From cab08c47e687104c3774e196240f3da1ad2834e7 Mon Sep 17 00:00:00 2001 From: Jeremy Sowden Date: Thu, 23 Mar 2023 17:58:44 +0100 Subject: netlink_delinearize: correct type and byte-order of shifts Downgrade to base type integer instead of the specific type from the expression that is used in the shift operation. Without this, listing a rule like: ct mark set ip dscp lshift 2 or 0x10 will return: ct mark set ip dscp << 2 | cs2 because the type of the OR's right operand will be transitively derived from `ip dscp`. However, this is not valid syntax: # nft add rule t c ct mark set ip dscp '<<' 2 '|' cs2 Error: Could not parse integer add rule t c ct mark set ip dscp << 2 | cs2 ^^^ Use xinteger_type to print the output in hexadecimal. Signed-off-by: Jeremy Sowden Signed-off-by: Pablo Neira Ayuso --- src/netlink_delinearize.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'src/netlink_delinearize.c') diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c index 3d383669..fd166eb1 100644 --- a/src/netlink_delinearize.c +++ b/src/netlink_delinearize.c @@ -2822,8 +2822,17 @@ static void expr_postprocess(struct rule_pp_ctx *ctx, struct expr **exprp) } expr_postprocess(ctx, &expr->right); - expr_set_type(expr, expr->left->dtype, - expr->left->byteorder); + switch (expr->op) { + case OP_LSHIFT: + case OP_RSHIFT: + expr_set_type(expr, &xinteger_type, + BYTEORDER_HOST_ENDIAN); + break; + default: + expr_set_type(expr, expr->left->dtype, + expr->left->byteorder); + } + break; case EXPR_RELATIONAL: switch (expr->left->etype) { -- cgit v1.2.3