From 0acd95c6c83cabeff32e94594cd4b7de6e7df4a2 Mon Sep 17 00:00:00 2001
From: Lorenz Bauer <lmb@isovalent.com>
Date: Thu, 9 Nov 2023 16:39:57 +0000
Subject: [PATCH] elf: generate ELF section patterns from libbpf

We've historically relied on manually pulling in updated ELF
section names from libbpf. This has led to errors creeping in as
well as being constantly out of sync.

Fix this by using a small awk script to pull the section
definitions out of libbpf.c. We already rely on awk to update
function names in the awk package so this isn't a new requirement.

It turns out that we've strayed from libbpf in a couple of places.
This commit adds compatibility behaviour to avoid outward visible
changes for the section names we have tests for.

The old generate-btf target is repurposed to do the generation
and therefore renamed to update-kernel-deps.

Fixes https://github.com/cilium/ebpf/issues/1162

Signed-off-by: Lorenz Bauer <lmb@isovalent.com>
---
 Makefile                     |   8 +-
 attachtype_string.go         |  10 +-
 btf/core_test.go             |   2 +-
 btf/testdata/relocs-eb.elf   | Bin 15560 -> 15440 bytes
 btf/testdata/relocs-el.elf   | Bin 15560 -> 15440 bytes
 btf/testdata/relocs.c        |  12 +-
 elf_reader.go                | 180 +++++++++++----------
 elf_reader_test.go           | 294 ++++++++++++++++++++++-------------
 elf_sections.go              | 102 ++++++++++++
 internal/cmd/gensections.awk |  36 +++++
 types.go                     | 157 ++++++++++---------
 types_string.go              |   5 +-
 12 files changed, 514 insertions(+), 292 deletions(-)
 create mode 100644 elf_sections.go
 create mode 100755 internal/cmd/gensections.awk

diff --git a/Makefile b/Makefile
index 0f4d3864e..0a1201076 100644
--- a/Makefile
+++ b/Makefile
@@ -102,10 +102,12 @@ testdata/loader-%-eb.elf: testdata/loader.c
 	$(CLANG) $(CFLAGS) -target bpfeb -c $< -o $@
 	$(STRIP) -g $@
 
-.PHONY: generate-btf
-generate-btf: KERNEL_VERSION?=6.6
-generate-btf:
+.PHONY: update-kernel-deps
+update-kernel-deps: KERNEL_VERSION?=6.6
+update-kernel-deps:
 	$(eval TMP := $(shell mktemp -d))
+	curl -fL https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/plain/tools/lib/bpf/libbpf.c?h=v$(KERNEL_VERSION) -o "$(TMP)/libbpf.c"
+	"$(CURDIR)/internal/cmd/gensections.awk" "$(TMP)/libbpf.c" | gofmt > "$(CURDIR)/elf_sections.go"
 	curl -fL "$(CI_KERNEL_URL)/linux-$(KERNEL_VERSION)-amd64.tgz" -o "$(TMP)/linux.tgz"
 	tar xvf "$(TMP)/linux.tgz" -C "$(TMP)" --strip-components=2 ./boot/vmlinuz ./lib/modules
 	/lib/modules/$(shell uname -r)/build/scripts/extract-vmlinux "$(TMP)/vmlinuz" > "$(TMP)/vmlinux"
diff --git a/attachtype_string.go b/attachtype_string.go
index add2a3b5c..7e3caed32 100644
--- a/attachtype_string.go
+++ b/attachtype_string.go
@@ -52,11 +52,17 @@ func _() {
 	_ = x[AttachSkReuseportSelectOrMigrate-40]
 	_ = x[AttachPerfEvent-41]
 	_ = x[AttachTraceKprobeMulti-42]
+	_ = x[AttachLSMCgroup-43]
+	_ = x[AttachStructOps-44]
+	_ = x[AttachNetfilter-45]
+	_ = x[AttachTCXIngress-46]
+	_ = x[AttachTCXEgress-47]
+	_ = x[AttachTraceUprobeMulti-48]
 }
 
-const _AttachType_name = "NoneCGroupInetEgressCGroupInetSockCreateCGroupSockOpsSkSKBStreamParserSkSKBStreamVerdictCGroupDeviceSkMsgVerdictCGroupInet4BindCGroupInet6BindCGroupInet4ConnectCGroupInet6ConnectCGroupInet4PostBindCGroupInet6PostBindCGroupUDP4SendmsgCGroupUDP6SendmsgLircMode2FlowDissectorCGroupSysctlCGroupUDP4RecvmsgCGroupUDP6RecvmsgCGroupGetsockoptCGroupSetsockoptTraceRawTpTraceFEntryTraceFExitModifyReturnLSMMacTraceIterCgroupInet4GetPeernameCgroupInet6GetPeernameCgroupInet4GetSocknameCgroupInet6GetSocknameXDPDevMapCgroupInetSockReleaseXDPCPUMapSkLookupXDPSkSKBVerdictSkReuseportSelectSkReuseportSelectOrMigratePerfEventTraceKprobeMulti"
+const _AttachType_name = "NoneCGroupInetEgressCGroupInetSockCreateCGroupSockOpsSkSKBStreamParserSkSKBStreamVerdictCGroupDeviceSkMsgVerdictCGroupInet4BindCGroupInet6BindCGroupInet4ConnectCGroupInet6ConnectCGroupInet4PostBindCGroupInet6PostBindCGroupUDP4SendmsgCGroupUDP6SendmsgLircMode2FlowDissectorCGroupSysctlCGroupUDP4RecvmsgCGroupUDP6RecvmsgCGroupGetsockoptCGroupSetsockoptTraceRawTpTraceFEntryTraceFExitModifyReturnLSMMacTraceIterCgroupInet4GetPeernameCgroupInet6GetPeernameCgroupInet4GetSocknameCgroupInet6GetSocknameXDPDevMapCgroupInetSockReleaseXDPCPUMapSkLookupXDPSkSKBVerdictSkReuseportSelectSkReuseportSelectOrMigratePerfEventTraceKprobeMultiLSMCgroupStructOpsNetfilterTCXIngressTCXEgressTraceUprobeMulti"
 
-var _AttachType_index = [...]uint16{0, 4, 20, 40, 53, 70, 88, 100, 112, 127, 142, 160, 178, 197, 216, 233, 250, 259, 272, 284, 301, 318, 334, 350, 360, 371, 381, 393, 399, 408, 430, 452, 474, 496, 505, 526, 535, 543, 546, 558, 575, 601, 610, 626}
+var _AttachType_index = [...]uint16{0, 4, 20, 40, 53, 70, 88, 100, 112, 127, 142, 160, 178, 197, 216, 233, 250, 259, 272, 284, 301, 318, 334, 350, 360, 371, 381, 393, 399, 408, 430, 452, 474, 496, 505, 526, 535, 543, 546, 558, 575, 601, 610, 626, 635, 644, 653, 663, 672, 688}
 
 func (i AttachType) String() string {
 	if i >= AttachType(len(_AttachType_index)-1) {
diff --git a/btf/core_test.go b/btf/core_test.go
index fab618395..1acd9295d 100644
--- a/btf/core_test.go
+++ b/btf/core_test.go
@@ -583,7 +583,7 @@ func TestCORERelocation(t *testing.T) {
 		}
 
 		for section := range extInfos.funcInfos {
-			name := strings.TrimPrefix(section, "socket_filter/")
+			name := strings.TrimPrefix(section, "socket/")
 			t.Run(name, func(t *testing.T) {
 				var relos []*CORERelocation
 				for _, reloInfo := range extInfos.relocationInfos[section].infos {
diff --git a/btf/testdata/relocs-eb.elf b/btf/testdata/relocs-eb.elf
index 4fce1add7910a12ec5c00aa1f31290dec0fa255b..7ae44dacd6f84054d69da69757b20864234df2c6 100644
GIT binary patch
delta 4414
zcmZ9PU1(g#701uqS*=&Am29WBw2oX=aqMPgjHQC9SGJ3{tx1-kBrfzpG$~SQt6eqz
z5V2g8Qo3#(s2-dmGAii74GJW%p)M#<X;ovW(&k}XTq0;FOEASPA}rK2dPqT~rS1Pe
z_ssgr!_K|uch1Z?XTI*eTYqV7X6|rQTzh+{t0T&N>`EO+t5-!NLiHsrVj!eY--$IM
zZLyB}2I@A|-=PA<;GV%Pi%u4tgNzz{n(dI;ryu%<aBoK~LEatr&-!3AmR`+0df+u=
zKre7+7I8;0Z}NiQTeu@r^LtlD%g2xxTQWA|(Km{Z_bHVha&x&s^SE2Zb;@nzdiHcM
zJy;(WNq>lDl;I)$7uVm}(|J>^pGKMucdB#HWZiV<zOS`^7$+NYjq{7UMvvjX6V;c_
z_=YrdA=G}zhcO;ba!8gkirMZqI(rVhpkd)D_u2z3b-K~=P}g4fOxMxnSGqoD^Mlhb
zO-)>qv9U`NXQn4FUMTFlbn(m!6VuD<JFiCW!mj-CE4vnqJJh{rd8GSf%Dwt<#hKno
zcdqwn^*fC0<BROU*qMCbUM$wT3GPEmXw$ME0RJGt1;{&4yHN9}Ea)T0L{=zMNB*|R
zEe^UUQuT^ikyR>2wZX4M-XqT_|5c<;UWnQ36Imm#D4!DffZS02Iz;lO^7lmUfK6Wc
z=OTB>MZ{+U=8q!lRE%nak3^c}nV2JNuY2SL<pGfm@{014BA<{O%4ZOpys7*{k^g`r
z&Jf~7Zy*=)DB^p?`(pM|ftm39Pca3u2C#i%4w0L&-JU}7V4IH_S6{3KuouLf#xhzi
zFSfTY2yCy4nImwS$km^TnTI0@9e;;Gl8f5l&tk5V%gP_)D3ZrxPIZWRgFK`Bh?p9A
zR{4mS8{`G$r^GCgmtwA_CdK@Min=zqf>|Xul%1Gc<fifsG2AN{oF74|F6K5lul$i1
z?hR8={+}4`4Xm|q--elNkWYKAN?S?H9V#l?;5jjVbId4T7UTEEtn$1Vzc&_@e<{ZA
zjTPlTiSc`*u6$2Sa&JKEi)rH4hxNx=MJWu&A3c3!aBb3k5@BOYI5z3BL}erzmMT3d
z(Fj>bmUa@ICXb@B|1F8WO4fm-*RkKo3$cA$yF_QJRII4tkVF-7L-}cm&XIklcov+O
zXo|e4_Mb>J4GvQctuJA!Ik1;8F#ilWs755V?frP)@&V}2|F(aL<?fdfDjNij*GMu4
z#P-vECAPPCPPrs@KkYh@OkiDt%$V2$?K+SaZ|eEad{^uc8kiw<7`UYTQ?W;ApL&3=
zDF0S0mnJ+9GJ!(^O|e|6@I1&UM;Sf;?d@W@c9AB~;!+%-{jgZBWi<W(&nQ15_Bq;h
zM%t&vj+1L@pBH<UysEq+mP;K~b*<Ys#m-Z)5jV*8iRE*^W|Y4q_By#=`Ha{_a#8tZ
zv3w5L)5@=ly+N)h|3T~$`HJ%2#l8ow+J#ur(J8jh2209=VsDdm3Ok+_yGFjN_VZ#t
zAa5$qiRCd)?NGjnrsRV1y4ZDcDP~+*j!Q~2#%{HrV7G30!(lV#itvGsTi$fkzvI^S
z^;S7Pe5UwAnZiAA88Y4)Ee`r{pM@=xu-71G6I_Sfk>Dm|e%Vw|5zl0B$HSu9QWT)z
zi#IeVL+0mJVBR@5foCD}WgoZ(d3S>Akh>GygxqtVqYUH>&rbycGK%tE5i>qiBJPaD
zh@x_WX=gt^?n3{W1k=6%P7KIz<-oMpVc*H~6C5<CP-cS-$cYj0`>@5Z`*$O!G^3S%
zDEFg=#L1(mAyM)aYDlC?MGZ9sCa<D~z~oI--Ycm1;x$}`5P)0;hXCYpa0o!=Oa%Yr
zC9wLh(xHEIU_?F$9Hk$J%m8!@N9mi&Okgi6@3haNhQQoxwU~W-avhcZ=?{$4albzp
z4|dG|5h(Mh8T|Nl$kLBW#<#OC1?5MSi^^<|v*o843AOr<Lq`t%E6Sn&Ot5qP>0l8R
zQ`B<6DGE&c8Y-r&WxuP;0I>Vxlo)_tqQn6F*9BP<Fa`7@S2+UgEWd_S=nVMJ3$l*D
zjB1DAppszrpHmL~7nDQ)#YB6Eeh<KZ)dw_CaD<5|G!5n8;I48=U?X8ie}8<#jKLHY
za0yI%8Jw8Ghy&V<_4gxWgDEJGQJ4Y$DVtcsXc6|{5Ms1~3ms~L5eM)Y9FTv|h+i}2
z?5>#o@r6B$e-pIZJndNj?6ayEq5_Psecyl?2Z!iw$79Z};!d84*$2b`?3~&ekX%z{
zK=P_G<B=P<S3^K5HsS`}A;c7B!zV<CD5-v2*q#niQXyeFMA`D@`79I_R2=IqZ=Qks
zdPw4)818n{13l&~cWq$MyzXw{`nJ1=>#yD3gHKdP@mJVS9b3o6GVT|k=ld#A4D%m?
zp6{(hF(ts0(5Dkhh^bLrdZFi|Ct0{M73eYk<-Z;LapzNm6ED6v_Wb#8On&R~#mko@
z{&zY!apCg$7Q}yH)$+~BiF0SSn8qesjK8iu?!Uz!wOvCP>%KVLoh|Zd$?~pS8h+M%
z#pRBjG@o}PxDL2$xPIB)K2|l)yOHB3+peRX@!dKKzLRYKw_7@X)a-Z7<0nnc6;3>A
fzVAj(^qP!Y8}4zx8P2uMqh-WS(ZCK@JJJ7tsST(k

