGMAX          = 65536
	MIN_MSGSIZEMAX       = 128
	DFLT_MSGSIZE    uint = 8192
	DFLT_MSGSIZEMAX      = 8192
	HARD_MSGSIZEMAX      = (16 * 1024 * 1024)
)

Default values for POSIX message queues. Source: include/linux/ipc_namespace.h

View Source
const (
	MQ_PRIO_MAX  = 32768
	MQ_BYTES_MAX = 819200
)

Maximum values for a message queue. Source: include/uapi/linux/mqueue.h

View Source
const (
	NOTIFY_NONE    = 0
	NOTIFY_WOKENUP = 1
	NOTIFY_REMOVED = 2

	NOTIFY_COOKIE_LEN = 32
)

Codes used by mq_notify. Source: include/uapi/linux/mqueue.h

View Source
const (
	MSG_STAT     = 11
	MSG_INFO     = 12
	MSG_STAT_ANY = 13
)

Linux-specific control commands. Source: include/uapi/linux/msg.h

View Source
const (
	MSG_NOERROR = 010000 // No error if message is too big.
	MSG_EXCEPT  = 020000 // Receive any message except of specified type.
	MSG_COPY    = 040000 // Copy (not remove) all queue messages.
)

msgrcv(2) options. Source: include/uapi/linux/msg.h

View Source
const (
	MSGMNI = 32000 // Maximum number of message queue identifiers.
	MSGMAX = 8192  // Maximum size of message (bytes).
	MSGMNB = 16384 // Default max size of a message queue.
)

System-wide limits for message queues. Source: include/uapi/linux/msg.h

View Source
const (
	MSGPOOL = (MSGMNI * MSGMNB / 1024)
	MSGTQL  = MSGMNB
	MSGMAP  = MSGMNB
	MSGSSZ  = 16

	// MSGSEG is simplified due to the inexistance of a ternary operator.
	MSGSEG = 0xffff
)

System-wide limits. Unused. Source: include/uapi/linux/msg.h

View Source
const (
	NF_INET_PRE_ROUTING  = 0
	NF_INET_LOCAL_IN     = 1
	NF_INET_FORWARD      = 2
	NF_INET_LOCAL_OUT    = 3
	NF_INET_POST_ROUTING = 4
	NF_INET_NUMHOOKS     = 5
)

Hooks into the network stack. These correspond to values in include/uapi/linux/netfilter.h.

View Source
const (
	NFPROTO_UNSPEC = 0
	NFPROTO_INET   = 1
	NFPROTO_IPV4   = 2
	NFPROTO_ARP    = 3
	NFPROTO_NETDEV = 5
	NFPROTO_BRIDGE = 7
	NFPROTO_IPV6   = 10
)

Protocol families (address families). These correspond to values in include/uapi/linux/netfilter.h.

View Source
const (
	NF_DROP        = 0
	NF_ACCEPT      = 1
	NF_STOLEN      = 2
	NF_QUEUE       = 3
	NF_REPEAT      = 4
	NF_STOP        = 5
	NF_MAX_VERDICT = NF_STOP
	// NF_RETURN is defined in include/uapi/linux/netfilter/x_tables.h.
	NF_RETURN = -NF_REPEAT - 1
)

Verdicts that can be returned by targets. These correspond to values in include/uapi/linux/netfilter.h

View Source
const (
	IPT_BASE_CTL            = 64
	IPT_SO_SET_REPLACE      = IPT_BASE_CTL
	IPT_SO_SET_ADD_COUNTERS = IPT_BASE_CTL + 1
	IPT_SO_SET_MAX          = IPT_SO_SET_ADD_COUNTERS

	IPT_SO_GET_INFO            = IPT_BASE_CTL
	IPT_SO_GET_ENTRIES         = IPT_BASE_CTL + 1
	IPT_SO_GET_REVISION_MATCH  = IPT_BASE_CTL + 2
	IPT_SO_GET_REVISION_TARGET = IPT_BASE_CTL + 3
	IPT_SO_GET_MAX             = IPT_SO_GET_REVISION_TARGET
)

Socket options for SOL_SOCKET. These correspond to values in include/uapi/linux/netfilter_ipv4/ip_tables.h.

View Source
const (
	XT_FUNCTION_MAXNAMELEN  = 30
	XT_EXTENSION_MAXNAMELEN = 29
	XT_TABLE_MAXNAMELEN     = 32
)

Name lengths. These correspond to values in include/uapi/linux/netfilter/x_tables.h.

View Source
const (
	// Invert the meaning of InputInterface.
	IPT_INV_VIA_IN = 0x01
	// Invert the meaning of OutputInterface.
	IPT_INV_VIA_OUT = 0x02
	// Unclear what this is, as no references to it exist in the kernel.
	IPT_INV_TOS = 0x04
	// Invert the meaning of Src.
	IPT_INV_SRCIP = 0x08
	// Invert the meaning of Dst.
	IPT_INV_DSTIP = 0x10
	// Invert the meaning of the IPT_F_FRAG flag.
	IPT_INV_FRAG = 0x20
	// Invert the meaning of the Protocol field.
	IPT_INV_PROTO = 0x40
	// Enable all flags.
	IPT_INV_MASK = 0x7F
)

Flags in IPTIP.InverseFlags. Corresponding constants are in include/uapi/linux/netfilter_ipv4/ip_tables.h.

View Source
const (
	NF_NAT_RANGE_MAP_IPS            = 1 << 0
	NF_NAT_RANGE_PROTO_SPECIFIED    = 1 << 1
	NF_NAT_RANGE_PROTO_RANDOM       = 1 << 2
	NF_NAT_RANGE_PERSISTENT         = 1 << 3
	NF_NAT_RANGE_PROTO_RANDOM_FULLY = 1 << 4
	NF_NAT_RANGE_PROTO_RANDOM_ALL   = (NF_NAT_RANGE_PROTO_RANDOM | NF_NAT_RANGE_PROTO_RANDOM_FULLY)
	NF_NAT_RANGE_MASK               = (NF_NAT_RANGE_MAP_IPS |
		NF_NAT_RANGE_PROTO_SPECIFIED | NF_NAT_RANGE_PROTO_RANDOM |
		NF_NAT_RANGE_PERSISTENT | NF_NAT_RANGE_PROTO_RANDOM_FULLY)
)

Flag values for NfNATIPV4Range. The values indicate whether to map protocol specific part(ports) or IPs. It corresponds to values in include/uapi/linux/netfilter/nf_nat.h.

View Source
const (
	// Invert the meaning of SourcePortStart/End.
	XT_TCP_INV_SRCPT = 0x01
	// Invert the meaning of DestinationPortStart/End.
	XT_TCP_INV_DSTPT = 0x02
	// Invert the meaning of FlagCompare.
	XT_TCP_INV_FLAGS = 0x04
	// Invert the meaning of Option.
	XT_TCP_INV_OPTION = 0x08
	// Enable all flags.
	XT_TCP_INV_MASK = 0x0F
)

Flags in XTTCP.InverseFlags. Corresponding constants are in include/uapi/linux/netfilter/xt_tcpudp.h.

View Source
const (
	// Invert the meaning of SourcePortStart/End.
	XT_UDP_INV_SRCPT = 0x01
	// Invert the meaning of DestinationPortStart/End.
	XT_UDP_INV_DSTPT = 0x02
	// Enable all flags.
	XT_UDP_INV_MASK = 0x03
)

Flags in XTUDP.InverseFlags. Corresponding constants are in include/uapi/linux/netfilter/xt_tcpudp.h.

View Source
const (
	// Match the UID of the packet.
	XT_OWNER_UID = 1 << 0
	// Match the GID of the packet.
	XT_OWNER_GID = 1 << 1
	// Match if the socket exists for the packet. Forwarded
	// packets do not have an associated socket.
	XT_OWNER_SOCKET = 1 << 2
)

Flags in IPTOwnerInfo.Match and XTOwnerMatchInfo.Match. Corresponding constants are in include/uapi/linux/netfilter/xt_owner.h.

View Source
const (
	NF_BR_PRI_FIRST           = math.MinInt
	NF_BR_PRI_NAT_DST_BRIDGED = -300
	NF_BR_PRI_FILTER_BRIDGED  = -200
	NF_BR_PRI_BRNF            = 0
	NF_BR_PRI_NAT_DST_OTHER   = 100
	NF_BR_PRI_FILTER_OTHER    = 200
	NF_BR_PRI_NAT_SRC         = 300
	NF_BR_PRI_LAST            = math.MaxInt
)

Netfilter Bridge Standard Hook Priorities, from uapi/linux/netfilter_bridge.h.

View Source
const (
	NF_IP_PRI_FIRST             = math.MinInt
	NF_IP_PRI_RAW_BEFORE_DEFRAG = -450
	NF_IP_PRI_CONNTRACK_DEFRAG  = -400
	NF_IP_PRI_RAW               = -300
	NF_IP_PRI_SELINUX_FIRST     = -225
	NF_IP_PRI_CONNTRACK         = -200
	NF_IP_PRI_MANGLE            = -150
	NF_IP_PRI_NAT_DST           = -100
	NF_IP_PRI_FILTER            = 0
	NF_IP_PRI_SECURITY          = 50
	NF_IP_PRI_NAT_SRC           = 100
	NF_IP_PRI_SELINUX_LAST      = 225
	NF_IP_PRI_CONNTRACK_HELPER  = 300
	NF_IP_PRI_CONNTRACK_CONFIRM = math.MaxInt
	NF_IP_PRI_LAST              = math.MaxInt
)

Netfilter IPv4 Standard Hook Priorities, from uapi/linux/netfilter_ipv4.h.

View Source
const (
	NF_IP6_PRI_FIRST             = math.MinInt
	NF_IP6_PRI_RAW_BEFORE_DEFRAG = -450
	NF_IP6_PRI_CONNTRACK_DEFRAG  = -400
	NF_IP6_PRI_RAW               = -300
	NF_IP6_PRI_SELINUX_FIRST     = -225
	NF_IP6_PRI_CONNTRACK         = -200
	NF_IP6_PRI_MANGLE            = -150
	NF_IP6_PRI_NAT_DST           = -100
	NF_IP6_PRI_FILTER            = 0
	NF_IP6_PRI_SECURITY          = 50
	NF_IP6_PRI_NAT_SRC           = 100
	NF_IP6_PRI_SELINUX_LAST      = 225
	NF_IP6_PRI_CONNTRACK_HELPER  = 300
	NF_IP6_PRI_LAST              = math.MaxInt
)

Netfilter IPv6 Standard Hook Priorities, from uapi/linux/netfilter_ipv6.h.

View Source
const (
	IP6T_BASE_CTL            = 64
	IP6T_SO_SET_REPLACE      = IPT_BASE_CTL
	IP6T_SO_SET_ADD_COUNTERS = IPT_BASE_CTL + 1
	IP6T_SO_SET_MAX          = IPT_SO_SET_ADD_COUNTERS

	IP6T_SO_GET_INFO            = IPT_BASE_CTL
	IP6T_SO_GET_ENTRIES         = IPT_BASE_CTL + 1
	IP6T_SO_GET_REVISION_MATCH  = IPT_BASE_CTL + 4
	IP6T_SO_GET_REVISION_TARGET = IPT_BASE_CTL + 5
	IP6T_SO_GET_MAX             = IP6T_SO_GET_REVISION_TARGET
)

Socket options for SOL_SOCLET. These correspond to values in include/uapi/linux/netfilter_ipv6/ip6_tables.h.

View Source
const (
	// Whether to check the Protocol field.
	IP6T_F_PROTO = 0x01
	// Whether to match the TOS field.
	IP6T_F_TOS = 0x02
	// Indicates that the jump target is an absolute GOTO, not an offset.
	IP6T_F_GOTO = 0x04
	// Enables all flags.
	IP6T_F_MASK = 0x07
)

Flags in IP6TIP.Flags. Corresponding constants are in include/uapi/linux/netfilter_ipv6/ip6_tables.h.

View Source
const (
	// Invert the meaning of InputInterface.
	IP6T_INV_VIA_IN = 0x01
	// Invert the meaning of OutputInterface.
	IP6T_INV_VIA_OUT = 0x02
	// Invert the meaning of TOS.
	IP6T_INV_TOS = 0x04
	// Invert the meaning of Src.
	IP6T_INV_SRCIP = 0x08
	// Invert the meaning of Dst.
	IP6T_INV_DSTIP = 0x10
	// Invert the meaning of the IPT_F_FRAG flag.
	IP6T_INV_FRAG = 0x20
	// Enable all flags.
	IP6T_INV_MASK = 0x7F
)

Flags in IP6TIP.InverseFlags. Corresponding constants are in include/uapi/linux/netfilter_ipv6/ip6_tables.h.

View Source
const (
	NETLINK_ROUTE          = 0
	NETLINK_UNUSED         = 1
	NETLINK_USERSOCK       = 2
	NETLINK_FIREWALL       = 3
	NETLINK_SOCK_DIAG      = 4
	NETLINK_NFLOG          = 5
	NETLINK_XFRM           = 6
	NETLINK_SELINUX        = 7
	NETLINK_ISCSI          = 8
	NETLINK_AUDIT          = 9
	NETLINK_FIB_LOOKUP     = 10
	NETLINK_CONNECTOR      = 11
	NETLINK_NETFILTER      = 12
	NETLINK_IP6_FW         = 13
	NETLINK_DNRTMSG        = 14
	NETLINK_KOBJECT_UEVENT = 15
	NETLINK_GENERIC        = 16
	NETLINK_SCSITRANSPORT  = 18
	NETLINK_ECRYPTFS       = 19
	NETLINK_RDMA           = 20
	NETLINK_CRYPTO         = 21
)

Netlink protocols, from uapi/linux/netlink.h.

View Source
const (
	NLM_F_REQUEST   = 0x1
	NLM_F_MULTI     = 0x2
	NLM_F_ACK       = 0x4
	NLM_F_ECHO      = 0x8
	NLM_F_DUMP_INTR = 0x10
	NLM_F_ROOT      = 0x100
	NLM_F_MATCH     = 0x200
	NLM_F_ATOMIC    = 0x400
	NLM_F_DUMP      = NLM_F_ROOT | NLM_F_MATCH
	NLM_F_REPLACE   = 0x100
	NLM_F_EXCL      = 0x200
	NLM_F_CREATE    = 0x400
	NLM_F_APPEND    = 0x800
)

Netlink message header flags, from uapi/linux/netlink.h.

View Source
const (
	NLMSG_NOOP    = 0x1
	NLMSG_ERROR   = 0x2
	NLMSG_DONE    = 0x3
	NLMSG_OVERRUN = 0x4

	// NLMSG_MIN_TYPE is the first value for protocol-level types.
	NLMSG_MIN_TYPE = 0x10
)

Standard netlink message types, from uapi/linux/netlink.h.

View Source
const (
	NETLINK_ADD_MEMBERSHIP   = 1
	NETLINK_DROP_MEMBERSHIP  = 2
	NETLINK_PKTINFO          = 3
	NETLINK_BROADCAST_ERROR  = 4
	NETLINK_NO_ENOBUFS       = 5
	NETLINK_LISTEN_ALL_NSID  = 8
	NETLINK_LIST_MEMBERSHIPS = 9
	NETLINK_CAP_ACK          = 10
	NETLINK_EXT_ACK          = 11
	NETLINK_DUMP_STRICT_CHK  = 12
)

Socket options, from uapi/linux/netlink.h.

View Source
const (
	RTM_NEWLINK = 16
	RTM_DELLINK = 17
	RTM_GETLINK = 18
	RTM_SETLINK = 19

	RTM_NEWADDR = 20
	RTM_DELADDR = 21
	RTM_GETADDR = 22

	RTM_NEWROUTE = 24
	RTM_DELROUTE = 25
	RTM_GETROUTE = 26

	RTM_NEWNEIGH = 28
	RTM_DELNEIGH = 29
	RTM_GETNEIGH = 30

	RTM_NEWRULE = 32
	RTM_DELRULE = 33
	RTM_GETRULE = 34

	RTM_NEWQDISC = 36
	RTM_DELQDISC = 37
	RTM_GETQDISC = 38

	RTM_NEWTCLASS = 40
	RTM_DELTCLASS = 41
	RTM_GETTCLASS = 42

	RTM_NEWTFILTER = 44
	RTM_DELTFILTER = 45
	RTM_GETTFILTER = 46

	RTM_NEWACTION = 48
	RTM_DELACTION = 49
	RTM_GETACTION = 50

	RTM_NEWPREFIX = 52

	RTM_GETMULTICAST = 58

	RTM_GETANYCAST = 62

	RTM_NEWNEIGHTBL = 64
	RTM_GETNEIGHTBL = 66
	RTM_SETNEIGHTBL = 67

	RTM_NEWNDUSEROPT = 68

	RTM_NEWADDRLABEL = 72
	RTM_DELADDRLABEL = 73
	RTM_GETADDRLABEL = 74

	RTM_GETDCB = 78
	RTM_SETDCB = 79

	RTM_NEWNETCONF = 80
	RTM_GETNETCONF = 82

	RTM_NEWMDB = 84
	RTM_DELMDB = 85
	RTM_GETMDB = 86

	RTM_NEWNSID = 88
	RTM_DELNSID = 89
	RTM_GETNSID = 90
)

Netlink message types for NETLINK_ROUTE sockets, from uapi/linux/rtnetlink.h.

View Source
const (
	IFF_UP          = 1 << 0
	IFF_BROADCAST   = 1 << 1
	IFF_DEBUG       = 1 << 2
	IFF_LOOPBACK    = 1 << 3
	IFF_POINTOPOINT = 1 << 4
	IFF_NOTRAILERS  = 1 << 5
	IFF_RUNNING     = 1 << 6
	IFF_NOARP       = 1 << 7
	IFF_PROMISC     = 1 << 8
	IFF_ALLMULTI    = 1 << 9
	IFF_MASTER      = 1 << 10
	IFF_SLAVE       = 1 << 11
	IFF_MULTICAST   = 1 << 12
	IFF_PORTSEL     = 1 << 13
	IFF_AUTOMEDIA   = 1 << 14
	IFF_DYNAMIC     = 1 << 15
	IFF_LOWER_UP    = 1 << 16
	IFF_DORMANT     = 1 << 17
	IFF_ECHO        = 1 << 18
)

Interface flags, from uapi/linux/if.h.

View Source
const (
	IFLA_UNSPEC          = 0
	IFLA_ADDRESS         = 1
	IFLA_BROADCAST       = 2
	IFLA_IFNAME          = 3
	IFLA_MTU             = 4
	IFLA_LINK            = 5
	IFLA_QDISC           = 6
	IFLA_STATS           = 7
	IFLA_COST            = 8
	IFLA_PRIORITY        = 9
	IFLA_MASTER          = 10
	IFLA_WIRELESS        = 11
	IFLA_PROTINFO        = 12
	IFLA_TXQLEN          = 13
	IFLA_MAP             = 14
	IFLA_WEIGHT          = 15
	IFLA_OPERSTATE       = 16
	IFLA_LINKMODE        = 17
	IFLA_LINKINFO        = 18
	IFLA_NET_NS_PID      = 19
	IFLA_IFALIAS         = 20
	IFLA_NUM_VF          = 21
	IFLA_VFINFO_LIST     = 22
	IFLA_STATS64         = 23
	IFLA_VF_PORTS        = 24
	IFLA_PORT_SELF       = 25
	IFLA_AF_SPEC         = 26
	IFLA_GROUP           = 27
	IFLA_NET_NS_FD       = 28
	IFLA_EXT_MASK        = 29
	IFLA_PROMISCUITY     = 30
	IFLA_NUM_TX_QUEUES   = 31
	IFLA_NUM_RX_QUEUES   = 32
	IFLA_CARRIER         = 33
	IFLA_PHYS_PORT_ID    = 34
	IFLA_CARRIER_CHANGES = 35
	IFLA_PHYS_SWITCH_ID  = 36
	IFLA_LINK_NETNSID    = 37
	IFLA_PHYS_PORT_NAME  = 38
	IFLA_PROTO_DOWN      = 39
	IFLA_GSO_MAX_SEGS    = 40
	IFLA_GSO_MAX_SIZE    = 41
)

Interface link attributes, from uapi/linux/if_link.h.

View Source
const (
	IFLA_INFO_UNSPEC     = 0
	IFLA_INFO_KIND       = 1
	IFLA_INFO_DATA       = 2
	IFLA_INFO_XSTATS     = 3
	IFLA_INFO_SLAVE_KIND = 4
	IFLA_INFO_SLAVE_DATA = 5
)

Interface link info attributes, from uapi/linux/if_link.h.

View Source
const (
	IFA_UNSPEC    = 0
	IFA_ADDRESS   = 1
	IFA_LOCAL     = 2
	IFA_LABEL     = 3
	IFA_BROADCAST = 4
	IFA_ANYCAST   = 5
	IFA_CACHEINFO = 6
	IFA_MULTICAST = 7
	IFA_FLAGS     = 8
)

Interface attributes, from uapi/linux/if_addr.h.

View Source
const (
	ARPHRD_NONE     = 65534
	ARPHRD_ETHER    = 1
	ARPHRD_LOOPBACK = 772
)

Device types, from uapi/linux/if_arp.h.

View Source
const (
	// RTN_UNSPEC represents an unspecified route type.
	RTN_UNSPEC = 0

	// RTN_UNICAST represents a unicast route.
	RTN_UNICAST = 1

	// RTN_LOCAL represents a route that is accepted locally.
	RTN_LOCAL = 2

	// RTN_BROADCAST represents a broadcast route (Traffic is accepted locally
	// as broadcast, and sent as broadcast).
	RTN_BROADCAST = 3

	// RTN_ANYCAST represents a anycast route (Traffic is accepted locally as
	// broadcast but sent as unicast).
	RTN_ANYCAST = 6

	// RTN_MULTICAST represents a multicast route.
	RTN_MULTICAST = 5

	// RTN_BLACKHOLE represents a route where all traffic is dropped.
	RTN_BLACKHOLE = 6

	// RTN_UNREACHABLE represents a route where the destination is unreachable.
	RTN_UNREACHABLE = 7

	RTN_PROHIBIT = 8
	RTN_THROW    = 9
	RTN_NAT      = 10
	RTN_XRESOLVE = 11
)

Route types, from uapi/linux/rtnetlink.h.

View Source
const (
	RTPROT_UNSPEC   = 0
	RTPROT_REDIRECT = 1
	RTPROT_KERNEL   = 2
	RTPROT_BOOT     = 3
	RTPROT_STATIC   = 4
	RTPROT_GATED    = 8
	RTPROT_RA       = 9
	RTPROT_MRT      = 10
	RTPROT_ZEBRA    = 11
	RTPROT_BIRD     = 12
	RTPROT_DNROUTED = 13
	RTPROT_XORP     = 14
	RTPROT_NTK      = 15
	RTPROT_DHCP     = 16
	RTPROT_MROUTED  = 17
	RTPROT_BABEL    = 42
	RTPROT_BGP      = 186
	RTPROT_ISIS     = 187
	RTPROT_OSPF     = 188
	RTPROT_RIP      = 189
	RTPROT_EIGRP    = 192
)

Route protocols/origins, from uapi/linux/rtnetlink.h.

View Source
const (
	RT_SCOPE_UNIVERSE = 0
	RT_SCOPE_SITE     = 200
	RT_SCOPE_LINK     = 253
	RT_SCOPE_HOST     = 254
	RT_SCOPE_NOWHERE  = 255
)

Route scopes, from uapi/linux/rtnetlink.h.

View Source
const (
	RTM_F_NOTIFY       = 0x100
	RTM_F_CLONED       = 0x200
	RTM_F_EQUALIZE     = 0x400
	RTM_F_PREFIX       = 0x800
	RTM_F_LOOKUP_TABLE = 0x1000
	RTM_F_FIB_MATCH    = 0x2000
)

Route flags, from uapi/linux/rtnetlink.h.

View Source
const (
	RT_TABLE_UNSPEC  = 0
	RT_TABLE_COMPAT  = 252
	RT_TABLE_DEFAULT = 253
	RT_TABLE_MAIN    = 254
	RT_TABLE_LOCAL   = 255
)

Route tables, from uapi/linux/rtnetlink.h.

View Source
const (
	RTA_UNSPEC        = 0
	RTA_DST           = 1
	RTA_SRC           = 2
	RTA_IIF           = 3
	RTA_OIF           = 4
	RTA_GATEWAY       = 5
	RTA_PRIORITY      = 6
	RTA_PREFSRC       = 7
	RTA_METRICS       = 8
	RTA_MULTIPATH     = 9
	RTA_PROTOINFO     = 10
	RTA_FLOW          = 11
	RTA_CACHEINFO     = 12
	RTA_SESSION       = 13
	RTA_MP_ALGO       = 14
	RTA_TABLE         = 15
	RTA_MARK          = 16
	RTA_MFC_STATS     = 17
	RTA_VIA           = 18
	RTA_NEWDST        = 19
	RTA_PREF          = 20
	RTA_ENCAP_TYPE    = 21
	RTA_ENCAP         = 22
	RTA_EXPIRES       = 23
	RTA_PAD           = 24
	RTA_UID           = 25
	RTA_TTL_PROPAGATE = 26
	RTA_IP_PROTO      = 27
	RTA_SPORT         = 28
	RTA_DPORT         = 29
)

Route attributes, from uapi/linux/rtnetlink.h.

View Source
const (
	RTF_GATEWAY = 0x2
	RTF_UP      = 0x1
)

Route flags, from include/uapi/linux/route.h.

View Source
const (
	NFT_REG_VERDICT = iota
	NFT_REG_1
	NFT_REG_2
	NFT_REG_3
	NFT_REG_4
)

16-byte Registers that can be used to maintain state for rules. These correspond to values in include/uapi/linux/netfilter/nf_tables.h.

