1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * Copyright (c) 2008-2009 Patrick McHardy <kaber@trash.net>
4 *
5 * Development of this code funded by Astaro AG (http://www.astaro.com/)
6 */
7
8 #include <linux/unaligned.h>
9 #include <linux/kernel.h>
10 #include <linux/init.h>
11 #include <linux/module.h>
12 #include <linux/netlink.h>
13 #include <linux/netfilter.h>
14 #include <linux/netfilter/nf_tables.h>
15 #include <net/netfilter/nf_tables_core.h>
16 #include <net/netfilter/nf_tables.h>
17
18 struct nft_byteorder {
19 u8 sreg;
20 u8 dreg;
21 enum nft_byteorder_ops op:8;
22 u8 size;
23 };
24
nft_byteorder_eval(const struct nft_expr * expr,struct nft_regs * regs,const struct nft_pktinfo * pkt)25 void nft_byteorder_eval(const struct nft_expr *expr,
26 struct nft_regs *regs,
27 const struct nft_pktinfo *pkt)
28 {
29 const struct nft_byteorder *priv = nft_expr_priv(expr);
30 const u32 *src = ®s->data[priv->sreg];
31 u32 *dst = ®s->data[priv->dreg];
32
33 switch (priv->size) {
34 case 8: {
35 u64 *dst64 = (void *)dst;
36 u64 src64;
37
38 switch (priv->op) {
39 case NFT_BYTEORDER_NTOH:
40 src64 = nft_reg_load64(src);
41
42 nft_reg_store64(dst64, be64_to_cpu((__force __be64)src64));
43 break;
44 case NFT_BYTEORDER_HTON:
45 src64 = (__force __u64)cpu_to_be64(nft_reg_load64(src));
46
47 nft_reg_store64(dst64, src64);
48 break;
49 }
50 break;
51 }
52 case 4:
53 switch (priv->op) {
54 case NFT_BYTEORDER_NTOH:
55 *dst = ntohl((__force __be32)*src);
56 break;
57 case NFT_BYTEORDER_HTON:
58 *dst = (__force __u32)htonl(*src);
59 break;
60 }
61 break;
62 case 2:
63 switch (priv->op) {
64 case NFT_BYTEORDER_NTOH:
65 nft_reg_store16(dst, ntohs(nft_reg_load_be16(src)));
66 break;
67 case NFT_BYTEORDER_HTON:
68 nft_reg_store_be16(dst, htons(nft_reg_load16(src)));
69 break;
70 }
71 break;
72 }
73 }
74
75 static const struct nla_policy nft_byteorder_policy[NFTA_BYTEORDER_MAX + 1] = {
76 [NFTA_BYTEORDER_SREG] = NLA_POLICY_MAX(NLA_BE32, NFT_REG32_MAX),
77 [NFTA_BYTEORDER_DREG] = NLA_POLICY_MAX(NLA_BE32, NFT_REG32_MAX),
78 [NFTA_BYTEORDER_OP] = NLA_POLICY_MAX(NLA_BE32, 255),
79 [NFTA_BYTEORDER_LEN] = NLA_POLICY_MAX(NLA_BE32, 255),
80 [NFTA_BYTEORDER_SIZE] = NLA_POLICY_MAX(NLA_BE32, 255),
81 };
82
nft_byteorder_init(const struct nft_ctx * ctx,const struct nft_expr * expr,const struct nlattr * const tb[])83 static int nft_byteorder_init(const struct nft_ctx *ctx,
84 const struct nft_expr *expr,
85 const struct nlattr * const tb[])
86 {
87 struct nft_byteorder *priv = nft_expr_priv(expr);
88 u32 size, len;
89 int err;
90
91 if (tb[NFTA_BYTEORDER_SREG] == NULL ||
92 tb[NFTA_BYTEORDER_DREG] == NULL ||
93 tb[NFTA_BYTEORDER_LEN] == NULL ||
94 tb[NFTA_BYTEORDER_SIZE] == NULL ||
95 tb[NFTA_BYTEORDER_OP] == NULL)
96 return -EINVAL;
97
98 priv->op = ntohl(nla_get_be32(tb[NFTA_BYTEORDER_OP]));
99 switch (priv->op) {
100 case NFT_BYTEORDER_NTOH:
101 case NFT_BYTEORDER_HTON:
102 break;
103 default:
104 return -EINVAL;
105 }
106
107 err = nft_parse_u32_check(tb[NFTA_BYTEORDER_SIZE], U8_MAX, &size);
108 if (err < 0)
109 return err;
110
111 priv->size = size;
112
113 switch (priv->size) {
114 case 2:
115 case 4:
116 case 8:
117 break;
118 default:
119 return -EINVAL;
120 }
121
122 err = nft_parse_u32_check(tb[NFTA_BYTEORDER_LEN], U8_MAX, &len);
123 if (err < 0)
124 return err;
125
126 /* no longer support multi-reg conversions */
127 if (len != size)
128 return -EOPNOTSUPP;
129
130 err = nft_parse_register_load(ctx, tb[NFTA_BYTEORDER_SREG], &priv->sreg,
131 len);
132 if (err < 0)
133 return err;
134
135 err = nft_parse_register_store(ctx, tb[NFTA_BYTEORDER_DREG],
136 &priv->dreg, NULL, NFT_DATA_VALUE,
137 len);
138 if (err < 0)
139 return err;
140
141 if (nft_reg_overlap(priv->sreg, priv->dreg, len))
142 return -EINVAL;
143
144 return 0;
145 }
146
nft_byteorder_dump(struct sk_buff * skb,const struct nft_expr * expr,bool reset)147 static int nft_byteorder_dump(struct sk_buff *skb,
148 const struct nft_expr *expr, bool reset)
149 {
150 const struct nft_byteorder *priv = nft_expr_priv(expr);
151
152 if (nft_dump_register(skb, NFTA_BYTEORDER_SREG, priv->sreg))
153 goto nla_put_failure;
154 if (nft_dump_register(skb, NFTA_BYTEORDER_DREG, priv->dreg))
155 goto nla_put_failure;
156 if (nla_put_be32(skb, NFTA_BYTEORDER_OP, htonl(priv->op)))
157 goto nla_put_failure;
158 if (nla_put_be32(skb, NFTA_BYTEORDER_SIZE, htonl(priv->size)))
159 goto nla_put_failure;
160 /* compatibility for old userspace which permitted size != len */
161 if (nla_put_be32(skb, NFTA_BYTEORDER_LEN, htonl(priv->size)))
162 goto nla_put_failure;
163 return 0;
164
165 nla_put_failure:
166 return -1;
167 }
168
169 static const struct nft_expr_ops nft_byteorder_ops = {
170 .type = &nft_byteorder_type,
171 .size = NFT_EXPR_SIZE(sizeof(struct nft_byteorder)),
172 .eval = nft_byteorder_eval,
173 .init = nft_byteorder_init,
174 .dump = nft_byteorder_dump,
175 };
176
177 struct nft_expr_type nft_byteorder_type __read_mostly = {
178 .name = "byteorder",
179 .ops = &nft_byteorder_ops,
180 .policy = nft_byteorder_policy,
181 .maxattr = NFTA_BYTEORDER_MAX,
182 .owner = THIS_MODULE,
183 };
184