net/core/filter.c
Source file repositories/reference/linux-study-clean/net/core/filter.c
File Facts
- System
- Linux kernel
- Corpus path
net/core/filter.c- Extension
.c- Size
- 351555 bytes
- Lines
- 12705
- Domain
- Networking Core
- Bucket
- Sockets, Protocols, Packet Path, And Network Policy
- Inferred role
- Networking Core: operation-table or driver-model contract
- Status
- pattern implementation candidate
Why This File Exists
Networking stack implementation surface: socket APIs, protocol dispatch, packet flow, routing, filtering, and network namespaces.
- Networking stack implementation surface: socket APIs, protocol dispatch, packet flow, routing, filtering, and network namespaces.
- Defines an operation table; this is where Linux turns generic core objects into subsystem-specific behavior.
- Touches user memory; correctness depends on fault-safe copying and privilege boundary handling.
- Uses kernel synchronization; read lock ordering, sleepability, and interrupt context assumptions before translating.
- Allocates kernel memory; connect allocation flags and lifetime to context constraints.
- Defines or uses C structs; map object ownership, embedded links, reference counts, and lock ownership.
Dependency Surface
linux/atomic.hlinux/bpf_verifier.hlinux/module.hlinux/types.hlinux/mm.hlinux/fcntl.hlinux/socket.hlinux/sock_diag.hlinux/in.hlinux/inet.hlinux/netdevice.hlinux/if_packet.hlinux/if_arp.hlinux/gfp.hnet/inet_common.hnet/ip.hnet/protocol.hnet/netlink.hlinux/skbuff.hlinux/skmsg.hnet/sock.hnet/flow_dissector.hlinux/errno.hlinux/timer.hlinux/uaccess.hlinux/unaligned.hlinux/filter.hlinux/ratelimit.hlinux/seccomp.hlinux/if_vlan.hlinux/bpf.hlinux/btf.h
Detected Declarations
function copy_bpf_fprog_from_userfunction sk_filter_trim_capfunction bpf_skb_load_helper_convert_offsetfunction convert_skb_accessfunction convert_bpf_extensionsfunction convert_bpf_ld_absfunction BPFfunction __bpf_prog_runfunction chk_code_allowedfunction bpf_check_basics_okfunction bpf_check_classicfunction bpf_prog_store_orig_filterfunction bpf_release_orig_filterfunction __bpf_prog_releasefunction __sk_filter_releasefunction sk_filter_release_rcufunction sk_filter_releasefunction sk_filter_unchargefunction __sk_filter_chargefunction atomic_readfunction sk_filter_chargefunction bpf_prog_createfunction bpf_prog_createfunction bpf_prog_destroyfunction __sk_attach_progfunction sk_attach_filterfunction sk_reuseport_attach_filterfunction sk_attach_bpffunction sk_reuseport_attach_bpffunction sk_reuseport_prog_free_rcufunction sk_reuseport_prog_freefunction __bpf_try_make_writablefunction bpf_try_make_writablefunction bpf_try_make_head_writablefunction bpf_push_mac_rcsumfunction bpf_pull_mac_rcsumfunction __bpf_skb_store_bytesfunction __bpf_skb_load_bytesfunction sk_skb_try_make_writablefunction __bpf_rx_skbfunction __bpf_rx_skb_no_macfunction __bpf_tx_skbfunction __bpf_redirect_no_macfunction __bpf_redirect_commonfunction __bpf_redirectfunction bpf_out_neigh_v6function __bpf_redirect_neigh_v6function __bpf_redirect_neigh_v6
Annotated Snippet
const struct net_device_ops *ops = dev->netdev_ops;
if (likely(ops->ndo_get_peer_dev))
return INDIRECT_CALL_1(ops->ndo_get_peer_dev,
netkit_peer_dev, dev);
return NULL;
}
int skb_do_redirect(struct sk_buff *skb)
{
struct bpf_redirect_info *ri = bpf_net_ctx_get_ri();
struct net *net = dev_net(skb->dev);
struct net_device *dev;
u32 flags = ri->flags;
dev = dev_get_by_index_rcu(net, ri->tgt_index);
ri->tgt_index = 0;
ri->flags = 0;
if (unlikely(!dev))
goto out_drop;
if (flags & BPF_F_PEER) {
if (unlikely(!skb_at_tc_ingress(skb)))
goto out_drop;
dev = skb_get_peer_dev(dev);
if (unlikely(!dev ||
!(dev->flags & IFF_UP) ||
net_eq(net, dev_net(dev))))
goto out_drop;
skb->dev = dev;
dev_sw_netstats_rx_add(dev, skb->len);
skb_scrub_packet(skb, false);
return -EAGAIN;
}
return flags & BPF_F_NEIGH ?