View Source
const (
	NFT_REG32_00 = 8 + iota
	NFT_REG32_01
	NFT_REG32_02
	NFT_REG32_03
	NFT_REG32_04
	NFT_REG32_05
	NFT_REG32_06
	NFT_REG32_07
	NFT_REG32_08
	NFT_REG32_09
	NFT_REG32_10
	NFT_REG32_11
	NFT_REG32_12
	NFT_REG32_13
	NFT_REG32_14
	NFT_REG32_15
)

4-byte Registers that can be used to maintain state for rules. Note that these overlap with the 16-byte registers in memory. These correspond to values in include/uapi/linux/netfilter/nf_tables.h.

View Source
const (
	NFT_REG_MAX     = __NFT_REG_MAX - 1               // Maximum register value
	NFT_REG_SIZE    = 16                              // Size of NFT_REG
	NFT_REG32_SIZE  = 4                               // Size of NFT_REG32
	NFT_REG32_COUNT = NFT_REG32_15 - NFT_REG32_00 + 1 // Count of 4-byte registers
)

Other register constants, corresponding to values in include/uapi/linux/netfilter/nf_tables.h.

View Source
const (
	// Continue evaluation of the current rule.
	NFT_CONTINUE int32 = -1

	// Terminate evaluation of the current rule.
	NFT_BREAK int32 = -2

	// Push the current chain on the jump stack and jump to a chain.
	NFT_JUMP int32 = -3

	// Jump to a chain without pushing the current chain on the jump stack.
	NFT_GOTO int32 = -4

	// Return to the topmost chain on the jump stack.
	NFT_RETURN int32 = -5
)

Internal nf table verdicts. These are used for ruleset evaluation and are not returned to userspace.

These also share their numeric name space with the netfilter verdicts. When used these values are converted to uint32 (purposefully overflowing the int). These correspond to values in include/uapi/linux/netfilter/nf_tables.h.

View Source
const (
	NFT_CMP_EQ  = iota // equal
	NFT_CMP_NEQ        // not equal
	NFT_CMP_LT         // less than
	NFT_CMP_LTE        // less than or equal to
	NFT_CMP_GT         // greater than
	NFT_CMP_GTE        // greater than or equal to
)

Nf table relational operators. Used by the nft comparison operation to compare values in registers. These correspond to enum values in include/uapi/linux/netfilter/nf_tables.h.

View Source
const (
	NFT_RANGE_EQ = iota
	NFT_RANGE_NEQ
)

Nf table range operators. Used by the nft range operation to compare values in registers. These correspond to enum values in include/uapi/linux/netfilter/nf_tables.h.

View Source
const (
	NFT_PAYLOAD_LL_HEADER        = iota // link layer header
	NFT_PAYLOAD_NETWORK_HEADER          // network header
	NFT_PAYLOAD_TRANSPORT_HEADER        // transport header
	NFT_PAYLOAD_INNER_HEADER            // inner header / payload
	NFT_PAYLOAD_TUN_HEADER              // tunneling protocol header
)

Nf table payload expression offset bases. Used by the nft payload operations to access appropriate data in the packet. These correspond to enum values in include/uapi/linux/netfilter/nf_tables.h.

View Source
const (
	NFT_PAYLOAD_CSUM_NONE = iota // no checksumming
	NFT_PAYLOAD_CSUM_INET        // internet checksum (RFC 791)
	NFT_PAYLOAD_CSUM_SCTP        // CRC-32c, for use in SCTP header (RFC 3309)
)

Nf table payload expression checksum types. Used by the nft payload set operation to mark the type of checksum to use. These correspond to enum values in include/uapi/linux/netfilter/nf_tables.h.

View Source
const (
	NFT_BITWISE_BOOL   = iota // mask-and-xor operation for NOT, AND, OR, & XOR
	NFT_BITWISE_LSHIFT        // left-shift operation
	NFT_BITWISE_RSHIFT        // right-shift operation
)

Nf table bitwise operators. Used by the nft bitwise operation to perform bitwise math over register data. These correspond to enum values in include/uapi/linux/netfilter/nf_tables.h.

View Source
const (
	// Traffic Class Identifier (Realm) associated with route
	NFT_RT_CLASSID = iota

	// Routing nexthop for IPv4 (next IPv4 address to jump to)
	NFT_RT_NEXTHOP4

	// Routing nexthop for IPv6 (next IPv6 address to jump to)
	NFT_RT_NEXTHOP6

	// Maximum Segment Size for TCP connections (largest size for a single packet)
	NFT_RT_TCPMSS

	// Bool for whether packet route involves a IPsec transform st xfrm is applied
	NFT_RT_XFRM
)

Nf table route expression keys. Used by the nft route operation to determine the routing data to retrieve. These correspond to enum values in include/uapi/linux/netfilter/nf_tables.h.

View Source
const (
	NFT_BYTEORDER_NTOH = iota // network to host operator
	NFT_BYTEORDER_HTON        // host to network operator
)

Nf table byteorder operators. Used by the nft byteorder operation to convert data in a register to a specific byte order. These correspond to enum values in include/uapi/linux/netfilter/nf_tables.h.

View Source
const (
	NFT_META_LEN           = iota // Packet length
	NFT_META_PROTOCOL             // Packet ethertype protocol, invalid in OUTPUT
	NFT_META_PRIORITY             // Packet priority
	NFT_META_MARK                 // Packet mark
	NFT_META_IIF                  // Packet input interface index
	NFT_META_OIF                  // Packet output interface index
	NFT_META_IIFNAME              // Packet input interface name
	NFT_META_OIFNAME              // Packet output interface name
	NFT_META_IIFTYPE              // Packet input interface type
	NFT_META_OIFTYPE              // Packet output interface type
	NFT_META_SKUID                // Originating socket UID
	NFT_META_SKGID                // Originating socket GID
	NFT_META_NFTRACE              // Packet nftrace bit
	NFT_META_RTCLASSID            // Realm value of packet's route
	NFT_META_SECMARK              // Packet secmark
	NFT_META_NFPROTO              // Netfilter protocol
	NFT_META_L4PROTO              // Layer 4 protocol number
	NFT_META_BRI_IIFNAME          // Packet input bridge interface name
	NFT_META_BRI_OIFNAME          // Packet output bridge interface name
	NFT_META_PKTTYPE              // Packet type, special handling for loopback
	NFT_META_CPU                  // CPU id through smp_processor_id()
	NFT_META_IIFGROUP             // Packet input interface group
	NFT_META_OIFGROUP             // Packet output interface group
	NFT_META_CGROUP               // Socket control group
	NFT_META_PRANDOM              // A 32bit pseudo-random number
	NFT_META_SECPATH              // Boolean, secpath_exists
	NFT_META_IIFKIND              // Packet input interface kind name
	NFT_META_OIFKIND              // Packet output interface kind name
	NFT_META_BRI_IIFPVID          // Packet input bridge port pvid
	NFT_META_BRI_IIFVPROTO        // Packet input bridge vlan proto
	NFT_META_TIME_NS              // Time since epoch (in nanoseconds)
	NFT_META_TIME_DAY             // Day of week (from 0 = Sunday to 6 = Saturday)
	NFT_META_TIME_HOUR            // Hour of day (in sec), secs since start of day
	NFT_META_SDIF                 // Slave device interface index
	NFT_META_SDIFNAME             // Slave device interface name
	NFT_META_BRI_BROUTE           // Packet br_netfilter_broute bit
)

Nf tables meta expression keys. Used by the nft meta operation to retrieve meta data from the packet. These correspond to enum values in include/uapi/linux/netfilter/nf_tables.h.

View Source
const (
	POLLIN         = 0x0001
	POLLPRI        = 0x0002
	POLLOUT        = 0x0004
	POLLERR        = 0x0008
	POLLHUP        = 0x0010
	POLLNVAL       = 0x0020
	POLLRDNORM     = 0x0040
	POLLRDBAND     = 0x0080
	POLLWRNORM     = 0x0100
	POLLWRBAND     = 0x0200
	POLLMSG        = 0x0400
	POLLREMOVE     = 0x1000
	POLLRDHUP      = 0x2000
	POLLFREE       = 0x4000
	POLL_BUSY_LOOP = 0x8000
)

Poll event flags, used by poll(2)/ppoll(2) and/or epoll_ctl(2)/epoll_wait(2), from uapi/asm-generic/poll.h.

View Source
const (
	// PR_SET_PDEATHSIG sets the process' death signal.
	PR_SET_PDEATHSIG = 1

	// PR_GET_PDEATHSIG gets the process' death signal.
	PR_GET_PDEATHSIG = 2

	// PR_GET_DUMPABLE gets the process' dumpable flag.
	PR_GET_DUMPABLE = 3

	// PR_SET_DUMPABLE sets the process' dumpable flag.
	PR_SET_DUMPABLE = 4

	// PR_GET_KEEPCAPS gets the value of the keep capabilities flag.
	PR_GET_KEEPCAPS = 7

	// PR_SET_KEEPCAPS sets the value of the keep capabilities flag.
	PR_SET_KEEPCAPS = 8

	// PR_GET_TIMING gets the process' timing method.
	PR_GET_TIMING = 13

	// PR_SET_TIMING sets the process' timing method.
	PR_SET_TIMING = 14

	// PR_SET_NAME sets the process' name.
	PR_SET_NAME = 15

	// PR_GET_NAME gets the process' name.
	PR_GET_NAME = 16

	// PR_GET_SECCOMP gets a process' seccomp mode.
	PR_GET_SECCOMP = 21

	// PR_SET_SECCOMP sets a process' seccomp mode.
	PR_SET_SECCOMP = 22

	// PR_CAPBSET_READ gets the capability bounding set.
	PR_CAPBSET_READ = 23

	// PR_CAPBSET_DROP sets the capability bounding set.
	PR_CAPBSET_DROP = 24

	// PR_GET_TSC gets the value of the flag determining whether the
	// timestamp counter can be read.
	PR_GET_TSC = 25

	// PR_SET_TSC sets the value of the flag determining whether the
	// timestamp counter can be read.
	PR_SET_TSC = 26

	// PR_SET_TIMERSLACK sets the process' time slack.
	PR_SET_TIMERSLACK = 29

	// PR_GET_TIMERSLACK gets the process' time slack.
	PR_GET_TIMERSLACK = 30

	// PR_TASK_PERF_EVENTS_DISABLE disables all performance counters
	// attached to the calling process.
	PR_TASK_PERF_EVENTS_DISABLE = 31

	// PR_TASK_PERF_EVENTS_ENABLE enables all performance counters attached
	// to the calling process.
	PR_TASK_PERF_EVENTS_ENABLE = 32

	// PR_MCE_KILL sets the machine check memory corruption kill policy for
	// the calling thread.
	PR_MCE_KILL = 33

	// PR_MCE_KILL_GET gets the machine check memory corruption kill policy
	// for the calling thread.
	PR_MCE_KILL_GET = 34

	// PR_SET_MM modifies certain kernel memory map descriptor fields of
	// the calling process. See prctl(2) for more information.
	PR_SET_MM = 35

	PR_SET_MM_START_CODE  = 1
	PR_SET_MM_END_CODE    = 2
	PR_SET_MM_START_DATA  = 3
	PR_SET_MM_END_DATA    = 4
	PR_SET_MM_START_STACK = 5
	PR_SET_MM_START_BRK   = 6
	PR_SET_MM_BRK         = 7
	PR_SET_MM_ARG_START   = 8
	PR_SET_MM_ARG_END     = 9
	PR_SET_MM_ENV_START   = 10
	PR_SET_MM_ENV_END     = 11
	PR_SET_MM_AUXV        = 12
	// PR_SET_MM_EXE_FILE supersedes the /proc/pid/exe symbolic link with a
	// new one pointing to a new executable file identified by the file
	// descriptor provided in arg3 argument. See prctl(2) for more
	// information.
	PR_SET_MM_EXE_FILE = 13
	PR_SET_MM_MAP      = 14
	PR_SET_MM_MAP_SIZE = 15

	// PR_SET_CHILD_SUBREAPER sets the "child subreaper" attribute of the
	// calling process.
	PR_SET_CHILD_SUBREAPER = 36

	// PR_GET_CHILD_SUBREAPER gets the "child subreaper" attribute of the
	// calling process.
	PR_GET_CHILD_SUBREAPER = 37

	// PR_SET_NO_NEW_PRIVS sets the calling thread's no_new_privs bit.
	PR_SET_NO_NEW_PRIVS = 38

	// PR_GET_NO_NEW_PRIVS gets the calling thread's no_new_privs bit.
	PR_GET_NO_NEW_PRIVS = 39

	// PR_GET_TID_ADDRESS retrieves the clear_child_tid address.
	PR_GET_TID_ADDRESS = 40

	// PR_SET_THP_DISABLE sets the state of the "THP disable" flag for the
	// calling thread.
	PR_SET_THP_DISABLE = 41

	// PR_GET_THP_DISABLE gets the state of the "THP disable" flag for the
	// calling thread.
	PR_GET_THP_DISABLE = 42

	// PR_MPX_ENABLE_MANAGEMENT enables kernel management of Memory
	// Protection eXtensions (MPX) bounds tables.
	PR_MPX_ENABLE_MANAGEMENT = 43

	// PR_MPX_DISABLE_MANAGEMENT disables kernel management of Memory
	// Protection eXtensions (MPX) bounds tables.
	PR_MPX_DISABLE_MANAGEMENT = 44

	// The following constants are used to control thread scheduling on cores.
	PR_SCHED_CORE_SCOPE_THREAD       = 0
	PR_SCHED_CORE_SCOPE_THREAD_GROUP = 1

	// PR_SET_VMA sets VMA attributes.
	PR_SET_VMA           = 0x53564d41
	PR_SET_VMA_ANON_NAME = 0
	// From kernel/sys.c:
	ANON_VMA_NAME_MAX_LEN = 80

	// PR_SET_PTRACER allows a specific process (or any, if PR_SET_PTRACER_ANY is
	// specified) to ptrace the current task.
	PR_SET_PTRACER     = 0x59616d61
	PR_SET_PTRACER_ANY = -1
)

PR_* flags, from <linux/pcrtl.h> for prctl(2).

View Source
const (
	ARCH_SET_GS    = 0x1001
	ARCH_SET_FS    = 0x1002
	ARCH_GET_FS    = 0x1003
	ARCH_GET_GS    = 0x1004
	ARCH_SET_CPUID = 0x1012
)

From <asm/prctl.h> Flags are used in syscall arch_prctl(2).

View Source
const (
	SUID_DUMP_DISABLE = 0
	SUID_DUMP_USER    = 1
	SUID_DUMP_ROOT    = 2
)

Flags for prctl(PR_SET_DUMPABLE), defined in include/linux/sched/coredump.h.

View Source
const (
	PTRACE_TRACEME              = 0
	PTRACE_PEEKTEXT             = 1
	PTRACE_PEEKDATA             = 2
	PTRACE_PEEKUSR              = 3
	PTRACE_POKETEXT             = 4
	PTRACE_POKEDATA             = 5
	PTRACE_POKEUSR              = 6
	PTRACE_CONT                 = 7
	PTRACE_KILL                 = 8
	PTRACE_SINGLESTEP           = 9
	PTRACE_ATTACH               = 16
	PTRACE_DETACH               = 17
	PTRACE_SYSCALL              = 24
	PTRACE_SETOPTIONS           = 0x4200
	PTRACE_GETEVENTMSG          = 0x4201
	PTRACE_GETSIGINFO           = 0x4202
	PTRACE_SETSIGINFO           = 0x4203
	PTRACE_GETREGSET            = 0x4204
	PTRACE_SETREGSET            = 0x4205
	PTRACE_SEIZE                = 0x4206
	PTRACE_INTERRUPT            = 0x4207
	PTRACE_LISTEN               = 0x4208
	PTRACE_PEEKSIGINFO          = 0x4209
	PTRACE_GETSIGMASK           = 0x420a
	PTRACE_SETSIGMASK           = 0x420b
	PTRACE_SECCOMP_GET_FILTER   = 0x420c
	PTRACE_SECCOMP_GET_METADATA = 0x420d
)

ptrace commands from include/uapi/linux/ptrace.h.

View Source
const (
	PTRACE_GETREGS           = 12
	PTRACE_SETREGS           = 13
	PTRACE_GETFPREGS         = 14
	PTRACE_SETFPREGS         = 15
	PTRACE_GETFPXREGS        = 18
	PTRACE_SETFPXREGS        = 19
	PTRACE_OLDSETOPTIONS     = 21
	PTRACE_GET_THREAD_AREA   = 25
	PTRACE_SET_THREAD_AREA   = 26
	PTRACE_ARCH_PRCTL        = 30
	PTRACE_SYSEMU            = 31
	PTRACE_SYSEMU_SINGLESTEP = 32
	PTRACE_SINGLEBLOCK       = 33
)

ptrace commands from arch/x86/include/uapi/asm/ptrace-abi.h.

View Source
const (
	PTRACE_EVENT_FORK       = 1
	PTRACE_EVENT_VFORK      = 2
	PTRACE_EVENT_CLONE      = 3
	PTRACE_EVENT_EXEC       = 4
	PTRACE_EVENT_VFORK_DONE = 5
	PTRACE_EVENT_EXIT       = 6
	PTRACE_EVENT_SECCOMP    = 7
	PTRACE_EVENT_STOP       = 128
)

ptrace event codes from include/uapi/linux/ptrace.h.

View Source
const (
	PTRACE_O_TRACESYSGOOD    = 1
	PTRACE_O_TRACEFORK       = 1 << PTRACE_EVENT_FORK
	PTRACE_O_TRACEVFORK      = 1 << PTRACE_EVENT_VFORK
	PTRACE_O_TRACECLONE      = 1 << PTRACE_EVENT_CLONE
	PTRACE_O_TRACEEXEC       = 1 << PTRACE_EVENT_EXEC
	PTRACE_O_TRACEVFORKDONE  = 1 << PTRACE_EVENT_VFORK_DONE
	PTRACE_O_TRACEEXIT       = 1 << PTRACE_EVENT_EXIT
	PTRACE_O_TRACESECCOMP    = 1 << PTRACE_EVENT_SECCOMP
	PTRACE_O_EXITKILL        = 1 << 20
	PTRACE_O_SUSPEND_SECCOMP = 1 << 21
)

PTRACE_SETOPTIONS options from include/uapi/linux/ptrace.h.

View Source
const (
	YAMA_SCOPE_DISABLED   = 0
	YAMA_SCOPE_RELATIONAL = 1
)

YAMA ptrace_scope levels from security/yama/yama_lsm.c.

View Source
const (
	// RSEQ_CS_FLAG_NO_RESTART_ON_PREEMPT inhibits restart on preemption.
	RSEQ_CS_FLAG_NO_RESTART_ON_PREEMPT = 1 << 0

	// RSEQ_CS_FLAG_NO_RESTART_ON_SIGNAL inhibits restart on signal
	// delivery.
	RSEQ_CS_FLAG_NO_RESTART_ON_SIGNAL = 1 << 1

	// RSEQ_CS_FLAG_NO_RESTART_ON_MIGRATE inhibits restart on CPU
	// migration.
	RSEQ_CS_FLAG_NO_RESTART_ON_MIGRATE = 1 << 2
)

Critical section flags used in RSeqCriticalSection.Flags and RSeq.Flags.

Defined in include/uapi/linux/rseq.h.

View Source
const (
	// SizeOfRSeqCriticalSection is the size of RSeqCriticalSection.
	SizeOfRSeqCriticalSection = 32

	// SizeOfRSeqSignature is the size of the signature immediately
	// preceding RSeqCriticalSection.Abort.
	SizeOfRSeqSignature = 4
)
View Source
const (
	// RSEQ_CPU_ID_UNINITIALIZED indicates that this thread has not
	// performed rseq initialization.
	RSEQ_CPU_ID_UNINITIALIZED = ^uint32(0) // -1

	// RSEQ_CPU_ID_REGISTRATION_FAILED indicates that rseq initialization
	// failed.
	RSEQ_CPU_ID_REGISTRATION_FAILED = ^uint32(1) // -2
)

Special values for RSeq.CPUID, defined in include/uapi/linux/rseq.h.

View Source
const (
	// SizeOfRSeq is the size of RSeq.
	//
	// Note that RSeq is naively 24 bytes. However, it has 32-byte
	// alignment, which in C increases sizeof to 32. That is the size that
	// the Linux kernel uses.
	SizeOfRSeq = 32

	// AlignOfRSeq is the standard alignment of RSeq.
	AlignOfRSeq = 32

	// OffsetOfRSeqCriticalSection is the offset of RSeqCriticalSection in RSeq.
	OffsetOfRSeqCriticalSection = 8
)
View Source
const (
	// wait4(2) uses this to aggregate RUSAGE_SELF and RUSAGE_CHILDREN.
	RUSAGE_BOTH = -0x2

	// getrusage(2) flags.
	RUSAGE_CHILDREN = -0x1
	RUSAGE_SELF     = 0x0
	RUSAGE_THREAD   = 0x1
)

Flags that may be used with wait4(2) and getrusage(2).

View Source
const (
	SCHED_NORMAL   = 0
	SCHED_FIFO     = 1
	SCHED_RR       = 2
	SCHED_BATCH    = 3
	SCHED_IDLE     = 5
	SCHED_DEADLINE = 6
	SCHED_MICROQ   = 16

	// SCHED_RESET_ON_FORK is a flag that indicates that the process is
	// reverted back to SCHED_NORMAL on fork.
	SCHED_RESET_ON_FORK = 0x40000000
)

Scheduling policies, exposed by sched_getscheduler(2)/sched_setscheduler(2).

View Source
const (
	PRIO_PGRP    = 0x1
	PRIO_PROCESS = 0x0
	PRIO_USER    = 0x2
)

Scheduling priority group selectors.

View Source
const (
	SECCOMP_MODE_NONE   = 0
	SECCOMP_MODE_FILTER = 2

	SECCOMP_RET_ACTION_FULL = 0xffff0000
	SECCOMP_RET_ACTION      = 0x7fff0000
	SECCOMP_RET_DATA        = 0x0000ffff

	SECCOMP_SET_MODE_FILTER  = 1
	SECCOMP_GET_ACTION_AVAIL = 2
	SECCOMP_GET_NOTIF_SIZES  = 3

	SECCOMP_FILTER_FLAG_TSYNC        = 1
	SECCOMP_FILTER_FLAG_NEW_LISTENER = 1 << 3

	SECCOMP_USER_NOTIF_FLAG_CONTINUE = 1

	SECCOMP_IOCTL_NOTIF_RECV      = 0xc0502100
	SECCOMP_IOCTL_NOTIF_SEND      = 0xc0182101
	SECCOMP_IOCTL_NOTIF_SET_FLAGS = 0x40082104

	SECCOMP_USER_NOTIF_FD_SYNC_WAKE_UP = 1
)

Seccomp constants taken from <linux/seccomp.h>.

View Source
const (
	GETPID  = 11
	GETVAL  = 12
	GETALL  = 13
	GETNCNT = 14
	GETZCNT = 15
	SETVAL  = 16
	SETALL  = 17
)

semctl Command Definitions. Source: include/uapi/linux/sem.h

View Source
const (
	SEM_STAT     = 18
	SEM_INFO     = 19
	SEM_STAT_ANY = 20
)

ipcs ctl cmds. Source: include/uapi/linux/sem.h

View Source
const (
	SEMMNI = 32000
	SEMMSL = 32000
	SEMMNS = SEMMNI * SEMMSL
	SEMOPM = 500
	SEMVMX = 32767
	SEMAEM = SEMVMX

	SEMUME = SEMOPM
	SEMMNU = SEMMNS
	SEMMAP = SEMMNS
	SEMUSZ = 20
)

Information about system-wide semaphore limits and parameters.

Source: include/uapi/linux/sem.h

View Source
const (
	SHM_RDONLY = 010000  // Read-only access.
	SHM_RND    = 020000  // Round attach address to SHMLBA boundary.
	SHM_REMAP  = 040000  // Take-over region on attach.
	SHM_EXEC   = 0100000 // Execution access.
)

shmat(2) flags. Source: include/uapi/linux/shm.h

View Source
const (
	SHM_DEST      = 01000  // Segment will be destroyed on last detach.
	SHM_LOCKED    = 02000  // Segment will not be swapped.
	SHM_HUGETLB   = 04000  // Segment will use huge TLB pages.
	SHM_NORESERVE = 010000 // Don't check for reservations.
)

IPCPerm.Mode upper byte flags. Source: include/linux/shm.h

View Source
const (
	SHM_LOCK   = 11
	SHM_UNLOCK = 12
	SHM_STAT   = 13
	SHM_INFO   = 14
)

Additional Linux-only flags for shmctl(2). Source: include/uapi/linux/shm.h

View Source
const (
	SHMMIN = 1
	SHMMNI = 4096
	SHMMAX = math.MaxUint64 - 1<<24
	SHMALL = math.MaxUint64 - 1<<24
	SHMSEG = 4096
)

SHM defaults as specified by linux. Source: include/uapi/linux/shm.h

View Source
const (
	// SignalMaximum is the highest valid signal number.
	SignalMaximum = 64

	// FirstStdSignal is the lowest standard signal number.
	FirstStdSignal = 1

	// LastStdSignal is the highest standard signal number.
	LastStdSignal = 31

	// FirstRTSignal is the lowest real-time signal number.
	//
	// 32 (SIGCANCEL) and 33 (SIGSETXID) are used internally by glibc.
	FirstRTSignal = 32

	// LastRTSignal is the highest real-time signal number.
	LastRTSignal = 64

	// NumStdSignals is the number of standard signals.
	NumStdSignals = LastStdSignal - FirstStdSignal + 1

	// NumRTSignals is the number of realtime signals.
	NumRTSignals = LastRTSignal - FirstRTSignal + 1
)
View Source
const (
	SIGABRT   = Signal(6)
	SIGALRM   = Signal(14)
	SIGBUS    = Signal(7)
	SIGCHLD   = Signal(17)
	SIGCLD    = Signal(17)
	SIGCONT   = Signal(18)
	SIGFPE    = Signal(8)
	SIGHUP    = Signal(1)
	SIGILL    = Signal(4)
	SIGINT    = Signal(2)
	SIGIO     = Signal(29)
	SIGIOT    = Signal(6)
	SIGKILL   = Signal(9)
	SIGPIPE   = Signal(13)
	SIGPOLL   = Signal(29)
	SIGPROF   = Signal(27)
	SIGPWR    = Signal(30)
	SIGQUIT   = Signal(3)
	SIGSEGV   = Signal(11)
	SIGSTKFLT = Signal(16)
	SIGSTOP   = Signal(19)
	SIGSYS    = Signal(31)
	SIGTERM   = Signal(15)
	SIGTRAP   = Signal(5)
	SIGTSTP   = Signal(20)
	SIGTTIN   = Signal(21)
	SIGTTOU   = Signal(22)
	SIGUNUSED = Signal(31)
	SIGURG    = Signal(23)
	SIGUSR1   = Signal(10)
	SIGUSR2   = Signal(12)
	SIGVTALRM = Signal(26)
	SIGWINCH  = Signal(28)
	SIGXCPU   = Signal(24)
	SIGXFSZ   = Signal(25)
)

Signals.

