Map type BPF_MAP_TYPE_DEVMAP
The device map is a specialized map type which holds references to network devices.
Usage
This map type is used in combination with the bpf_redirect_map helper to redirect traffic to egress out of a different device. It is an array style map, where the indices go from 0 to max_entries-1. In a later kernel version a hash version of this map was added: BPF_MAP_TYPE_DEVMAP_HASH.
Initially the value of this map was just the network interface index as __u32. But after v5.8 the value has been optionally extended to add a file descriptor to a secondary XDP program.
The C structure of the values look as follows:
struct bpf_devmap_val {
__u32 ifindex; /* device index */
union {
int fd; /* prog fd on map write */
__u32 id; /* prog id on map read */
} bpf_prog;
};
The fd/id refers to an XDP program optionally set by userspace. If set, the referred XDP program will execute on the packet, in the context of the new network device after the packet has been redirected but before it egresses the network interface.
Note
Programs attached to a devmap must be loaded with the BPF_XDP_DEVMAP expected attach type.
Attributes
The value_size can be 4 or 8 depending on kernel version and optional secondary program support. The key_size must always be 4.
Syscall commands
The following syscall commands work with this map type:
Helper functions
Flags
BPF_F_NUMA_NODE
When set, the numa_node attribute is respected during map creation.
BPF_F_RDONLY
Setting this flag will make it so the map can only be read via the syscall interface, but not written to.
For details please check the generic description.
BPF_F_WRONLY
Setting this flag will make it so the map can only be written to via the syscall interface, but not read from.