literal 15560
zcmb`Ne{7xCS;x<NU&p?7oX(V{b!iH>X}3BhOKc};-Cx7$n$8=cbwg6pHPww{U&p47
z9el4dw@F8k0$5Z3$kuE#EP($gl7%9OMnx?VnEwdOK#-y>(>w?w5}_CxX`uwoOqIs>
zd*0`~e%{B|v5+{)d*AbUew}lkbKdj5_r3o0UAv#l<sz4s$o&X)B}g@>Jl^H0Q$Fu-
z(R;q?wl+8UN-ja?);GBx)<xec`WmHwRq5MAzeed_R{D0)*DC!!rQa_4ywbm@^gBe~
zp!C0_^pA>ut<ry1=^qn)qtfqE`VP^rQ~I4s|G4PyQ2M8p{t3~4Oz9t2`X@!7WEl$N
zcZbqHCHkLI{%uPCwCL9>{U??FQ=-3H={G6;FNppgrT@6nKPUP$|IGz&nezP)xSvz@
zpAq|XKEys{*x#${KPUESe#Jgz*#ES$|3$G+^DXu%!`}PK`g~sO)BK5j%CN6ve6dUO
zD0V4Jycb~auOVUgRXU>xm)=WeGQvDQq2&Ea{+N;<HuF6I-lp_}%CA+)e^tr#e7^?&
zpI3H6U_IYQl;0<m-LR5BsN^H?e?ak3u%7R-_%-fpavNaRD0!$T`MpX$2D^I{9|JST
z!S4&=R|EN-kk?4OaV6)q6y&eNj`JP(4KT0uz{kZe4>{LtUgDila_&t*{wC~V#k?Ll
z-$DOHGv8m4b>r6r>}ap^_cmDP?+jSy@2ge(?_(V4=hv#}nZKa_9nn+d%f6<}_42!-
zPxo)=nZKOG|AvhZJ@Xg#|FhtF#lHvU^%BwVCn%`11bfHpM$7NNGjqNCe#qaq9`Syz
zF0sEQ^Wl1Zwwx<J;QT!W?Drb!@3-HBJxa8`;C_P@6K7!+|2b)g*XQe1{I7+69G8Ab
zyMLqF9j)RwZ|wh8wKG)3{!(aXmHu8*?e<oQGrNla--mWEZ?9DGe>dn?iSr%lN6o&1
z+k-eYChya$_<uL#1O50M{3GK(75ZWFctzUHquo!#FK_%Njs5o|4zG9Khr@OI{SY5=
zy)Vy;ocqmV9GA@Z50w3O$iwya4@$1@!~ZIBuB$D|{(U9a`|`gjd5f}NP;z}A{&ywc
zsO&#ba=owI5V^y+xG#tP|EI_~Uhd0bydQ=*klzh?xSsz@<jg1U!y%vHdZnCqydeK?
zWzT&%$bTgAX4vytpjq;~DDo!Axvw;d{C`9~4mtOMu>X&XKJ3eZe;oFeW*DRRdmAf8
z?(c<K{=pwaL~+aA!q$jm-3|)<g9HSqM&1hf!npumg9k>6yciwinf?4Sj&!fZLv4`H
zLhcK0Ho@<G2>i1L&i~;9L5DN;yQmq#cpqXjKZCQxjP4ho0^~US-rR}$gW}IVKps8s
zH%%YQ`GiC6pTW49C-vwY`o}id{Xh0n7yT*D2<4|AZARahI6f6VfOGy?OX8rO+kr7L
z4*Si%^1hAY`|6+FP%l7m7Y<)!F#aTUp9iTUbZ)P->z~u4-Su>qc71(me&R36eE4}>
zlGi>ga`daN2AyG=5V|fe_b8vXCHuPTVvjsGG$AqU(n%aF1^=0RJcuFBvMTdAj?irT
z0m@jI5Gm~bMjSXd-02%k)=GhTCLbsCDaSRJK9?@_sqxd&r-!f{j!2(Et|eu9UFdb&
z_($UVFnq5YUs-$JmvIViaJb?suOBTH2m8vdJktAGsZ#789IBK?x2EE)r9(&iw;rnW
zZ>^NdmA;-z&(_h>&`582ORp;y%cb7R;K*>x#_HZ1Hx<xEAp~pLR5<QhT|L};hR|qn
zc%)K%qcl3w0;^3=y8h9TL)En9%IH{crEuH_qtTOvH(~zVo}Jy*%uB;#M+(QOrPZOH
zQP(?wk1EZM4WsjjOML-`N!+q4wz*=vD{gaR!{x!l!=*m9TrGg~tc-Tb#p)JCj;u=C
zy(7crN&#Ng)yGDLdMblMC9x>E&+ppvf_vflU2gBMyihHkA9V@AO4U08arKsxj;yFo
zJCaz8RckxR;~3(PRc{>P+cmzTI&EAmDm|lzu}FJ{`-<rz>KhrZ6p!>&dIwt6bkwhA
zn)GNDt2C*rg_HEH5^gC^Z~6<b+Es_uce~4~tgflDzo6><<y9IVELY0e4Diwpav81?
zWfq{0ktSUhr`D;2s8C__N|aeuIzk$~iqlelGJ^_}zbt$eMH*h~%7br|k|k2AlA^3u
zB`Tv>p012KZC58PV_{O4)!n{TovMsq+UklHHl-Q&6?2pfHc_+RcA+M+6&I>k%R=>a
zzfjv;J)wB4XJ{;4n3NPsn+w?4xI-*ASQ_GLma^nBX6@BNB3YXY*hbM{>Cx?O_s%_^
z*;UofhkA7T=7Kjd{qtK6)>9Y(H|SMNk~Z}q(;)29@*D*9QW9=&mtJ)tSpQ&YXxYtO
zgey*8qL=wgAlYerJ!~mUd(H7Tw-nnj^wuX@akSw;+Knw1IL+Fbp{y#b&=AF{mwOJD
zi^*-dWqBXO8z$l2ZH%@p^&oRCtQg8zE$>d&V1?lrqvcUX`uoecwS^fEx3bLzpIRA~
zHR5W}IW>Ce%WY%eB9|By+<A8H*|YQI;xB*p^Sg?BU+&&jEOJuuuN_mHofteWZ7ILf
z{%Sh)uxi8PSF>t^6=$9nTqMhF#zGhxR0{$FMnDVI4UWEoM#M<MFD;X5eQjS_q<XO|
znXa@@mMpmDrLD~LCKh4PD_O{pZ=+Thi;Z7pxMuEU0bz2NW=Yz*jiu@Iik8y((&%Wh
z=g6VK!($_3%kB{w-I7)PXsI$bI$Xf_iem4`C^lo>*YR!OwbJNtX((KWsRNRnX{Oje
z)N^cPY}9;Xscw@-DHc<||7!=9T+tO2d52J79i=ZhYOmvaW|wodr@;8W=D#<~*FSze
zj42O{cQLh}RE&4Pbss4HS$uzcQSryYvx-|#=X)4_H<x!A4mNJ5b2B)385!SGFYvow
z2M+SroSP-@7yc{fE|OvA^*?lOjy#!ggx?@8lV^nSF7OI@UidXs$&12Ya_%bFe>X;Z
z(Vshajocyne{}9TdA~5;y)2N&6VBl)`wjA>@MF&1B+m%L?-qGp_}9=hc~SVZb02|o
z%n#bneG^?F!_V_Sxo87<BH=i8Q44uSc(aQ(lNW^dpzGkcIbnSI5=;E}gp0Z{r+#kv
zE`$Z`#*;2WSCTm*f7?Z85XS|-f5s5W9XP1}&_!p-T?yB$b<q_0pzy;kdWSqN{IrXv
z$rHleE;>h^6drWZdGdMT-*nNt<T>H9NGW+<_)lDPfxI9*=OV5Xzg*G3n(HpQL~c&>
zYjQ5)x`<kY?{g8?MVRL`Phg73-J(C>qO0Tq;c*xFbs^(f^JN$Lbul6O^Dgr1VoLZs
zF7oSQM)-#=^6O$Q;o7{5^tyo5muLYe=J$ll@l~F`=Hyii<+VFq?pa#OxN1jTt_%GP
z^Hlq`%k3t2;Gq3qxLh}RzwrBbbwwUexb6-tHS(nJHka!o&j`Qdas%Xf;c=H6B1=E(
zzV32I$%~@@mdjPZA<vNd67tM(ox-^M-tmYi(a$`F+)PA;{m!?!nCsqk8kYIVzv|)w
z^(RFin2VVH<1T)PdKpK`bE5yci(9CdapVKbIP%|gaVzxPPkg+<ox<O9@pkHu8a^rf
zV;6H?!ak4>EbZ49T+De2`#|7aKJl;L>0-`XPTEhoQ}q2V<~-&O8Xgz^Z5JP)Uh+|Y
z&cz4G)1trRV$O4JR`{liInTNIgd192e1?2e_$6!+;8^<C@P>=ek_)2$hKr}j9l{q}
z{0_NW_y;aNM;=IcZO+B#$tQ&$bn!*<r0^~m&ymjyA9nF2@|^H*x%e{qn(!aG_zHPZ
zc+SPVeruY9KZGf{CE>;mF1}9gOc<ZO)JT7^PUBlxr_1hXUqA@>W$tZQZ;gwtrUUZy
z9>?D_m@CST;lQhGe~s2C?m~Ty;sMlY7wjicXN<tps5dB{L!G~c2K@r+c%2$JqA&Lj
z(MK()^ZpyS3w8e18h8M8<}2_7>U`fDcp7!S*A6^~`rV2bP`_u1{aVf|Zbm&Y-tFeN
zR@8WMU5cq60IUAz#uZaP30C9rYdbLYbI_~)`?VdI`kT<J@%T65fuZ;JNamA$=D~6E
zT)+|fP2P_q^pkuPN9YH68b@fCJc}c=LtezeGvnjugNSnw;*-0;AwKyaIK(G24<SDJ
zJUGM$`+Eq+<J&--TK13e85eQ*9O!ufXRcfJgZc>^p<S-C>4d#Kc@78t84rxhWyv4x
z_xSCQHRH(R|BEz0Dc~UQBcQb4AiwM>xpxJ7UO&t)`jh$}6b}9a!oh!B>FGa(1Nlk)
znV-PaU&euarTS~aj1RrPjzWJR^7BKM_Wd&kS=x_UU=-}JsQml|rhm8SgFnZo{Rb4&
z|Fp2=&(AmQga4GWN7c`NXb+PTaeOL&(Y$c*za|{|e^cq<pKAt(e4*-}RRdGs1>t)1
zNBWoJc*u-T{ZX7le^AX$;Dh~<_H$F<5Rdv9d<1_o`;Xs_8$Ln6{{`XQ3H$4odj8!5
z^!`DD{I+nb*uN{x{)TvPjt>ei;!GYFW_##=d|H_8k*9^(9(h)n?UCn&*&g|(Fyo=r
z<nh7w84snVfRE6Ba_BGPp=9nsjKS*@*K^}6&WP{JCVYxqBvnovTov(mArpDrqV*8+
zer3zwK_GJfyqfA^&-<Az_zo51{y8w!!@f3!rOLmcDsq26PBpOSKDMkt&YaqE96$6z
zrAy4*?t$ElE8-k|3Ubr`s1x#j$W1?M_CvlAa@(I~$iD))?GNQFn{jZ?Li<ml&OQd_
znqVISA3&XL1Rg>idwR+zP{*~D@@dp{{3*ld4bK|BZ1|dC=1Il(%TIHY(H9K28tydQ
zZTO(!qlQl!K5cl)@Oi_thA$hwX82~7dHc}$@O!12Prp}c?ts1KF2h_`T0dZT-0+0q
zNyF2IXAI97o;SQ;crnXy-f*+w7Q-EeyA1C)JYaa-@Py$>!_$Um!Rq>oIp3PE8RmQ|
zy}t}KHyM4waI4`?!`+4t8a`_Hq+yO%?GH5^ujU!UbB5;)FBo3T@|wKiX2UIpI}CRj
z-fwuo@VMa#!;^-m4bK>!Gdyp2!SG_1Yx9Pi4YwHXFx+K$zu^JH<Ax^;Pa2*!JY#sy
z@Vwy#!;4w2%NuSs++w&BtnOEJ`@!mdRaXJ4`$yd=!)FY?V_2TC!u_xAqS0S5eBJP^
zEaz(s-(~nA!`lr%Yk05WKEoBmrwpGl{Ep#w4PP{T#qf2*x3XMcWB4w^4;ePkFZFzW
zQTMNUKEG(@^NVIazi58T@L9v>3|}yO$?#RfH?rKo@v8m2f#cQ8@oL^~_*uhy4fh%5
zc-8*g!0~G4cr|mpnmJz09Is}MS2M?}`J*haZ8W^W@MgnL8QyL9fZ-v-Ck(%3_^jb`
zhA$YtWcaG#8-_p1a$}?64Td)xe#-D}!v_ox89rh7EyHIGpEG>H@Fl}n4c{>QQI^*=
z8s1=dv*D)<?>2nE@Q~pXhTk%L*6=yQ7s2X&vhFI_-%svZfA>Aj_qr{W(s;#f!C!oC
zd1mi(TL{^|^vwL~YIXSY8T+F!f9tif<S$H&v-~J*Z8Pnqzvylm8aj5Q*wfcHioXkS
zTkz9&rRNaNuOIPeblvTK=9#u)`wpI4i|yNZZZEdA^SrINtqtS;|0;imK-`0?l#Z7~
z_<>RSFMc9pJ+S$n>^hBKz?x9O`3R0x{QdWK<&yb+%{_Pp|CrCuRNqX_=_j9KLTN>1
z1^+b%6QigzIj5i6pU*Ta_}5M)9{znn>Wqr^5BFH=P5v7A{KdlOEM2t!DJWKGe{GXE
z-Om57mA`HS^|dXDplPR3==sCD-n4yVb|0^Qlyx_fbNZ?Md4J+H&C=;V(~n1F-qsz2
zi0`6#t+Ryjb9~byKiTcq?@4MhrK4NW<TcaZzl4qdBA;>fu!(bv;@`P4#~dq5XutV?
E0roA-WdHyG