View Source
const (
	// SIG_BLOCK blocks the signals in the set.
	SIG_BLOCK = 0

	// SIG_UNBLOCK blocks the signals in the set.
	SIG_UNBLOCK = 1

	// SIG_SETMASK sets the signal mask to set.
	SIG_SETMASK = 2
)

'how' values for rt_sigprocmask(2).

View Source
const (
	// SIG_DFL performs the default action.
	SIG_DFL = 0

	// SIG_IGN ignores the signal.
	SIG_IGN = 1
)

Signal actions for rt_sigaction(2), from uapi/asm-generic/signal-defs.h.

View Source
const (
	SA_NOCLDSTOP = 0x00000001
	SA_NOCLDWAIT = 0x00000002
	SA_SIGINFO   = 0x00000004
	SA_RESTORER  = 0x04000000
	SA_ONSTACK   = 0x08000000
	SA_RESTART   = 0x10000000
	SA_NODEFER   = 0x40000000
	SA_RESETHAND = 0x80000000
	SA_NOMASK    = SA_NODEFER
	SA_ONESHOT   = SA_RESETHAND
)

Signal action flags for rt_sigaction(2), from uapi/asm-generic/signal.h.

View Source
const (
	SS_ONSTACK = 1
	SS_DISABLE = 2
)

Signal stack flags for signalstack(2), from include/uapi/linux/signal.h.

View Source
const (
	// SI_POLL is defined as __SI_POLL in Linux 2.6.
	SI_POLL = 2 << 16

	// POLL_IN indicates that data input available.
	POLL_IN = SI_POLL | 1

	// POLL_OUT indicates that output buffers available.
	POLL_OUT = SI_POLL | 2

	// POLL_MSG indicates that an input message available.
	POLL_MSG = SI_POLL | 3

	// POLL_ERR indicates that there was an i/o error.
	POLL_ERR = SI_POLL | 4

	// POLL_PRI indicates that a high priority input available.
	POLL_PRI = SI_POLL | 5

	// POLL_HUP indicates that a device disconnected.
	POLL_HUP = SI_POLL | 6
)

SIGPOLL si_codes.

View Source
const (
	// SI_USER is sent by kill, sigsend, raise.
	SI_USER = 0

	// SI_KERNEL is sent by the kernel from somewhere.
	SI_KERNEL = 0x80

	// SI_QUEUE is sent by sigqueue.
	SI_QUEUE = -1

	// SI_TIMER is sent by timer expiration.
	SI_TIMER = -2

	// SI_MESGQ is sent by real time mesq state change.
	SI_MESGQ = -3

	// SI_ASYNCIO is sent by AIO completion.
	SI_ASYNCIO = -4

	// SI_SIGIO is sent by queued SIGIO.
	SI_SIGIO = -5

	// SI_TKILL is sent by tkill system call.
	SI_TKILL = -6

	// SI_DETHREAD is sent by execve() killing subsidiary threads.
	SI_DETHREAD = -7

	// SI_ASYNCNL is sent by glibc async name lookup completion.
	SI_ASYNCNL = -60
)

Possible values for si_code.

View Source
const (
	// CLD_EXITED indicates that a task exited.
	CLD_EXITED = 1

	// CLD_KILLED indicates that a task was killed by a signal.
	CLD_KILLED = 2

	// CLD_DUMPED indicates that a task was killed by a signal and then dumped
	// core.
	CLD_DUMPED = 3

	// CLD_TRAPPED indicates that a task was stopped by ptrace.
	CLD_TRAPPED = 4

	// CLD_STOPPED indicates that a thread group completed a group stop.
	CLD_STOPPED = 5

	// CLD_CONTINUED indicates that a group-stopped thread group was continued.
	CLD_CONTINUED = 6
)

CLD_* codes are only meaningful for SIGCHLD.

View Source
const (
	SIGEV_SIGNAL    = 0
	SIGEV_NONE      = 1
	SIGEV_THREAD    = 2
	SIGEV_THREAD_ID = 4
)

Possible values for Sigevent.Notify, aka struct sigevent::sigev_notify.

View Source
const (
	// SFD_NONBLOCK is a signalfd(2) flag.
	SFD_NONBLOCK = 00004000

	// SFD_CLOEXEC is a signalfd(2) flag.
	SFD_CLOEXEC = 02000000
)
View Source
const (
	AF_UNSPEC     = 0
	AF_UNIX       = 1
	AF_INET       = 2
	AF_AX25       = 3
	AF_IPX        = 4
	AF_APPLETALK  = 5
	AF_NETROM     = 6
	AF_BRIDGE     = 7
	AF_ATMPVC     = 8
	AF_X25        = 9
	AF_INET6      = 10
	AF_ROSE       = 11
	AF_DECnet     = 12
	AF_NETBEUI    = 13
	AF_SECURITY   = 14
	AF_KEY        = 15
	AF_NETLINK    = 16
	AF_PACKET     = 17
	AF_ASH        = 18
	AF_ECONET     = 19
	AF_ATMSVC     = 20
	AF_RDS        = 21
	AF_SNA        = 22
	AF_IRDA       = 23
	AF_PPPOX      = 24
	AF_WANPIPE    = 25
	AF_LLC        = 26
	AF_IB         = 27
	AF_MPLS       = 28
	AF_CAN        = 29
	AF_TIPC       = 30
	AF_BLUETOOTH  = 31
	AF_IUCV       = 32
	AF_RXRPC      = 33
	AF_ISDN       = 34
	AF_PHONET     = 35
	AF_IEEE802154 = 36
	AF_CAIF       = 37
	AF_ALG        = 38
	AF_NFC        = 39
	AF_VSOCK      = 40
)

Address families, from linux/socket.h.

View Source
const (
	MSG_OOB              = 0x1
	MSG_PEEK             = 0x2
	MSG_DONTROUTE        = 0x4
	MSG_TRYHARD          = 0x4
	MSG_CTRUNC           = 0x8
	MSG_PROBE            = 0x10
	MSG_TRUNC            = 0x20
	MSG_DONTWAIT         = 0x40
	MSG_EOR              = 0x80
	MSG_WAITALL          = 0x100
	MSG_FIN              = 0x200
	MSG_EOF              = MSG_FIN
	MSG_SYN              = 0x400
	MSG_CONFIRM          = 0x800
	MSG_RST              = 0x1000
	MSG_ERRQUEUE         = 0x2000
	MSG_NOSIGNAL         = 0x4000
	MSG_MORE             = 0x8000
	MSG_WAITFORONE       = 0x10000
	MSG_SENDPAGE_NOTLAST = 0x20000
	MSG_ZEROCOPY         = 0x4000000
	MSG_FASTOPEN         = 0x20000000
	MSG_CMSG_CLOEXEC     = 0x40000000
)

sendmsg(2)/recvmsg(2) flags, from linux/socket.h.

View Source
const (
	SOL_IP      = 0
	SOL_SOCKET  = 1
	SOL_TCP     = 6
	SOL_UDP     = 17
	SOL_IPV6    = 41
	SOL_ICMPV6  = 58
	SOL_RAW     = 255
	SOL_PACKET  = 263
	SOL_NETLINK = 270
)

Set/get socket option levels, from socket.h.

View Source
const (
	SOCK_CLOEXEC  = O_CLOEXEC
	SOCK_NONBLOCK = O_NONBLOCK
)

socket(2)/socketpair(2)/accept4(2) flags, from linux/net.h.

View Source
const (
	SHUT_RD   = 0
	SHUT_WR   = 1
	SHUT_RDWR = 2
)

shutdown(2) how commands, from <linux/net.h>.

View Source
const (
	PACKET_HOST      = 0 // To us
	PACKET_BROADCAST = 1 // To all
	PACKET_MULTICAST = 2 // To group
	PACKET_OTHERHOST = 3 // To someone else
	PACKET_OUTGOING  = 4 // Outgoing of any type
)

Packet types from <linux/if_packet.h>

View Source
const (
	SO_DEBUG                 = 1
	SO_REUSEADDR             = 2
	SO_TYPE                  = 3
	SO_ERROR                 = 4
	SO_DONTROUTE             = 5
	SO_BROADCAST             = 6
	SO_SNDBUF                = 7
	SO_RCVBUF                = 8
	SO_KEEPALIVE             = 9
	SO_OOBINLINE             = 10
	SO_NO_CHECK              = 11
	SO_PRIORITY              = 12
	SO_LINGER                = 13
	SO_BSDCOMPAT             = 14
	SO_REUSEPORT             = 15
	SO_PASSCRED              = 16
	SO_PEERCRED              = 17
	SO_RCVLOWAT              = 18
	SO_SNDLOWAT              = 19
	SO_RCVTIMEO              = 20
	SO_SNDTIMEO              = 21
	SO_BINDTODEVICE          = 25
	SO_ATTACH_FILTER         = 26
	SO_DETACH_FILTER         = 27
	SO_GET_FILTER            = SO_ATTACH_FILTER
	SO_PEERNAME              = 28
	SO_TIMESTAMP             = 29
	SO_ACCEPTCONN            = 30
	SO_PEERSEC               = 31
	SO_SNDBUFFORCE           = 32
	SO_RCVBUFFORCE           = 33
	SO_PASSSEC               = 34
	SO_TIMESTAMPNS           = 35
	SO_MARK                  = 36
	SO_TIMESTAMPING          = 37
	SO_PROTOCOL              = 38
	SO_DOMAIN                = 39
	SO_RXQ_OVFL              = 40
	SO_WIFI_STATUS           = 41
	SO_PEEK_OFF              = 42
	SO_NOFCS                 = 43
	SO_LOCK_FILTER           = 44
	SO_SELECT_ERR_QUEUE      = 45
	SO_BUSY_POLL             = 46
	SO_MAX_PACING_RATE       = 47
	SO_BPF_EXTENSIONS        = 48
	SO_INCOMING_CPU          = 49
	SO_ATTACH_BPF            = 50
	SO_ATTACH_REUSEPORT_CBPF = 51
	SO_ATTACH_REUSEPORT_EBPF = 52
	SO_CNX_ADVICE            = 53
	SO_MEMINFO               = 55
	SO_INCOMING_NAPI_ID      = 56
	SO_COOKIE                = 57
	SO_PEERGROUPS            = 59
	SO_ZEROCOPY              = 60
	SO_TXTIME                = 61
)

Socket options from socket.h.

View Source
const (
	SS_FREE          = 0 // Not allocated.
	SS_UNCONNECTED   = 1 // Unconnected to any socket.
	SS_CONNECTING    = 2 // In process of connecting.
	SS_CONNECTED     = 3 // Connected to socket.
	SS_DISCONNECTING = 4 // In process of disconnecting.
)

enum socket_state, from uapi/linux/net.h.

View Source
const (
	TCP_ESTABLISHED uint32 = iota + 1
	TCP_SYN_SENT
	TCP_SYN_RECV
	TCP_FIN_WAIT1
	TCP_FIN_WAIT2
	TCP_TIME_WAIT
	TCP_CLOSE
	TCP_CLOSE_WAIT
	TCP_LAST_ACK
	TCP_LISTEN
	TCP_CLOSING
	TCP_NEW_SYN_RECV
)

TCP protocol states, from include/net/tcp_states.h.

View Source
const (
	SCM_CREDENTIALS = 0x2
	SCM_RIGHTS      = 0x1
)

Control message types, from linux/socket.h.

View Source
const (
	SPLICE_F_MOVE = 1 << iota
	SPLICE_F_NONBLOCK
	SPLICE_F_MORE
	SPLICE_F_GIFT
)

Constants for splice(2), sendfile(2) and tee(2).

View Source
const (
	TCP_NODELAY              = 1
	TCP_MAXSEG               = 2
	TCP_CORK                 = 3
	TCP_KEEPIDLE             = 4
	TCP_KEEPINTVL            = 5
	TCP_KEEPCNT              = 6
	TCP_SYNCNT               = 7
	TCP_LINGER2              = 8
	TCP_DEFER_ACCEPT         = 9
	TCP_WINDOW_CLAMP         = 10
	TCP_INFO                 = 11
	TCP_QUICKACK             = 12
	TCP_CONGESTION           = 13
	TCP_MD5SIG               = 14
	TCP_THIN_LINEAR_TIMEOUTS = 16
	TCP_THIN_DUPACK          = 17
	TCP_USER_TIMEOUT         = 18
	TCP_REPAIR               = 19
	TCP_REPAIR_QUEUE         = 20
	TCP_QUEUE_SEQ            = 21
	TCP_REPAIR_OPTIONS       = 22
	TCP_FASTOPEN             = 23
	TCP_TIMESTAMP            = 24
	TCP_NOTSENT_LOWAT        = 25
	TCP_CC_INFO              = 26
	TCP_SAVE_SYN             = 27
	TCP_SAVED_SYN            = 28
	TCP_REPAIR_WINDOW        = 29
	TCP_FASTOPEN_CONNECT     = 30
	TCP_ULP                  = 31
	TCP_MD5SIG_EXT           = 32
	TCP_FASTOPEN_KEY         = 33
	TCP_FASTOPEN_NO_COOKIE   = 34
	TCP_ZEROCOPY_RECEIVE     = 35
	TCP_INQ                  = 36
)

Socket options from uapi/linux/tcp.h.

View Source
const (
	MAX_TCP_KEEPIDLE  = 32767
	MAX_TCP_KEEPINTVL = 32767
	MAX_TCP_KEEPCNT   = 127
)

Socket constants from include/net/tcp.h.

View Source
const (
	TCP_CA_Open     = 0
	TCP_CA_Disorder = 1
	TCP_CA_CWR      = 2
	TCP_CA_Recovery = 3
	TCP_CA_Loss     = 4
)

Congestion control states from include/uapi/linux/tcp.h.

View Source
const (
	// ClockTick is the length of time represented by a single clock tick, as
	// used by times(2) and /proc/[pid]/stat.
	ClockTick = time.Second / CLOCKS_PER_SEC

	// CLOCKS_PER_SEC is the number of ClockTicks per second.
	//
	// Linux defines this to be 100 on most architectures, irrespective of
	// CONFIG_HZ. Userspace obtains the value through sysconf(_SC_CLK_TCK),
	// which uses the AT_CLKTCK entry in the auxiliary vector if one is
	// provided, and assumes 100 otherwise (glibc:
	// sysdeps/posix/sysconf.c:__sysconf() =>
	// sysdeps/unix/sysv/linux/getclktck.c, elf/dl-support.c:_dl_aux_init()).
	//
	// Not to be confused with POSIX CLOCKS_PER_SEC, as used by clock(3); "XSI
	// requires that [POSIX] CLOCKS_PER_SEC equals 1000000 independent of the
	// actual resolution" - clock(3).
	CLOCKS_PER_SEC = 100
)
View Source
const (
	CPUCLOCK_PROF  = 0
	CPUCLOCK_VIRT  = 1
	CPUCLOCK_SCHED = 2
	CPUCLOCK_MAX   = 3
	CLOCKFD        = CPUCLOCK_MAX

	CPUCLOCK_CLOCK_MASK     = 3
	CPUCLOCK_PERTHREAD_MASK = 4
)

CPU clock types for use with clock_gettime(2) et al.

The 29 most significant bits of a 32 bit clock ID are either a PID or a FD.

Bits 1 and 0 give the type: PROF=0, VIRT=1, SCHED=2, or FD=3.

Bit 2 indicates whether a cpu clock refers to a thread or a process.

View Source
const (
	CLOCK_REALTIME           = 0
	CLOCK_MONOTONIC          = 1
	CLOCK_PROCESS_CPUTIME_ID = 2
	CLOCK_THREAD_CPUTIME_ID  = 3
	CLOCK_MONOTONIC_RAW      = 4
	CLOCK_REALTIME_COARSE    = 5
	CLOCK_MONOTONIC_COARSE   = 6
	CLOCK_BOOTTIME           = 7
	CLOCK_REALTIME_ALARM     = 8
	CLOCK_BOOTTIME_ALARM     = 9
)

Clock identifiers for use with clock_gettime(2), clock_getres(2), clock_nanosleep(2).

View Source
const (
	// TFD_CLOEXEC is a timerfd_create flag.
	TFD_CLOEXEC = O_CLOEXEC

	// TFD_NONBLOCK is a timerfd_create flag.
	TFD_NONBLOCK = O_NONBLOCK

	// TFD_TIMER_ABSTIME is a timerfd_settime flag.
	TFD_TIMER_ABSTIME = 1
)

Flags for timerfd syscalls (timerfd_create(2), timerfd_settime(2)).

View Source
const (
	ITIMER_REAL    = 0
	ITIMER_VIRTUAL = 1
	ITIMER_PROF    = 2
)

itimer types for getitimer(2) and setitimer(2), from include/uapi/linux/time.h.

View Source
const (
	IGNBRK  = 0000001
	BRKINT  = 0000002
	IGNPAR  = 0000004
	PARMRK  = 0000010
	INPCK   = 0000020
	ISTRIP  = 0000040
	INLCR   = 0000100
	IGNCR   = 0000200
	ICRNL   = 0000400
	IUCLC   = 0001000
	IXON    = 0002000
	IXANY   = 0004000
	IXOFF   = 0010000
	IMAXBEL = 0020000
	IUTF8   = 0040000
)

Input flags.

View Source
const (
	OPOST  = 0000001
	OLCUC  = 0000002
	ONLCR  = 0000004
	OCRNL  = 0000010
	ONOCR  = 0000020
	ONLRET = 0000040
	OFILL  = 0000100
	OFDEL  = 0000200
	NLDLY  = 0000400
	NL0    = 0000000
	NL1    = 0000400
	CRDLY  = 0003000
	CR0    = 0000000
	CR1    = 0001000
	CR2    = 0002000
	CR3    = 0003000
	TABDLY = 0014000
	TAB0   = 0000000
	TAB1   = 0004000
	TAB2   = 0010000
	TAB3   = 0014000
	XTABS  = 0014000
	BSDLY  = 0020000
	BS0    = 0000000
	BS1    = 0020000
	VTDLY  = 0040000
	VT0    = 0000000
	VT1    = 0040000
	FFDLY  = 0100000
	FF0    = 0000000
	FF1    = 0100000
)

Output flags.

View Source
const (
	CBAUD    = 0010017
	B0       = 0000000
	B50      = 0000001
	B75      = 0000002
	B110     = 0000003
	B134     = 0000004
	B150     = 0000005
	B200     = 0000006
	B300     = 0000007
	B600     = 0000010
	B1200    = 0000011
	B1800    = 0000012
	B2400    = 0000013
	B4800    = 0000014
	B9600    = 0000015
	B19200   = 0000016
	B38400   = 0000017
	EXTA     = B19200
	EXTB     = B38400
	CSIZE    = 0000060
	CS5      = 0000000
	CS6      = 0000020
	CS7      = 0000040
	CS8      = 0000060
	CSTOPB   = 0000100
	CREAD    = 0000200
	PARENB   = 0000400
	PARODD   = 0001000
	HUPCL    = 0002000
	CLOCAL   = 0004000
	CBAUDEX  = 0010000
	BOTHER   = 0010000
	B57600   = 0010001
	B115200  = 0010002
	B230400  = 0010003
	B460800  = 0010004
	B500000  = 0010005
	B576000  = 0010006
	B921600  = 0010007
	B1000000 = 0010010
	B1152000 = 0010011
	B1500000 = 0010012
	B2000000 = 0010013
	B2500000 = 0010014
	B3000000 = 0010015
	B3500000 = 0010016
	B4000000 = 0010017
	CIBAUD   = 002003600000
	CMSPAR   = 010000000000
	CRTSCTS  = 020000000000

	// IBSHIFT is the shift from CBAUD to CIBAUD.
	IBSHIFT = 16
)

Control flags.

View Source
const (
	ISIG    = 0000001
	ICANON  = 0000002
	XCASE   = 0000004
	ECHO    = 0000010
	ECHOE   = 0000020
	ECHOK   = 0000040
	ECHONL  = 0000100
	NOFLSH  = 0000200
	TOSTOP  = 0000400
	ECHOCTL = 0001000
	ECHOPRT = 0002000
	ECHOKE  = 0004000
	FLUSHO  = 0010000
	PENDIN  = 0040000
	IEXTEN  = 0100000
	EXTPROC = 0200000
)

Local flags.

View Source
const (
	VINTR    = 0
	VQUIT    = 1
	VERASE   = 2
	VKILL    = 3
	VEOF     = 4
	VTIME    = 5
	VMIN     = 6
	VSWTC    = 7
	VSTART   = 8
	VSTOP    = 9
	VSUSP    = 10
	VEOL     = 11
	VREPRINT = 12
	VDISCARD = 13
	VWERASE  = 14
	VLNEXT   = 15
	VEOL2    = 16
)

Control Character indices.

View Source
const (
	VFIO_TYPE = ';'
	VFIO_BASE = 100

	// VFIO extensions.
	VFIO_TYPE1_IOMMU     = 1
	VFIO_SPAPR_TCE_IOMMU = 2
	VFIO_TYPE1v2_IOMMU   = 3
)

For IOCTLs requests from include/uapi/linux/vfio.h.

View Source
const (
	// Device supports reset.
	VFIO_DEVICE_FLAGS_RESET = 1 << iota
	// VFIO-pci device.
	VFIO_DEVICE_FLAGS_PCI
	// VFIO-platform device.
	VFIO_DEVICE_FLAGS_PLATFORM
	// VFIO-amba device.
	VFIO_DEVICE_FLAGS_AMBA
	// VFIO-ccw device.
	VFIO_DEVICE_FLAGS_CCW
	// VFIO-ap device.
	VFIO_DEVICE_FLAGS_AP
	// VFIO-fsl-mc device.
	VFIO_DEVICE_FLAGS_FSL_MC
	// Info supports caps.
	VFIO_DEVICE_FLAGS_CAPS
	// VFIO-cdx device.
	VFIO_DEVICE_FLAGS_CDX
)

VFIO device info flags.

View Source
const (
	// Region supports read.
	VFIO_REGION_INFO_FLAG_READ = 1 << iota
	// Region supports write.
	VFIO_REGION_INFO_FLAG_WRITE
	// Region supports mmap.
	VFIO_REGION_INFO_FLAG_MMAP
	// Info supports caps.
	VFIO_REGION_INFO_FLAG_CAPS
)

VFIO region info flags.

View Source
const (
	VFIO_IRQ_INFO_EVENTFD = 1 << iota
	VFIO_IRQ_INFO_MASKABLE
	VFIO_IRQ_INFO_AUTOMASKED
	VFIO_IRQ_INFO_NORESIZE
)

VFIOIrqInfo flags.

View Source
const (
	VFIO_IRQ_SET_DATA_NONE = 1 << iota
	VFIO_IRQ_SET_DATA_BOOL
	VFIO_IRQ_SET_DATA_EVENTFD
	VFIO_IRQ_SET_ACTION_MASK
	VFIO_IRQ_SET_ACTION_UNMASK
	VFIO_IRQ_SET_ACTION_TRIGGER

	VFIO_IRQ_SET_DATA_TYPE_MASK = VFIO_IRQ_SET_DATA_NONE |
		VFIO_IRQ_SET_DATA_BOOL |
		VFIO_IRQ_SET_DATA_EVENTFD
	VFIO_IRQ_SET_ACTION_TYPE_MASK = VFIO_IRQ_SET_ACTION_MASK |
		VFIO_IRQ_SET_ACTION_UNMASK |
		VFIO_IRQ_SET_ACTION_TRIGGER
)

VFIOIrqSet flags.

View Source
const (
	VFIO_PCI_INTX_IRQ_INDEX = iota
	VFIO_PCI_MSI_IRQ_INDEX
	VFIO_PCI_MSIX_IRQ_INDEX
	VFIO_PCI_ERR_IRQ_INDEX
	VFIO_PCI_REQ_IRQ_INDEX
	VFIO_PCI_NUM_IRQS
)

VFIOIrqSet index.

View Source
const (
	// Readable from device.
	VFIO_DMA_MAP_FLAG_READ = 1 << iota
	// Writable from device.
	VFIO_DMA_MAP_FLAG_WRITE
	// Update the device's virtual address.
	VFIO_DMA_MAP_FLAG_VADDR
)

VFIOIommuType1DmaMap flags.

View Source
const (
	WNOHANG    = 0x00000001
	WUNTRACED  = 0x00000002
	WSTOPPED   = WUNTRACED
	WEXITED    = 0x00000004
	WCONTINUED = 0x00000008
	WNOWAIT    = 0x01000000
	WNOTHREAD  = 0x20000000
	WALL       = 0x40000000
	WCLONE     = 0x80000000
)

Options for waitpid(2), wait4(2), and/or waitid(2), from include/uapi/linux/wait.h.

