xt_NFLOG.c - cachepc-linux - Fork of AMDESE/linux with modifications for CachePC side-channel attack

	cachepc-linux Fork of AMDESE/linux with modifications for CachePC side-channel attack
	git clone https://git.sinitax.com/sinitax/cachepc-linux
	Log \| Files \| Refs \| README \| LICENSE \| sfeed.txt
xt_NFLOG.c (2224B)
      1// SPDX-License-Identifier: GPL-2.0-only
      2/*
      3 * Copyright (c) 2006 Patrick McHardy <kaber@trash.net>
      4 */
      5
      6#include <linux/module.h>
      7#include <linux/init.h>
      8#include <linux/skbuff.h>
      9
     10#include <linux/netfilter/x_tables.h>
     11#include <linux/netfilter/xt_NFLOG.h>
     12#include <net/netfilter/nf_log.h>
     13
     14MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
     15MODULE_DESCRIPTION("Xtables: packet logging to netlink using NFLOG");
     16MODULE_LICENSE("GPL");
     17MODULE_ALIAS("ipt_NFLOG");
     18MODULE_ALIAS("ip6t_NFLOG");
     19
     20static unsigned int
     21nflog_tg(struct sk_buff *skb, const struct xt_action_param *par)
     22{
     23	const struct xt_nflog_info *info = par->targinfo;
     24	struct net *net = xt_net(par);
     25	struct nf_loginfo li;
     26
     27	li.type		     = NF_LOG_TYPE_ULOG;
     28	li.u.ulog.copy_len   = info->len;
     29	li.u.ulog.group	     = info->group;
     30	li.u.ulog.qthreshold = info->threshold;
     31	li.u.ulog.flags	     = 0;
     32
     33	if (info->flags & XT_NFLOG_F_COPY_LEN)
     34		li.u.ulog.flags |= NF_LOG_F_COPY_LEN;
     35
     36	nf_log_packet(net, xt_family(par), xt_hooknum(par), skb, xt_in(par),
     37		      xt_out(par), &li, "%s", info->prefix);
     38
     39	return XT_CONTINUE;
     40}
     41
     42static int nflog_tg_check(const struct xt_tgchk_param *par)
     43{
     44	const struct xt_nflog_info *info = par->targinfo;
     45	int ret;
     46
     47	if (info->flags & ~XT_NFLOG_MASK)
     48		return -EINVAL;
     49	if (info->prefix[sizeof(info->prefix) - 1] != '\0')
     50		return -EINVAL;
     51
     52	ret = nf_logger_find_get(par->family, NF_LOG_TYPE_ULOG);
     53	if (ret != 0 && !par->nft_compat) {
     54		request_module("%s", "nfnetlink_log");
     55
     56		ret = nf_logger_find_get(par->family, NF_LOG_TYPE_ULOG);
     57	}
     58
     59	return ret;
     60}
     61
     62static void nflog_tg_destroy(const struct xt_tgdtor_param *par)
     63{
     64	nf_logger_put(par->family, NF_LOG_TYPE_ULOG);
     65}
     66
     67static struct xt_target nflog_tg_reg __read_mostly = {
     68	.name       = "NFLOG",
     69	.revision   = 0,
     70	.family     = NFPROTO_UNSPEC,
     71	.checkentry = nflog_tg_check,
     72	.destroy    = nflog_tg_destroy,
     73	.target     = nflog_tg,
     74	.targetsize = sizeof(struct xt_nflog_info),
     75	.me         = THIS_MODULE,
     76};
     77
     78static int __init nflog_tg_init(void)
     79{
     80	return xt_register_target(&nflog_tg_reg);
     81}
     82
     83static void __exit nflog_tg_exit(void)
     84{
     85	xt_unregister_target(&nflog_tg_reg);
     86}
     87
     88module_init(nflog_tg_init);
     89module_exit(nflog_tg_exit);
     90MODULE_SOFTDEP("pre: nfnetlink_log");