diff --git a/btf/testdata/relocs-el.elf b/btf/testdata/relocs-el.elf
index e2d34ab95bac950fc18eb20e417ce64ce7dbf262..d3ef666222c0fd707bc5057cee5dc59bf379d305 100644
GIT binary patch
delta 4314
zcmZ9PYiwLc701uqYp3gH5<898apE`+<FyrHBSpa^ftV7?wn|%9>IaJ!*(NcpX&$C=
zDi>AUl;nde5y@qY@P|+wDM%YgC8w^yjZ(>me%PW`wM2wW6(L8mDkD<r4?zmzQU3qg
zGnbnkY3|JLoHJ+6na91mg_jn`CNjZd_w|mts^HUV`<1Hw(RmRGP<=5X>&gIcdI4I<
z%28zr^&yqtF1Cj96ih172}R1P!PV${pX<@*m=@GJ^efQzpgxQ~N~PgsEvP;AKUKS0
zUxyfOTnN)e6Zs`tcCX?=x9{1nSMO?VLl>6inA}ZRhn9sC))%`{XD?QFnn&$Bc#hal
zsvEXct#iJrx4`0~V!xgq{<6+C*KDr6flx8NdK*Mb750&uy{6KBzh>9Aj~F*}K3WGz
zmt))P^_qs(DrC-~yCK<&KEiX_2NuJA0?X&svJIB6mstAcU2ofKx7(*`zc_ob_6uRU
zbM&Q=p)=Coe`e^|=<w-NnVn}&AA5dibarLq`M{pql%Bn~Y0B6=n;U13Za!RQf3hWK
zP1CSF(X{WYFJhGtm@AEVZY-wlxCzgNV$P16@oX%H=eQNmSL~gp?GZHxD4P>Wqal9}
zHMl9#tvpVi7wJ>}E%{xMG37htg2<HePJ|UKI+xDh5%R6#Iivq?k(Wg7i$u=gWeRZe
z(r9V$26-6)D1Sg+K>*4hlUEUdayd37xQhUk+sSJPK>2a<Jp`b9jEvduo2WS9k0|)J
zNCqtfxI#`F=~MoYyw%9K@;}HKBXi2l*o$C~kyYg*<ZdHrwDjjoM)?$4(`)3#2pyhT
z78;%h%Y=~)%D)B&lSVSizb8+bcx(PdzGNh;`cKKzMh29t%D`7lyj45Mc_gCxXdeaF
zOuTnbkY|j{sKGG#Eh7cxbL2VW-Wd$ol5Zk&)n6meW1V%W3*`5)63QQw7m-krBl(Pi
zTgXTan#;jUMzA_=MS94$jpUS{BQGN(<+J1!WTZSvUNwS6aN~bNzKg9={v&w}2|338
z-=*LlGExI1;tG5?2X3#*0(ZY^RL9Jlao^-f5Z{_CILHR^Rt=Mn2Ju!|a&HjdqMPLC
znIPVq6$)_T{57h;1rCk}yqPYLJ>*;vFa49`6G6Q6C&?oLua&d^DR~qDl_b`kNGviJ
z0{5oqz#tZ8_8|uH=%$qaNk>~l=_%n}<yII5Euow%;R)p)>UW26BAyHW{`b=WcVkrt
zc=nn6fcmabx-@dnJ<30)eqSgfC45f#chqMQKnWN8{a>ZQ(GV|$;tF_9>3y!iXCmlD
z043a`yqEfCLK!IGG3BSIe=d{><x%oLDEUYQlN1~eWnOuXoC{@1`966vlr`n%O7Il6
z2=|>^_6Ye>DA)zZ$H>#6bSqyVUkL>{IQ?bvwNN6=;RJu6U<P}r{5SHup<oWDuc-nT
zLV=0nPV)PqK;-yI@?t2<$|uRUu%gNn<lCWaz;$Q9H^|H3HzlKj6$(~x$dqB@O0TlJ
zhWEk;K4Wy$%`YvSyps65QU0d=U}sa5Ll4)=T}n6-&sp?w?_>6I-;P6<O6c?GV?|>7
z0{RFz=2i3&K+Gu|B)lx5SinnIn=r_N*C#j!=1V_^%7Dkg8xx!dKb+tKcyoeR!3_!K
z$xUJY*kRfUip=}n4Nhi+H&@Km<3+;^;_*Dno~fS#ClksinEC>EBj%4CEK#6L10LmM
zMuL;#nR@=d;gY7ba%I?WLG^)?`%ryg<PlUKSVTb{)lW>GNA(kt`IcduL&Y_d4OmJ)
z0XYly6OaeMegg6o*!w5XfYpEG9P*bLGvXw4^eC7UWKrqphB5=#iprMyaa2Ds4_jWD
z_T&O8$I~BKFtHy`UU&%WzYm=>Y6`WH50n;EcDE^Kly@k1E7Kmk<d&EL`SAnjll}Od
zvL8R@^;~~Cm`3Fic?UBIrhXBXOXl^<%AA1u6f#3M)^m%<K7h2c4<Mr)(IL)}+ry-T
z-Vz6WB@S{4=J*L^A0YQU8NhVH9_H>0Kp(k?p_4^Cl1sRx>@!$a_8F`t^yo?&%aB~b
zOoFM;f|D!Q=NS9X31~0^L2?Dg!O1<G1}7(&a}NH$#EanV@bh;Zadh2JUGgS4A#<6@
z2b9xf%rDQXpi2#2R?aHZA-Xc4JP$p2ETLxt6Uv;BoLA<A<auSzM_vL)jEECbu%-r_
zkR^o=g3o~5qD+S@UCMOGlKcbpIdBe@*E;#-X-~+}wa>PH-dwe>ws)G#_H8_`+rQ%Z
zwr%YAhUv3|9Sx0NhFP8P+f*#vc$O~v8nln2SLZ$mPAGk9*kl(v8cc5X&mBLjd7^XZ
zg%|n<Pkwv&yJt_IJtM`xkex%P&Yp~+_&-xM-x(e{ar^;Q|8UIsf7xLF+kK(z$C%N+
z)?QyJwR|6-EZD1G>Nii@iUWtue)|}n?e<kXzh>V%5Sc;y*ulePmtbcX+UxBv4ps#J
zT5o@KaKG7Y?;JdA@^;6ew#FYqA0GYeG@5g$aY@<1Lv7`g;J^;H*P9LY@}ai>0ghCy
A;{X5v

delta 4451
zcmZXXU2I&%701uq>m-}_1KSDq#!2uB$9NqD;uI1#F%X-A*oO!?X&Si_RZNM)S|r3V
z378i3BGoNc)k;nW5u--JNTJ%Is5Kb1ks4Y*&~~Nf!KSI|ilADmg)BaVh4K&qmH7W>
z&s<%Wk><|%opa{QoS8dwcjrb+&rW26{GK<qHC6|^YVCd1yQ8xr5}^8GL{?V;X1xL}
zbgNM11JpID|FGN|>Qit@LkLBxYQQa!eatP8*(bvac`e!=)HcW{>kJ3WpgwH>U)|Pz
z5o&~SQ}|ukMP|@a{39L=`)~VTO<Vgei11v6!QFt3XjwSm`m!h)`^%ag=8%0G&mY@Q
zYMNU*R=Zd=E%2zqyy(mbsWtYN+NQdtvZ`haRQ2oZ{k3<Pv^`bZwxw~M3mMOrguYem
zyUV^&+uZ(bWDZTuR%lK@#`K)^Yl~q&f#>V$*#Xa`3QsN-%NE;N*ShA&v7zIq2S;qa
z?rty7M0Gnu4|cjC?d6$L!%u=5?XhF<$ulRcX<8p!AKNf#JlHR8-st6-4Nd#1JlOBF
z6jDBfeWj(zzT0xp-nwab?--UE*}1Y2&)duE=y(&JAC(u*@hx~BDCg+79nV?&@}|~^
zQZIFvMAB%;qo~1Uk(}~N<XMq^<-d~ODf`j?Q*udUQte%sRxsy6x_Af4S49@o{sb9t
zLnLwzKd0gvCV-X!|3qHI1eD(+FJS`8*U8J6fbx3mZ16EApnNxZ1rt#2Ctt?|luwZ{
z`VAA62b`edOOY&EPT);)+6X(6-zRT2GOiqA?Srh5OUm2H+l?$MA0+3Dq|vg!FIna1
z(3(CYV-W<t_$+js1j~exdgZ@^gBOitmH$hgH1XDaMm}#OulDLH@RX4O<qq-%<F=IX
z?<E(Jh}xq*DsaRnRWU@KHZraJQ}SCzO3LTSmrT5uzb9Wt=4vmIXR*$@)Jx<mSPA7|
z6?hH_l{u14R9r<y>adr*U<9k<R^$=#H6sP(QSu@(Qa(#wLPpBd<YgmR1lRvv^2gXJ
z<xj~gNXRkvKZSD>;ElqVt^*Qr1u-1Ey{Zb_`Knc0JKA3KlLvzM)Qm7rK8Ux<lJ^Jk
zR=rK`3*uAs0XaGp#CubR0~_Ft^ILHz`DnnC=_YcRTnOT&A0;0T;-x=F9u9b{oc~|Q
zr!k?5#BzzmA~P1an_?R}u`n}!J^1RfA@76`Y!0QTg8P)ePkSbm=PP(Zd6f38VVsEP
zl0X0F=zz1atQ|c2Ox~ouE0ivsx#u3`f6;zdD8m)}yz=L?=P`i_F8TAH!8b72AL2qN
zXY4tp=ed{mK1`s3dz6pSekhcI3LaH{f%Zp2;XT6@y+|Gir5LH=3Kd5~nN?mP7eZN3
z?!w0|crla}<-=rL7Ac&62K*uUd??rj$G;{|g_2XgOui5ba&Y$lkS~T3VGO4Ts-c+1
z9xAty-wEA?!~q^8mqLMy^M9OtB^0O}|BO5r%A)dX<f~Xw<r4W?DD}7x81FOkVi-wQ
z6`T3lUBXMI3?El`L9xSg2xP8@-}sC@!+r=dTk(0jL4B^u-K2HszZn&;0e=L@)2KLo
zII1}Rh#xERkXI$R0GW=y!#HFH@mz$Am5jLr8HvTb3>ou?IfeI&cZlzwjiBJ{ydn?2
zDZvFWzXjet4sJ+r5qxukOW>viFN2#C%ojSDK$K1>a9>CcoXiLpTFkWL{`p!4e8YW4
zv`>PQ2^AAedkLIKAaZZGSI~iPcrqiwzI&#949q2E7CsZU8B{-UazCn{7<m}gPmEkd
zZQ%ZMX{ne+^#hT4`LLxOr%~#$lzsqm9_$Ao4}kpu<Vmnkj64nY@yYzXwg%(7K^SNl
z3J#D*WuPVH0%X3uoCxjXsD5C+Y(-`IlS`=V&v<0Pz`j43KMe0en?{XNcpTsZC4)-w
zyUJPR?<wb$>5pA<OUw!R{sWN7zJEd4_a9Bz*?)@nKbOb{n1<|`4s)nnGH+j0<^Z&(
zkQwLZ?c5@=pFmpKPavD{$7_Tw<o7=jpsyl8e?@>of*D{U5fJG1JUM}>gg@<k2mE*t
zWsc`Rxr7VKK7&PNpTSDP4pDe~{fcpbY=UXegOe-Rugv(gN5fF~88N^(IJt*Y;N$?8
z5&`Hx2W~}s8#+OBzktd6m3e&0Bg*($;n<crk}g%er4D&z281XB$~Tlp6Lw}Wq09lv
zMP&|1o>k_6<OOApXXGR<993{YmJ~h+J_B+_nE_e4lo^mE`M>HmFpnuOs^kZ$)9dYg
zuGMbu++hA`dpmcSf7nxazGq*>^M7`}^P!DDf@h;k90CfLhvlH%xvhEQeUKX67s@H6
zhZ&(9vyZ}hE2Ks@wo|$TPU%-OXSbcJjr_mJ!I6<8kDmC!(Bo%Lo_R{1I{DZWgQsH~
z{-jpwPCq+5SgAWUG<f`IrIL<EhQ6WJ@$7F}ZnD3~joD1+YV!x%u%~(LVcsYxAK9II
zj+hhn?4Et*0XvUpmu=X)&-B{^d+`g^&O`p2ZRl<ddh6}Cx_6u7cBp%wS+T$E?l46=
Z-`%{nPeZLns8;i5+i*`ax_92w@fFpq=PCdI

