X-Git-Url: http://pilppa.org/gitweb/gitweb.cgi?a=blobdiff_plain;f=net%2Fnetfilter%2Fxt_MARK.c;h=67574bcfb8ac8016e65d211ce6126806a157f229;hb=cbf7e9490ea3d1680362b4be3a7809042d493617;hp=bc6503d77d75437d051c863a3b7771da8948a943;hpb=0c326331c8b107abc0a160e8899d749150b8f76a;p=linux-2.6-omap-h63xx.git diff --git a/net/netfilter/xt_MARK.c b/net/netfilter/xt_MARK.c index bc6503d77d7..67574bcfb8a 100644 --- a/net/netfilter/xt_MARK.c +++ b/net/netfilter/xt_MARK.c @@ -1,10 +1,13 @@ -/* This is a module which is used for setting the NFMARK field of an skb. */ - -/* (C) 1999-2001 Marc Boucher +/* + * xt_MARK - Netfilter module to modify the NFMARK field of an skb + * + * (C) 1999-2001 Marc Boucher + * Copyright © CC Computer Consultants GmbH, 2007 - 2008 + * Jan Engelhardt * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 2 as - * published by the Free Software Foundation. + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. */ #include @@ -17,33 +20,23 @@ MODULE_LICENSE("GPL"); MODULE_AUTHOR("Marc Boucher "); -MODULE_DESCRIPTION("ip[6]tables MARK modification module"); +MODULE_DESCRIPTION("Xtables: packet mark modification"); MODULE_ALIAS("ipt_MARK"); MODULE_ALIAS("ip6t_MARK"); static unsigned int -target_v0(struct sk_buff *skb, - const struct net_device *in, - const struct net_device *out, - unsigned int hooknum, - const struct xt_target *target, - const void *targinfo) +mark_tg_v0(struct sk_buff *skb, const struct xt_target_param *par) { - const struct xt_mark_target_info *markinfo = targinfo; + const struct xt_mark_target_info *markinfo = par->targinfo; skb->mark = markinfo->mark; return XT_CONTINUE; } static unsigned int -target_v1(struct sk_buff *skb, - const struct net_device *in, - const struct net_device *out, - unsigned int hooknum, - const struct xt_target *target, - const void *targinfo) +mark_tg_v1(struct sk_buff *skb, const struct xt_target_param *par) { - const struct xt_mark_target_info_v1 *markinfo = targinfo; + const struct xt_mark_target_info_v1 *markinfo = par->targinfo; int mark = 0; switch (markinfo->mode) { @@ -64,15 +57,18 @@ target_v1(struct sk_buff *skb, return XT_CONTINUE; } +static unsigned int +mark_tg(struct sk_buff *skb, const struct xt_target_param *par) +{ + const struct xt_mark_tginfo2 *info = par->targinfo; + + skb->mark = (skb->mark & ~info->mask) ^ info->mark; + return XT_CONTINUE; +} -static bool -checkentry_v0(const char *tablename, - const void *entry, - const struct xt_target *target, - void *targinfo, - unsigned int hook_mask) +static bool mark_tg_check_v0(const struct xt_tgchk_param *par) { - const struct xt_mark_target_info *markinfo = targinfo; + const struct xt_mark_target_info *markinfo = par->targinfo; if (markinfo->mark > 0xffffffff) { printk(KERN_WARNING "MARK: Only supports 32bit wide mark\n"); @@ -81,14 +77,9 @@ checkentry_v0(const char *tablename, return true; } -static bool -checkentry_v1(const char *tablename, - const void *entry, - const struct xt_target *target, - void *targinfo, - unsigned int hook_mask) +static bool mark_tg_check_v1(const struct xt_tgchk_param *par) { - const struct xt_mark_target_info_v1 *markinfo = targinfo; + const struct xt_mark_target_info_v1 *markinfo = par->targinfo; if (markinfo->mode != XT_MARK_SET && markinfo->mode != XT_MARK_AND @@ -105,6 +96,28 @@ checkentry_v1(const char *tablename, } #ifdef CONFIG_COMPAT +struct