1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17#include <linux/module.h>
18#include <linux/skbuff.h>
19#include <linux/init.h>
20#include <linux/spinlock.h>
21#include <linux/notifier.h>
22#include <linux/netdevice.h>
23#include <linux/netfilter.h>
24#include <linux/proc_fs.h>
25#include <linux/netfilter_ipv4.h>
26#include <linux/netfilter_ipv6.h>
27#include <linux/netfilter/nfnetlink.h>
28#include <linux/netfilter/nfnetlink_queue.h>
29#include <linux/list.h>
30#include <net/sock.h>
31#include <net/netfilter/nf_queue.h>
32
33#include <asm/atomic.h>
34
35#ifdef CONFIG_BRIDGE_NETFILTER
36#include "../bridge/br_private.h"
37#endif
38
39#define NFQNL_QMAX_DEFAULT 1024
40
41struct nfqnl_instance {
42 struct hlist_node hlist;
43 struct rcu_head rcu;
44
45 int peer_pid;
46 unsigned int queue_maxlen;
47 unsigned int copy_range;
48 unsigned int queue_total;
49 unsigned int queue_dropped;
50 unsigned int queue_user_dropped;
51
52 unsigned int id_sequence;
53
54 u_int16_t queue_num;
55 u_int8_t copy_mode;
56
57 spinlock_t lock;
58
59 struct list_head queue_list;
60};
61
62typedef int (*nfqnl_cmpfn)(struct nf_queue_entry *, unsigned long);
63
64static DEFINE_SPINLOCK(instances_lock);
65
66#define INSTANCE_BUCKETS 16
67static struct hlist_head instance_table[INSTANCE_BUCKETS] __read_mostly;
68
69static inline u_int8_t instance_hashfn(u_int16_t queue_num)
70{
71 return ((queue_num >> 8) | queue_num) % INSTANCE_BUCKETS;
72}
73
74static struct nfqnl_instance *
75instance_lookup(u_int16_t queue_num)
76{
77 struct hlist_head *head;
78 struct hlist_node *pos;
79 struct nfqnl_instance *inst;
80
81 head = &instance_table[instance_hashfn(queue_num)];
82 hlist_for_each_entry_rcu(inst, pos, head, hlist) {
83 if (inst->queue_num == queue_num)
84 return inst;
85 }
86 return NULL;
87}
88
89static struct nfqnl_instance *
90instance_create(u_int16_t queue_num, int pid)
91{
92 struct nfqnl_instance *inst;
93 unsigned int h;
94 int err;
95
96 spin_lock(&instances_lock);
97 if (instance_lookup(queue_num)) {
98 err = -EEXIST;
99 goto out_unlock;
100 }
101
102 inst = kzalloc(sizeof(*inst), GFP_ATOMIC);
103 if (!inst) {
104 err = -ENOMEM;
105 goto out_unlock;
106 }
107
108 inst->queue_num = queue_num;
109 inst->peer_pid = pid;
110 inst->queue_maxlen = NFQNL_QMAX_DEFAULT;
111 inst->copy_range = 0xfffff;
112 inst->copy_mode = NFQNL_COPY_NONE;
113 spin_lock_init(&inst->lock);
114 INIT_LIST_HEAD(&inst->queue_list);
115 INIT_RCU_HEAD(&inst->rcu);
116
117 if (!try_module_get(THIS_MODULE)) {
118 err = -EAGAIN;
119 goto out_free;
120 }
121
122 h = instance_hashfn(queue_num);
123 hlist_add_head_rcu(&inst->hlist, &instance_table[h]);
124
125 spin_unlock(&instances_lock);
126
127 return inst;
128
129out_free:
130 kfree(inst);
131out_unlock:
132 spin_unlock(&instances_lock);
133 return ERR_PTR(err);
134}
135
