diff options
author | Florian Westphal <fw@strlen.de> | 2023-05-01 18:51:19 +0200 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2023-05-02 19:18:07 +0200 |
commit | 0583bac241ea18c9d7f61cb20ca04faa1e043b78 (patch) | |
tree | bff817086e5894f6f606dea8cd1673c31a4d53a3 | |
parent | 19d73ccdd39fae49b44330097ecd2bc507e63d1b (diff) |
netlink: restore typeof interval map data type
When "typeof ... : interval ..." gets used, existing logic
failed to validate the expressions.
"interval" means that kernel reserves twice the size,
so consider this when validating and restoring.
Also fix up the dump file of the existing test
case to be symmetrical.
Signed-off-by: Florian Westphal <fw@strlen.de>
-rw-r--r-- | src/netlink.c | 7 | ||||
-rw-r--r-- | tests/shell/testcases/sets/dumps/0067nat_concat_interval_0.nft | 4 |
2 files changed, 8 insertions, 3 deletions
diff --git a/src/netlink.c b/src/netlink.c index f1452d48..3352ad0a 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -1024,10 +1024,15 @@ struct set *netlink_delinearize_set(struct netlink_ctx *ctx, list_splice_tail(&set_parse_ctx.stmt_list, &set->stmt_list); if (datatype) { + uint32_t dlen; + dtype = set_datatype_alloc(datatype, databyteorder); klen = nftnl_set_get_u32(nls, NFTNL_SET_DATA_LEN) * BITS_PER_BYTE; - if (set_udata_key_valid(typeof_expr_data, klen)) { + dlen = data_interval ? klen / 2 : klen; + + if (set_udata_key_valid(typeof_expr_data, dlen)) { + typeof_expr_data->len = klen; datatype_free(datatype_get(dtype)); set->data = typeof_expr_data; } else { diff --git a/tests/shell/testcases/sets/dumps/0067nat_concat_interval_0.nft b/tests/shell/testcases/sets/dumps/0067nat_concat_interval_0.nft index 6af47c66..0215691e 100644 --- a/tests/shell/testcases/sets/dumps/0067nat_concat_interval_0.nft +++ b/tests/shell/testcases/sets/dumps/0067nat_concat_interval_0.nft @@ -18,14 +18,14 @@ table ip nat { } map ipportmap4 { - type ifname . ipv4_addr : interval ipv4_addr + typeof iifname . ip saddr : interval ip daddr flags interval elements = { "enp2s0" . 10.1.1.136 : 1.1.2.69/32, "enp2s0" . 10.1.1.1-10.1.1.135 : 1.1.2.66-1.84.236.78 } } map ipportmap5 { - type ifname . ipv4_addr : interval ipv4_addr . inet_service + typeof iifname . ip saddr : interval ip daddr . tcp dport flags interval elements = { "enp2s0" . 10.1.1.136 : 1.1.2.69 . 22, "enp2s0" . 10.1.1.1-10.1.1.135 : 1.1.2.66-1.84.236.78 . 22 } |