View Source
const (
	P_ALL  = 0x0
	P_PID  = 0x1
	P_PGID = 0x2
)

ID types for waitid(2), from include/uapi/linux/wait.h.

View Source
const (
	XATTR_NAME_MAX = 255
	XATTR_SIZE_MAX = 65536
	XATTR_LIST_MAX = 65536

	XATTR_CREATE  = 1
	XATTR_REPLACE = 2

	XATTR_SECURITY_PREFIX     = "security."
	XATTR_SECURITY_PREFIX_LEN = len(XATTR_SECURITY_PREFIX)

	XATTR_SYSTEM_PREFIX     = "system."
	XATTR_SYSTEM_PREFIX_LEN = len(XATTR_SYSTEM_PREFIX)

	XATTR_TRUSTED_PREFIX     = "trusted."
	XATTR_TRUSTED_PREFIX_LEN = len(XATTR_TRUSTED_PREFIX)

	XATTR_USER_PREFIX     = "user."
	XATTR_USER_PREFIX_LEN = len(XATTR_USER_PREFIX)
)

Constants for extended attributes.

View Source
const (
	// ACCEL_MAJOR is the major device number for compute accelerator devices.
	ACCEL_MAJOR = 121
)

from Linux include/drm/drm_accel.h

View Source
const AIORingSize = 32

AIORingSize is sizeof(struct aio_ring).

ALL_INOTIFY_BITS contains all the bits for all possible inotify events. It's defined in the Linux source at "include/linux/inotify.h".

View Source
const (
	AT_EACCESS = 0x200
)

Constants for faccessat2(2).

View Source
const (
	AT_FDCWD = -100
)

Constants for all file-related ...at(2) syscalls.

View Source
const (
	AT_REMOVEDIR = 0x200
)

Constants for unlinkat(2).

View Source
const (
	AT_SYMLINK_NOFOLLOW = 0x100
)

Constants for fstatat(2).

View Source
const (
	// CtxSignalNoInfoFunc is a Context.Value key for a function to send signals.
	CtxSignalNoInfoFunc contextID = iota
)
View Source
const (
	FD_CLOEXEC = 00000001
)

Flags for fcntl.

View Source
const FUSE_GETATTR_FH = (1 << 0)

FUSE_GETATTR_FH is currently the only flag of FUSEGetAttrIn.GetAttrFlags. If it is set, the file handle (FUSEGetAttrIn.Fh) is used to indicate the object instead of the node id attribute in the request header.

View Source
const (
	// FUSE_MIN_READ_BUFFER is the minimum size the read can be for any FUSE filesystem.
	// This is the minimum size Linux supports. See linux.fuse.h.
	FUSE_MIN_READ_BUFFER uint32 = 8192
)
View Source
const (
	FUSE_READ_LOCKOWNER = 1 << 1
)

FUSE_READ flags, consistent with the ones in include/uapi/linux/fuse.h.

View Source
const FUSE_ROOT_ID = 1

FUSE_ROOT_ID is the id of root inode.

View Source
const FUTEX_BITSET_MATCH_ANY = 0xffffffff

FUTEX_BITSET_MATCH_ANY has all bits set.

View Source
const FUTEX_TID_MASK = 0x3fffffff

FUTEX_TID_MASK is the TID portion of a PI futex word.

View Source
const (
	ICMPV6_FILTER = 1
)

Socket options from uapi/linux/icmpv6.h

View Source
const (
	// IFNAMSIZ is the size of the name field for IFReq.
	IFNAMSIZ = 16
)
View Source
const (
	IORING_ENTER_GETEVENTS = (1 << 0)
)

Constants for io_uring_enter(2). See include/uapi/linux/io_uring.h.

View Source
const (
	IORING_FEAT_SINGLE_MMAP = (1 << 0)
)

Constants for IoUringParams.Features. See include/uapi/linux/io_uring.h.

View Source
const IP6T_ORIGINAL_DST = 80

IP6T_ORIGINAL_DST is the ip6tables SOL_IPV6 socket option. Corresponds to the value in include/uapi/linux/netfilter_ipv6/ip6_tables.h.

View Source
const (
	IPC_PRIVATE = 0
)

IPC flags.

View Source
const InterfaceAddrMessageSize = 8

InterfaceAddrMessageSize is the size of InterfaceAddrMessage.

View Source
const InterfaceInfoMessageSize = 16

InterfaceInfoMessageSize is the size of InterfaceInfoMessage.

View Source
const (
	KEY_SPEC_SESSION_KEYRING = -3
)
View Source
const (
	// LOOPBACK_IFINDEX is defined in include/net/flow.h.
	LOOPBACK_IFINDEX = 1
)
View Source
const MAX_NON_LFS = ((1 << 31) - 1)

MAX_NON_LFS indicates the maximum offset without large file support.

View Source
const (
	MEMBARRIER_CMD_FLAG_CPU = (1 << 0)
)

membarrier(2) flags, from include/uapi/linux/membarrier.h.

View Source
const (
	MLOCK_ONFAULT = 0x01
)

Flags for mlock2(2).

View Source
const MaxSymlinkTraversals = 40

MaxSymlinkTraversals is the maximum number of links that will be followed by the kernel to resolve a symlink.

View Source
const (
	NFT_PAYLOAD_L4CSUM_PSEUDOHDR = (1 << 0) // use pseudoheader for L4 checksum
)

Nf table payload expression checksum flags. Used by the nft payload set operation to mark the flags for checksumming. These correspond to enum values in include/uapi/linux/netfilter/nf_tables.h.

View Source
const NLA_ALIGNTO = 4

NLA_ALIGNTO is the alignment of netlink attributes, from uapi/linux/netlink.h.

View Source
const NLMSG_ALIGNTO = 4

NLMSG_ALIGNTO is the alignment of netlink messages, from uapi/linux/netlink.h.

View Source
const NetlinkAttrHeaderSize = 4

NetlinkAttrHeaderSize is the size of NetlinkAttrHeader.

View Source
const NetlinkMessageHeaderSize = 16

NetlinkMessageHeaderSize is the size of NetlinkMessageHeader.

View Source
const (
	// NumControlCharacters is the number of control characters in Termios.
	NumControlCharacters = 19
)
View Source
const NumSoftIRQ = 10

NumSoftIRQ is the number of software IRQs, exposed via /proc/stat.

Defined in linux/interrupt.h.

View Source
const (
	// PTMX_MINOR is the minor device number for /dev/ptmx.
	PTMX_MINOR = 2
)

Minor device numbers for TTYAUX_MAJOR.

View Source
const ROBUST_LIST_LIMIT = 2048

ROBUST_LIST_LIMIT protects against a deliberately circular list.

View Source
const (
	// RSEQ_FLAG_UNREGISTER unregisters the current thread.
	RSEQ_FLAG_UNREGISTER = 1 << 0
)

Flags passed to rseq(2).

Defined in include/uapi/linux/rseq.h.

View Source
const SCM_MAX_FD = 253

SCM_MAX_FD is the maximum number of FDs accepted in a single sendmsg call. From net/scm.h.

View Source
const (
	SEM_UNDO = 0x1000
)

Semaphore flags.

View Source
const (
	SIOCGSTAMP = 0x8906
)

ioctl(2) requests provided by uapi/asm-generic/sockios.h

View Source
const SOCK_TYPE_MASK = 0xf

SOCK_TYPE_MASK covers all of the above socket types. The remaining bits are flags. From linux/net.h.

View Source
const SO_ACCEPTCON = 1 << 16

SO_ACCEPTCON is defined as __SO_ACCEPTCON in include/uapi/linux/net.h, which represents a listening socket state. Note that this is distinct from SO_ACCEPTCONN, which is a socket option for querying whether a socket is in a listening state.

View Source
const (
	SO_ORIGINAL_DST = 80
)

Socket option for SOL_IP. This corresponds to the value in include/uapi/linux/netfilter_ipv4.h.

View Source
const (
	// SYS_SECCOMP indicates that a signal originates from seccomp.
	SYS_SECCOMP = 1
)

SYS_* codes are only meaningful for SIGSYS.

View Source
const SignalSetSize = 8

SignalSetSize is the size in bytes of a SignalSet.

View Source
const SizeOfControlMessageHopLimit = 4

SizeOfControlMessageHopLimit is the size of an IPV6_HOPLIMIT control message.

View Source
const SizeOfControlMessageIPPacketInfo = 12

SizeOfControlMessageIPPacketInfo is the size of an IP_PKTINFO control message.

View Source
const SizeOfControlMessageIPv6PacketInfo = 20

SizeOfControlMessageIPv6PacketInfo is the size of a ControlMessageIPv6PacketInfo.

View Source
const SizeOfControlMessageInq = 4

SizeOfControlMessageInq is the size of a TCP_INQ control message.

View Source
const SizeOfControlMessageRight = 4

SizeOfControlMessageRight is the size of a single element in ControlMessageRights.

View Source
const SizeOfControlMessageTClass = 4

SizeOfControlMessageTClass is the size of an IPV6_TCLASS control message.

View Source
const SizeOfControlMessageTOS = 1

SizeOfControlMessageTOS is the size of an IP_TOS control message.

View Source
const SizeOfControlMessageTTL = 4

SizeOfControlMessageTTL is the size of an IP_TTL control message.

View Source
const SizeOfIP6TEntry = 168

SizeOfIP6TEntry is the size of an IP6TEntry.

View Source
const SizeOfIP6TIP = 136

SizeOfIP6TIP is the size of an IP6 header.

View Source
const SizeOfIP6TReplace = 96

SizeOfIP6TReplace is the size of an IP6TReplace.

View Source
const SizeOfIPTEntry = 112

SizeOfIPTEntry is the size of an IPTEntry.

View Source
const SizeOfIPTGetEntries = 40

SizeOfIPTGetEntries is the size of an IPTGetEntries.

View Source
const SizeOfIPTGetinfo = 84

SizeOfIPTGetinfo is the size of an IPTGetinfo.

View Source
const SizeOfIPTIP = 84

SizeOfIPTIP is the size of an IPTIP.

View Source
const SizeOfIPTOwnerInfo = 34

SizeOfIPTOwnerInfo is the size of an IPTOwnerInfo.

View Source
const SizeOfIPTReplace = 96

SizeOfIPTReplace is the size of an IPTReplace.

View Source
const SizeOfLinger = 8

SizeOfLinger is the binary size of a Linger struct.

View Source
const SizeOfNFNATRange = 40

SizeOfNFNATRange is the size of NFNATRange.

View Source
const SizeOfNFNATRange2 = 48

SizeOfNFNATRange2 is the size of NFNATRange2.

View Source
const SizeOfRouteMessage = 12

SizeOfRouteMessage is the size of RouteMessage.

View Source
const SizeOfRtAttr = 4

SizeOfRtAttr is the size of RtAttr.

View Source
const SizeOfTimeval = 16

SizeOfTimeval is the size of a Timeval struct in bytes.

View Source
const SizeOfXTCounters = 16

SizeOfXTCounters is the size of an XTCounters.

View Source
const SizeOfXTEntryMatch = 32

SizeOfXTEntryMatch is the size of an XTEntryMatch.

View Source
const SizeOfXTEntryTarget = 32

SizeOfXTEntryTarget is the size of an XTEntryTarget.

View Source
const SizeOfXTErrorTarget = 64

SizeOfXTErrorTarget is the size of an XTErrorTarget.

View Source
const SizeOfXTGetRevision = 30

SizeOfXTGetRevision is the size of an XTGetRevision.

View Source
const SizeOfXTNATTargetV0 = 56

SizeOfXTNATTargetV0 is the size of an XTNATTargetV0.

View Source
const SizeOfXTNATTargetV1 = SizeOfXTEntryTarget + SizeOfNFNATRange

SizeOfXTNATTargetV1 is the size of an XTNATTargetV1.

View Source
const SizeOfXTNATTargetV2 = SizeOfXTEntryTarget + SizeOfNFNATRange2

SizeOfXTNATTargetV2 is the size of an XTNATTargetV2.

View Source
const SizeOfXTOwnerMatchInfo = 20

SizeOfXTOwnerMatchInfo is the size of an XTOwnerMatchInfo.

View Source
const SizeOfXTRedirectTarget = 56

SizeOfXTRedirectTarget is the size of an XTRedirectTarget.

View Source
const SizeOfXTStandardTarget = 40

SizeOfXTStandardTarget is the size of an XTStandardTarget.

View Source
const SizeOfXTTCP = 12

SizeOfXTTCP is the size of an XTTCP.

View Source
const SizeOfXTUDP = 10

SizeOfXTUDP is the size of an XTUDP.

View Source
const SockAddrMax = 128

SockAddrMax is the maximum size of a struct sockaddr, from uapi/linux/socket.h.

View Source
const SockAddrNetlinkSize = 12

SockAddrNetlinkSize is the size of SockAddrNetlink.

View Source
const TASK_COMM_LEN = 16

TASK_COMM_LEN is the task command name length.

View Source
const (
	TIMER_ABSTIME = 1
)

Flags for clock_nanosleep(2).

View Source
const UIO_MAXIOV = 1024

UIO_MAXIOV is the maximum number of struct iovecs in a struct iovec array.

View Source
const (
	// UTSLen is the maximum length of strings contained in fields of
	// UtsName.
	UTSLen = 64
)
View Source
const UnixPathMax = 108

UnixPathMax is the maximum length of the path in an AF_UNIX socket.

From uapi/linux/un.h.

View Source
const (
	VETH_INFO_PEER = 1
)

Virtuall ethernet attributes, from uapi/linux/veth.h.

View Source
const (
	VFIO_DMA_UNMAP_FLAG_GET_DIRTY_BITMAP = 1
)

Variables

View Source
var (
	KCOV_INIT_TRACE = IOR('c', 1, 8)
	KCOV_ENABLE     = IO('c', 100)
	KCOV_DISABLE    = IO('c', 101)
)

Kcov ioctls from include/uapi/linux/kcov.h.

View Source
var (
	TUNSETIFF = IOW('T', 202, 4)
	TUNGETIFF = IOR('T', 210, 4)
)

ioctl(2) request numbers from linux/if_tun.h

View Source
var (
	VFIO_CHECK_EXTENSION        = IO(VFIO_TYPE, VFIO_BASE+1)
	VFIO_SET_IOMMU              = IO(VFIO_TYPE, VFIO_BASE+2)
	VFIO_GROUP_SET_CONTAINER    = IO(VFIO_TYPE, VFIO_BASE+4)
	VFIO_GROUP_GET_DEVICE_FD    = IO(VFIO_TYPE, VFIO_BASE+6)
	VFIO_DEVICE_GET_INFO        = IO(VFIO_TYPE, VFIO_BASE+7)
	VFIO_DEVICE_GET_REGION_INFO = IO(VFIO_TYPE, VFIO_BASE+8)
	VFIO_DEVICE_GET_IRQ_INFO    = IO(VFIO_TYPE, VFIO_BASE+9)
	VFIO_DEVICE_SET_IRQS        = IO(VFIO_TYPE, VFIO_BASE+10)
	VFIO_DEVICE_RESET           = IO(VFIO_TYPE, VFIO_BASE+11)
	VFIO_IOMMU_MAP_DMA          = IO(VFIO_TYPE, VFIO_BASE+13)
	VFIO_IOMMU_UNMAP_DMA        = IO(VFIO_TYPE, VFIO_BASE+14)
)

IOCTLs for VFIO file descriptor from include/uapi/linux/vfio.h.

DefaultControlCharacters is the default set of Termios control characters.

View Source
var DefaultReplicaTermios = KernelTermios{
	InputFlags:        ICRNL | IXON,
	OutputFlags:       OPOST | ONLCR,
	ControlFlags:      B38400 | CS8 | CREAD,
	LocalFlags:        ISIG | ICANON | ECHO | ECHOE | ECHOK | ECHOCTL | ECHOKE | IEXTEN,
	ControlCharacters: DefaultControlCharacters,
	InputSpeed:        38400,
	OutputSpeed:       38400,
}

DefaultReplicaTermios is the default terminal configuration of the replica end of a Unix98 pseudoterminal.

View Source
var DirentType = abi.ValueSet{
	DT_UNKNOWN: "DT_UNKNOWN",
	DT_FIFO:    "DT_FIFO",
	DT_CHR:     "DT_CHR",
	DT_DIR:     "DT_DIR",
	DT_BLK:     "DT_BLK",
	DT_REG:     "DT_REG",
	DT_LNK:     "DT_LNK",
	DT_SOCK:    "DT_SOCK",
	DT_WHT:     "DT_WHT",
}

DirentType are the friendly strings for linux_dirent64.d_type.

View Source
var IOEventSize = binary.Size(IOEvent{})

IOEventSize is the size of an ioEvent encoded.

InitRLimits is a map of initial rlimits set by Linux in include/asm-generic/resource.h.

View Source
var MasterTermios = KernelTermios{
	ControlFlags:      B38400 | CS8 | CREAD,
	ControlCharacters: DefaultControlCharacters,
	InputSpeed:        38400,
	OutputSpeed:       38400,
}

MasterTermios is the terminal configuration of the master end of a Unix98 pseudoterminal.

View Source
var SizeOfControlMessageCredentials = (*ControlMessageCredentials)(nil).SizeBytes()

SizeOfControlMessageCredentials is the binary size of a ControlMessageCredentials struct.

View Source
var SizeOfControlMessageHeader = (*ControlMessageHeader)(nil).SizeBytes()

SizeOfControlMessageHeader is the binary size of a ControlMessageHeader struct.

View Source
var SizeOfEpollEvent = (*EpollEvent)(nil).SizeBytes()

SizeOfEpollEvent is the size of EpollEvent struct.

View Source
var SizeOfFUSEHeaderIn = uint32((*FUSEHeaderIn)(nil).SizeBytes())

SizeOfFUSEHeaderIn is the size of the FUSEHeaderIn struct.

View Source
var SizeOfFUSEHeaderOut = uint32((*FUSEHeaderOut)(nil).SizeBytes())

SizeOfFUSEHeaderOut is the size of the FUSEHeaderOut struct.

View Source
var SizeOfFUSEWriteIn = uint32((*FUSEWriteIn)(nil).SizeBytes())

SizeOfFUSEWriteIn is the size of the FUSEWriteIn struct.

View Source
var SizeOfICMP6Filter = uint32((*ICMP6Filter)(nil).SizeBytes())

SizeOfICMP6Filter is the size of ICMP6Filter struct.

View Source
var SizeOfIFConf = (*IFConf)(nil).SizeBytes()

SizeOfIFConf is the binary size of an IFConf struct (16 bytes).

View Source
var SizeOfIFReq = (*IFReq)(nil).SizeBytes()

SizeOfIFReq is the binary size of an IFReq struct (40 bytes).

View Source
var SizeOfInetAddr = uint32((*InetAddr)(nil).SizeBytes())

SizeOfInetAddr is the size of InetAddr.

View Source
var SizeOfRobustListHead = (*RobustListHead)(nil).SizeBytes()

SizeOfRobustListHead is the size of a RobustListHead struct.

View Source
var SizeOfStat = (*Stat)(nil).SizeBytes()

SizeOfStat is the size of a Stat struct.

View Source
var SizeOfStatx = (*Statx)(nil).SizeBytes()

SizeOfStatx is the size of a Statx struct.

View Source
var SizeOfTCPInfo = (*TCPInfo)(nil).SizeBytes()

SizeOfTCPInfo is the binary size of a TCPInfo struct.

View Source
var TaskSize = func() uintptr {
	pageSize := uintptr(unix.Getpagesize())
	for _, s := range feasibleTaskSizes {

		_, _, errno := unix.RawSyscall6(
			unix.SYS_MMAP,
			s-pageSize-1,
			512,
			uintptr(unix.PROT_NONE),
			uintptr(unix.MAP_ANONYMOUS|unix.MAP_PRIVATE|unix.MAP_FIXED), 0, 0)
		if errno == unix.EINVAL {
			return s
		}
		if errno != unix.ENOMEM {
			panic(fmt.Sprintf("mmap returned unexpected error: %d", errno))
		}
	}
	panic("None of the address space sizes could be successfully mmaped")
}()

TaskSize is the address space size.

View Source
var VerdictStrings = map[int32]string{
	-NF_DROP - 1:   "DROP",
	-NF_ACCEPT - 1: "ACCEPT",
	-NF_QUEUE - 1:  "QUEUE",
	NF_RETURN:      "RETURN",
}

VerdictStrings maps int verdicts to the strings they represent. It is used for debugging.

Functions

func ControlCharacter

func ControlCharacter(c byte) uint8

ControlCharacter returns the termios-style control character for the passed character.

e.g., for Ctrl-C, i.e., ^C, call ControlCharacter('C').

Standard control characters are ASCII bytes 0 through 31.

func DecodeDeviceID

func DecodeDeviceID(rdev uint32) (uint16, uint32)

DecodeDeviceID decodes a device ID into major and minor device numbers.

func FileTypeToDirentType

func FileTypeToDirentType(filetype uint8) uint8

FileTypeToDirentType converts the on-disk file type (FT_*) to the directory entry type (DT_*).

func ForEachSignal

func ForEachSignal(mask SignalSet, f func(sig Signal))

ForEachSignal invokes f for each signal set in the given mask.

func IO

func IO(typ, nr uint32) uint32

IO outputs the result of _IO macro in include/uapi/asm-generic/ioctl.h.

func IOC

func IOC(dir, typ, nr, size uint32) uint32

IOC outputs the result of _IOC macro in include/uapi/asm-generic/ioctl.h.

func IOC_NR

func IOC_NR(nr uint32) uint32

IOC_NR outputs the result of IOC_NR macro in include/uapi/asm-generic/ioctl.h.

func IOC_SIZE

func IOC_SIZE(nr uint32) uint32

IOC_SIZE outputs the result of IOC_SIZE macro in include/uapi/asm-generic/ioctl.h.

func IOR

func IOR(typ, nr, size uint32) uint32

IOR outputs the result of _IOR macro in include/uapi/asm-generic/ioctl.h.

func IOW

func IOW(typ, nr, size uint32) uint32

IOW outputs the result of _IOW macro in include/uapi/asm-generic/ioctl.h.

func IOWR

func IOWR(typ, nr, size uint32) uint32

IOWR outputs the result of _IOWR macro in include/uapi/asm-generic/ioctl.h.

func MakeDeviceID

func MakeDeviceID(major uint16, minor uint32) uint32

MakeDeviceID encodes a major and minor device number into a single device ID.

Format (see linux/kdev_t.h:new_encode_dev):

Bits 7:0 - minor bits 7:0 Bits 19:8 - major bits 11:0 Bits 31:20 - minor bits 19:8

func SignalNoInfoFuncFromContext

func SignalNoInfoFuncFromContext(ctx context.Context) func(Signal) error

SignalNoInfoFuncFromContext returns a callback function that can be used to send a signal to the given context.

Types

type BPFAction

type BPFAction uint32

BPFAction is an action for a BPF filter.

const (
	SECCOMP_RET_KILL_PROCESS BPFAction = 0x80000000
	SECCOMP_RET_KILL_THREAD  BPFAction = 0x00000000
	SECCOMP_RET_TRAP         BPFAction = 0x00030000
	SECCOMP_RET_ERRNO        BPFAction = 0x00050000
	SECCOMP_RET_TRACE        BPFAction = 0x7ff00000
	SECCOMP_RET_USER_NOTIF   BPFAction = 0x7fc00000
	SECCOMP_RET_ALLOW        BPFAction = 0x7fff0000
)

BPFAction definitions.

func (BPFAction) Data

func (a BPFAction) Data() uint16

Data returns the SECCOMP_RET_DATA portion of the action.

func (BPFAction) String

func (a BPFAction) String() string

func (BPFAction) WithReturnCode

func (a BPFAction) WithReturnCode(code uint16) BPFAction

WithReturnCode sets the lower 16 bits of the SECCOMP_RET_ERRNO or SECCOMP_RET_TRACE actions to the provided return code, overwriting the previous action, and returns a new BPFAction. If not SECCOMP_RET_ERRNO or SECCOMP_RET_TRACE then this panics.

type BPFInstruction

type BPFInstruction struct {
	// OpCode is the operation to execute.
	OpCode uint16

	// JumpIfTrue is the number of instructions to skip if OpCode is a
	// conditional instruction and the condition is true.
	JumpIfTrue uint8

	// JumpIfFalse is the number of instructions to skip if OpCode is a
	// conditional instruction and the condition is false.
	JumpIfFalse uint8

	// K is a constant parameter. The meaning depends on the value of OpCode.
	K uint32
}

BPFInstruction is a raw BPF virtual machine instruction.

+marshal slice:BPFInstructionSlice +stateify savable

type CString

type CString string

CString represents a null terminated string which can be marshalled.

+marshal dynamic

func (*CString) MarshalBytes

func (s *CString) MarshalBytes(buf []byte) []byte

MarshalBytes implements marshal.Marshallable.MarshalBytes.

func (*CString) SizeBytes

func (s *CString) SizeBytes() int

SizeBytes implements marshal.Marshallable.SizeBytes.

func (*CString) UnmarshalBytes

func (s *CString) UnmarshalBytes(buf []byte) []byte

UnmarshalBytes implements marshal.Marshallable.UnmarshalBytes.

type CapUserData

type CapUserData struct {
	Effective   uint32
	Permitted   uint32
	Inheritable uint32
}

CapUserData is equivalent to Linux's cap_user_data_t.

+marshal slice:CapUserDataSlice

type CapUserHeader

type CapUserHeader struct {
	Version uint32
	Pid     int32
}

CapUserHeader is equivalent to Linux's cap_user_header_t.

