[PATCH nft 09/10] netlink_delinearize: prepare binop_postprocess for exthdr demux

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Florian Westphal <fw@strlen.de>
To: <netfilter-devel@vger.kernel.org>
Cc: Florian Westphal <fw@strlen.de>
Subject: [PATCH nft 09/10] netlink_delinearize: prepare binop_postprocess for exthdr demux
Date: Tue,  1 Mar 2016 16:37:49 +0100	[thread overview]
Message-ID: <1456846670-28179-10-git-send-email-fw@strlen.de> (raw)
In-Reply-To: <1456846670-28179-1-git-send-email-fw@strlen.de>

binop_postprocess takes care of removing masks if we're dealing
with payload expressions that have non-byte divisible sizes
or offsets.

Same can happen when matching some extension header fields, i.e.
this also needs to handle exthdr expression, not just payload.

So rename payload to left and move test for left type to
binop_postprocess.

Signed-off-by: Florian Westphal <fw@strlen.de>
---
 src/netlink_delinearize.c | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c
index eec7d0f..30c5f62 100644
--- a/src/netlink_delinearize.c
+++ b/src/netlink_delinearize.c
@@ -1213,12 +1213,12 @@ static struct expr *binop_tree_to_list(struct expr *list, struct expr *expr)
 static void binop_postprocess(struct rule_pp_ctx *ctx, struct expr *expr)
 {
 	struct expr *binop = expr->left, *value = expr->right;
-
-	struct expr *payload = binop->left;
+	struct expr *left = binop->left;
 	struct expr *mask = binop->right;
 	unsigned int shift;
 
-	if (payload_expr_trim(payload, mask, &ctx->pctx, &shift)) {
+	if ((left->ops->type == EXPR_PAYLOAD &&
+	    payload_expr_trim(left, mask, &ctx->pctx, &shift))) {
 		/* mask is implicit, binop needs to be removed.
 		 *
 		 * Fix all values of the expression according to the mask
@@ -1231,15 +1231,15 @@ static void binop_postprocess(struct rule_pp_ctx *ctx, struct expr *expr)
 		if (value->ops->type == EXPR_VALUE) {
 			assert(value->len >= expr->left->right->len);
 			mpz_rshift_ui(value->value, shift);
-			value->len = payload->len;
+			value->len = left->len;
 		}
 
 		assert(expr->left->ops->type == EXPR_BINOP);
-		assert(binop->left == payload);
-		expr->left = expr_get(payload);
+		assert(binop->left == left);
+		expr->left = expr_get(left);
 		expr_free(binop);
 
-		payload_match_postprocess(ctx, expr, payload);
+		payload_match_postprocess(ctx, expr, left);
 	}
 }
 
@@ -1285,7 +1285,6 @@ static void relational_binop_postprocess(struct rule_pp_ctx *ctx, struct expr *e
 		expr_free(value);
 		expr_free(binop);
 	} else if (binop->op == OP_AND &&
-		   binop->left->ops->type == EXPR_PAYLOAD &&
 		   binop->right->ops->type == EXPR_VALUE) {
 		/*
 		 * This *might* be a payload match testing header fields that
-- 
2.4.10

next prev parent reply	other threads:[~2016-03-01 15:38 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-03-01 15:37 [PATCH nft 00/10] nft: exthdr fixes and improvements Florian Westphal
2016-03-01 15:37 ` [PATCH nft 01/10] evaluate: enforce ip6 proto with exthdr expression Florian Westphal
2016-03-01 15:37 ` [PATCH nft 02/10] netlink: split generic part of netlink_gen_payload_mask into helper Florian Westphal
2016-03-01 15:37 ` [PATCH nft 03/10] netlink: add and use netlink_gen_exthdr_mask Florian Westphal
2016-03-01 15:37 ` [PATCH nft 04/10] payload: move payload_gen_dependency generic part to helper Florian Westphal
2016-03-01 15:37 ` [PATCH nft 05/10] exthdr: generate dependencies for inet/bridge/netdev family Florian Westphal
2016-03-01 15:37 ` [PATCH nft 06/10] tests: add/fix inet+exthdr tests Florian Westphal
2016-03-01 15:37 ` [PATCH nft 07/10] exthdr: remove implicit dependencies Florian Westphal
2016-03-01 15:37 ` [PATCH nft 08/10] exthdr: store offset for later use Florian Westphal
2016-03-01 15:37 ` Florian Westphal [this message]
2016-03-01 15:37 ` [PATCH nft 10/10] netlink_delinearize: handle extension header templates with odd sizes Florian Westphal
2016-03-02 12:00 ` [PATCH nft 00/10] nft: exthdr fixes and improvements Pablo Neira Ayuso

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:eec7d0f dfblob:30c5f62 )
 OR (
bs:"[PATCH nft 09/10] netlink_delinearize: prepare binop_postprocess for exthdr demux" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1456846670-28179-10-git-send-email-fw@strlen.de \
    --to=fw@strlen.de \
    --cc=netfilter-devel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).