* [libnftables PATCH v3] src: add _unset functions
@ 2013-06-07 10:52 Arturo Borrero
2013-06-07 12:06 ` Pablo Neira Ayuso
0 siblings, 1 reply; 4+ messages in thread
From: Arturo Borrero @ 2013-06-07 10:52 UTC (permalink / raw)
To: netfilter-devel; +Cc: pablo
These functions unset the flag for the given attribute in each object and free data in some cases.
Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
---
v2: improved unset operation and freed data pointer set to NULL
v3: set to null c->table
include/libnftables/chain.h | 1 +
include/libnftables/rule.h | 1 +
include/libnftables/set.h | 2 ++
include/libnftables/table.h | 1 +
src/chain.c | 26 ++++++++++++++++++++++++++
src/libnftables.map | 5 +++++
src/rule.c | 23 +++++++++++++++++++++++
src/set.c | 23 +++++++++++++++++++++++
src/set_elem.c | 13 +++++++++++++
src/table.c | 15 ++++++++++++++-
10 files changed, 109 insertions(+), 1 deletion(-)
diff --git a/include/libnftables/chain.h b/include/libnftables/chain.h
index b12474f..f06f743 100644
--- a/include/libnftables/chain.h
+++ b/include/libnftables/chain.h
@@ -26,6 +26,7 @@ enum {
NFT_CHAIN_ATTR_TYPE,
};
+void nft_chain_attr_unset(struct nft_chain *c, uint16_t attr);
void nft_chain_attr_set(struct nft_chain *t, uint16_t attr, const void *data);
void nft_chain_attr_set_u32(struct nft_chain *t, uint16_t attr, uint32_t data);
void nft_chain_attr_set_s32(struct nft_chain *t, uint16_t attr, int32_t data);
diff --git a/include/libnftables/rule.h b/include/libnftables/rule.h
index 9c4ab0d..9989f19 100644
--- a/include/libnftables/rule.h
+++ b/include/libnftables/rule.h
@@ -23,6 +23,7 @@ enum {
NFT_RULE_ATTR_COMPAT_FLAGS,
};
+void nft_rule_attr_unset(struct nft_rule *r, uint16_t attr);
void nft_rule_attr_set(struct nft_rule *r, uint16_t attr, const void *data);
void nft_rule_attr_set_u32(struct nft_rule *r, uint16_t attr, uint32_t val);
void nft_rule_attr_set_u64(struct nft_rule *r, uint16_t attr, uint64_t val);
diff --git a/include/libnftables/set.h b/include/libnftables/set.h
index 53c2947..211c065 100644
--- a/include/libnftables/set.h
+++ b/include/libnftables/set.h
@@ -16,6 +16,7 @@ struct nft_set;
struct nft_set *nft_set_alloc(void);
void nft_set_free(struct nft_set *s);
+void nft_set_attr_unset(struct nft_set *s, uint16_t attr);
void nft_set_attr_set(struct nft_set *s, uint16_t attr, const void *data);
void nft_set_attr_set_u32(struct nft_set *s, uint16_t attr, uint32_t val);
void nft_set_attr_set_str(struct nft_set *s, uint16_t attr, const char *str);
@@ -61,6 +62,7 @@ void nft_set_elem_free(struct nft_set_elem *s);
void nft_set_elem_add(struct nft_set *s, struct nft_set_elem *elem);
+void nft_set_elem_attr_unset(struct nft_set_elem *s, uint16_t attr);
void nft_set_elem_attr_set(struct nft_set_elem *s, uint16_t attr, const void *data, size_t data_len);
