Skip to content

Map type BPF_MAP_TYPE_SOCKHASH

v4.18

The socket map is a specialized map type which hold network sockets as value.

Usage

This map type can be used to lookup a pointer to a socket with the bpf_map_lookup_elem helper function, which then can be passed to helpers such as bpf_sk_assign or the a map reference can be used directly in a range of helpers such as bpf_sk_redirect_map, bpf_msg_redirect_map and bpf_sk_select_reuseport. All of the above cases redirect a packet or connection in some way, the details differ depending on the program type and the helper function, so please visit the specific pages for details.

Note

Sockets returned by bpf_map_lookup_elem are ref-counted, so the caller must call bpf_sk_release in all code paths where the returned socket is not NULL before exiting the program. This is enforced by the verifier which will throw a Unreleased reference error if socket pointers are not released.

This map can also be manipulated from kernel space, the main use-case for doing so seems to be to manage the contents of the map automatically from program types that trigger on socket events. This would allow 1 program to manage the contents of the map, and another to do the actual redirecting on packet events.

Attributes

The value_size must always be 4 and the key_size must always be 8.

Syscall commands

The following syscall commands work with this map type:

Helper functions

Flags

BPF_F_NUMA_NODE

v4.14

When set, the numa_node attribute is respected during map creation.

BPF_F_RDONLY

v4.15

Setting this flag will make it so the map can only be read via the syscall interface, but not written to.

For details please check the generic description.

BPF_F_WRONLY

v4.15

Setting this flag will make it so the map can only be written to via the syscall interface, but not read from.

BPF_F_RDONLY_PROG

v5.2

Setting this flag will make it so the map can only be read via helper functions, but not written to.

For details please check the generic description.

BPF_F_WRONLY_PROG

v5.2

Setting this flag will make it so the map can only be written to via helper functions, but not read from.

For details please check the generic description.