[PATCH 2/3] set_elem: add support for userdata

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Patrick McHardy <kaber@trash.net>
To: pablo@netfilter.org
Cc: netfilter-devel@vger.kernel.org
Subject: [PATCH 2/3] set_elem: add support for userdata
Date: Sun, 12 Apr 2015 20:24:48 +0100	[thread overview]
Message-ID: <1428866689-17679-3-git-send-email-kaber@trash.net> (raw)
In-Reply-To: <1428866689-17679-1-git-send-email-kaber@trash.net>

Signed-off-by: Patrick McHardy <kaber@trash.net>
---
 include/libnftnl/set.h              |  1 +
 include/linux/netfilter/nf_tables.h |  2 ++
 include/set_elem.h                  |  4 ++++
 src/set_elem.c                      | 47 +++++++++++++++++++++++++++++++++++++
 4 files changed, 54 insertions(+)

diff --git a/include/libnftnl/set.h b/include/libnftnl/set.h
index db38d6b..9621853 100644
--- a/include/libnftnl/set.h
+++ b/include/libnftnl/set.h
@@ -92,6 +92,7 @@ enum {
 	NFT_SET_ELEM_ATTR_DATA,
 	NFT_SET_ELEM_ATTR_TIMEOUT,
 	NFT_SET_ELEM_ATTR_EXPIRATION,
+	NFT_SET_ELEM_ATTR_USERDATA,
 };
 
 struct nft_set_elem;
diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h
index 6894ba3..334b389 100644
--- a/include/linux/netfilter/nf_tables.h
+++ b/include/linux/netfilter/nf_tables.h
@@ -291,6 +291,7 @@ enum nft_set_elem_flags {
  * @NFTA_SET_ELEM_FLAGS: bitmask of nft_set_elem_flags (NLA_U32)
  * @NFTA_SET_ELEM_TIMEOUT: timeout value (NLA_U64)
  * @NFTA_SET_ELEM_EXPIRATION: expiration time (NLA_U64)
+ * @NFTA_SET_ELEM_USERDATA: user data (NLA_BINARY)
  */
 enum nft_set_elem_attributes {
 	NFTA_SET_ELEM_UNSPEC,
@@ -299,6 +300,7 @@ enum nft_set_elem_attributes {
 	NFTA_SET_ELEM_FLAGS,
 	NFTA_SET_ELEM_TIMEOUT,
 	NFTA_SET_ELEM_EXPIRATION,
+	NFTA_SET_ELEM_USERDATA,
 	__NFTA_SET_ELEM_MAX
 };
 #define NFTA_SET_ELEM_MAX	(__NFTA_SET_ELEM_MAX - 1)
diff --git a/include/set_elem.h b/include/set_elem.h
index de864db..5aaad20 100644
--- a/include/set_elem.h
+++ b/include/set_elem.h
@@ -11,6 +11,10 @@ struct nft_set_elem {
 	uint32_t		flags;
 	uint64_t		timeout;
 	uint64_t		expiration;
+	struct {
+		void		*data;
+		uint32_t	len;
+	} user;
 };
 
 #endif
diff --git a/src/set_elem.c b/src/set_elem.c
index 5760902..2cf6528 100644
--- a/src/set_elem.c
+++ b/src/set_elem.c
@@ -17,6 +17,7 @@
 #include <string.h>
 #include <netinet/in.h>
 #include <errno.h>
+#include <ctype.h>
 
