[PATCH nft 1/1] datatype: explicitly set missing datatypes for TYPE_CT_LABEL,TYPE_CT_EVENTBIT

[PATCH nft 1/1] datatype: explicitly set missing datatypes for TYPE_CT_LABEL,TYPE_CT_EVENTBIT

[Thomas Haller]

It's not obvious that two enum values are missing (or why). Explicitly
set the values to NULL, so we can see this more easily.

Signed-off-by: Thomas Haller <thaller@redhat.com>
---
 src/datatype.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/datatype.c b/src/datatype.c
index 70c84846f70e..bb0c3cf79150 100644
--- a/src/datatype.c
+++ b/src/datatype.c
@@ -65,6 +65,7 @@ static const struct datatype *datatypes[TYPE_MAX + 1] = {
 	[TYPE_CT_DIR]		= &ct_dir_type,
 	[TYPE_CT_STATUS]	= &ct_status_type,
 	[TYPE_ICMP6_TYPE]	= &icmp6_type_type,
+	[TYPE_CT_LABEL]		= NULL,
 	[TYPE_PKTTYPE]		= &pkttype_type,
 	[TYPE_ICMP_CODE]	= &icmp_code_type,
 	[TYPE_ICMPV6_CODE]	= &icmpv6_code_type,
@@ -72,8 +73,9 @@ static const struct datatype *datatypes[TYPE_MAX + 1] = {
 	[TYPE_DEVGROUP]		= &devgroup_type,
 	[TYPE_DSCP]		= &dscp_type,
 	[TYPE_ECN]		= &ecn_type,
-	[TYPE_FIB_ADDR]         = &fib_addr_type,
+	[TYPE_FIB_ADDR]		= &fib_addr_type,
 	[TYPE_BOOLEAN]		= &boolean_type,
+	[TYPE_CT_EVENTBIT]	= NULL,
 	[TYPE_IFNAME]		= &ifname_type,
 	[TYPE_IGMP_TYPE]	= &igmp_type_type,
 	[TYPE_TIME_DATE]	= &date_type,
-- 
2.41.0

Re: [PATCH nft 1/1] datatype: explicitly set missing datatypes for TYPE_CT_LABEL,TYPE_CT_EVENTBIT

[Pablo Neira Ayuso]

Hi Thomas,

On Tue, Sep 19, 2023 at 01:28:03PM +0200, Thomas Haller wrote:
> It's not obvious that two enum values are missing (or why). Explicitly
> set the values to NULL, so we can see this more easily.

I think this is uncovering a bug with these selectors.

When concatenations are used, IIRC the delinerize path needs this.

TYPE_CT_EVENTBIT does not need this, because this is a statement to
globally filter ctnetlink events events.

But TYPE_CT_LABEL is likely not working fine with concatenations.

Let me take a closer look.

> Signed-off-by: Thomas Haller <thaller@redhat.com>
> ---
>  src/datatype.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/src/datatype.c b/src/datatype.c
> index 70c84846f70e..bb0c3cf79150 100644
> --- a/src/datatype.c
> +++ b/src/datatype.c
> @@ -65,6 +65,7 @@ static const struct datatype *datatypes[TYPE_MAX + 1] = {
>  	[TYPE_CT_DIR]		= &ct_dir_type,
>  	[TYPE_CT_STATUS]	= &ct_status_type,
>  	[TYPE_ICMP6_TYPE]	= &icmp6_type_type,
> +	[TYPE_CT_LABEL]		= NULL,
>  	[TYPE_PKTTYPE]		= &pkttype_type,
>  	[TYPE_ICMP_CODE]	= &icmp_code_type,
>  	[TYPE_ICMPV6_CODE]	= &icmpv6_code_type,
> @@ -72,8 +73,9 @@ static const struct datatype *datatypes[TYPE_MAX + 1] = {
>  	[TYPE_DEVGROUP]		= &devgroup_type,
>  	[TYPE_DSCP]		= &dscp_type,
>  	[TYPE_ECN]		= &ecn_type,
> -	[TYPE_FIB_ADDR]         = &fib_addr_type,
> +	[TYPE_FIB_ADDR]		= &fib_addr_type,
>  	[TYPE_BOOLEAN]		= &boolean_type,
> +	[TYPE_CT_EVENTBIT]	= NULL,
>  	[TYPE_IFNAME]		= &ifname_type,
>  	[TYPE_IGMP_TYPE]	= &igmp_type_type,
>  	[TYPE_TIME_DATE]	= &date_type,
> -- 
> 2.41.0
> 

Re: [PATCH nft 1/1] datatype: explicitly set missing datatypes for TYPE_CT_LABEL,TYPE_CT_EVENTBIT

