From patchwork Wed Sep 20 14:26:02 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thomas Haller X-Patchwork-Id: 1837313 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=CV4tHCjv; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2620:137:e000::1:20; helo=out1.vger.email; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=patchwork.ozlabs.org) Received: from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20]) by legolas.ozlabs.org (Postfix) with ESMTP id 4RrLYc0JxTz1yq2 for ; Thu, 21 Sep 2023 00:31:00 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234505AbjITObD (ORCPT ); Wed, 20 Sep 2023 10:31:03 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42456 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234577AbjITObC (ORCPT ); Wed, 20 Sep 2023 10:31:02 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F10FAB9 for ; Wed, 20 Sep 2023 07:30:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1695220213; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Cah2JVI8LEH8SjEsNbCsf7t40Gy6p94z5RvSKfDzYjk=; b=CV4tHCjv/6AgUzViacxmGKmOY7L7FRsG9nbySrrfV+mMxwUvnEqAvaS4cd/CSYi52xuQCv +YABhqZ0zRTDOkcOyL0pYLoPnpMV5e/bfyBaCZwqFEduhGUSgGpabzeGJ23AnnmLaZ7mK0 t47+H7m08L5gm4k/BIWwWAiuMOgugFA= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-496-P6tnM-j7NSKN5gxJyHIxwg-1; Wed, 20 Sep 2023 10:30:11 -0400 X-MC-Unique: P6tnM-j7NSKN5gxJyHIxwg-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 23180185A78E for ; Wed, 20 Sep 2023 14:30:11 +0000 (UTC) Received: from localhost.localdomain (unknown [10.39.192.6]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 462C91006B72; Wed, 20 Sep 2023 14:30:10 +0000 (UTC) From: Thomas Haller To: NetFilter Cc: Thomas Haller Subject: [PATCH nft 1/9] src: fix indentation/whitespace Date: Wed, 20 Sep 2023 16:26:02 +0200 Message-ID: <20230920142958.566615-2-thaller@redhat.com> In-Reply-To: <20230920142958.566615-1-thaller@redhat.com> References: <20230920142958.566615-1-thaller@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org Signed-off-by: Thomas Haller --- src/meta.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/meta.c b/src/meta.c index d8fc5f585e74..181e111cbbdc 100644 --- a/src/meta.c +++ b/src/meta.c @@ -968,8 +968,8 @@ struct stmt *meta_stmt_alloc(const struct location *loc, enum nft_meta_keys key, stmt->meta.key = key; stmt->meta.expr = expr; - if (key < array_size(meta_templates)) - stmt->meta.tmpl = &meta_templates[key]; + if (key < array_size(meta_templates)) + stmt->meta.tmpl = &meta_templates[key]; return stmt; } From patchwork Wed Sep 20 14:26:03 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thomas Haller X-Patchwork-Id: 1837314 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=V1DMkJY0; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2620:137:e000::1:20; helo=out1.vger.email; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=patchwork.ozlabs.org) Received: from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20]) by legolas.ozlabs.org (Postfix) with ESMTP id 4RrLYd2Sypz1ynX for ; Thu, 21 Sep 2023 00:31:01 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234658AbjITObF (ORCPT ); Wed, 20 Sep 2023 10:31:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42504 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234641AbjITObE (ORCPT ); Wed, 20 Sep 2023 10:31:04 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C6B14AF for ; Wed, 20 Sep 2023 07:30:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1695220214; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=AQwjpHFyh8Go993JjGjCb2tli6a3bFFw08ufEAyCiRU=; b=V1DMkJY0F7aGmEmQYniY8+wwcwlWh23IjqfWYXp3ffyqqQE3zhWGUpbFJQKqvfNZaLVxFB oDYS2NhQzQ0iWWwOJ6XRQJiZ5lp1+q4tV/S2Wa3dv0THBqInaZ2fNIjmMs4WVLYIX/DN/c Klk2NS336L5gIK2nbmDhQ+qtSwUm3yY= Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-222-mlDlgLFiMAuK1q4RnkSVdw-1; Wed, 20 Sep 2023 10:30:12 -0400 X-MC-Unique: mlDlgLFiMAuK1q4RnkSVdw-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id DE7D81C08971 for ; Wed, 20 Sep 2023 14:30:11 +0000 (UTC) Received: from localhost.localdomain (unknown [10.39.192.6]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 5DC561004145; Wed, 20 Sep 2023 14:30:11 +0000 (UTC) From: Thomas Haller To: NetFilter Cc: Thomas Haller Subject: [PATCH nft 2/9] include: fix missing definitions in / Date: Wed, 20 Sep 2023 16:26:03 +0200 Message-ID: <20230920142958.566615-3-thaller@redhat.com> In-Reply-To: <20230920142958.566615-1-thaller@redhat.com> References: <20230920142958.566615-1-thaller@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-Spam-Status: No, score=1.2 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,RCVD_IN_SBL_CSS,SPF_HELO_NONE, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Level: * X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org The headers should be self-contained so they can be included in any order. With exception of , which any internal header can rely on. Some fixes for /. In case of , forward declare some of the structs instead of including the headers. uses struct in6_addr. Signed-off-by: Thomas Haller --- include/cache.h | 9 +++++++++ include/headers.h | 2 ++ 2 files changed, 11 insertions(+) diff --git a/include/cache.h b/include/cache.h index 934c3a74fa95..e66b0af5fe0f 100644 --- a/include/cache.h +++ b/include/cache.h @@ -3,6 +3,8 @@ #include +#include + struct handle; enum cache_level_bits { @@ -66,6 +68,7 @@ struct nft_cache_filter { }; struct nft_cache; +struct nft_ctx; enum cmd_ops; int nft_cache_evaluate(struct nft_ctx *nft, struct list_head *cmds, @@ -97,6 +100,8 @@ void chain_cache_add(struct chain *chain, struct table *table); void chain_cache_del(struct chain *chain); struct chain *chain_cache_find(const struct table *table, const char *name); +struct set; + void set_cache_add(struct set *set, struct table *table); void set_cache_del(struct set *set); struct set *set_cache_find(const struct table *table, const char *name); @@ -121,6 +126,8 @@ void table_cache_del(struct table *table); struct table *table_cache_find(const struct cache *cache, const char *name, uint32_t family); +struct obj; + void obj_cache_add(struct obj *obj, struct table *table); void obj_cache_del(struct obj *obj); struct obj *obj_cache_find(const struct table *table, const char *name, @@ -138,6 +145,8 @@ struct nft_cache { uint32_t flags; }; +struct netlink_ctx; + void nft_chain_cache_update(struct netlink_ctx *ctx, struct table *table, const char *chain); diff --git a/include/headers.h b/include/headers.h index 759f93bf8c7a..13324c72c734 100644 --- a/include/headers.h +++ b/include/headers.h @@ -1,6 +1,8 @@ #ifndef NFTABLES_HEADERS_H #define NFTABLES_HEADERS_H +#include + #ifndef IPPROTO_UDPLITE # define IPPROTO_UDPLITE 136 #endif From patchwork Wed Sep 20 14:26:04 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thomas Haller X-Patchwork-Id: 1837318 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=a9ZgAHBe; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2620:137:e000::1:20; helo=out1.vger.email; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=patchwork.ozlabs.org) Received: from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20]) by legolas.ozlabs.org (Postfix) with ESMTP id 4RrLYm5r2tz1ynX for ; Thu, 21 Sep 2023 00:31:08 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235164AbjITObM (ORCPT ); Wed, 20 Sep 2023 10:31:12 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42450 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235148AbjITObL (ORCPT ); Wed, 20 Sep 2023 10:31:11 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BCCBDCF for ; Wed, 20 Sep 2023 07:30:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1695220217; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=y1gRsK228tgS3sBexv+qhPmJ/WL14/7rPGNWbW2S1nI=; b=a9ZgAHBeMywis5k2exNyKNAFbqvIXXfWQUzXatcSpvgDoo1HWbKDK+MFZrRqE0vyry2tct FXsoX+ehxllSVta0/R5fK9QZPn2coEiGqYAoJg4uggQ1/srQUz3GF1IlkAX5/seHjOsh6i 2rbK2c7JBHIN5t+OI5We6xWwvqDEwqY= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-42-P_9vRtxBPqitR4RydHt7Mg-1; Wed, 20 Sep 2023 10:30:13 -0400 X-MC-Unique: P_9vRtxBPqitR4RydHt7Mg-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id C89C9101AA6F for ; Wed, 20 Sep 2023 14:30:12 +0000 (UTC) Received: from localhost.localdomain (unknown [10.39.192.6]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 257F31006B72; Wed, 20 Sep 2023 14:30:12 +0000 (UTC) From: Thomas Haller To: NetFilter Cc: Thomas Haller Subject: [PATCH nft 3/9] datatype: drop flags field from datatype Date: Wed, 20 Sep 2023 16:26:04 +0200 Message-ID: <20230920142958.566615-4-thaller@redhat.com> In-Reply-To: <20230920142958.566615-1-thaller@redhat.com> References: <20230920142958.566615-1-thaller@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org Flags are not always bad. For example, as a function argument they allow easier extension in the future. But with datatype's "flags" argument and enum datatype_flags there are no advantages of this approach. - replace DTYPE_F_PREFIX with a "bool f_prefix" field. This could even be a bool:1 bitfield if we cared to represent the information with one bit only. For now it's not done because that would not help reducing the size of the struct, so a bitfield is less preferable. - instead of DTYPE_F_ALLOC, use the refcnt of zero to represent static instances. Drop this redundant flag. - move the integer field "refcnt" in struct datatype beside other