linux/include/net/netfilter/nf_conntrack_zones.h
<<
>>
Prefs 
   1/* SPDX-License-Identifier: GPL-2.0 */
   2#ifndef _NF_CONNTRACK_ZONES_H
   3#define _NF_CONNTRACK_ZONES_H
   4
   5#include <linux/netfilter/nf_conntrack_zones_common.h>
   6
   7#if IS_ENABLED(CONFIG_NF_CONNTRACK)
   8#include <net/netfilter/nf_conntrack_extend.h>
   9
  10static inline const struct nf_conntrack_zone *
  11nf_ct_zone(const struct nf_conn *ct)
  12{
  13#ifdef CONFIG_NF_CONNTRACK_ZONES
  14        return &ct->zone;
  15#else
  16        return &nf_ct_zone_dflt;
  17#endif
  18}
  19
  20static inline const struct nf_conntrack_zone *
  21nf_ct_zone_init(struct nf_conntrack_zone *zone, u16 id, u8 dir, u8 flags)
  22{
  23        zone->id = id;
  24        zone->flags = flags;
  25        zone->dir = dir;
  26
  27        return zone;
  28}
  29
  30static inline const struct nf_conntrack_zone *
  31nf_ct_zone_tmpl(const struct nf_conn *tmpl, const struct sk_buff *skb,
  32                struct nf_conntrack_zone *tmp)
  33{
  34#ifdef CONFIG_NF_CONNTRACK_ZONES
  35        if (!tmpl)
  36                return &nf_ct_zone_dflt;
  37
  38        if (tmpl->zone.flags & NF_CT_FLAG_MARK)
  39                return nf_ct_zone_init(tmp, skb->mark, tmpl->zone.dir, 0);
  40#endif
  41        return nf_ct_zone(tmpl);
  42}
  43
  44static inline void nf_ct_zone_add(struct nf_conn *ct,
  45                                  const struct nf_conntrack_zone *zone)
  46{
  47#ifdef CONFIG_NF_CONNTRACK_ZONES
  48        ct->zone = *zone;
  49#endif
  50}
  51
  52static inline bool nf_ct_zone_matches_dir(const struct nf_conntrack_zone *zone,
  53                                          enum ip_conntrack_dir dir)
  54{
  55        return zone->dir & (1 << dir);
  56}
  57
  58static inline u16 nf_ct_zone_id(const struct nf_conntrack_zone *zone,
  59                                enum ip_conntrack_dir dir)
  60{
  61#ifdef CONFIG_NF_CONNTRACK_ZONES
  62        return nf_ct_zone_matches_dir(zone, dir) ?
  63               zone->id : NF_CT_DEFAULT_ZONE_ID;
  64#else
  65        return NF_CT_DEFAULT_ZONE_ID;
  66#endif
  67}
  68
  69static inline bool nf_ct_zone_equal(const struct nf_conn *a,
  70                                    const struct nf_conntrack_zone *b,
  71                                    enum ip_conntrack_dir dir)
  72{
  73#ifdef CONFIG_NF_CONNTRACK_ZONES
  74        return nf_ct_zone_id(nf_ct_zone(a), dir) ==
  75               nf_ct_zone_id(b, dir);
  76#else
  77        return true;
  78#endif
  79}
  80
  81static inline bool nf_ct_zone_equal_any(const struct nf_conn *a,
  82                                        const struct nf_conntrack_zone *b)
  83{
  84#ifdef CONFIG_NF_CONNTRACK_ZONES
  85        return nf_ct_zone(a)->id == b->id;
  86#else
  87        return true;
  88#endif
  89}
  90#endif /* IS_ENABLED(CONFIG_NF_CONNTRACK) */
  91#endif /* _NF_CONNTRACK_ZONES_H */
  92
Hosted by Missing Link Electronics. The original LXR software by the LXR community, this experimental version by lxr@linux.no.