diff --git a/btf/testdata/relocs.c b/btf/testdata/relocs.c
index 92f83400f..799190134 100644
--- a/btf/testdata/relocs.c
+++ b/btf/testdata/relocs.c
@@ -43,7 +43,7 @@ typedef union u u_t;
 		} \
 	})
 
-__section("socket_filter/type_ids") int type_ids() {
+__section("socket/type_ids") int type_ids() {
 	local_id_not_zero(int);
 	local_id_not_zero(struct { int frob; });
 	local_id_not_zero(enum {FRAP});
@@ -97,7 +97,7 @@ __section("socket_filter/type_ids") int type_ids() {
 		} \
 	})
 
-__section("socket_filter/types") int types() {
+__section("socket/types") int types() {
 	type_exists(struct s);
 	type_exists(s_t);
 	type_exists(const s_t);
@@ -142,7 +142,7 @@ __section("socket_filter/types") int types() {
 		} \
 	})
 
-__section("socket_filter/enums") int enums() {
+__section("socket/enums") int enums() {
 	enum_value_exists(enum e, ONE);
 	enum_value_exists(volatile enum e, ONE);
 	enum_value_exists(const enum e, ONE);
@@ -195,7 +195,7 @@ __section("socket_filter/enums") int enums() {
 		} \
 	})
 
-__section("socket_filter/fields") int fields() {
+__section("socket/fields") int fields() {
 	field_exists((struct s){}._1);
 	field_exists((s_t){}._2);
 	field_exists((union u){}._1);
@@ -262,10 +262,10 @@ struct ambiguous___flavour {
 	int _2;
 };
 
-__section("socket_filter/err_ambiguous") int err_ambiguous() {
+__section("socket/err_ambiguous") int err_ambiguous() {
 	return bpf_core_type_id_kernel(struct ambiguous);
 }
 
-__section("socket_filter/err_ambiguous_flavour") int err_ambiguous_flavour() {
+__section("socket/err_ambiguous_flavour") int err_ambiguous_flavour() {
 	return bpf_core_type_id_kernel(struct ambiguous___flavour);
 }
diff --git a/elf_reader.go b/elf_reader.go
index 5a85cbc24..1eab8d69b 100644
--- a/elf_reader.go
+++ b/elf_reader.go
@@ -15,6 +15,7 @@ import (
 	"github.com/cilium/ebpf/asm"
 	"github.com/cilium/ebpf/btf"
 	"github.com/cilium/ebpf/internal"
+	"github.com/cilium/ebpf/internal/sys"
 	"github.com/cilium/ebpf/internal/unix"
 )
 
@@ -1181,109 +1182,106 @@ func (ec *elfCode) loadKsymsSection() error {
 	return nil
 }
 
+type libbpfElfSectionDef struct {
+	pattern     string
+	programType sys.ProgType
+	attachType  sys.AttachType
+	flags       libbpfElfSectionFlag
+}
+
+type libbpfElfSectionFlag uint32
+
+// The values correspond to enum sec_def_flags in libbpf.
+const (
+	_SEC_NONE libbpfElfSectionFlag = 0
+
+	_SEC_EXP_ATTACH_OPT libbpfElfSectionFlag = 1 << (iota - 1)
+	_SEC_ATTACHABLE
+	_SEC_ATTACH_BTF
+	_SEC_SLEEPABLE
+	_SEC_XDP_FRAGS
+	_SEC_USDT
+
+	// Ignore any present extra in order to preserve backwards compatibility
+	// with earlier versions of the library.
+	ignoreExtra
+
+	_SEC_ATTACHABLE_OPT = _SEC_ATTACHABLE | _SEC_EXP_ATTACH_OPT
+)
+
+func init() {
+	// Compatibility with older versions of the library.
+	// We prepend libbpf definitions since they contain a prefix match
+	// for "xdp".
+	elfSectionDefs = append([]libbpfElfSectionDef{
+		{"xdp.frags/", sys.BPF_PROG_TYPE_XDP, sys.BPF_XDP, _SEC_XDP_FRAGS | ignoreExtra},
+		{"xdp.frags_devmap/", sys.BPF_PROG_TYPE_XDP, sys.BPF_XDP_DEVMAP, _SEC_XDP_FRAGS},
+		{"xdp_devmap/", sys.BPF_PROG_TYPE_XDP, sys.BPF_XDP_DEVMAP, 0},
+		{"xdp.frags_cpumap/", sys.BPF_PROG_TYPE_XDP, sys.BPF_XDP_CPUMAP, _SEC_XDP_FRAGS},
+		{"xdp_cpumap/", sys.BPF_PROG_TYPE_XDP, sys.BPF_XDP_CPUMAP, 0},
+		// This has been in the library since the beginning of time. Not sure
+		// where it came from.
+		{"seccomp", sys.BPF_PROG_TYPE_SOCKET_FILTER, 0, _SEC_NONE},
+	}, elfSectionDefs...)
+}
+
 func getProgType(sectionName string) (ProgramType, AttachType, uint32, string) {
-	types := []struct {
-		prefix     string
-		progType   ProgramType
-		attachType AttachType
-		progFlags  uint32
-	}{
-		// Please update the types from libbpf.c and follow the order of it.
-		// https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/tools/lib/bpf/libbpf.c
-		{"socket", SocketFilter, AttachNone, 0},
-		{"sk_reuseport/migrate", SkReuseport, AttachSkReuseportSelectOrMigrate, 0},
-		{"sk_reuseport", SkReuseport, AttachSkReuseportSelect, 0},
-		{"kprobe/", Kprobe, AttachNone, 0},
-		{"uprobe/", Kprobe, AttachNone, 0},
-		{"kretprobe/", Kprobe, AttachNone, 0},
-		{"uretprobe/", Kprobe, AttachNone, 0},
-		{"tc", SchedCLS, AttachNone, 0},
-		{"classifier", SchedCLS, AttachNone, 0},
-		{"action", SchedACT, AttachNone, 0},
-		{"tracepoint/", TracePoint, AttachNone, 0},
-		{"tp/", TracePoint, AttachNone, 0},
-		{"raw_tracepoint/", RawTracepoint, AttachNone, 0},
-		{"raw_tp/", RawTracepoint, AttachNone, 0},
-		{"raw_tracepoint.w/", RawTracepointWritable, AttachNone, 0},
-		{"raw_tp.w/", RawTracepointWritable, AttachNone, 0},
-		{"tp_btf/", Tracing, AttachTraceRawTp, 0},
-		{"fentry/", Tracing, AttachTraceFEntry, 0},
-		{"fmod_ret/", Tracing, AttachModifyReturn, 0},
-		{"fexit/", Tracing, AttachTraceFExit, 0},
-		{"fentry.s/", Tracing, AttachTraceFEntry, unix.BPF_F_SLEEPABLE},
-		{"fmod_ret.s/", Tracing, AttachModifyReturn, unix.BPF_F_SLEEPABLE},
-		{"fexit.s/", Tracing, AttachTraceFExit, unix.BPF_F_SLEEPABLE},
-		{"freplace/", Extension, AttachNone, 0},
-		{"lsm/", LSM, AttachLSMMac, 0},
-		{"lsm.s/", LSM, AttachLSMMac, unix.BPF_F_SLEEPABLE},
-		{"iter/", Tracing, AttachTraceIter, 0},
-		{"iter.s/", Tracing, AttachTraceIter, unix.BPF_F_SLEEPABLE},
-		{"syscall", Syscall, AttachNone, 0},
-		{"xdp.frags_devmap/", XDP, AttachXDPDevMap, unix.BPF_F_XDP_HAS_FRAGS},
-		{"xdp_devmap/", XDP, AttachXDPDevMap, 0},
-		{"xdp.frags_cpumap/", XDP, AttachXDPCPUMap, unix.BPF_F_XDP_HAS_FRAGS},
-		{"xdp_cpumap/", XDP, AttachXDPCPUMap, 0},
-		{"xdp.frags", XDP, AttachNone, unix.BPF_F_XDP_HAS_FRAGS},
-		{"xdp", XDP, AttachNone, 0},
-		{"perf_event", PerfEvent, AttachNone, 0},
-		{"lwt_in", LWTIn, AttachNone, 0},
-		{"lwt_out", LWTOut, AttachNone, 0},
-		{"lwt_xmit", LWTXmit, AttachNone, 0},
-		{"lwt_seg6local", LWTSeg6Local, AttachNone, 0},
-		{"cgroup_skb/ingress", CGroupSKB, AttachCGroupInetIngress, 0},
-		{"cgroup_skb/egress", CGroupSKB, AttachCGroupInetEgress, 0},
-		{"cgroup/skb", CGroupSKB, AttachNone, 0},
-		{"cgroup/sock_create", CGroupSock, AttachCGroupInetSockCreate, 0},
-		{"cgroup/sock_release", CGroupSock, AttachCgroupInetSockRelease, 0},
-		{"cgroup/sock", CGroupSock, AttachCGroupInetSockCreate, 0},
-		{"cgroup/post_bind4", CGroupSock, AttachCGroupInet4PostBind, 0},
-		{"cgroup/post_bind6", CGroupSock, AttachCGroupInet6PostBind, 0},
-		{"cgroup/dev", CGroupDevice, AttachCGroupDevice, 0},
-		{"sockops", SockOps, AttachCGroupSockOps, 0},
-		{"sk_skb/stream_parser", SkSKB, AttachSkSKBStreamParser, 0},
-		{"sk_skb/stream_verdict", SkSKB, AttachSkSKBStreamVerdict, 0},
-		{"sk_skb", SkSKB, AttachNone, 0},
-		{"sk_msg", SkMsg, AttachSkMsgVerdict, 0},
-		{"lirc_mode2", LircMode2, AttachLircMode2, 0},
-		{"flow_dissector", FlowDissector, AttachFlowDissector, 0},
-		{"cgroup/bind4", CGroupSockAddr, AttachCGroupInet4Bind, 0},
-		{"cgroup/bind6", CGroupSockAddr, AttachCGroupInet6Bind, 0},
-		{"cgroup/connect4", CGroupSockAddr, AttachCGroupInet4Connect, 0},
-		{"cgroup/connect6", CGroupSockAddr, AttachCGroupInet6Connect, 0},
-		{"cgroup/sendmsg4", CGroupSockAddr, AttachCGroupUDP4Sendmsg, 0},
-		{"cgroup/sendmsg6", CGroupSockAddr, AttachCGroupUDP6Sendmsg, 0},
-		{"cgroup/recvmsg4", CGroupSockAddr, AttachCGroupUDP4Recvmsg, 0},
-		{"cgroup/recvmsg6", CGroupSockAddr, AttachCGroupUDP6Recvmsg, 0},
-		{"cgroup/getpeername4", CGroupSockAddr, AttachCgroupInet4GetPeername, 0},
-		{"cgroup/getpeername6", CGroupSockAddr, AttachCgroupInet6GetPeername, 0},
-		{"cgroup/getsockname4", CGroupSockAddr, AttachCgroupInet4GetSockname, 0},
-		{"cgroup/getsockname6", CGroupSockAddr, AttachCgroupInet6GetSockname, 0},
-		{"cgroup/sysctl", CGroupSysctl, AttachCGroupSysctl, 0},
-		{"cgroup/getsockopt", CGroupSockopt, AttachCGroupGetsockopt, 0},
-		{"cgroup/setsockopt", CGroupSockopt, AttachCGroupSetsockopt, 0},
-		{"struct_ops+", StructOps, AttachNone, 0},
-		{"sk_lookup/", SkLookup, AttachSkLookup, 0},
-		{"seccomp", SocketFilter, AttachNone, 0},
-		{"kprobe.multi", Kprobe, AttachTraceKprobeMulti, 0},
-		{"kretprobe.multi", Kprobe, AttachTraceKprobeMulti, 0},
-		// Document all prefixes in docs/ebpf/concepts/elf-sections.md.
-	}
+	// Skip optional program marking for now.
+	sectionName = strings.TrimPrefix(sectionName, "?")
 