+marshal

type Capability

type Capability int

A Capability represents the ability to perform a privileged operation.

func AllCapabilities

func AllCapabilities() []Capability

AllCapabilities returns a list of all defined capabilities.

func CapabilityFromString

func CapabilityFromString(capability string) (Capability, bool)

CapabilityFromString converts a string to a capability. If the capability doesn't exist, its second return value is `false`. The capability name is expected to include the "CAP_" prefix.

func (Capability) Ok

func (cp Capability) Ok() bool

Ok returns true if cp is a supported capability.

func (Capability) String

func (cp Capability) String() string

String returns the capability name.

func (Capability) TrimmedString

func (cp Capability) TrimmedString() string

TrimmedString returns the capability name without the "CAP_" prefix.

type ClockT

type ClockT int64

ClockT represents type clock_t.

+marshal

func ClockTFromDuration

func ClockTFromDuration(d time.Duration) ClockT

ClockTFromDuration converts time.Duration to clock_t.

type CloneArgs

type CloneArgs struct {
	Flags      uint64
	Pidfd      uint64
	ChildTID   uint64
	ParentTID  uint64
	ExitSignal uint64
	Stack      uint64
	StackSize  uint64
	TLS        uint64
	SetTID     uint64
	SetTIDSize uint64
	Cgroup     uint64
}

CloneArgs is struct clone_args, from include/uapi/linux/sched.h.

+marshal

type ControlMessageCredentials

type ControlMessageCredentials struct {
	PID int32
	UID uint32
	GID uint32
}

A ControlMessageCredentials is an SCM_CREDENTIALS socket control message.

ControlMessageCredentials represents struct ucred from linux/socket.h.

+marshal

type ControlMessageHeader

type ControlMessageHeader struct {
	Length uint64
	Level  int32
	Type   int32
}

A ControlMessageHeader is the header for a socket control message.

ControlMessageHeader represents struct cmsghdr from linux/socket.h.

+marshal

type ControlMessageIPPacketInfo

type ControlMessageIPPacketInfo struct {
	NIC             int32
	LocalAddr       InetAddr
	DestinationAddr InetAddr
}

A ControlMessageIPPacketInfo is IP_PKTINFO socket control message.

ControlMessageIPPacketInfo represents struct in_pktinfo from linux/in.h.

+marshal +stateify savable

type ControlMessageIPv6PacketInfo

type ControlMessageIPv6PacketInfo struct {
	Addr Inet6Addr
	NIC  uint32
}

ControlMessageIPv6PacketInfo represents struct in6_pktinfo from linux/ipv6.h.

+marshal +stateify savable

type ElfHeader64

type ElfHeader64 struct {
	Ident     [16]byte // File identification.
	Type      uint16   // File type.
	Machine   uint16   // Machine architecture.
	Version   uint32   // ELF format version.
	Entry     uint64   // Entry point.
	Phoff     uint64   // Program header file offset.
	Shoff     uint64   // Section header file offset.
	Flags     uint32   // Architecture-specific flags.
	Ehsize    uint16   // Size of ELF header in bytes.
	Phentsize uint16   // Size of program header entry.
	Phnum     uint16   // Number of program header entries.
	Shentsize uint16   // Size of section header entry.
	Shnum     uint16   // Number of section header entries.
	Shstrndx  uint16   // Section name strings section.
}

ElfHeader64 is the ELF64 file header.

+marshal

type ElfProg64

type ElfProg64 struct {
	Type   uint32 // Entry type.
	Flags  uint32 // Access permission flags.
	Off    uint64 // File offset of contents.
	Vaddr  uint64 // Virtual address in memory image.
	Paddr  uint64 // Physical address (not used).
	Filesz uint64 // Size of contents in file.
	Memsz  uint64 // Size of contents in memory.
	Align  uint64 // Alignment in memory and file.
}

ElfProg64 is the ELF64 Program header.

+marshal

type ElfSection64

type ElfSection64 struct {
	Name      uint32 // Section name (index into the section header string table).
	Type      uint32 // Section type.
	Flags     uint64 // Section flags.
	Addr      uint64 // Address in memory image.
	Off       uint64 // Offset in file.
	Size      uint64 // Size in bytes.
	Link      uint32 // Index of a related section.
	Info      uint32 // Depends on section type.
	Addralign uint64 // Alignment in bytes.
	Entsize   uint64 // Size of each entry in section.
}

ElfSection64 is the ELF64 Section header.

+marshal

type EpollEvent

type EpollEvent struct {
	Events uint32
	// Linux makes struct epoll_event::data a __u64. We represent it as
	// [2]int32 because, on amd64, Linux also makes struct epoll_event
	// __attribute__((packed)), such that there is no padding between Events
	// and Data.
	Data [2]int32
}

EpollEvent is equivalent to struct epoll_event from epoll(2).

+marshal slice:EpollEventSlice

type ErrorName

type ErrorName [XT_FUNCTION_MAXNAMELEN]byte

ErrorName holds the name of a netfilter error. These can also hold user-defined chains.

+marshal

func (ErrorName) String

func (en ErrorName) String() string

String implements fmt.Stringer.

type EthtoolCmd

type EthtoolCmd uint32

EthtoolCmd is a marshallable type to be able to easily copyin the the command for an SIOCETHTOOL ioctl.

+marshal

const (
	// ETHTOOL_GFEATURES is the command to SIOCETHTOOL to query device
	// features.
	// See: <linux/ethtool.h>
	ETHTOOL_GFEATURES EthtoolCmd = 0x3a
)

type EthtoolGFeatures

type EthtoolGFeatures struct {
	Cmd  uint32
	Size uint32
}

EthtoolGFeatures is used to return a list of device features. See: <linux/ethtool.h>

+marshal

type EthtoolGetFeaturesBlock

type EthtoolGetFeaturesBlock struct {
	Available    uint32
	Requested    uint32
	Active       uint32
	NeverChanged uint32
}

EthtoolGetFeaturesBlock is used to return state of upto 32 device features. See: <linux/ethtool.h>

+marshal

type ExtensionName

type ExtensionName [XT_EXTENSION_MAXNAMELEN]byte

ExtensionName holds the name of a netfilter extension.

+marshal

func (ExtensionName) String

func (en ExtensionName) String() string

String implements fmt.Stringer.

type FOwnerEx

type FOwnerEx struct {
	Type int32
	PID  int32
}

FOwnerEx is the owner structure for F_SETOWN_EX and F_GETOWN_EX.

+marshal

type FUSEAccessIn

type FUSEAccessIn struct {
	Mask uint32
	// contains filtered or unexported fields
}

FUSEAccessIn is the request sent by the kernel to the daemon when checking permissions on a file.

+marshal

type FUSEAttr

type FUSEAttr struct {
	// Ino is the inode number of this file.
	Ino uint64

	// Size is the size of this file.
	Size uint64

	// Blocks is the number of the 512B blocks allocated by this file.
	Blocks uint64

	// Atime is the time of last access.
	Atime uint64

	// Mtime is the time of last modification.
	Mtime uint64

	// Ctime is the time of last status change.
	Ctime uint64

	// AtimeNsec is the nano second part of Atime.
	AtimeNsec uint32

	// MtimeNsec is the nano second part of Mtime.
	MtimeNsec uint32

	// CtimeNsec is the nano second part of Ctime.
	CtimeNsec uint32

	// Mode contains the file type and mode.
	Mode uint32

	// Nlink is the number of the hard links.
	Nlink uint32

	// UID is user ID of the owner.
	UID uint32

	// GID is group ID of the owner.
	GID uint32

	// Rdev is the device ID if this is a special file.
	Rdev uint32

	// BlkSize is the block size for filesystem I/O.
	BlkSize uint32
	// contains filtered or unexported fields
}

FUSEAttr is the struct used in the response FUSEGetAttrOut.

+marshal

func (FUSEAttr) ATimeNsec

func (a FUSEAttr) ATimeNsec() int64

ATimeNsec returns the last access time as the total time since the unix epoch in nanoseconds.

func (FUSEAttr) CTimeNsec

func (a FUSEAttr) CTimeNsec() int64

CTimeNsec returns the last change time as the total time since the unix epoch in nanoseconds.

func (FUSEAttr) MTimeNsec

func (a FUSEAttr) MTimeNsec() int64

MTimeNsec returns the last modification time as the total time since the unix epoch in nanoseconds.

type FUSEAttrOut

type FUSEAttrOut struct {
	// AttrValid and AttrValidNsec describe the attribute cache duration
	AttrValid uint64

	// AttrValidNsec is the nanosecond part of the attribute cache duration
	AttrValidNsec uint32

	// Attr contains the metadata returned from the FUSE server
	Attr FUSEAttr
	// contains filtered or unexported fields
}

FUSEAttrOut is the reply sent by the daemon to the kernel for FUSEGetAttrIn and FUSESetAttrIn.

+marshal

type FUSECreateIn

type FUSECreateIn struct {
	// CreateMeta contains mode, rdev and umash fields for FUSE_MKNODS.
	CreateMeta FUSECreateMeta

	// Name is the name of the node to create.
	Name CString
}

FUSECreateIn contains all the arguments sent by the kernel to the daemon, to atomically create and open a new regular file.

+marshal dynamic

func (*FUSECreateIn) MarshalBytes

func (r *FUSECreateIn) MarshalBytes(buf []byte) []byte

MarshalBytes implements marshal.Marshallable.MarshalBytes.

func (*FUSECreateIn) SizeBytes

func (r *FUSECreateIn) SizeBytes() int

SizeBytes implements marshal.Marshallable.SizeBytes.

func (*FUSECreateIn) UnmarshalBytes

func (r *FUSECreateIn) UnmarshalBytes(buf []byte) []byte

UnmarshalBytes implements marshal.Marshallable.UnmarshalBytes.

type FUSECreateMeta

type FUSECreateMeta struct {
	// Flags of the creating file.
	Flags uint32

	// Mode is the mode of the creating file.
	Mode uint32

	// Umask is the current file mode creation mask.
	Umask uint32
	// contains filtered or unexported fields
}

FUSECreateMeta contains all the static fields of FUSECreateIn, which is used for FUSE_CREATE.

+marshal

type FUSECreateOut

type FUSECreateOut struct {
	FUSEEntryOut
	FUSEOpenOut
}

FUSECreateOut is the reply sent by the daemon to the kernel for FUSECreateMeta.

+marshal

type FUSEDirent

type FUSEDirent struct {
	// Meta contains all the static fields of FUSEDirent.
	Meta FUSEDirentMeta
	// Name is the filename of the dirent.
	Name string
}

FUSEDirent is a Dirent received from the FUSE daemon server. It is used for FUSE_READDIR.

+marshal dynamic

func (*FUSEDirent) MarshalBytes

func (r *FUSEDirent) MarshalBytes(buf []byte) []byte

MarshalBytes implements marshal.Marshallable.MarshalBytes.

func (*FUSEDirent) SizeBytes

func (r *FUSEDirent) SizeBytes() int

SizeBytes implements marshal.Marshallable.SizeBytes.

func (*FUSEDirent) UnmarshalBytes

func (r *FUSEDirent) UnmarshalBytes(src []byte) []byte

UnmarshalBytes implements marshal.Marshallable.UnmarshalBytes.

type FUSEDirentMeta

type FUSEDirentMeta struct {
	// Inode of the dirent.
	Ino uint64
	// Offset of the dirent.
	Off uint64
	// NameLen is the length of the dirent name.
	NameLen uint32
	// Type of the dirent.
	Type uint32
}

FUSEDirentMeta contains all the static fields of FUSEDirent. It is used for FUSE_READDIR.

+marshal

type FUSEDirents

type FUSEDirents struct {
	Dirents []*FUSEDirent
}

FUSEDirents is a list of Dirents received from the FUSE daemon server. It is used for FUSE_READDIR.

+marshal dynamic

func (*FUSEDirents) MarshalBytes

func (r *FUSEDirents) MarshalBytes(buf []byte) []byte

MarshalBytes implements marshal.Marshallable.MarshalBytes.

func (*FUSEDirents) SizeBytes

func (r *FUSEDirents) SizeBytes() int

SizeBytes implements marshal.Marshallable.SizeBytes.

func (*FUSEDirents) UnmarshalBytes

func (r *FUSEDirents) UnmarshalBytes(src []byte) []byte

UnmarshalBytes deserializes FUSEDirents from the src buffer.

type FUSEEmptyIn

type FUSEEmptyIn struct{}

FUSEEmptyIn is used by operations without request body.

+marshal dynamic

func (*FUSEEmptyIn) MarshalBytes

func (r *FUSEEmptyIn) MarshalBytes(buf []byte) []byte

MarshalBytes implements marshal.Marshallable.MarshalBytes.

func (*FUSEEmptyIn) SizeBytes

func (r *FUSEEmptyIn) SizeBytes() int

SizeBytes implements marshal.Marshallable.SizeBytes.

func (*FUSEEmptyIn) UnmarshalBytes

func (r *FUSEEmptyIn) UnmarshalBytes(buf []byte) []byte

UnmarshalBytes implements marshal.Marshallable.UnmarshalBytes.

type FUSEEntryOut

type FUSEEntryOut struct {
	// NodeID is the ID for current inode.
	NodeID uint64

	// Generation is the generation number of inode.
	// Used to identify an inode that have different ID at different time.
	Generation uint64

	// EntryValid indicates timeout for an entry.
	EntryValid uint64

	// AttrValid indicates timeout for an entry's attributes.
	AttrValid uint64

	// EntryValidNsec indicates timeout for an entry in nanosecond.
	EntryValidNSec uint32

	// AttrValidNsec indicates timeout for an entry's attributes in nanosecond.
	AttrValidNSec uint32

	// Attr contains the attributes of an entry.
	Attr FUSEAttr
}

FUSEEntryOut is the reply sent by the daemon to the kernel for FUSE_MKNOD, FUSE_MKDIR, FUSE_SYMLINK, FUSE_LINK and FUSE_LOOKUP.

+marshal

type FUSEFallocateIn

type FUSEFallocateIn struct {
	Fh     uint64
	Offset uint64
	Length uint64
	Mode   uint32
	// contains filtered or unexported fields
}

FUSEFallocateIn is the request sent by the kernel to the daemon to perform a fallocate operation.

+marshal

type FUSEFlushIn

type FUSEFlushIn struct {
	Fh uint64

	LockOwner uint64
	// contains filtered or unexported fields
}

FUSEFlushIn is the request sent by the kernel to the daemon after a file is closed.

+marshal

type FUSEFsyncIn

type FUSEFsyncIn struct {
	Fh uint64

	FsyncFlags uint32
	// contains filtered or unexported fields
}

FUSEFsyncIn is the request sent by the kernel to the daemon when trying to fsync a file.

+marshal

type FUSEGetAttrIn

type FUSEGetAttrIn struct {
	// GetAttrFlags specifies whether getattr request is sent with a nodeid or
	// with a file handle.
	GetAttrFlags uint32

	// Fh is the file handler when GetAttrFlags has FUSE_GETATTR_FH bit. If
	// used, the operation is analogous to fstat(2).
	Fh uint64
	// contains filtered or unexported fields
}

FUSEGetAttrIn is the request sent by the kernel to the daemon, to get the attribute of a inode.

+marshal

type FUSEHeaderIn

type FUSEHeaderIn struct {
	// Len specifies the total length of the data, including this header.
	Len uint32

	// Opcode specifies the kind of operation of the request.
	Opcode FUSEOpcode

	// Unique specifies the unique identifier for this request.
	Unique FUSEOpID

	// NodeID is the ID of the filesystem object being operated on.
	NodeID uint64

	// UID is the UID of the requesting process.
	UID uint32

	// GID is the GID of the requesting process.
	GID uint32

	// PID is the PID of the requesting process.
	PID uint32
	// contains filtered or unexported fields
}

FUSEHeaderIn is the header read by the daemon with each request.

+marshal +stateify savable

type FUSEHeaderOut

type FUSEHeaderOut struct {
	// Len specifies the total length of the data, including this header.
	Len uint32

	// Error specifies the error that occurred (0 if none).
	Error int32

	// Unique specifies the unique identifier of the corresponding request.
	Unique FUSEOpID
}

FUSEHeaderOut is the header written by the daemon when it processes a request and wants to send a reply (almost all operations require a reply; if they do not, this will be explicitly documented).

+marshal +stateify savable

type FUSEInitIn

type FUSEInitIn struct {
	// Major version supported by kernel.
	Major uint32

	// Minor version supported by the kernel.
	Minor uint32

	// MaxReadahead is the maximum number of bytes to read-ahead
	// decided by the kernel.
	MaxReadahead uint32

	// Flags of this init request.
	Flags uint32
}

FUSEInitIn is the request sent by the kernel to the daemon, to negotiate the version and flags.

+marshal

type FUSEInitOut

type FUSEInitOut struct {
	// Major version supported by daemon.
	Major uint32

	// Minor version supported by daemon.
	Minor uint32

	// MaxReadahead is the maximum number of bytes to read-ahead.
	// Decided by the daemon, after receiving the value from kernel.
	MaxReadahead uint32

	// Flags of this init reply.
	Flags uint32

	// MaxBackground is the maximum number of pending background requests
	// that the daemon wants.
	MaxBackground uint16

	// CongestionThreshold is the daemon-decided threshold for
	// the number of the pending background requests.
	CongestionThreshold uint16

	// MaxWrite is the daemon's maximum size of a write buffer.
	// Kernel adjusts it to the minimum (fuse/init.go:fuseMinMaxWrite).
	// if the value from daemon is too small.
	MaxWrite uint32

	// TimeGran is the daemon's time granularity for mtime and ctime metadata.
	// The unit is nanosecond.
	// Value should be power of 10.
	// 1 indicates full nanosecond granularity support.
	TimeGran uint32

	// MaxPages is the daemon's maximum number of pages for one write operation.
	// Kernel adjusts it to the maximum (fuse/init.go:FUSE_MAX_MAX_PAGES).
	// if the value from daemon is too large.
	MaxPages uint16
	// contains filtered or unexported fields
}

FUSEInitOut is the reply sent by the daemon to the kernel for FUSEInitIn. We target FUSE 7.23; this struct supports 7.28.

+marshal

type FUSELinkIn

type FUSELinkIn struct {
	// OldNodeID is the ID of the inode that is being linked to.
	OldNodeID primitive.Uint64
	// Name of the new hard link to create.
	Name CString
}

FUSELinkIn is the request sent by the kernel to create a hard link.

+marshal dynamic

func (*FUSELinkIn) MarshalBytes

func (r *FUSELinkIn) MarshalBytes(buf []byte) []byte

MarshalBytes implements marshal.Marshallable.MarshalBytes.

func (*FUSELinkIn) SizeBytes

func (r *FUSELinkIn) SizeBytes() int

SizeBytes implements marshal.Marshallable.SizeBytes.

func (*FUSELinkIn) UnmarshalBytes

func (r *FUSELinkIn) UnmarshalBytes(buf []byte) []byte

UnmarshalBytes implements marshal.Marshallable.UnmarshalBytes.

type FUSELookupIn

type FUSELookupIn struct {
	// Name is a file name to be looked up.
	Name CString
}

FUSELookupIn is the request sent by the kernel to the daemon to look up a file name.

+marshal dynamic

func (*FUSELookupIn) MarshalBytes

func (r *FUSELookupIn) MarshalBytes(buf []byte) []byte

MarshalBytes implements marshal.Marshallable.MarshalBytes.

func (*FUSELookupIn) SizeBytes

func (r *FUSELookupIn) SizeBytes() int

SizeBytes implements marshal.Marshallable.SizeBytes.

func (*FUSELookupIn) UnmarshalBytes

func (r *FUSELookupIn) UnmarshalBytes(buf []byte) []byte

UnmarshalBytes implements marshal.Marshallable.UnmarshalBytes.

type FUSEMkdirIn

type FUSEMkdirIn struct {
	// MkdirMeta contains Mode and Umask of the directory to create.
	MkdirMeta FUSEMkdirMeta
	// Name of the directory to create.
	Name CString
}

FUSEMkdirIn contains all the arguments sent by the kernel to the daemon, to create a new directory.

+marshal dynamic

func (*FUSEMkdirIn) MarshalBytes

func (r *FUSEMkdirIn) MarshalBytes(buf []byte) []byte

MarshalBytes implements marshal.Marshallable.MarshalBytes.

func (*FUSEMkdirIn) SizeBytes

func (r *FUSEMkdirIn) SizeBytes() int

SizeBytes implements marshal.Marshallable.SizeBytes.

func (*FUSEMkdirIn) UnmarshalBytes

func (r *FUSEMkdirIn) UnmarshalBytes(buf []byte) []byte

UnmarshalBytes implements marshal.Marshallable.UnmarshalBytes.

type FUSEMkdirMeta

type FUSEMkdirMeta struct {
	// Mode of the directory of create.
	Mode uint32
	// Umask is the user file creation mask.
	Umask uint32
}

FUSEMkdirMeta contains all the static fields of FUSEMkdirIn, which is used for FUSE_MKDIR.

+marshal

type FUSEMknodIn

type FUSEMknodIn struct {
	// MknodMeta contains mode, rdev and umash fields for FUSE_MKNODS.
	MknodMeta FUSEMknodMeta
	// Name is the name of the node to create.
	Name CString
}

FUSEMknodIn contains all the arguments sent by the kernel to the daemon, to create a new file node.

+marshal dynamic

func (*FUSEMknodIn) MarshalBytes

func (r *FUSEMknodIn) MarshalBytes(buf []byte) []byte

MarshalBytes implements marshal.Marshallable.MarshalBytes.

func (*FUSEMknodIn) SizeBytes

func (r *FUSEMknodIn) SizeBytes() int

SizeBytes implements marshal.Marshallable.SizeBytes.

func (*FUSEMknodIn) UnmarshalBytes

func (r *FUSEMknodIn) UnmarshalBytes(buf []byte) []byte

UnmarshalBytes implements marshal.Marshallable.UnmarshalBytes.

type FUSEMknodMeta

type FUSEMknodMeta struct {
	// Mode of the inode to create.
	Mode uint32

	// Rdev encodes device major and minor information.
	Rdev uint32

	// Umask is the current file mode creation mask.
	Umask uint32
	// contains filtered or unexported fields
}

FUSEMknodMeta contains all the static fields of FUSEMknodIn, which is used for FUSE_MKNOD.

+marshal

type FUSEOpID

type FUSEOpID uint64

FUSEOpID is a FUSE operation ID.

+marshal

type FUSEOpcode

type FUSEOpcode uint32

FUSEOpcode is a FUSE operation code.

+marshal

type FUSEOpenIn

type FUSEOpenIn struct {
	// Flags of this open request.
	Flags uint32
	// contains filtered or unexported fields
}

FUSEOpenIn is the request sent by the kernel to the daemon, to negotiate flags and get file handle.

+marshal

type FUSEOpenOut

type FUSEOpenOut struct {
	// Fh is the file handler for opened files.
	Fh uint64

	// OpenFlag for the opened files.
	OpenFlag uint32
	// contains filtered or unexported fields
}

FUSEOpenOut is the reply sent by the daemon to the kernel for FUSEOpenIn.

+marshal

type FUSEReadIn

type FUSEReadIn struct {
	// Fh is the file handle in userspace.
	Fh uint64

	// Offset is the read offset.
	Offset uint64

	// Size is the number of bytes to read.
	Size uint32

	// ReadFlags for this FUSE_READ request.
	// Currently only contains FUSE_READ_LOCKOWNER.
	ReadFlags uint32

	// LockOwner is the id of the lock owner if there is one.
	LockOwner uint64

	// Flags for the underlying file.
	Flags uint32
	// contains filtered or unexported fields
}

FUSEReadIn is the request sent by the kernel to the daemon for FUSE_READ.

+marshal

type FUSEReleaseIn

type FUSEReleaseIn struct {
	// Fh is the file handler for the file to be released.
	Fh uint64

	// Flags of the file.
	Flags uint32

	// ReleaseFlags of this release request.
	ReleaseFlags uint32

	// LockOwner is the id of the lock owner if there is one.
	LockOwner uint64
}

FUSEReleaseIn is the request sent by the kernel to the daemon when there is no more reference to a file.

+marshal

type FUSERenameIn

type FUSERenameIn struct {
	Newdir  primitive.Uint64
	Oldname CString
	Newname CString
}

FUSERenameIn sent by the kernel for FUSE_RENAME

+marshal dynamic

func (*FUSERenameIn) MarshalBytes

func (r *FUSERenameIn) MarshalBytes(dst []byte) []byte

MarshalBytes implements marshal.Marshallable.MarshalBytes.

func (*FUSERenameIn) SizeBytes

func (r *FUSERenameIn) SizeBytes() int

SizeBytes implements marshal.Marshallable.SizeBytes.

func (*FUSERenameIn) UnmarshalBytes

func (r *FUSERenameIn) UnmarshalBytes(buf []byte) []byte

UnmarshalBytes implements marshal.Marshallable.UnmarshalBytes.

type FUSERmDirIn

type FUSERmDirIn struct {
	// Name is a directory name to be removed.
	Name CString
}

FUSERmDirIn is the request sent by the kernel to the daemon when trying to remove a directory.

+marshal dynamic

func (*FUSERmDirIn) MarshalBytes

func (r *FUSERmDirIn) MarshalBytes(buf []byte) []byte

MarshalBytes implements marshal.Marshallable.MarshalBytes.

func (*FUSERmDirIn) SizeBytes

func (r *FUSERmDirIn) SizeBytes() int

SizeBytes implements marshal.Marshallable.SizeBytes.

func (*FUSERmDirIn) UnmarshalBytes

func (r *FUSERmDirIn) UnmarshalBytes(buf []byte) []byte

UnmarshalBytes implements marshal.Marshallable.UnmarshalBytes.

type FUSESetAttrIn

type FUSESetAttrIn struct {
	// Valid indicates which attributes are modified by this request.
	Valid uint32

	// Fh is used to identify the file if FATTR_FH is set in Valid.
	Fh uint64

	// Size is the size that the request wants to change to.
	Size uint64

	// LockOwner is the owner of the lock that the request wants to change to.
	LockOwner uint64

	// Atime is the access time that the request wants to change to.
	Atime uint64

	// Mtime is the modification time that the request wants to change to.
	Mtime uint64

	// Ctime is the status change time that the request wants to change to.
	Ctime uint64

	// AtimeNsec is the nano second part of Atime.
	AtimeNsec uint32

	// MtimeNsec is the nano second part of Mtime.
	MtimeNsec uint32

	// CtimeNsec is the nano second part of Ctime.
	CtimeNsec uint32

	// Mode is the file mode that the request wants to change to.
	Mode uint32

	// UID is the user ID of the owner that the request wants to change to.
	UID uint32

	// GID is the group ID of the owner that the request wants to change to.
	GID uint32
	// contains filtered or unexported fields
}

FUSESetAttrIn is the request sent by the kernel to the daemon, to set the attribute(s) of a file.

