1 // SPDX-License-Identifier: GPL-2.0-only
2 /* Kernel module to match running CPU */
3 
4 /*
5  * Might be used to distribute connections on several daemons, if
6  * RPS (Remote Packet Steering) is enabled or NIC is multiqueue capable,
7  * each RX queue IRQ affined to one CPU (1:1 mapping)
8  */
9 
10 /* (C) 2010 Eric Dumazet
11  */
12 
13 #include <linux/module.h>
14 #include <linux/skbuff.h>
15 #include <linux/netfilter/xt_cpu.h>
16 #include <linux/netfilter/x_tables.h>
17 
18 MODULE_LICENSE("GPL");
19 MODULE_AUTHOR("Eric Dumazet <eric.dumazet@gmail.com>");
20 MODULE_DESCRIPTION("Xtables: CPU match");
21 MODULE_ALIAS("ipt_cpu");
22 MODULE_ALIAS("ip6t_cpu");
23 
cpu_mt_check(const struct xt_mtchk_param * par)24 static int cpu_mt_check(const struct xt_mtchk_param *par)
25 {
26 	const struct xt_cpu_info *info = par->matchinfo;
27 
28 	if (info->invert & ~1)
29 		return -EINVAL;
30 	return 0;
31 }
32 
cpu_mt(const struct sk_buff * skb,struct xt_action_param * par)33 static bool cpu_mt(const struct sk_buff *skb, struct xt_action_param *par)
34 {
35 	const struct xt_cpu_info *info = par->matchinfo;
36 
37 	return (info->cpu == smp_processor_id()) ^ info->invert;
38 }
39 
40 static struct xt_match cpu_mt_reg __read_mostly = {
41 	.name       = "cpu",
42 	.revision   = 0,
43 	.family     = NFPROTO_UNSPEC,
44 	.checkentry = cpu_mt_check,
45 	.match      = cpu_mt,
46 	.matchsize  = sizeof(struct xt_cpu_info),
47 	.me         = THIS_MODULE,
48 };
49 
cpu_mt_init(void)50 static int __init cpu_mt_init(void)
51 {
52 	return xt_register_match(&cpu_mt_reg);
53 }
54 
cpu_mt_exit(void)55 static void __exit cpu_mt_exit(void)
56 {
57 	xt_unregister_match(&cpu_mt_reg);
58 }
59 
60 module_init(cpu_mt_init);
61 module_exit(cpu_mt_exit);
62