From a96e4fca10506462df4ee4035f0f86f09bd9dc34 Mon Sep 17 00:00:00 2001 From: "/C=EU/ST=EU/CN=Jozsef Kadlecsik/emailAddress=kadlec@blackhole.kfki.hu" Date: Mon, 20 Oct 2008 10:00:26 +0000 Subject: ipset 2.4 release userspace changes: - Added KBUILD_OUTPUT support (Sven Wegener) - Fix memory leak in ipset_iptreemap (Sven Wegener) - Fix multiple compiler warnings (Sven Wegener) - ipportiphash, ipportnethash and setlist types added - binding marked as deprecated functionality - element separator token changed to ',' in anticipating IPv6 addresses, old separator tokens are still supported - unnecessary includes removed - ipset does not try to resolve IP addresses when listing the content of sets (default changed) - manpage updated - ChangeLog forked for kernel part kernel part changes: - ipportiphash, ipportnethash and setlist types added - set type modules reworked to avoid code duplication as much as possible, code unification macros - expand_macros Makefile target added to help debugging code unification macros - ip_set_addip_kernel and ip_set_delip_kernel changed from void to int, __ip_set_get_byname and __ip_set_put_byid added for the sake of setlist type - unnecessary includes removed - compatibility fix for kernels >= 2.6.27: semaphore.h was moved from asm/ to linux/ (James King) - ChangeLog forked for kernel part --- kernel/ip_set_iptreemap.c | 152 +++++++++++----------------------------------- 1 file changed, 37 insertions(+), 115 deletions(-) (limited to 'kernel/ip_set_iptreemap.c') diff --git a/kernel/ip_set_iptreemap.c b/kernel/ip_set_iptreemap.c index dedf8a4..4a13e4f 100644 --- a/kernel/ip_set_iptreemap.c +++ b/kernel/ip_set_iptreemap.c @@ -11,20 +11,19 @@ * index to find the bitmap and the last octet is used as the bit number. */ -#include #include #include #include #include #include #include -#include -#include #include #include #include #include +#include +#include #include #define IPTREEMAP_DEFAULT_GC_TIME (5 * 60) @@ -250,7 +249,7 @@ free_b(struct ip_set_iptreemap_b *map) } static inline int -__testip(struct ip_set *set, ip_set_ip_t ip, ip_set_ip_t *hash_ip) +iptreemap_test(struct ip_set *set, ip_set_ip_t *hash_ip, ip_set_ip_t ip) { struct ip_set_iptreemap *map = set->data; struct ip_set_iptreemap_b *btree; @@ -269,35 +268,13 @@ __testip(struct ip_set *set, ip_set_ip_t ip, ip_set_ip_t *hash_ip) return !!test_bit(d, (void *) dtree->bitmap); } -static int -testip(struct ip_set *set, const void *data, size_t size, ip_set_ip_t *hash_ip) -{ - const struct ip_set_req_iptreemap *req = data; - - if (size != sizeof(struct ip_set_req_iptreemap)) { - ip_set_printk("data length wrong (want %zu, have %zu)", sizeof(struct ip_set_req_iptreemap), size); - return -EINVAL; - } - - return __testip(set, req->start, hash_ip); -} - -static int -testip_kernel(struct ip_set *set, const struct sk_buff *skb, ip_set_ip_t *hash_ip, const u_int32_t *flags, unsigned char index) -{ - int res; - - res = __testip(set, - ntohl(flags[index] & IPSET_SRC - ? ip_hdr(skb)->saddr - : ip_hdr(skb)->daddr), - hash_ip); +#define KADT_CONDITION - return (res < 0 ? 