fields of similar size/alignment. This makes the size of the struct by one pointer size smaller (on x86-64). Signed-off-by: Thomas Haller --- include/datatype.h | 24 +++++++++--------------- src/datatype.c | 20 ++++++++------------ src/meta.c | 2 +- src/netlink_delinearize.c | 2 +- src/rt.c | 2 +- src/segtree.c | 5 ++--- 6 files changed, 22 insertions(+), 33 deletions(-) diff --git a/include/datatype.h b/include/datatype.h index 52a2e943b252..5b85adc15857 100644 --- a/include/datatype.h +++ b/include/datatype.h @@ -120,24 +120,13 @@ enum byteorder { struct expr; -/** - * enum datatype_flags - * - * @DTYPE_F_ALLOC: datatype is dynamically allocated - * @DTYPE_F_PREFIX: preferred representation for ranges is a prefix - */ -enum datatype_flags { - DTYPE_F_ALLOC = (1 << 0), - DTYPE_F_PREFIX = (1 << 1), -}; - struct parse_ctx; /** * struct datatype * * @type: numeric identifier * @byteorder: byteorder of type (non-basetypes only) - * @flags: flags + * @f_prefix: preferred representation for ranges is a prefix * @size: type size (fixed sized non-basetypes only) * @subtypes: number of subtypes (concat type) * @name: type name @@ -147,14 +136,20 @@ struct parse_ctx; * @print: function to print a constant of this type * @parse: function to parse a symbol and return an expression * @sym_tbl: symbol table for this type - * @refcnt: reference counter (only for DTYPE_F_ALLOC) + * @refcnt: reference counter for dynamically allocated instances. */ struct datatype { uint32_t type; enum byteorder byteorder; - unsigned int flags; + bool f_prefix; unsigned int size; unsigned int subtypes; + + /* Refcount for dynamically allocated instances. For static instances + * this is zero (get() and free() are NOPs). + */ + unsigned int refcnt; + const char *name; const char *desc; const struct datatype *basetype; @@ -169,7 +164,6 @@ struct datatype { struct error_record *(*err)(const struct expr *sym); void (*describe)(struct output_ctx *octx); const struct symbol_table *sym_tbl; - unsigned int refcnt; }; extern const struct datatype *datatype_lookup(enum datatypes type); diff --git a/src/datatype.c b/src/datatype.c index 70c84846f70e..c5d88d9a90b6 100644 --- a/src/datatype.c +++ b/src/datatype.c @@ -641,7 +641,7 @@ const struct datatype ipaddr_type = { .basetype = &integer_type, .print = ipaddr_type_print, .parse = ipaddr_type_parse, - .flags = DTYPE_F_PREFIX, + .f_prefix = true, }; static void ip6addr_type_print(const struct expr *expr, struct output_ctx *octx) @@ -708,7 +708,7 @@ const struct datatype ip6addr_type = { .basetype = &integer_type, .print = ip6addr_type_print, .parse = ip6addr_type_parse, - .flags = DTYPE_F_PREFIX, + .f_prefix = true, }; static void inet_protocol_type_print(const struct expr *expr, @@ -944,7 +944,7 @@ const struct datatype mark_type = { .print = mark_type_print, .json = mark_type_json, .parse = mark_type_parse, - .flags = DTYPE_F_PREFIX, + .f_prefix = true, }; static const struct symbol_table icmp_code_tbl = { @@ -1203,9 +1203,7 @@ static struct datatype *datatype_alloc(void) struct datatype *dtype; dtype = xzalloc(sizeof(*dtype)); - dtype->flags = DTYPE_F_ALLOC; dtype->refcnt = 1; - return dtype; } @@ -1215,10 +1213,10 @@ struct datatype *datatype_get(const struct datatype *ptr) if (!dtype) return NULL; - if (!(dtype->flags & DTYPE_F_ALLOC)) - return dtype; - dtype->refcnt++; + if (dtype->refcnt > 0) + dtype->refcnt++; + return dtype; } @@ -1245,7 +1243,6 @@ struct datatype *datatype_clone(const struct datatype *orig_dtype) *dtype = *orig_dtype; dtype->name = xstrdup(orig_dtype->name); dtype->desc = xstrdup(orig_dtype->desc); - dtype->flags = DTYPE_F_ALLOC | orig_dtype->flags; dtype->refcnt = 1; return dtype; @@ -1257,10 +1254,9 @@ void datatype_free(const struct datatype *ptr) if (!dtype) return; - if (!(dtype->flags & DTYPE_F_ALLOC)) - return; - assert(dtype->refcnt != 0); + if (dtype->refcnt == 0) + return; if (--dtype->refcnt > 0) return; diff --git a/src/meta.c b/src/meta.c index 181e111cbbdc..7bf749b34fb4 100644 --- a/src/meta.c +++ b/src/meta.c @@ -368,7 +368,7 @@ const struct datatype devgroup_type = { .print = devgroup_type_print, .json = devgroup_type_json, .parse = devgroup_type_parse, - .flags = DTYPE_F_PREFIX, + .f_prefix = true, }; const struct datatype ifname_type = { diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c index 41cb37a3ccb3..f3939be2d063 100644 --- a/src/netlink_delinearize.c +++ b/src/netlink_delinearize.c @@ -2568,7 +2568,7 @@ static void relational_binop_postprocess(struct rule_pp_ctx *ctx, default: break; } - } else if (binop->left->dtype->flags & DTYPE_F_PREFIX && + } else if (binop->left->dtype->f_prefix && binop->op == OP_AND && expr->right->etype == EXPR_VALUE && expr_mask_is_prefix(binop->right)) { expr->left = expr_get(binop->left); diff --git a/src/rt.c b/src/rt.c index 9ddcb210eaad..ccea0aa9bc44 100644 --- a/src/rt.c +++ b/src/rt.c @@ -55,7 +55,7 @@ const struct datatype realm_type = { .basetype = &integer_type, .print = realm_type_print, .parse = realm_type_parse, - .flags = DTYPE_F_PREFIX, + .f_prefix = true, }; const struct rt_template rt_templates[] = { diff --git a/src/segtree.c b/src/segtree.c index 0a12a0cd5151..637457b087b9 100644 --- a/src/segtree.c +++ b/src/segtree.c @@ -402,8 +402,7 @@ void concat_range_aggregate(struct expr *set) goto next; } - if (prefix_len < 0 || - !