From: Jeremy Sowden <jeremy@azazel.net>
To: Netfilter Devel <netfilter-devel@vger.kernel.org>
Subject: [libnftnl PATCH v2 7/9] expr: bitwise: add support for kernel space AND, OR and XOR operations
Date: Mon, 4 Apr 2022 13:06:21 +0100 [thread overview]
Message-ID: <20220404120623.188439-8-jeremy@azazel.net> (raw)
In-Reply-To: <20220404120623.188439-1-jeremy@azazel.net>
Hitherto, the kernel has only supported boolean operations of the form:
dst = (src & mask) ^ xor
where `src` is held in a register, and `mask` and `xor` are immediate
values. User space has converted AND, OR and XOR operations to this
form, and so one operand has had to be immediate. The kernel now
supports performing AND, OR and XOR operations directly, on one register
and an immediate value or on two registers, so we make that support
available to user space.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
---
include/libnftnl/expr.h | 1 +
src/expr/bitwise.c | 55 +++++++++++++++++++++++++++++++++++++++++
2 files changed, 56 insertions(+)
diff --git a/include/libnftnl/expr.h b/include/libnftnl/expr.h
index 6adad4c222a6..be91e2dc58ca 100644
--- a/include/libnftnl/expr.h
+++ b/include/libnftnl/expr.h
@@ -129,6 +129,7 @@ enum {
NFTNL_EXPR_BITWISE_OP,
NFTNL_EXPR_BITWISE_DATA,
NFTNL_EXPR_BITWISE_NBITS,
+ NFTNL_EXPR_BITWISE_SREG2,
};
enum {
diff --git a/src/expr/bitwise.c b/src/expr/bitwise.c
index c7428af6adf8..e2ebd83fee0e 100644
--- a/src/expr/bitwise.c
+++ b/src/expr/bitwise.c
@@ -23,6 +23,7 @@
struct nftnl_expr_bitwise {
enum nft_registers sreg;
+ enum nft_registers sreg2;
enum nft_registers dreg;
enum nft_bitwise_ops op;
unsigned int len;
@@ -42,6 +43,11 @@ nftnl_expr_bitwise_set(struct nftnl_expr *e, uint16_t type,
case NFTNL_EXPR_BITWISE_SREG:
memcpy(&bitwise->sreg, data, sizeof(bitwise->sreg));
break;
+ case NFTNL_EXPR_BITWISE_SREG2:
+ if (e->flags & (1 << NFTNL_EXPR_BITWISE_DATA))
+ return -1;
+ memcpy(&bitwise->sreg2, data, sizeof(bitwise->sreg2));
+ break;
case NFTNL_EXPR_BITWISE_DREG:
memcpy(&bitwise->dreg, data, sizeof(bitwise->dreg));
break;
@@ -60,6 +66,8 @@ nftnl_expr_bitwise_set(struct nftnl_expr *e, uint16_t type,
bitwise->xor.len = data_len;
break;
case NFTNL_EXPR_BITWISE_DATA:
+ if (e->flags & (1 << NFTNL_EXPR_BITWISE_SREG2))
+ return -1;
memcpy(&bitwise->data.val, data, data_len);
bitwise->data.len = data_len;
break;
@@ -82,6 +90,9 @@ nftnl_expr_bitwise_get(const struct nftnl_expr *e, uint16_t type,
case NFTNL_EXPR_BITWISE_SREG:
*data_len = sizeof(bitwise->sreg);
return &bitwise->sreg;
+ case NFTNL_EXPR_BITWISE_SREG2:
+ *data_len = sizeof(bitwise->sreg2);
+ return &bitwise->sreg2;
case NFTNL_EXPR_BITWISE_DREG:
*data_len = sizeof(bitwise->dreg);
return &bitwise->dreg;
@@ -117,6 +128,7 @@ static int nftnl_expr_bitwise_cb(const struct nlattr *attr, void *data)
switch(type) {
case NFTA_BITWISE_SREG:
+ case NFTA_BITWISE_SREG2:
case NFTA_BITWISE_DREG:
case NFTA_BITWISE_OP:
case NFTA_BITWISE_LEN:
@@ -143,6 +155,8 @@ nftnl_expr_bitwise_build(struct nlmsghdr *nlh, const struct nftnl_expr *e)
if (e->flags & (1 << NFTNL_EXPR_BITWISE_SREG))
mnl_attr_put_u32(nlh, NFTA_BITWISE_SREG, htonl(bitwise->sreg));
+ if (e->flags & (1 << NFTNL_EXPR_BITWISE_SREG2))
+ mnl_attr_put_u32(nlh, NFTA_BITWISE_SREG2, htonl(bitwise->sreg2));
if (e->flags & (1 << NFTNL_EXPR_BITWISE_DREG))
