Home
last modified time | relevance | path

Searched refs:verdict (Results 1 – 25 of 85) sorted by relevance

1234

/linux/tools/testing/selftests/bpf/progs/
A Dtest_sockmap_listen.c45 int verdict; in prog_stream_verdict() local
52 count = bpf_map_lookup_elem(&verdict_map, &verdict); in prog_stream_verdict()
56 return verdict; in prog_stream_verdict()
64 int verdict; in prog_skb_verdict() local
67 verdict = bpf_sk_redirect_map(skb, &sock_map, zero, in prog_skb_verdict()
77 return verdict; in prog_skb_verdict()
85 int verdict; in prog_msg_verdict() local
96 return verdict; in prog_msg_verdict()
103 int err, verdict; in prog_reuseport() local
110 verdict = err ? SK_DROP : SK_PASS; in prog_reuseport()
[all …]
A Dtest_skmsg_load_helpers.c31 int verdict = SK_PASS; in prog_msg_verdict() local
42 verdict = SK_DROP; in prog_msg_verdict()
44 return verdict; in prog_msg_verdict()
/linux/net/netfilter/
A Dnf_queue.c212 unsigned int index, unsigned int verdict) in nf_queue() argument
219 (verdict & NF_VERDICT_FLAG_QUEUE_BYPASS)) in nf_queue()
234 unsigned int verdict, i = *index; in nf_iterate() local
240 if (verdict != NF_ACCEPT) { in nf_iterate()
242 if (verdict != NF_REPEAT) in nf_iterate()
243 return verdict; in nf_iterate()
298 if (verdict == NF_REPEAT) in nf_reinject()
301 if (verdict == NF_ACCEPT) { in nf_reinject()
303 verdict = NF_DROP; in nf_reinject()
306 if (verdict == NF_ACCEPT) { in nf_reinject()
[all …]
A Dnft_fwd_netdev.c35 regs->verdict.code = NF_STOLEN; in nft_fwd_netdev_eval()
93 unsigned int verdict = NF_STOLEN; in nft_fwd_neigh_eval() local
103 verdict = NFT_BREAK; in nft_fwd_neigh_eval()
107 verdict = NF_DROP; in nft_fwd_neigh_eval()
119 verdict = NFT_BREAK; in nft_fwd_neigh_eval()
123 verdict = NF_DROP; in nft_fwd_neigh_eval()
132 verdict = NFT_BREAK; in nft_fwd_neigh_eval()
144 regs->verdict.code = verdict; in nft_fwd_neigh_eval()
A Dnf_tables_core.c67 regs->verdict.code = NFT_BREAK; in nft_cmp_fast_eval()
173 nft_trace_init(&info, pkt, &regs.verdict, basechain); in nft_do_chain()
182 regs.verdict.code = NFT_CONTINUE; in nft_do_chain()
194 if (regs.verdict.code != NFT_CONTINUE) in nft_do_chain()
198 switch (regs.verdict.code) { in nft_do_chain()
200 regs.verdict.code = NFT_CONTINUE; in nft_do_chain()
210 switch (regs.verdict.code & NF_VERDICT_MASK) { in nft_do_chain()
217 return regs.verdict.code; in nft_do_chain()
220 switch (regs.verdict.code) { in nft_do_chain()
232 chain = regs.verdict.chain; in nft_do_chain()
A Dnft_socket.c32 regs->verdict.code = NFT_BREAK; in nft_socket_wildcard()
81 regs->verdict.code = NFT_BREAK; in nft_socket_eval()
86 regs->verdict.code = NFT_BREAK; in nft_socket_eval()
98 regs->verdict.code = NFT_BREAK; in nft_socket_eval()
104 regs->verdict.code = NFT_BREAK; in nft_socket_eval()
112 regs->verdict.code = NFT_BREAK; in nft_socket_eval()
119 regs->verdict.code = NFT_BREAK; in nft_socket_eval()
A Dnft_synproxy.c61 regs->verdict.code = NF_STOLEN; in nft_synproxy_eval_v4()
67 regs->verdict.code = NF_STOLEN; in nft_synproxy_eval_v4()
69 regs->verdict.code = NF_DROP; in nft_synproxy_eval_v4()
92 regs->verdict.code = NF_STOLEN; in nft_synproxy_eval_v6()
