[NETFILTER]: xt_mark match, revision 1 · tjh.dev/kernel@17b0d7e

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

[NETFILTER]: xt_mark match, revision 1

Introduces the xt_mark match revision 1. It uses fixed types,
eventually obsoleting revision 0 some day (uses nonfixed types).

Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

Jan Engelhardt and committed by

David S. Miller 18 years ago 17b0d7ef 64eb12f9

+59 -22

2 changed files

expand all

include

linux

netfilter

xt_mark.h

net

netfilter

xt_mark.c

include/linux/netfilter/xt_mark.h

··· 6 6 u_int8_t invert; 7 7 }; 8 8 9 + struct xt_mark_mtinfo1 { 10 + u_int32_t mark, mask; 11 + u_int8_t invert; 12 + }; 13 + 9 14 #endif /*_XT_MARK_H*/

+54 -22

net/netfilter/xt_mark.c

··· 1 - /* Kernel module to match NFMARK values. */ 2 - 3 - /* (C) 1999-2001 Marc Boucher <marc@mbsi.ca> 1 + /* 2 + * xt_mark - Netfilter module to match NFMARK value 4 3 * 5 - * This program is free software; you can redistribute it and/or modify 6 - * it under the terms of the GNU General Public License version 2 as 7 - * published by the Free Software Foundation. 4 + * (C) 1999-2001 Marc Boucher <marc@mbsi.ca> 5 + * Copyright © CC Computer Consultants GmbH, 2007 - 2008 6 + * Jan Engelhardt <jengelh@computergmbh.de> 7 + * 8 + * This program is free software; you can redistribute it and/or modify 9 + * it under the terms of the GNU General Public License version 2 as 10 + * published by the Free Software Foundation. 8 11 */ 9 12 10 13 #include <linux/module.h> ··· 23 20 MODULE_ALIAS("ip6t_mark"); 24 21 25 22 static bool 26 - mark_mt(const struct sk_buff *skb, const struct net_device *in, 27 - const struct net_device *out, const struct xt_match *match, 28 - const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop) 23 + mark_mt_v0(const struct sk_buff *skb, const struct net_device *in, 24 + const struct net_device *out, const struct xt_match *match, 25 + const void *matchinfo, int offset, unsigned int protoff, 26 + bool *hotdrop) 29 27 { 30 28 const struct xt_mark_info *info = matchinfo; 31 29 ··· 34 30 } 35 31 36 32 static bool 37 - mark_mt_check(const char *tablename, const void *entry, 38 - const struct xt_match *match, void *matchinfo, 39 - unsigned int hook_mask) 33 + mark_mt(const struct sk_buff *skb, const struct net_device *in, 34 + const struct net_device *out, const struct xt_match *match, 35 + const void *matchinfo, int offset, unsigned int protoff, bool *hotdrop) 36 + { 37 + const struct xt_mark_mtinfo1 *info = matchinfo; 38 + 39 + return ((skb->mark & info->mask) == info->mark) ^ info->invert; 40 + } 41 + 42 + static bool 43 + mark_mt_check_v0(const char *tablename, const void *entry, 44 + const struct xt_match *match, void *matchinfo, 45 + unsigned int hook_mask) 40 46 { 41 47 const struct xt_mark_info *minfo = matchinfo; 42 48 ··· 65 51 u_int16_t __pad2; 66 52 }; 67 53 68 - static void mark_mt_compat_from_user(void *dst, void *src) 54 + static void mark_mt_compat_from_user_v0(void *dst, void *src) 69 55 { 70 56 const struct compat_xt_mark_info *cm = src; 71 57 struct xt_mark_info m = { ··· 76 62 memcpy(dst, &m, sizeof(m)); 77 63 } 78 64 79 - static int mark_mt_compat_to_user(void __user *dst, void *src) 65 + static int mark_mt_compat_to_user_v0(void __user *dst, void *src) 80 66 { 81 67 const struct xt_mark_info *m = src; 82 68 struct compat_xt_mark_info cm = { ··· 91 77 static struct xt_match mark_mt_reg[] __read_mostly = { 92 78 { 93 79 .name = "mark", 80 + .revision = 0, 94 81 .family = AF_INET, 95 - .checkentry = mark_mt_check, 96 - .match = mark_mt, 82 + .checkentry = mark_mt_check_v0, 83 + .match = mark_mt_v0, 97 84 .matchsize = sizeof(struct xt_mark_info), 98 85 #ifdef CONFIG_COMPAT 99 86 .compatsize = sizeof(struct compat_xt_mark_info), 100 - .compat_from_user = mark_mt_compat_from_user, 101 - .compat_to_user = mark_mt_compat_to_user, 87 + .compat_from_user = mark_mt_compat_from_user_v0, 88 + .compat_to_user = mark_mt_compat_to_user_v0, 102 89 #endif 103 90 .me = THIS_MODULE, 104 91 }, 105 92 { 106 93 .name = "mark", 94 + .revision = 0, 107 95 .family = AF_INET6, 108 - .checkentry = mark_mt_check, 109 - .match = mark_mt, 96 + .checkentry = mark_mt_check_v0, 97 + .match = mark_mt_v0, 110 98 .matchsize = sizeof(struct xt_mark_info), 111 99 #ifdef CONFIG_COMPAT 112 100 .compatsize = sizeof(struct compat_xt_mark_info), 113 - .compat_from_user = mark_mt_compat_from_user, 114 - .compat_to_user = mark_mt_compat_to_user, 101 + .compat_from_user = mark_mt_compat_from_user_v0, 102 + .compat_to_user = mark_mt_compat_to_user_v0, 115 103 #endif 116 104 .me = THIS_MODULE, 105 + }, 106 + { 107 + .name = "mark", 108 + .revision = 1, 109 + .family = AF_INET, 110 + .match = mark_mt, 111 + .matchsize = sizeof(struct xt_mark_mtinfo1), 112 + .me = THIS_MODULE, 113 + }, 114 + { 115 + .name = "mark", 116 + .revision = 1, 117 + .family = AF_INET6, 118 + .match = mark_mt, 119 + .matchsize = sizeof(struct xt_mark_mtinfo1), 120 + .me = THIS_MODULE, 117 121 }, 118 122 }; 119 123