Home
last modified time | relevance | path

Searched refs:verdict (Results 1 – 25 of 95) sorted by relevance

1234

/linux/tools/testing/selftests/bpf/progs/
A Dtest_sockmap_listen.c66 int verdict; in prog_stream_verdict() local
73 count = bpf_map_lookup_elem(&verdict_map, &verdict); in prog_stream_verdict()
77 return verdict; in prog_stream_verdict()
85 int verdict; in prog_skb_verdict() local
88 verdict = bpf_sk_redirect_map(skb, &sock_map, zero, in prog_skb_verdict()
98 return verdict; in prog_skb_verdict()
106 int verdict; in prog_msg_verdict() local
117 return verdict; in prog_msg_verdict()
124 int err, verdict; in prog_reuseport() local
131 verdict = err ? SK_DROP : SK_PASS; in prog_reuseport()
[all …]
A Dtest_skmsg_load_helpers.c30 int verdict = SK_PASS; in prog_msg_verdict_common() local
41 verdict = SK_DROP; in prog_msg_verdict_common()
43 return verdict; in prog_msg_verdict_common()
/linux/drivers/net/ethernet/amazon/ena/
A Dena_xdp.h84 u32 verdict = ENA_XDP_PASS; in ena_xdp_execute() local
94 switch (verdict) { in ena_xdp_execute()
100 verdict = ENA_XDP_DROP; in ena_xdp_execute()
116 verdict = ENA_XDP_TX; in ena_xdp_execute()
121 verdict = ENA_XDP_REDIRECT; in ena_xdp_execute()
126 verdict = ENA_XDP_DROP; in ena_xdp_execute()
131 verdict = ENA_XDP_DROP; in ena_xdp_execute()
135 verdict = ENA_XDP_DROP; in ena_xdp_execute()
139 verdict = ENA_XDP_PASS; in ena_xdp_execute()
144 verdict = ENA_XDP_DROP; in ena_xdp_execute()
[all …]
/linux/net/netfilter/
A Dnf_tables_core.c45 const struct nft_verdict *verdict, in __nft_trace_packet() argument
55 nft_trace_notify(pkt, verdict, rule, info); in __nft_trace_packet()
59 struct nft_verdict *verdict, in nft_trace_packet() argument
94 regs->verdict.code = NFT_BREAK; in nft_cmp_fast_eval()
108 regs->verdict.code = NFT_BREAK; in nft_cmp16_fast_eval()
277 regs.verdict.code = NFT_CONTINUE; in nft_do_chain()
294 switch (regs.verdict.code) { in nft_do_chain()
296 regs.verdict.code = NFT_CONTINUE; in nft_do_chain()
313 return regs.verdict.code; in nft_do_chain()
318 switch (regs.verdict.code) { in nft_do_chain()
[all …]
A Dnft_fwd_netdev.c37 regs->verdict.code = NF_STOLEN; in nft_fwd_netdev_eval()
101 unsigned int verdict = NF_STOLEN; in nft_fwd_neigh_eval() local
111 verdict = NFT_BREAK; in nft_fwd_neigh_eval()
115 verdict = NF_DROP; in nft_fwd_neigh_eval()
127 verdict = NFT_BREAK; in nft_fwd_neigh_eval()
131 verdict = NF_DROP; in nft_fwd_neigh_eval()
140 verdict = NFT_BREAK; in nft_fwd_neigh_eval()
152 regs->verdict.code = verdict; in nft_fwd_neigh_eval()
A Dnft_immediate.c74 struct nft_chain *chain = priv->data.verdict.chain; in nft_immediate_init()
76 switch (priv->data.verdict.code) { in nft_immediate_init()
105 switch (data->verdict.code) { in nft_immediate_activate()
108 chain = data->verdict.chain; in nft_immediate_activate()
151 switch (data->verdict.code) { in nft_immediate_deactivate()
154 chain = data->verdict.chain; in nft_immediate_deactivate()
198 switch (data->verdict.code) { in nft_immediate_destroy()
201 chain = data->verdict.chain; in nft_immediate_destroy()