0 : res); -} +UADT(iptreemap, test) +KADT(iptreemap, test, ipaddr) static inline int -__addip_single(struct ip_set *set, ip_set_ip_t ip, ip_set_ip_t *hash_ip) +__addip_single(struct ip_set *set, ip_set_ip_t *hash_ip, ip_set_ip_t ip) { struct ip_set_iptreemap *map = (struct ip_set_iptreemap *) set->data; struct ip_set_iptreemap_b *btree; @@ -322,7 +299,8 @@ __addip_single(struct ip_set *set, ip_set_ip_t ip, ip_set_ip_t *hash_ip) } static inline int -__addip_range(struct ip_set *set, ip_set_ip_t start, ip_set_ip_t end, ip_set_ip_t *hash_ip) +iptreemap_add(struct ip_set *set, ip_set_ip_t *hash_ip, + ip_set_ip_t start, ip_set_ip_t end) { struct ip_set_iptreemap *map = set->data; struct ip_set_iptreemap_b *btree; @@ -333,7 +311,7 @@ __addip_range(struct ip_set *set, ip_set_ip_t start, ip_set_ip_t end, ip_set_ip_ unsigned char a2, b2, c2, d2; if (start == end) - return __addip_single(set, start, hash_ip); + return __addip_single(set, hash_ip, start); *hash_ip = start; @@ -354,32 +332,12 @@ __addip_range(struct ip_set *set, ip_set_ip_t start, ip_set_ip_t end, ip_set_ip_ return 0; } -static int -addip(struct ip_set *set, const void *data, size_t size, ip_set_ip_t *hash_ip) -{ - const struct ip_set_req_iptreemap *req = data; - - if (size != sizeof(struct ip_set_req_iptreemap)) { - ip_set_printk("data length wrong (want %zu, have %zu)", sizeof(struct ip_set_req_iptreemap), size); - return -EINVAL; - } - - return __addip_range(set, min(req->start, req->end), max(req->start, req->end), hash_ip); -} - -static int -addip_kernel(struct ip_set *set, const struct sk_buff *skb, ip_set_ip_t *hash_ip, const u_int32_t *flags, unsigned char index) -{ - - return __addip_single(set, - ntohl(flags[index] & IPSET_SRC - ? ip_hdr(skb)->saddr - : ip_hdr(skb)->daddr), - hash_ip); -} +UADT0(iptreemap, add, min(req->ip, req->end), max(req->ip, req->end)) +KADT(iptreemap, add, ipaddr, ip) static inline int -__delip_single(struct ip_set *set, ip_set_ip_t ip, ip_set_ip_t *hash_ip, unsigned int __nocast flags) +__delip_single(struct ip_set *set, ip_set_ip_t *hash_ip, + ip_set_ip_t ip, unsigned int __nocast flags) { struct ip_set_iptreemap *map = set->data; struct ip_set_iptreemap_b *btree; @@ -404,7 +362,8 @@ __delip_single(struct ip_set *set, ip_set_ip_t ip, ip_set_ip_t *hash_ip, unsigne } static inline int -__delip_range(struct ip_set *set, ip_set_ip_t start, ip_set_ip_t end, ip_set_ip_t *hash_ip, unsigned int __nocast flags) +iptreemap_del(struct ip_set *set, ip_set_ip_t *hash_ip, + ip_set_ip_t start, ip_set_ip_t end, unsigned int __nocast flags) { struct ip_set_iptreemap *map = set->data; struct ip_set_iptreemap_b *btree; @@ -415,7 +374,7 @@ __delip_range(struct ip_set *set, ip_set_ip_t start, ip_set_ip_t end, ip_set_ip_ unsigned char a2, b2, c2, d2; if (start == end) - return __delip_single(set, start, hash_ip, flags); + return __delip_single(set, hash_ip, start, flags); *hash_ip = start; @@ -436,29 +395,8 @@ __delip_range(struct ip_set *set, ip_set_ip_t start, ip_set_ip_t end, ip_set_ip_ return 0; } -static int -delip(struct ip_set *set, const void *data, size_t size, ip_set_ip_t *hash_ip) -{ - const struct ip_set_req_iptreemap *req = data; - - if (size != sizeof(struct ip_set_req_iptreemap)) { - ip_set_printk("data length wrong (want %zu, have %zu)", sizeof(struct ip_set_req_iptreemap), size); - return -EINVAL; - } - - return __delip_range(set, min(req->start, req->end), max(req->start, req->end), hash_ip, GFP_KERNEL); -} - -static int -delip_kernel(struct ip_set *set, const struct sk_buff *skb, ip_set_ip_t *hash_ip, const u_int32_t *flags, unsigned char index) -{ - return __delip_single(set, - ntohl(flags[index] & IPSET_SRC - ? ip_hdr(skb)->saddr - : ip_hdr(skb)->daddr), - hash_ip, - GFP_ATOMIC); -} +UADT0(iptreemap, del, min(req->ip, req->end), max(req->ip, req->end), GFP_KERNEL) +KADT(iptreemap, del, ipaddr, ip, GFP_ATOMIC) /* Check the status of the bitmap * -1 == all