-	for _, t := range types {
-		if !strings.HasPrefix(sectionName, t.prefix) {
+	for _, t := range elfSectionDefs {
+		extra, ok := matchSectionName(sectionName, t.pattern)
+		if !ok {
 			continue
 		}
 
-		if !strings.HasSuffix(t.prefix, "/") {
-			return t.progType, t.attachType, t.progFlags, ""
+		programType := ProgramType(t.programType)
+		attachType := AttachType(t.attachType)
+
+		var flags uint32
+		if t.flags&_SEC_SLEEPABLE > 0 {
+			flags |= unix.BPF_F_SLEEPABLE
+		}
+		if t.flags&_SEC_XDP_FRAGS > 0 {
+			flags |= unix.BPF_F_XDP_HAS_FRAGS
+		}
+		if t.flags&_SEC_EXP_ATTACH_OPT > 0 {
+			if programType == XDP {
+				// The library doesn't yet have code to fallback to not specifying
+				// attach type. Only do this for XDP since we've enforced correct
+				// attach type for all other program types.
+				attachType = AttachNone
+			}
+		}
+		if t.flags&ignoreExtra > 0 {
+			extra = ""
 		}
 
-		return t.progType, t.attachType, t.progFlags, sectionName[len(t.prefix):]
+		return programType, attachType, flags, extra
 	}
 
 	return UnspecifiedProgram, AttachNone, 0, ""
 }
 
+// matchSectionName checks a section name against a pattern.
+//
+// It's behaviour mirrors that of libbpf's sec_def_matches.
+func matchSectionName(sectionName, pattern string) (extra string, found bool) {
+	have, extra, found := strings.Cut(sectionName, "/")
+	want := strings.TrimRight(pattern, "+/")
+
+	if strings.HasSuffix(pattern, "/") {
+		// Section name must have a slash and extra may be empty.
+		return extra, have == want && found
+	} else if strings.HasSuffix(pattern, "+") {
+		// Section name may have a slash and extra may be empty.
+		return extra, have == want
+	}
+
+	// Section name must have a prefix. extra is ignored.
+	return "", strings.HasPrefix(sectionName, pattern)
+}
+
 func (ec *elfCode) loadSectionRelocations(sec *elf.Section, symbols []elf.Symbol) (map[uint64]elf.Symbol, error) {
 	rels := make(map[uint64]elf.Symbol)
 
diff --git a/elf_reader_test.go b/elf_reader_test.go
index 7436247c7..17beea9f2 100644
--- a/elf_reader_test.go
+++ b/elf_reader_test.go
@@ -955,16 +955,6 @@ func TestLibBPFCompat(t *testing.T) {
 		// to OOM kills.
 		opts.Programs.LogDisabled = true
 
-		for name, p := range spec.Programs {
-			if p.Type != Extension {
-				continue
-			}
-
-			targetProg, targetColl := loadTargetProgram(t, name, opts)
-			defer targetColl.Close()
-			p.AttachTarget = targetProg
-		}
-
 		coll, err := NewCollectionWithOptions(spec, opts)
 		testutils.SkipIfNotSupported(t, err)
 		var errno syscall.Errno
@@ -1025,7 +1015,10 @@ func TestLibBPFCompat(t *testing.T) {
 			t.Skip("Skipping since weak relocations are not supported")
 		case "bloom_filter_map", "bloom_filter_bench":
 			t.Skip("Skipping due to missing MapExtra field in MapSpec")
-		case "netif_receive_skb", "local_kptr_stash", "local_kptr_stash_fail":
+		case "netif_receive_skb",
+			"local_kptr_stash",
+			"local_kptr_stash_fail",
+			"type_cast":
 			t.Skip("Skipping due to possible bug in upstream CO-RE generation")
 		case "test_usdt", "test_urandom_usdt", "test_usdt_multispec":
 			t.Skip("Skipping due to missing support for usdt.bpf.h")
@@ -1054,6 +1047,28 @@ func TestLibBPFCompat(t *testing.T) {
 				}
 				m.Extra = nil
 			}
+
+		case "fexit_bpf2bpf",
+			"freplace_get_constant",
+			"freplace_global_func":
+			loadTargetProgram(t, spec, "test_pkt_access.bpf.o", "test_pkt_access")
+
+		case "freplace_cls_redirect":
+			loadTargetProgram(t, spec, "test_cls_redirect.bpf.o", "cls_redirect")
+
+		case "test_trace_ext":
+			loadTargetProgram(t, spec, "test_pkt_md_access.bpf.o", "test_pkt_md_access")
+
+		case "freplace_progmap":
+			loadTargetProgram(t, spec, "xdp_dummy.bpf.o", "xdp_dummy_prog")
+
+			if prog := spec.Programs["xdp_cpumap_prog"]; prog.AttachTo == "" {
+				prog.AttachTo = "xdp_dummy_prog"
+			}
+
+		case "freplace_attach_probe":
+			// Looks like the test should have a target, but 6.6 selftests don't
+			// seem to be using it.
 		}
 
 		var opts CollectionOptions
@@ -1126,44 +1141,42 @@ func TestLibBPFCompat(t *testing.T) {
 	})
 }
 
-func loadTargetProgram(tb testing.TB, name string, opts CollectionOptions) (*Program, *Collection) {
-	file := "test_pkt_access.bpf.o"
-	program := "test_pkt_access"
-	switch name {
-	case "new_connect_v4_prog":
-		file = "connect4_prog.bpf.o"
-		program = "connect_v4_prog"
-	case "new_do_bind":
-		file = "connect4_prog.bpf.o"
-		program = "connect_v4_prog"
-	case "freplace_cls_redirect_test":
-		file = "test_cls_redirect.bpf.o"
-		program = "cls_redirect"
-	case "new_handle_kprobe":
-		file = "test_attach_probe.bpf.o"
-		program = "handle_kprobe"
-	case "test_pkt_md_access_new":
-		file = "test_pkt_md_access.bpf.o"
-		program = "test_pkt_md_access"
-	default:
-	}
-
-	spec, err := LoadCollectionSpec(filepath.Join(*elfPath, file))
+func loadTargetProgram(tb testing.TB, spec *CollectionSpec, file, program string) {
+	targetSpec, err := LoadCollectionSpec(filepath.Join(*elfPath, file))
 	if errors.Is(err, os.ErrNotExist) && strings.HasSuffix(file, ".bpf.o") {
 		// Prior to v6.1 BPF ELF used a plain .o suffix.
 		file = strings.TrimSuffix(file, ".bpf.o") + ".o"
-		spec, err = LoadCollectionSpec(filepath.Join(*elfPath, file))
+		targetSpec, err = LoadCollectionSpec(filepath.Join(*elfPath, file))
 	}
 	if err != nil {
 		tb.Fatalf("Can't read %s: %s", file, err)
 	}
 
-	coll, err := NewCollectionWithOptions(spec, opts)
+	qt.Assert(tb, targetSpec.Programs[program], qt.IsNotNil)
+
+	coll, err := NewCollectionWithOptions(targetSpec, CollectionOptions{
+		Programs: ProgramOptions{LogDisabled: true},
+	})
 	if err != nil {
 		tb.Fatalf("Can't load target: %s", err)
 	}
+	tb.Cleanup(func() { coll.Close() })
+
+	target := coll.Programs[program]
+	for _, prog := range spec.Programs {
+		if prog.Type == Extension && prog.AttachType == AttachNone {
+			prog.AttachTarget = target
+			continue
+		}
 
-	return coll.Programs[program], coll
+		if prog.Type == Tracing {
+			switch prog.AttachType {
+			case AttachTraceFEntry, AttachTraceFExit, AttachModifyReturn:
+				prog.AttachTarget = target
+				continue
+			}
+		}
+	}
 }
 
 func sourceOfBTF(tb testing.TB, path string) []string {
@@ -1184,86 +1197,143 @@ func sourceOfBTF(tb testing.TB, path string) []string {
 	return testutils.Glob(tb, filepath.Join(dir, btfPrefix+base+"*.o"))
 }
 
-func TestGetProgType(t *testing.T) {
-	type progTypeTestData struct {
-		Pt ProgramType
-		At AttachType
-		Fl uint32
-		To string
+func TestELFSectionProgramTypes(t *testing.T) {
+	type testcase struct {
+		Section     string
+		ProgramType ProgramType
+		AttachType  AttachType
+		Flags       uint32
+		Extra       string
 	}
 