136static void nfqnl_flush(struct nfqnl_instance *queue, nfqnl_cmpfn cmpfn,
137 unsigned long data);
138
139static void
140instance_destroy_rcu(struct rcu_head *head)
141{
142 struct nfqnl_instance *inst = container_of(head, struct nfqnl_instance,
143 rcu);
144
145 nfqnl_flush(inst, NULL, 0);
146 kfree(inst);
147 module_put(THIS_MODULE);
148}
149
150static void
151__instance_destroy(struct nfqnl_instance *inst)
152{
153 hlist_del_rcu(&inst->hlist);
154 call_rcu(&inst->rcu, instance_destroy_rcu);
155}
156
157static void
158instance_destroy(struct nfqnl_instance *inst)
159{
160 spin_lock(&instances_lock);
161 __instance_destroy(inst);
162 spin_unlock(&instances_lock);
163}
164
165static inline void
166__enqueue_entry(struct nfqnl_instance *queue, struct nf_queue_entry *entry)
167{
168 list_add_tail(&entry->list, &queue->queue_list);
169 queue->queue_total++;
170}
171
172static struct nf_queue_entry *
173find_dequeue_entry(struct nfqnl_instance *queue, unsigned int id)
174{
175 struct nf_queue_entry *entry = NULL, *i;
176
177 spin_lock_bh(&queue->lock);
178
179 list_for_each_entry(i, &queue->queue_list, list) {
180 if (i->id == id) {
181 entry = i;
182 break;
183 }
184 }
185
186 if (entry) {
187 list_del(&entry->list);
188 queue->queue_total--;
189 }
190
191 spin_unlock_bh(&queue->lock);
192
193 return entry;
194}
195
196static void
197nfqnl_flush(struct nfqnl_instance *queue, nfqnl_cmpfn cmpfn, unsigned long data)
198{
199 struct nf_queue_entry *entry, *next;
200
201 spin_lock_bh(&queue->lock);
202 list_for_each_entry_safe(entry, next, &queue->queue_list, list) {
203 if (!cmpfn || cmpfn(entry, data)) {
204 list_del(&entry->list);
205 queue->queue_total--;
206 nf_reinject(entry, NF_DROP);
207 }
208 }
209 spin_unlock_bh(&queue->lock);
210}
211
212static struct sk_buff *
213nfqnl_build_packet_message(struct nfqnl_instance *queue,
214 struct nf_queue_entry *entry)
215{
216 sk_buff_data_t old_tail;
217 size_t size;
218 size_t data_len = 0;
219 struct sk_buff *skb;
220 struct nfqnl_msg_packet_hdr pmsg;
221 struct nlmsghdr *nlh;
222 struct nfgenmsg *nfmsg;
223 struct sk_buff *entskb = entry->skb;
224 struct net_device *indev;
225 struct net_device *outdev;
226
227 size = NLMSG_SPACE(sizeof(struct nfgenmsg))
228 + nla_total_size(sizeof(struct nfqnl_msg_packet_hdr))
229 + nla_total_size(sizeof(u_int32_t))
230 + nla_total_size(sizeof(u_int32_t))
231#ifdef CONFIG_BRIDGE_NETFILTER
232 + nla_total_size(sizeof(u_int32_t))
233 + nla_total_size(sizeof(u_int32_t))
234#endif
235 + nla_total_size(sizeof(u_int32_t))
236 + nla_total_size(sizeof(struct nfqnl_msg_packet_hw))
237 + nla_total_size(sizeof(struct nfqnl_msg_packet_timestamp));
238
239 outdev = entry->outdev;
240
241 spin_lock_bh(&queue->lock);
242
243 switch ((enum nfqnl_config_mode)queue->copy_mode) {
244 case NFQNL_COPY_META:
245 case NFQNL_COPY_NONE:
246 break;
247
248 case NFQNL_COPY_PACKET:
249 if ((entskb->ip_summed == CHECKSUM_PARTIAL ||
250 entskb->ip_summed == CHECKSUM_COMPLETE) &&
251 skb_checksum_help(entskb)) {
252 spin_unlock_bh(&queue->lock);
253 return NULL;
254 }
255 if (queue->copy_range == 0
256 || queue->copy_range > entskb->len)
257 data_len = entskb->len;
258 else
259 data_len = queue->copy_range;
260
261 size += nla_total_size(data_len);
262 break;
263 }
264
265 entry->id = queue->id_sequence++;
266
267 spin_unlock_bh(&queue->lock);
268
269 skb = alloc_skb(size, GFP_ATOMIC);
270 if (!skb)
271 goto nlmsg_failure;
272
273 old_tail = skb->tail;
274 nlh = NLMSG_PUT(skb, 0, 0,
275 NFNL_SUBSYS_QUEUE << 8 | NFQNL_MSG_PACKET,
276 sizeof(struct nfgenmsg));
277 nfmsg = NLMSG_DATA(nlh);
278 nfmsg->nfgen_family = entry->pf;
279 nfmsg->version = NFNETLINK_V0;
280 nfmsg->res_id = htons(queue->queue_num);
281
282 pmsg.packet_id = htonl(entry->id);
283 pmsg.hw_protocol = entskb->protocol;
284 pmsg.hook = entry->hook;
285
286 NLA_PUT(skb, NFQA_PACKET_HDR, sizeof(pmsg), &pmsg);
287
288 indev = entry->indev;
289 if (indev) {
290#ifndef CONFIG_BRIDGE_NETFILTER
291 NLA_PUT_BE32(skb, NFQA_IFINDEX_INDEV, htonl(indev->ifindex));
292#else
293 if (entry->pf == PF_BRIDGE) {
294
295
296
297 NLA_PUT_BE32(skb, NFQA_IFINDEX_PHYSINDEV,
298 htonl(indev->ifindex));
299
300 NLA_PUT_BE32(skb, NFQA_IFINDEX_INDEV,
301 htonl(indev->br_port->br->dev->ifindex));
302 } else {
303
304
305 NLA_PUT_BE32(skb, NFQA_IFINDEX_INDEV,
306 htonl(indev->ifindex));
307 if (entskb->nf_bridge && entskb->nf_bridge->physindev)
308 NLA_PUT_BE32(skb, NFQA_IFINDEX_PHYSINDEV,
309 htonl(entskb->nf_bridge->physindev->ifindex));
310 }
311#endif
312 }
313
314 if (outdev) {
315#ifndef CONFIG_BRIDGE_NETFILTER
316 NLA_PUT_BE32(skb, NFQA_IFINDEX_OUTDEV, htonl(outdev->ifindex));
317#else
318 if (entry->pf == PF_BRIDGE) {
319
320
321
322 NLA_PUT_BE32(skb, NFQA_IFINDEX_PHYSOUTDEV,
323 htonl(outdev->ifindex));
324
325 NLA_PUT_BE32(skb, NFQA_IFINDEX_OUTDEV,
326 htonl(outdev->br_port->br->dev->ifindex));
327 } else {
328
329
330 NLA_PUT_BE32(skb, NFQA_IFINDEX_OUTDEV,
331 htonl(outdev->ifindex));
332 if (entskb->nf_bridge && entskb->nf_bridge->physoutdev)
333 NLA_PUT_BE32(skb, NFQA_IFINDEX_PHYSOUTDEV,
334 htonl(entskb->nf_bridge->physoutdev->ifindex));
335 }
336#endif
337 }
338
339 if (entskb->mark)
340 NLA_PUT_BE32(skb, NFQA_MARK, htonl(entskb->mark));
341
342 if (indev && entskb->dev) {
343 struct nfqnl_msg_packet_hw phw;
344 int len = dev_parse_header(entskb, phw.hw_addr);
345 if (len) {
346 phw.hw_addrlen = htons(len);
347 NLA_PUT(skb, NFQA_HWADDR, sizeof(phw), &phw);
348 }
349 }
350
351 if (entskb->tstamp.tv64) {
352 struct nfqnl_msg_packet_timestamp ts;
353 struct timeval tv = ktime_to_timeval(entskb->tstamp);
354 ts.sec = cpu_to_be64(tv.tv_sec);
355 ts.usec = cpu_to_be64(tv.tv_usec);
356
357 NLA_PUT(skb, NFQA_TIMESTAMP, sizeof(ts), &ts);