+marshal

type FUSEStatfsOut

type FUSEStatfsOut struct {
	// Blocks is the maximum number of data blocks the filesystem may store, in
	// units of BlockSize.
	Blocks uint64

	// BlocksFree is the number of free data blocks, in units of BlockSize.
	BlocksFree uint64

	// BlocksAvailable is the number of data blocks free for use by
	// unprivileged users, in units of BlockSize.
	BlocksAvailable uint64

	// Files is the number of used file nodes on the filesystem.
	Files uint64

	// FileFress is the number of free file nodes on the filesystem.
	FilesFree uint64

	// BlockSize is the optimal transfer block size in bytes.
	BlockSize uint32

	// NameLength is the maximum file name length.
	NameLength uint32

	// FragmentSize is equivalent to BlockSize.
	FragmentSize uint32

	Spare [6]uint32
	// contains filtered or unexported fields
}

FUSEStatfsOut is the reply sent by the daemon to the kernel for FUSE_STATFS. from https://elixir.bootlin.com/linux/latest/source/include/uapi/linux/fuse.h#L252

+marshal

type FUSESymlinkIn

type FUSESymlinkIn struct {
	// Name of symlink to create.
	Name CString

	// Target of the symlink.
	Target CString
}

FUSESymlinkIn is the request sent by the kernel to the daemon, to create a symbolic link.

+marshal dynamic

func (*FUSESymlinkIn) MarshalBytes

func (r *FUSESymlinkIn) MarshalBytes(buf []byte) []byte

MarshalBytes implements marshal.Marshallable.MarshalBytes.

func (*FUSESymlinkIn) SizeBytes

func (r *FUSESymlinkIn) SizeBytes() int

SizeBytes implements marshal.Marshallable.SizeBytes.

func (*FUSESymlinkIn) UnmarshalBytes

func (r *FUSESymlinkIn) UnmarshalBytes(buf []byte) []byte

UnmarshalBytes implements marshal.Marshallable.UnmarshalBytes.

type FUSEUnlinkIn

type FUSEUnlinkIn struct {
	// Name of the node to unlink.
	Name CString
}

FUSEUnlinkIn is the request sent by the kernel to the daemon when trying to unlink a node.

+marshal dynamic

func (*FUSEUnlinkIn) MarshalBytes

func (r *FUSEUnlinkIn) MarshalBytes(buf []byte) []byte

MarshalBytes implements marshal.Marshallable.MarshalBytes.

func (*FUSEUnlinkIn) SizeBytes

func (r *FUSEUnlinkIn) SizeBytes() int

SizeBytes implements marshal.Marshallable.SizeBytes.

func (*FUSEUnlinkIn) UnmarshalBytes

func (r *FUSEUnlinkIn) UnmarshalBytes(buf []byte) []byte

UnmarshalBytes implements marshal.Marshallable.UnmarshalBytes.

type FUSEWriteIn

type FUSEWriteIn struct {
	// Fh is the file handle in userspace.
	Fh uint64

	// Offset is the write offset.
	Offset uint64

	// Size is the number of bytes to write.
	Size uint32

	// ReadFlags for this FUSE_WRITE request.
	WriteFlags uint32

	// LockOwner is the id of the lock owner if there is one.
	LockOwner uint64

	// Flags for the underlying file.
	Flags uint32
	// contains filtered or unexported fields
}

FUSEWriteIn is the first part of the payload of the request sent by the kernel to the daemon for FUSE_WRITE (struct for FUSE version >= 7.9).

The second part of the payload is the binary bytes of the data to be written. See FUSEWritePayloadIn that combines header & payload.

+marshal

type FUSEWriteOut

type FUSEWriteOut struct {
	// Size is the number of bytes written.
	Size uint32
	// contains filtered or unexported fields
}

FUSEWriteOut is the payload of the reply sent by the daemon to the kernel for a FUSE_WRITE request.

+marshal

type FUSEWritePayloadIn

type FUSEWritePayloadIn struct {
	Header  FUSEWriteIn
	Payload primitive.ByteSlice
}

FUSEWritePayloadIn combines header - FUSEWriteIn and payload in a single marshallable struct when sending request by the kernel to the daemon

+marshal dynamic

func (*FUSEWritePayloadIn) MarshalBytes

func (r *FUSEWritePayloadIn) MarshalBytes(dst []byte) []byte

MarshalBytes implements marshal.Marshallable.MarshalBytes.

func (*FUSEWritePayloadIn) SizeBytes

func (r *FUSEWritePayloadIn) SizeBytes() int

SizeBytes implements marshal.Marshallable.SizeBytes.

func (*FUSEWritePayloadIn) UnmarshalBytes

func (r *FUSEWritePayloadIn) UnmarshalBytes(src []byte) []byte

UnmarshalBytes implements marshal.Marshallable.UnmarshalBytes.

type FileMode

type FileMode uint16

FileMode represents a mode_t.

+marshal

func (FileMode) DirentType

func (m FileMode) DirentType() uint8

DirentType maps file types to dirent types appropriate for (struct dirent)::d_type.

func (FileMode) ExtraBits

func (m FileMode) ExtraBits() FileMode

ExtraBits returns everything but the file type and permission bits.

func (FileMode) FileType

func (m FileMode) FileType() FileMode

FileType returns just the file type bits.

func (FileMode) IsDir

func (m FileMode) IsDir() bool

IsDir returns true if file type represents a directory.

func (FileMode) Permissions

func (m FileMode) Permissions() FileMode

Permissions returns just the permission bits.

func (FileMode) String

func (m FileMode) String() string

String returns a string representation of m.

type Flock

type Flock struct {
	Type   int16
	Whence int16

	Start int64
	Len   int64
	PID   int32
	// contains filtered or unexported fields
}

Flock is the lock structure for F_SETLK.

+marshal

type ICMP6Filter

type ICMP6Filter struct {
	Filter [8]uint32
}

ICMP6Filter represents struct icmp6_filter from linux/icmpv6.h.

+marshal +stateify savable

type IFConf

type IFConf struct {
	Len int32

	Ptr uint64
	// contains filtered or unexported fields
}

IFConf is used to return a list of interfaces and their addresses. See netdevice(7) and struct ifconf for more detail on its use.

+marshal

type IFMap

type IFMap struct {
	MemStart uint64
	MemEnd   uint64
	BaseAddr int16
	IRQ      byte
	DMA      byte
	Port     byte
	// contains filtered or unexported fields
}

IFMap contains interface hardware parameters.

type IFReq

type IFReq struct {
	// IFName is an encoded name, normally null-terminated. This should be
	// accessed via the Name and SetName functions.
	IFName [IFNAMSIZ]byte

	// Data is the union of the following structures:
	//
	//	struct sockaddr ifr_addr;
	//	struct sockaddr ifr_dstaddr;
	//	struct sockaddr ifr_broadaddr;
	//	struct sockaddr ifr_netmask;
	//	struct sockaddr ifr_hwaddr;
	//	short           ifr_flags;
	//	int             ifr_ifindex;
	//	int             ifr_metric;
	//	int             ifr_mtu;
	//	struct ifmap    ifr_map;
	//	char            ifr_slave[IFNAMSIZ];
	//	char            ifr_newname[IFNAMSIZ];
	//	char           *ifr_data;
	Data [24]byte
}

IFReq is an interface request.

+marshal

func (*IFReq) Name

func (ifr *IFReq) Name() string

Name returns the name.

func (*IFReq) SetName

func (ifr *IFReq) SetName(name string)

SetName sets the name.

type IOCallback

type IOCallback struct {
	Data uint64
	Key  uint32

	OpCode  uint16
	ReqPrio int16
	FD      int32

	Buf    uint64
	Bytes  uint64
	Offset int64

	Reserved2 uint64
	Flags     uint32

	// eventfd to signal if IOCB_FLAG_RESFD is set in flags.
	ResFD int32
	// contains filtered or unexported fields
}

IOCallback describes an I/O request.

The priority field is currently ignored in the implementation below. Also note that the IOCB_FLAG_RESFD feature is not supported.

+marshal

type IOCqRingOffsets

type IOCqRingOffsets struct {
	Head        uint32 // Offset to io_rings.cq.head
	Tail        uint32 // Offset to io_rings.cq.tail
	RingMask    uint32 // Offset to io_rings.cq_ring_mask
	RingEntries uint32 // Offset to io_rings.cq_ring_entries
	Overflow    uint32 // Offset to io_rings.cq_overflow
	Cqes        uint32 // Offset to io_rings.cqes
	Flags       uint32 // Offset to io_rings.cq_flags
	Resv1       uint32 // Currently reserved and expected to be zero
	Resv2       uint64 // Currently reserved and expected to be zero
}

IOCqRingOffsets implements io_cqring_offsets struct. IOCqRingOffsets represents offsets into IORings. See struct io_cqring_offsets in include/uapi/linux/io_uring.h.

+marshal

func PreComputedIOCqRingOffsets

func PreComputedIOCqRingOffsets() IOCqRingOffsets

PreComputedIOCqRingOffsets returns precomputed values for IOCqRingOffsets.

type IOEvent

type IOEvent struct {
	Data    uint64
	Obj     uint64
	Result  int64
	Result2 int64
}

IOEvent describes an I/O result.

+marshal +stateify savable

type IORingIndex

type IORingIndex uint32

IORingIndex represents SQE array indexes.

+marshal

type IORings

type IORings struct {
	Sq            IOUring
	Cq            IOUring
	SqRingMask    uint32
	CqRingMask    uint32
	SqRingEntries uint32
	CqRingEntries uint32

	CqOverflow uint32
	// contains filtered or unexported fields
}

IORings implements io_rings struct. This struct describes layout of the mapped region backed by the ringBuffersFile. See struct io_rings in io_uring/io_uring.c.

+marshal +stateify savable

type IOSqRingOffsets

type IOSqRingOffsets struct {
	Head        uint32 // Offset to io_rings.sq.head
	Tail        uint32 // Offset to io_rings.sq.tail
	RingMask    uint32 // Offset to io_rings.sq_ring_mask
	RingEntries uint32 // Offset to io_rings.sq_ring_entries
	Flags       uint32 // Offset to io_rings.sq_flags
	Dropped     uint32 // Offset to io_rings.sq_dropped
	Array       uint32 // Offset to an array of SQE indices
	Resv1       uint32 // Currently reserved and expected to be zero
	Resv2       uint64 // Currently reserved and expected to be zero
}

IOSqRingOffsets implements io_sqring_offsets struct. IOSqRingOffsets represents offsets into IORings. See struct io_sqring_offsets in include/uapi/linux/io_uring.h.

+marshal

func PreComputedIOSqRingOffsets

func PreComputedIOSqRingOffsets() IOSqRingOffsets

PreComputedIOSqRingOffsets returns precomputed values for IOSqRingOffsets.

type IOUring

type IOUring struct {
	// Both head and tail should be cacheline aligned. And we assume that
	// cacheline size is 64 bytes.
	Head uint32

	Tail uint32
	// contains filtered or unexported fields
}

IOUring implements io_uring struct. See struct io_uring in io_uring/io_uring.c.

+marshal +stateify savable

type IOUringCqe

type IOUringCqe struct {
	UserData uint64
	Res      int32
	Flags    uint32
}

IOUringCqe implements IO completion data structure (Completion Queue Entry) io_uring_cqe struct. As we don't currently support IORING_SETUP_CQE32 flag its size is 16 bytes. See struct io_uring_cqe in include/uapi/linux/io_uring.h.

+marshal +stateify savable

type IOUringParams

type IOUringParams struct {
	SqEntries    uint32
	CqEntries    uint32
	Flags        uint32
	SqThreadCPU  uint32
	SqThreadIdle uint32
	Features     uint32
	WqFd         uint32
	Resv         [3]uint32
	SqOff        IOSqRingOffsets
	CqOff        IOCqRingOffsets
}

IOUringParams implements io_uring_params struct. See struct io_uring_params in include/uapi/linux/io_uring.h.

+marshal

type IOUringSqe

type IOUringSqe struct {
	Opcode           uint8
	Flags            uint8
	IoPrio           uint16
	Fd               int32
	OffOrAddrOrCmdOp uint64
	AddrOrSpliceOff  uint64
	Len              uint32

	UserData        uint64
	BufIndexOrGroup uint16
	// contains filtered or unexported fields
}

IOUringSqe implements io_uring_sqe struct. This struct represents IO submission data structure (Submission Queue Entry). As we don't yet support IORING_SETUP_SQE128 flag, its size is 64 bytes with no extra padding at the end. See include/uapi/linux/io_uring.h.

+marshal +stateify savable

type IP6TEntry

type IP6TEntry struct {
	// IPv6 is used to filter packets based on the IPv6 header.
	IPv6 IP6TIP

	// NFCache relates to kernel-internal caching and isn't used by
	// userspace.
	NFCache uint32

	// TargetOffset is the byte offset from the beginning of this IPTEntry
	// to the start of the entry's target.
	TargetOffset uint16

	// NextOffset is the byte offset from the beginning of this IPTEntry to
	// the start of the next entry. It is thus also the size of the entry.
	NextOffset uint16

	// Comeback is a return pointer. It is not used by userspace.
	Comeback uint32

	// Counters holds the packet and byte counts for this rule.
	Counters XTCounters
	// contains filtered or unexported fields
}

IP6TEntry is an iptables rule. It corresponds to struct ip6t_entry in include/uapi/linux/netfilter_ipv6/ip6_tables.h.

+marshal

type IP6TIP

type IP6TIP struct {
	// Src is the source IP address.
	Src Inet6Addr

	// Dst is the destination IP address.
	Dst Inet6Addr

	// SrcMask is the source IP mask.
	SrcMask Inet6Addr

	// DstMask is the destination IP mask.
	DstMask Inet6Addr

	// InputInterface is the input network interface.
	InputInterface [IFNAMSIZ]byte

	// OutputInterface is the output network interface.
	OutputInterface [IFNAMSIZ]byte

	// InputInterfaceMask is the input interface mask.
	InputInterfaceMask [IFNAMSIZ]byte

	// OuputInterfaceMask is the output interface mask.
	OutputInterfaceMask [IFNAMSIZ]byte

	// Protocol is the transport protocol.
	Protocol uint16

	// TOS matches TOS flags when Flags indicates filtering by TOS.
	TOS uint8

	// Flags define matching behavior for the IP header.
	Flags uint8

	// InverseFlags invert the meaning of fields in struct IPTIP. See the
	// IP6T_INV_* flags.
	InverseFlags uint8
	// contains filtered or unexported fields
}

IP6TIP contains information for matching a packet's IP header. It corresponds to struct ip6t_ip6 in include/uapi/linux/netfilter_ipv6/ip6_tables.h.

+marshal

type IP6TReplace

type IP6TReplace struct {
	Name        TableName
	ValidHooks  uint32
	NumEntries  uint32
	Size        uint32
	HookEntry   [NF_INET_NUMHOOKS]uint32
	Underflow   [NF_INET_NUMHOOKS]uint32
	NumCounters uint32
	Counters    uint64 // This is really a *XTCounters.

}

IP6TReplace is the argument for the IP6T_SO_SET_REPLACE sockopt. It corresponds to struct ip6t_replace in include/uapi/linux/netfilter_ipv6/ip6_tables.h.

+marshal

type IPCPerm

type IPCPerm struct {
	Key  uint32
	UID  uint32
	GID  uint32
	CUID uint32
	CGID uint32
	Mode uint16

	Seq uint16
	// contains filtered or unexported fields
}

IPCPerm is equivalent to struct ipc64_perm.

+marshal

type IPTEntry

type IPTEntry struct {
	// IP is used to filter packets based on the IP header.
	IP IPTIP

	// NFCache relates to kernel-internal caching and isn't used by
	// userspace.
	NFCache uint32

	// TargetOffset is the byte offset from the beginning of this IPTEntry
	// to the start of the entry's target.
	TargetOffset uint16

	// NextOffset is the byte offset from the beginning of this IPTEntry to
	// the start of the next entry. It is thus also the size of the entry.
	NextOffset uint16

	// Comeback is a return pointer. It is not used by userspace.
	Comeback uint32

	// Counters holds the packet and byte counts for this rule.
	Counters XTCounters
}

IPTEntry is an iptable rule. It corresponds to struct ipt_entry in include/uapi/linux/netfilter_ipv4/ip_tables.h.

+marshal

type IPTGetEntries

type IPTGetEntries struct {
	Name TableName
	Size uint32
	// contains filtered or unexported fields
}

IPTGetEntries is the argument for the IPT_SO_GET_ENTRIES sockopt. It corresponds to struct ipt_get_entries in include/uapi/linux/netfilter_ipv4/ip_tables.h.

+marshal

type IPTGetinfo

type IPTGetinfo struct {
	Name       TableName
	ValidHooks uint32
	HookEntry  [NF_INET_NUMHOOKS]uint32
	Underflow  [NF_INET_NUMHOOKS]uint32
	NumEntries uint32
	Size       uint32
}

IPTGetinfo is the argument for the IPT_SO_GET_INFO sockopt. It corresponds to struct ipt_getinfo in include/uapi/linux/netfilter_ipv4/ip_tables.h.

+marshal

type IPTIP

type IPTIP struct {
	// Src is the source IP address.
	Src InetAddr

	// Dst is the destination IP address.
	Dst InetAddr

	// SrcMask is the source IP mask.
	SrcMask InetAddr

	// DstMask is the destination IP mask.
	DstMask InetAddr

	// InputInterface is the input network interface.
	InputInterface [IFNAMSIZ]byte

	// OutputInterface is the output network interface.
	OutputInterface [IFNAMSIZ]byte

	// InputInterfaceMask is the input interface mask.
	InputInterfaceMask [IFNAMSIZ]byte

	// OuputInterfaceMask is the output interface mask.
	OutputInterfaceMask [IFNAMSIZ]byte

	// Protocol is the transport protocol.
	Protocol uint16

	// Flags define matching behavior for the IP header.
	Flags uint8

	// InverseFlags invert the meaning of fields in struct IPTIP. See the
	// IPT_INV_* flags.
	InverseFlags uint8
}

IPTIP contains information for matching a packet's IP header. It corresponds to struct ipt_ip in include/uapi/linux/netfilter_ipv4/ip_tables.h.

+marshal

type IPTOwnerInfo

type IPTOwnerInfo struct {
	// UID is user id which created the packet.
	UID uint32

	// GID is group id which created the packet.
	GID uint32

	// PID is process id of the process which created the packet.
	PID uint32

	// SID is session id which created the packet.
	SID uint32

	// Comm is the command name which created the packet.
	Comm [16]byte

	// Match is used to match UID/GID of the socket. See the
	// XT_OWNER_* flags below.
	Match uint8

	// Invert flips the meaning of Match field.
	Invert uint8 `marshal:"unaligned"`
}

IPTOwnerInfo holds data for matching packets with the owner v0 matcher. It corresponds to struct ipt_owner_info in libxt_owner.c of iptables binary.

+marshal

type IPTReplace

type IPTReplace struct {
	Name        TableName
	ValidHooks  uint32
	NumEntries  uint32
	Size        uint32
	HookEntry   [NF_INET_NUMHOOKS]uint32
	Underflow   [NF_INET_NUMHOOKS]uint32
	NumCounters uint32
	Counters    uint64 // This is really a *XTCounters.

}

IPTReplace is the argument for the IPT_SO_SET_REPLACE sockopt. It corresponds to struct ipt_replace in include/uapi/linux/netfilter_ipv4/ip_tables.h.

+marshal

type Inet6Addr

type Inet6Addr [16]byte

Inet6Addr is struct in6_addr, from uapi/linux/in6.h.

+marshal

type Inet6MulticastRequest

type Inet6MulticastRequest struct {
	MulticastAddr  Inet6Addr
	InterfaceIndex int32
}

Inet6MulticastRequest is struct ipv6_mreq, from uapi/linux/in6.h.

+marshal

type InetAddr

type InetAddr [4]byte

InetAddr is struct in_addr, from uapi/linux/in.h.

+marshal

type InetMulticastRequest

type InetMulticastRequest struct {
	MulticastAddr InetAddr
	InterfaceAddr InetAddr
}

InetMulticastRequest is struct ip_mreq, from uapi/linux/in.h.

+marshal

type InetMulticastRequestWithNIC

type InetMulticastRequestWithNIC struct {
	InetMulticastRequest
	InterfaceIndex int32
}

InetMulticastRequestWithNIC is struct ip_mreqn, from uapi/linux/in.h.

+marshal

type InterfaceAddrMessage

type InterfaceAddrMessage struct {
	Family    uint8
	PrefixLen uint8
	Flags     uint8
	Scope     uint8
	Index     uint32
}

InterfaceAddrMessage is struct ifaddrmsg, from uapi/linux/if_addr.h.

+marshal

type InterfaceInfoMessage

type InterfaceInfoMessage struct {
	Family uint8

	Type   uint16
	Index  int32
	Flags  uint32
	Change uint32
	// contains filtered or unexported fields
}

InterfaceInfoMessage is struct ifinfomsg, from uapi/linux/rtnetlink.h.

+marshal

type ItimerVal

type ItimerVal struct {
	Interval Timeval
	Value    Timeval
}

ItimerVal mimics the following struct in <sys/time.h>

struct itimerval {
  struct timeval it_interval; /* next value */
  struct timeval it_value;    /* current value */
};

+marshal

type Itimerspec

type Itimerspec struct {
	Interval Timespec
	Value    Timespec
}

Itimerspec represents struct itimerspec in <time.h>.

+marshal

type KernelIP6TEntry

type KernelIP6TEntry struct {
	Entry IP6TEntry

	// Elems holds the data for all this rule's matches followed by the
	// target. It is variable length -- users have to iterate over any
	// matches and use TargetOffset and NextOffset to make sense of the
	// data.
	Elems primitive.ByteSlice
}

KernelIP6TEntry is identical to IP6TEntry, but includes the Elems field.

+marshal dynamic

func (*KernelIP6TEntry) MarshalBytes

func (ke *KernelIP6TEntry) MarshalBytes(dst []byte) []byte

MarshalBytes implements marshal.Marshallable.MarshalBytes.

func (*KernelIP6TEntry) SizeBytes

func (ke *KernelIP6TEntry) SizeBytes() int

SizeBytes implements marshal.Marshallable.SizeBytes.

func (*KernelIP6TEntry) UnmarshalBytes

func (ke *KernelIP6TEntry) UnmarshalBytes(src []byte) []byte

UnmarshalBytes implements marshal.Marshallable.UnmarshalBytes.

type KernelIP6TGetEntries

type KernelIP6TGetEntries struct {
	IPTGetEntries
	Entrytable []KernelIP6TEntry
}

KernelIP6TGetEntries is identical to IP6TGetEntries, but includes the Entrytable field.

+marshal dynamic

func (*KernelIP6TGetEntries) MarshalBytes

func (ke *KernelIP6TGetEntries) MarshalBytes(dst []byte) []byte

MarshalBytes implements marshal.Marshallable.MarshalBytes.

func (*KernelIP6TGetEntries) SizeBytes

func (ke *KernelIP6TGetEntries) SizeBytes() int

SizeBytes implements marshal.Marshallable.SizeBytes.

func (*KernelIP6TGetEntries) UnmarshalBytes

func (ke *KernelIP6TGetEntries) UnmarshalBytes(src []byte) []byte

UnmarshalBytes implements marshal.Marshallable.UnmarshalBytes.

type KernelIPTEntry

type KernelIPTEntry struct {
	Entry IPTEntry

	// Elems holds the data for all this rule's matches followed by the
	// target. It is variable length -- users have to iterate over any
	// matches and use TargetOffset and NextOffset to make sense of the
	// data.
	Elems primitive.ByteSlice
}

KernelIPTEntry is identical to IPTEntry, but includes the Elems field.

+marshal dynamic

func (*KernelIPTEntry) MarshalBytes

func (ke *KernelIPTEntry) MarshalBytes(dst []byte) []byte

MarshalBytes implements marshal.Marshallable.MarshalBytes.

func (*KernelIPTEntry) SizeBytes

func (ke *KernelIPTEntry) SizeBytes() int

SizeBytes implements marshal.Marshallable.SizeBytes.

func (*KernelIPTEntry) UnmarshalBytes

func (ke *KernelIPTEntry) UnmarshalBytes(src []byte) []byte

UnmarshalBytes implements marshal.Marshallable.UnmarshalBytes.

type KernelIPTGetEntries

type KernelIPTGetEntries struct {
	IPTGetEntries
	Entrytable []KernelIPTEntry
}

KernelIPTGetEntries is identical to IPTGetEntries, but includes the Entrytable field.

+marshal dynamic

func (*KernelIPTGetEntries) MarshalBytes

func (ke *KernelIPTGetEntries) MarshalBytes(dst []byte) []byte

MarshalBytes implements marshal.Marshallable.MarshalBytes.

func (*KernelIPTGetEntries) SizeBytes

func (ke *KernelIPTGetEntries) SizeBytes() int

SizeBytes implements marshal.Marshallable.SizeBytes.

func (*KernelIPTGetEntries) UnmarshalBytes

func (ke *KernelIPTGetEntries) UnmarshalBytes(src []byte) []byte

UnmarshalBytes implements marshal.Marshallable.UnmarshalBytes.

type KernelTermios

type KernelTermios struct {
	InputFlags        uint32
	OutputFlags       uint32
	ControlFlags      uint32
	LocalFlags        uint32
	LineDiscipline    uint8
	ControlCharacters [NumControlCharacters]uint8
	InputSpeed        uint32
	OutputSpeed       uint32
}

KernelTermios is struct ktermios/struct termios2, defined in uapi/asm-generic/termbits.h.

