net/netfilter/xt_MARK.c

   1 /* This is a module which is used for setting the NFMARK field of an skb. */
   2
   3 /* (C) 1999-2001 Marc Boucher <marc@mbsi.ca>
   4  *
   5  * This program is free software; you can redistribute it and/or modify
   6  * it under the terms of the GNU General Public License version 2 as
   7  * published by the Free Software Foundation.
   8  */
   9
  10 #include <linux/module.h>
  11 #include <linux/skbuff.h>
  12 #include <linux/ip.h>
  13 #include <net/checksum.h>
  14
  15 #include <linux/netfilter/x_tables.h>
  16 #include <linux/netfilter/xt_MARK.h>
  17
  18 MODULE_LICENSE("GPL");
  19 MODULE_AUTHOR("Marc Boucher <marc@mbsi.ca>");
  20 MODULE_DESCRIPTION("ip[6]tables MARK modification module");
  21 MODULE_ALIAS("ipt_MARK");
  22 MODULE_ALIAS("ip6t_MARK");
  23
  24 static unsigned int
  25 mark_tg_v0(struct sk_buff *skb, const struct net_device *in,
  26            const struct net_device *out, unsigned int hooknum,
  27            const struct xt_target *target, const void *targinfo)
  28 {
  29         const struct xt_mark_target_info *markinfo = targinfo;
  30
  31         skb->mark = markinfo->mark;
  32         return XT_CONTINUE;
  33 }
  34
  35 static unsigned int
  36 mark_tg(struct sk_buff *skb, const struct net_device *in,
  37         const struct net_device *out, unsigned int hooknum,
  38         const struct xt_target *target, const void *targinfo)
  39 {
  40         const struct xt_mark_target_info_v1 *markinfo = targinfo;
  41         int mark = 0;
  42
  43         switch (markinfo->mode) {
  44         case XT_MARK_SET:
  45                 mark = markinfo->mark;
  46                 break;
  47
  48         case XT_MARK_AND:
  49                 mark = skb->mark & markinfo->mark;
  50                 break;
  51
  52         case XT_MARK_OR:
  53                 mark = skb->mark | markinfo->mark;
  54                 break;
  55         }
  56
  57         skb->mark = mark;
  58         return XT_CONTINUE;
  59 }
  60
  61 static bool
  62 mark_tg_check_v0(const char *tablename, const void *entry,
  63                  const struct xt_target *target, void *targinfo,
  64                  unsigned int hook_mask)
  65 {
  66         const struct xt_mark_target_info *markinfo = targinfo;
  67
  68         if (markinfo->mark > 0xffffffff) {
  69                 printk(KERN_WARNING "MARK: Only supports 32bit wide mark\n");
  70                 return false;
  71         }
  72         return true;
  73 }
  74
  75 static bool
  76 mark_tg_check(const char *tablename, const void *entry,
  77               const struct xt_target *target, void *targinfo,
  78               unsigned int hook_mask)
  79 {
  80         const struct xt_mark_target_info_v1 *markinfo = targinfo;
  81
  82         if (markinfo->mode != XT_MARK_SET
  83             && markinfo->mode != XT_MARK_AND
  84             && markinfo->mode != XT_MARK_OR) {
  85                 printk(KERN_WARNING "MARK: unknown mode %u\n",
  86                        markinfo->mode);
  87                 return false;
  88         }
  89         if (markinfo->mark > 0xffffffff) {
  90                 printk(KERN_WARNING "MARK: Only supports 32bit wide mark\n");
  91                 return false;
  92         }
  93         return true;
  94 }
  95
  96 #ifdef CONFIG_COMPAT
  97 struct compat_xt_mark_target_info_v1 {
  98         compat_ulong_t  mark;
  99         u_int8_t        mode;
 100         u_int8_t        __pad1;
 101         u_int16_t       __pad2;
 102 };
 103
 104 static void mark_tg_compat_from_user(void *dst, void *src)
 105 {
 106         const struct compat_xt_mark_target_info_v1 *cm = src;
 107         struct xt_mark_target_info_v1 m = {
 108                 .mark   = cm->mark,
 109                 .mode   = cm->mode,
 110         };
 111         memcpy(dst, &m, sizeof(m));
 112 }
 113
 114 static int mark_tg_compat_to_user(void __user *dst, void *src)
 115 {
 116         const struct xt_mark_target_info_v1 *m = src;
 117         struct compat_xt_mark_target_info_v1 cm = {
 118                 .mark   = m->mark,
 119                 .mode   = m->mode,
 120         };
 121         return copy_to_user(dst, &cm, sizeof(cm)) ? -EFAULT : 0;
 122 }
 123 #endif /* CONFIG_COMPAT */
 124
 125 static struct xt_target mark_tg_reg[] __read_mostly = {
 126         {
 127                 .name           = "MARK",
 128                 .family         = AF_INET,
 129                 .revision       = 0,
 130                 .checkentry     = mark_tg_check_v0,
 131                 .target         = mark_tg_v0,
 132                 .targetsize     = sizeof(struct xt_mark_target_info),
 133                 .table          = "mangle",
 134                 .me             = THIS_MODULE,
 135         },
 136         {
 137                 .name           = "MARK",
 138                 .family         = AF_INET,
 139                 .revision       = 1,
 140                 .checkentry     = mark_tg_check,
 141                 .target         = mark_tg,
 142                 .targetsize     = sizeof(struct xt_mark_target_info_v1),
 143 #ifdef CONFIG_COMPAT
 144                 .compatsize     = sizeof(struct compat_xt_mark_target_info_v1),
 145                 .compat_from_user = mark_tg_compat_from_user,
 146                 .compat_to_user = mark_tg_compat_to_user,
 147 #endif
 148                 .table          = "mangle",
 149                 .me             = THIS_MODULE,
 150         },
 151         {
 152                 .name           = "MARK",
 153                 .family         = AF_INET6,
 154                 .revision       = 0,
 155                 .checkentry     = mark_tg_check_v0,
 156                 .target         = mark_tg_v0,
 157                 .targetsize     = sizeof(struct xt_mark_target_info),
 158                 .table          = "mangle",
 159                 .me             = THIS_MODULE,
 160         },
 161         {
 162                 .name           = "MARK",
 163                 .family         = AF_INET6,
 164                 .revision       = 1,
 165                 .checkentry     = mark_tg_check,
 166                 .target         = mark_tg,
 167                 .targetsize     = sizeof(struct xt_mark_target_info_v1),
 168 #ifdef CONFIG_COMPAT
 169                 .compatsize     = sizeof(struct compat_xt_mark_target_info_v1),
 170                 .compat_from_user = mark_tg_compat_from_user,
 171                 .compat_to_user = mark_tg_compat_to_user,
 172 #endif
 173                 .table          = "mangle",
 174                 .me             = THIS_MODULE,
 175         },
 176 };
 177
 178 static int __init mark_tg_init(void)
 179 {
 180         return xt_register_targets(mark_tg_reg, ARRAY_SIZE(mark_tg_reg));
 181 }
 182
 183 static void __exit mark_tg_exit(void)
 184 {
 185         xt_unregister_targets(mark_tg_reg, ARRAY_SIZE(mark_tg_reg));
 186 }
 187
 188 module_init(mark_tg_init);
 189 module_exit(mark_tg_exit);