1 #include <linux/kernel.h>
2 #include <linux/init.h>
3 #include <linux/module.h>
4 #include <linux/skbuff.h>
5 #include <linux/netfilter.h>
6 #include <linux/mutex.h>
9 #include "nf_internals.h"
11 /* Sockopts only registered and called from user context, so
12 net locking would be overkill. Also, [gs]etsockopt calls may
14 static DEFINE_MUTEX(nf_sockopt_mutex);
15 static LIST_HEAD(nf_sockopts);
17 /* Do exclusive ranges overlap? */
18 static inline int overlap(int min1, int max1, int min2, int max2)
20 return max1 > min2 && min1 < max2;
23 /* Functions to register sockopt ranges (exclusive). */
24 int nf_register_sockopt(struct nf_sockopt_ops *reg)
26 struct nf_sockopt_ops *ops;
29 if (mutex_lock_interruptible(&nf_sockopt_mutex) != 0)
32 list_for_each_entry(ops, &nf_sockopts, list) {
33 if (ops->pf == reg->pf
34 && (overlap(ops->set_optmin, ops->set_optmax,
35 reg->set_optmin, reg->set_optmax)
36 || overlap(ops->get_optmin, ops->get_optmax,
37 reg->get_optmin, reg->get_optmax))) {
38 NFDEBUG("nf_sock overlap: %u-%u/%u-%u v %u-%u/%u-%u\n",
39 ops->set_optmin, ops->set_optmax,
40 ops->get_optmin, ops->get_optmax,
41 reg->set_optmin, reg->set_optmax,
42 reg->get_optmin, reg->get_optmax);
48 list_add(®->list, &nf_sockopts);
50 mutex_unlock(&nf_sockopt_mutex);
53 EXPORT_SYMBOL(nf_register_sockopt);
55 void nf_unregister_sockopt(struct nf_sockopt_ops *reg)
57 mutex_lock(&nf_sockopt_mutex);
59 mutex_unlock(&nf_sockopt_mutex);
61 EXPORT_SYMBOL(nf_unregister_sockopt);
63 /* Call get/setsockopt() */
64 static int nf_sockopt(struct sock *sk, int pf, int val,
65 char __user *opt, int *len, int get)
67 struct nf_sockopt_ops *ops;
70 if (sk->sk_net != &init_net)
73 if (mutex_lock_interruptible(&nf_sockopt_mutex) != 0)
76 list_for_each_entry(ops, &nf_sockopts, list) {
78 if (!try_module_get(ops->owner))
81 if (val >= ops->get_optmin
82 && val < ops->get_optmax) {
83 mutex_unlock(&nf_sockopt_mutex);
84 ret = ops->get(sk, val, opt, len);
88 if (val >= ops->set_optmin
89 && val < ops->set_optmax) {
90 mutex_unlock(&nf_sockopt_mutex);
91 ret = ops->set(sk, val, opt, *len);
95 module_put(ops->owner);
99 mutex_unlock(&nf_sockopt_mutex);
103 module_put(ops->owner);
107 int nf_setsockopt(struct sock *sk, int pf, int val, char __user *opt,
110 return nf_sockopt(sk, pf, val, opt, &len, 0);
112 EXPORT_SYMBOL(nf_setsockopt);
114 int nf_getsockopt(struct sock *sk, int pf, int val, char __user *opt, int *len)
116 return nf_sockopt(sk, pf, val, opt, len, 1);
118 EXPORT_SYMBOL(nf_getsockopt);
121 static int compat_nf_sockopt(struct sock *sk, int pf, int val,
122 char __user *opt, int *len, int get)
124 struct nf_sockopt_ops *ops;
127 if (sk->sk_net != &init_net)
131 if (mutex_lock_interruptible(&nf_sockopt_mutex) != 0)
134 list_for_each_entry(ops, &nf_sockopts, list) {
136 if (!try_module_get(ops->owner))
140 if (val >= ops->get_optmin
141 && val < ops->get_optmax) {
142 mutex_unlock(&nf_sockopt_mutex);
144 ret = ops->compat_get(sk,
152 if (val >= ops->set_optmin
153 && val < ops->set_optmax) {
154 mutex_unlock(&nf_sockopt_mutex);
156 ret = ops->compat_set(sk,
164 module_put(ops->owner);
168 mutex_unlock(&nf_sockopt_mutex);
172 module_put(ops->owner);
176 int compat_nf_setsockopt(struct sock *sk, int pf,
177 int val, char __user *opt, int len)
179 return compat_nf_sockopt(sk, pf, val, opt, &len, 0);
181 EXPORT_SYMBOL(compat_nf_setsockopt);
183 int compat_nf_getsockopt(struct sock *sk, int pf,
184 int val, char __user *opt, int *len)
186 return compat_nf_sockopt(sk, pf, val, opt, len, 1);
188 EXPORT_SYMBOL(compat_nf_getsockopt);
projects / linux-2.6 / blob