(r1->dtype->flags & DTYPE_F_PREFIX)) { + if (prefix_len < 0 || !r1->dtype->f_prefix) { tmp = range_expr_alloc(&r1->location, r1, r2); @@ -518,7 +517,7 @@ add_interval(struct expr *set, struct expr *low, struct expr *i) expr = expr_get(low); } else if (range_is_prefix(range) && !mpz_cmp_ui(p, 0)) { - if (i->dtype->flags & DTYPE_F_PREFIX) + if (i->dtype->f_prefix) expr = interval_to_prefix(low, i, range); else if (expr_basetype(i)->type == TYPE_STRING) expr = interval_to_string(low, i, range); From patchwork Wed Sep 20 14:26:05 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thomas Haller X-Patchwork-Id: 1837311 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=Q1fA/mDV; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2620:137:e000::1:20; helo=out1.vger.email; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=patchwork.ozlabs.org) Received: from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20]) by legolas.ozlabs.org (Postfix) with ESMTP id 4RrLYZ69tBz1ynx for ; Thu, 21 Sep 2023 00:30:58 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234524AbjITObA (ORCPT ); Wed, 20 Sep 2023 10:31:00 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42496 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234933AbjITOa7 (ORCPT ); Wed, 20 Sep 2023 10:30:59 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 85BBDC6 for ; Wed, 20 Sep 2023 07:30:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1695220215; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=OPt5h4kSEaW2Gz+c1Bl7YnJ7gX/+zKJYMKTX438PDmI=; b=Q1fA/mDVX6ImJBne/4lLlRIOJOYlfnHeDiOqvfP6vgWCGDPqXGyrsv8S32VhtV2PSRLSW/ 0YWvHVxFLalNatMphnCtx3V2PikFTJ7xq9x+dKZ33E0fKzvKEIPvEE+bV/YitjVUoq9x6b txm22V0/zSI+uUKyJWaBsBgZar1u8zk= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-3-082YQZUdNTSdWVW-0eLONA-1; Wed, 20 Sep 2023 10:30:13 -0400 X-MC-Unique: 082YQZUdNTSdWVW-0eLONA-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 8BD49858F1C for ; Wed, 20 Sep 2023 14:30:13 +0000 (UTC) Received: from localhost.localdomain (unknown [10.39.192.6]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 0B5C810F1BE7; Wed, 20 Sep 2023 14:30:12 +0000 (UTC) From: Thomas Haller To: NetFilter Cc: Thomas Haller Subject: [PATCH nft 4/9] datatype: use "enum byteorder" instead of int in set_datatype_alloc() Date: Wed, 20 Sep 2023 16:26:05 +0200 Message-ID: <20230920142958.566615-5-thaller@redhat.com> In-Reply-To: <20230920142958.566615-1-thaller@redhat.com> References: <20230920142958.566615-1-thaller@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org Use the enum types as we have them. Signed-off-by: Thomas Haller --- include/datatype.h | 2 +- src/datatype.c | 2 +- src/evaluate.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/include/datatype.h b/include/datatype.h index 5b85adc15857..202935bd322f 100644 --- a/include/datatype.h +++ b/include/datatype.h @@ -295,7 +295,7 @@ concat_subtype_lookup(uint32_t type, unsigned int n) } extern const struct datatype * -set_datatype_alloc(const struct datatype *orig_dtype, unsigned int byteorder); +set_datatype_alloc(const struct datatype *orig_dtype, enum byteorder byteorder); extern void time_print(uint64_t msec, struct output_ctx *octx); extern struct error_record *time_parse(const struct location *loc, diff --git a/src/datatype.c b/src/datatype.c index c5d88d9a90b6..6e4bfc4c0de7 100644 --- a/src/datatype.c +++ b/src/datatype.c @@ -1304,7 +1304,7 @@ const struct datatype *concat_type_alloc(uint32_t type) } const struct datatype *set_datatype_alloc(const struct datatype *orig_dtype, - unsigned int byteorder) + enum byteorder byteorder) { struct datatype *dtype; diff --git a/src/evaluate.c b/src/evaluate.c index 03586922848a..933fddd8996d 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -1341,7 +1341,7 @@ static int expr_evaluate_bitwise(struct eval_ctx *ctx, struct expr **expr) struct expr *op = *expr, *left = op->left; const struct datatype *dtype; unsigned int max_len; - int byteorder; + enum byteorder byteorder; if (ctx->stmt_len > left->len) { max_len = ctx->stmt_len; From patchwork Wed Sep 20 14:26:06 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thomas Haller X-Patchwork-Id: 1837310 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=h93o7Spf; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2620:137:e000::1:20; helo=out1.vger.email; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=patchwork.ozlabs.org) Received: from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20]) by legolas.ozlabs.org (Postfix) with ESMTP id 4RrLYZ3Cdpz1ynX for ; Thu, 21 Sep 2023 00:30:58 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234527AbjITObA (ORCPT ); Wed, 20 Sep 2023 10:31:00 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42522 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234577AbjITOa7 (ORCPT ); Wed, 20 Sep 2023 10:30:59 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0892DCE for ; Wed, 20 Sep 2023 07:30:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1695220216; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=v1WFp6fDfHducrutMAkxH4TQ/YcOMS0wSwZD/kyQHmU=; b=h93o7SpfwHq72mO413VJGJhIx9pvOMTMgnPPJxfozC/wVrPR5HtYm5fiwDdzrTFd2DLITt Gj+YmuhbS8tw06Jx76dYYPYhSlI/1ekzyqUvVVpGBonAM/3jY/uE03JGCPtOGIJVXTvUZQ hnCFK4Ok1uE5FBcPan1U8iIlQ9uahc0= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-282-b_r_hsOHNQO251NfwT839Q-1; Wed, 20 Sep 2023 10:30:14 -0400 X-MC-Unique: b_r_hsOHNQO251NfwT839Q-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 537AD811E8F for ; Wed, 20 Sep 2023 14:30:14 +0000 (UTC) Received: from localhost.localdomain (unknown [10.39.192.6]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C683610EE859; Wed, 20 Sep 2023 14:30:13 +0000 (UTC) From: Thomas Haller To: NetFilter Cc: Thomas Haller Subject: [PATCH nft 5/9] payload: use enum icmp_hdr_field_type in payload_may_dependency_kill_icmp() Date: Wed, 20 Sep 2023 16:26:06 +0200 Message-ID: <20230920142958.566615-6-thaller@redhat.com> In-Reply-To: <20230920142958.566615-1-thaller@redhat.com> References: <20230920142958.566615-1-thaller@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org Don't mix icmp_dep (enum icmp_hdr_field_type) and the uint8_t icmp_type. Signed-off-by: Thomas Haller --- src/payload.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/src/payload.c b/src/payload.c index a02942b3382a..cb8edfac0338 100644 --- a/src/payload.c +++ b/src/payload.c @@ -802,18 +802,16 @@ static uint8_t icmp_dep_to_type(enum icmp_hdr_field_type t) static bool payload_may_dependency_kill_icmp(struct payload_dep_ctx *ctx, struct expr *expr) { const struct expr *dep = payload_dependency_get(ctx, expr->payload.base); - uint8_t icmp_type; + enum icmp_hdr_field_type icmp_dep; - icmp_type = expr->payload.tmpl->icmp_dep; - if (icmp_type == PROTO_ICMP_ANY) + icmp_dep = expr->payload.tmpl->icmp_dep; + if (icmp_dep == PROTO_ICMP_ANY) return false; if (dep->left->payload.desc != expr->payload.desc) return false; - icmp_type = icmp_dep_to_type(expr->payload.tmpl->icmp_dep); - - return ctx->icmp_type == icmp_type; + return ctx->icmp_type == icmp_dep_to_type(icmp_dep); } static bool payload_may_dependency_kill_ll(struct payload_dep_ctx *ctx, struct expr *expr) From patchwork Wed Sep 20 14:26:07 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thomas Haller X-Patchwork-Id: 1837317 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=PbngZGXq; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2620:137:e000::1:20; helo=out1.vger.email; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=patchwork.ozlabs.org) Received: from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20]) by legolas.ozlabs.org (Postfix) with ESMTP id 4RrLYh5sY1z1ynx for ; Thu, 21 Sep 2023 00:31:04 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234933AbjITObI (ORCPT ); Wed, 20 Sep 2023 10:31:08 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42532 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234577AbjITObH (ORCPT ); Wed, 20 Sep 2023 10:31:07 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 90640DC for ; Wed, 20 Sep 2023 07:30:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1695220218; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=zQh0BXkoAISyWhHgK1gPnvdSusXVryCBQEBcFr1yO5s=; b=PbngZGXqbtHe04Hc92cWIiux7ClFO2ccHHZt9nZVuBhCkum4ej7CuUqqlssNWTXzGbCswV rnMyKhUsJOJvYiXtP0m/Ner7zQyVA8YZ1UfQMpAjKYK60LKiAV/KjYL5Bwmt1Bl5r5ZemO cMm83gfYUB7uM2S25Gs3gxtFPPWGRUY= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-133-675enwkXP36XsUTVXPPsfw-1; Wed, 20 Sep 2023 10:30:15 -0400 X-MC-Unique: 675enwkXP36XsUTVXPPsfw-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 1C43D101AA6E for ; Wed, 20 Sep 2023 14:30:15 +0000 (UTC) Received: from localhost.localdomain (unknown [10.39.192.6]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8E1781004145; Wed, 20 Sep 2023 14:30:14 +0000 (UTC) From: Thomas Haller To: NetFilter Cc: Thomas Haller Subject: [PATCH nft 6/9] netlink: handle invalid etype in set_make_key() Date: Wed, 20 Sep 2023 16:26:07 +0200 Message-ID: <20230920142958.566615-7-thaller@redhat.com> In-Reply-To: <20230920142958.566615-1-thaller@redhat.com> References: <20230920142958.566615-1-thaller@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org It's not clear to me, what ensures that the etype is always valid. Handle a NULL. Fixes: 6e48df5329ea ('src: add "typeof" build/parse/print support') Signed-off-by: Thomas Haller --- src/netlink.