1// SPDX-License-Identifier: GPL-2.0-only 2/* 3 * ebt_mark_m 4 * 5 * Authors: 6 * Bart De Schuymer <bdschuym@pandora.be> 7 * 8 * July, 2002 9 * 10 */ 11#include <linux/module.h> 12#include <linux/netfilter/x_tables.h> 13#include <linux/netfilter_bridge/ebtables.h> 14#include <linux/netfilter_bridge/ebt_mark_m.h> 15 16static bool 17ebt_mark_mt(const struct sk_buff *skb, struct xt_action_param *par) 18{ 19 const struct ebt_mark_m_info *info = par->matchinfo; 20 21 if (info->bitmask & EBT_MARK_OR) 22 return !!(skb->mark & info->mask) ^ info->invert; 23 return ((skb->mark & info->mask) == info->mark) ^ info->invert; 24} 25 26static int ebt_mark_mt_check(const struct xt_mtchk_param *par) 27{ 28 const struct ebt_mark_m_info *info = par->matchinfo; 29 30 if (info->bitmask & ~EBT_MARK_MASK) 31 return -EINVAL; 32 if ((info->bitmask & EBT_MARK_OR) && (info->bitmask & EBT_MARK_AND)) 33 return -EINVAL; 34 if (!info->bitmask) 35 return -EINVAL; 36 return 0; 37} 38 39 40#ifdef CONFIG_NETFILTER_XTABLES_COMPAT 41struct compat_ebt_mark_m_info { 42 compat_ulong_t mark, mask; 43 uint8_t invert, bitmask; 44}; 45 46static void mark_mt_compat_from_user(void *dst, const void *src) 47{ 48 const struct compat_ebt_mark_m_info *user = src; 49 struct ebt_mark_m_info *kern = dst; 50 51 kern->mark = user->mark; 52 kern->mask = user->mask; 53 kern->invert = user->invert; 54 kern->bitmask = user->bitmask; 55} 56 57static int mark_mt_compat_to_user(void __user *dst, const void *src) 58{ 59 struct compat_ebt_mark_m_info __user *user = dst; 60 const struct ebt_mark_m_info *kern = src; 61 62 if (put_user(kern->mark, &user->mark) || 63 put_user(kern->mask, &user->mask) || 64 put_user(kern->invert, &user->invert) || 65 put_user(kern->bitmask, &user->bitmask)) 66 return -EFAULT; 67 return 0; 68} 69#endif 70 71static struct xt_match ebt_mark_mt_reg __read_mostly = { 72 .name = "mark_m", 73 .revision = 0, 74 .family = NFPROTO_BRIDGE, 75 .match = ebt_mark_mt, 76 .checkentry = ebt_mark_mt_check, 77 .matchsize = sizeof(struct ebt_mark_m_info), 78#ifdef CONFIG_NETFILTER_XTABLES_COMPAT 79 .compatsize = sizeof(struct compat_ebt_mark_m_info), 80 .compat_from_user = mark_mt_compat_from_user, 81 .compat_to_user = mark_mt_compat_to_user, 82#endif 83 .me = THIS_MODULE, 84}; 85 86static int __init ebt_mark_m_init(void) 87{ 88 return xt_register_match(&ebt_mark_mt_reg); 89} 90 91static void __exit ebt_mark_m_fini(void) 92{ 93 xt_unregister_match(&ebt_mark_mt_reg); 94} 95 96module_init(ebt_mark_m_init); 97module_exit(ebt_mark_m_fini); 98MODULE_DESCRIPTION("Ebtables: Packet mark match"); 99MODULE_LICENSE("GPL"); 100