bits cleared @@ -530,16 +468,12 @@ init_gc_timer(struct ip_set *set) add_timer(&map->gc); } -static int create(struct ip_set *set, const void *data, size_t size) +static int +iptreemap_create(struct ip_set *set, const void *data, size_t size) { const struct ip_set_req_iptreemap_create *req = data; struct ip_set_iptreemap *map; - if (size != sizeof(struct ip_set_req_iptreemap_create)) { - ip_set_printk("data length wrong (want %zu, have %zu)", sizeof(struct ip_set_req_iptreemap_create), size); - return -EINVAL; - } - map = kzalloc(sizeof(*map), GFP_KERNEL); if (!map) return -ENOMEM; @@ -552,7 +486,8 @@ static int create(struct ip_set *set, const void *data, size_t size) return 0; } -static inline void __flush(struct ip_set_iptreemap *map) +static inline void +__flush(struct ip_set_iptreemap *map) { struct ip_set_iptreemap_b *btree; unsigned int a; @@ -563,7 +498,8 @@ static inline void __flush(struct ip_set_iptreemap *map) LOOP_WALK_END(); } -static void destroy(struct ip_set *set) +static void +iptreemap_destroy(struct ip_set *set) { struct ip_set_iptreemap *map = set->data; @@ -576,7 +512,8 @@ static void destroy(struct ip_set *set) set->data = NULL; } -static void flush(struct ip_set *set) +static void +iptreemap_flush(struct ip_set *set) { struct ip_set_iptreemap *map = set->data; @@ -590,7 +527,8 @@ static void flush(struct ip_set *set) init_gc_timer(set); } -static void list_header(const struct ip_set *set, void *data) +static void +iptreemap_list_header(const struct ip_set *set, void *data) { struct ip_set_iptreemap *map = set->data; struct ip_set_req_iptreemap_create *header = data; @@ -598,7 +536,8 @@ static void list_header(const struct ip_set *set, void *data) header->gc_interval = map->gc_interval; } -static int list_members_size(const struct ip_set *set) +static int +iptreemap_list_members_size(const struct ip_set *set) { struct ip_set_iptreemap *map = set->data; struct ip_set_iptreemap_b *btree; @@ -627,17 +566,19 @@ static int list_members_size(const struct ip_set *set) return (count * sizeof(struct ip_set_req_iptreemap)); } -static inline size_t add_member(void *data, size_t offset, ip_set_ip_t start, ip_set_ip_t end) +static inline size_t +add_member(void *data, size_t offset, ip_set_ip_t start, ip_set_ip_t end) { struct ip_set_req_iptreemap *entry = data + offset; - entry->start = start; + entry->ip = start; entry->end = end; return sizeof(*entry); } -static void list_members(const struct ip_set *set, void *data) +static void +iptreemap_list_members(const struct ip_set *set, void *data) { struct ip_set_iptreemap *map = set->data; struct ip_set_iptreemap_b *btree; @@ -674,26 +615,7 @@ static void list_members(const struct ip_set *set, void *data) add_member(data, offset, start, end); } -static struct ip_set_type ip_set_iptreemap = { - .typename = SETTYPE_NAME, - .features = IPSET_TYPE_IP | IPSET_DATA_SINGLE, - .protocol_version = IP_SET_PROTOCOL_VERSION, - .create = create, - .destroy = destroy, - .flush = flush, - .reqsize = sizeof(struct ip_set_req_iptreemap), - .addip = addip, - .addip_kernel = addip_kernel, - .delip = delip, - .delip_kernel = delip_kernel, - .testip = testip, - .testip_kernel = testip_kernel, - .header_size = sizeof(struct ip_set_req_iptreemap_create), - .list_header = list_header, - .list_members_size = list_members_size, - .list_members = list_members, - .me = THIS_MODULE, -}; +IP_SET_TYPE(iptreemap, IPSET_TYPE_IP | IPSET_DATA_SINGLE) MODULE_LICENSE("GPL"); MODULE_AUTHOR("Sven Wegener "); -- cgit v1.2.3