2 * test/set flag bits stored in conntrack extension area.
4 * (C) 2013 Astaro GmbH & Co KG
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
11 #include <linux/export.h>
12 #include <linux/types.h>
14 #include <net/netfilter/nf_conntrack_ecache.h>
15 #include <net/netfilter/nf_conntrack_labels.h>
17 static unsigned int label_bits(const struct nf_conn_labels
*l
)
19 unsigned int longs
= l
->words
;
20 return longs
* BITS_PER_LONG
;
23 bool nf_connlabel_match(const struct nf_conn
*ct
, u16 bit
)
25 struct nf_conn_labels
*labels
= nf_ct_labels_find(ct
);
30 return bit
< label_bits(labels
) && test_bit(bit
, labels
->bits
);
32 EXPORT_SYMBOL_GPL(nf_connlabel_match
);
34 int nf_connlabel_set(struct nf_conn
*ct
, u16 bit
)
36 struct nf_conn_labels
*labels
= nf_ct_labels_find(ct
);
38 if (!labels
|| bit
>= label_bits(labels
))
41 if (test_bit(bit
, labels
->bits
))
44 if (!test_and_set_bit(bit
, labels
->bits
))
45 nf_conntrack_event_cache(IPCT_LABEL
, ct
);
49 EXPORT_SYMBOL_GPL(nf_connlabel_set
);
51 #if IS_ENABLED(CONFIG_NF_CT_NETLINK)
52 static void replace_u32(u32
*address
, u32 mask
, u32
new)
58 tmp
= (old
& mask
) ^ new;
59 } while (cmpxchg(address
, old
, tmp
) != old
);
62 int nf_connlabels_replace(struct nf_conn
*ct
,
64 const u32
*mask
, unsigned int words32
)
66 struct nf_conn_labels
*labels
;
70 labels
= nf_ct_labels_find(ct
);
74 size
= labels
->words
* sizeof(long);
75 if (size
< (words32
* sizeof(u32
)))
76 words32
= size
/ sizeof(u32
);
78 dst
= (u32
*) labels
->bits
;
80 for (i
= 0; i
< words32
; i
++)
81 replace_u32(&dst
[i
], mask
? ~mask
[i
] : 0, data
[i
]);
85 for (i
= words32
; i
< size
; i
++) /* pad */
86 replace_u32(&dst
[i
], 0, 0);
88 nf_conntrack_event_cache(IPCT_LABEL
, ct
);
91 EXPORT_SYMBOL_GPL(nf_connlabels_replace
);
94 static struct nf_ct_ext_type labels_extend __read_mostly
= {
95 .len
= sizeof(struct nf_conn_labels
),
96 .align
= __alignof__(struct nf_conn_labels
),
97 .id
= NF_CT_EXT_LABELS
,
100 int nf_conntrack_labels_init(void)
102 return nf_ct_extend_register(&labels_extend
);
105 void nf_conntrack_labels_fini(void)
107 nf_ct_extend_unregister(&labels_extend
);