259 switch (data->verdict.code) { in nft_immediate_validate()
263 err = nft_chain_validate(ctx, data->verdict.chain); in nft_immediate_validate()
[all …]
A Dnf_tables_trace.c127 const struct nft_verdict *verdict, in nf_trace_fill_rule_info() argument
140 verdict->code == NFT_CONTINUE) in nf_trace_fill_rule_info()
148 static bool nft_trace_have_verdict_chain(const struct nft_verdict *verdict, in nft_trace_have_verdict_chain() argument
159 switch (verdict->code) { in nft_trace_have_verdict_chain()
190 const struct nft_verdict *verdict, in nft_trace_notify() argument
225 if (nft_trace_have_verdict_chain(verdict, info)) in nft_trace_notify()
226 size += nla_total_size(strlen(verdict->chain->name)); /* jump target */ in nft_trace_notify()
253 if (nf_trace_fill_rule_info(skb, verdict, rule, info)) in nft_trace_notify()
264 if (nft_verdict_dump(skb, NFTA_TRACE_VERDICT, verdict)) in nft_trace_notify()
268 v = verdict->code & NF_VERDICT_MASK; in nft_trace_notify()
A Dnft_synproxy.c61 regs->verdict.code = NF_STOLEN; in nft_synproxy_eval_v4()
67 regs->verdict.code = NF_STOLEN; in nft_synproxy_eval_v4()
69 regs->verdict.code = NF_DROP; in nft_synproxy_eval_v4()
92 regs->verdict.code = NF_STOLEN; in nft_synproxy_eval_v6()
98 regs->verdict.code = NF_STOLEN; in nft_synproxy_eval_v6()
100 regs->verdict.code = NF_DROP; in nft_synproxy_eval_v6()
117 regs->verdict.code = NFT_BREAK; in nft_synproxy_do_eval()
122 regs->verdict.code = NF_DROP; in nft_synproxy_do_eval()
130 regs->verdict.code = NF_DROP; in nft_synproxy_do_eval()
135 regs->verdict.code = NF_DROP; in nft_synproxy_do_eval()
[all …]
A Dnfnetlink_queue.c245 return verdict; in nf_iterate()
337 if (verdict == NF_REPEAT) in nf_reinject()
342 verdict = NF_DROP; in nf_reinject()
378 verdict == NF_STOP) { in nfqnl_reinject()
1277 unsigned int verdict; in verdicthdr_get() local
1283 verdict = ntohl(vhdr->verdict) & NF_VERDICT_MASK; in verdicthdr_get()
1284 if (verdict > NF_MAX_VERDICT || verdict == NF_STOLEN) in verdicthdr_get()
1315 verdict = ntohl(vhdr->verdict); in nfqnl_recv_verdict_batch()
1417 unsigned int verdict; in nfqnl_recv_verdict() local
1429 verdict = ntohl(vhdr->verdict); in nfqnl_recv_verdict()
[all …]
A Dnft_tproxy.c35 regs->verdict.code = NFT_BREAK; in nft_tproxy_eval_v4()
41 regs->verdict.code = NFT_BREAK; in nft_tproxy_eval_v4()
80 regs->verdict.code = NFT_BREAK; in nft_tproxy_eval_v4()
102 regs->verdict.code = NFT_BREAK; in nft_tproxy_eval_v6()
109 regs->verdict.code = NFT_BREAK; in nft_tproxy_eval_v6()
153 regs->verdict.code = NFT_BREAK; in nft_tproxy_eval_v6()
182 regs->verdict.code = NFT_BREAK; in nft_tproxy_eval()
A Dnft_socket.c34 regs->verdict.code = NFT_BREAK; in nft_socket_wildcard()
123 regs->verdict.code = NFT_BREAK; in nft_socket_eval()
135 regs->verdict.code = NFT_BREAK; in nft_socket_eval()
141 regs->verdict.code = NFT_BREAK; in nft_socket_eval()
149 regs->verdict.code = NFT_BREAK; in nft_socket_eval()
156 regs->verdict.code = NFT_BREAK; in nft_socket_eval()
A Dnft_xfrm.c127 regs->verdict.code = NFT_BREAK; in nft_xfrm_state_get_key()
