1 // SPDX-License-Identifier: GPL-2.0
2 #include <linux/kernel.h>
3 #include <linux/init.h>
4 #include <linux/module.h>
5 #include <linux/skbuff.h>
6 #include <linux/netfilter.h>
7 #include <linux/mutex.h>
10 #include "nf_internals.h"
12 /* Sockopts only registered and called from user context, so
13 net locking would be overkill. Also, [gs]etsockopt calls may
15 static DEFINE_MUTEX(nf_sockopt_mutex
);
16 static LIST_HEAD(nf_sockopts
);
18 /* Do exclusive ranges overlap? */
19 static inline int overlap(int min1
, int max1
, int min2
, int max2
)
21 return max1
> min2
&& min1
< max2
;
24 /* Functions to register sockopt ranges (exclusive). */
25 int nf_register_sockopt(struct nf_sockopt_ops
*reg
)
27 struct nf_sockopt_ops
*ops
;
30 mutex_lock(&nf_sockopt_mutex
);
31 list_for_each_entry(ops
, &nf_sockopts
, list
) {
32 if (ops
->pf
== reg
->pf
33 && (overlap(ops
->set_optmin
, ops
->set_optmax
,
34 reg
->set_optmin
, reg
->set_optmax
)
35 || overlap(ops
->get_optmin
, ops
->get_optmax
,
36 reg
->get_optmin
, reg
->get_optmax
))) {
37 pr_debug("nf_sock overlap: %u-%u/%u-%u v %u-%u/%u-%u\n",
38 ops
->set_optmin
, ops
->set_optmax
,
39 ops
->get_optmin
, ops
->get_optmax
,
40 reg
->set_optmin
, reg
->set_optmax
,
41 reg
->get_optmin
, reg
->get_optmax
);
47 list_add(®
->list
, &nf_sockopts
);
49 mutex_unlock(&nf_sockopt_mutex
);
52 EXPORT_SYMBOL(nf_register_sockopt
);
54 void nf_unregister_sockopt(struct nf_sockopt_ops
*reg
)
56 mutex_lock(&nf_sockopt_mutex
);
58 mutex_unlock(&nf_sockopt_mutex
);
60 EXPORT_SYMBOL(nf_unregister_sockopt
);
62 static struct nf_sockopt_ops
*nf_sockopt_find(struct sock
*sk
, u_int8_t pf
,
65 struct nf_sockopt_ops
*ops
;
67 mutex_lock(&nf_sockopt_mutex
);
68 list_for_each_entry(ops
, &nf_sockopts
, list
) {
70 if (!try_module_get(ops
->owner
))
74 if (val
>= ops
->get_optmin
&&
75 val
< ops
->get_optmax
)
78 if (val
>= ops
->set_optmin
&&
79 val
< ops
->set_optmax
)
82 module_put(ops
->owner
);
86 ops
= ERR_PTR(-ENOPROTOOPT
);
88 mutex_unlock(&nf_sockopt_mutex
);
92 int nf_setsockopt(struct sock
*sk
, u_int8_t pf
, int val
, sockptr_t opt
,
95 struct nf_sockopt_ops
*ops
;
98 ops
= nf_sockopt_find(sk
, pf
, val
, 0);
101 ret
= ops
->set(sk
, val
, opt
, len
);
102 module_put(ops
->owner
);
105 EXPORT_SYMBOL(nf_setsockopt
);
107 int nf_getsockopt(struct sock
*sk
, u_int8_t pf
, int val
, char __user
*opt
,
110 struct nf_sockopt_ops
*ops
;
113 ops
= nf_sockopt_find(sk
, pf
, val
, 1);
116 ret
= ops
->get(sk
, val
, opt
, len
);
117 module_put(ops
->owner
);
120 EXPORT_SYMBOL(nf_getsockopt
);