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/netlink.c b/src/netlink.c index 2489e9864151..70ebf382b14f 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -896,6 +896,8 @@ static struct expr *set_make_key(const struct nftnl_udata *attr) etype = nftnl_udata_get_u32(ud[NFTNL_UDATA_SET_TYPEOF_EXPR]); ops = expr_ops_by_type(etype); + if (!ops) + return NULL; expr = ops->parse_udata(ud[NFTNL_UDATA_SET_TYPEOF_DATA]); if (!expr) From patchwork Wed Sep 20 14:26:08 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thomas Haller X-Patchwork-Id: 1837315 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=i+cIUA2j; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2620:137:e000::1:20; helo=out1.vger.email; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=patchwork.ozlabs.org) Received: from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20]) by legolas.ozlabs.org (Postfix) with ESMTP id 4RrLYd5cy5z1ynx for ; Thu, 21 Sep 2023 00:31:01 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234641AbjITObF (ORCPT ); Wed, 20 Sep 2023 10:31:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55972 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234577AbjITObE (ORCPT ); Wed, 20 Sep 2023 10:31:04 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BFB61D8 for ; Wed, 20 Sep 2023 07:30:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1695220217; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=BcFGKuwqtZrM9N1EleosWoXtcfvjxeMZWSX1MJ+JS68=; b=i+cIUA2jrEvN/DRnBOOxwQoPhfgNKIZ9hoDPugteCVSM5f/VMmUTrWaDYnVP1Jk1gfp26b Nm423ik6b+QZ19KAoqUlhu0Shntc58/xoGKN2qWw/R6a1q758Z/0irHIw3BtCd6OxPwJhB viDEqku+41bsOK4boKPYfO7HRGldRKk= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-241-zCxQldY_OgO_6XIS-cPwtg-1; Wed, 20 Sep 2023 10:30:16 -0400 X-MC-Unique: zCxQldY_OgO_6XIS-cPwtg-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id D7944101A590 for ; Wed, 20 Sep 2023 14:30:15 +0000 (UTC) Received: from localhost.localdomain (unknown [10.39.192.6]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 56A5D10F1BE7; Wed, 20 Sep 2023 14:30:15 +0000 (UTC) From: Thomas Haller To: NetFilter Cc: Thomas Haller Subject: [PATCH nft 7/9] expression: cleanup expr_ops_by_type() and handle u32 input Date: Wed, 20 Sep 2023 16:26:08 +0200 Message-ID: <20230920142958.566615-8-thaller@redhat.com> In-Reply-To: <20230920142958.566615-1-thaller@redhat.com> References: <20230920142958.566615-1-thaller@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org Be more careful about casting an uint32_t value to "enum expr_types" and make fewer assumptions about the underlying integer type of the enum. Instead, be clear about where we have an untrusted uint32_t from netlink and an enum. Rename expr_ops_by_type() to expr_ops_by_type_u32() to make this clearer. Later we might make the enum as packed, when this starts to matter more. Also, only the code path expr_ops() wants strict validation and assert against valid enum values. Move the assertion out of __expr_ops_by_type(). Then expr_ops_by_type_u32() does not need to duplicate the handling of EXPR_INVALID. We still need to duplicate the check against EXPR_MAX, to ensure that the uint32_t value can be cast to an enum value. Signed-off-by: Thomas Haller --- include/expression.h | 2 +- src/expression.c | 23 +++++++++++------------ src/netlink.c | 4 ++-- 3 files changed, 14 insertions(+), 15 deletions(-) diff --git a/include/expression.h b/include/expression.h index 469f41ecd613..aede223db741 100644 --- a/include/expression.h +++ b/include/expression.h @@ -189,7 +189,7 @@ struct expr_ops { }; const struct expr_ops *expr_ops(const struct expr *e); -const struct expr_ops *expr_ops_by_type(enum expr_types etype); +const struct expr_ops *expr_ops_by_type_u32(uint32_t value); /** * enum expr_flags diff --git a/src/expression.c b/src/expression.c index 87d5a9fcbe09..320c02be522c 100644 --- a/src/expression.c +++ b/src/expression.c @@ -995,7 +995,7 @@ static struct expr *concat_expr_parse_udata(const struct nftnl_udata *attr) goto err_free; etype = nftnl_udata_get_u32(nest_ud[NFTNL_UDATA_SET_KEY_CONCAT_SUB_TYPE]); - ops = expr_ops_by_type(etype); + ops = expr_ops_by_type_u32(etype); if (!ops || !ops->parse_udata) goto err_free; @@ -1509,9 +1509,7 @@ void range_expr_value_high(mpz_t rop, const struct expr *expr) static const struct expr_ops *__expr_ops_by_type(enum expr_types etype) { switch (etype) { - case EXPR_INVALID: - BUG("Invalid expression ops requested"); - break; + case EXPR_INVALID: break; case EXPR_VERDICT: return &verdict_expr_ops; case EXPR_SYMBOL: return &symbol_expr_ops; case EXPR_VARIABLE: return &variable_expr_ops; @@ -1543,21 +1541,22 @@ static const struct expr_ops *__expr_ops_by_type(enum expr_types etype) case EXPR_FLAGCMP: return &flagcmp_expr_ops; } - BUG("Unknown expression type %d\n", etype); + return NULL; } const struct expr_ops *expr_ops(const struct expr *e) { - return __expr_ops_by_type(e->etype); + const struct expr_ops *ops; + + ops = __expr_ops_by_type(e->etype); + if (!ops) + BUG("Unknown expression type %d\n", e->etype); + return ops; } -const struct expr_ops *expr_ops_by_type(enum expr_types value) +const struct expr_ops *expr_ops_by_type_u32(uint32_t value) { - /* value might come from unreliable source, such as "udata" - * annotation of set keys. Avoid BUG() assertion. - */ - if (value == EXPR_INVALID || value > EXPR_MAX) + if (value > (uint32_t) EXPR_MAX) return NULL; - return __expr_ops_by_type(value); } diff --git a/src/netlink.c b/src/netlink.c index 70ebf382b14f..8af579c7b778 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -878,8 +878,8 @@ static struct expr *set_make_key(const struct nftnl_udata *attr) { const struct nftnl_udata *ud[NFTNL_UDATA_SET_TYPEOF_MAX + 1] = {}; const struct expr_ops *ops; - enum expr_types etype; struct expr *expr; + uint32_t etype; int err; if (!attr) @@ -895,7 +895,7 @@ static struct expr *set_make_key(const struct nftnl_udata *attr) return NULL; etype = nftnl_udata_get_u32(ud[NFTNL_UDATA_SET_TYPEOF_EXPR]); - ops = expr_ops_by_type(etype); + ops = expr_ops_by_type_u32(etype); if (!ops) return NULL; From patchwork Wed Sep 20 14:26:09 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thomas Haller X-Patchwork-Id: 1837319 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=N6a/w0j8; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2620:137:e000::1:20; helo=out1.vger.email; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=patchwork.ozlabs.org) Received: from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20]) by legolas.ozlabs.org (Postfix) with ESMTP id 4RrLYn1kLHz1ynx for ; Thu, 21 Sep 2023 00:31:09 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234994AbjITObM (ORCPT ); Wed, 20 Sep 2023 10:31:12 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55976 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235150AbjITObL (ORCPT ); Wed, 20 Sep 2023 10:31:11 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DB5D3DD for ; Wed, 20 Sep 2023 07:30:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1695220219; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=QiWRlx/fVnDIDHJq0728x3jSc6CUqx0zfXucjT+EbuI=; b=N6a/w0j8l+f8/U9bT2JbIy9IOrS+aSAJB+LqXgAKQh7Bn4XLh9Rc7v+E+RUqD1ZqyAz+VN Yesz5RAqOvfxkwBtxBXCFJfeKF6dY5ioFCmTHfXfk/cTjWv8Q89yrCGuPd6VYhH7+WLoQs mjhTQr02krLCLdvFbdQHUvH/GEqde8s= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-351-4q8S_RkNM2OmALPX13Z6AQ-1; Wed, 20 Sep 2023 10:30:16 -0400 X-MC-Unique: 4q8S_RkNM2OmALPX13Z6AQ-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 9FE6189C6A7 for ; Wed, 20 Sep 2023 14:30:16 +0000 (UTC) Received: from localhost.localdomain (unknown [10.39.192.6]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 1E7DC10F1BE7; Wed, 20 Sep 2023 14:30:15 +0000 (UTC) From: Thomas Haller To: NetFilter Cc: Thomas Haller Subject: [PATCH nft 8/9] datatype: use __attribute__((packed)) instead of enum bitfields Date: Wed, 20 Sep 2023 16:26:09 +0200 Message-ID: <20230920142958.566615-9-thaller@redhat.com> In-Reply-To: <20230920142958.566615-1-thaller@redhat.com> References: <20230920142958.566615-1-thaller@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org At some places we use bitfields of those enums, to save space inside the structure. We can achieve that in a better way, by using GCC's __attribute__((packed)) on the enum type. It's better because a :8 bitfield makes the assumption that all enum values (valid or invalid) fit into that field. With packed enums, we don't need that assumption as the field can hold all possible numbers that the enum type can hold. This reduces the places we need to worry about truncating a value to casts between other types and the enum. Those places already require us to be careful. On the