156 regs->verdict.code = NFT_BREAK; in nft_xfrm_state_get_key()
167 regs->verdict.code = NFT_BREAK; in nft_xfrm_get_eval_in()
191 regs->verdict.code = NFT_BREAK; in nft_xfrm_get_eval_out()
209 regs->verdict.code = NFT_BREAK; in nft_xfrm_get_eval()
A Dnft_ct_fast.c34 regs->verdict.code = NFT_BREAK; in nft_ct_get_fast_eval()
57 regs->verdict.code = NFT_BREAK; in nft_ct_get_fast_eval()
A Dnft_osf.c32 regs->verdict.code = NFT_BREAK; in nft_osf_eval()
39 regs->verdict.code = NFT_BREAK; in nft_osf_eval()
43 regs->verdict.code = NFT_BREAK; in nft_osf_eval()
A Dnf_queue.c236 unsigned int index, unsigned int verdict) in nf_queue() argument
240 ret = __nf_queue(skb, state, index, verdict >> NF_VERDICT_QBITS); in nf_queue()
243 (verdict & NF_VERDICT_FLAG_QUEUE_BYPASS)) in nf_queue()
/linux/samples/bpf/
A Dtest_cgrp2_attach.c43 static int prog_load(int map_fd, int verdict) in prog_load() argument
71 BPF_MOV64_IMM(BPF_REG_0, verdict), /* r0 = verdict */ in prog_load()
92 static int attach_filter(int cg_fd, int type, int verdict) in attach_filter() argument
105 prog_fd = prog_load(map_fd, verdict); in attach_filter()
136 int detach_only = 0, verdict = 1; in main() local
143 verdict = 0; in main()
174 ret = attach_filter(cg_fd, type, verdict); in main()
/linux/tools/testing/selftests/net/netfilter/
A Dnf_queue.c24 uint32_t verdict; member
171 .verdict = htonl(verd), in nfq_build_verdict()
316 nlh = nfq_build_verdict(buf, id, opts.queue_num, opts.verdict); in mainloop()
347 opts.verdict = atoi(optarg); in parse_opts()
348 if (opts.verdict > 0xffff) { in parse_opts()
353 opts.verdict <<= 16; in parse_opts()
354 opts.verdict |= NF_QUEUE; in parse_opts()
375 if (opts.verdict != NF_ACCEPT && (opts.verdict >> 16 == opts.queue_num)) { in parse_opts()
385 opts.verdict = NF_ACCEPT; in main()
/linux/tools/testing/selftests/bpf/prog_tests/
A Dsockmap_basic.c114 int err, map, verdict; in test_skmsg_helpers() local
120 verdict = bpf_program__fd(skel->progs.prog_msg_verdict); in test_skmsg_helpers()
123 err = bpf_prog_attach(verdict, map, BPF_SK_MSG_VERDICT, 0); in test_skmsg_helpers()
127 err = bpf_prog_detach2(verdict, map, BPF_SK_MSG_VERDICT); in test_skmsg_helpers()
337 int err, map, verdict; in test_sockmap_skb_verdict_attach() local
343 verdict = bpf_program__fd(skel->progs.prog_skb_verdict); in test_sockmap_skb_verdict_attach()
346 err = bpf_prog_attach(verdict, map, first, 0); in test_sockmap_skb_verdict_attach()
350 err = bpf_prog_attach(verdict, map, second, 0); in test_sockmap_skb_verdict_attach()
353 err = bpf_prog_detach2(verdict, map, first); in test_sockmap_skb_verdict_attach()
454 int n, err, map, verdict, c1 = -1, p1 = -1; in test_sockmap_skb_verdict_shutdown() local
[all …]
A Dsockmap_listen.c753 int verdict = bpf_program__fd(skel->progs.prog_msg_verdict); in test_msg_redir_to_connected() local
764 xbpf_prog_detach2(verdict, sock_map, BPF_SK_MSG_VERDICT); in test_msg_redir_to_connected()
873 int verdict = bpf_program__fd(skel->progs.prog_msg_verdict); in test_msg_redir_to_listening() local
