~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/net/netfilter/nf_sockopt.c

Version: ~ [ linux-5.10-rc5 ] ~ [ linux-5.9.10 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.79 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.159 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.208 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.245 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.245 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.19.8 ] ~ [ linux-3.18.140 ] ~ [ linux-3.17.8 ] ~ [ linux-3.16.85 ] ~ [ linux-3.15.10 ] ~ [ linux-3.14.79 ] ~ [ linux-3.13.11 ] ~ [ linux-3.12.74 ] ~ [ linux-3.11.10 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 #include <linux/kernel.h>
  2 #include <linux/init.h>
  3 #include <linux/module.h>
  4 #include <linux/skbuff.h>
  5 #include <linux/netfilter.h>
  6 #include <linux/mutex.h>
  7 #include <net/sock.h>
  8 
  9 #include "nf_internals.h"
 10 
 11 /* Sockopts only registered and called from user context, so
 12    net locking would be overkill.  Also, [gs]etsockopt calls may
 13    sleep. */
 14 static DEFINE_MUTEX(nf_sockopt_mutex);
 15 static LIST_HEAD(nf_sockopts);
 16 
 17 /* Do exclusive ranges overlap? */
 18 static inline int overlap(int min1, int max1, int min2, int max2)
 19 {
 20         return max1 > min2 && min1 < max2;
 21 }
 22 
 23 /* Functions to register sockopt ranges (exclusive). */
 24 int nf_register_sockopt(struct nf_sockopt_ops *reg)
 25 {
 26         struct nf_sockopt_ops *ops;
 27         int ret = 0;
 28 
 29         mutex_lock(&nf_sockopt_mutex);
 30         list_for_each_entry(ops, &nf_sockopts, list) {
 31                 if (ops->pf == reg->pf
 32                     && (overlap(ops->set_optmin, ops->set_optmax,
 33                                 reg->set_optmin, reg->set_optmax)
 34                         || overlap(ops->get_optmin, ops->get_optmax,
 35                                    reg->get_optmin, reg->get_optmax))) {
 36                         NFDEBUG("nf_sock overlap: %u-%u/%u-%u v %u-%u/%u-%u\n",
 37                                 ops->set_optmin, ops->set_optmax,
 38                                 ops->get_optmin, ops->get_optmax,
 39                                 reg->set_optmin, reg->set_optmax,
 40                                 reg->get_optmin, reg->get_optmax);
 41                         ret = -EBUSY;
 42                         goto out;
 43                 }
 44         }
 45 
 46         list_add(&reg->list, &nf_sockopts);
 47 out:
 48         mutex_unlock(&nf_sockopt_mutex);
 49         return ret;
 50 }
 51 EXPORT_SYMBOL(nf_register_sockopt);
 52 
 53 void nf_unregister_sockopt(struct nf_sockopt_ops *reg)
 54 {
 55         mutex_lock(&nf_sockopt_mutex);
 56         list_del(&reg->list);
 57         mutex_unlock(&nf_sockopt_mutex);
 58 }
 59 EXPORT_SYMBOL(nf_unregister_sockopt);
 60 
 61 static struct nf_sockopt_ops *nf_sockopt_find(struct sock *sk, u_int8_t pf,
 62                 int val, int get)
 63 {
 64         struct nf_sockopt_ops *ops;
 65 
 66         mutex_lock(&nf_sockopt_mutex);
 67         list_for_each_entry(ops, &nf_sockopts, list) {
 68                 if (ops->pf == pf) {
 69                         if (!try_module_get(ops->owner))
 70                                 goto out_nosup;
 71 
 72                         if (get) {
 73                                 if (val >= ops->get_optmin &&
 74                                                 val < ops->get_optmax)
 75                                         goto out;
 76                         } else {
 77                                 if (val >= ops->set_optmin &&
 78                                                 val < ops->set_optmax)
 79                                         goto out;
 80                         }
 81                         module_put(ops->owner);
 82                 }
 83         }
 84 out_nosup:
 85         ops = ERR_PTR(-ENOPROTOOPT);
 86 out:
 87         mutex_unlock(&nf_sockopt_mutex);
 88         return ops;
 89 }
 90 
 91 /* Call get/setsockopt() */
 92 static int nf_sockopt(struct sock *sk, u_int8_t pf, int val,
 93                       char __user *opt, int *len, int get)
 94 {
 95         struct nf_sockopt_ops *ops;
 96         int ret;
 97 
 98         ops = nf_sockopt_find(sk, pf, val, get);
 99         if (IS_ERR(ops))
100                 return PTR_ERR(ops);
101 
102         if (get)
103                 ret = ops->get(sk, val, opt, len);
104         else
105                 ret = ops->set(sk, val, opt, *len);
106 
107         module_put(ops->owner);
108         return ret;
109 }
110 
111 int nf_setsockopt(struct sock *sk, u_int8_t pf, int val, char __user *opt,
112                   unsigned int len)
113 {
114         return nf_sockopt(sk, pf, val, opt, &len, 0);
115 }
116 EXPORT_SYMBOL(nf_setsockopt);
117 
118 int nf_getsockopt(struct sock *sk, u_int8_t pf, int val, char __user *opt,
119                   int *len)
120 {
121         return nf_sockopt(sk, pf, val, opt, len, 1);
122 }
123 EXPORT_SYMBOL(nf_getsockopt);
124 
125 #ifdef CONFIG_COMPAT
126 static int compat_nf_sockopt(struct sock *sk, u_int8_t pf, int val,
127                              char __user *opt, int *len, int get)
128 {
129         struct nf_sockopt_ops *ops;
130         int ret;
131 
132         ops = nf_sockopt_find(sk, pf, val, get);
133         if (IS_ERR(ops))
134                 return PTR_ERR(ops);
135 
136         if (get) {
137                 if (ops->compat_get)
138                         ret = ops->compat_get(sk, val, opt, len);
139                 else
140                         ret = ops->get(sk, val, opt, len);
141         } else {
142                 if (ops->compat_set)
143                         ret = ops->compat_set(sk, val, opt, *len);
144                 else
145                         ret = ops->set(sk, val, opt, *len);
146         }
147 
148         module_put(ops->owner);
149         return ret;
150 }
151 
152 int compat_nf_setsockopt(struct sock *sk, u_int8_t pf,
153                 int val, char __user *opt, unsigned int len)
154 {
155         return compat_nf_sockopt(sk, pf, val, opt, &len, 0);
156 }
157 EXPORT_SYMBOL(compat_nf_setsockopt);
158 
159 int compat_nf_getsockopt(struct sock *sk, u_int8_t pf,
160                 int val, char __user *opt, int *len)
161 {
162         return compat_nf_sockopt(sk, pf, val, opt, len, 1);
163 }
164 EXPORT_SYMBOL(compat_nf_getsockopt);
165 #endif
166 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp