linux/net/bridge/netfilter/ebt_mark_m.c
<<
>>
Prefs
   1// SPDX-License-Identifier: GPL-2.0-only
   2/*
   3 *  ebt_mark_m
   4 *
   5 *      Authors:
   6 *      Bart De Schuymer <bdschuym@pandora.be>
   7 *
   8 *  July, 2002
   9 *
  10 */
  11#include <linux/module.h>
  12#include <linux/netfilter/x_tables.h>
  13#include <linux/netfilter_bridge/ebtables.h>
  14#include <linux/netfilter_bridge/ebt_mark_m.h>
  15
  16static bool
  17ebt_mark_mt(const struct sk_buff *skb, struct xt_action_param *par)
  18{
  19        const struct ebt_mark_m_info *info = par->matchinfo;
  20
  21        if (info->bitmask & EBT_MARK_OR)
  22                return !!(skb->mark & info->mask) ^ info->invert;
  23        return ((skb->mark & info->mask) == info->mark) ^ info->invert;
  24}
  25
  26static int ebt_mark_mt_check(const struct xt_mtchk_param *par)
  27{
  28        const struct ebt_mark_m_info *info = par->matchinfo;
  29
  30        if (info->bitmask & ~EBT_MARK_MASK)
  31                return -EINVAL;
  32        if ((info->bitmask & EBT_MARK_OR) && (info->bitmask & EBT_MARK_AND))
  33                return -EINVAL;
  34        if (!info->bitmask)
  35                return -EINVAL;
  36        return 0;
  37}
  38
  39
  40#ifdef CONFIG_NETFILTER_XTABLES_COMPAT
  41struct compat_ebt_mark_m_info {
  42        compat_ulong_t mark, mask;
  43        uint8_t invert, bitmask;
  44};
  45
  46static void mark_mt_compat_from_user(void *dst, const void *src)
  47{
  48        const struct compat_ebt_mark_m_info *user = src;
  49        struct ebt_mark_m_info *kern = dst;
  50
  51        kern->mark = user->mark;
  52        kern->mask = user->mask;
  53        kern->invert = user->invert;
  54        kern->bitmask = user->bitmask;
  55}
  56
  57static int mark_mt_compat_to_user(void __user *dst, const void *src)
  58{
  59        struct compat_ebt_mark_m_info __user *user = dst;
  60        const struct ebt_mark_m_info *kern = src;
  61
  62        if (put_user(kern->mark, &user->mark) ||
  63            put_user(kern->mask, &user->mask) ||
  64            put_user(kern->invert, &user->invert) ||
  65            put_user(kern->bitmask, &user->bitmask))
  66                return -EFAULT;
  67        return 0;
  68}
  69#endif
  70
  71static struct xt_match ebt_mark_mt_reg __read_mostly = {
  72        .name           = "mark_m",
  73        .revision       = 0,
  74        .family         = NFPROTO_BRIDGE,
  75        .match          = ebt_mark_mt,
  76        .checkentry     = ebt_mark_mt_check,
  77        .matchsize      = sizeof(struct ebt_mark_m_info),
  78#ifdef CONFIG_NETFILTER_XTABLES_COMPAT
  79        .compatsize     = sizeof(struct compat_ebt_mark_m_info),
  80        .compat_from_user = mark_mt_compat_from_user,
  81        .compat_to_user = mark_mt_compat_to_user,
  82#endif
  83        .me             = THIS_MODULE,
  84};
  85
  86static int __init ebt_mark_m_init(void)
  87{
  88        return xt_register_match(&ebt_mark_mt_reg);
  89}
  90
  91static void __exit ebt_mark_m_fini(void)
  92{
  93        xt_unregister_match(&ebt_mark_mt_reg);
  94}
  95
  96module_init(ebt_mark_m_init);
  97module_exit(ebt_mark_m_fini);
  98MODULE_DESCRIPTION("Ebtables: Packet mark match");
  99MODULE_LICENSE("GPL");
 100