src: add set_is_datamap(), set_is_objmap() and set_is_map() helpers

Two map types are currently possible: * data maps, ie. set_is_datamap(). * object maps, ie. set_is_objmap(). This patch adds helper functions to check for the map type. set_is_map() allows you to check for either map type. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2019-07-15 08:26:43 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2019-07-16 19:53:43 +0200
commit: 0fd53234e360d4dde8aa53dbcaad89495a4fab7f (patch)
tree: 8b8626a93e422f8d107a689c39407d15c91cb5e0
parent: 28f22b78f7738a66f88089ecab135242c4c9156d (diff)
6 files changed, 36 insertions, 20 deletions
diff --git a/include/rule.h b/include/rule.h
index aefb24d9..bee1d447 100644
--- a/include/rule.h
+++ b/include/rule.h
@@ -6,6 +6,7 @@
 #include <list.h>
 #include <netinet/in.h>
 #include <libnftnl/object.h>	/* For NFTNL_CTTIMEOUT_ARRAY_MAX. */
+#include <linux/netfilter/nf_tables.h>
 
 /**
  * struct handle_spec - handle ID
@@ -321,6 +322,21 @@ extern const char *set_policy2str(uint32_t policy);
 extern void set_print(const struct set *set, struct output_ctx *octx);
 extern void set_print_plain(const struct set *s, struct output_ctx *octx);
 
+static inline bool set_is_datamap(uint32_t set_flags)
+{
+	return set_flags & NFT_SET_MAP;
+}
+
+static inline bool set_is_objmap(uint32_t set_flags)
+{
+	return set_flags & NFT_SET_OBJECT;
+}
+
+static inline bool set_is_map(uint32_t set_flags)
+{
+	return set_is_datamap(set_flags) || set_is_objmap(set_flags);
+}
+
 #include <statement.h>
 
 struct counter {
diff --git a/src/evaluate.c b/src/evaluate.c
index 8086f750..e1a827e7 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -83,7 +83,7 @@ static struct expr *implicit_set_declaration(struct eval_ctx *ctx,
 	struct set *set;
 	struct handle h;
 
-	if (expr->set_flags & NFT_SET_MAP)
+	if (set_is_datamap(expr->set_flags))
 		key_fix_dtype_byteorder(key);
 
 	set = set_alloc(&expr->location);
@@ -1381,7 +1381,7 @@ static int expr_evaluate_map(struct eval_ctx *ctx, struct expr **expr)
 		if (expr_evaluate(ctx, &map->mappings) < 0)
 			return -1;
 		if (map->mappings->etype != EXPR_SET_REF ||
-		    !(map->mappings->set->flags & NFT_SET_MAP))
+		    !set_is_datamap(map->mappings->set->flags))
 			return expr_error(ctx->msgs, map->mappings,
 					  "Expression is not a map");
 		break;
@@ -1416,7 +1416,7 @@ static int expr_evaluate_mapping(struct eval_ctx *ctx, struct expr **expr)
 	if (set == NULL)
 		return expr_error(ctx->msgs, mapping,
 				  "mapping outside of map context");
-	if (!(set->flags & (NFT_SET_MAP | NFT_SET_OBJECT)))
+	if (!set_is_map(set->flags))
 		return set_error(ctx, set, "set is not a map");
 
 	expr_set_context(&ctx->ectx, set->key->dtype, set->key->len);
@@ -2991,7 +2991,7 @@ static int stmt_evaluate_objref_map(struct eval_ctx *ctx, struct stmt *stmt)
 		if (map->mappings->etype != EXPR_SET_REF)
 			return expr_error(ctx->msgs, map->mappings,
 					  "Expression is not a map");
-		if (!(map->mappings->set->flags & NFT_SET_OBJECT))
+		if (!set_is_objmap(map->mappings->set->flags))
 			return expr_error(ctx->msgs, map->mappings,
 					  "Expression is not a map with objects");
 		break;
@@ -3149,7 +3149,7 @@ static int set_evaluate(struct eval_ctx *ctx, struct set *set)
 	    set->key->etype == EXPR_CONCAT)
 		return set_error(ctx, set, "concatenated types not supported in interval sets");
 
-	if (set->flags & NFT_SET_MAP) {
+	if (set_is_datamap(set->flags)) {
 		if (set->datatype == NULL)
 			return set_error(ctx, set, "map definition does not "
 					 "specify mapping data type");
@@ -3158,7 +3158,7 @@ static int set_evaluate(struct eval_ctx *ctx, struct set *set)
 		if (set->datalen == 0 && set->datatype->type != TYPE_VERDICT)
 			return set_error(ctx, set, "unqualified mapping data "
 					 "type specified in map definition");
-	} else if (set->flags & NFT_SET_OBJECT) {
+	} else if (set_is_objmap(set->flags)) {
 		set->datatype = &string_type;
 		set->datalen  = NFT_OBJ_MAXNAMELEN * BITS_PER_BYTE;
 	}
diff --git a/src/json.c b/src/json.c
index 1006d7bb..f40dc518 100644
--- a/src/json.c
+++ b/src/json.c
@@ -79,10 +79,10 @@ static json_t *set_print_json(struct output_ctx *octx, const struct set *set)
 	json_t *root, *tmp;
 	const char *type, *datatype_ext = NULL;
 
-	if (set->flags & NFT_SET_MAP) {
+	if (set_is_datamap(set->flags)) {
 		type = "map";
 		datatype_ext = set->datatype->name;
-	} else if (set->flags & NFT_SET_OBJECT) {
+	} else if (set_is_objmap(set->flags)) {
 		type = "map";
 		datatype_ext = obj_type_name(set->objtype);
 	} else if (set->flags & NFT_SET_EVAL) {
diff --git a/src/mnl.c b/src/mnl.c
index c145cc5c..a954e9d8 100644
--- a/src/mnl.c
+++ b/src/mnl.c
@@ -799,13 +799,13 @@ int mnl_nft_set_add(struct netlink_ctx *ctx, const struct cmd *cmd,
 			  dtype_map_to_kernel(set->key->dtype));
 	nftnl_set_set_u32(nls, NFTNL_SET_KEY_LEN,
 			  div_round_up(set->key->len, BITS_PER_BYTE));
-	if (set->flags & NFT_SET_MAP) {
+	if (set_is_datamap(set->flags)) {
 		nftnl_set_set_u32(nls, NFTNL_SET_DATA_TYPE,
 				  dtype_map_to_kernel(set->datatype));
 		nftnl_set_set_u32(nls, NFTNL_SET_DATA_LEN,
 				  set->datalen / BITS_PER_BYTE);
 	}
-	if (set->flags & NFT_SET_OBJECT)
+	if (set_is_objmap(set->flags))
 		nftnl_set_set_u32(nls, NFTNL_SET_OBJ_TYPE, set->objtype);
 
 	if (set->timeout)
@@ -833,7 +833,7 @@ int mnl_nft_set_add(struct netlink_ctx *ctx, const struct cmd *cmd,
 				 set->key->byteorder))
 		memory_allocation_error();
 
-	if (set->flags & NFT_SET_MAP &&
+	if (set_is_datamap(set->flags) &&
 	    !nftnl_udata_put_u32(udbuf, NFTNL_UDATA_SET_DATABYTEORDER,
 				 set->datatype->byteorder))
 		memory_allocation_error();
diff --git a/src/netlink.c b/src/netlink.c
index 97eb082c..0374c39a 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -146,7 +146,7 @@ static struct nftnl_set_elem *alloc_nftnl_setelem(const struct expr *set,
 				   nftnl_udata_buf_len(udbuf));
 		nftnl_udata_buf_free(udbuf);
 	}
-	if (set->set_flags & NFT_SET_MAP && data != NULL) {
+	if (set_is_datamap(set->set_flags) && data != NULL) {
 		netlink_gen_data(data, &nld);
 		switch (data->etype) {
 		case EXPR_VERDICT:
@@ -165,7 +165,7 @@ static struct nftnl_set_elem *alloc_nftnl_setelem(const struct expr *set,
 			break;
 		}
 	}
-	if (set->set_flags & NFT_SET_OBJECT && data != NULL) {
+	if (set_is_objmap(set->set_flags) && data != NULL) {
 		netlink_gen_data(data, &nld);
 		nftnl_set_elem_set(nlse, NFTNL_SET_ELEM_OBJREF,
 				   nld.value, nld.len);
@@ -581,7 +581,7 @@ struct set *netlink_delinearize_set(struct netlink_ctx *ctx,
 	}
 