void nft_set_elem_attr_set_u32(struct nft_set_elem *s, uint16_t attr, uint32_t val);
void nft_set_elem_attr_set_str(struct nft_set_elem *s, uint16_t attr, const char *str);
diff --git a/include/libnftables/table.h b/include/libnftables/table.h
index 658230c..09cd204 100644
--- a/include/libnftables/table.h
+++ b/include/libnftables/table.h
@@ -18,6 +18,7 @@ enum {
NFT_TABLE_ATTR_FLAGS,
};
+void nft_table_attr_unset(struct nft_table *t, uint16_t attr);
void nft_table_attr_set(struct nft_table *t, uint16_t attr, const void *data);
const void *nft_table_attr_get(struct nft_table *t, uint16_t attr);
diff --git a/src/chain.c b/src/chain.c
index 093e3ea..2a1a7ce 100644
--- a/src/chain.c
+++ b/src/chain.c
@@ -59,6 +59,32 @@ void nft_chain_free(struct nft_chain *c)
}
EXPORT_SYMBOL(nft_chain_free);
+void nft_chain_attr_unset(struct nft_chain *c, uint16_t attr)
+{
+ switch (attr) {
+ case NFT_CHAIN_ATTR_TABLE:
+ if (c->flags & (1 << NFT_CHAIN_ATTR_TABLE))
+ if (c->table) {
+ free(c->table);
+ c->table = NULL;
+ }
+ break;
+ case NFT_CHAIN_ATTR_USE:
+ /* cannot be unset?, ignore it */
+ return;
+ case NFT_CHAIN_ATTR_TYPE:
+ if (c->flags & (1 << NFT_CHAIN_ATTR_TYPE))
+ if (c->type) {
+ free(c->type);
+ c->type = NULL;
+ }
+ break;
+ }
+
+ c->flags &= ~(1 << attr);
+}
+EXPORT_SYMBOL(nft_chain_attr_unset);
+
void nft_chain_attr_set(struct nft_chain *c, uint16_t attr, const void *data)
{
switch(attr) {
diff --git a/src/libnftables.map b/src/libnftables.map
index 8bae60c..2b31d55 100644
--- a/src/libnftables.map
+++ b/src/libnftables.map
@@ -2,6 +2,7 @@ LIBNFTABLES_1.0 {
global:
nft_table_alloc;
nft_table_free;
+ nft_table_attr_unset;
nft_table_attr_set;
nft_table_attr_get;
nft_table_attr_set_u32;
@@ -22,6 +23,7 @@ global:
nft_chain_alloc;
nft_chain_free;
+ nft_chain_attr_unset;
nft_chain_attr_set;
nft_chain_attr_set_u32;
nft_chain_attr_set_s32;
@@ -47,6 +49,7 @@ global:
nft_rule_alloc;
nft_rule_free;
+ nft_rule_attr_unset;
nft_rule_attr_set;
nft_rule_attr_set_u32;
nft_rule_attr_set_u64;
@@ -91,6 +94,7 @@ global:
nft_set_alloc;
nft_set_free;
+ nft_set_attr_unset;
nft_set_attr_set;
nft_set_attr_set_u32;
nft_set_attr_set_str;
@@ -114,6 +118,7 @@ global:
nft_set_elem_alloc;
nft_set_elem_free;
nft_set_elem_add;
+ nft_set_elem_attr_unset;
nft_set_elem_attr_set;
nft_set_elem_attr_set_u32;
nft_set_elem_attr_set_str;
diff --git a/src/rule.c b/src/rule.c
index 698bf89..5f4bac3 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -71,6 +71,29 @@ void nft_rule_free(struct nft_rule *r)
}
EXPORT_SYMBOL(nft_rule_free);
+void nft_rule_attr_unset(struct nft_rule *r, uint16_t attr)
+{
+ switch (attr) {
+ case NFT_RULE_ATTR_TABLE:
+ if (r->flags & (1 << NFT_RULE_ATTR_TABLE))
+ if (r->table) {
+ free(r->table);
+ r->table = NULL;
+ }
+ break;
+ case NFT_RULE_ATTR_CHAIN:
+ if (r->flags & (1 << NFT_RULE_ATTR_CHAIN))
+ if (r->chain) {