 #include <libmnl/libmnl.h>
 #include <linux/netfilter/nfnetlink.h>
@@ -72,6 +73,7 @@ void nft_set_elem_attr_unset(struct nft_set_elem *s, uint16_t attr)
 	case NFT_SET_ELEM_ATTR_DATA:	/* NFTA_SET_ELEM_DATA */
 	case NFT_SET_ELEM_ATTR_TIMEOUT:	/* NFTA_SET_ELEM_TIMEOUT */
 	case NFT_SET_ELEM_ATTR_EXPIRATION:	/* NFTA_SET_ELEM_EXPIRATION */
+	case NFT_SET_ELEM_ATTR_USERDATA:	/* NFTA_SET_ELEM_USERDATA */
 		break;
 	default:
 		return;
@@ -108,6 +110,10 @@ void nft_set_elem_attr_set(struct nft_set_elem *s, uint16_t attr,
 	case NFT_SET_ELEM_ATTR_TIMEOUT:	/* NFTA_SET_ELEM_TIMEOUT */
 		s->timeout = *((uint64_t *)data);
 		break;
+	case NFT_SET_ELEM_ATTR_USERDATA: /* NFTA_SET_ELEM_USERDATA */
+		s->user.data = (void *)data;
+		s->user.len  = data_len;
+		break;
 	default:
 		return;
 	}
@@ -155,6 +161,9 @@ const void *nft_set_elem_attr_get(struct nft_set_elem *s, uint16_t attr, uint32_
 		return &s->timeout;
 	case NFT_SET_ELEM_ATTR_EXPIRATION:	/* NFTA_SET_ELEM_EXPIRATION */
 		return &s->expiration;
+	case NFT_SET_ELEM_ATTR_USERDATA:
+		*data_len = s->user.len;
+		return s->user.data;
 	}
 	return NULL;
 }
@@ -233,6 +242,8 @@ void nft_set_elem_nlmsg_build_payload(struct nlmsghdr *nlh,
 		mnl_attr_put(nlh, NFTA_DATA_VALUE, e->data.len, e->data.val);
 		mnl_attr_nest_end(nlh, nest1);
 	}
+	if (e->flags & (1 << NFT_SET_ELEM_ATTR_USERDATA))
+		mnl_attr_put(nlh, NFTA_SET_ELEM_USERDATA, e->user.len, e->user.data);
 }
 
 static void nft_set_elem_nlmsg_build_def(struct nlmsghdr *nlh,
@@ -297,6 +308,10 @@ static int nft_set_elem_parse_attr_cb(const struct nlattr *attr, void *data)
 		if (mnl_attr_validate(attr, MNL_TYPE_NESTED) < 0)
 			abi_breakage();
 		break;
+	case NFTA_SET_ELEM_USERDATA:
+		if (mnl_attr_validate(attr, MNL_TYPE_BINARY) < 0)
+			abi_breakage();
+		break;
 	}
 
 	tb[type] = attr;
@@ -350,7 +365,23 @@ static int nft_set_elems_parse2(struct nft_set *s, const struct nlattr *nest)
 			break;
 		}
         }
+	if (tb[NFTA_SET_ELEM_USERDATA]) {
+		const void *udata =
+			mnl_attr_get_payload(tb[NFTA_SET_ELEM_USERDATA]);
+
+		if (e->user.data)
+			xfree(e->user.data);
+
+		e->user.len  = mnl_attr_get_payload_len(tb[NFTA_SET_ELEM_USERDATA]);
+		e->user.data = malloc(e->user.len);
+		if (e->user.data == NULL)
+			goto err;
+		memcpy(e->user.data, udata, e->user.len);
+		e->flags |= (1 << NFT_RULE_ATTR_USERDATA);
+	}
+
 	if (ret < 0) {
+err:
 		nft_set_elem_free(e);
 		return -1;
 	}
@@ -611,6 +642,22 @@ static int nft_set_elem_snprintf_default(char *buf, size_t size,
 	ret = snprintf(buf+offset, len, "%u [end]", e->set_elem_flags);
 	SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
 
+	if (e->user.len) {
+		ret = snprintf(buf+offset, len, "  userdata = {");
+		SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
+
+		for (i = 0; i < e->user.len; i++) {
+			char *c = e->user.data;
+
+			ret = snprintf(buf+offset, len, "%c",
+				       isalnum(c[i]) ? c[i] : 0);
+			SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
+		}
+
+		ret = snprintf(buf+offset, len, " }\n");
+		SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
+	}
+
 	return offset;
 }
 
-- 
2.1.0

next prev parent reply	other threads:[~2015-04-12 19:24 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-04-12 19:24 [PATCH 0/3] libnfnl: support for new set features Patrick McHardy
2015-04-12 19:24 ` [PATCH 1/3] set: print set elem timeout information Patrick McHardy
2015-04-12 19:24 ` Patrick McHardy [this message]
2015-04-12 19:24 ` [PATCH 3/3] expr: add support for the dynset expr Patrick McHardy

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:db38d6b dfblob:9621853 dfblob:6894ba3 dfblob:334b389
dfblob:de864db dfblob:5aaad20 dfblob:5760902 dfblob:2cf6528 )
 OR (
bs:"[PATCH 2/3] set_elem: add support for userdata" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1428866689-17679-3-git-send-email-kaber@trash.net \
    --to=kaber@trash.net \
    --cc=netfilter-devel@vger.kernel.org \
    --cc=pablo@netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).