From: Florian Westphal <fw@strlen.de>
To: <netfilter-devel@vger.kernel.org>
Cc: Florian Westphal <fw@strlen.de>
Subject: [PATCH nf-next 6/9] netfilter: nft_meta: move all interface related keys to helper
Date: Wed, 18 Dec 2019 12:05:18 +0100 [thread overview]
Message-ID: <20191218110521.14048-7-fw@strlen.de> (raw)
In-Reply-To: <20191218110521.14048-1-fw@strlen.de>
Reduces repetiveness and reduces size of meta eval function.
Signed-off-by: Florian Westphal <fw@strlen.de>
---
net/netfilter/nft_meta.c | 95 +++++++++++++++++++++++++++++-----------
1 file changed, 70 insertions(+), 25 deletions(-)
diff --git a/net/netfilter/nft_meta.c b/net/netfilter/nft_meta.c
index 2f7cc64b0c15..022f1473ddd1 100644
--- a/net/netfilter/nft_meta.c
+++ b/net/netfilter/nft_meta.c
@@ -199,13 +199,79 @@ static noinline bool nft_meta_get_eval_kind(enum nft_meta_keys key,
return true;
}
+static void nft_meta_store_ifindex(u32 *dest, const struct net_device *dev)
+{
+ *dest = dev ? dev->ifindex : 0;
+}
+
+static void nft_meta_store_ifname(u32 *dest, const struct net_device *dev)
+{
+ strncpy((char *)dest, dev ? dev->name : "", IFNAMSIZ);
+}
+
+static bool nft_meta_store_iftype(u32 *dest, const struct net_device *dev)
+{
+ if (!dev)
+ return false;
+
+ nft_reg_store16(dest, dev->type);
+ return true;
+}
+
+static bool nft_meta_store_ifgroup(u32 *dest, const struct net_device *dev)
+{
+ if (!dev)
+ return false;
+
+ *dest = dev->group;
+ return true;
+}
+
+static bool nft_meta_get_eval_ifname(enum nft_meta_keys key, u32 *dest,
+ const struct nft_pktinfo *pkt)
+{
+ switch (key) {
+ case NFT_META_IIFNAME:
+ nft_meta_store_ifname(dest, nft_in(pkt));
+ break;
+ case NFT_META_OIFNAME:
+ nft_meta_store_ifname(dest, nft_out(pkt));
+ break;
+ case NFT_META_IIF:
+ nft_meta_store_ifindex(dest, nft_in(pkt));
+ break;
+ case NFT_META_OIF:
+ nft_meta_store_ifindex(dest, nft_out(pkt));
+ break;
+ case NFT_META_IIFTYPE:
+ if (!nft_meta_store_iftype(dest, nft_in(pkt)))
+ return false;
+ break;
+ case NFT_META_OIFTYPE:
+ if (!nft_meta_store_iftype(dest, nft_out(pkt)))
+ return false;
+ break;
+ case NFT_META_IIFGROUP:
+ if (!nft_meta_store_ifgroup(dest, nft_out(pkt)))
+ return false;
+ break;
+ case NFT_META_OIFGROUP:
+ if (!nft_meta_store_ifgroup(dest, nft_out(pkt)))
+ return false;
+ break;
+ default:
+ return false;
+ }
+
+ return true;
+}
+
void nft_meta_get_eval(const struct nft_expr *expr,
struct nft_regs *regs,
const struct nft_pktinfo *pkt)
{
const struct nft_meta *priv = nft_expr_priv(expr);
const struct sk_buff *skb = pkt->skb;
- const struct net_device *in = nft_in(pkt), *out = nft_out(pkt);
u32 *dest = ®s->data[priv->dreg];
switch (priv->key) {
@@ -230,26 +296,15 @@ void nft_meta_get_eval(const struct nft_expr *expr,
*dest = skb->mark;
break;
case NFT_META_IIF:
- *dest = in ? in->ifindex : 0;
- break;
case NFT_META_OIF:
- *dest = out ? out->ifindex : 0;
- break;
case NFT_META_IIFNAME:
- strncpy((char *)dest, in ? in->name : "", IFNAMSIZ);
- break;
case NFT_META_OIFNAME:
- strncpy((char *)dest, out ? out->name : "", IFNAMSIZ);
- break;
case NFT_META_IIFTYPE:
- if (in == NULL)
- goto err;
- nft_reg_store16(dest, in->type);
- break;
case NFT_META_OIFTYPE:
- if (out == NULL)
+ case NFT_META_IIFGROUP:
+ case NFT_META_OIFGROUP:
+ if (!nft_meta_get_eval_ifname(priv->key, dest, pkt))
goto err;
- nft_reg_store16(dest, out->type);
break;
case NFT_META_SKUID:
case NFT_META_SKGID:
@@ -283,16 +338,6 @@ void nft_meta_get_eval(const struct nft_expr *expr,
case NFT_META_CPU:
*dest = raw_smp_processor_id();
break;
- case NFT_META_IIFGROUP:
- if (in == NULL)
- goto err;
- *dest = in->group;
- break;
- case NFT_META_OIFGROUP:
- if (out == NULL)
- goto err;
- *dest = out->group;
- break;
#ifdef CONFIG_CGROUP_NET_CLASSID
case NFT_META_CGROUP:
if (!nft_meta_get_eval_cgroup(dest, pkt))
--
2.24.1
next prev parent reply other threads:[~2019-12-18 11:05 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-12-18 11:05 [PATCH nf-next 0/9] netfilter: nft_meta: add support for slave device matching Florian Westphal
2019-12-18 11:05 ` [PATCH nf-next 1/9] netfilter: nft_meta: move time handling to helper Florian Westphal
2019-12-18 11:05 ` [PATCH nf-next 2/9] netfilter: nft_meta: move pkttype " Florian Westphal
2019-12-18 11:05 ` [PATCH nf-next 3/9] netfilter: nft_meta: move sk uid/git " Florian Westphal
2019-12-18 11:05 ` [PATCH nf-next 4/9] netfilter: nft_meta: move cgroup " Florian Westphal
2019-12-18 11:05 ` [PATCH nf-next 5/9] netfilter: nft_meta: move interface kind " Florian Westphal
2019-12-18 11:05 ` Florian Westphal [this message]
2019-12-18 11:05 ` [PATCH nf-next 7/9] netfilter: nft_meta: place prandom handling in a helper Florian Westphal
2019-12-18 11:05 ` [PATCH nf-next 8/9] netfilter: nft_meta: place rtclassid " Florian Westphal
2019-12-18 11:05 ` [PATCH nf-next 9/9] netfilter: nft_meta: add support for slave device ifindex matching Florian Westphal
2019-12-19 16:46 ` David Ahern
2019-12-19 17:08 ` Florian Westphal
2019-12-20 1:27 ` David Ahern
2019-12-26 16:42 ` [PATCH nf-next 0/9] netfilter: nft_meta: add support for slave device matching Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191218110521.14048-7-fw@strlen.de \
--to=fw@strlen.de \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.