diff options
author | Phil Sutter <phil@nwl.cc> | 2019-04-25 14:56:54 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-05-03 20:02:45 +0200 |
commit | 10da57e36147bf5c73cd2820e11ec124ecfffc83 (patch) | |
tree | bc92463a0dcdd81a0b82acd8914b43abcc67ab7d | |
parent | 92591aa0da84821238107f2f1515a57cbbd2cf6a (diff) |
src: use UDATA defines from libnftnl
Userdata attribute names have been added to libnftnl, use them instead
of the local copy.
While being at it, rename udata_get_comment() in netlink_delinearize.c
and the callback it uses since the function is specific to rules. Also
integrate the existence check for NFTNL_RULE_USERDATA into it along with
the call to nftnl_rule_get_data().
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r-- | include/rule.h | 32 | ||||
-rw-r--r-- | src/mnl.c | 6 | ||||
-rw-r--r-- | src/monitor.c | 2 | ||||
-rw-r--r-- | src/netlink.c | 45 | ||||
-rw-r--r-- | src/netlink_delinearize.c | 29 | ||||
-rw-r--r-- | src/netlink_linearize.c | 2 | ||||
-rw-r--r-- | src/parser_bison.y | 6 | ||||
-rw-r--r-- | src/segtree.c | 4 |
8 files changed, 50 insertions, 76 deletions
diff --git a/include/rule.h b/include/rule.h index dc5e5b87..8e70c129 100644 --- a/include/rule.h +++ b/include/rule.h @@ -637,38 +637,6 @@ extern void cache_flush(struct nft_ctx *ctx, enum cmd_ops cmd, struct list_head *msgs); extern void cache_release(struct nft_cache *cache); -enum udata_type { - UDATA_TYPE_COMMENT, - __UDATA_TYPE_MAX, -}; -#define UDATA_TYPE_MAX (__UDATA_TYPE_MAX - 1) - -#define UDATA_COMMENT_MAXLEN 128 - -enum udata_set_type { - UDATA_SET_KEYBYTEORDER, - UDATA_SET_DATABYTEORDER, - UDATA_SET_MERGE_ELEMENTS, - __UDATA_SET_MAX, -}; -#define UDATA_SET_MAX (__UDATA_SET_MAX - 1) - -enum udata_set_elem_type { - UDATA_SET_ELEM_COMMENT, - UDATA_SET_ELEM_FLAGS, - __UDATA_SET_ELEM_MAX, -}; -#define UDATA_SET_ELEM_MAX (__UDATA_SET_ELEM_MAX - 1) - -/** - * enum udata_set_elem_flags - meaning of bits in UDATA_SET_ELEM_FLAGS - * - * @SET_ELEM_F_INTERVAL_OPEN: set element denotes a half-open range - */ -enum udata_set_elem_flags { - SET_ELEM_F_INTERVAL_OPEN = 0x1, -}; - struct timeout_protocol { uint32_t array_size; const char *const *state_to_name; @@ -780,17 +780,17 @@ int mnl_nft_set_add(struct netlink_ctx *ctx, const struct cmd *cmd, udbuf = nftnl_udata_buf_alloc(NFT_USERDATA_MAXLEN); if (!udbuf) memory_allocation_error(); - if (!nftnl_udata_put_u32(udbuf, UDATA_SET_KEYBYTEORDER, + if (!nftnl_udata_put_u32(udbuf, NFTNL_UDATA_SET_KEYBYTEORDER, set->key->byteorder)) memory_allocation_error(); if (set->flags & NFT_SET_MAP && - !nftnl_udata_put_u32(udbuf, UDATA_SET_DATABYTEORDER, + !nftnl_udata_put_u32(udbuf, NFTNL_UDATA_SET_DATABYTEORDER, set->datatype->byteorder)) memory_allocation_error(); if (set->automerge && - !nftnl_udata_put_u32(udbuf, UDATA_SET_MERGE_ELEMENTS, + !nftnl_udata_put_u32(udbuf, NFTNL_UDATA_SET_MERGE_ELEMENTS, set->automerge)) memory_allocation_error(); diff --git a/src/monitor.c b/src/monitor.c index 35dc4501..a68d960b 100644 --- a/src/monitor.c +++ b/src/monitor.c @@ -332,7 +332,7 @@ static bool set_elem_is_open_interval(struct expr *elem) { switch (elem->etype) { case EXPR_SET_ELEM: - return elem->elem_flags & SET_ELEM_F_INTERVAL_OPEN; + return elem->elem_flags & NFTNL_SET_ELEM_F_INTERVAL_OPEN; case EXPR_MAPPING: return set_elem_is_open_interval(elem->left); default: diff --git a/src/netlink.c b/src/netlink.c index 9e0e07d4..c051ae6c 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -128,12 +128,12 @@ static struct nftnl_set_elem *alloc_nftnl_setelem(const struct expr *set, memory_allocation_error(); } if (elem->comment) { - if (!nftnl_udata_put_strz(udbuf, UDATA_SET_ELEM_COMMENT, + if (!nftnl_udata_put_strz(udbuf, NFTNL_UDATA_SET_ELEM_COMMENT, elem->comment)) memory_allocation_error(); } if (expr->elem_flags) { - if (!nftnl_udata_put_u32(udbuf, UDATA_SET_ELEM_FLAGS, + if (!nftnl_udata_put_u32(udbuf, NFTNL_UDATA_SET_ELEM_FLAGS, expr->elem_flags)) memory_allocation_error(); } @@ -522,9 +522,9 @@ static int set_parse_udata_cb(const struct nftnl_udata *attr, void *data) uint8_t len = nftnl_udata_len(attr); switch (type) { - case UDATA_SET_KEYBYTEORDER: - case UDATA_SET_DATABYTEORDER: - case UDATA_SET_MERGE_ELEMENTS: + case NFTNL_UDATA_SET_KEYBYTEORDER: + case NFTNL_UDATA_SET_DATABYTEORDER: + case NFTNL_UDATA_SET_MERGE_ELEMENTS: if (len != sizeof(uint32_t)) return -1; break; @@ -538,7 +538,7 @@ static int set_parse_udata_cb(const struct nftnl_udata *attr, void *data) struct set *netlink_delinearize_set(struct netlink_ctx *ctx, const struct nftnl_set *nls) { - const struct nftnl_udata *ud[UDATA_SET_MAX + 1] = {}; + const struct nftnl_udata *ud[NFTNL_UDATA_SET_MAX + 1] = {}; uint32_t flags, key, data, data_len, objtype = 0; enum byteorder keybyteorder = BYTEORDER_INVALID; enum byteorder databyteorder = BYTEORDER_INVALID; @@ -555,15 +555,15 @@ struct set *netlink_delinearize_set(struct netlink_ctx *ctx, return NULL; } - if (ud[UDATA_SET_KEYBYTEORDER]) - keybyteorder = - nftnl_udata_get_u32(ud[UDATA_SET_KEYBYTEORDER]); - if (ud[UDATA_SET_DATABYTEORDER]) - databyteorder = - nftnl_udata_get_u32(ud[UDATA_SET_DATABYTEORDER]); - if (ud[UDATA_SET_MERGE_ELEMENTS]) - automerge = - nftnl_udata_get_u32(ud[UDATA_SET_MERGE_ELEMENTS]); +#define GET_U32_UDATA(var, attr) \ + if (ud[attr]) \ + var = nftnl_udata_get_u32(ud[attr]) + + GET_U32_UDATA(keybyteorder, NFTNL_UDATA_SET_KEYBYTEORDER); + GET_U32_UDATA(databyteorder, NFTNL_UDATA_SET_DATABYTEORDER); + GET_U32_UDATA(automerge, NFTNL_UDATA_SET_MERGE_ELEMENTS); + +#undef GET_U32_UDATA } key = nftnl_set_get_u32(nls, NFTNL_SET_KEY_TYPE); @@ -712,11 +712,11 @@ static int set_elem_parse_udata_cb(const struct nftnl_udata *attr, void *data) uint8_t len = nftnl_udata_len(attr); switch (type) { - case UDATA_SET_ELEM_COMMENT: + case NFTNL_UDATA_SET_ELEM_COMMENT: if (value[len - 1] != '\0') return -1; break; - case UDATA_SET_ELEM_FLAGS: + case NFTNL_UDATA_SET_ELEM_FLAGS: if (len != sizeof(uint32_t)) return -1; break; @@ -730,7 +730,7 @@ static int set_elem_parse_udata_cb(const struct nftnl_udata *attr, void *data) static void set_elem_parse_udata(struct nftnl_set_elem *nlse, struct expr *expr) { - const struct nftnl_udata *ud[UDATA_SET_ELEM_MAX + 1] = {}; + const struct nftnl_udata *ud[NFTNL_UDATA_SET_ELEM_MAX + 1] = {}; const void *data; uint32_t len; @@ -738,11 +738,12 @@ static void set_elem_parse_udata(struct nftnl_set_elem *nlse, if (nftnl_udata_parse(data, len, set_elem_parse_udata_cb, ud)) return; - if (ud[UDATA_SET_ELEM_COMMENT]) + if (ud[NFTNL_UDATA_SET_ELEM_COMMENT]) expr->comment = - xstrdup(nftnl_udata_get(ud[UDATA_SET_ELEM_COMMENT])); - if (ud[UDATA_SET_ELEM_FLAGS]) - expr->elem_flags = nftnl_udata_get_u32(ud[UDATA_SET_ELEM_FLAGS]); + xstrdup(nftnl_udata_get(ud[NFTNL_UDATA_SET_ELEM_COMMENT])); + if (ud[NFTNL_UDATA_SET_ELEM_FLAGS]) + expr->elem_flags = + nftnl_udata_get_u32(ud[NFTNL_UDATA_SET_ELEM_FLAGS]); } int netlink_delinearize_setelem(struct nftnl_set_elem *nlse, diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c index 40ab0256..2c9b0a32 100644 --- a/src/netlink_delinearize.c +++ b/src/netlink_delinearize.c @@ -2575,7 +2575,7 @@ static void rule_parse_postprocess(struct netlink_parse_ctx *ctx, struct rule *r } } -static int parse_udata_cb(const struct nftnl_udata *attr, void *data) +static int