From: Florian Westphal <fw@strlen.de>
To: <netfilter-devel@vger.kernel.org>
Cc: Florian Westphal <fw@strlen.de>
Subject: [PATCH nft 04/10] payload: move payload_gen_dependency generic part to helper
Date: Tue, 1 Mar 2016 16:37:44 +0100 [thread overview]
Message-ID: <1456846670-28179-5-git-send-email-fw@strlen.de> (raw)
In-Reply-To: <1456846670-28179-1-git-send-email-fw@strlen.de>
We should treat exthdr just as if user asked for e.g. ip6 saddr
and inject the needed dependency statement.
Signed-off-by: Florian Westphal <fw@strlen.de>
---
src/payload.c | 66 ++++++++++++++++++++++++++++++++++-------------------------
1 file changed, 38 insertions(+), 28 deletions(-)
diff --git a/src/payload.c b/src/payload.c
index 6a977e8..8f67b6e 100644
--- a/src/payload.c
+++ b/src/payload.c
@@ -162,6 +162,43 @@ struct stmt *payload_stmt_alloc(const struct location *loc,
return stmt;
}
+static int payload_add_dependency(struct eval_ctx *ctx,
+ const struct proto_desc *desc,
+ const struct proto_desc *upper,
+ const struct expr *expr,
+ struct stmt **res)
+{
+ const struct proto_hdr_template *tmpl;
+ struct expr *dep, *left, *right;
+ struct stmt *stmt;
+ int protocol = proto_find_num(desc, upper);
+
+ if (protocol < 0)
+ return expr_error(ctx->msgs, expr,
+ "conflicting protocols specified: %s vs. %s",
+ desc->name, upper->name);
+
+ tmpl = &desc->templates[desc->protocol_key];
+ if (tmpl->meta_key)
+ left = meta_expr_alloc(&expr->location, tmpl->meta_key);
+ else
+ left = payload_expr_alloc(&expr->location, desc, desc->protocol_key);
+
+ right = constant_expr_alloc(&expr->location, tmpl->dtype,
+ tmpl->dtype->byteorder, tmpl->len,
+ constant_data_ptr(protocol, tmpl->len));
+
+ dep = relational_expr_alloc(&expr->location, OP_EQ, left, right);
+ stmt = expr_stmt_alloc(&dep->location, dep);
+ if (stmt_evaluate(ctx, stmt) < 0) {
+ return expr_error(ctx->msgs, expr,
+ "dependency statement is invalid");
+ }
+ left->ops->pctx_update(&ctx->pctx, dep);
+ *res = stmt;
+ return 0;
+}
+
/**
* payload_gen_dependency - generate match expression on payload dependency
*
@@ -190,10 +227,7 @@ int payload_gen_dependency(struct eval_ctx *ctx, const struct expr *expr,
{
const struct hook_proto_desc *h = &hook_proto_desc[ctx->pctx.family];
const struct proto_desc *desc;
- const struct proto_hdr_template *tmpl;
- struct expr *dep, *left, *right;
struct stmt *stmt;
- int protocol;
uint16_t type;
if (expr->payload.base < h->base) {
@@ -265,31 +299,7 @@ int payload_gen_dependency(struct eval_ctx *ctx, const struct expr *expr,
"no %s protocol specified",
proto_base_names[expr->payload.base - 1]);
- protocol = proto_find_num(desc, expr->payload.desc);
- if (protocol < 0)
- return expr_error(ctx->msgs, expr,
- "conflicting protocols specified: %s vs. %s",
- desc->name, expr->payload.desc->name);
-
- tmpl = &desc->templates[desc->protocol_key];
- if (tmpl->meta_key)
- left = meta_expr_alloc(&expr->location, tmpl->meta_key);
- else
- left = payload_expr_alloc(&expr->location, desc, desc->protocol_key);
-
- right = constant_expr_alloc(&expr->location, tmpl->dtype,
- tmpl->dtype->byteorder, tmpl->len,
- constant_data_ptr(protocol, tmpl->len));
-
- dep = relational_expr_alloc(&expr->location, OP_EQ, left, right);
- stmt = expr_stmt_alloc(&dep->location, dep);
- if (stmt_evaluate(ctx, stmt) < 0) {
- return expr_error(ctx->msgs, expr,
- "dependency statement is invalid");
- }
- left->ops->pctx_update(&ctx->pctx, dep);
- *res = stmt;
- return 0;
+ return payload_add_dependency(ctx, desc, expr->payload.desc, expr, res);
}
/**
--
2.4.10
next prev parent reply other threads:[~2016-03-01 15:37 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-03-01 15:37 [PATCH nft 00/10] nft: exthdr fixes and improvements Florian Westphal
2016-03-01 15:37 ` [PATCH nft 01/10] evaluate: enforce ip6 proto with exthdr expression Florian Westphal
2016-03-01 15:37 ` [PATCH nft 02/10] netlink: split generic part of netlink_gen_payload_mask into helper Florian Westphal
2016-03-01 15:37 ` [PATCH nft 03/10] netlink: add and use netlink_gen_exthdr_mask Florian Westphal
2016-03-01 15:37 ` Florian Westphal [this message]
2016-03-01 15:37 ` [PATCH nft 05/10] exthdr: generate dependencies for inet/bridge/netdev family Florian Westphal
2016-03-01 15:37 ` [PATCH nft 06/10] tests: add/fix inet+exthdr tests Florian Westphal
2016-03-01 15:37 ` [PATCH nft 07/10] exthdr: remove implicit dependencies Florian Westphal
2016-03-01 15:37 ` [PATCH nft 08/10] exthdr: store offset for later use Florian Westphal
2016-03-01 15:37 ` [PATCH nft 09/10] netlink_delinearize: prepare binop_postprocess for exthdr demux Florian Westphal
2016-03-01 15:37 ` [PATCH nft 10/10] netlink_delinearize: handle extension header templates with odd sizes Florian Westphal
2016-03-02 12:00 ` [PATCH nft 00/10] nft: exthdr fixes and improvements Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1456846670-28179-5-git-send-email-fw@strlen.de \
--to=fw@strlen.de \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).