1 #include <linux/kernel.h>
2 #include <linux/init.h>
3 #include <linux/module.h>
4 #include <linux/skbuff.h>
5 #include <linux/netfilter.h>
6 #include <linux/mutex.h>
9 #include "nf_internals.h"
11 /* Sockopts only registered and called from user context, so
12 net locking would be overkill. Also, [gs]etsockopt calls may
14 static DEFINE_MUTEX(nf_sockopt_mutex
);
15 static LIST_HEAD(nf_sockopts
);
17 /* Do exclusive ranges overlap? */
18 static inline int overlap(int min1
, int max1
, int min2
, int max2
)
20 return max1
> min2
&& min1
< max2
;
23 /* Functions to register sockopt ranges (exclusive). */
24 int nf_register_sockopt(struct nf_sockopt_ops
*reg
)
29 if (mutex_lock_interruptible(&nf_sockopt_mutex
) != 0)
32 list_for_each(i
, &nf_sockopts
) {
33 struct nf_sockopt_ops
*ops
= (struct nf_sockopt_ops
*)i
;
34 if (ops
->pf
== reg
->pf
35 && (overlap(ops
->set_optmin
, ops
->set_optmax
,
36 reg
->set_optmin
, reg
->set_optmax
)
37 || overlap(ops
->get_optmin
, ops
->get_optmax
,
38 reg
->get_optmin
, reg
->get_optmax
))) {
39 NFDEBUG("nf_sock overlap: %u-%u/%u-%u v %u-%u/%u-%u\n",
40 ops
->set_optmin
, ops
->set_optmax
,
41 ops
->get_optmin
, ops
->get_optmax
,
42 reg
->set_optmin
, reg
->set_optmax
,
43 reg
->get_optmin
, reg
->get_optmax
);
49 list_add(®
->list
, &nf_sockopts
);
51 mutex_unlock(&nf_sockopt_mutex
);
54 EXPORT_SYMBOL(nf_register_sockopt
);
56 void nf_unregister_sockopt(struct nf_sockopt_ops
*reg
)
58 mutex_lock(&nf_sockopt_mutex
);
60 mutex_unlock(&nf_sockopt_mutex
);
62 EXPORT_SYMBOL(nf_unregister_sockopt
);
64 /* Call get/setsockopt() */
65 static int nf_sockopt(struct sock
*sk
, int pf
, int val
,
66 char __user
*opt
, int *len
, int get
)
69 struct nf_sockopt_ops
*ops
;
72 if (sk
->sk_net
!= &init_net
)
75 if (mutex_lock_interruptible(&nf_sockopt_mutex
) != 0)
78 list_for_each(i
, &nf_sockopts
) {
79 ops
= (struct nf_sockopt_ops
*)i
;
81 if (!try_module_get(ops
->owner
))
84 if (val
>= ops
->get_optmin
85 && val
< ops
->get_optmax
) {
86 mutex_unlock(&nf_sockopt_mutex
);
87 ret
= ops
->get(sk
, val
, opt
, len
);
91 if (val
>= ops
->set_optmin
92 && val
< ops
->set_optmax
) {
93 mutex_unlock(&nf_sockopt_mutex
);
94 ret
= ops
->set(sk
, val
, opt
, *len
);
98 module_put(ops
->owner
);
102 mutex_unlock(&nf_sockopt_mutex
);
106 module_put(ops
->owner
);
110 int nf_setsockopt(struct sock
*sk
, int pf
, int val
, char __user
*opt
,
113 return nf_sockopt(sk
, pf
, val
, opt
, &len
, 0);
115 EXPORT_SYMBOL(nf_setsockopt
);
117 int nf_getsockopt(struct sock
*sk
, int pf
, int val
, char __user
*opt
, int *len
)
119 return nf_sockopt(sk
, pf
, val
, opt
, len
, 1);
121 EXPORT_SYMBOL(nf_getsockopt
);
124 static int compat_nf_sockopt(struct sock
*sk
, int pf
, int val
,
125 char __user
*opt
, int *len
, int get
)
128 struct nf_sockopt_ops
*ops
;
131 if (sk
->sk_net
!= &init_net
)
135 if (mutex_lock_interruptible(&nf_sockopt_mutex
) != 0)
138 list_for_each(i
, &nf_sockopts
) {
139 ops
= (struct nf_sockopt_ops
*)i
;
141 if (!try_module_get(ops
->owner
))
145 if (val
>= ops
->get_optmin
146 && val
< ops
->get_optmax
) {
147 mutex_unlock(&nf_sockopt_mutex
);
149 ret
= ops
->compat_get(sk
,
157 if (val
>= ops
->set_optmin
158 && val
< ops
->set_optmax
) {
159 mutex_unlock(&nf_sockopt_mutex
);
161 ret
= ops
->compat_set(sk
,
169 module_put(ops
->owner
);
173 mutex_unlock(&nf_sockopt_mutex
);
177 module_put(ops
->owner
);
181 int compat_nf_setsockopt(struct sock
*sk
, int pf
,
182 int val
, char __user
*opt
, int len
)
184 return compat_nf_sockopt(sk
, pf
, val
, opt
, &len
, 0);
186 EXPORT_SYMBOL(compat_nf_setsockopt
);
188 int compat_nf_getsockopt(struct sock
*sk
, int pf
,
189 int val
, char __user
*opt
, int *len
)
191 return compat_nf_sockopt(sk
, pf
, val
, opt
, len
, 1);
193 EXPORT_SYMBOL(compat_nf_getsockopt
);
