xref: /linux/tools/testing/selftests/bpf/progs/test_bpf_nf_fail.c (revision c94cd9508b1335b949fd13ebd269313c65492df0)
1 // SPDX-License-Identifier: GPL-2.0
2 #define BPF_NO_KFUNC_PROTOTYPES
3 #include <vmlinux.h>
4 #include <bpf/bpf_tracing.h>
5 #include <bpf/bpf_helpers.h>
6 #include <bpf/bpf_core_read.h>
7 
8 struct nf_conn;
9 
10 struct bpf_ct_opts___local {
11 	s32 netns_id;
12 	s32 error;
13 	u8 l4proto;
14 	u8 reserved[3];
15 } __attribute__((preserve_access_index));
16 
17 struct nf_conn *bpf_skb_ct_alloc(struct __sk_buff *, struct bpf_sock_tuple *, u32,
18 				 struct bpf_ct_opts___local *, u32) __ksym;
19 struct nf_conn *bpf_skb_ct_lookup(struct __sk_buff *, struct bpf_sock_tuple *, u32,
20 				  struct bpf_ct_opts___local *, u32) __ksym;
21 struct nf_conn *bpf_ct_insert_entry(struct nf_conn *) __ksym;
22 void bpf_ct_release(struct nf_conn *) __ksym;
23 void bpf_ct_set_timeout(struct nf_conn *, u32) __ksym;
24 int bpf_ct_change_timeout(struct nf_conn *, u32) __ksym;
25 int bpf_ct_set_status(struct nf_conn *, u32) __ksym;
26 int bpf_ct_change_status(struct nf_conn *, u32) __ksym;
27 
28 SEC("?tc")
29 int alloc_release(struct __sk_buff *ctx)
30 {
31 	struct bpf_ct_opts___local opts = {};
32 	struct bpf_sock_tuple tup = {};
33 	struct nf_conn *ct;
34 
35 	ct = bpf_skb_ct_alloc(ctx, &tup, sizeof(tup.ipv4), &opts, sizeof(opts));
36 	if (!ct)
37 		return 0;
38 	bpf_ct_release(ct);
39 	return 0;
40 }
41 
42 SEC("?tc")
43 int insert_insert(struct __sk_buff *ctx)
44 {
45 	struct bpf_ct_opts___local opts = {};
46 	struct bpf_sock_tuple tup = {};
47 	struct nf_conn *ct;
48 
49 	ct = bpf_skb_ct_alloc(ctx, &tup, sizeof(tup.ipv4), &opts, sizeof(opts));
50 	if (!ct)
51 		return 0;
52 	ct = bpf_ct_insert_entry(ct);
53 	if (!ct)
54 		return 0;
55 	ct = bpf_ct_insert_entry(ct);
56 	return 0;
57 }
58 
59 SEC("?tc")
60 int lookup_insert(struct __sk_buff *ctx)
61 {
62 	struct bpf_ct_opts___local opts = {};
63 	struct bpf_sock_tuple tup = {};
64 	struct nf_conn *ct;
65 
66 	ct = bpf_skb_ct_lookup(ctx, &tup, sizeof(tup.ipv4), &opts, sizeof(opts));
67 	if (!ct)
68 		return 0;
69 	bpf_ct_insert_entry(ct);
70 	return 0;
71 }
72 
73 SEC("?tc")
74 int write_not_allowlisted_field(struct __sk_buff *ctx)
75 {
76 	struct bpf_ct_opts___local opts = {};
77 	struct bpf_sock_tuple tup = {};
78 	struct nf_conn *ct;
79 
80 	ct = bpf_skb_ct_lookup(ctx, &tup, sizeof(tup.ipv4), &opts, sizeof(opts));
81 	if (!ct)
82 		return 0;
83 	ct->status = 0xF00;
84 	return 0;
85 }
86 
87 SEC("?tc")
88 int set_timeout_after_insert(struct __sk_buff *ctx)
89 {
90 	struct bpf_ct_opts___local opts = {};
91 	struct bpf_sock_tuple tup = {};
92 	struct nf_conn *ct;
93 
94 	ct = bpf_skb_ct_alloc(ctx, &tup, sizeof(tup.ipv4), &opts, sizeof(opts));
95 	if (!ct)
96 		return 0;
97 	ct = bpf_ct_insert_entry(ct);
98 	if (!ct)
99 		return 0;
100 	bpf_ct_set_timeout(ct, 0);
101 	return 0;
102 }
103 
104 SEC("?tc")
105 int set_status_after_insert(struct __sk_buff *ctx)
106 {
107 	struct bpf_ct_opts___local opts = {};
108 	struct bpf_sock_tuple tup = {};
109 	struct nf_conn *ct;
110 
111 	ct = bpf_skb_ct_alloc(ctx, &tup, sizeof(tup.ipv4), &opts, sizeof(opts));
112 	if (!ct)
113 		return 0;
114 	ct = bpf_ct_insert_entry(ct);
115 	if (!ct)
116 		return 0;
117 	bpf_ct_set_status(ct, 0);
118 	return 0;
119 }
120 
121 SEC("?tc")
122 int change_timeout_after_alloc(struct __sk_buff *ctx)
123 {
124 	struct bpf_ct_opts___local opts = {};
125 	struct bpf_sock_tuple tup = {};
126 	struct nf_conn *ct;
127 
128 	ct = bpf_skb_ct_alloc(ctx, &tup, sizeof(tup.ipv4), &opts, sizeof(opts));
129 	if (!ct)
130 		return 0;
131 	bpf_ct_change_timeout(ct, 0);
132 	return 0;
133 }
134 
135 SEC("?tc")
136 int change_status_after_alloc(struct __sk_buff *ctx)
137 {
138 	struct bpf_ct_opts___local opts = {};
139 	struct bpf_sock_tuple tup = {};
140 	struct nf_conn *ct;
141 
142 	ct = bpf_skb_ct_alloc(ctx, &tup, sizeof(tup.ipv4), &opts, sizeof(opts));
143 	if (!ct)
144 		return 0;
145 	bpf_ct_change_status(ct, 0);
146 	return 0;
147 }
148 
149 char _license[] SEC("license") = "GPL";
150