-	testcases := map[string]progTypeTestData{
-		"socket/garbage": {
-			Pt: SocketFilter,
-			At: AttachNone,
-			To: "",
-		},
-		"kprobe/func": {
-			Pt: Kprobe,
-			At: AttachNone,
-			To: "func",
-		},
-		"xdp/foo": {
-			Pt: XDP,
-			At: AttachNone,
-			To: "",
-		},
-		"xdp.frags/foo": {
-			Pt: XDP,
-			At: AttachNone,
-			To: "",
-			Fl: unix.BPF_F_XDP_HAS_FRAGS,
-		},
-		"xdp_devmap/foo": {
-			Pt: XDP,
-			At: AttachXDPDevMap,
-			To: "foo",
-		},
-		"xdp.frags_devmap/foo": {
-			Pt: XDP,
-			At: AttachXDPDevMap,
-			To: "foo",
-			Fl: unix.BPF_F_XDP_HAS_FRAGS,
-		},
-		"cgroup_skb/ingress": {
-			Pt: CGroupSKB,
-			At: AttachCGroupInetIngress,
-			To: "",
-		},
-		"iter/bpf_map": {
-			Pt: Tracing,
-			At: AttachTraceIter,
-			To: "bpf_map",
-		},
-		"lsm.s/file_ioctl_sleepable": {
-			Pt: LSM,
-			At: AttachLSMMac,
-			To: "file_ioctl_sleepable",
-			Fl: unix.BPF_F_SLEEPABLE,
-		},
-		"lsm/file_ioctl": {
-			Pt: LSM,
-			At: AttachLSMMac,
-			To: "file_ioctl",
-		},
-		"sk_skb/stream_verdict/foo": {
-			Pt: SkSKB,
-			At: AttachSkSKBStreamVerdict,
-			To: "",
-		},
-		"sk_skb/bar": {
-			Pt: SkSKB,
-			At: AttachNone,
-			To: "",
-		},
+	testcases := []testcase{
+		{"socket", SocketFilter, AttachNone, 0, ""},
+		{"socket/garbage", SocketFilter, AttachNone, 0, ""},
+		{"sk_reuseport/migrate", SkReuseport, AttachSkReuseportSelectOrMigrate, 0, ""},
+		{"sk_reuseport", SkReuseport, AttachSkReuseportSelect, 0, ""},
+		{"kprobe/", Kprobe, AttachNone, 0, ""},
+		{"kprobe/func", Kprobe, AttachNone, 0, "func"},
+		{"uprobe/", Kprobe, AttachNone, 0, ""},
+		{"kretprobe/", Kprobe, AttachNone, 0, ""},
+		{"uretprobe/", Kprobe, AttachNone, 0, ""},
+		{"tc", SchedCLS, AttachNone, 0, ""},
+		{"classifier", SchedCLS, AttachNone, 0, ""},
+		{"action", SchedACT, AttachNone, 0, ""},
+		{"tracepoint/", TracePoint, AttachNone, 0, ""},
+		{"tp/", TracePoint, AttachNone, 0, ""},
+		{"raw_tracepoint/", RawTracepoint, AttachNone, 0, ""},
+		{"raw_tp/", RawTracepoint, AttachNone, 0, ""},
+		{"raw_tracepoint.w/", RawTracepointWritable, AttachNone, 0, ""},
+		{"raw_tp.w/", RawTracepointWritable, AttachNone, 0, ""},
+		{"tp_btf/", Tracing, AttachTraceRawTp, 0, ""},
+		{"fentry/", Tracing, AttachTraceFEntry, 0, ""},
+		{"fmod_ret/", Tracing, AttachModifyReturn, 0, ""},
+		{"fexit/", Tracing, AttachTraceFExit, 0, ""},
+		{"fentry.s/", Tracing, AttachTraceFEntry, unix.BPF_F_SLEEPABLE, ""},
+		{"fmod_ret.s/", Tracing, AttachModifyReturn, unix.BPF_F_SLEEPABLE, ""},
+		{"fexit.s/", Tracing, AttachTraceFExit, unix.BPF_F_SLEEPABLE, ""},
+		{"freplace/", Extension, AttachNone, 0, ""},
+		{"lsm/foo", LSM, AttachLSMMac, 0, "foo"},
+		{"lsm.s/foo", LSM, AttachLSMMac, unix.BPF_F_SLEEPABLE, "foo"},
+		{"iter/bpf_map", Tracing, AttachTraceIter, 0, "bpf_map"},
+		{"iter.s/", Tracing, AttachTraceIter, unix.BPF_F_SLEEPABLE, ""},
+		// Was missing sleepable.
+		{"syscall", Syscall, AttachNone, unix.BPF_F_SLEEPABLE, ""},
+		{"xdp.frags_devmap/foo", XDP, AttachXDPDevMap, unix.BPF_F_XDP_HAS_FRAGS, "foo"},
+		{"xdp_devmap/foo", XDP, AttachXDPDevMap, 0, "foo"},
+		{"xdp.frags_cpumap/", XDP, AttachXDPCPUMap, unix.BPF_F_XDP_HAS_FRAGS, ""},
+		{"xdp_cpumap/", XDP, AttachXDPCPUMap, 0, ""},
+		// Used incorrect attach type.
+		{"xdp.frags/foo", XDP, AttachXDP, unix.BPF_F_XDP_HAS_FRAGS, ""},
+		{"xdp/foo", XDP, AttachNone, 0, ""},
+		{"perf_event", PerfEvent, AttachNone, 0, ""},
+		{"lwt_in", LWTIn, AttachNone, 0, ""},
+		{"lwt_out", LWTOut, AttachNone, 0, ""},
+		{"lwt_xmit", LWTXmit, AttachNone, 0, ""},
+		{"lwt_seg6local", LWTSeg6Local, AttachNone, 0, ""},
+		{"cgroup_skb/ingress", CGroupSKB, AttachCGroupInetIngress, 0, ""},
+		{"cgroup_skb/egress", CGroupSKB, AttachCGroupInetEgress, 0, ""},
+		{"cgroup/skb", CGroupSKB, AttachNone, 0, ""},
+		{"cgroup/sock_create", CGroupSock, AttachCGroupInetSockCreate, 0, ""},
+		{"cgroup/sock_release", CGroupSock, AttachCgroupInetSockRelease, 0, ""},
+		{"cgroup/sock", CGroupSock, AttachCGroupInetSockCreate, 0, ""},
+		{"cgroup/post_bind4", CGroupSock, AttachCGroupInet4PostBind, 0, ""},
+		{"cgroup/post_bind6", CGroupSock, AttachCGroupInet6PostBind, 0, ""},
+		{"cgroup/dev", CGroupDevice, AttachCGroupDevice, 0, ""},
+		{"sockops", SockOps, AttachCGroupSockOps, 0, ""},
+		{"sk_skb/stream_parser", SkSKB, AttachSkSKBStreamParser, 0, ""},
+		{"sk_skb/stream_verdict", SkSKB, AttachSkSKBStreamVerdict, 0, ""},
+		{"sk_skb/stream_verdict/foo", SkSKB, AttachSkSKBStreamVerdict, 0, ""},
+		{"sk_skb", SkSKB, AttachNone, 0, ""},
+		{"sk_skb/bar", SkSKB, AttachNone, 0, ""},
+		{"sk_msg", SkMsg, AttachSkMsgVerdict, 0, ""},
+		{"lirc_mode2", LircMode2, AttachLircMode2, 0, ""},
+		{"flow_dissector", FlowDissector, AttachFlowDissector, 0, ""},
+		{"cgroup/bind4", CGroupSockAddr, AttachCGroupInet4Bind, 0, ""},
+		{"cgroup/bind6", CGroupSockAddr, AttachCGroupInet6Bind, 0, ""},
+		{"cgroup/connect4", CGroupSockAddr, AttachCGroupInet4Connect, 0, ""},
+		{"cgroup/connect6", CGroupSockAddr, AttachCGroupInet6Connect, 0, ""},
+		{"cgroup/sendmsg4", CGroupSockAddr, AttachCGroupUDP4Sendmsg, 0, ""},
+		{"cgroup/sendmsg6", CGroupSockAddr, AttachCGroupUDP6Sendmsg, 0, ""},
+		{"cgroup/recvmsg4", CGroupSockAddr, AttachCGroupUDP4Recvmsg, 0, ""},
+		{"cgroup/recvmsg6", CGroupSockAddr, AttachCGroupUDP6Recvmsg, 0, ""},
+		{"cgroup/getpeername4", CGroupSockAddr, AttachCgroupInet4GetPeername, 0, ""},
+		{"cgroup/getpeername6", CGroupSockAddr, AttachCgroupInet6GetPeername, 0, ""},
+		{"cgroup/getsockname4", CGroupSockAddr, AttachCgroupInet4GetSockname, 0, ""},
+		{"cgroup/getsockname6", CGroupSockAddr, AttachCgroupInet6GetSockname, 0, ""},
+		{"cgroup/sysctl", CGroupSysctl, AttachCGroupSysctl, 0, ""},
+		{"cgroup/getsockopt", CGroupSockopt, AttachCGroupGetsockopt, 0, ""},
+		{"cgroup/setsockopt", CGroupSockopt, AttachCGroupSetsockopt, 0, ""},
+		// Bogus pattern means it never matched anything.
+		// {"struct_ops+", StructOps, AttachNone, 0, ""},
+		{"sk_lookup/", SkLookup, AttachSkLookup, 0, ""},
+		{"seccomp", SocketFilter, AttachNone, 0, ""},
+		{"kprobe.multi", Kprobe, AttachTraceKprobeMulti, 0, ""},
+		{"kretprobe.multi", Kprobe, AttachTraceKprobeMulti, 0, ""},
 	}
 
-	for section, want := range testcases {
-		pt, at, fl, to := getProgType(section)
+	for _, tc := range testcases {
+		t.Run(tc.Section, func(t *testing.T) {
+			pt, at, fl, extra := getProgType(tc.Section)
+			have := testcase{tc.Section, pt, at, fl, extra}
+			qt.Assert(t, have, qt.DeepEquals, tc)
+		})
+	}
+}
 
-		if diff := cmp.Diff(want, progTypeTestData{Pt: pt, At: at, Fl: fl, To: to}); diff != "" {
-			t.Errorf("getProgType mismatch (-want +got):\n%s", diff)
-		}
+func TestMatchSectionName(t *testing.T) {
+	for _, testcase := range []struct {
+		pattern string
+		input   string
+		matches bool
+		extra   string
+	}{
+		{"prefix/", "prefix/", true, ""},
+		{"prefix/", "prefix/a", true, "a"},
+		{"prefix/", "prefix/b", true, "b"},
+		{"prefix/", "prefix", false, ""},
+		{"prefix/", "junk", false, ""},
+
+		{"prefix+", "prefix/", true, ""},
+		{"prefix+", "prefix/a", true, "a"},
+		{"prefix+", "prefix/b", true, "b"},
+		{"prefix+", "prefix", true, ""},
+		{"prefix+", "junk", false, ""},
+
+		{"exact", "exact", true, ""},
+		{"exact", "exact/", true, ""},
+		{"exact", "exact/a", true, ""},
+		{"exact", "exactement", true, ""},
+		{"exact", "junk", false, ""},
+	} {
+		name := fmt.Sprintf("%s:%s", testcase.pattern, testcase.input)
+		t.Run(name, func(t *testing.T) {
+			extra, matches := matchSectionName(testcase.input, testcase.pattern)
+			qt.Assert(t, matches, qt.Equals, testcase.matches)
+			if testcase.matches {
+				qt.Assert(t, extra, qt.Equals, testcase.extra)
+			}
+		})
 	}
 }
 
