Map type BPF_MAP_TYPE_DEVMAP_HASH

v5.4

The device hash map is a specialized map type which holds references to network devices.

Usage

This map type is used in combination with the bpf_redirect_map helper to redirect traffic to egress out of a different device.

Initially the value of this map was just the network interface index as __u32. But after v5.8 the value has been optionally extended to add a file descriptor to a secondary XDP program.

The C structure of the values look as follows:

struct bpf_devmap_val {
    __u32 ifindex;   /* device index */
    union {
        int   fd;  /* prog fd on map write */
        __u32 id;  /* prog id on map read */
    } bpf_prog;
};

The fd/id refers to an XDP program optionally set by userspace. If set, the referred XDP program will execute on the packet, in the context of the new network device after the packet has been redirected but before it egresses the network interface.

Note

Programs attached to a devmap must be loaded with the BPF_XDP_DEVMAP expected attach type.

Attributes

The value_size can be 4 or 8 depending on kernel version and optional secondary program support. The key_size can be freely chosen.

Syscall commands

The following syscall commands work with this map type:

• BPF_MAP_LOOKUP_ELEM
• BPF_MAP_UPDATE_ELEM
• BPF_MAP_DELETE_ELEM

Helper functions

• bpf_redirect_map

Flags

BPF_F_NUMA_NODE

v4.14

When set, the numa_node attribute is respected during map creation.

BPF_F_RDONLY

v4.15

Setting this flag will make it so the map can only be read via the syscall interface, but not written to.

For details please check the generic description.

BPF_F_WRONLY

v4.15

Setting this flag will make it so the map can only be written to via the syscall interface, but not read from.