98 regs->verdict.code = NF_STOLEN; in nft_synproxy_eval_v6()
100 regs->verdict.code = NF_DROP; in nft_synproxy_eval_v6()
117 regs->verdict.code = NFT_BREAK; in nft_synproxy_do_eval()
122 regs->verdict.code = NF_DROP; in nft_synproxy_do_eval()
130 regs->verdict.code = NF_DROP; in nft_synproxy_do_eval()
135 regs->verdict.code = NF_DROP; in nft_synproxy_do_eval()
[all …]
A Dnft_immediate.c58 struct nft_chain *chain = priv->data.verdict.chain; in nft_immediate_init()
60 switch (priv->data.verdict.code) { in nft_immediate_init()
113 switch (data->verdict.code) { in nft_immediate_destroy()
116 chain = data->verdict.chain; in nft_immediate_destroy()
162 switch (data->verdict.code) { in nft_immediate_validate()
166 err = nft_chain_validate(ctx, data->verdict.chain); in nft_immediate_validate()
188 switch (data->verdict.code) { in nft_immediate_offload_verdict()
A Dnf_tables_trace.c154 info->verdict->code == NFT_CONTINUE) in nf_trace_fill_rule_info()
172 switch (info->verdict->code) { in nft_trace_have_verdict_chain()
214 size += nla_total_size(strlen(info->verdict->chain->name)); /* jump target */ in nft_trace_notify()
250 if (nft_verdict_dump(skb, NFTA_TRACE_VERDICT, info->verdict)) in nft_trace_notify()
283 const struct nft_verdict *verdict, in nft_trace_init() argument
290 info->verdict = verdict; in nft_trace_init()
A Dnft_tproxy.c35 regs->verdict.code = NFT_BREAK; in nft_tproxy_eval_v4()
41 regs->verdict.code = NFT_BREAK; in nft_tproxy_eval_v4()
80 regs->verdict.code = NFT_BREAK; in nft_tproxy_eval_v4()
102 regs->verdict.code = NFT_BREAK; in nft_tproxy_eval_v6()
109 regs->verdict.code = NFT_BREAK; in nft_tproxy_eval_v6()
153 regs->verdict.code = NFT_BREAK; in nft_tproxy_eval_v6()
182 regs->verdict.code = NFT_BREAK; in nft_tproxy_eval()
A Dnfnetlink_queue.c231 if (verdict == NF_ACCEPT || in nfqnl_reinject()
232 verdict == NF_REPEAT || in nfqnl_reinject()
233 verdict == NF_STOP) { in nfqnl_reinject()
239 verdict = NF_DROP; in nfqnl_reinject()
1043 unsigned int verdict; in verdicthdr_get() local
1049 verdict = ntohl(vhdr->verdict) & NF_VERDICT_MASK; in verdicthdr_get()
1050 if (verdict > NF_MAX_VERDICT || verdict == NF_STOLEN) in verdicthdr_get()
1081 verdict = ntohl(vhdr->verdict); in nfqnl_recv_verdict_batch()
1180 unsigned int verdict; in nfqnl_recv_verdict() local
1192 verdict = ntohl(vhdr->verdict); in nfqnl_recv_verdict()
[all …]
A Dnft_xfrm.c125 regs->verdict.code = NFT_BREAK; in nft_xfrm_state_get_key()
154 regs->verdict.code = NFT_BREAK; in nft_xfrm_state_get_key()
165 regs->verdict.code = NFT_BREAK; in nft_xfrm_get_eval_in()
189 regs->verdict.code = NFT_BREAK; in nft_xfrm_get_eval_out()
207 regs->verdict.code = NFT_BREAK; in nft_xfrm_get_eval()
A Dnft_osf.c32 regs->verdict.code = NFT_BREAK; in nft_osf_eval()
39 regs->verdict.code = NFT_BREAK; in nft_osf_eval()
43 regs->verdict.code = NFT_BREAK; in nft_osf_eval()
A Dnft_compat.c92 regs->verdict.code = NFT_CONTINUE; in nft_target_eval_xt()
95 regs->verdict.code = ret; in nft_target_eval_xt()
119 regs->verdict.code = NF_ACCEPT; in nft_target_eval_bridge()
122 regs->verdict.code = NF_DROP; in nft_target_eval_bridge()
