block.c: rename (DIS)ALLOW to BPF_(DIS)ALLOW
Makes things clearer.
Prep work for a better shared bpf_net_helpers.h header file.
Generated via:
sed -i -r 's@ ALLOW@ BPF_ALLOW@' block.c
sed -i -r 's@ DISALLOW@ BPF_DISALLOW@' block.c
Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I089a730d8881d62871ce2daff64e79caccd41a00
diff --git a/bpf_progs/block.c b/bpf_progs/block.c
index 152dda6..127ec4e 100644
--- a/bpf_progs/block.c
+++ b/bpf_progs/block.c
@@ -24,14 +24,14 @@
#include "bpf_helpers.h"
-static const int ALLOW = 1;
-static const int DISALLOW = 0;
+static const int BPF_ALLOW = 1;
+static const int BPF_DISALLOW = 0;
DEFINE_BPF_MAP_GRW(blocked_ports_map, ARRAY, int, uint64_t,
1024 /* 64K ports -> 1024 u64s */, AID_SYSTEM)
static inline __always_inline int block_port(struct bpf_sock_addr *ctx) {
- if (!ctx->user_port) return ALLOW;
+ if (!ctx->user_port) return BPF_ALLOW;
switch (ctx->protocol) {
case IPPROTO_TCP:
@@ -42,7 +42,7 @@
case IPPROTO_SCTP:
break;
default:
- return ALLOW; // unknown protocols are allowed
+ return BPF_ALLOW; // unknown protocols are allowed
}
int key = ctx->user_port >> 6;
@@ -51,10 +51,10 @@
uint64_t *val = bpf_blocked_ports_map_lookup_elem(&key);
// Lookup should never fail in reality, but if it does return here to keep the
// BPF verifier happy.
- if (!val) return ALLOW;
+ if (!val) return BPF_ALLOW;
- if ((*val >> shift) & 1) return DISALLOW;
- return ALLOW;
+ if ((*val >> shift) & 1) return BPF_DISALLOW;
+ return BPF_ALLOW;
}
// the program need to be accessible/loadable by netd (from netd updatable plugin)