__bpf_redirect_neigh(skb, dev, flags & BPF_F_NEXTHOP ?
&ri->nh : NULL) :
__bpf_redirect(skb, dev, flags);
out_drop:
kfree_skb(skb);
return -EINVAL;
}
BPF_CALL_2(bpf_redirect, u32, ifindex, u64, flags)
{
struct bpf_redirect_info *ri = bpf_net_ctx_get_ri();
if (unlikely(flags & (~(BPF_F_INGRESS) | BPF_F_REDIRECT_INTERNAL)))
return TC_ACT_SHOT;
ri->flags = flags;
ri->tgt_index = ifindex;
return TC_ACT_REDIRECT;
}
static const struct bpf_func_proto bpf_redirect_proto = {
.func = bpf_redirect,
.gpl_only = false,
.ret_type = RET_INTEGER,
.arg1_type = ARG_ANYTHING,
.arg2_type = ARG_ANYTHING,
};
BPF_CALL_2(bpf_redirect_peer, u32, ifindex, u64, flags)
{
struct bpf_redirect_info *ri = bpf_net_ctx_get_ri();
if (unlikely(flags))
return TC_ACT_SHOT;
ri->flags = BPF_F_PEER;
ri->tgt_index = ifindex;
return TC_ACT_REDIRECT;
}
static const struct bpf_func_proto bpf_redirect_peer_proto = {
.func = bpf_redirect_peer,
.gpl_only = false,
.ret_type = RET_INTEGER,
.arg1_type = ARG_ANYTHING,
.arg2_type = ARG_ANYTHING,
};
BPF_CALL_4(bpf_redirect_neigh, u32, ifindex, struct bpf_redir_neigh *, params,
int, plen, u64, flags)
{
struct bpf_redirect_info *ri = bpf_net_ctx_get_ri();
if (unlikely((plen && plen < sizeof(*params)) || flags))
Annotation
- Immediate include surface: `linux/atomic.h`, `linux/bpf_verifier.h`, `linux/module.h`, `linux/types.h`, `linux/mm.h`, `linux/fcntl.h`, `linux/socket.h`, `linux/sock_diag.h`.
- Detected declarations: `function copy_bpf_fprog_from_user`, `function sk_filter_trim_cap`, `function bpf_skb_load_helper_convert_offset`, `function convert_skb_access`, `function convert_bpf_extensions`, `function convert_bpf_ld_abs`, `function BPF`, `function __bpf_prog_run`, `function chk_code_allowed`, `function bpf_check_basics_ok`.
- Atlas domain: Networking Core / Sockets, Protocols, Packet Path, And Network Policy.
- Implementation status: pattern implementation candidate.
- This snippet crosses the user/kernel memory boundary; validate fault handling and access checks before translating the pattern.
- Synchronization appears in or near this file; preserve lock ordering, sleepability, and interrupt-context constraints.
Implementation Notes
- This generated page is the file-by-file coverage layer; curated subsystem chapters should link here when they synthesize a multi-file control flow.
- Core OS pages should be promoted from atlas-only to deep-reviewed when they explain data structures, invariants, locking, lifecycle, and C implementation snippets.
- Driver-family pages are intentionally pattern-oriented unless they are part of the selected PCIe/NVMe representative device path.