// WriteEndpoint transforms the ep's relevant data into an LXCInfo and stores it in // LXCMap. func (m *LXCMap) WriteEndpoint(ep *endpoint.Endpoint) error { if m == nil { return nil } key := uint32(ep.ID) mac, err := ep.LXCMAC.Uint64() if err != nil { return err } nodeMAC, err := ep.NodeMAC.Uint64() if err != nil { return err } lxc := LXCInfo{ IfIndex: uint32(ep.IfIndex), // Store security label in network byte order so it can be // written into the packet without an additional byte order // conversion. SecLabelID: common.Swab16(uint16(ep.SecLabel.ID)), LxcID: ep.ID, MAC: MAC(mac), NodeMAC: MAC(nodeMAC), } copy(lxc.V6Addr[:], ep.IPv6) for i, pM := range ep.PortMap { lxc.PortMap[i] = PortMap{ From: common.Swab16(pM.From), To: common.Swab16(pM.To), } } err = bpf.UpdateElement(m.fd, unsafe.Pointer(&key), unsafe.Pointer(&lxc), 0) if err != nil { return err } if ep.IPv4 != nil { key := uint32(ep.IPv4.EndpointID()) | (1 << 16) // FIXME: Remove key again? Needs to be solved by caller return bpf.UpdateElement(m.fd, unsafe.Pointer(&key), unsafe.Pointer(&lxc), 0) } return nil }
func (m *CtMap) doGc(interval uint16, key unsafe.Pointer, nextKey unsafe.Pointer, deleted *int) bool { var entry CtEntry err := bpf.GetNextKey(m.Fd, key, nextKey) if err != nil { return false } err = bpf.LookupElement(m.Fd, nextKey, unsafe.Pointer(&entry)) if err != nil { return false } if entry.lifetime <= interval { bpf.DeleteElement(m.Fd, nextKey) (*deleted)++ } else { entry.lifetime -= interval bpf.UpdateElement(m.Fd, nextKey, unsafe.Pointer(&entry), 0) } return true }
func (m *PolicyMap) AllowConsumer(id uint32) error { entry := PolicyEntry{Action: 1} return bpf.UpdateElement(m.Fd, unsafe.Pointer(&id), unsafe.Pointer(&entry), 0) }