in pkg/ebpf/bpf_client.go [644:676]
func (l *bpfClient) attachIngressBPFProbe(hostVethName string, podIdentifier string) (int, error) {
// We will re-use the same eBPF program instance for pods belonging to same replicaset
// Check if we've already loaded an ELF file for this PolicyEndpoint resource and re-use
// if present, otherwise load a new instance and attach it
var progFD int
var err error
var ingressProgInfo map[string]goelf.BpfData
var peBPFContext BPFContext
value, ok := l.policyEndpointeBPFContext.Load(podIdentifier)
if ok {
peBPFContext = value.(BPFContext)
}
if peBPFContext.ingressPgmInfo.Program.ProgFD != 0 {
l.logger.Info("Found an existing instance, let's derive the ingress context..")
ingressEbpfProgEntry := peBPFContext.ingressPgmInfo
progFD = ingressEbpfProgEntry.Program.ProgFD
} else {
ingressProgInfo, progFD, err = l.loadBPFProgram(l.ingressBinary, "ingress", podIdentifier)
pinPath := utils.GetBPFPinPathFromPodIdentifier(podIdentifier, "ingress")
peBPFContext.ingressPgmInfo = ingressProgInfo[pinPath]
l.policyEndpointeBPFContext.Store(podIdentifier, peBPFContext)
}
l.logger.Info("Attempting to do an Ingress Attach ", "with progFD: ", progFD)
err = l.bpfTCClient.TCEgressAttach(hostVethName, progFD, TC_INGRESS_PROG)
if err != nil && !utils.IsFileExistsError(err.Error()) {
l.logger.Info("Ingress Attach failed:", "error", err)
return 0, err
}
return progFD, nil
}