358 }
359
360 if (data_len) {
361 struct nlattr *nla;
362 int sz = nla_attr_size(data_len);
363
364 if (skb_tailroom(skb) < nla_total_size(data_len)) {
365 printk(KERN_WARNING "nf_queue: no tailroom!\n");
366 goto nlmsg_failure;
367 }
368
369 nla = (struct nlattr *)skb_put(skb, nla_total_size(data_len));
370 nla->nla_type = NFQA_PAYLOAD;
371 nla->nla_len = sz;
372
373 if (skb_copy_bits(entskb, 0, nla_data(nla), data_len))
374 BUG();
375 }
376
377 nlh->nlmsg_len = skb->tail - old_tail;
378 return skb;
379
380nlmsg_failure:
381nla_put_failure:
382 if (skb)
383 kfree_skb(skb);
384 if (net_ratelimit())
385 printk(KERN_ERR "nf_queue: error creating packet message\n");
386 return NULL;
387}
388
389static int
390nfqnl_enqueue_packet(struct nf_queue_entry *entry, unsigned int queuenum)
391{
392 struct sk_buff *nskb;
393 struct nfqnl_instance *queue;
394 int err;
395
396
397 queue = instance_lookup(queuenum);
398 if (!queue)
399 goto err_out;
400
401 if (queue->copy_mode == NFQNL_COPY_NONE)
402 goto err_out;
403
404 nskb = nfqnl_build_packet_message(queue, entry);
405 if (nskb == NULL)
406 goto err_out;
407
408 spin_lock_bh(&queue->lock);
409
410 if (!queue->peer_pid)
411 goto err_out_free_nskb;
412
413 if (queue->queue_total >= queue->queue_maxlen) {
414 queue->queue_dropped++;
415 if (net_ratelimit())
416 printk(KERN_WARNING "nf_queue: full at %d entries, "
417 "dropping packets(s). Dropped: %d\n",
418 queue->queue_total, queue->queue_dropped);
419 goto err_out_free_nskb;
420 }
421
422
423 err = nfnetlink_unicast(nskb, queue->peer_pid, MSG_DONTWAIT);
424 if (err < 0) {
425 queue->queue_user_dropped++;
426 goto err_out_unlock;
427 }
428
429 __enqueue_entry(queue, entry);
430
431 spin_unlock_bh(&queue->lock);
432 return 0;
433
434err_out_free_nskb:
435 kfree_skb(nskb);
436err_out_unlock:
437 spin_unlock_bh(&queue->lock);
438err_out:
439 return -1;
440}
441
442static int
443nfqnl_mangle(void *data, int data_len, struct nf_queue_entry *e)
444{
445 struct sk_buff *nskb;
446 int diff;
447
448 diff = data_len - e->skb->len;
449 if (diff < 0) {
450 if (pskb_trim(e->skb, data_len))
451 return -ENOMEM;
452 } else if (diff > 0) {
453 if (data_len > 0xFFFF)
454 return -EINVAL;
455 if (diff > skb_tailroom(e->skb)) {
456 nskb = skb_copy_expand(e->skb, skb_headroom(e->skb),
457 diff, GFP_ATOMIC);
458 if (!nskb) {
459 printk(KERN_WARNING "nf_queue: OOM "
460 "in mangle, dropping packet\n");
461 return -ENOMEM;
462 }
463 kfree_skb(e->skb);
464 e->skb = nskb;
465 }
466 skb_put(e->skb, diff);
467 }
468 if (!skb_make_writable(e->skb, data_len))
469 return -ENOMEM;
470 skb_copy_to_linear_data(e->skb, data, data_len);
471 e->skb->ip_summed = CHECKSUM_NONE;
472 return 0;
473}
474
475static int
476nfqnl_set_mode(struct nfqnl_instance *queue,
477 unsigned char mode, unsigned int range)
478{
479 int status = 0;
480
481 spin_lock_bh(&queue->lock);
