github.com/cilium/cilium@v1.16.2/bpf/tests/lib/policy.h

github.com/cilium/cilium@v1.16.2/bpf/tests/lib/policy.h (about)

     1  /* SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause) */
     2  /* Copyright Authors of Cilium */
     3  
     4  #ifndef SKIP_POLICY_MAP
     5  static __always_inline void
     6  policy_add_entry(bool egress, __u32 sec_label, __u8 protocol, __u16 dport, bool deny)
     7  {
     8  	struct policy_key key = {
     9  		.sec_label = sec_label,
    10  		.egress = egress,
    11  		.protocol = protocol,
    12  		.dport = dport,
    13  	};
    14  	struct policy_entry value = {
    15  		.deny = deny,
    16  	};
    17  
    18  	map_update_elem(&POLICY_MAP, &key, &value, BPF_ANY);
    19  }
    20  
    21  static __always_inline void
    22  policy_add_ingress_allow_entry(__u32 sec_label, __u8 protocol, __u16 dport)
    23  {
    24  	policy_add_entry(false, sec_label, protocol, dport, false);
    25  }
    26  
    27  static __always_inline void
    28  policy_add_egress_allow_entry(__u32 sec_label, __u8 protocol, __u16 dport)
    29  {
    30  	policy_add_entry(true, sec_label, protocol, dport, false);
    31  }
    32  
    33  static __always_inline void policy_add_egress_allow_all_entry(void)
    34  {
    35  	policy_add_entry(true, 0, 0, 0, false);
    36  }
    37  
    38  static __always_inline void policy_add_egress_deny_all_entry(void)
    39  {
    40  	policy_add_entry(true, 0, 0, 0, true);
    41  }
    42  
    43  static __always_inline void policy_delete_egress_entry(void)
    44  {
    45  	struct policy_key key = {
    46  		.egress = 1,
    47  	};
    48  
    49  	map_delete_elem(&POLICY_MAP, &key);
    50  }
    51  #endif