parse_rule_udata_cb(const struct nftnl_udata *attr, void *data) { unsigned char *value = nftnl_udata_get(attr); uint8_t type = nftnl_udata_type(attr); @@ -2583,7 +2583,7 @@ static int parse_udata_cb(const struct nftnl_udata *attr, void *data) const struct nftnl_udata **tb = data; switch (type) { - case UDATA_TYPE_COMMENT: + case NFTNL_UDATA_RULE_COMMENT: if (value[len - 1] != '\0') return -1; break; @@ -2594,17 +2594,24 @@ static int parse_udata_cb(const struct nftnl_udata *attr, void *data) return 0; } -static char *udata_get_comment(const void *data, uint32_t data_len) +static char *nftnl_rule_get_comment(const struct nftnl_rule *nlr) { - const struct nftnl_udata *tb[UDATA_TYPE_MAX + 1] = {}; + const struct nftnl_udata *tb[NFTNL_UDATA_RULE_MAX + 1] = {}; + const void *data; + uint32_t len; - if (nftnl_udata_parse(data, data_len, parse_udata_cb, tb) < 0) + if (!nftnl_rule_is_set(nlr, NFTNL_RULE_USERDATA)) return NULL; - if (!tb[UDATA_TYPE_COMMENT]) + data = nftnl_rule_get_data(nlr, NFTNL_RULE_USERDATA, &len); + + if (nftnl_udata_parse(data, len, parse_rule_udata_cb, tb) < 0) + return NULL; + + if (!tb[NFTNL_UDATA_RULE_COMMENT]) return NULL; - return xstrdup(nftnl_udata_get(tb[UDATA_TYPE_COMMENT])); + return xstrdup(nftnl_udata_get(tb[NFTNL_UDATA_RULE_COMMENT])); } struct rule *netlink_delinearize_rule(struct netlink_ctx *ctx, @@ -2630,13 +2637,7 @@ struct rule *netlink_delinearize_rule(struct netlink_ctx *ctx, pctx->table = table_lookup(&h, &ctx->nft->cache); assert(pctx->table != NULL); - if (nftnl_rule_is_set(nlr, NFTNL_RULE_USERDATA)) { - const void *data; - uint32_t len; - - data = nftnl_rule_get_data(nlr, NFTNL_RULE_USERDATA, &len); - pctx->rule->comment = udata_get_comment(data, len); - } + pctx->rule->comment = nftnl_rule_get_comment(nlr); nftnl_expr_foreach(nlr, netlink_parse_rule_expr, pctx); diff --git a/src/netlink_linearize.c b/src/netlink_linearize.c index df763544..2c6aa64d 100644 --- a/src/netlink_linearize.c +++ b/src/netlink_linearize.c @@ -1432,7 +1432,7 @@ void netlink_linearize_rule(struct netlink_ctx *ctx, struct nftnl_rule *nlr, if (!udata) memory_allocation_error(); - if (!nftnl_udata_put_strz(udata, UDATA_TYPE_COMMENT, + if (!nftnl_udata_put_strz(udata, NFTNL_UDATA_RULE_COMMENT, rule->comment)) memory_allocation_error(); nftnl_rule_set_data(nlr, NFTNL_RULE_USERDATA, diff --git a/src/parser_bison.y b/src/parser_bison.y index 4a2a81cd..9aea6526 100644 --- a/src/parser_bison.y +++ b/src/parser_bison.y @@ -28,6 +28,7 @@ #include <netinet/icmp6.h> #include <libnftnl/common.h> #include <libnftnl/set.h> +#include <libnftnl/udata.h> #include <rule.h> #include <statement.h> @@ -2185,8 +2186,9 @@ ruleid_spec : chain_spec handle_spec comment_spec : COMMENT string { - if (strlen($2) > UDATA_COMMENT_MAXLEN) { - erec_queue(error(&@2, "comment too long, %d characters maximum allowed", UDATA_COMMENT_MAXLEN), + if (strlen($2) > NFTNL_UDATA_COMMENT_MAXLEN) { + erec_queue(error(&@2, "comment too long, %d characters maximum allowed", + NFTNL_UDATA_COMMENT_MAXLEN), state->msgs); YYERROR; } diff --git a/src/segtree.c b/src/segtree.c index 4353e85a..a21270a0 100644 --- a/src/segtree.c +++ b/src/segtree.c @@ -13,6 +13,8 @@ #include <inttypes.h> #include <arpa/inet.h> +#include <libnftnl/udata.h> + #include <rule.h> #include <expression.h> #include <gmputil.h> @@ -562,7 +564,7 @@ static void set_insert_interval(struct expr *set, struct seg_tree *tree, if (ei->flags & EI_F_INTERVAL_END) expr->flags |= EXPR_F_INTERVAL_END; if (ei->flags & EI_F_INTERVAL_OPEN) - expr->elem_flags |= SET_ELEM_F_INTERVAL_OPEN; + expr->elem_flags |= NFTNL_SET_ELEM_F_INTERVAL_OPEN; compound_expr_add(set, expr); } |