482 switch (mode) {
483 case NFQNL_COPY_NONE:
484 case NFQNL_COPY_META:
485 queue->copy_mode = mode;
486 queue->copy_range = 0;
487 break;
488
489 case NFQNL_COPY_PACKET:
490 queue->copy_mode = mode;
491
492 if (range > 0xffff)
493 queue->copy_range = 0xffff;
494 else
495 queue->copy_range = range;
496 break;
497
498 default:
499 status = -EINVAL;
500
501 }
502 spin_unlock_bh(&queue->lock);
503
504 return status;
505}
506
507static int
508dev_cmp(struct nf_queue_entry *entry, unsigned long ifindex)
509{
510 if (entry->indev)
511 if (entry->indev->ifindex == ifindex)
512 return 1;
513 if (entry->outdev)
514 if (entry->outdev->ifindex == ifindex)
515 return 1;
516#ifdef CONFIG_BRIDGE_NETFILTER
517 if (entry->skb->nf_bridge) {
518 if (entry->skb->nf_bridge->physindev &&
519 entry->skb->nf_bridge->physindev->ifindex == ifindex)
520 return 1;
521 if (entry->skb->nf_bridge->physoutdev &&
522 entry->skb->nf_bridge->physoutdev->ifindex == ifindex)
523 return 1;
524 }
525#endif
526 return 0;
527}
528
529
530
531static void
532nfqnl_dev_drop(int ifindex)
533{
534 int i;
535
536 rcu_read_lock();
537
538 for (i = 0; i < INSTANCE_BUCKETS; i++) {
539 struct hlist_node *tmp;
540 struct nfqnl_instance *inst;
541 struct hlist_head *head = &instance_table[i];
542
543 hlist_for_each_entry_rcu(inst, tmp, head, hlist)
544 nfqnl_flush(inst, dev_cmp, ifindex);
545 }
546
547 rcu_read_unlock();
548}
549
550#define RCV_SKB_FAIL(err) do { netlink_ack(skb, nlh, (err)); return; } while (0)
551
552static int
553nfqnl_rcv_dev_event(struct notifier_block *this,
554 unsigned long event, void *ptr)
555{
556 struct net_device *dev = ptr;
557
558 if (!net_eq(dev_net(dev), &init_net))
559 return NOTIFY_DONE;
560
561
562 if (event == NETDEV_DOWN)
563 nfqnl_dev_drop(dev->ifindex);
564 return NOTIFY_DONE;
565}
566
567static struct notifier_block nfqnl_dev_notifier = {
568 .notifier_call = nfqnl_rcv_dev_event,
569};
570
571static int
572nfqnl_rcv_nl_event(struct notifier_block *this,
573 unsigned long event, void *ptr)
574{
575 struct netlink_notify *n = ptr;
576
577 if (event == NETLINK_URELEASE &&
578 n->protocol == NETLINK_NETFILTER && n->pid) {
579 int i;
580
581
582 spin_lock(&instances_lock);
583 for (i = 0; i < INSTANCE_BUCKETS; i++) {
584 struct hlist_node *tmp, *t2;
585 struct nfqnl_instance *inst;
586 struct hlist_head *head = &instance_table[i];
587
588 hlist_for_each_entry_safe(inst, tmp, t2, head, hlist) {
589 if ((n->net == &init_net) &&
590 (n->pid == inst->peer_pid))
591 __instance_destroy(inst);
592 }
593 }
594 spin_unlock(&instances_lock);
595 }
596 return NOTIFY_DONE;
597}
598
599static struct notifier_block nfqnl_rtnl_notifier = {
600 .notifier_call = nfqnl_rcv_nl_event,
601};
602
603static const struct nla_policy nfqa_verdict_policy[NFQA_MAX+1] = {
604 [NFQA_VERDICT_HDR] = { .len = sizeof(struct nfqnl_msg_verdict_hdr) },