+stateify savable

func (*KernelTermios) CEnabled

func (t *KernelTermios) CEnabled(flag uint32) bool

CEnabled returns whether flag is enabled in termios control flags.

func (*KernelTermios) FromTermios

func (t *KernelTermios) FromTermios(term Termios)

FromTermios copies fields that are shared with Termios into this KernelTermios struct.

func (*KernelTermios) IEnabled

func (t *KernelTermios) IEnabled(flag uint32) bool

IEnabled returns whether flag is enabled in termios input flags.

func (*KernelTermios) IsEOF

func (t *KernelTermios) IsEOF(c byte) bool

IsEOF returns whether c is the EOF character.

func (*KernelTermios) IsTerminating

func (t *KernelTermios) IsTerminating(cBytes []byte) bool

IsTerminating returns whether c is a line terminating character.

func (*KernelTermios) LEnabled

func (t *KernelTermios) LEnabled(flag uint32) bool

LEnabled returns whether flag is enabled in termios local flags.

func (*KernelTermios) OEnabled

func (t *KernelTermios) OEnabled(flag uint32) bool

OEnabled returns whether flag is enabled in termios output flags.

func (*KernelTermios) ToTermios

func (t *KernelTermios) ToTermios() Termios

ToTermios copies fields that are shared with Termios into a new Termios struct.

type KernelXTEntryMatch

type KernelXTEntryMatch struct {
	XTEntryMatch
	Data []byte
}

KernelXTEntryMatch is identical to XTEntryMatch, but contains variable-length Data field.

type KernelXTEntryTarget

type KernelXTEntryTarget struct {
	XTEntryTarget
	Data []byte
}

KernelXTEntryTarget is identical to XTEntryTarget, but contains a variable-length Data field.

type Linger

type Linger struct {
	OnOff  int32
	Linger int32
}

Linger is struct linger, from include/linux/socket.h.

+marshal

type MqAttr

type MqAttr struct {
	MqFlags   int64 // Message queue flags.
	MqMaxmsg  int64 // Maximum number of messages.
	MqMsgsize int64 // Maximum message size.
	MqCurmsgs int64 // Number of messages currently queued.
	// contains filtered or unexported fields
}

MqAttr is equivalent to struct mq_attr. Source: include/uapi/linux/mqueue.h

+marshal

type MsgBuf

type MsgBuf struct {
	Type primitive.Int64
	Text primitive.ByteSlice
}

MsgBuf is equivalent to struct msgbuf. Source: include/uapi/linux/msg.h

+marshal dynamic

func (*MsgBuf) MarshalBytes

func (b *MsgBuf) MarshalBytes(dst []byte) []byte

MarshalBytes implements marshal.Marshallable.MarshalBytes.

func (*MsgBuf) SizeBytes

func (b *MsgBuf) SizeBytes() int

SizeBytes implements marshal.Marshallable.SizeBytes.

func (*MsgBuf) UnmarshalBytes

func (b *MsgBuf) UnmarshalBytes(src []byte) []byte

UnmarshalBytes implements marshal.Marshallable.UnmarshalBytes.

type MsgInfo

type MsgInfo struct {
	MsgPool int32
	MsgMap  int32
	MsgMax  int32
	MsgMnb  int32
	MsgMni  int32
	MsgSsz  int32
	MsgTql  int32
	MsgSeg  uint16 `marshal:"unaligned"`
}

MsgInfo is equivalent to struct msginfo. Source: include/uapi/linux/msg.h

+marshal

type MsqidDS

type MsqidDS struct {
	MsgPerm   IPCPerm // IPC permissions.
	MsgStime  TimeT   // Last msgsnd time.
	MsgRtime  TimeT   // Last msgrcv time.
	MsgCtime  TimeT   // Last change time.
	MsgCbytes uint64  // Current number of bytes on the queue.
	MsgQnum   uint64  // Number of messages in the queue.
	MsgQbytes uint64  // Max number of bytes in the queue.
	MsgLspid  int32   // PID of last msgsnd.
	MsgLrpid  int32   // PID of last msgrcv.
	// contains filtered or unexported fields
}

MsqidDS is equivalent to struct msqid64_ds. Source: include/uapi/asm-generic/shmbuf.h

+marshal

type NFNATRange

type NFNATRange struct {
	Flags    uint32
	MinAddr  Inet6Addr
	MaxAddr  Inet6Addr
	MinProto uint16 // Network byte order.
	MaxProto uint16 // Network byte order.
}

NFNATRange corresponds to struct nf_nat_range in include/uapi/linux/netfilter/nf_nat.h.

+marshal

type NFNATRange2

type NFNATRange2 struct {
	Flags     uint32
	MinAddr   Inet6Addr
	MaxAddr   Inet6Addr
	MinProto  uint16 // Network byte order.
	MaxProto  uint16 // Network byte order.
	BaseProto uint16 // Network byte order.
	// contains filtered or unexported fields
}

NFNATRange2 corresponds to struct nf_nat_range2 in include/uapi/linux/netfilter/nf_nat.h.

+marshal

type NetlinkAttrHeader

type NetlinkAttrHeader struct {
	Length uint16
	Type   uint16
}

NetlinkAttrHeader is the header of a netlink attribute, followed by payload.

This is struct nlattr, from uapi/linux/netlink.h.

+marshal

type NetlinkErrorMessage

type NetlinkErrorMessage struct {
	Error  int32
	Header NetlinkMessageHeader
}

NetlinkErrorMessage is struct nlmsgerr, from uapi/linux/netlink.h.

+marshal

type NetlinkMessageHeader

type NetlinkMessageHeader struct {
	Length uint32
	Type   uint16
	Flags  uint16
	Seq    uint32
	PortID uint32
}

NetlinkMessageHeader is struct nlmsghdr, from uapi/linux/netlink.h.

+marshal

type NfNATIPV4MultiRangeCompat

type NfNATIPV4MultiRangeCompat struct {
	RangeSize uint32
	RangeIPV4 NfNATIPV4Range
}

NfNATIPV4MultiRangeCompat corresponds to struct nf_nat_ipv4_multi_range_compat in include/uapi/linux/netfilter/nf_nat.h.

+marshal

type NfNATIPV4Range

type NfNATIPV4Range struct {
	Flags   uint32
	MinIP   [4]byte
	MaxIP   [4]byte
	MinPort uint16
	MaxPort uint16
}

NfNATIPV4Range corresponds to struct nf_nat_ipv4_range in include/uapi/linux/netfilter/nf_nat.h. The fields are in network byte order.

+marshal

type NumaPolicy

type NumaPolicy int32

NumaPolicy is the NUMA memory policy for a memory range. See numa(7).

+marshal

const (
	MPOL_DEFAULT    NumaPolicy = 0
	MPOL_PREFERRED  NumaPolicy = 1
	MPOL_BIND       NumaPolicy = 2
	MPOL_INTERLEAVE NumaPolicy = 3
	MPOL_LOCAL      NumaPolicy = 4
	MPOL_MAX        NumaPolicy = 5
)

Policies for get_mempolicy(2)/set_mempolicy(2).

type PollFD

type PollFD struct {
	FD      int32
	Events  int16
	REvents int16
}

PollFD is struct pollfd, used by poll(2)/ppoll(2), from uapi/asm-generic/poll.h.

+marshal slice:PollFDSlice

type PtraceRegs

type PtraceRegs struct {
	R15      uint64
	R14      uint64
	R13      uint64
	R12      uint64
	Rbp      uint64
	Rbx      uint64
	R11      uint64
	R10      uint64
	R9       uint64
	R8       uint64
	Rax      uint64
	Rcx      uint64
	Rdx      uint64
	Rsi      uint64
	Rdi      uint64
	Orig_rax uint64
	Rip      uint64
	Cs       uint64
	Eflags   uint64
	Rsp      uint64
	Ss       uint64
	Fs_base  uint64
	Gs_base  uint64
	Ds       uint64
	Es       uint64
	Fs       uint64
	Gs       uint64
}

PtraceRegs is the set of CPU registers exposed by ptrace. Source: syscall.PtraceRegs.

+marshal +stateify savable

func (*PtraceRegs) InstructionPointer

func (p *PtraceRegs) InstructionPointer() uint64

InstructionPointer returns the address of the next instruction to be executed.

func (*PtraceRegs) SetStackPointer

func (p *PtraceRegs) SetStackPointer(sp uint64)

SetStackPointer sets the stack pointer to the specified value.

func (*PtraceRegs) StackPointer

func (p *PtraceRegs) StackPointer() uint64

StackPointer returns the address of the Stack pointer.

type RLimit

type RLimit struct {
	// Cur specifies the soft limit.
	Cur uint64
	// Max specifies the hard limit.
	Max uint64
}

RLimit corresponds to Linux's struct rlimit.

type RSeq

type RSeq struct {
	// CPUIDStart contains the current CPU ID if rseq is initialized.
	//
	// This field should only be read by the thread which registered this
	// structure, and must be read atomically.
	CPUIDStart uint32

	// CPUID contains the current CPU ID or one of the CPU ID special
	// values defined above.
	//
	// This field should only be read by the thread which registered this
	// structure, and must be read atomically.
	CPUID uint32

	// RSeqCriticalSection is a pointer to the current RSeqCriticalSection
	// block, or NULL. It is reset to NULL by the kernel on restart or
	// non-restarting preempt/signal.
	//
	// This field should only be written by the thread which registered
	// this structure, and must be written atomically.
	RSeqCriticalSection uint64

	// Flags are the critical section flags that apply to all critical
	// sections on this thread, defined above.
	Flags uint32
}

RSeq is the thread-local restartable sequences config/status. It is equivalent to struct rseq, defined in include/uapi/linux/rseq.h.

In userspace, this structure is always aligned to 32 bytes.

type RSeqCriticalSection

type RSeqCriticalSection struct {
	// Version is the version of this structure. Version 0 is defined here.
	Version uint32

	// Flags are the critical section flags, defined above.
	Flags uint32

	// Start is the start address of the critical section.
	Start uint64

	// PostCommitOffset is the offset from Start of the first instruction
	// outside of the critical section.
	PostCommitOffset uint64

	// Abort is the abort address. It must be outside the critical section,
	// and the 4 bytes prior must match the abort signature.
	Abort uint64
}

RSeqCriticalSection describes a restartable sequences critical section. It is equivalent to struct rseq_cs, defined in include/uapi/linux/rseq.h.

In userspace, this structure is always aligned to 32 bytes.

+marshal

type RobustListHead

type RobustListHead struct {
	List          uint64
	FutexOffset   uint64
	ListOpPending uint64
}

RobustListHead corresponds to Linux's struct robust_list_head.

+marshal

type RouteMessage

type RouteMessage struct {
	Family uint8
	DstLen uint8
	SrcLen uint8
	TOS    uint8

	Table    uint8
	Protocol uint8
	Scope    uint8
	Type     uint8

	Flags uint32
}

RouteMessage is struct rtmsg, from uapi/linux/rtnetlink.h.

+marshal

type RtAttr

type RtAttr struct {
	Len  uint16
	Type uint16
}

RtAttr is the header of optional addition route information, as a netlink attribute. From include/uapi/linux/rtnetlink.h.

+marshal

type Rusage

type Rusage struct {
	UTime    Timeval
	STime    Timeval
	MaxRSS   int64
	IXRSS    int64
	IDRSS    int64
	ISRSS    int64
	MinFlt   int64
	MajFlt   int64
	NSwap    int64
	InBlock  int64
	OuBlock  int64
	MsgSnd   int64
	MsgRcv   int64
	NSignals int64
	NVCSw    int64
	NIvCSw   int64
}

Rusage represents the Linux struct rusage.

+marshal

type SeccompData

type SeccompData struct {
	// Nr is the system call number.
	Nr int32

	// Arch is an AUDIT_ARCH_* value indicating the system call convention.
	Arch uint32

	// InstructionPointer is the value of the instruction pointer at the time
	// of the system call.
	InstructionPointer uint64

	// Args contains the first 6 system call arguments.
	Args [6]uint64
}

SeccompData is equivalent to struct seccomp_data, which contains the data passed to seccomp-bpf filters.

+marshal

func (SeccompData) String

func (sd SeccompData) String() string

String returns a human-friendly representation of this `SeccompData`.

type SeccompNotif

type SeccompNotif struct {
	ID    uint64
	Pid   int32
	Flags uint32
	Data  SeccompData
}

SeccompNotif is equivalent to struct seccomp_notif.

+marshal

type SeccompNotifResp

type SeccompNotifResp struct {
	ID    uint64
	Val   int64
	Error int32
	Flags uint32
}

SeccompNotifResp is equivalent to struct seccomp_notif_resp.

+marshal

type SeccompNotifSizes

type SeccompNotifSizes struct {
	Notif      uint16
	Notif_resp uint16
	Data       uint16
}

SeccompNotifSizes is equivalent to struct seccomp_notif_sizes.

+marshal

type SemInfo

type SemInfo struct {
	SemMap uint32
	SemMni uint32
	SemMns uint32
	SemMnu uint32
	SemMsl uint32
	SemOpm uint32
	SemUme uint32
	SemUsz uint32
	SemVmx uint32
	SemAem uint32
}

SemInfo is equivalent to struct seminfo.

Source: include/uapi/linux/sem.h

+marshal

type Sembuf

type Sembuf struct {
	SemNum uint16
	SemOp  int16
	SemFlg int16
}

Sembuf is equivalent to struct sembuf.

+marshal slice:SembufSlice

type SemidDS

type SemidDS struct {
	SemPerm  IPCPerm
	SemOTime TimeT

	SemCTime TimeT

	SemNSems uint64
	// contains filtered or unexported fields
}

SemidDS is equivalent to struct semid64_ds.

Source: arch/x86/include/uapi/asm/sembuf.h

+marshal

type ShmInfo

type ShmInfo struct {
	UsedIDs int32 // Number of currently existing segments.

	ShmTot        uint64 // Total number of shared memory pages.
	ShmRss        uint64 // Number of resident shared memory pages.
	ShmSwp        uint64 // Number of swapped shared memory pages.
	SwapAttempts  uint64 // Unused since Linux 2.4.
	SwapSuccesses uint64 // Unused since Linux 2.4.
	// contains filtered or unexported fields
}

ShmInfo is equivalent to struct shm_info. Source: include/uapi/linux/shm.h

+marshal

type ShmParams

type ShmParams struct {
	ShmMax uint64
	ShmMin uint64
	ShmMni uint64
	ShmSeg uint64
	ShmAll uint64
}

ShmParams is equivalent to struct shminfo. Source: include/uapi/linux/shm.h

+marshal

type ShmidDS

type ShmidDS struct {
	ShmPerm    IPCPerm
	ShmSegsz   uint64
	ShmAtime   TimeT
	ShmDtime   TimeT
	ShmCtime   TimeT
	ShmCpid    int32
	ShmLpid    int32
	ShmNattach uint64

	Unused4 uint64
	Unused5 uint64
}

ShmidDS is equivalent to struct shmid64_ds. Source: include/uapi/asm-generic/shmbuf.h

+marshal

type SigAction

type SigAction struct {
	Handler  uint64
	Flags    uint64
	Restorer uint64
	Mask     SignalSet
}

SigAction represents struct sigaction.

+marshal +stateify savable

type Sigevent

type Sigevent struct {
	Value  uint64 // union sigval {int, void*}
	Signo  int32
	Notify int32

	// struct sigevent here contains 48-byte union _sigev_un. However, only
	// member _tid is significant to the kernel.
	Tid         int32
	UnRemainder [44]byte
}

Sigevent represents struct sigevent.

+marshal

type Signal

type Signal int

Signal is a signal number.

func (Signal) Index

func (s Signal) Index() int

Index returns the index for signal s into arrays of both standard and realtime signals (e.g. signal masks).

Preconditions: s.IsValid().

func (Signal) IsRealtime

func (s Signal) IsRealtime() bool

IsRealtime returns true if s is a realtime signal.

Preconditions: s.IsValid().

func (Signal) IsStandard

func (s Signal) IsStandard() bool

IsStandard returns true if s is a standard signal.

Preconditions: s.IsValid().

func (Signal) IsValid

func (s Signal) IsValid() bool

IsValid returns true if s is a valid standard or realtime signal. (0 is not considered valid; interfaces special-casing signal number 0 should check for 0 first before asserting validity.)

type SignalInfo

type SignalInfo struct {
	Signo int32 // Signal number
	Errno int32 // Errno value
	Code  int32 // Signal code

	// struct siginfo::_sifields is a union. In SignalInfo, fields in the union
	// are accessed through methods.
	//
	// For reference, here is the definition of _sifields: (_sigfault._trapno,
	// which does not exist on x86, omitted for clarity)
	//
	// union {
	// 	int _pad[SI_PAD_SIZE];
	//
	// 	/* kill() */
	// 	struct {
	// 		__kernel_pid_t _pid;	/* sender's pid */
	// 		__ARCH_SI_UID_T _uid;	/* sender's uid */
	// 	} _kill;
	//
	// 	/* POSIX.1b timers */
	// 	struct {
	// 		__kernel_timer_t _tid;	/* timer id */
	// 		int _overrun;		/* overrun count */
	// 		char _pad[sizeof( __ARCH_SI_UID_T) - sizeof(int)];
	// 		sigval_t _sigval;	/* same as below */
	// 		int _sys_private;       /* not to be passed to user */
	// 	} _timer;
	//
	// 	/* POSIX.1b signals */
	// 	struct {
	// 		__kernel_pid_t _pid;	/* sender's pid */
	// 		__ARCH_SI_UID_T _uid;	/* sender's uid */
	// 		sigval_t _sigval;
	// 	} _rt;
	//
	// 	/* SIGCHLD */
	// 	struct {
	// 		__kernel_pid_t _pid;	/* which child */
	// 		__ARCH_SI_UID_T _uid;	/* sender's uid */
	// 		int _status;		/* exit code */
	// 		__ARCH_SI_CLOCK_T _utime;
	// 		__ARCH_SI_CLOCK_T _stime;
	// 	} _sigchld;
	//
	// 	/* SIGILL, SIGFPE, SIGSEGV, SIGBUS */
	// 	struct {
	// 		void *_addr; /* faulting insn/memory ref. */
	// 		short _addr_lsb; /* LSB of the reported address */
	// 	} _sigfault;
	//
	// 	/* SIGPOLL */
	// 	struct {
	// 		__ARCH_SI_BAND_T _band;	/* POLL_IN, POLL_OUT, POLL_MSG */
	// 		int _fd;
	// 	} _sigpoll;
	//
	// 	/* SIGSYS */
	// 	struct {
	// 		void *_call_addr; /* calling user insn */
	// 		int _syscall;	/* triggering system call number */
	// 		unsigned int _arch;	/* AUDIT_ARCH_* of syscall */
	// 	} _sigsys;
	// } _sifields;
	//
	// _sifields is padded so that the size of siginfo is SI_MAX_SIZE = 128
	// bytes.
	Fields [128 - 16]byte
	// contains filtered or unexported fields
}

SignalInfo represents information about a signal being delivered, and is equivalent to struct siginfo in linux kernel(linux/include/uapi/asm-generic/siginfo.h).

+marshal +stateify savable

func (*SignalInfo) Addr

func (s *SignalInfo) Addr() uint64

Addr returns the si_addr field.

func (*SignalInfo) Arch

func (s *SignalInfo) Arch() uint32

Arch returns the si_arch field.

func (*SignalInfo) Band

func (s *SignalInfo) Band() int64

Band returns the si_band field.

func (*SignalInfo) CallAddr

func (s *SignalInfo) CallAddr() uint64

CallAddr returns the si_call_addr field.

func (*SignalInfo) FD

func (s *SignalInfo) FD() uint32

FD returns the si_fd field.

func (*SignalInfo) FixSignalCodeForUser

func (s *SignalInfo) FixSignalCodeForUser()

FixSignalCodeForUser fixes up si_code.

The si_code we get from Linux may contain the kernel-specific code in the top 16 bits if it's positive (e.g., from ptrace). Linux's copy_siginfo_to_user does: err |= __put_user((short)from->si_code, &to->si_code); to mask out those bits and we need to do the same.

func (*SignalInfo) Overrun

func (s *SignalInfo) Overrun() int32

Overrun returns the si_overrun field.

func (*SignalInfo) PID

func (s *SignalInfo) PID() int32

PID returns the si_pid field.

func (*SignalInfo) SetAddr

func (s *SignalInfo) SetAddr(val uint64)

SetAddr sets the si_addr field.

func (*SignalInfo) SetArch

func (s *SignalInfo) SetArch(val uint32)

SetArch mutates the si_arch field.

func (*SignalInfo) SetBand

func (s *SignalInfo) SetBand(val int64)

SetBand mutates the si_band field.

func (*SignalInfo) SetCallAddr

func (s *SignalInfo) SetCallAddr(val uint64)

SetCallAddr mutates the si_call_addr field.

func (*SignalInfo) SetFD

func (s *SignalInfo) SetFD(val uint32)

SetFD mutates the si_fd field.

func (*SignalInfo) SetOverrun

func (s *SignalInfo) SetOverrun(val int32)

SetOverrun sets the si_overrun field.

func (*SignalInfo) SetPID

func (s *SignalInfo) SetPID(val int32)

SetPID mutates the si_pid field.

func (*SignalInfo) SetSigval

func (s *SignalInfo) SetSigval(val uint64)

SetSigval mutates the sigval field.

func (*SignalInfo) SetStatus

func (s *SignalInfo) SetStatus(val int32)

SetStatus mutates the si_status field.

func (*SignalInfo) SetSyscall

func (s *SignalInfo) SetSyscall(val int32)

SetSyscall mutates the si_syscall field.

func (*SignalInfo) SetTimerID

func (s *SignalInfo) SetTimerID(val TimerID)

SetTimerID sets the si_timerid field.

func (*SignalInfo) SetUID

func (s *SignalInfo) SetUID(val int32)

SetUID mutates the si_uid field.

func (*SignalInfo) Sigval

func (s *SignalInfo) Sigval() uint64

Sigval returns the sigval field, which is aliased to both si_int and si_ptr.

func (*SignalInfo) Status

func (s *SignalInfo) Status() int32

Status returns the si_status field.

func (*SignalInfo) Syscall

func (s *SignalInfo) Syscall() int32

Syscall returns the si_syscall field.

func (*SignalInfo) TimerID

func (s *SignalInfo) TimerID() TimerID

TimerID returns the si_timerid field.

func (*SignalInfo) UID

func (s *SignalInfo) UID() int32

UID returns the si_uid field.

type SignalSet

type SignalSet uint64

SignalSet is a signal mask with a bit corresponding to each signal.

+marshal

func MakeSignalSet

func MakeSignalSet(sigs ...Signal) SignalSet

MakeSignalSet returns SignalSet with the bit corresponding to each of the given signals set.

func SignalSetOf

func SignalSetOf(sig Signal) SignalSet

SignalSetOf returns a SignalSet with a single signal set.

type SignalStack

type SignalStack struct {
	Addr  uint64
	Flags uint32

	Size uint64
	// contains filtered or unexported fields
}

SignalStack represents information about a user stack, and is equivalent to stack_t.

+marshal +stateify savable

func (*SignalStack) Contains

func (s *SignalStack) Contains(sp hostarch.Addr) bool

Contains checks if the stack pointer is within this stack.

func (*SignalStack) IsEnabled

func (s *SignalStack) IsEnabled() bool

IsEnabled returns true iff this signal stack is marked as enabled.

func (*SignalStack) Top

func (s *SignalStack) Top() hostarch.Addr

Top returns the stack's top address.

type SignalfdSiginfo

type SignalfdSiginfo struct {
	Signo   uint32
	Errno   int32
	Code    int32
	PID     uint32
	UID     uint32
	FD      int32
	TID     uint32
	Band    uint32
	Overrun uint32
	TrapNo  uint32
	Status  int32
	Int     int32
	Ptr     uint64
	UTime   uint64
	STime   uint64
	Addr    uint64
	AddrLSB uint16
	// contains filtered or unexported fields
}

SignalfdSiginfo is the siginfo encoding for signalfds.

+marshal

type SockAddr

type SockAddr interface {
	marshal.Marshallable
	// contains filtered or unexported methods
}

SockAddr represents a union of valid socket address types. This is logically equivalent to struct sockaddr. SockAddr ensures that a well-defined set of types can be used as socket addresses.

type SockAddrInet

type SockAddrInet struct {
	Family uint16
	Port   uint16
	Addr   InetAddr
	// contains filtered or unexported fields
}

SockAddrInet is struct sockaddr_in, from uapi/linux/in.h.

+marshal

type SockAddrInet6

type SockAddrInet6 struct {
	Family   uint16
	Port     uint16
	Flowinfo uint32
	Addr     [16]byte
	Scope_id uint32
}

SockAddrInet6 is struct sockaddr_in6, from uapi/linux/in6.h.

+marshal

type SockAddrLink struct {
	Family          uint16
	Protocol        uint16
	InterfaceIndex  int32
	ARPHardwareType uint16
	PacketType      byte
	HardwareAddrLen byte
	HardwareAddr    [8]byte
}

SockAddrLink is a struct sockaddr_ll, from uapi/linux/if_packet.h.

+marshal

type SockAddrNetlink struct {
	Family uint16

	PortID uint32
	Groups uint32
	// contains filtered or unexported fields
}

SockAddrNetlink is struct sockaddr_nl, from uapi/linux/netlink.h.

