1 #include <linux/kernel.h>
2 #include <linux/init.h>
3 #include <linux/module.h>
4 #include <linux/skbuff.h>
5 #include <linux/netfilter.h>
6 #include <linux/mutex.h>
9 #include "nf_internals.h"
11 /* Sockopts only registered and called from user context, so
12 net locking would be overkill. Also, [gs]etsockopt calls may
14 static DEFINE_MUTEX(nf_sockopt_mutex
);
15 static LIST_HEAD(nf_sockopts
);
17 /* Do exclusive ranges overlap? */
18 static inline int overlap(int min1
, int max1
, int min2
, int max2
)
20 return max1
> min2
&& min1
< max2
;
23 /* Functions to register sockopt ranges (exclusive). */
24 int nf_register_sockopt(struct nf_sockopt_ops
*reg
)
26 struct nf_sockopt_ops
*ops
;
29 if (mutex_lock_interruptible(&nf_sockopt_mutex
) != 0)
32 list_for_each_entry(ops
, &nf_sockopts
, list
) {
33 if (ops
->pf
== reg
->pf
34 && (overlap(ops
->set_optmin
, ops
->set_optmax
,
35 reg
->set_optmin
, reg
->set_optmax
)
36 || overlap(ops
->get_optmin
, ops
->get_optmax
,
37 reg
->get_optmin
, reg
->get_optmax
))) {
38 NFDEBUG("nf_sock overlap: %u-%u/%u-%u v %u-%u/%u-%u\n",
39 ops
->set_optmin
, ops
->set_optmax
,
40 ops
->get_optmin
, ops
->get_optmax
,
41 reg
->set_optmin
, reg
->set_optmax
,
42 reg
->get_optmin
, reg
->get_optmax
);
48 list_add(®
->list
, &nf_sockopts
);
50 mutex_unlock(&nf_sockopt_mutex
);
53 EXPORT_SYMBOL(nf_register_sockopt
);
55 void nf_unregister_sockopt(struct nf_sockopt_ops
*reg
)
57 mutex_lock(&nf_sockopt_mutex
);
59 mutex_unlock(&nf_sockopt_mutex
);
61 EXPORT_SYMBOL(nf_unregister_sockopt
);
63 static struct nf_sockopt_ops
*nf_sockopt_find(struct sock
*sk
, u_int8_t pf
,
66 struct nf_sockopt_ops
*ops
;
68 if (mutex_lock_interruptible(&nf_sockopt_mutex
) != 0)
69 return ERR_PTR(-EINTR
);
71 list_for_each_entry(ops
, &nf_sockopts
, list
) {
73 if (!try_module_get(ops
->owner
))
77 if (val
>= ops
->get_optmin
&&
78 val
< ops
->get_optmax
)
81 if (val
>= ops
->set_optmin
&&
82 val
< ops
->set_optmax
)
85 module_put(ops
->owner
);
89 ops
= ERR_PTR(-ENOPROTOOPT
);
91 mutex_unlock(&nf_sockopt_mutex
);
95 /* Call get/setsockopt() */
96 static int nf_sockopt(struct sock
*sk
, u_int8_t pf
, int val
,
97 char __user
*opt
, int *len
, int get
)
99 struct nf_sockopt_ops
*ops
;
102 ops
= nf_sockopt_find(sk
, pf
, val
, get
);
107 ret
= ops
->get(sk
, val
, opt
, len
);
109 ret
= ops
->set(sk
, val
, opt
, *len
);
111 module_put(ops
->owner
);
115 int nf_setsockopt(struct sock
*sk
, u_int8_t pf
, int val
, char __user
*opt
,
118 return nf_sockopt(sk
, pf
, val
, opt
, &len
, 0);
120 EXPORT_SYMBOL(nf_setsockopt
);
122 int nf_getsockopt(struct sock
*sk
, u_int8_t pf
, int val
, char __user
*opt
,
125 return nf_sockopt(sk
, pf
, val
, opt
, len
, 1);
127 EXPORT_SYMBOL(nf_getsockopt
);
130 static int compat_nf_sockopt(struct sock
*sk
, u_int8_t pf
, int val
,
131 char __user
*opt
, int *len
, int get
)
133 struct nf_sockopt_ops
*ops
;
136 ops
= nf_sockopt_find(sk
, pf
, val
, get
);
142 ret
= ops
->compat_get(sk
, val
, opt
, len
);
144 ret
= ops
->get(sk
, val
, opt
, len
);
147 ret
= ops
->compat_set(sk
, val
, opt
, *len
);
149 ret
= ops
->set(sk
, val
, opt
, *len
);
152 module_put(ops
->owner
);
156 int compat_nf_setsockopt(struct sock
*sk
, u_int8_t pf
,
157 int val
, char __user
*opt
, unsigned int len
)
159 return compat_nf_sockopt(sk
, pf
, val
, opt
, &len
, 0);
161 EXPORT_SYMBOL(compat_nf_setsockopt
);
163 int compat_nf_getsockopt(struct sock
*sk
, u_int8_t pf
,
164 int val
, char __user
*opt
, int *len
)
166 return compat_nf_sockopt(sk
, pf
, val
, opt
, len
, 1);
168 EXPORT_SYMBOL(compat_nf_getsockopt
);