605 [NFQA_MARK] = { .type = NLA_U32 },
606 [NFQA_PAYLOAD] = { .type = NLA_UNSPEC },
607};
608
609static int
610nfqnl_recv_verdict(struct sock *ctnl, struct sk_buff *skb,
611 const struct nlmsghdr *nlh,
612 const struct nlattr * const nfqa[])
613{
614 struct nfgenmsg *nfmsg = NLMSG_DATA(nlh);
615 u_int16_t queue_num = ntohs(nfmsg->res_id);
616
617 struct nfqnl_msg_verdict_hdr *vhdr;
618 struct nfqnl_instance *queue;
619 unsigned int verdict;
620 struct nf_queue_entry *entry;
621 int err;
622
623 rcu_read_lock();
624 queue = instance_lookup(queue_num);
625 if (!queue) {
626 err = -ENODEV;
627 goto err_out_unlock;
628 }
629
630 if (queue->peer_pid != NETLINK_CB(skb).pid) {
631 err = -EPERM;
632 goto err_out_unlock;
633 }
634
635 if (!nfqa[NFQA_VERDICT_HDR]) {
636 err = -EINVAL;
637 goto err_out_unlock;
638 }
639
640 vhdr = nla_data(nfqa[NFQA_VERDICT_HDR]);
641 verdict = ntohl(vhdr->verdict);
642
643 if ((verdict & NF_VERDICT_MASK) > NF_MAX_VERDICT) {
644 err = -EINVAL;
645 goto err_out_unlock;
646 }
647
648 entry = find_dequeue_entry(queue, ntohl(vhdr->id));
649 if (entry == NULL) {
650 err = -ENOENT;
651 goto err_out_unlock;
652 }
653 rcu_read_unlock();
654
655 if (nfqa[NFQA_PAYLOAD]) {
656 if (nfqnl_mangle(nla_data(nfqa[NFQA_PAYLOAD]),
657 nla_len(nfqa[NFQA_PAYLOAD]), entry) < 0)
658 verdict = NF_DROP;
659 }
660
661 if (nfqa[NFQA_MARK])
662 entry->skb->mark = ntohl(nla_get_be32(nfqa[NFQA_MARK]));
663
664 nf_reinject(entry, verdict);
665 return 0;
666
667err_out_unlock:
668 rcu_read_unlock();
669 return err;
670}
671
672static int
673nfqnl_recv_unsupp(struct sock *ctnl, struct sk_buff *skb,
674 const struct nlmsghdr *nlh,
675 const struct nlattr * const nfqa[])
676{
677 return -ENOTSUPP;
678}
679
680static const struct nla_policy nfqa_cfg_policy[NFQA_CFG_MAX+1] = {
681 [NFQA_CFG_CMD] = { .len = sizeof(struct nfqnl_msg_config_cmd) },
682 [NFQA_CFG_PARAMS] = { .len = sizeof(struct nfqnl_msg_config_params) },
683};
684
685static const struct nf_queue_handler nfqh = {
686 .name = "nf_queue",
687 .outfn = &nfqnl_enqueue_packet,
688};
689
690static int
691nfqnl_recv_config(struct sock *ctnl, struct sk_buff *skb,
692 const struct nlmsghdr *nlh,
693 const struct nlattr * const nfqa[])
694{
695 struct nfgenmsg *nfmsg = NLMSG_DATA(nlh);
696 u_int16_t queue_num = ntohs(nfmsg->res_id);
697 struct nfqnl_instance *queue;
698 struct nfqnl_msg_config_cmd *cmd = NULL;
699 int ret = 0;
700
701 if (nfqa[NFQA_CFG_CMD]) {
702 cmd = nla_data(nfqa[NFQA_CFG_CMD]);
703
704
705 switch (cmd->command) {
706 case NFQNL_CFG_CMD_PF_BIND:
707 return nf_register_queue_handler(ntohs(cmd->pf),
708 &nfqh);
709 case NFQNL_CFG_CMD_PF_UNBIND:
710 return nf_unregister_queue_handler(ntohs(cmd->pf),
711 &nfqh);
712 }
713 }
714
715 rcu_read_lock();
716 queue = instance_lookup(queue_num);
717 if (queue && queue->peer_pid != NETLINK_CB(skb).pid) {
