/
probe.go
95 lines (79 loc) · 2.46 KB
/
probe.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
// SPDX-License-Identifier: Apache-2.0
// Copyright 2019 Authors of Cilium
package probe
import (
"errors"
"fmt"
"sync"
"unsafe"
"github.com/cilium/cilium/pkg/bpf"
"golang.org/x/sys/unix"
)
type probeKey struct {
Prefixlen uint32
Key uint32
}
type probeValue struct {
Value uint32
}
var (
haveFullLPMOnce sync.Once
haveFullLPM bool
)
func (p *probeKey) String() string { return fmt.Sprintf("key=%d", p.Key) }
func (p *probeKey) GetKeyPtr() unsafe.Pointer { return unsafe.Pointer(p) }
func (p *probeKey) NewValue() bpf.MapValue { return &probeValue{} }
func (p *probeKey) DeepCopyMapKey() bpf.MapKey { return &probeKey{p.Prefixlen, p.Key} }
func (p *probeValue) String() string { return fmt.Sprintf("value=%d", p.Value) }
func (p *probeValue) GetValuePtr() unsafe.Pointer { return unsafe.Pointer(p) }
func (p *probeValue) DeepCopyMapValue() bpf.MapValue { return &probeValue{p.Value} }
// HaveFullLPM tests whether kernel supports fully functioning BPF LPM map
// with proper bpf.GetNextKey() traversal. Needs 4.16 or higher.
func HaveFullLPM() bool {
haveFullLPMOnce.Do(func() {
var oldLim unix.Rlimit
tmpLim := unix.Rlimit{
Cur: unix.RLIM_INFINITY,
Max: unix.RLIM_INFINITY,
}
if err := unix.Getrlimit(unix.RLIMIT_MEMLOCK, &oldLim); err != nil {
return
}
// Otherwise opening the map might fail with EPERM
if err := unix.Setrlimit(unix.RLIMIT_MEMLOCK, &tmpLim); err != nil {
return
}
defer unix.Setrlimit(unix.RLIMIT_MEMLOCK, &oldLim)
m := bpf.NewMap("cilium_test", bpf.MapTypeLPMTrie,
&probeKey{}, int(unsafe.Sizeof(probeKey{})),
&probeValue{}, int(unsafe.Sizeof(probeValue{})),
1, bpf.BPF_F_NO_PREALLOC, 0, bpf.ConvertKeyValue).WithCache()
err := m.CreateUnpinned()
defer m.Close()
if err != nil {
return
}
err = bpf.UpdateElement(m.GetFd(), m.Name(), unsafe.Pointer(&probeKey{}),
unsafe.Pointer(&probeValue{}), bpf.BPF_ANY)
if err != nil {
return
}
err = bpf.GetNextKey(m.GetFd(), nil, unsafe.Pointer(&probeKey{}))
if err != nil {
return
}
haveFullLPM = true
})
return haveFullLPM
}
// HaveIPv6Support tests whether kernel can open an IPv6 socket. This will
// also implicitly auto-load IPv6 kernel module if available and not yet
// loaded.
func HaveIPv6Support() bool {
fd, err := unix.Socket(unix.AF_INET6, unix.SOCK_STREAM, 0)
if errors.Is(err, unix.EAFNOSUPPORT) || errors.Is(err, unix.EPROTONOSUPPORT) {
return false
}
unix.Close(fd)
return true
}