ja4-platform/services/ja4ebpf/internal/loader/ja4ssl_x86_bpfel.go

// Code generated by bpf2go; DO NOT EDIT.
//go:build 386 || amd64

package loader

import (
	"bytes"
	_ "embed"
	"fmt"
	"io"

	"github.com/cilium/ebpf"
)

type Ja4SslAcceptEvent struct {
	PidTgid     uint64
	Fd          uint32
	SrcIp       uint32
	SrcPort     uint16
	TimestampNs uint64
}

type Ja4SslAcceptKey struct {
	PidTgid uint64
	Fd      uint32
}

type Ja4SslHttpPlainEvent struct {
	Payload     [4096]uint8
	SrcIp       uint32
	DstIp       uint32
	SrcPort     uint16
	DstPort     uint16
	PayloadLen  uint16
	TimestampNs uint64
}

type Ja4SslNginxHttpEvent struct {
	PidTgid     uint64
	Fd          uint32
	SrcIp       uint32
	SrcPort     uint16
	TimestampNs uint64
	HttpMethod  [16]uint8
	Uri         [256]uint8
	Query       [128]uint8
	Data        [3640]uint8
	MethodLen   uint32
	UriLen      uint32
	QueryLen    uint32
	BodyLen     uint32
	DataLen     uint32
}

type Ja4SslNginxReadArgs struct {
	Fd     int32
	BufPtr uint64
	Count  uint64
}

type Ja4SslSslConnInfo struct {
	Fd      uint32
	SrcIp   uint32
	SrcPort uint16
}

type Ja4SslSslDataEvent struct {
	PidTgid     uint64
	Fd          uint32
	SrcIp       uint32
	SrcPort     uint16
	Data        [4096]uint8
	DataLen     uint32
	TimestampNs uint64
	Direction   uint8
}

type Ja4SslSslReadArgs struct {
	SslPtr uint64
	BufPtr uint64
	Num    uint32
}

type Ja4SslTlsHelloEvent struct {
	Payload     [2048]uint8
	SrcIp       uint32
	DstIp       uint32
	SrcPort     uint16
	DstPort     uint16
	PayloadLen  uint16
	TimestampNs uint64
}

// LoadJa4Ssl returns the embedded CollectionSpec for Ja4Ssl.
func LoadJa4Ssl() (*ebpf.CollectionSpec, error) {
	reader := bytes.NewReader(_Ja4SslBytes)
	spec, err := ebpf.LoadCollectionSpecFromReader(reader)
	if err != nil {
		return nil, fmt.Errorf("can't load Ja4Ssl: %w", err)
	}

	return spec, err
}

// LoadJa4SslObjects loads Ja4Ssl and converts it into a struct.
//
// The following types are suitable as obj argument:
//
//	*Ja4SslObjects
//	*Ja4SslPrograms
//	*Ja4SslMaps
//
// See ebpf.CollectionSpec.LoadAndAssign documentation for details.
func LoadJa4SslObjects(obj interface{}, opts *ebpf.CollectionOptions) error {
	spec, err := LoadJa4Ssl()
	if err != nil {
		return err
	}

	return spec.LoadAndAssign(obj, opts)
}

// Ja4SslSpecs contains maps and programs before they are loaded into the kernel.
//
// It can be passed ebpf.CollectionSpec.Assign.
type Ja4SslSpecs struct {
	Ja4SslProgramSpecs
	Ja4SslMapSpecs
}

// Ja4SslSpecs contains programs before they are loaded into the kernel.
//
// It can be passed ebpf.CollectionSpec.Assign.
type Ja4SslProgramSpecs struct {
	KprobeAccept4Entry    *ebpf.ProgramSpec `ebpf:"kprobe_accept4_entry"`
	KretprobeAccept4Exit  *ebpf.ProgramSpec `ebpf:"kretprobe_accept4_exit"`
	UprobeSslReadEntry    *ebpf.ProgramSpec `ebpf:"uprobe_ssl_read_entry"`
	UprobeSslSetFd        *ebpf.ProgramSpec `ebpf:"uprobe_ssl_set_fd"`
	UprobeSslWriteEntry   *ebpf.ProgramSpec `ebpf:"uprobe_ssl_write_entry"`
	UretprobeSslReadExit  *ebpf.ProgramSpec `ebpf:"uretprobe_ssl_read_exit"`
	UretprobeSslWriteExit *ebpf.ProgramSpec `ebpf:"uretprobe_ssl_write_exit"`
}