compat_xt_mark_target_info { + compat_ulong_t mark; +}; + +static void mark_tg_compat_from_user_v0(void *dst, void *src) +{ + const struct compat_xt_mark_target_info *cm = src; + struct xt_mark_target_info m = { + .mark = cm->mark, + }; + memcpy(dst, &m, sizeof(m)); +} + +static int mark_tg_compat_to_user_v0(void __user *dst, void *src) +{ + const struct xt_mark_target_info *m = src; + struct compat_xt_mark_target_info cm = { + .mark = m->mark, + }; + return copy_to_user(dst, &cm, sizeof(cm)) ? -EFAULT : 0; +} + struct compat_xt_mark_target_info_v1 { compat_ulong_t mark; u_int8_t mode; @@ -112,7 +125,7 @@ struct compat_xt_mark_target_info_v1 { u_int16_t __pad2; }; -static void compat_from_user_v1(void *dst, void *src) +static void mark_tg_compat_from_user_v1(void *dst, void *src) { const struct compat_xt_mark_target_info_v1 *cm = src; struct xt_mark_target_info_v1 m = { @@ -122,7 +135,7 @@ static void compat_from_user_v1(void *dst, void *src) memcpy(dst, &m, sizeof(m)); } -static int compat_to_user_v1(void __user *dst, void *src) +static int mark_tg_compat_to_user_v1(void __user *dst, void *src) { const struct xt_mark_target_info_v1 *m = src; struct compat_xt_mark_target_info_v1 cm = { @@ -133,53 +146,56 @@ static int compat_to_user_v1(void __user *dst, void *src) } #endif /* CONFIG_COMPAT */ -static struct xt_target xt_mark_target[] __read_mostly = { +static struct xt_target mark_tg_reg[] __read_mostly = { { .name = "MARK", - .family = AF_INET, + .family = NFPROTO_UNSPEC, .revision = 0, - .checkentry = checkentry_v0, - .target = target_v0, + .checkentry = mark_tg_check_v0, + .target = mark_tg_v0, .targetsize = sizeof(struct xt_mark_target_info), +#ifdef CONFIG_COMPAT + .compatsize = sizeof(struct compat_xt_mark_target_info), + .compat_from_user = mark_tg_compat_from_user_v0, + .compat_to_user = mark_tg_compat_to_user_v0, +#endif .table = "mangle", .me = THIS_MODULE, }, { .name = "MARK", - .family = AF_INET, + .family = NFPROTO_UNSPEC, .revision = 1, - .checkentry = checkentry_v1, - .target = target_v1, + .checkentry = mark_tg_check_v1, + .target = mark_tg_v1, .targetsize = sizeof(struct xt_mark_target_info_v1), #ifdef CONFIG_COMPAT .compatsize = sizeof(struct compat_xt_mark_target_info_v1), - .compat_from_user = compat_from_user_v1, - .compat_to_user = compat_to_user_v1, + .compat_from_user = mark_tg_compat_from_user_v1, + .compat_to_user = mark_tg_compat_to_user_v1, #endif .table = "mangle", .me = THIS_MODULE, }, { - .name = "MARK", - .family = AF_INET6, - .revision = 0, - .checkentry = checkentry_v0, - .target = target_v0, - .targetsize = sizeof(struct xt_mark_target_info), - .table = "mangle", - .me = THIS_MODULE, + .name = "MARK", + .revision = 2, + .family = NFPROTO_UNSPEC, + .target = mark_tg, + .targetsize = sizeof(struct xt_mark_tginfo2), + .me = THIS_MODULE, }, }; -static int __init xt_mark_init(void) +static int __init mark_tg_init(void) { - return xt_register_targets(xt_mark_target, ARRAY_SIZE(xt_mark_target)); + return xt_register_targets(mark_tg_reg, ARRAY_SIZE(mark_tg_reg)); } -static void __exit xt_mark_fini(void) +static void __exit mark_tg_exit(void) { - xt_unregister_targets(xt_mark_target, ARRAY_SIZE(xt_mark_target)); + xt_unregister_targets(mark_tg_reg, ARRAY_SIZE(mark_tg_reg)); } -module_init(xt_mark_init); -module_exit(xt_mark_fini); +module_init(mark_tg_init); +module_exit(mark_tg_exit);