diff --git a/elf_sections.go b/elf_sections.go
new file mode 100644
index 000000000..1cfbd6bba
--- /dev/null
+++ b/elf_sections.go
@@ -0,0 +1,102 @@
+// Code generated by internal/cmd/gensections.awk; DO NOT EDIT.
+
+package ebpf
+
+// Code in this file is derived from libbpf, available under BSD-2-Clause.
+
+import "github.com/cilium/ebpf/internal/sys"
+
+var elfSectionDefs = []libbpfElfSectionDef{
+	{"socket", sys.BPF_PROG_TYPE_SOCKET_FILTER, 0, _SEC_NONE},
+	{"sk_reuseport/migrate", sys.BPF_PROG_TYPE_SK_REUSEPORT, sys.BPF_SK_REUSEPORT_SELECT_OR_MIGRATE, _SEC_ATTACHABLE},
+	{"sk_reuseport", sys.BPF_PROG_TYPE_SK_REUSEPORT, sys.BPF_SK_REUSEPORT_SELECT, _SEC_ATTACHABLE},
+	{"kprobe+", sys.BPF_PROG_TYPE_KPROBE, 0, _SEC_NONE},
+	{"uprobe+", sys.BPF_PROG_TYPE_KPROBE, 0, _SEC_NONE},
+	{"uprobe.s+", sys.BPF_PROG_TYPE_KPROBE, 0, _SEC_SLEEPABLE},
+	{"kretprobe+", sys.BPF_PROG_TYPE_KPROBE, 0, _SEC_NONE},
+	{"uretprobe+", sys.BPF_PROG_TYPE_KPROBE, 0, _SEC_NONE},
+	{"uretprobe.s+", sys.BPF_PROG_TYPE_KPROBE, 0, _SEC_SLEEPABLE},
+	{"kprobe.multi+", sys.BPF_PROG_TYPE_KPROBE, sys.BPF_TRACE_KPROBE_MULTI, _SEC_NONE},
+	{"kretprobe.multi+", sys.BPF_PROG_TYPE_KPROBE, sys.BPF_TRACE_KPROBE_MULTI, _SEC_NONE},
+	{"uprobe.multi+", sys.BPF_PROG_TYPE_KPROBE, sys.BPF_TRACE_UPROBE_MULTI, _SEC_NONE},
+	{"uretprobe.multi+", sys.BPF_PROG_TYPE_KPROBE, sys.BPF_TRACE_UPROBE_MULTI, _SEC_NONE},
+	{"uprobe.multi.s+", sys.BPF_PROG_TYPE_KPROBE, sys.BPF_TRACE_UPROBE_MULTI, _SEC_SLEEPABLE},
+	{"uretprobe.multi.s+", sys.BPF_PROG_TYPE_KPROBE, sys.BPF_TRACE_UPROBE_MULTI, _SEC_SLEEPABLE},
+	{"ksyscall+", sys.BPF_PROG_TYPE_KPROBE, 0, _SEC_NONE},
+	{"kretsyscall+", sys.BPF_PROG_TYPE_KPROBE, 0, _SEC_NONE},
+	{"usdt+", sys.BPF_PROG_TYPE_KPROBE, 0, _SEC_USDT},
+	{"usdt.s+", sys.BPF_PROG_TYPE_KPROBE, 0, _SEC_USDT | _SEC_SLEEPABLE},
+	{"tc/ingress", sys.BPF_PROG_TYPE_SCHED_CLS, sys.BPF_TCX_INGRESS, _SEC_NONE},
+	{"tc/egress", sys.BPF_PROG_TYPE_SCHED_CLS, sys.BPF_TCX_EGRESS, _SEC_NONE},
+	{"tcx/ingress", sys.BPF_PROG_TYPE_SCHED_CLS, sys.BPF_TCX_INGRESS, _SEC_NONE},
+	{"tcx/egress", sys.BPF_PROG_TYPE_SCHED_CLS, sys.BPF_TCX_EGRESS, _SEC_NONE},
+	{"tc", sys.BPF_PROG_TYPE_SCHED_CLS, 0, _SEC_NONE},
+	{"classifier", sys.BPF_PROG_TYPE_SCHED_CLS, 0, _SEC_NONE},
+	{"action", sys.BPF_PROG_TYPE_SCHED_ACT, 0, _SEC_NONE},
+	{"tracepoint+", sys.BPF_PROG_TYPE_TRACEPOINT, 0, _SEC_NONE},
+	{"tp+", sys.BPF_PROG_TYPE_TRACEPOINT, 0, _SEC_NONE},
+	{"raw_tracepoint+", sys.BPF_PROG_TYPE_RAW_TRACEPOINT, 0, _SEC_NONE},
+	{"raw_tp+", sys.BPF_PROG_TYPE_RAW_TRACEPOINT, 0, _SEC_NONE},
+	{"raw_tracepoint.w+", sys.BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, 0, _SEC_NONE},
+	{"raw_tp.w+", sys.BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE, 0, _SEC_NONE},
+	{"tp_btf+", sys.BPF_PROG_TYPE_TRACING, sys.BPF_TRACE_RAW_TP, _SEC_ATTACH_BTF},
+	{"fentry+", sys.BPF_PROG_TYPE_TRACING, sys.BPF_TRACE_FENTRY, _SEC_ATTACH_BTF},
+	{"fmod_ret+", sys.BPF_PROG_TYPE_TRACING, sys.BPF_MODIFY_RETURN, _SEC_ATTACH_BTF},
+	{"fexit+", sys.BPF_PROG_TYPE_TRACING, sys.BPF_TRACE_FEXIT, _SEC_ATTACH_BTF},
+	{"fentry.s+", sys.BPF_PROG_TYPE_TRACING, sys.BPF_TRACE_FENTRY, _SEC_ATTACH_BTF | _SEC_SLEEPABLE},
+	{"fmod_ret.s+", sys.BPF_PROG_TYPE_TRACING, sys.BPF_MODIFY_RETURN, _SEC_ATTACH_BTF | _SEC_SLEEPABLE},
+	{"fexit.s+", sys.BPF_PROG_TYPE_TRACING, sys.BPF_TRACE_FEXIT, _SEC_ATTACH_BTF | _SEC_SLEEPABLE},
+	{"freplace+", sys.BPF_PROG_TYPE_EXT, 0, _SEC_ATTACH_BTF},
+	{"lsm+", sys.BPF_PROG_TYPE_LSM, sys.BPF_LSM_MAC, _SEC_ATTACH_BTF},
+	{"lsm.s+", sys.BPF_PROG_TYPE_LSM, sys.BPF_LSM_MAC, _SEC_ATTACH_BTF | _SEC_SLEEPABLE},
+	{"lsm_cgroup+", sys.BPF_PROG_TYPE_LSM, sys.BPF_LSM_CGROUP, _SEC_ATTACH_BTF},
+	{"iter+", sys.BPF_PROG_TYPE_TRACING, sys.BPF_TRACE_ITER, _SEC_ATTACH_BTF},
+	{"iter.s+", sys.BPF_PROG_TYPE_TRACING, sys.BPF_TRACE_ITER, _SEC_ATTACH_BTF | _SEC_SLEEPABLE},
+	{"syscall", sys.BPF_PROG_TYPE_SYSCALL, 0, _SEC_SLEEPABLE},
+	{"xdp.frags/devmap", sys.BPF_PROG_TYPE_XDP, sys.BPF_XDP_DEVMAP, _SEC_XDP_FRAGS},
+	{"xdp/devmap", sys.BPF_PROG_TYPE_XDP, sys.BPF_XDP_DEVMAP, _SEC_ATTACHABLE},
+	{"xdp.frags/cpumap", sys.BPF_PROG_TYPE_XDP, sys.BPF_XDP_CPUMAP, _SEC_XDP_FRAGS},
+	{"xdp/cpumap", sys.BPF_PROG_TYPE_XDP, sys.BPF_XDP_CPUMAP, _SEC_ATTACHABLE},
+	{"xdp.frags", sys.BPF_PROG_TYPE_XDP, sys.BPF_XDP, _SEC_XDP_FRAGS},
+	{"xdp", sys.BPF_PROG_TYPE_XDP, sys.BPF_XDP, _SEC_ATTACHABLE_OPT},
+	{"perf_event", sys.BPF_PROG_TYPE_PERF_EVENT, 0, _SEC_NONE},
+	{"lwt_in", sys.BPF_PROG_TYPE_LWT_IN, 0, _SEC_NONE},
+	{"lwt_out", sys.BPF_PROG_TYPE_LWT_OUT, 0, _SEC_NONE},
+	{"lwt_xmit", sys.BPF_PROG_TYPE_LWT_XMIT, 0, _SEC_NONE},
+	{"lwt_seg6local", sys.BPF_PROG_TYPE_LWT_SEG6LOCAL, 0, _SEC_NONE},
+	{"sockops", sys.BPF_PROG_TYPE_SOCK_OPS, sys.BPF_CGROUP_SOCK_OPS, _SEC_ATTACHABLE_OPT},
+	{"sk_skb/stream_parser", sys.BPF_PROG_TYPE_SK_SKB, sys.BPF_SK_SKB_STREAM_PARSER, _SEC_ATTACHABLE_OPT},
+	{"sk_skb/stream_verdict", sys.BPF_PROG_TYPE_SK_SKB, sys.BPF_SK_SKB_STREAM_VERDICT, _SEC_ATTACHABLE_OPT},
+	{"sk_skb", sys.BPF_PROG_TYPE_SK_SKB, 0, _SEC_NONE},
+	{"sk_msg", sys.BPF_PROG_TYPE_SK_MSG, sys.BPF_SK_MSG_VERDICT, _SEC_ATTACHABLE_OPT},
+	{"lirc_mode2", sys.BPF_PROG_TYPE_LIRC_MODE2, sys.BPF_LIRC_MODE2, _SEC_ATTACHABLE_OPT},
+	{"flow_dissector", sys.BPF_PROG_TYPE_FLOW_DISSECTOR, sys.BPF_FLOW_DISSECTOR, _SEC_ATTACHABLE_OPT},
+	{"cgroup_skb/ingress", sys.BPF_PROG_TYPE_CGROUP_SKB, sys.BPF_CGROUP_INET_INGRESS, _SEC_ATTACHABLE_OPT},
+	{"cgroup_skb/egress", sys.BPF_PROG_TYPE_CGROUP_SKB, sys.BPF_CGROUP_INET_EGRESS, _SEC_ATTACHABLE_OPT},
+	{"cgroup/skb", sys.BPF_PROG_TYPE_CGROUP_SKB, 0, _SEC_NONE},
+	{"cgroup/sock_create", sys.BPF_PROG_TYPE_CGROUP_SOCK, sys.BPF_CGROUP_INET_SOCK_CREATE, _SEC_ATTACHABLE},
+	{"cgroup/sock_release", sys.BPF_PROG_TYPE_CGROUP_SOCK, sys.BPF_CGROUP_INET_SOCK_RELEASE, _SEC_ATTACHABLE},
+	{"cgroup/sock", sys.BPF_PROG_TYPE_CGROUP_SOCK, sys.BPF_CGROUP_INET_SOCK_CREATE, _SEC_ATTACHABLE_OPT},
+	{"cgroup/post_bind4", sys.BPF_PROG_TYPE_CGROUP_SOCK, sys.BPF_CGROUP_INET4_POST_BIND, _SEC_ATTACHABLE},
+	{"cgroup/post_bind6", sys.BPF_PROG_TYPE_CGROUP_SOCK, sys.BPF_CGROUP_INET6_POST_BIND, _SEC_ATTACHABLE},
+	{"cgroup/bind4", sys.BPF_PROG_TYPE_CGROUP_SOCK_ADDR, sys.BPF_CGROUP_INET4_BIND, _SEC_ATTACHABLE},
+	{"cgroup/bind6", sys.BPF_PROG_TYPE_CGROUP_SOCK_ADDR, sys.BPF_CGROUP_INET6_BIND, _SEC_ATTACHABLE},
+	{"cgroup/connect4", sys.BPF_PROG_TYPE_CGROUP_SOCK_ADDR, sys.BPF_CGROUP_INET4_CONNECT, _SEC_ATTACHABLE},
+	{"cgroup/connect6", sys.BPF_PROG_TYPE_CGROUP_SOCK_ADDR, sys.BPF_CGROUP_INET6_CONNECT, _SEC_ATTACHABLE},
+	{"cgroup/sendmsg4", sys.BPF_PROG_TYPE_CGROUP_SOCK_ADDR, sys.BPF_CGROUP_UDP4_SENDMSG, _SEC_ATTACHABLE},
+	{"cgroup/sendmsg6", sys.BPF_PROG_TYPE_CGROUP_SOCK_ADDR, sys.BPF_CGROUP_UDP6_SENDMSG, _SEC_ATTACHABLE},
+	{"cgroup/recvmsg4", sys.BPF_PROG_TYPE_CGROUP_SOCK_ADDR, sys.BPF_CGROUP_UDP4_RECVMSG, _SEC_ATTACHABLE},
+	{"cgroup/recvmsg6", sys.BPF_PROG_TYPE_CGROUP_SOCK_ADDR, sys.BPF_CGROUP_UDP6_RECVMSG, _SEC_ATTACHABLE},
+	{"cgroup/getpeername4", sys.BPF_PROG_TYPE_CGROUP_SOCK_ADDR, sys.BPF_CGROUP_INET4_GETPEERNAME, _SEC_ATTACHABLE},
+	{"cgroup/getpeername6", sys.BPF_PROG_TYPE_CGROUP_SOCK_ADDR, sys.BPF_CGROUP_INET6_GETPEERNAME, _SEC_ATTACHABLE},
+	{"cgroup/getsockname4", sys.BPF_PROG_TYPE_CGROUP_SOCK_ADDR, sys.BPF_CGROUP_INET4_GETSOCKNAME, _SEC_ATTACHABLE},
+	{"cgroup/getsockname6", sys.BPF_PROG_TYPE_CGROUP_SOCK_ADDR, sys.BPF_CGROUP_INET6_GETSOCKNAME, _SEC_ATTACHABLE},
+	{"cgroup/sysctl", sys.BPF_PROG_TYPE_CGROUP_SYSCTL, sys.BPF_CGROUP_SYSCTL, _SEC_ATTACHABLE},
+	{"cgroup/getsockopt", sys.BPF_PROG_TYPE_CGROUP_SOCKOPT, sys.BPF_CGROUP_GETSOCKOPT, _SEC_ATTACHABLE},
+	{"cgroup/setsockopt", sys.BPF_PROG_TYPE_CGROUP_SOCKOPT, sys.BPF_CGROUP_SETSOCKOPT, _SEC_ATTACHABLE},
+	{"cgroup/dev", sys.BPF_PROG_TYPE_CGROUP_DEVICE, sys.BPF_CGROUP_DEVICE, _SEC_ATTACHABLE_OPT},
+	{"struct_ops+", sys.BPF_PROG_TYPE_STRUCT_OPS, 0, _SEC_NONE},
+	{"struct_ops.s+", sys.BPF_PROG_TYPE_STRUCT_OPS, 0, _SEC_SLEEPABLE},
+	{"sk_lookup", sys.BPF_PROG_TYPE_SK_LOOKUP, sys.BPF_SK_LOOKUP, _SEC_ATTACHABLE},
+	{"netfilter", sys.BPF_PROG_TYPE_NETFILTER, sys.BPF_NETFILTER, _SEC_NONE},
+}
diff --git a/internal/cmd/gensections.awk b/internal/cmd/gensections.awk
new file mode 100755
index 000000000..b05950fb9
--- /dev/null
+++ b/internal/cmd/gensections.awk
@@ -0,0 +1,36 @@
+#!/usr/bin/gawk -f
+# This script expects tools/lib/bpf/libbpf.c as input.
+
+function trim(str, left, right) {
+	str = gensub("^[\t ]*" left, "", "g", str)
+	return gensub(right "$", "", "g", str)
+}
+
+BEGIN {
+	print "// Code generated by internal/cmd/gensections.awk; DO NOT EDIT."
+	print ""
+	print "package ebpf"
+	print ""
+	print "// Code in this file is derived from libbpf, available under BSD-2-Clause."
+	print ""
+	print "import \"github.com/cilium/ebpf/internal/sys\""
+	print ""
+	print "var elfSectionDefs = []libbpfElfSectionDef{"
+
+	FS=","
+}
+
+/\tSEC_DEF/ {
+	pattern = trim(substr($1, 10))
+	prog_type = "sys.BPF_PROG_TYPE_" trim($2)
+	attach_type = trim($3)
+	attach_type = attach_type == "0" ? "0" : "sys." attach_type
+	flags = trim($4, "", ")")
+	flags = gensub("SEC_", "_SEC_", "g", flags)
+	printf "\t{%s, %s, %s, %s},\n", pattern, prog_type, attach_type, flags;
+}
+
+END {
+	print "}"
+	print ""
+}
diff --git a/types.go b/types.go
index e9215519a..5146721c8 100644
--- a/types.go
+++ b/types.go
@@ -125,38 +125,39 @@ type ProgramType uint32
 
