Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1758433Ab0BNLFz (ORCPT ); Sun, 14 Feb 2010 06:05:55 -0500 Received: from mx1.redhat.com ([209.132.183.28]:44273 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1758420Ab0BNLFw (ORCPT ); Sun, 14 Feb 2010 06:05:52 -0500 Date: Sun, 14 Feb 2010 13:01:10 +0200 From: "Michael S. Tsirkin" Cc: "David S. Miller" , Herbert Xu , "Michael S. Tsirkin" , Paul Moore , David Woodhouse , Sridhar Samudrala , netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 2/2] tun: socket filter support Message-ID: <20100214110110.GC30182@redhat.com> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.19 (2009-01-05) To: unlisted-recipients:; (no To-header on input) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2837 Lines: 95 This patch adds Linux Socket Filter support to tun driver. Signed-off-by: Michael S. Tsirkin --- drivers/net/tun.c | 26 ++++++++++++++++++++++++++ include/linux/if_tun.h | 3 +++ 2 files changed, 29 insertions(+), 0 deletions(-) diff --git a/drivers/net/tun.c b/drivers/net/tun.c index 5adb3d1..ce1efa4 100644 --- a/drivers/net/tun.c +++ b/drivers/net/tun.c @@ -61,6 +61,7 @@ #include #include #include +#include #include #include #include @@ -366,6 +367,10 @@ static netdev_tx_t tun_net_xmit(struct sk_buff *skb, struct net_device *dev) if (!check_filter(&tun->txflt, skb)) goto drop; + if (tun->socket.sk->sk_filter && + sk_filter(tun->socket.sk, skb)) + goto drop; + if (skb_queue_len(&tun->socket.sk->sk_receive_queue) >= dev->tx_queue_len) { if (!(tun->flags & TUN_ONE_QUEUE)) { /* Normal queueing mode. */ @@ -1162,6 +1167,7 @@ static long __tun_chr_ioctl(struct file *file, unsigned int cmd, struct tun_file *tfile = file->private_data; struct tun_struct *tun; void __user* argp = (void __user*)arg; + struct sock_fprog fprog; struct ifreq ifr; int sndbuf; int ret; @@ -1309,6 +1315,26 @@ static long __tun_chr_ioctl(struct file *file, unsigned int cmd, tun->socket.sk->sk_sndbuf = sndbuf; break; + case TUNATTACHFILTER: + /* Can be set only for TAPs */ + ret = -EINVAL; + if ((tun->flags & TUN_TYPE_MASK) != TUN_TAP_DEV) + break; + ret = -EFAULT; + if (copy_from_user(&fprog, argp, sizeof(fprog))) + break; + + ret = sk_attach_filter(&fprog, tun->socket.sk); + break; + + case TUNDETACHFILTER: + /* Can be set only for TAPs */ + ret = -EINVAL; + if ((tun->flags & TUN_TYPE_MASK) != TUN_TAP_DEV) + break; + ret = sk_detach_filter(tun->socket.sk); + break; + default: ret = -EINVAL; break; diff --git a/include/linux/if_tun.h b/include/linux/if_tun.h index 404abe0..1350a24 100644 --- a/include/linux/if_tun.h +++ b/include/linux/if_tun.h @@ -18,6 +18,7 @@ #include #include +#include /* Read queue size */ #define TUN_READQ_SIZE 500 @@ -48,6 +49,8 @@ #define TUNGETIFF _IOR('T', 210, unsigned int) #define TUNGETSNDBUF _IOR('T', 211, int) #define TUNSETSNDBUF _IOW('T', 212, int) +#define TUNATTACHFILTER _IOW('T', 213, struct sock_fprog) +#define TUNDETACHFILTER _IOW('T', 214, struct sock_fprog) /* TUNSETIFF ifr flags */ #define IFF_TUN 0x0001 -- 1.6.6.144.g5c3af -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/