 	flags = nftnl_set_get_u32(nls, NFTNL_SET_FLAGS);
-	if (flags & NFT_SET_MAP) {
+	if (set_is_datamap(flags)) {
 		data = nftnl_set_get_u32(nls, NFTNL_SET_DATA_TYPE);
 		datatype = dtype_map_from_kernel(data);
 		if (datatype == NULL) {
@@ -593,7 +593,7 @@ struct set *netlink_delinearize_set(struct netlink_ctx *ctx,
 	} else
 		datatype = NULL;
 
-	if (flags & NFT_SET_OBJECT) {
+	if (set_is_objmap(flags)) {
 		objtype = nftnl_set_get_u32(nls, NFTNL_SET_OBJ_TYPE);
 		datatype = &string_type;
 	}
@@ -795,7 +795,7 @@ int netlink_delinearize_setelem(struct nftnl_set_elem *nlse,
 	if (flags & NFT_SET_ELEM_INTERVAL_END)
 		expr->flags |= EXPR_F_INTERVAL_END;
 
-	if (set->flags & NFT_SET_MAP) {
+	if (set_is_datamap(set->flags)) {
 		if (nftnl_set_elem_is_set(nlse, NFTNL_SET_ELEM_DATA)) {
 			nld.value = nftnl_set_elem_get(nlse, NFTNL_SET_ELEM_DATA,
 						       &nld.len);
@@ -817,7 +817,7 @@ int netlink_delinearize_setelem(struct nftnl_set_elem *nlse,
 
 		expr = mapping_expr_alloc(&netlink_location, expr, data);
 	}
-	if (set->flags & NFT_SET_OBJECT) {
+	if (set_is_objmap(set->flags)) {
 		if (nftnl_set_elem_is_set(nlse, NFTNL_SET_ELEM_OBJREF)) {
 			nld.value = nftnl_set_elem_get(nlse,
 						       NFTNL_SET_ELEM_OBJREF,
diff --git a/src/rule.c b/src/rule.c
index 0a91917f..e04fc09b 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -449,7 +449,7 @@ static void set_print_declaration(const struct set *set,
 	if ((set->flags & (NFT_SET_EVAL | NFT_SET_ANONYMOUS)) ==
 				(NFT_SET_EVAL | NFT_SET_ANONYMOUS))
 		type = "meter";
-	else if (set->flags & (NFT_SET_MAP | NFT_SET_OBJECT))
+	else if (set_is_map(set->flags))
 		type = "map";
 	else
 		type = "set";
@@ -469,9 +469,9 @@ static void set_print_declaration(const struct set *set,
 	nft_print(octx, "%s", opts->nl);
 	nft_print(octx, "%s%stype %s",
 		  opts->tab, opts->tab, set->key->dtype->name);
-	if (set->flags & NFT_SET_MAP)
+	if (set_is_datamap(set->flags))
 		nft_print(octx, " : %s", set->datatype->name);
-	else if (set->flags & NFT_SET_OBJECT)
+	else if (set_is_objmap(set->flags))
 		nft_print(octx, " : %s", obj_type_name(set->objtype));
 
 	nft_print(octx, "%s", opts->stmt_separator);
author	Pablo Neira Ayuso <pablo@netfilter.org>	2019-07-15 08:26:43 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2019-07-16 19:53:43 +0200
commit	0fd53234e360d4dde8aa53dbcaad89495a4fab7f (patch)
tree	8b8626a93e422f8d107a689c39407d15c91cb5e0
parent	28f22b78f7738a66f88089ecab135242c4c9156d (diff)