125 regs->verdict.code = NFT_CONTINUE; in nft_target_eval_bridge()
128 regs->verdict.code = NFT_RETURN; in nft_target_eval_bridge()
131 regs->verdict.code = ret; in nft_target_eval_bridge()
383 regs->verdict.code = NF_DROP; in __nft_match_eval()
389 regs->verdict.code = NFT_CONTINUE; in __nft_match_eval()
392 regs->verdict.code = NFT_BREAK; in __nft_match_eval()
A Dnft_limit.c136 regs->verdict.code = NFT_BREAK; in nft_limit_pkts_eval()
186 regs->verdict.code = NFT_BREAK; in nft_limit_bytes_eval()
246 regs->verdict.code = NFT_BREAK; in nft_limit_obj_pkts_eval()
290 regs->verdict.code = NFT_BREAK; in nft_limit_obj_bytes_eval()
/linux/samples/bpf/
A Dtest_cgrp2_attach.c42 static int prog_load(int map_fd, int verdict) in prog_load() argument
70 BPF_MOV64_IMM(BPF_REG_0, verdict), /* r0 = verdict */ in prog_load()
88 static int attach_filter(int cg_fd, int type, int verdict) in attach_filter() argument
101 prog_fd = prog_load(map_fd, verdict); in attach_filter()
132 int detach_only = 0, verdict = 1; in main() local
139 verdict = 0; in main()
170 ret = attach_filter(cg_fd, type, verdict); in main()
/linux/tools/testing/selftests/netfilter/
A Dnf-queue.c24 uint32_t verdict; member
171 .verdict = htonl(verd), in nfq_build_verdict()
316 nlh = nfq_build_verdict(buf, id, opts.queue_num, opts.verdict); in mainloop()
347 opts.verdict = atoi(optarg); in parse_opts()
348 if (opts.verdict > 0xffff) { in parse_opts()
353 opts.verdict <<= 16; in parse_opts()
354 opts.verdict |= NF_QUEUE; in parse_opts()
375 if (opts.verdict != NF_ACCEPT && (opts.verdict >> 16 == opts.queue_num)) { in parse_opts()
385 opts.verdict = NF_ACCEPT; in main()
/linux/tools/testing/selftests/bpf/prog_tests/
A Dsockmap_basic.c114 int err, map, verdict; in test_skmsg_helpers() local
122 verdict = bpf_program__fd(skel->progs.prog_msg_verdict); in test_skmsg_helpers()
125 err = bpf_prog_attach(verdict, map, BPF_SK_MSG_VERDICT, 0); in test_skmsg_helpers()
131 err = bpf_prog_detach2(verdict, map, BPF_SK_MSG_VERDICT); in test_skmsg_helpers()
289 int err, map, verdict; in test_sockmap_skb_verdict_attach() local
297 verdict = bpf_program__fd(skel->progs.prog_skb_verdict); in test_sockmap_skb_verdict_attach()
300 err = bpf_prog_attach(verdict, map, first, 0); in test_sockmap_skb_verdict_attach()
306 err = bpf_prog_attach(verdict, map, second, 0); in test_sockmap_skb_verdict_attach()
309 err = bpf_prog_detach2(verdict, map, first); in test_sockmap_skb_verdict_attach()
A Dnetns_cookie.c16 int err, val, ret, map, verdict; in test_netns_cookie() local
35 verdict = bpf_program__fd(skel->progs.get_netns_cookie_sk_msg); in test_netns_cookie()
37 err = bpf_prog_attach(verdict, map, BPF_SK_MSG_VERDICT, 0); in test_netns_cookie()
A Dsockmap_listen.c1051 int verdict = bpf_program__fd(skel->progs.prog_msg_verdict); in test_msg_redir_to_connected() local
1062 xbpf_prog_detach2(verdict, sock_map, BPF_SK_MSG_VERDICT); in test_msg_redir_to_connected()
1153 int verdict = bpf_program__fd(skel->progs.prog_msg_verdict); in test_msg_redir_to_listening() local
1164 xbpf_prog_detach2(verdict, sock_map, BPF_SK_MSG_VERDICT); in test_msg_redir_to_listening()