// Ja4SslMapSpecs contains maps before they are loaded into the kernel.
//
// It can be passed ebpf.CollectionSpec.Assign.
type Ja4SslMapSpecs struct {
	HttpBuf          *ebpf.MapSpec `ebpf:"__http_buf"`
	NginxBuf         *ebpf.MapSpec `ebpf:"__nginx_buf"`
	SslBuf           *ebpf.MapSpec `ebpf:"__ssl_buf"`
	TlsBuf           *ebpf.MapSpec `ebpf:"__tls_buf"`
	AcceptArgsMap    *ebpf.MapSpec `ebpf:"accept_args_map"`
	AcceptMap        *ebpf.MapSpec `ebpf:"accept_map"`
	FdConnMap        *ebpf.MapSpec `ebpf:"fd_conn_map"`
	NginxReadArgsMap *ebpf.MapSpec `ebpf:"nginx_read_args_map"`
	PbAccept         *ebpf.MapSpec `ebpf:"pb_accept"`
	PbGinxHttp       *ebpf.MapSpec `ebpf:"pb_ginx_http"`
	PbHttpPlain      *ebpf.MapSpec `ebpf:"pb_http_plain"`
	PbSslData        *ebpf.MapSpec `ebpf:"pb_ssl_data"`
	PbTcpSyn         *ebpf.MapSpec `ebpf:"pb_tcp_syn"`
	PbTlsHello       *ebpf.MapSpec `ebpf:"pb_tls_hello"`
	SslArgsMap       *ebpf.MapSpec `ebpf:"ssl_args_map"`
	SslConnMap       *ebpf.MapSpec `ebpf:"ssl_conn_map"`
}

// Ja4SslObjects contains all objects after they have been loaded into the kernel.
//
// It can be passed to LoadJa4SslObjects or ebpf.CollectionSpec.LoadAndAssign.
type Ja4SslObjects struct {
	Ja4SslPrograms
	Ja4SslMaps
}

func (o *Ja4SslObjects) Close() error {
	return _Ja4SslClose(
		&o.Ja4SslPrograms,
		&o.Ja4SslMaps,
	)
}

// Ja4SslMaps contains all maps after they have been loaded into the kernel.
//
// It can be passed to LoadJa4SslObjects or ebpf.CollectionSpec.LoadAndAssign.
type Ja4SslMaps struct {
	HttpBuf          *ebpf.Map `ebpf:"__http_buf"`
	NginxBuf         *ebpf.Map `ebpf:"__nginx_buf"`
	SslBuf           *ebpf.Map `ebpf:"__ssl_buf"`
	TlsBuf           *ebpf.Map `ebpf:"__tls_buf"`
	AcceptArgsMap    *ebpf.Map `ebpf:"accept_args_map"`
	AcceptMap        *ebpf.Map `ebpf:"accept_map"`
	FdConnMap        *ebpf.Map `ebpf:"fd_conn_map"`
	NginxReadArgsMap *ebpf.Map `ebpf:"nginx_read_args_map"`
	PbAccept         *ebpf.Map `ebpf:"pb_accept"`
	PbGinxHttp       *ebpf.Map `ebpf:"pb_ginx_http"`
	PbHttpPlain      *ebpf.Map `ebpf:"pb_http_plain"`
	PbSslData        *ebpf.Map `ebpf:"pb_ssl_data"`
	PbTcpSyn         *ebpf.Map `ebpf:"pb_tcp_syn"`
	PbTlsHello       *ebpf.Map `ebpf:"pb_tls_hello"`
	SslArgsMap       *ebpf.Map `ebpf:"ssl_args_map"`
	SslConnMap       *ebpf.Map `ebpf:"ssl_conn_map"`
}

func (m *Ja4SslMaps) Close() error {
	return _Ja4SslClose(
		m.HttpBuf,
		m.NginxBuf,
		m.SslBuf,
		m.TlsBuf,
		m.AcceptArgsMap,
		m.AcceptMap,
		m.FdConnMap,
		m.NginxReadArgsMap,
		m.PbAccept,
		m.PbGinxHttp,
		m.PbHttpPlain,
		m.PbSslData,
		m.PbTcpSyn,
		m.PbTlsHello,
		m.SslArgsMap,
		m.SslConnMap,
	)
}

// Ja4SslPrograms contains all programs after they have been loaded into the kernel.
//
// It can be passed to LoadJa4SslObjects or ebpf.CollectionSpec.LoadAndAssign.
type Ja4SslPrograms struct {
	KprobeAccept4Entry    *ebpf.Program `ebpf:"kprobe_accept4_entry"`
	KretprobeAccept4Exit  *ebpf.Program `ebpf:"kretprobe_accept4_exit"`
	UprobeSslReadEntry    *ebpf.Program `ebpf:"uprobe_ssl_read_entry"`
	UprobeSslSetFd        *ebpf.Program `ebpf:"uprobe_ssl_set_fd"`
	UprobeSslWriteEntry   *ebpf.Program `ebpf:"uprobe_ssl_write_entry"`
	UretprobeSslReadExit  *ebpf.Program `ebpf:"uretprobe_ssl_read_exit"`
	UretprobeSslWriteExit *ebpf.Program `ebpf:"uretprobe_ssl_write_exit"`
}

func (p *Ja4SslPrograms) Close() error {
	return _Ja4SslClose(
		p.KprobeAccept4Entry,
		p.KretprobeAccept4Exit,
		p.UprobeSslReadEntry,
		p.UprobeSslSetFd,
		p.UprobeSslWriteEntry,
		p.UretprobeSslReadExit,
		p.UretprobeSslWriteExit,
	)
}

func _Ja4SslClose(closers ...io.Closer) error {
	for _, closer := range closers {
		if err := closer.Close(); err != nil {
			return err
		}
	}
	return nil
}

// Do not access this directly.
//
//go:embed ja4ssl_x86_bpfel.o
var _Ja4SslBytes []byte