aboutsummaryrefslogtreecommitdiffstats
path: root/net/netfilter
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2007-05-10 17:17:58 -0400
committerDavid S. Miller <davem@sunset.davemloft.net>2007-05-11 02:48:00 -0400
commitda0dd231436ba7e81789e93dd933d7a275e1709d (patch)
tree03526fd1d1a714c07cc7ebe624881853f44daca9 /net/netfilter
parent802169a4b0f71d25a0f798a9c0657a565b1e79bc (diff)
[NETFILTER]: xt_conntrack: add compat support
Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/netfilter')
-rw-r--r--net/netfilter/xt_conntrack.c54
1 files changed, 54 insertions, 0 deletions
diff --git a/net/netfilter/xt_conntrack.c b/net/netfilter/xt_conntrack.c
index f4ea8fe07a53..189ded5f378b 100644
--- a/net/netfilter/xt_conntrack.c
+++ b/net/netfilter/xt_conntrack.c
@@ -134,12 +134,66 @@ static void destroy(const struct xt_match *match, void *matchinfo)
134 nf_ct_l3proto_module_put(match->family); 134 nf_ct_l3proto_module_put(match->family);
135} 135}
136 136
137#ifdef CONFIG_COMPAT
138struct compat_xt_conntrack_info
139{
140 compat_uint_t statemask;
141 compat_uint_t statusmask;
142 struct ip_conntrack_old_tuple tuple[IP_CT_DIR_MAX];
143 struct in_addr sipmsk[IP_CT_DIR_MAX];
144 struct in_addr dipmsk[IP_CT_DIR_MAX];
145 compat_ulong_t expires_min;
146 compat_ulong_t expires_max;
147 u_int8_t flags;
148 u_int8_t invflags;
149};
150
151static void compat_from_user(void *dst, void *src)
152{
153 struct compat_xt_conntrack_info *cm = src;
154 struct xt_conntrack_info m = {
155 .statemask = cm->statemask,
156 .statusmask = cm->statusmask,
157 .expires_min = cm->expires_min,
158 .expires_max = cm->expires_max,
159 .flags = cm->flags,
160 .invflags = cm->invflags,
161 };
162 memcpy(m.tuple, cm->tuple, sizeof(m.tuple));
163 memcpy(m.sipmsk, cm->sipmsk, sizeof(m.sipmsk));
164 memcpy(m.dipmsk, cm->dipmsk, sizeof(m.dipmsk));
165 memcpy(dst, &m, sizeof(m));
166}
167
168static int compat_to_user(void __user *dst, void *src)
169{
170 struct xt_conntrack_info *m = src;
171 struct compat_xt_conntrack_info cm = {
172 .statemask = m->statemask,
173 .statusmask = m->statusmask,
174 .expires_min = m->expires_min,
175 .expires_max = m->expires_max,
176 .flags = m->flags,
177 .invflags = m->invflags,
178 };
179 memcpy(cm.tuple, m->tuple, sizeof(cm.tuple));
180 memcpy(cm.sipmsk, m->sipmsk, sizeof(cm.sipmsk));
181 memcpy(cm.dipmsk, m->dipmsk, sizeof(cm.dipmsk));
182 return copy_to_user(dst, &cm, sizeof(cm)) ? -EFAULT : 0;
183}
184#endif
185
137static struct xt_match conntrack_match = { 186static struct xt_match conntrack_match = {
138 .name = "conntrack", 187 .name = "conntrack",
139 .match = match, 188 .match = match,
140 .checkentry = checkentry, 189 .checkentry = checkentry,
141 .destroy = destroy, 190 .destroy = destroy,
142 .matchsize = sizeof(struct xt_conntrack_info), 191 .matchsize = sizeof(struct xt_conntrack_info),
192#ifdef CONFIG_COMPAT
193 .compatsize = sizeof(struct compat_xt_conntrack_info),
194 .compat_from_user = compat_from_user,
195 .compat_to_user = compat_to_user,
196#endif
143 .family = AF_INET, 197 .family = AF_INET,
144 .me = THIS_MODULE, 198 .me = THIS_MODULE,
145}; 199};