884 xbpf_prog_detach2(verdict, sock_map, BPF_SK_MSG_VERDICT); in test_msg_redir_to_listening()
891 struct bpf_program *verdict = skel->progs.prog_msg_verdict; in test_msg_redir_to_listening_with_link() local
896 link = bpf_program__attach_sockmap(verdict, sock_map); in test_msg_redir_to_listening_with_link()
1473 xbpf_prog_detach2(verdict, sock_map, BPF_SK_SKB_VERDICT); in unix_skb_redir_to_connected()
1582 xbpf_prog_detach2(verdict, sock_map, BPF_SK_SKB_VERDICT); in vsock_unix_skb_redir_connectible()
1685 xbpf_prog_detach2(verdict, sock_map, BPF_SK_SKB_VERDICT); in udp_skb_redir_to_connected()
1750 xbpf_prog_detach2(verdict, sock_map, BPF_SK_SKB_VERDICT); in inet_unix_skb_redir_to_connected()
[all …]
A Dnetns_cookie.c16 int err, val, ret, map, verdict; in test_netns_cookie() local
35 verdict = bpf_program__fd(skel->progs.get_netns_cookie_sk_msg); in test_netns_cookie()
37 err = bpf_prog_attach(verdict, map, BPF_SK_MSG_VERDICT, 0); in test_netns_cookie()
A Dns_current_pid_tgid.c124 int verdict, map, server_fd = -1, client_fd = -1; in test_current_pid_tgid_sk_msg() local
145 verdict = bpf_program__fd(skel->progs.sk_msg); in test_current_pid_tgid_sk_msg()
147 err = bpf_prog_attach(verdict, map, BPF_SK_MSG_VERDICT, 0); in test_current_pid_tgid_sk_msg()
/linux/net/ipv4/netfilter/
A Diptable_mangle.c39 unsigned int ret, verdict; in ipt_mangle_out() local
54 verdict = ret & NF_VERDICT_MASK; in ipt_mangle_out()
56 if (verdict != NF_DROP && verdict != NF_STOLEN) { in ipt_mangle_out()
/linux/net/ipv6/netfilter/
A Dip6table_mangle.c35 unsigned int ret, verdict; in ip6t_mangle_out() local
50 verdict = ret & NF_VERDICT_MASK; in ip6t_mangle_out()
52 if (verdict != NF_DROP && verdict != NF_STOLEN && in ip6t_mangle_out()
/linux/Documentation/bpf/
A Dmap_sockmap.rst14 the result of a BPF (verdict) program with the help of the BPF helpers
29 and a verdict program. The parser program determines how much data has been
31 verdict program is essentially the redirect program and can return a verdict
39 parse or verdict program. If adding a sock object to a map would result
64 There are additional helpers available to use with the parser and verdict
67 bytes the given verdict should apply to. The helper ``bpf_msg_cork_bytes()``
68 handles a different case where a BPF program cannot reach a verdict on a msg
90 the message ``msg`` is allowed to pass (i.e., if the verdict BPF program
207 should apply a verdict.
221 For socket policies, prevent the execution of the verdict BPF program for
[all …]
/linux/net/netfilter/ipvs/
A Dip_vs_core.c901 verdict = NF_ACCEPT; in handle_response_icmp()
906 return verdict; in handle_response_icmp()
1368 return verdict; in ip_vs_out_hook()
1377 return verdict; in ip_vs_out_hook()
1722 verdict = NF_DROP; in ip_vs_in_icmp()
1783 verdict = NF_STOLEN; in ip_vs_in_icmp()
1800 return verdict; in ip_vs_in_icmp()
1880 verdict = NF_ACCEPT; in ip_vs_in_icmp_v6()
1901 return verdict; in ip_vs_in_icmp_v6()
1965 return verdict; in ip_vs_in_hook()
[all …]

Completed in 37 milliseconds

1234