diff options
-rw-r--r-- | Documentation/feature-removal-schedule.txt | 3 | ||||
-rw-r--r-- | include/linux/netfilter/xt_MARK.h | 17 | ||||
-rw-r--r-- | net/netfilter/xt_MARK.c | 163 |
3 files changed, 9 insertions, 174 deletions
diff --git a/Documentation/feature-removal-schedule.txt b/Documentation/feature-removal-schedule.txt index 7eccf945d4e0..121e19c9eee6 100644 --- a/Documentation/feature-removal-schedule.txt +++ b/Documentation/feature-removal-schedule.txt | |||
@@ -238,9 +238,6 @@ What (Why): | |||
238 | - "forwarding" header files like ipt_mac.h in | 238 | - "forwarding" header files like ipt_mac.h in |
239 | include/linux/netfilter_ipv4/ and include/linux/netfilter_ipv6/ | 239 | include/linux/netfilter_ipv4/ and include/linux/netfilter_ipv6/ |
240 | 240 | ||
241 | - xt_MARK target revisions 0 and 1 | ||
242 | (superseded by xt_MARK match revision 2) | ||
243 | |||
244 | - xt_connmark match revision 0 | 241 | - xt_connmark match revision 0 |
245 | (superseded by xt_connmark match revision 1) | 242 | (superseded by xt_connmark match revision 1) |
246 | 243 | ||
diff --git a/include/linux/netfilter/xt_MARK.h b/include/linux/netfilter/xt_MARK.h index 028304bcc0b1..bc9561bdef79 100644 --- a/include/linux/netfilter/xt_MARK.h +++ b/include/linux/netfilter/xt_MARK.h | |||
@@ -3,23 +3,6 @@ | |||
3 | 3 | ||
4 | #include <linux/types.h> | 4 | #include <linux/types.h> |
5 | 5 | ||
6 | /* Version 0 */ | ||
7 | struct xt_mark_target_info { | ||
8 | unsigned long mark; | ||
9 | }; | ||
10 | |||
11 | /* Version 1 */ | ||
12 | enum { | ||
13 | XT_MARK_SET=0, | ||
14 | XT_MARK_AND, | ||
15 | XT_MARK_OR, | ||
16 | }; | ||
17 | |||
18 | struct xt_mark_target_info_v1 { | ||
19 | unsigned long mark; | ||
20 | __u8 mode; | ||
21 | }; | ||
22 | |||
23 | struct xt_mark_tginfo2 { | 6 | struct xt_mark_tginfo2 { |
24 | __u32 mark, mask; | 7 | __u32 mark, mask; |
25 | }; | 8 | }; |
diff --git a/net/netfilter/xt_MARK.c b/net/netfilter/xt_MARK.c index 67574bcfb8ac..225f8d11e173 100644 --- a/net/netfilter/xt_MARK.c +++ b/net/netfilter/xt_MARK.c | |||
@@ -25,39 +25,6 @@ MODULE_ALIAS("ipt_MARK"); | |||
25 | MODULE_ALIAS("ip6t_MARK"); | 25 | MODULE_ALIAS("ip6t_MARK"); |
26 | 26 | ||
27 | static unsigned int | 27 | static unsigned int |
28 | mark_tg_v0(struct sk_buff *skb, const struct xt_target_param *par) | ||
29 | { | ||
30 | const struct xt_mark_target_info *markinfo = par->targinfo; | ||
31 | |||
32 | skb->mark = markinfo->mark; | ||
33 | return XT_CONTINUE; | ||
34 | } | ||
35 | |||
36 | static unsigned int | ||
37 | mark_tg_v1(struct sk_buff *skb, const struct xt_target_param *par) | ||
38 | { | ||
39 | const struct xt_mark_target_info_v1 *markinfo = par->targinfo; | ||
40 | int mark = 0; | ||
41 | |||
42 | switch (markinfo->mode) { | ||
43 | case XT_MARK_SET: | ||
44 | mark = markinfo->mark; | ||
45 | break; | ||