718 ret = -EPERM;
719 goto err_out_unlock;
720 }
721
722 if (cmd != NULL) {
723 switch (cmd->command) {
724 case NFQNL_CFG_CMD_BIND:
725 if (queue) {
726 ret = -EBUSY;
727 goto err_out_unlock;
728 }
729 queue = instance_create(queue_num, NETLINK_CB(skb).pid);
730 if (IS_ERR(queue)) {
731 ret = PTR_ERR(queue);
732 goto err_out_unlock;
733 }
734 break;
735 case NFQNL_CFG_CMD_UNBIND:
736 if (!queue) {
737 ret = -ENODEV;
738 goto err_out_unlock;
739 }
740 instance_destroy(queue);
741 break;
742 case NFQNL_CFG_CMD_PF_BIND:
743 case NFQNL_CFG_CMD_PF_UNBIND:
744 break;
745 default:
746 ret = -ENOTSUPP;
747 break;
748 }
749 }
750
751 if (nfqa[NFQA_CFG_PARAMS]) {
752 struct nfqnl_msg_config_params *params;
753
754 if (!queue) {
755 ret = -ENODEV;
756 goto err_out_unlock;
757 }
758 params = nla_data(nfqa[NFQA_CFG_PARAMS]);
759 nfqnl_set_mode(queue, params->copy_mode,
760 ntohl(params->copy_range));
761 }
762
763 if (nfqa[NFQA_CFG_QUEUE_MAXLEN]) {
764 __be32 *queue_maxlen;
765
766 if (!queue) {
767 ret = -ENODEV;
768 goto err_out_unlock;
769 }
770 queue_maxlen = nla_data(nfqa[NFQA_CFG_QUEUE_MAXLEN]);
771 spin_lock_bh(&queue->lock);
772 queue->queue_maxlen = ntohl(*queue_maxlen);
773 spin_unlock_bh(&queue->lock);
774 }
775
776err_out_unlock:
777 rcu_read_unlock();
778 return ret;
779}
780
781static const struct nfnl_callback nfqnl_cb[NFQNL_MSG_MAX] = {
782 [NFQNL_MSG_PACKET] = { .call = nfqnl_recv_unsupp,
783 .attr_count = NFQA_MAX, },
784 [NFQNL_MSG_VERDICT] = { .call = nfqnl_recv_verdict,
785 .attr_count = NFQA_MAX,
786 .policy = nfqa_verdict_policy },
787 [NFQNL_MSG_CONFIG] = { .call = nfqnl_recv_config,
788 .attr_count = NFQA_CFG_MAX,
789 .policy = nfqa_cfg_policy },
790};
791
792static const struct nfnetlink_subsystem nfqnl_subsys = {
793 .name = "nf_queue",
794 .subsys_id = NFNL_SUBSYS_QUEUE,
795 .cb_count = NFQNL_MSG_MAX,
796 .cb = nfqnl_cb,
797};
798
799#ifdef CONFIG_PROC_FS
800struct iter_state {
801 unsigned int bucket;
802};
803
804static struct hlist_node *get_first(struct seq_file *seq)
805{
806 struct iter_state *st = seq->private;
807
808 if (!st)
809 return NULL;
810
811 for (st->bucket = 0; st->bucket < INSTANCE_BUCKETS; st->bucket++) {
812 if (!hlist_empty(&instance_table[st->bucket]))
813 return instance_table[st->bucket].first;
814 }
815 return NULL;
816}
817
818static struct hlist_node *get_next(struct seq_file *seq, struct hlist_node *h)
819{
820 struct iter_state *st = seq->private;
821
822 h = h->next;
823 while (!h) {
824 if (++st->bucket >= INSTANCE_BUCKETS)
825 return NULL;
826
827 h = instance_table[st->bucket].first;
828 }
829 return h;
830}
831
832static struct hlist_node *get_idx(struct seq_file *seq, loff_t pos)
833{
834 struct hlist_node *head;
835 head = get_first(seq);
836
837 if (head)
838 while (pos && (head = get_next(seq, head)))
839 pos--;
840 return pos ? NULL : head;
