LXR linux/net/bridge/netfilter/ebt_mark

   1/*
   2 *  ebt_mark_m
   3 *
   4 *      Authors:
   5 *      Bart De Schuymer <bdschuym@pandora.be>
   6 *
   7 *  July, 2002
   8 *
   9 */
  10#include <linux/module.h>
  11#include <linux/netfilter/x_tables.h>
  12#include <linux/netfilter_bridge/ebtables.h>
  13#include <linux/netfilter_bridge/ebt_mark_m.h>
  14
  15static bool
  16ebt_mark_mt(const struct sk_buff *skb, struct xt_action_param *par)
  17{
  18        const struct ebt_mark_m_info *info = par->matchinfo;
  19
  20        if (info->bitmask & EBT_MARK_OR)
  21                return !!(skb->mark & info->mask) ^ info->invert;
  22        return ((skb->mark & info->mask) == info->mark) ^ info->invert;
  23}
  24
  25static int ebt_mark_mt_check(const struct xt_mtchk_param *par)
  26{
  27        const struct ebt_mark_m_info *info = par->matchinfo;
  28
  29        if (info->bitmask & ~EBT_MARK_MASK)
  30                return -EINVAL;
  31        if ((info->bitmask & EBT_MARK_OR) && (info->bitmask & EBT_MARK_AND))
  32                return -EINVAL;
  33        if (!info->bitmask)
  34                return -EINVAL;
  35        return 0;
  36}
  37
  38
  39#ifdef CONFIG_COMPAT
  40struct compat_ebt_mark_m_info {
  41        compat_ulong_t mark, mask;
  42        uint8_t invert, bitmask;
  43};
  44
  45static void mark_mt_compat_from_user(void *dst, const void *src)
  46{
  47        const struct compat_ebt_mark_m_info *user = src;
  48        struct ebt_mark_m_info *kern = dst;
  49
  50        kern->mark = user->mark;
  51        kern->mask = user->mask;
  52        kern->invert = user->invert;
  53        kern->bitmask = user->bitmask;
  54}
  55
  56static int mark_mt_compat_to_user(void __user *dst, const void *src)
  57{
  58        struct compat_ebt_mark_m_info __user *user = dst;
  59        const struct ebt_mark_m_info *kern = src;
  60
  61        if (put_user(kern->mark, &user->mark) ||
  62            put_user(kern->mask, &user->mask) ||
  63            put_user(kern->invert, &user->invert) ||
  64            put_user(kern->bitmask, &user->bitmask))
  65                return -EFAULT;
  66        return 0;
  67}
  68#endif
  69
  70static struct xt_match ebt_mark_mt_reg __read_mostly = {
  71        .name           = "mark_m",
  72        .revision       = 0,
  73        .family         = NFPROTO_BRIDGE,
  74        .match          = ebt_mark_mt,
  75        .checkentry     = ebt_mark_mt_check,
  76        .matchsize      = sizeof(struct ebt_mark_m_info),
  77#ifdef CONFIG_COMPAT
  78        .compatsize     = sizeof(struct compat_ebt_mark_m_info),
  79        .compat_from_user = mark_mt_compat_from_user,
  80        .compat_to_user = mark_mt_compat_to_user,
  81#endif
  82        .me             = THIS_MODULE,
  83};
  84
  85static int __init ebt_mark_m_init(void)
  86{
  87        return xt_register_match(&ebt_mark_mt_reg);
  88}
  89
  90static void __exit ebt_mark_m_fini(void)
  91{
  92        xt_unregister_match(&ebt_mark_mt_reg);
  93}
  94
  95module_init(ebt_mark_m_init);
  96module_exit(ebt_mark_m_fini);
  97MODULE_DESCRIPTION("Ebtables: Packet mark match");
  98MODULE_LICENSE("GPL");
  99