46 | |||
47 | case XT_MARK_AND: | ||
48 | mark = skb->mark & markinfo->mark; | ||
49 | break; | ||
50 | |||
51 | case XT_MARK_OR: | ||
52 | mark = skb->mark | markinfo->mark; | ||
53 | break; | ||
54 | } | ||
55 | |||
56 | skb->mark = mark; | ||
57 | return XT_CONTINUE; | ||
58 | } | ||
59 | |||
60 | static unsigned int | ||
61 | mark_tg(struct sk_buff *skb, const struct xt_target_param *par) | 28 | mark_tg(struct sk_buff *skb, const struct xt_target_param *par) |
62 | { | 29 | { |
63 | const struct xt_mark_tginfo2 *info = par->targinfo; | 30 | const struct xt_mark_tginfo2 *info = par->targinfo; |
@@ -66,135 +33,23 @@ mark_tg(struct sk_buff *skb, const struct xt_target_param *par) | |||
66 | return XT_CONTINUE; | 33 | return XT_CONTINUE; |
67 | } | 34 | } |
68 | 35 | ||
69 | static bool mark_tg_check_v0(const struct xt_tgchk_param *par) | 36 | static struct xt_target mark_tg_reg __read_mostly = { |
70 | { | 37 | .name = "MARK", |
71 | const struct xt_mark_target_info *markinfo = par->targinfo; | 38 | .revision = 2, |
72 | 39 | .family = NFPROTO_UNSPEC, | |
73 | if (markinfo->mark > 0xffffffff) { | 40 | .target = mark_tg, |
74 | printk(KERN_WARNING "MARK: Only supports 32bit wide mark\n"); | 41 | .targetsize = sizeof(struct xt_mark_tginfo2), |
75 | return false; | 42 | .me = THIS_MODULE, |
76 | } | ||
77 | return true; | ||
78 | } | ||
79 | |||
80 | static bool mark_tg_check_v1(const struct xt_tgchk_param *par) | ||
81 | { | ||
82 | const struct xt_mark_target_info_v1 *markinfo = par->targinfo; | ||
83 | |||
84 | if (markinfo->mode != XT_MARK_SET | ||
85 | && markinfo->mode != XT_MARK_AND | ||
86 | && markinfo->mode != XT_MARK_OR) { | ||
87 | printk(KERN_WARNING "MARK: unknown mode %u\n", | ||
88 | markinfo->mode); | ||
89 | return false; | ||
90 | } | ||
91 | if (markinfo->mark > 0xffffffff) { | ||
92 | printk(KERN_WARNING "MARK: Only supports 32bit wide mark\n"); | ||
93 | return false; | ||
94 | } | ||
95 | return true; | ||
96 | } | ||
97 | |||
98 | #ifdef CONFIG_COMPAT | ||
99 | struct compat_xt_mark_target_info { | ||
100 | compat_ulong_t mark; | ||
101 | }; | ||
102 | |||
103 | static void mark_tg_compat_from_user_v0(void *dst, void *src) | ||
104 | { | ||
105 | const struct compat_xt_mark_target_info *cm = src; | ||
106 | struct xt_mark_target_info m = { | ||
107 | .mark = cm->mark, | ||
108 | }; | ||
109 | memcpy(dst, &m, sizeof(m)); | ||
110 | } | ||
111 | |||
112 | static int mark_tg_compat_to_user_v0(void __user *dst, void *src) | ||
113 | { | ||
114 | const struct xt_mark_target_info *m = src; | ||
115 | struct compat_xt_mark_target_info cm = { | ||
116 | .mark = m->mark, | ||
117 | }; | ||
118 | return copy_to_user(dst, &cm, sizeof(cm)) ? -EFAULT : 0; | ||
119 | } | ||
120 | |||
121 | struct compat_xt_mark_target_info_v1 { | ||
122 | compat_ulong_t mark; | ||
123 | u_int8_t mode; | ||
124 | u_int8_t __pad1; | ||
125 | u_int16_t __pad2; | ||
126 | }; | ||
127 | |||
128 | static void mark_tg_compat_from_user_v1(void *dst, void *src) | ||
129 | { | ||
130 | const struct compat_xt_mark_target_info_v1 *cm = src; | ||
131 | struct xt_mark_target_info_v1 m = { | ||
132 | .mark = cm->mark, | ||
133 | .mode = cm->mode, | ||
134 | }; | ||
135 | memcpy(dst, &m, sizeof(m)); | ||
136 | } | ||
137 | |||
138 | static int mark_tg_compat_to_user_v1(void __user *dst, void *src) | ||
139 | { | ||
140 | const struct xt_mark_target_info_v1 *m = src; | ||
141 | struct compat_xt_mark_target_info_v1 cm = { | ||
142 | .mark = m->mark, | ||
143 | .mode = m->mode, | ||
144 | }; | ||
145 | return copy_to_user(dst, &cm, sizeof(cm)) ? -EFAULT : 0; | ||
146 | } | ||
147 | #endif /* CONFIG_COMPAT */ | ||
148 | |||
149 | static struct xt_target mark_tg_reg[] __read_mostly = { | ||
150 | { | ||
151 | .name = "MARK", | ||
152 | .family = NFPROTO_UNSPEC, | ||
153 | .revision = 0, | ||
154 | .checkentry = mark_tg_check_v0, | ||
155 | .target = mark_tg_v0, | ||
156 | .targetsize = sizeof(struct xt_mark_target_info), | ||
157 | #ifdef CONFIG_COMPAT | ||
158 | .compatsize = sizeof(struct compat_xt_mark_target_info), | ||
159 | .compat_from_user = mark_tg_compat_from_user_v0, | ||
160 | .compat_to_user = mark_tg_compat_to_user_v0, | ||
161 | #endif | ||
162 | .table = "mangle", | ||
163 | .me = THIS_MODULE, | ||
164 | }, | ||
165 | { | ||
166 | .name = "MARK", | ||
167 | .family = NFPROTO_UNSPEC, | ||
168 | .revision = 1, | ||
169 | .checkentry = mark_tg_check_v1, | ||
170 | .target = mark_tg_v1, | ||
171 | .targetsize = sizeof(struct xt_mark_target_info_v1), | ||
172 | #ifdef CONFIG_COMPAT | ||
173 | .compatsize = sizeof(struct compat_xt_mark_target_info_v1), | ||
174 | .compat_from_user = mark_tg_compat_from_user_v1, | ||
175 | .compat_to_user = mark_tg_compat_to_user_v1, | ||
176 | #endif | ||
177 | .table = "mangle", | ||
178 | .me = THIS_MODULE, | ||
179 | }, | ||
180 | { | ||
181 | .name = "MARK", | ||
182 | .revision = 2, | ||
183 | .family = NFPROTO_UNSPEC, | ||
184 | .target = mark_tg, | ||
185 | .targetsize = sizeof(struct xt_mark_tginfo2), | ||
186 | .me = THIS_MODULE, | ||
187 | }, | ||
188 | }; | 43 | }; |
189 | 44 | ||
190 | static int __init mark_tg_init(void) | 45 | static int __init mark_tg_init(void) |
191 | { | 46 | { |
192 | return xt_register_targets(mark_tg_reg, ARRAY_SIZE(mark_tg_reg)); | 47 | return xt_register_target(&mark_tg_reg); |
193 | } | 48 | } |
194 | 49 | ||
195 | static void __exit mark_tg_exit(void) | 50 | static void __exit mark_tg_exit(void) |
196 | { | 51 | { |
197 | xt_unregister_targets(mark_tg_reg, ARRAY_SIZE(mark_tg_reg)); | 52 | xt_unregister_target(&mark_tg_reg); |
198 | } | 53 | } |
199 | 54 | ||
200 | module_init(mark_tg_init); | 55 | module_init(mark_tg_init); |