search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[NETFILTER]: ip6_tables: use raw_smp_processor_id() in do_add_counters()
[linux-2.6/libata-dev.git] / net / netfilter / xt_mark.c
blobce8735e9762779d51575826f4bc32e513459b639
1 /* Kernel module to match NFMARK values. */
2
3 /* (C) 1999-2001 Marc Boucher <marc@mbsi.ca>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 */
9
10 #include <linux/module.h>
11 #include <linux/skbuff.h>
12
13 #include <linux/netfilter/xt_mark.h>
14 #include <linux/netfilter/x_tables.h>
15
16 MODULE_LICENSE("GPL");
17 MODULE_AUTHOR("Marc Boucher <marc@mbsi.ca>");
18 MODULE_DESCRIPTION("iptables mark matching module");
19 MODULE_ALIAS("ipt_mark");
20 MODULE_ALIAS("ip6t_mark");
21
22 static bool
23 mark_mt(const struct sk_buff *skb, const struct net_device *in,
24 const struct net_device *out, const struct xt_match *match,
25 const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop)
26 {
27 const struct xt_mark_info *info = matchinfo;
28
29 return ((skb->mark & info->mask) == info->mark) ^ info->invert;
30 }
31
32 static bool
33 mark_mt_check(const char *tablename, const void *entry,
34 const struct xt_match *match, void *matchinfo,
35 unsigned int hook_mask)
36 {
37 const struct xt_mark_info *minfo = matchinfo;
38
39 if (minfo->mark > 0xffffffff || minfo->mask > 0xffffffff) {
40 printk(KERN_WARNING "mark: only supports 32bit mark\n");
41 return false;
42 }
43 return true;
44 }
45
46 #ifdef CONFIG_COMPAT
47 struct compat_xt_mark_info {
48 compat_ulong_t mark, mask;
49 u_int8_t invert;
50 u_int8_t __pad1;
51 u_int16_t __pad2;
52 };
53
54 static void mark_mt_compat_from_user(void *dst, void *src)
55 {
56 const struct compat_xt_mark_info *cm = src;
57 struct xt_mark_info m = {
58 .mark = cm->mark,
59 .mask = cm->mask,
60 .invert = cm->invert,
61 };
62 memcpy(dst, &m, sizeof(m));
63 }
64
65 static int mark_mt_compat_to_user(void __user *dst, void *src)
66 {
67 const struct xt_mark_info *m = src;
68 struct compat_xt_mark_info cm = {
69 .mark = m->mark,
70 .mask = m->mask,
71 .invert = m->invert,
72 };
73 return copy_to_user(dst, &cm, sizeof(cm)) ? -EFAULT : 0;
74 }
75 #endif /* CONFIG_COMPAT */
76
77 static struct xt_match mark_mt_reg[] __read_mostly = {
78 {
79 .name = "mark",
80 .family = AF_INET,
81 .checkentry = mark_mt_check,
82 .match = mark_mt,
83 .matchsize = sizeof(struct xt_mark_info),
84 #ifdef CONFIG_COMPAT
85 .compatsize = sizeof(struct compat_xt_mark_info),
86 .compat_from_user = mark_mt_compat_from_user,
87 .compat_to_user = mark_mt_compat_to_user,
88 #endif
89 .me = THIS_MODULE,
90 },
91 {
92 .name = "mark",
93 .family = AF_INET6,
94 .checkentry = mark_mt_check,
95 .match = mark_mt,
96 .matchsize = sizeof(struct xt_mark_info),
97 #ifdef CONFIG_COMPAT
98 .compatsize = sizeof(struct compat_xt_mark_info),
99 .compat_from_user = mark_mt_compat_from_user,
100 .compat_to_user = mark_mt_compat_to_user,
101 #endif
102 .me = THIS_MODULE,
103 },
104 };
105
106 static int __init mark_mt_init(void)
107 {
108 return xt_register_matches(mark_mt_reg, ARRAY_SIZE(mark_mt_reg));
109 }
110
111 static void __exit mark_mt_exit(void)
112 {
113 xt_unregister_matches(mark_mt_reg, ARRAY_SIZE(mark_mt_reg));
114 }
115
116 module_init(mark_mt_init);
117 module_exit(mark_mt_exit);
Linux 2.6 libata-dev (mirror)