+ free(r->chain);
+ r->chain = NULL;
+ }
+ break;
+ }
+
+ r->flags &= ~(1 << attr);
+}
+EXPORT_SYMBOL(nft_rule_attr_unset);
+
void nft_rule_attr_set(struct nft_rule *r, uint16_t attr, const void *data)
{
switch(attr) {
diff --git a/src/set.c b/src/set.c
index ef2d11d..eb49167 100644
--- a/src/set.c
+++ b/src/set.c
@@ -56,6 +56,29 @@ void nft_set_free(struct nft_set *s)
}
EXPORT_SYMBOL(nft_set_free);
+void nft_set_attr_unset(struct nft_set *s, uint16_t attr)
+{
+ switch (attr) {
+ case NFT_SET_ATTR_TABLE:
+ if (s->flags & (1 << NFT_SET_ATTR_TABLE))
+ if (s->table) {
+ free(s->table);
+ s->table = NULL;
+ }
+ break;
+ case NFT_SET_ATTR_NAME:
+ if (s->flags & (1 << NFT_SET_ATTR_NAME))
+ if (s->name) {
+ free(s->name);
+ s->name = NULL;
+ }
+ break;
+ }
+
+ s->flags &= ~(1 << attr);
+}
+EXPORT_SYMBOL(nft_set_attr_unset);
+
void nft_set_attr_set(struct nft_set *s, uint16_t attr, const void *data)
{
switch(attr) {
diff --git a/src/set_elem.c b/src/set_elem.c
index a2669ad..620080d 100644
--- a/src/set_elem.c
+++ b/src/set_elem.c
@@ -44,6 +44,19 @@ void nft_set_elem_free(struct nft_set_elem *s)
}
EXPORT_SYMBOL(nft_set_elem_free);
+void nft_set_elem_attr_unset(struct nft_set_elem *s, uint16_t attr)
+{
+ if (attr == NFT_SET_ELEM_ATTR_CHAIN)
+ if (s->flags & (1 << NFT_SET_ELEM_ATTR_CHAIN))
+ if (s->data.chain) {
+ free(s->data.chain);
+ s->data.chain = NULL;
+ }
+
+ s->flags &= ~(1 << attr);
+}
+EXPORT_SYMBOL(nft_set_elem_attr_unset);
+
void nft_set_elem_attr_set(struct nft_set_elem *s, uint16_t attr,
const void *data, size_t data_len)
{
diff --git a/src/table.c b/src/table.c
index a868da4..8db980b 100644
--- a/src/table.c
+++ b/src/table.c
@@ -49,9 +49,22 @@ void nft_table_free(struct nft_table *t)
}
EXPORT_SYMBOL(nft_table_free);
+void nft_table_attr_unset(struct nft_table *t, uint16_t attr)
+{
+ if (attr == NFT_TABLE_ATTR_NAME)
+ if (t->flags & (1 << NFT_TABLE_ATTR_NAME))
+ if (t->name) {
+ free(t->name);
+ t->name = NULL;
+ }
+
+ t->flags &= ~(1 << attr);
+}
+EXPORT_SYMBOL(nft_table_attr_unset);
+
void nft_table_attr_set(struct nft_table *t, uint16_t attr, const void *data)
{
- switch(attr) {
+ switch (attr) {
case NFT_TABLE_ATTR_NAME:
if (t->name)
free(t->name);
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [libnftables PATCH v3] src: add _unset functions
2013-06-07 10:52 [libnftables PATCH v3] src: add _unset functions Arturo Borrero
@ 2013-06-07 12:06 ` Pablo Neira Ayuso
2013-06-07 12:13 ` Arturo Borrero Gonzalez
0 siblings, 1 reply; 4+ messages in thread
From: Pablo Neira Ayuso @ 2013-06-07 12:06 UTC (permalink / raw)
To: Arturo Borrero; +Cc: netfilter-devel
On Fri, Jun 07, 2013 at 12:52:17PM +0200, Arturo Borrero wrote:
> These functions unset the flag for the given attribute in each object and free data in some cases.
Applied with minor changes, thanks Arturo.
See below.
> Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
> ---
> v2: improved unset operation and freed data pointer set to NULL
> v3: set to null c->table
>
> include/libnftables/chain.h | 1 +
> include/libnftables/rule.h | 1 +
> include/libnftables/set.h | 2 ++
> include/libnftables/table.h | 1 +
> src/chain.c | 26 ++++++++++++++++++++++++++
> src/libnftables.map | 5 +++++
> src/rule.c | 23 +++++++++++++++++++++++
> src/set.c | 23 +++++++++++++++++++++++
> src/set_elem.c | 13 +++++++++++++
> src/table.c | 15 ++++++++++++++-
> 10 files changed, 109 insertions(+), 1 deletion(-)
>
> diff --git a/include/libnftables/chain.h b/include/libnftables/chain.h
> index b12474f..f06f743 100644
> --- a/include/libnftables/chain.h
> +++ b/include/libnftables/chain.h
> @@ -26,6 +26,7 @@ enum {
> NFT_CHAIN_ATTR_TYPE,
> };
>
> +void nft_chain_attr_unset(struct nft_chain *c, uint16_t attr);
> void nft_chain_attr_set(struct nft_chain *t, uint16_t attr, const void *data);
> void nft_chain_attr_set_u32(struct nft_chain *t, uint16_t attr, uint32_t data);
> void nft_chain_attr_set_s32(struct nft_chain *t, uint16_t attr, int32_t data);
> diff --git a/include/libnftables/rule.h b/include/libnftables/rule.h
> index 9c4ab0d..9989f19 100644
> --- a/include/libnftables/rule.h
> +++ b/include/libnftables/rule.h
> @@ -23,6 +23,7 @@ enum {
> NFT_RULE_ATTR_COMPAT_FLAGS,
> };
>
> +void nft_rule_attr_unset(struct nft_rule *r, uint16_t attr);
> void nft_rule_attr_set(struct nft_rule *r, uint16_t attr, const void *data);
> void nft_rule_attr_set_u32(struct nft_rule *r, uint16_t attr, uint32_t val);
> void nft_rule_attr_set_u64(struct nft_rule *r, uint16_t attr, uint64_t val);
> diff --git a/include/libnftables/set.h b/include/libnftables/set.h
> index 53c2947..211c065 100644
> --- a/include/libnftables/set.h
> +++ b/include/libnftables/set.h
> @@ -16,6 +16,7 @@ struct nft_set;
> struct nft_set *nft_set_alloc(void);
> void nft_set_free(struct nft_set *s);
>
> +void nft_set_attr_unset(struct nft_set *s, uint16_t attr);
> void nft_set_attr_set(struct nft_set *s, uint16_t attr, const void *data);
> void nft_set_attr_set_u32(struct nft_set *s, uint16_t attr, uint32_t val);
> void nft_set_attr_set_str(struct nft_set *s, uint16_t attr, const char *str);
> @@ -61,6 +62,7 @@ void nft_set_elem_free(struct nft_set_elem *s);
>
> void nft_set_elem_add(struct nft_set *s, struct nft_set_elem *elem);
>
> +void nft_set_elem_attr_unset(struct nft_set_elem *s, uint16_t attr);
> void nft_set_elem_attr_set(struct nft_set_elem *s, uint16_t attr, const void *data, size_t data_len);
> void nft_set_elem_attr_set_u32(struct nft_set_elem *s, uint16_t attr, uint32_t val);
> void nft_set_elem_attr_set_str(struct nft_set_elem *s, uint16_t attr, const char *str);
> diff --git a/include/libnftables/table.h b/include/libnftables/table.h
> index 658230c..09cd204 100644
> --- a/include/libnftables/table.h
> +++ b/include/libnftables/table.h
> @@ -18,6 +18,7 @@ enum {
> NFT_TABLE_ATTR_FLAGS,
> };
>
> +void nft_table_attr_unset(struct nft_table *t, uint16_t attr);
> void nft_table_attr_set(struct nft_table *t, uint16_t attr, const void *data);
> const void *nft_table_attr_get(struct nft_table *t, uint16_t attr);
>
> diff --git a/src/chain.c b/src/chain.c
> index 093e3ea..2a1a7ce 100644
> --- a/src/chain.c
> +++ b/src/chain.c
> @@ -59,6 +59,32 @@ void nft_chain_free(struct nft_chain *c)
> }
> EXPORT_SYMBOL(nft_chain_free);
>
> +void nft_chain_attr_unset(struct nft_chain *c, uint16_t attr)
> +{
> + switch (attr) {
> + case NFT_CHAIN_ATTR_TABLE:
> + if (c->flags & (1 << NFT_CHAIN_ATTR_TABLE))
> + if (c->table) {
> + free(c->table);
> + c->table = NULL;
> + }
> + break;
> + case NFT_CHAIN_ATTR_USE:
> + /* cannot be unset?, ignore it */
> + return;
> + case NFT_CHAIN_ATTR_TYPE:
> + if (c->flags & (1 << NFT_CHAIN_ATTR_TYPE))
> + if (c->type) {
> + free(c->type);
> + c->type = NULL;
> + }
> + break;
default:
return;
Added this just to skip for unknown attributes. It should not harm
though the current code, but just to ensure we don't spend cycles on
no operations.
> + }
> +
> + c->flags &= ~(1 << attr);
> +}
> +EXPORT_SYMBOL(nft_chain_attr_unset);
> +
[...]
> +void nft_table_attr_unset(struct nft_table *t, uint16_t attr)
> +{
> + if (attr == NFT_TABLE_ATTR_NAME)
> + if (t->flags & (1 << NFT_TABLE_ATTR_NAME))
> + if (t->name) {
> + free(t->name);
> + t->name = NULL;
> + }
Converted this to a switch. We only have one single choice now, but
there are other attributes like flags and family that we may want to
unset in the future.
Regards.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [libnftables PATCH v3] src: add _unset functions
2013-06-07 12:06 ` Pablo Neira Ayuso
@ 2013-06-07 12:13 ` Arturo Borrero Gonzalez
2013-06-07 12:15 ` Pablo Neira Ayuso
0 siblings, 1 reply; 4+ messages in thread
From: Arturo Borrero Gonzalez @ 2013-06-07 12:13 UTC (permalink / raw)
To: Pablo Neira Ayuso; +Cc: Netfilter Development Mailing list
2013/6/7 Pablo Neira Ayuso <pablo@netfilter.org>:
> On Fri, Jun 07, 2013 at 12:52:17PM +0200, Arturo Borrero wrote:
>> These functions unset the flag for the given attribute in each object and free data in some cases.
>
> Applied with minor changes, thanks Arturo.
>
> See below.
>
>> Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
>> ---
>> v2: improved unset operation and freed data pointer set to NULL
>> v3: set to null c->table
>>
>> include/libnftables/chain.h | 1 +
>> include/libnftables/rule.h | 1 +
>> include/libnftables/set.h | 2 ++
>> include/libnftables/table.h | 1 +
>> src/chain.c | 26 ++++++++++++++++++++++++++
>> src/libnftables.map | 5 +++++
>> src/rule.c | 23 +++++++++++++++++++++++
>> src/set.c | 23 +++++++++++++++++++++++
>> src/set_elem.c | 13 +++++++++++++
>> src/table.c | 15 ++++++++++++++-
>> 10 files changed, 109 insertions(+), 1 deletion(-)
>>
>> diff --git a/include/libnftables/chain.h b/include/libnftables/chain.h
>> index b12474f..f06f743 100644
>> --- a/include/libnftables/chain.h
>> +++ b/include/libnftables/chain.h
>> @@ -26,6 +26,7 @@ enum {
>> NFT_CHAIN_ATTR_TYPE,
>> };
>>
>> +void nft_chain_attr_unset(struct nft_chain *c, uint16_t attr);
>> void nft_chain_attr_set(struct nft_chain *t, uint16_t attr, const void *data);
>> void nft_chain_attr_set_u32(struct nft_chain *t, uint16_t attr, uint32_t data);
>> void nft_chain_attr_set_s32(struct nft_chain *t, uint16_t attr, int32_t data);
>> diff --git a/include/libnftables/rule.h b/include/libnftables/rule.h
>> index 9c4ab0d..9989f19 100644
>> --- a/include/libnftables/rule.h
>> +++ b/include/libnftables/rule.h
>> @@ -23,6 +23,7 @@ enum {
>> NFT_RULE_ATTR_COMPAT_FLAGS,
>> };
>>
>> +void nft_rule_attr_unset(struct nft_rule *r, uint16_t attr);
>> void nft_rule_attr_set(struct nft_rule *r, uint16_t attr, const void *data);
>> void nft_rule_attr_set_u32(struct nft_rule *r, uint16_t attr, uint32_t val);
>> void nft_rule_attr_set_u64(struct nft_rule *r, uint16_t attr, uint64_t val);
>> diff --git a/include/libnftables/set.h b/include/libnftables/set.h
>> index 53c2947..211c065 100644
>> --- a/include/libnftables/set.h
>> +++ b/include/libnftables/set.h
>> @@ -16,6 +16,7 @@ struct nft_set;
>> struct nft_set *nft_set_alloc(void);
>> void nft_set_free(struct nft_set *s);
>>
>> +void nft_set_attr_unset(struct nft_set *s, uint16_t attr);
>> void nft_set_attr_set(struct nft_set *s, uint16_t attr, const void *data);
>> void nft_set_attr_set_u32(struct nft_set *s, uint16_t attr, uint32_t val);
>> void nft_set_attr_set_str(struct nft_set *s, uint16_t attr, const char *str);
>> @@ -61,6 +62,7 @@ void nft_set_elem_free(struct nft_set_elem *s);
>>
>> void nft_set_elem_add(struct nft_set *s, struct nft_set_elem *elem);
>>
>> +void nft_set_elem_attr_unset(struct nft_set_elem *s, uint16_t attr);
>> void nft_set_elem_attr_set(struct nft_set_elem *s, uint16_t attr, const void *data, size_t data_len);
>> void nft_set_elem_attr_set_u32(struct nft_set_elem *s, uint16_t attr, uint32_t val);
>> void nft_set_elem_attr_set_str(struct nft_set_elem *s, uint16_t attr, const char *str);
>> diff --git a/include/libnftables/table.h b/include/libnftables/table.h
>> index 658230c..09cd204 100644
>> --- a/include/libnftables/table.h
>> +++ b/include/libnftables/table.h
>> @@ -18,6 +18,7 @@ enum {
>> NFT_TABLE_ATTR_FLAGS,
>> };
>>
>> +void nft_table_attr_unset(struct nft_table *t, uint16_t attr);
>> void nft_table_attr_set(struct nft_table *t, uint16_t attr, const void *data);
>> const void *nft_table_attr_get(struct nft_table *t, uint16_t attr);
>>
>> diff --git a/src/chain.c b/src/chain.c
>> index 093e3ea..2a1a7ce 100644
>> --- a/src/chain.c
>> +++ b/src/chain.c
>> @@ -59,6 +59,32 @@ void nft_chain_free(struct nft_chain *c)
>> }
>> EXPORT_SYMBOL(nft_chain_free);
>>
>> +void nft_chain_attr_unset(struct nft_chain *c, uint16_t attr)
>> +{
>> + switch (attr) {
>> + case NFT_CHAIN_ATTR_TABLE:
>> + if (c->flags & (1 << NFT_CHAIN_ATTR_TABLE))
>> + if (c->table) {
>> + free(c->table);
>> + c->table = NULL;
>> + }
>> + break;
>> + case NFT_CHAIN_ATTR_USE:
>> + /* cannot be unset?, ignore it */
>> + return;
>> + case NFT_CHAIN_ATTR_TYPE:
>> + if (c->flags & (1 << NFT_CHAIN_ATTR_TYPE))
>> + if (c->type) {
>> + free(c->type);
>> + c->type = NULL;
>> + }
>> + break;
>
> default:
> return;
>
> Added this just to skip for unknown attributes. It should not harm
> though the current code, but just to ensure we don't spend cycles on
> no operations.