 // eBPF program types
 const (
-	UnspecifiedProgram ProgramType = iota
-	SocketFilter
-	Kprobe
-	SchedCLS
-	SchedACT
-	TracePoint
-	XDP
-	PerfEvent
-	CGroupSKB
-	CGroupSock
-	LWTIn
-	LWTOut
-	LWTXmit
-	SockOps
-	SkSKB
-	CGroupDevice
-	SkMsg
-	RawTracepoint
-	CGroupSockAddr
-	LWTSeg6Local
-	LircMode2
-	SkReuseport
-	FlowDissector
-	CGroupSysctl
-	RawTracepointWritable
-	CGroupSockopt
-	Tracing
-	StructOps
-	Extension
-	LSM
-	SkLookup
-	Syscall
+	UnspecifiedProgram    = ProgramType(sys.BPF_PROG_TYPE_UNSPEC)
+	SocketFilter          = ProgramType(sys.BPF_PROG_TYPE_SOCKET_FILTER)
+	Kprobe                = ProgramType(sys.BPF_PROG_TYPE_KPROBE)
+	SchedCLS              = ProgramType(sys.BPF_PROG_TYPE_SCHED_CLS)
+	SchedACT              = ProgramType(sys.BPF_PROG_TYPE_SCHED_ACT)
+	TracePoint            = ProgramType(sys.BPF_PROG_TYPE_TRACEPOINT)
+	XDP                   = ProgramType(sys.BPF_PROG_TYPE_XDP)
+	PerfEvent             = ProgramType(sys.BPF_PROG_TYPE_PERF_EVENT)
+	CGroupSKB             = ProgramType(sys.BPF_PROG_TYPE_CGROUP_SKB)
+	CGroupSock            = ProgramType(sys.BPF_PROG_TYPE_CGROUP_SOCK)
+	LWTIn                 = ProgramType(sys.BPF_PROG_TYPE_LWT_IN)
+	LWTOut                = ProgramType(sys.BPF_PROG_TYPE_LWT_OUT)
+	LWTXmit               = ProgramType(sys.BPF_PROG_TYPE_LWT_XMIT)
+	SockOps               = ProgramType(sys.BPF_PROG_TYPE_SOCK_OPS)
+	SkSKB                 = ProgramType(sys.BPF_PROG_TYPE_SK_SKB)
+	CGroupDevice          = ProgramType(sys.BPF_PROG_TYPE_CGROUP_DEVICE)
+	SkMsg                 = ProgramType(sys.BPF_PROG_TYPE_SK_MSG)
+	RawTracepoint         = ProgramType(sys.BPF_PROG_TYPE_RAW_TRACEPOINT)
+	CGroupSockAddr        = ProgramType(sys.BPF_PROG_TYPE_CGROUP_SOCK_ADDR)
+	LWTSeg6Local          = ProgramType(sys.BPF_PROG_TYPE_LWT_SEG6LOCAL)
+	LircMode2             = ProgramType(sys.BPF_PROG_TYPE_LIRC_MODE2)
+	SkReuseport           = ProgramType(sys.BPF_PROG_TYPE_SK_REUSEPORT)
+	FlowDissector         = ProgramType(sys.BPF_PROG_TYPE_FLOW_DISSECTOR)
+	CGroupSysctl          = ProgramType(sys.BPF_PROG_TYPE_CGROUP_SYSCTL)
+	RawTracepointWritable = ProgramType(sys.BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE)
+	CGroupSockopt         = ProgramType(sys.BPF_PROG_TYPE_CGROUP_SOCKOPT)
+	Tracing               = ProgramType(sys.BPF_PROG_TYPE_TRACING)
+	StructOps             = ProgramType(sys.BPF_PROG_TYPE_STRUCT_OPS)
+	Extension             = ProgramType(sys.BPF_PROG_TYPE_EXT)
+	LSM                   = ProgramType(sys.BPF_PROG_TYPE_LSM)
+	SkLookup              = ProgramType(sys.BPF_PROG_TYPE_SK_LOOKUP)
+	Syscall               = ProgramType(sys.BPF_PROG_TYPE_SYSCALL)
+	Netfilter             = ProgramType(sys.BPF_PROG_TYPE_NETFILTER)
 )
 
 // AttachType of the eBPF program, needed to differentiate allowed context accesses in
@@ -170,49 +171,55 @@ type AttachType uint32
 const AttachNone AttachType = 0
 
 const (
-	AttachCGroupInetIngress AttachType = iota
-	AttachCGroupInetEgress
-	AttachCGroupInetSockCreate
-	AttachCGroupSockOps
-	AttachSkSKBStreamParser
-	AttachSkSKBStreamVerdict
-	AttachCGroupDevice
-	AttachSkMsgVerdict
-	AttachCGroupInet4Bind
-	AttachCGroupInet6Bind
-	AttachCGroupInet4Connect
-	AttachCGroupInet6Connect
-	AttachCGroupInet4PostBind
-	AttachCGroupInet6PostBind
-	AttachCGroupUDP4Sendmsg
-	AttachCGroupUDP6Sendmsg
-	AttachLircMode2
-	AttachFlowDissector
-	AttachCGroupSysctl
-	AttachCGroupUDP4Recvmsg
-	AttachCGroupUDP6Recvmsg
-	AttachCGroupGetsockopt
-	AttachCGroupSetsockopt
-	AttachTraceRawTp
-	AttachTraceFEntry
-	AttachTraceFExit
-	AttachModifyReturn
-	AttachLSMMac
-	AttachTraceIter
-	AttachCgroupInet4GetPeername
-	AttachCgroupInet6GetPeername
-	AttachCgroupInet4GetSockname
-	AttachCgroupInet6GetSockname
-	AttachXDPDevMap
-	AttachCgroupInetSockRelease
-	AttachXDPCPUMap
-	AttachSkLookup
-	AttachXDP
-	AttachSkSKBVerdict
-	AttachSkReuseportSelect
-	AttachSkReuseportSelectOrMigrate
-	AttachPerfEvent
-	AttachTraceKprobeMulti
+	AttachCGroupInetIngress          = AttachType(sys.BPF_CGROUP_INET_INGRESS)
+	AttachCGroupInetEgress           = AttachType(sys.BPF_CGROUP_INET_EGRESS)
+	AttachCGroupInetSockCreate       = AttachType(sys.BPF_CGROUP_INET_SOCK_CREATE)
+	AttachCGroupSockOps              = AttachType(sys.BPF_CGROUP_SOCK_OPS)
+	AttachSkSKBStreamParser          = AttachType(sys.BPF_SK_SKB_STREAM_PARSER)
+	AttachSkSKBStreamVerdict         = AttachType(sys.BPF_SK_SKB_STREAM_VERDICT)
+	AttachCGroupDevice               = AttachType(sys.BPF_CGROUP_DEVICE)
+	AttachSkMsgVerdict               = AttachType(sys.BPF_SK_MSG_VERDICT)
+	AttachCGroupInet4Bind            = AttachType(sys.BPF_CGROUP_INET4_BIND)
+	AttachCGroupInet6Bind            = AttachType(sys.BPF_CGROUP_INET6_BIND)
+	AttachCGroupInet4Connect         = AttachType(sys.BPF_CGROUP_INET4_CONNECT)
+	AttachCGroupInet6Connect         = AttachType(sys.BPF_CGROUP_INET6_CONNECT)
+	AttachCGroupInet4PostBind        = AttachType(sys.BPF_CGROUP_INET4_POST_BIND)
+	AttachCGroupInet6PostBind        = AttachType(sys.BPF_CGROUP_INET6_POST_BIND)
+	AttachCGroupUDP4Sendmsg          = AttachType(sys.BPF_CGROUP_UDP4_SENDMSG)
+	AttachCGroupUDP6Sendmsg          = AttachType(sys.BPF_CGROUP_UDP6_SENDMSG)
+	AttachLircMode2                  = AttachType(sys.BPF_LIRC_MODE2)
+	AttachFlowDissector              = AttachType(sys.BPF_FLOW_DISSECTOR)
+	AttachCGroupSysctl               = AttachType(sys.BPF_CGROUP_SYSCTL)
+	AttachCGroupUDP4Recvmsg          = AttachType(sys.BPF_CGROUP_UDP4_RECVMSG)
+	AttachCGroupUDP6Recvmsg          = AttachType(sys.BPF_CGROUP_UDP6_RECVMSG)
+	AttachCGroupGetsockopt           = AttachType(sys.BPF_CGROUP_GETSOCKOPT)
+	AttachCGroupSetsockopt           = AttachType(sys.BPF_CGROUP_SETSOCKOPT)
+	AttachTraceRawTp                 = AttachType(sys.BPF_TRACE_RAW_TP)
+	AttachTraceFEntry                = AttachType(sys.BPF_TRACE_FENTRY)
+	AttachTraceFExit                 = AttachType(sys.BPF_TRACE_FEXIT)
+	AttachModifyReturn               = AttachType(sys.BPF_MODIFY_RETURN)
+	AttachLSMMac                     = AttachType(sys.BPF_LSM_MAC)
+	AttachTraceIter                  = AttachType(sys.BPF_TRACE_ITER)
+	AttachCgroupInet4GetPeername     = AttachType(sys.BPF_CGROUP_INET4_GETPEERNAME)
+	AttachCgroupInet6GetPeername     = AttachType(sys.BPF_CGROUP_INET6_GETPEERNAME)
+	AttachCgroupInet4GetSockname     = AttachType(sys.BPF_CGROUP_INET4_GETSOCKNAME)
+	AttachCgroupInet6GetSockname     = AttachType(sys.BPF_CGROUP_INET6_GETSOCKNAME)
+	AttachXDPDevMap                  = AttachType(sys.BPF_XDP_DEVMAP)
+	AttachCgroupInetSockRelease      = AttachType(sys.BPF_CGROUP_INET_SOCK_RELEASE)
+	AttachXDPCPUMap                  = AttachType(sys.BPF_XDP_CPUMAP)
+	AttachSkLookup                   = AttachType(sys.BPF_SK_LOOKUP)
+	AttachXDP                        = AttachType(sys.BPF_XDP)
+	AttachSkSKBVerdict               = AttachType(sys.BPF_SK_SKB_VERDICT)
+	AttachSkReuseportSelect          = AttachType(sys.BPF_SK_REUSEPORT_SELECT)
+	AttachSkReuseportSelectOrMigrate = AttachType(sys.BPF_SK_REUSEPORT_SELECT_OR_MIGRATE)
+	AttachPerfEvent                  = AttachType(sys.BPF_PERF_EVENT)
+	AttachTraceKprobeMulti           = AttachType(sys.BPF_TRACE_KPROBE_MULTI)
+	AttachLSMCgroup                  = AttachType(sys.BPF_LSM_CGROUP)
+	AttachStructOps                  = AttachType(sys.BPF_STRUCT_OPS)
+	AttachNetfilter                  = AttachType(sys.BPF_NETFILTER)
+	AttachTCXIngress                 = AttachType(sys.BPF_TCX_INGRESS)
+	AttachTCXEgress                  = AttachType(sys.BPF_TCX_EGRESS)
+	AttachTraceUprobeMulti           = AttachType(sys.BPF_TRACE_UPROBE_MULTI)
 )
 
 // AttachFlags of the eBPF program used in BPF_PROG_ATTACH command
diff --git a/types_string.go b/types_string.go
index e20c37aa4..ee60b5be5 100644
--- a/types_string.go
+++ b/types_string.go
@@ -86,11 +86,12 @@ func _() {
 	_ = x[LSM-29]
 	_ = x[SkLookup-30]
 	_ = x[Syscall-31]
+	_ = x[Netfilter-32]
 }
 
-const _ProgramType_name = "UnspecifiedProgramSocketFilterKprobeSchedCLSSchedACTTracePointXDPPerfEventCGroupSKBCGroupSockLWTInLWTOutLWTXmitSockOpsSkSKBCGroupDeviceSkMsgRawTracepointCGroupSockAddrLWTSeg6LocalLircMode2SkReuseportFlowDissectorCGroupSysctlRawTracepointWritableCGroupSockoptTracingStructOpsExtensionLSMSkLookupSyscall"
+const _ProgramType_name = "UnspecifiedProgramSocketFilterKprobeSchedCLSSchedACTTracePointXDPPerfEventCGroupSKBCGroupSockLWTInLWTOutLWTXmitSockOpsSkSKBCGroupDeviceSkMsgRawTracepointCGroupSockAddrLWTSeg6LocalLircMode2SkReuseportFlowDissectorCGroupSysctlRawTracepointWritableCGroupSockoptTracingStructOpsExtensionLSMSkLookupSyscallNetfilter"
 
-var _ProgramType_index = [...]uint16{0, 18, 30, 36, 44, 52, 62, 65, 74, 83, 93, 98, 104, 111, 118, 123, 135, 140, 153, 167, 179, 188, 199, 212, 224, 245, 258, 265, 274, 283, 286, 294, 301}
+var _ProgramType_index = [...]uint16{0, 18, 30, 36, 44, 52, 62, 65, 74, 83, 93, 98, 104, 111, 118, 123, 135, 140, 153, 167, 179, 188, 199, 212, 224, 245, 258, 265, 274, 283, 286, 294, 301, 310}
 
 func (i ProgramType) String() string {
 	if i >= ProgramType(len(_ProgramType_index)-1) {