mnl_attr_put_u32(nlh, NFTA_BITWISE_DREG, htonl(bitwise->dreg));
if (e->flags & (1 << NFTNL_EXPR_BITWISE_OP))
@@ -192,6 +206,10 @@ nftnl_expr_bitwise_parse(struct nftnl_expr *e, struct nlattr *attr)
bitwise->sreg = ntohl(mnl_attr_get_u32(tb[NFTA_BITWISE_SREG]));
e->flags |= (1 << NFTNL_EXPR_BITWISE_SREG);
}
+ if (tb[NFTA_BITWISE_SREG2]) {
+ bitwise->sreg2 = ntohl(mnl_attr_get_u32(tb[NFTA_BITWISE_SREG2]));
+ e->flags |= (1 << NFTNL_EXPR_BITWISE_SREG2);
+ }
if (tb[NFTA_BITWISE_DREG]) {
bitwise->dreg = ntohl(mnl_attr_get_u32(tb[NFTA_BITWISE_DREG]));
e->flags |= (1 << NFTNL_EXPR_BITWISE_DREG);
@@ -267,6 +285,31 @@ nftnl_expr_bitwise_snprintf_shift(char *buf, size_t remain, const char *op,
return offset;
}
+static int
+nftnl_expr_bitwise_snprintf_bool(char *buf, size_t remain, const char *op,
+ const struct nftnl_expr *e,
+ const struct nftnl_expr_bitwise *bitwise)
+{
+ int offset = 0, ret;
+
+ ret = snprintf(buf, remain, "reg %u = ( reg %u %s ",
+ bitwise->dreg, bitwise->sreg, op);
+ SNPRINTF_BUFFER_SIZE(ret, remain, offset);
+
+ if (e->flags & (1 << NFTNL_EXPR_BITWISE_SREG2))
+ ret = snprintf(buf + offset, remain, "reg %u ", bitwise->sreg2);
+ else
+ ret = nftnl_data_reg_snprintf(buf + offset, remain,
+ &bitwise->data,
+ 0, DATA_VALUE);
+ SNPRINTF_BUFFER_SIZE(ret, remain, offset);
+
+ ret = snprintf(buf + offset, remain, ") ");
+ SNPRINTF_BUFFER_SIZE(ret, remain, offset);
+
+ return offset;
+}
+
static int
nftnl_expr_bitwise_snprintf(char *buf, size_t size,
uint32_t flags, const struct nftnl_expr *e)
@@ -286,6 +329,18 @@ nftnl_expr_bitwise_snprintf(char *buf, size_t size,
err = nftnl_expr_bitwise_snprintf_shift(buf, size, ">>",
bitwise);
break;
+ case NFT_BITWISE_AND:
+ err = nftnl_expr_bitwise_snprintf_bool(buf, size, "&", e,
+ bitwise);
+ break;
+ case NFT_BITWISE_OR:
+ err = nftnl_expr_bitwise_snprintf_bool(buf, size, "|", e,
+ bitwise);
+ break;
+ case NFT_BITWISE_XOR:
+ err = nftnl_expr_bitwise_snprintf_bool(buf, size, "^", e,
+ bitwise);
+ break;
}
return err;
--
2.35.1
next prev parent reply other threads:[~2022-04-04 12:06 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-04 12:06 [libnftnl PATCH v2 0/9] bitwise: support for boolean operations with variable RHS operands Jeremy Sowden
2022-04-04 12:06 ` [libnftnl PATCH v2 1/9] include: update nf_tables.h Jeremy Sowden
2022-04-04 12:06 ` [libnftnl PATCH v2 2/9] include: add new bitwise bit-length attribute to nf_tables.h Jeremy Sowden
2022-04-04 12:06 ` [libnftnl PATCH v2 3/9] expr: bitwise: pass bit-length to and from the kernel Jeremy Sowden
2022-04-04 12:06 ` [libnftnl PATCH v2 4/9] include: add new bitwise boolean attributes to nf_tables.h Jeremy Sowden
2022-04-04 12:06 ` [libnftnl PATCH v2 5/9] expr: bitwise: fix a couple of white-space mistakes Jeremy Sowden
2022-04-04 12:06 ` [libnftnl PATCH v2 6/9] expr: bitwise: rename some boolean operation functions Jeremy Sowden
2022-04-04 12:06 ` Jeremy Sowden [this message]
2022-04-04 12:06 ` [libnftnl PATCH v2 8/9] tests: bitwise: refactor shift tests Jeremy Sowden
2022-04-04 12:06 ` [libnftnl PATCH v2 9/9] tests: bitwise: add tests for new boolean operations Jeremy Sowden
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220404120623.188439-8-jeremy@azazel.net \
--to=jeremy@azazel.net \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).