841}
842
843static void *seq_start(struct seq_file *seq, loff_t *pos)
844 __acquires(instances_lock)
845{
846 spin_lock(&instances_lock);
847 return get_idx(seq, *pos);
848}
849
850static void *seq_next(struct seq_file *s, void *v, loff_t *pos)
851{
852 (*pos)++;
853 return get_next(s, v);
854}
855
856static void seq_stop(struct seq_file *s, void *v)
857 __releases(instances_lock)
858{
859 spin_unlock(&instances_lock);
860}
861
862static int seq_show(struct seq_file *s, void *v)
863{
864 const struct nfqnl_instance *inst = v;
865
866 return seq_printf(s, "%5d %6d %5d %1d %5d %5d %5d %8d %2d\n",
867 inst->queue_num,
868 inst->peer_pid, inst->queue_total,
869 inst->copy_mode, inst->copy_range,
870 inst->queue_dropped, inst->queue_user_dropped,
871 inst->id_sequence, 1);
872}
873
874static const struct seq_operations nfqnl_seq_ops = {
875 .start = seq_start,
876 .next = seq_next,
877 .stop = seq_stop,
878 .show = seq_show,
879};
880
881static int nfqnl_open(struct inode *inode, struct file *file)
882{
883 return seq_open_private(file, &nfqnl_seq_ops,
884 sizeof(struct iter_state));
885}
886
887static const struct file_operations nfqnl_file_ops = {
888 .owner = THIS_MODULE,
889 .open = nfqnl_open,
890 .read = seq_read,
891 .llseek = seq_lseek,
892 .release = seq_release_private,
893};
894
895#endif
896
897static int __init nfnetlink_queue_init(void)
898{
899 int i, status = -ENOMEM;
900
901 for (i = 0; i < INSTANCE_BUCKETS; i++)
902 INIT_HLIST_HEAD(&instance_table[i]);
903
904 netlink_register_notifier(&nfqnl_rtnl_notifier);
905 status = nfnetlink_subsys_register(&nfqnl_subsys);
906 if (status < 0) {
907 printk(KERN_ERR "nf_queue: failed to create netlink socket\n");
908 goto cleanup_netlink_notifier;
909 }
910
911#ifdef CONFIG_PROC_FS
912 if (!proc_create("nfnetlink_queue", 0440,
913 proc_net_netfilter, &nfqnl_file_ops))
914 goto cleanup_subsys;
915#endif
916
917 register_netdevice_notifier(&nfqnl_dev_notifier);
918 return status;
919
920#ifdef CONFIG_PROC_FS
921cleanup_subsys:
922 nfnetlink_subsys_unregister(&nfqnl_subsys);
923#endif
924cleanup_netlink_notifier:
925 netlink_unregister_notifier(&nfqnl_rtnl_notifier);
926 return status;
927}
928
929static void __exit nfnetlink_queue_fini(void)
930{
931 nf_unregister_queue_handlers(&nfqh);
932 unregister_netdevice_notifier(&nfqnl_dev_notifier);
933#ifdef CONFIG_PROC_FS
934 remove_proc_entry("nfnetlink_queue", proc_net_netfilter);
935#endif
936 nfnetlink_subsys_unregister(&nfqnl_subsys);
937 netlink_unregister_notifier(&nfqnl_rtnl_notifier);
938
939 rcu_barrier();
940}
941
942MODULE_DESCRIPTION("netfilter packet queue handler");
943MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>");
944MODULE_LICENSE("GPL");
945MODULE_ALIAS_NFNL_SUBSYS(NFNL_SUBSYS_QUEUE);
946
947module_init(nfnetlink_queue_init);
948module_exit(nfnetlink_queue_fini);
949