[Thomas Haller]

On Tue, 2023-09-19 at 14:18 +0200, Pablo Neira Ayuso wrote:
> Hi Thomas,
> 
> On Tue, Sep 19, 2023 at 01:28:03PM +0200, Thomas Haller wrote:
> > It's not obvious that two enum values are missing (or why).
> > Explicitly
> > set the values to NULL, so we can see this more easily.
> 
> I think this is uncovering a bug with these selectors.
> 
> When concatenations are used, IIRC the delinerize path needs this.
> 
> TYPE_CT_EVENTBIT does not need this, because this is a statement to
> globally filter ctnetlink events events.
> 
> But TYPE_CT_LABEL is likely not working fine with concatenations.
> 
> Let me take a closer look.

Hi Pablo,

Thank you.

FYI, I have a patch with a unit test that performs some consistency
checks of the "datatypes" array. Only TYPE_CT_LABEL + TYPE_CT_EVENTBIT
are missing.

You don't need to write a test about that. The test is however on top
of  "no recursive make" patches, which I will resent at a later time.


Thomas

> 
> > Signed-off-by: Thomas Haller <thaller@redhat.com>
> > ---
> >  src/datatype.c | 4 +++-
> >  1 file changed, 3 insertions(+), 1 deletion(-)
> > 
> > diff --git a/src/datatype.c b/src/datatype.c
> > index 70c84846f70e..bb0c3cf79150 100644
> > --- a/src/datatype.c
> > +++ b/src/datatype.c
> > @@ -65,6 +65,7 @@ static const struct datatype *datatypes[TYPE_MAX
> > + 1] = {
> >         [TYPE_CT_DIR]           = &ct_dir_type,
> >         [TYPE_CT_STATUS]        = &ct_status_type,
> >         [TYPE_ICMP6_TYPE]       = &icmp6_type_type,
> > +       [TYPE_CT_LABEL]         = NULL,
> >         [TYPE_PKTTYPE]          = &pkttype_type,
> >         [TYPE_ICMP_CODE]        = &icmp_code_type,
> >         [TYPE_ICMPV6_CODE]      = &icmpv6_code_type,
> > @@ -72,8 +73,9 @@ static const struct datatype *datatypes[TYPE_MAX
> > + 1] = {
> >         [TYPE_DEVGROUP]         = &devgroup_type,
> >         [TYPE_DSCP]             = &dscp_type,
> >         [TYPE_ECN]              = &ecn_type,
> > -       [TYPE_FIB_ADDR]         = &fib_addr_type,
> > +       [TYPE_FIB_ADDR]         = &fib_addr_type,
> >         [TYPE_BOOLEAN]          = &boolean_type,
> > +       [TYPE_CT_EVENTBIT]      = NULL,
> >         [TYPE_IFNAME]           = &ifname_type,
> >         [TYPE_IGMP_TYPE]        = &igmp_type_type,
> >         [TYPE_TIME_DATE]        = &date_type,
> > -- 
> > 2.41.0
> > 
> 

Re: [PATCH nft 1/1] datatype: explicitly set missing datatypes for TYPE_CT_LABEL,TYPE_CT_EVENTBIT

[Pablo Neira Ayuso]

On Tue, Sep 19, 2023 at 02:30:38PM +0200, Thomas Haller wrote:
> On Tue, 2023-09-19 at 14:18 +0200, Pablo Neira Ayuso wrote:
> > Hi Thomas,
> > 
> > On Tue, Sep 19, 2023 at 01:28:03PM +0200, Thomas Haller wrote:
> > > It's not obvious that two enum values are missing (or why).
> > > Explicitly
> > > set the values to NULL, so we can see this more easily.
> > 
> > I think this is uncovering a bug with these selectors.
> > 
> > When concatenations are used, IIRC the delinerize path needs this.
> > 
> > TYPE_CT_EVENTBIT does not need this, because this is a statement to
> > globally filter ctnetlink events events.
> > 
> > But TYPE_CT_LABEL is likely not working fine with concatenations.
> > 
> > Let me take a closer look.
> 
> Hi Pablo,
> 
> Thank you.
> 
> FYI, I have a patch with a unit test that performs some consistency
> checks of the "datatypes" array. Only TYPE_CT_LABEL + TYPE_CT_EVENTBIT
> are missing.
>
> You don't need to write a test about that. The test is however on top
> of  "no recursive make" patches, which I will resent at a later time.

Thanks, I posted the fixes without unit tests:

https://patchwork.ozlabs.org/project/netfilter-devel/patch/20230919161254.640998-1-pablo@netfilter.org/
https://patchwork.ozlabs.org/project/netfilter-devel/patch/20230919161825.643827-1-pablo@netfilter.org/