+marshal

type SockAddrUnix

type SockAddrUnix struct {
	Family uint16
	Path   [UnixPathMax]int8
}

SockAddrUnix is struct sockaddr_un, from uapi/linux/un.h.

+marshal

type SockErrCMsg

type SockErrCMsg interface {
	marshal.Marshallable

	CMsgLevel() uint32
	CMsgType() uint32
}

SockErrCMsg represents the IP*_RECVERR control message.

type SockErrCMsgIPv4

type SockErrCMsgIPv4 struct {
	SockExtendedErr
	Offender SockAddrInet
}

SockErrCMsgIPv4 is the IP_RECVERR control message used in recvmsg(MSG_ERRQUEUE) by ipv4 sockets. This is equilavent to `struct errhdr` defined in net/ipv4/ip_sockglue.c:ip_recv_error().

+marshal

func (*SockErrCMsgIPv4) CMsgLevel

func (*SockErrCMsgIPv4) CMsgLevel() uint32

CMsgLevel implements SockErrCMsg.CMsgLevel.

func (*SockErrCMsgIPv4) CMsgType

func (*SockErrCMsgIPv4) CMsgType() uint32

CMsgType implements SockErrCMsg.CMsgType.

type SockErrCMsgIPv6

type SockErrCMsgIPv6 struct {
	SockExtendedErr
	Offender SockAddrInet6
}

SockErrCMsgIPv6 is the IPV6_RECVERR control message used in recvmsg(MSG_ERRQUEUE) by ipv6 sockets. This is equilavent to `struct errhdr` defined in net/ipv6/datagram.c:ipv6_recv_error().

+marshal

func (*SockErrCMsgIPv6) CMsgLevel

func (*SockErrCMsgIPv6) CMsgLevel() uint32

CMsgLevel implements SockErrCMsg.CMsgLevel.

func (*SockErrCMsgIPv6) CMsgType

func (*SockErrCMsgIPv6) CMsgType() uint32

CMsgType implements SockErrCMsg.CMsgType.

type SockExtendedErr

type SockExtendedErr struct {
	Errno  uint32
	Origin uint8
	Type   uint8
	Code   uint8
	Pad    uint8
	Info   uint32
	Data   uint32
}

SockExtendedErr represents struct sock_extended_err in Linux defined in include/uapi/linux/errqueue.h.

+marshal

type SockFprog

type SockFprog struct {
	Len uint16

	Filter *BPFInstruction
	// contains filtered or unexported fields
}

SockFprog is sock_fprog taken from <linux/filter.h>.

type SockType

type SockType int

A SockType is a type (as opposed to family) of sockets. These are enumerated below as SOCK_* constants.

const (
	SOCK_STREAM    SockType = 1
	SOCK_DGRAM     SockType = 2
	SOCK_RAW       SockType = 3
	SOCK_RDM       SockType = 4
	SOCK_SEQPACKET SockType = 5
	SOCK_DCCP      SockType = 6
	SOCK_PACKET    SockType = 10
)

Socket types, from linux/net.h.

type Stat

type Stat struct {
	Dev   uint64
	Ino   uint64
	Nlink uint64
	Mode  uint32
	UID   uint32
	GID   uint32

	Rdev    uint64
	Size    int64
	Blksize int64
	Blocks  int64
	ATime   Timespec
	MTime   Timespec
	CTime   Timespec
	// contains filtered or unexported fields
}

Stat represents struct stat.

+marshal

type Statfs

type Statfs struct {
	// Type is one of the filesystem magic values, defined above.
	Type uint64

	// BlockSize is the optimal transfer block size in bytes.
	BlockSize int64

	// Blocks is the maximum number of data blocks the filesystem may store, in
	// units of BlockSize.
	Blocks uint64

	// BlocksFree is the number of free data blocks, in units of BlockSize.
	BlocksFree uint64

	// BlocksAvailable is the number of data blocks free for use by
	// unprivileged users, in units of BlockSize.
	BlocksAvailable uint64

	// Files is the number of used file nodes on the filesystem.
	Files uint64

	// FileFress is the number of free file nodes on the filesystem.
	FilesFree uint64

	// FSID is the filesystem ID.
	FSID [2]int32

	// NameLength is the maximum file name length.
	NameLength uint64

	// FragmentSize is equivalent to BlockSize.
	FragmentSize int64

	// Flags is the set of filesystem mount flags.
	Flags uint64

	// Spare is unused.
	Spare [4]uint64
}

Statfs is struct statfs, from uapi/asm-generic/statfs.h.

+marshal

type Statx

type Statx struct {
	Mask       uint32
	Blksize    uint32
	Attributes uint64
	Nlink      uint32
	UID        uint32
	GID        uint32
	Mode       uint16

	Ino            uint64
	Size           uint64
	Blocks         uint64
	AttributesMask uint64
	Atime          StatxTimestamp
	Btime          StatxTimestamp
	Ctime          StatxTimestamp
	Mtime          StatxTimestamp
	RdevMajor      uint32
	RdevMinor      uint32
	DevMajor       uint32
	DevMinor       uint32
	// contains filtered or unexported fields
}

Statx represents struct statx.

+marshal boundCheck slice:StatxSlice

func (*Statx) String

func (s *Statx) String() string

String implements fmt.Stringer.String.

type StatxTimestamp

type StatxTimestamp struct {
	Sec  int64
	Nsec uint32
	// contains filtered or unexported fields
}

StatxTimestamp represents struct statx_timestamp.

+marshal

func NsecToStatxTimestamp

func NsecToStatxTimestamp(nsec int64) (ts StatxTimestamp)

NsecToStatxTimestamp translates nanoseconds to StatxTimestamp.

func (StatxTimestamp) ToNsec

func (sxts StatxTimestamp) ToNsec() int64

ToNsec returns the nanosecond representation.

func (StatxTimestamp) ToNsecCapped

func (sxts StatxTimestamp) ToNsecCapped() int64

ToNsecCapped returns the safe nanosecond representation.

func (StatxTimestamp) ToTime

func (sxts StatxTimestamp) ToTime() time.Time

ToTime returns the Go time.Time representation.

type Sysinfo

type Sysinfo struct {
	Uptime    int64
	Loads     [3]uint64
	TotalRAM  uint64
	FreeRAM   uint64
	SharedRAM uint64
	BufferRAM uint64
	TotalSwap uint64
	FreeSwap  uint64
	Procs     uint16

	TotalHigh uint64
	FreeHigh  uint64
	Unit      uint32 `marshal:"unaligned"` // Struct ends mid-64-bit-word.
	// contains filtered or unexported fields
}

Sysinfo is the structure provided by sysinfo on linux versions > 2.3.48.

+marshal

type TCPInfo

type TCPInfo struct {
	// State is the state of the connection.
	State uint8

	// CaState is the congestion control state.
	CaState uint8

	// Retransmits is the number of retransmissions triggered by RTO.
	Retransmits uint8

	// Probes is the number of unanswered zero window probes.
	Probes uint8

	// BackOff indicates exponential backoff.
	Backoff uint8

	// Options indicates the options enabled for the connection.
	Options uint8

	// WindowScale is the combination of snd_wscale (first 4 bits) and
	// rcv_wscale (second 4 bits)
	WindowScale uint8

	// DeliveryRateAppLimited is a boolean and only the first bit is
	// meaningful.
	DeliveryRateAppLimited uint8

	// RTO is the retransmission timeout.
	RTO uint32

	// ATO is the acknowledgement timeout interval.
	ATO uint32

	// SndMss is the send maximum segment size.
	SndMss uint32

	// RcvMss is the receive maximum segment size.
	RcvMss uint32

	// Unacked is the number of packets sent but not acknowledged.
	Unacked uint32

	// Sacked is the number of packets which are selectively acknowledged.
	Sacked uint32

	// Lost is the number of packets marked as lost.
	Lost uint32

	// Retrans is the number of retransmitted packets.
	Retrans uint32

	// Fackets is not used and is always zero.
	Fackets uint32

	// Times.
	LastDataSent uint32
	LastAckSent  uint32
	LastDataRecv uint32
	LastAckRecv  uint32

	// Metrics.
	PMTU        uint32
	RcvSsthresh uint32
	RTT         uint32
	RTTVar      uint32
	SndSsthresh uint32
	SndCwnd     uint32
	Advmss      uint32
	Reordering  uint32

	// RcvRTT is the receiver round trip time.
	RcvRTT uint32

	// RcvSpace is the current buffer space available for receiving data.
	RcvSpace uint32

	// TotalRetrans is the total number of retransmits seen since the start
	// of the connection.
	TotalRetrans uint32

	// PacingRate is the pacing rate in bytes per second.
	PacingRate uint64

	// MaxPacingRate is the maximum pacing rate.
	MaxPacingRate uint64

	// BytesAcked is RFC4898 tcpEStatsAppHCThruOctetsAcked.
	BytesAcked uint64

	// BytesReceived is RFC4898 tcpEStatsAppHCThruOctetsReceived.
	BytesReceived uint64

	// SegsOut is RFC4898 tcpEStatsPerfSegsOut.
	SegsOut uint32

	// SegsIn is RFC4898 tcpEStatsPerfSegsIn.
	SegsIn uint32

	// NotSentBytes is the amount of bytes in the write queue that are not
	// yet sent.
	NotSentBytes uint32

	// MinRTT is the minimum round trip time seen in the connection.
	MinRTT uint32

	// DataSegsIn is RFC4898 tcpEStatsDataSegsIn.
	DataSegsIn uint32

	// DataSegsOut is RFC4898 tcpEStatsDataSegsOut.
	DataSegsOut uint32

	// DeliveryRate is the most recent delivery rate in bytes per second.
	DeliveryRate uint64

	// BusyTime is the time in microseconds busy sending data.
	BusyTime uint64

	// RwndLimited is the time in microseconds limited by receive window.
	RwndLimited uint64

	// SndBufLimited is the time in microseconds limited by send buffer.
	SndBufLimited uint64

	// Delivered is the total data packets delivered including retransmits.
	Delivered uint32

	// DeliveredCE is the total ECE marked data packets delivered including
	// retransmits.
	DeliveredCE uint32

	// BytesSent is RFC4898 tcpEStatsPerfHCDataOctetsOut.
	BytesSent uint64

	// BytesRetrans is RFC4898 tcpEStatsPerfOctetsRetrans.
	BytesRetrans uint64

	// DSACKDups is RFC4898 tcpEStatsStackDSACKDups.
	DSACKDups uint32

	// ReordSeen is the number of reordering events seen since the start of
	// the connection.
	ReordSeen uint32
}

TCPInfo is a collection of TCP statistics.

From uapi/linux/tcp.h. Newer versions of Linux continue to add new fields to the end of this struct or within existing unused space, so its size grows over time. The current iteration is based on linux v4.17. New versions are always backwards compatible.

+marshal

type TableName

type TableName [XT_TABLE_MAXNAMELEN]byte

TableName holds the name of a netfilter table.

+marshal

func (TableName) String

func (tn TableName) String() string

String implements fmt.Stringer.

type Termios

type Termios struct {
	InputFlags        uint32
	OutputFlags       uint32
	ControlFlags      uint32
	LocalFlags        uint32
	LineDiscipline    uint8
	ControlCharacters [NumControlCharacters]uint8
}

Termios is struct termios, defined in uapi/asm-generic/termbits.h.

+marshal

type TimeT

type TimeT int64

TimeT represents time_t in <time.h>. It represents time in seconds.

+marshal

func NsecToTimeT

func NsecToTimeT(nsec int64) TimeT

NsecToTimeT translates nanoseconds to TimeT (seconds).

type TimerID

type TimerID int32

TimerID represents type timer_t, which identifies a POSIX per-process interval timer.

+marshal

type Timespec

type Timespec struct {
	Sec  int64
	Nsec int64
}

Timespec represents struct timespec in <time.h>.

+marshal slice:TimespecSlice

func DurationToTimespec

func DurationToTimespec(dur time.Duration) Timespec

DurationToTimespec translates time.Duration to Timespec.

func NsecToTimespec

func NsecToTimespec(nsec int64) (ts Timespec)

NsecToTimespec translates nanoseconds to Timespec.

func (Timespec) ToDuration

func (ts Timespec) ToDuration() time.Duration

ToDuration returns the safe nanosecond representation as time.Duration.

func (Timespec) ToNsec

func (ts Timespec) ToNsec() int64

ToNsec returns the nanosecond representation.

func (Timespec) ToNsecCapped

func (ts Timespec) ToNsecCapped() int64

ToNsecCapped returns the safe nanosecond representation.

func (Timespec) ToTime

func (ts Timespec) ToTime() time.Time

ToTime returns the Go time.Time representation.

func (Timespec) Unix

func (ts Timespec) Unix() (sec int64, nsec int64)

Unix returns the second and nanosecond.

func (Timespec) Valid

func (ts Timespec) Valid() bool

Valid returns whether the timespec contains valid values.

type Timeval

type Timeval struct {
	Sec  int64
	Usec int64
}

Timeval represents struct timeval in <time.h>.

+marshal slice:TimevalSlice

func DurationToTimeval

func DurationToTimeval(dur time.Duration) Timeval

DurationToTimeval translates time.Duration to Timeval.

func NsecToTimeval

func NsecToTimeval(nsec int64) (tv Timeval)

NsecToTimeval translates nanosecond to Timeval.

func (Timeval) ToDuration

func (tv Timeval) ToDuration() time.Duration

ToDuration returns the safe nanosecond representation as a time.Duration.

func (Timeval) ToNsecCapped

func (tv Timeval) ToNsecCapped() int64

ToNsecCapped returns the safe nanosecond representation.

func (Timeval) ToTime

func (tv Timeval) ToTime() time.Time

ToTime returns the Go time.Time representation.

type Tms

type Tms struct {
	UTime  ClockT
	STime  ClockT
	CUTime ClockT
	CSTime ClockT
}

Tms represents struct tms, used by times(2).

+marshal

type Utime

type Utime struct {
	Actime  int64
	Modtime int64
}

Utime represents struct utimbuf used by utimes(2).

+marshal

type UtsName

type UtsName struct {
	Sysname    [UTSLen + 1]byte
	Nodename   [UTSLen + 1]byte
	Release    [UTSLen + 1]byte
	Version    [UTSLen + 1]byte
	Machine    [UTSLen + 1]byte
	Domainname [UTSLen + 1]byte
}

UtsName represents struct utsname, the struct returned by uname(2).

+marshal

func (UtsName) String

func (u UtsName) String() string

type VFIODeviceInfo

type VFIODeviceInfo struct {
	Argsz uint32
	Flags uint32
	// The total amount of regions.
	NumRegions uint32
	// The maximum number of IRQ.
	NumIrqs uint32
	// Offset within info struct of first cap.
	CapOffset uint32
	// contains filtered or unexported fields
}

VFIODeviceInfo is analogous to vfio_device_info from include/uapi/linux/vfio.h.

+marshal

type VFIOIommuType1DmaMap

type VFIOIommuType1DmaMap struct {
	Argsz uint32
	Flags uint32
	// Process virtual address.
	Vaddr uint64
	// IO virtual address.
	IOVa uint64
	// Size of mapping in bytes.
	Size uint64
}

VFIOIommuType1DmaMap is analogous to vfio_iommu_type1_dma_map from include/uapi/linux/vfio.h.

+marshal

type VFIOIommuType1DmaUnmap

type VFIOIommuType1DmaUnmap struct {
	Argsz uint32
	Flags uint32
	// IO virtual address.
	IOVa uint64
	// Size of mapping in bytes.
	Size uint64
}

VFIOIommuType1DmaUnmap is analogous to vfio_iommu_type1_dma_unmap from include/uapi/linux/vfio.h.

+marshal

type VFIOIrqInfo

type VFIOIrqInfo struct {
	Argsz uint32
	Flags uint32
	Index uint32
	Count uint32
}

VFIOIrqInfo is analogous to vfio_irq_info from include/uapi/linux/vfio.h.

+marshal

type VFIOIrqSet

type VFIOIrqSet struct {
	Argsz uint32
	Flags uint32
	Index uint32
	Start uint32
	Count uint32
}

VFIOIrqSet is analogous to vfio_irq_set from include/uapi/linux/vfio.h. The last field `data` from vfio_irq_set is omitted which is an flexible array member. It will be handled separately.

+marshal

func (VFIOIrqSet) Size

func (vfioIrqSet VFIOIrqSet) Size() uint64

Size returns the number of bytes for a VFIOIrqSet object.

type VFIORegionInfo

type VFIORegionInfo struct {
	Argsz uint32
	Flags uint32
	Index uint32

	// Region size in bytes.
	Size uint64
	// Region offset from start of device fd.
	Offset uint64
	// contains filtered or unexported fields
}

VFIORegionInfo is analogous to vfio_region_info from include/uapi/linux/vfio.h.

+marshal

type WaitStatus

type WaitStatus uint32

WaitStatus represents a thread status, as returned by the wait* family of syscalls.

func WaitStatusContinued

func WaitStatusContinued() WaitStatus

WaitStatusContinued returns a WaitStatus representing continuation by SIGCONT.

func WaitStatusExit

func WaitStatusExit(status int32) WaitStatus

WaitStatusExit returns a WaitStatus representing the given exit status.

func WaitStatusStopped

func WaitStatusStopped(code uint32) WaitStatus

WaitStatusStopped returns a WaitStatus representing stoppage by the given signal or ptrace trap code.

func WaitStatusTerminationSignal

func WaitStatusTerminationSignal(sig Signal) WaitStatus

WaitStatusTerminationSignal returns a WaitStatus representing termination by the given signal.

func (WaitStatus) Continued

func (ws WaitStatus) Continued() bool

Continued returns true if ws represents a continuation by SIGCONT, consistent with WIFCONTINUED.

func (WaitStatus) CoreDumped

func (ws WaitStatus) CoreDumped() bool

CoreDumped returns true if ws indicates that a core dump was produced, consistent with WCOREDUMP.

Preconditions: ws.Signaled().

func (WaitStatus) ExitStatus

func (ws WaitStatus) ExitStatus() uint32

ExitStatus returns the lower 8 bits of the exit status represented by ws, consistent with WEXITSTATUS.

Preconditions: ws.Exited().

func (WaitStatus) Exited

func (ws WaitStatus) Exited() bool

Exited returns true if ws represents an exit status, consistent with WIFEXITED.

func (WaitStatus) PtraceEvent

func (ws WaitStatus) PtraceEvent() uint32

PtraceEvent returns the PTRACE_EVENT_* field in ws.

Preconditions: ws.Stopped().

func (WaitStatus) Signaled

func (ws WaitStatus) Signaled() bool

Signaled returns true if ws represents a termination by signal, consistent with WIFSIGNALED.

func (WaitStatus) StopSignal

func (ws WaitStatus) StopSignal() Signal

StopSignal returns the stop signal represented by ws, consistent with WSTOPSIG.

Preconditions: ws.Stopped().

func (WaitStatus) Stopped

func (ws WaitStatus) Stopped() bool

Stopped returns true if ws represents a stoppage, consistent with WIFSTOPPED.

func (WaitStatus) String

func (ws WaitStatus) String() string

String implements fmt.Stringer.String.

func (WaitStatus) TerminationSignal

func (ws WaitStatus) TerminationSignal() Signal

TerminationSignal returns the termination signal represented by ws, consistent with WTERMSIG.

Preconditions: ws.Signaled().

func (WaitStatus) WithCoreDump

func (ws WaitStatus) WithCoreDump() WaitStatus

WithCoreDump returns a copy of ws that indicates that a core dump was generated.

Preconditions: ws.Signaled().

type WindowSize

type WindowSize struct {
	Rows uint16
	Cols uint16
	// contains filtered or unexported fields
}

WindowSize corresponds to struct winsize defined in include/uapi/asm-generic/termios.h.

+stateify savable +marshal

type Winsize

type Winsize struct {
	Row    uint16
	Col    uint16
	Xpixel uint16
	Ypixel uint16
}

Winsize is struct winsize, defined in uapi/asm-generic/termios.h.

+marshal

type XTCounters

type XTCounters struct {
	// Pcnt is the packet count.
	Pcnt uint64

	// Bcnt is the byte count.
	Bcnt uint64
}

XTCounters holds packet and byte counts for a rule. It corresponds to struct xt_counters in include/uapi/linux/netfilter/x_tables.h.

+marshal

type XTEntryMatch

type XTEntryMatch struct {
	MatchSize uint16
	Name      ExtensionName
	Revision  uint8
}

XTEntryMatch holds a match for a rule. For example, a user using the addrtype iptables match extension would put the data for that match into an XTEntryMatch. iptables-extensions(8) has a list of possible matches.

XTEntryMatch corresponds to struct xt_entry_match in include/uapi/linux/netfilter/x_tables.h. That struct contains a union exposing different data to the user and kernel, but this struct holds only the user data.

+marshal

type XTEntryTarget

type XTEntryTarget struct {
	TargetSize uint16
	Name       ExtensionName
	Revision   uint8
}

XTEntryTarget holds a target for a rule. For example, it can specify that packets matching the rule should DROP, ACCEPT, or use an extension target. iptables-extension(8) has a list of possible targets.

XTEntryTarget corresponds to struct xt_entry_target in include/uapi/linux/netfilter/x_tables.h. That struct contains a union exposing different data to the user and kernel, but this struct holds only the user data.

+marshal

type XTErrorTarget

type XTErrorTarget struct {
	Target XTEntryTarget
	Name   ErrorName
	// contains filtered or unexported fields
}

XTErrorTarget triggers an error when reached. It is also used to mark the beginning of user-defined chains by putting the name of the chain in ErrorName. It corresponds to struct xt_error_target in include/uapi/linux/netfilter/x_tables.h.

+marshal

type XTGetRevision

type XTGetRevision struct {
	Name     ExtensionName
	Revision uint8
}

XTGetRevision corresponds to xt_get_revision in include/uapi/linux/netfilter/x_tables.h

+marshal

type XTNATTargetV0

type XTNATTargetV0 struct {
	Target  XTEntryTarget
	NfRange NfNATIPV4MultiRangeCompat
	// contains filtered or unexported fields
}

XTNATTargetV0 triggers NAT when reached. Adding 4 bytes of padding to make the struct 8 byte aligned.

+marshal

type XTNATTargetV1

type XTNATTargetV1 struct {
	Target XTEntryTarget
	Range  NFNATRange
}

XTNATTargetV1 triggers NAT when reached.

+marshal

type XTNATTargetV2

type XTNATTargetV2 struct {
	Target XTEntryTarget
	Range  NFNATRange2
}

XTNATTargetV2 triggers NAT when reached.

+marshal

type XTOwnerMatchInfo

type XTOwnerMatchInfo struct {
	UIDMin uint32
	UIDMax uint32
	GIDMin uint32
	GIDMax uint32
	Match  uint8
	Invert uint8
	// contains filtered or unexported fields
}

XTOwnerMatchInfo holds data for matching packets with the owner v1 matcher. It corresponds to struct xt_owner_match_info in include/uapi/linux/netfilter/xt_owner.h

+marshal

type XTRedirectTarget

type XTRedirectTarget struct {
	Target  XTEntryTarget
	NfRange NfNATIPV4MultiRangeCompat
	// contains filtered or unexported fields
}

XTRedirectTarget triggers a redirect when reached. Adding 4 bytes of padding to make the struct 8 byte aligned.

+marshal

type XTStandardTarget

type XTStandardTarget struct {
	Target XTEntryTarget
	// A positive verdict indicates a jump, and is the offset from the
	// start of the table to jump to. A negative value means one of the
	// other built-in targets.
	Verdict int32
	// contains filtered or unexported fields
}

XTStandardTarget is a built-in target, one of ACCEPT, DROP, JUMP, QUEUE, RETURN, or jump. It corresponds to struct xt_standard_target in include/uapi/linux/netfilter/x_tables.h.

+marshal

type XTTCP

type XTTCP struct {
	// SourcePortStart specifies the inclusive start of the range of source
	// ports to which the matcher applies.
	SourcePortStart uint16

	// SourcePortEnd specifies the inclusive end of the range of source ports
	// to which the matcher applies.
	SourcePortEnd uint16

	// DestinationPortStart specifies the start of the destination port
	// range to which the matcher applies.
	DestinationPortStart uint16

	// DestinationPortEnd specifies the end of the destination port
	// range to which the matcher applies.
	DestinationPortEnd uint16

	// Option specifies that a particular TCP option must be set.
	Option uint8

	// FlagMask masks TCP flags when comparing to the FlagCompare byte. It allows
	// for specification of which flags are important to the matcher.
	FlagMask uint8

	// FlagCompare, in combination with FlagMask, is used to match only packets
	// that have certain flags set.
	FlagCompare uint8

	// InverseFlags flips the meaning of certain fields. See the
	// TX_TCP_INV_* flags.
	InverseFlags uint8
}

XTTCP holds data for matching TCP packets. It corresponds to struct xt_tcp in include/uapi/linux/netfilter/xt_tcpudp.h.

+marshal

type XTUDP

type XTUDP struct {
	// SourcePortStart is the inclusive start of the range of source ports
	// to which the matcher applies.
	SourcePortStart uint16

	// SourcePortEnd is the inclusive end of the range of source ports to
	// which the matcher applies.
	SourcePortEnd uint16

	// DestinationPortStart is the inclusive start of the destination port
	// range to which the matcher applies.
	DestinationPortStart uint16

	// DestinationPortEnd is the inclusive end of the destination port
	// range to which the matcher applies.
	DestinationPortEnd uint16

	// InverseFlags flips the meaning of certain fields. See the
	// TX_UDP_INV_* flags.
	InverseFlags uint8
	// contains filtered or unexported fields
}

XTUDP holds data for matching UDP packets. It corresponds to struct xt_udp in include/uapi/linux/netfilter/xt_tcpudp.h.

+marshal

Directories

Path Synopsis
Package errno holds errno codes for abi/linux.
Package errno holds errno codes for abi/linux.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL