// SPDX-License-Identifier: GPL-2.0-only /* * Packet matching code for ARP packets. * * Based heavily, if not almost entirely, upon ip_tables.c framework. * * Some ARP specific bits are: * * Copyright (C) 2002 David S. Miller ([email protected]) * Copyright (C) 2006-2009 Patrick McHardy <[email protected]> * */ #define pr_fmt(fmt) … #include <linux/kernel.h> #include <linux/skbuff.h> #include <linux/netdevice.h> #include <linux/capability.h> #include <linux/if_arp.h> #include <linux/kmod.h> #include <linux/vmalloc.h> #include <linux/proc_fs.h> #include <linux/module.h> #include <linux/init.h> #include <linux/mutex.h> #include <linux/err.h> #include <net/compat.h> #include <net/sock.h> #include <linux/uaccess.h> #include <linux/netfilter/x_tables.h> #include <linux/netfilter_arp/arp_tables.h> #include "../../netfilter/xt_repldata.h" MODULE_LICENSE(…) …; MODULE_AUTHOR(…) …; MODULE_DESCRIPTION(…) …; void *arpt_alloc_initial_table(const struct xt_table *info) { … } EXPORT_SYMBOL_GPL(…); static inline int arp_devaddr_compare(const struct arpt_devaddr_info *ap, const char *hdr_addr, int len) { … } /* * Unfortunately, _b and _mask are not aligned to an int (or long int) * Some arches dont care, unrolling the loop is a win on them. * For other arches, we only have a 16bit alignement. */ static unsigned long ifname_compare(const char *_a, const char *_b, const char *_mask) { … } /* Returns whether packet matches rule or not. */ static inline int arp_packet_match(const struct arphdr *arphdr, struct net_device *dev, const char *indev, const char *outdev, const struct arpt_arp *arpinfo) { … } static inline int arp_checkentry(const struct arpt_arp *arp) { … } static unsigned int arpt_error(struct sk_buff *skb, const struct xt_action_param *par) { … } static inline const struct xt_entry_target * arpt_get_target_c(const struct arpt_entry *e) { … } static inline struct arpt_entry * get_entry(const void *base, unsigned int offset) { … } static inline struct arpt_entry *arpt_next_entry(const struct arpt_entry *entry) { … } unsigned int arpt_do_table(void *priv, struct sk_buff *skb, const struct nf_hook_state *state) { … } /* All zeroes == unconditional rule. */ static inline bool unconditional(const struct arpt_entry *e) { … } /* Figures out from what hook each rule can be called: returns 0 if * there are loops. Puts hook bitmask in comefrom. */ static int mark_source_chains(const struct xt_table_info *newinfo, unsigned int valid_hooks, void *entry0, unsigned int *offsets) { … } static int check_target(struct arpt_entry *e, struct net *net, const char *name) { … } static int find_check_entry(struct arpt_entry *e, struct net *net, const char *name, unsigned int size, struct xt_percpu_counter_alloc_state *alloc_state) { … } static bool check_underflow(const struct arpt_entry *e) { … } static inline int check_entry_size_and_hooks(struct arpt_entry *e, struct xt_table_info *newinfo, const unsigned char *base, const unsigned char *limit, const unsigned int *hook_entries, const unsigned int *underflows, unsigned int valid_hooks) { … } static void cleanup_entry(struct arpt_entry *e, struct net *net) { … } /* Checks and translates the user-supplied table segment (held in * newinfo). */ static int translate_table(struct net *net, struct xt_table_info *newinfo, void *entry0, const struct arpt_replace *repl) { … } static void get_counters(const struct xt_table_info *t, struct xt_counters counters[]) { … } static void get_old_counters(const struct xt_table_info *t, struct xt_counters counters[]) { … } static struct xt_counters *alloc_counters(const struct xt_table *table) { … } static int copy_entries_to_user(unsigned int total_size, const struct xt_table *table, void __user *userptr) { … } #ifdef CONFIG_NETFILTER_XTABLES_COMPAT static void compat_standard_from_user(void *dst, const void *src) { … } static int compat_standard_to_user(void __user *dst, const void *src) { … } static int compat_calc_entry(const struct arpt_entry *e, const struct xt_table_info *info, const void *base, struct xt_table_info *newinfo) { … } static int compat_table_info(const struct xt_table_info *info, struct xt_table_info *newinfo) { … } #endif static int get_info(struct net *net, void __user *user, const int *len) { … } static int get_entries(struct net *net, struct arpt_get_entries __user *uptr, const int *len) { … } static int __do_replace(struct net *net, const char *name, unsigned int valid_hooks, struct xt_table_info *newinfo, unsigned int num_counters, void __user *counters_ptr) { … } static int do_replace(struct net *net, sockptr_t arg, unsigned int len) { … } static int do_add_counters(struct net *net, sockptr_t arg, unsigned int len) { … } #ifdef CONFIG_NETFILTER_XTABLES_COMPAT struct compat_arpt_replace { … }; static inline void compat_release_entry(struct compat_arpt_entry *e) { … } static int check_compat_entry_size_and_hooks(struct compat_arpt_entry *e, struct xt_table_info *newinfo, unsigned int *size, const unsigned char *base, const unsigned char *limit) { … } static void compat_copy_entry_from_user(struct compat_arpt_entry *e, void **dstptr, unsigned int *size, struct xt_table_info *newinfo, unsigned char *base) { … } static int translate_compat_table(struct net *net, struct xt_table_info **pinfo, void **pentry0, const struct compat_arpt_replace *compatr) { … } static int compat_do_replace(struct net *net, sockptr_t arg, unsigned int len) { … } static int compat_copy_entry_to_user(struct arpt_entry *e, void __user **dstptr, compat_uint_t *size, struct xt_counters *counters, unsigned int i) { … } static int compat_copy_entries_to_user(unsigned int total_size, struct xt_table *table, void __user *userptr) { … } struct compat_arpt_get_entries { … }; static int compat_get_entries(struct net *net, struct compat_arpt_get_entries __user *uptr, int *len) { … } #endif static int do_arpt_set_ctl(struct sock *sk, int cmd, sockptr_t arg, unsigned int len) { … } static int do_arpt_get_ctl(struct sock *sk, int cmd, void __user *user, int *len) { … } static void __arpt_unregister_table(struct net *net, struct xt_table *table) { … } int arpt_register_table(struct net *net, const struct xt_table *table, const struct arpt_replace *repl, const struct nf_hook_ops *template_ops) { … } void arpt_unregister_table_pre_exit(struct net *net, const char *name) { … } EXPORT_SYMBOL(…); void arpt_unregister_table(struct net *net, const char *name) { … } /* The built-in targets: standard (NULL) and error. */ static struct xt_target arpt_builtin_tg[] __read_mostly = …; static struct nf_sockopt_ops arpt_sockopts = …; static int __net_init arp_tables_net_init(struct net *net) { … } static void __net_exit arp_tables_net_exit(struct net *net) { … } static struct pernet_operations arp_tables_net_ops = …; static int __init arp_tables_init(void) { … } static void __exit arp_tables_fini(void) { … } EXPORT_SYMBOL(…); EXPORT_SYMBOL(…); EXPORT_SYMBOL(…); module_init(…) …; module_exit(arp_tables_fini);
Codebase Browser
linux