>
mmmmm...
I think that if the attr is not selected in the switch, you will never reach:
c->flags &= ~(1 << attr);
Or am I wrong?
Regards
--
Arturo Borrero González
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [libnftables PATCH v3] src: add _unset functions
2013-06-07 12:13 ` Arturo Borrero Gonzalez
@ 2013-06-07 12:15 ` Pablo Neira Ayuso
0 siblings, 0 replies; 4+ messages in thread
From: Pablo Neira Ayuso @ 2013-06-07 12:15 UTC (permalink / raw)
To: Arturo Borrero Gonzalez; +Cc: Netfilter Development Mailing list
On Fri, Jun 07, 2013 at 02:13:01PM +0200, Arturo Borrero Gonzalez wrote:
> 2013/6/7 Pablo Neira Ayuso <pablo@netfilter.org>:
> > On Fri, Jun 07, 2013 at 12:52:17PM +0200, Arturo Borrero wrote:
> >> These functions unset the flag for the given attribute in each object and free data in some cases.
> >
> > Applied with minor changes, thanks Arturo.
> >
> > See below.
> >
> >> Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
> >> ---
> >> v2: improved unset operation and freed data pointer set to NULL
> >> v3: set to null c->table
> >>
> >> include/libnftables/chain.h | 1 +
> >> include/libnftables/rule.h | 1 +
> >> include/libnftables/set.h | 2 ++
> >> include/libnftables/table.h | 1 +
> >> src/chain.c | 26 ++++++++++++++++++++++++++
> >> src/libnftables.map | 5 +++++
> >> src/rule.c | 23 +++++++++++++++++++++++
> >> src/set.c | 23 +++++++++++++++++++++++
> >> src/set_elem.c | 13 +++++++++++++
> >> src/table.c | 15 ++++++++++++++-
> >> 10 files changed, 109 insertions(+), 1 deletion(-)
> >>
> >> diff --git a/include/libnftables/chain.h b/include/libnftables/chain.h
> >> index b12474f..f06f743 100644
> >> --- a/include/libnftables/chain.h
> >> +++ b/include/libnftables/chain.h
> >> @@ -26,6 +26,7 @@ enum {
> >> NFT_CHAIN_ATTR_TYPE,
> >> };
> >>
> >> +void nft_chain_attr_unset(struct nft_chain *c, uint16_t attr);
> >> void nft_chain_attr_set(struct nft_chain *t, uint16_t attr, const void *data);
> >> void nft_chain_attr_set_u32(struct nft_chain *t, uint16_t attr, uint32_t data);
> >> void nft_chain_attr_set_s32(struct nft_chain *t, uint16_t attr, int32_t data);
> >> diff --git a/include/libnftables/rule.h b/include/libnftables/rule.h
> >> index 9c4ab0d..9989f19 100644
> >> --- a/include/libnftables/rule.h
> >> +++ b/include/libnftables/rule.h
> >> @@ -23,6 +23,7 @@ enum {
> >> NFT_RULE_ATTR_COMPAT_FLAGS,
> >> };
> >>
> >> +void nft_rule_attr_unset(struct nft_rule *r, uint16_t attr);
> >> void nft_rule_attr_set(struct nft_rule *r, uint16_t attr, const void *data);
> >> void nft_rule_attr_set_u32(struct nft_rule *r, uint16_t attr, uint32_t val);
> >> void nft_rule_attr_set_u64(struct nft_rule *r, uint16_t attr, uint64_t val);
> >> diff --git a/include/libnftables/set.h b/include/libnftables/set.h
> >> index 53c2947..211c065 100644
> >> --- a/include/libnftables/set.h
> >> +++ b/include/libnftables/set.h
> >> @@ -16,6 +16,7 @@ struct nft_set;
> >> struct nft_set *nft_set_alloc(void);
> >> void nft_set_free(struct nft_set *s);
> >>
> >> +void nft_set_attr_unset(struct nft_set *s, uint16_t attr);
> >> void nft_set_attr_set(struct nft_set *s, uint16_t attr, const void *data);
> >> void nft_set_attr_set_u32(struct nft_set *s, uint16_t attr, uint32_t val);
> >> void nft_set_attr_set_str(struct nft_set *s, uint16_t attr, const char *str);
> >> @@ -61,6 +62,7 @@ void nft_set_elem_free(struct nft_set_elem *s);
> >>
> >> void nft_set_elem_add(struct nft_set *s, struct nft_set_elem *elem);
> >>
> >> +void nft_set_elem_attr_unset(struct nft_set_elem *s, uint16_t attr);
> >> void nft_set_elem_attr_set(struct nft_set_elem *s, uint16_t attr, const void *data, size_t data_len);
> >> void nft_set_elem_attr_set_u32(struct nft_set_elem *s, uint16_t attr, uint32_t val);
> >> void nft_set_elem_attr_set_str(struct nft_set_elem *s, uint16_t attr, const char *str);
> >> diff --git a/include/libnftables/table.h b/include/libnftables/table.h
> >> index 658230c..09cd204 100644
> >> --- a/include/libnftables/table.h
> >> +++ b/include/libnftables/table.h
> >> @@ -18,6 +18,7 @@ enum {
> >> NFT_TABLE_ATTR_FLAGS,
> >> };
> >>
> >> +void nft_table_attr_unset(struct nft_table *t, uint16_t attr);
> >> void nft_table_attr_set(struct nft_table *t, uint16_t attr, const void *data);
> >> const void *nft_table_attr_get(struct nft_table *t, uint16_t attr);
> >>
> >> diff --git a/src/chain.c b/src/chain.c
> >> index 093e3ea..2a1a7ce 100644
> >> --- a/src/chain.c
> >> +++ b/src/chain.c
> >> @@ -59,6 +59,32 @@ void nft_chain_free(struct nft_chain *c)
> >> }
> >> EXPORT_SYMBOL(nft_chain_free);
> >>
> >> +void nft_chain_attr_unset(struct nft_chain *c, uint16_t attr)
> >> +{
> >> + switch (attr) {
> >> + case NFT_CHAIN_ATTR_TABLE:
> >> + if (c->flags & (1 << NFT_CHAIN_ATTR_TABLE))
> >> + if (c->table) {
> >> + free(c->table);
> >> + c->table = NULL;
> >> + }
> >> + break;
> >> + case NFT_CHAIN_ATTR_USE:
> >> + /* cannot be unset?, ignore it */
> >> + return;
> >> + case NFT_CHAIN_ATTR_TYPE:
> >> + if (c->flags & (1 << NFT_CHAIN_ATTR_TYPE))
> >> + if (c->type) {
> >> + free(c->type);
> >> + c->type = NULL;
> >> + }
> >> + break;
> >
> > default:
> > return;
> >
> > Added this just to skip for unknown attributes. It should not harm
> > though the current code, but just to ensure we don't spend cycles on
> > no operations.
> >
>
> mmmmm...
> I think that if the attr is not selected in the switch, you will never reach:
> c->flags &= ~(1 << attr);
>
> Or am I wrong?
Ouch, it was intentional indeed. I'll fix it.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2013-06-07 12:16 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-06-07 10:52 [libnftables PATCH v3] src: add _unset functions Arturo Borrero
2013-06-07 12:06 ` Pablo Neira Ayuso
2013-06-07 12:13 ` Arturo Borrero Gonzalez
2013-06-07 12:15 ` Pablo Neira Ayuso
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).