1618 int verdict = bpf_program__fd(skel->progs.prog_skb_verdict); in unix_skb_redir_to_connected() local
1632 xbpf_prog_detach2(verdict, sock_map, BPF_SK_SKB_VERDICT); in unix_skb_redir_to_connected()
1786 int verdict = bpf_program__fd(skel->progs.prog_skb_verdict); in udp_skb_redir_to_connected() local
1800 xbpf_prog_detach2(verdict, sock_map, BPF_SK_SKB_VERDICT); in udp_skb_redir_to_connected()
1874 int verdict = bpf_program__fd(skel->progs.prog_skb_verdict); in inet_unix_skb_redir_to_connected() local
1894 xbpf_prog_detach2(verdict, sock_map, BPF_SK_SKB_VERDICT); in inet_unix_skb_redir_to_connected()
[all …]
/linux/net/netfilter/ipvs/
A Dip_vs_core.c901 verdict = NF_ACCEPT; in handle_response_icmp()
906 return verdict; in handle_response_icmp()
1374 return verdict; in ip_vs_out_hook()
1383 return verdict; in ip_vs_out_hook()
1724 verdict = NF_DROP; in ip_vs_in_icmp()
1785 verdict = NF_STOLEN; in ip_vs_in_icmp()
1802 return verdict; in ip_vs_in_icmp()
1882 verdict = NF_ACCEPT; in ip_vs_in_icmp_v6()
1903 return verdict; in ip_vs_in_icmp_v6()
1967 return verdict; in ip_vs_in_hook()
[all …]
A Dip_vs_proto_udp.c33 int *verdict, struct ip_vs_conn **cpp, in udp_conn_schedule() argument
51 *verdict = NF_DROP; in udp_conn_schedule()
70 *verdict = NF_DROP; in udp_conn_schedule()
81 *verdict = ip_vs_leave(svc, skb, pd, iph); in udp_conn_schedule()
83 *verdict = NF_DROP; in udp_conn_schedule()
/linux/net/ipv4/netfilter/
A Darp_tables.c189 unsigned int verdict = NF_DROP; in arpt_do_table() local
243 verdict = (unsigned int)(-v) - 1; in arpt_do_table()
258 verdict = NF_DROP; in arpt_do_table()
272 if (verdict == XT_CONTINUE) { in arpt_do_table()
287 return verdict; in arpt_do_table()
336 t->verdict < 0) || visited) { in mark_source_chains()
363 int newpos = t->verdict; in mark_source_chains()
440 unsigned int verdict; in check_underflow() local
447 verdict = ((struct xt_standard_target *)t)->verdict; in check_underflow()
448 verdict = -verdict - 1; in check_underflow()
[all …]
A Dip_tables.c174 t->verdict < 0) { in get_chainname_rulenum()
234 unsigned int verdict = NF_DROP; in ipt_do_table() local
334 verdict = NF_DROP; in ipt_do_table()
348 if (verdict == XT_CONTINUE) { in ipt_do_table()
363 else return verdict; in ipt_do_table()
401 t->verdict < 0) || visited) { in mark_source_chains()
427 int newpos = t->verdict; in mark_source_chains()
576 unsigned int verdict; in check_underflow() local
583 verdict = ((struct xt_standard_target *)t)->verdict; in check_underflow()
584 verdict = -verdict - 1; in check_underflow()
[all …]
/linux/net/ipv6/netfilter/
A Dip6_tables.c199 t->verdict < 0) { in get_chainname_rulenum()
257 unsigned int verdict = NF_DROP; in ip6t_do_table() local
355 verdict = NF_DROP; in ip6t_do_table()
369 if (verdict == XT_CONTINUE) in ip6t_do_table()
381 else return verdict; in ip6t_do_table()
419 t->verdict < 0) || visited) { in mark_source_chains()
445 int newpos = t->verdict; in mark_source_chains()
594 unsigned int verdict; in check_underflow() local
601 verdict = ((struct xt_standard_target *)t)->verdict; in check_underflow()
602 verdict = -verdict - 1; in check_underflow()
[all …]

Completed in 71 milliseconds

1234