other hand, previously casting an int (or uint32_t) likely didn't cause a truncation as the underlying type was large enough. So we could check for invalid enum values after the cast. We might do that at places. For example, we do key = nftnl_expr_get_u32(nle, NFTNL_EXPR_META_KEY); expr = meta_expr_alloc(loc, key); where we cast from an uint32_t to an enum without checking. Note that `enum nft_meta_keys` is not packed by this patch. But this is an example how things could be wrong. But the bug already exits before: don't make assumption about the underlying enum type and take care of truncation during casts. This makes the change potentially dangerous, and it's hard to be sure that it doesn't uncover bugs (due tow rong assumptions about enum types). Note that we were already using the GCC-ism __attribute__((packed)) previously, however on a struct and not on an enum. Anyway. It seems unlikely that we support any other compilers than GCC/Clang. Those both support this attribute. We should not worry about portability towards hypothetical compilers (the C standard), unless there is a real compiler that we can use and test and shows a problem with this. Especially when we support both GCC and Clang, which themselves are ubiquitous and accessible to all users (as they also need to build the kernel in the first place). Signed-off-by: Thomas Haller --- include/datatype.h | 1 + include/expression.h | 8 +++++--- include/proto.h | 11 +++++++---- 3 files changed, 13 insertions(+), 7 deletions(-) diff --git a/include/datatype.h b/include/datatype.h index 202935bd322f..c8b3b77ad0c0 100644 --- a/include/datatype.h +++ b/include/datatype.h @@ -112,6 +112,7 @@ enum datatypes { * @BYTEORDER_HOST_ENDIAN: host endian * @BYTEORDER_BIG_ENDIAN: big endian */ +__attribute__((packed)) enum byteorder { BYTEORDER_INVALID, BYTEORDER_HOST_ENDIAN, diff --git a/include/expression.h b/include/expression.h index aede223db741..11a1dbf00b8c 100644 --- a/include/expression.h +++ b/include/expression.h @@ -45,6 +45,7 @@ * @EXPR_SET_ELEM_CATCHALL catchall element expression * @EXPR_FLAGCMP flagcmp expression */ +__attribute__((packed)) enum expr_types { EXPR_INVALID, EXPR_VERDICT, @@ -80,6 +81,7 @@ enum expr_types { EXPR_MAX = EXPR_FLAGCMP }; +__attribute__((packed)) enum ops { OP_INVALID, OP_IMPLICIT, @@ -247,9 +249,9 @@ struct expr { unsigned int flags; const struct datatype *dtype; - enum byteorder byteorder:8; - enum expr_types etype:8; - enum ops op:8; + enum byteorder byteorder; + enum expr_types etype; + enum ops op; unsigned int len; struct cmd *cmd; diff --git a/include/proto.h b/include/proto.h index 3a20ff8c4071..3756a4ab79a4 100644 --- a/include/proto.h +++ b/include/proto.h @@ -13,6 +13,7 @@ * @PROTO_BASE_NETWORK_HDR: network layer header * @PROTO_BASE_TRANSPORT_HDR: transport layer header */ +__attribute__((packed)) enum proto_bases { PROTO_BASE_INVALID, PROTO_BASE_LL_HDR, @@ -26,6 +27,7 @@ enum proto_bases { extern const char *proto_base_names[]; extern const char *proto_base_tokens[]; +__attribute__((packed)) enum icmp_hdr_field_type { PROTO_ICMP_ANY = 0, PROTO_ICMP_ECHO, /* echo and reply */ @@ -52,9 +54,9 @@ struct proto_hdr_template { const struct datatype *dtype; uint16_t offset; uint16_t len; - enum byteorder byteorder:8; + enum byteorder byteorder; enum nft_meta_keys meta_key:8; - enum icmp_hdr_field_type icmp_dep:8; + enum icmp_hdr_field_type icmp_dep; }; #define PROTO_HDR_TEMPLATE(__token, __dtype, __byteorder, __offset, __len)\ @@ -77,6 +79,7 @@ struct proto_hdr_template { #define PROTO_UPPER_MAX 16 #define PROTO_HDRS_MAX 20 +__attribute__((packed)) enum proto_desc_id { PROTO_DESC_UNKNOWN = 0, PROTO_DESC_AH, @@ -119,8 +122,8 @@ enum proto_desc_id { */ struct proto_desc { const char *name; - enum proto_desc_id id:8; - enum proto_bases base:8; + enum proto_desc_id id; + enum proto_bases base; enum nft_payload_csum_types checksum_type:8; uint16_t checksum_key; uint16_t protocol_key; From patchwork Wed Sep 20 14:26:10 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thomas Haller X-Patchwork-Id: 1837316 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=cD/bst2u; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2620:137:e000::1:20; helo=out1.vger.email; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=patchwork.ozlabs.org) Received: from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20]) by legolas.ozlabs.org (Postfix) with ESMTP id 4RrLYh2fgNz1ynX for ; Thu, 21 Sep 2023 00:31:04 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234995AbjITObI (ORCPT ); Wed, 20 Sep 2023 10:31:08 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55964 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234933AbjITObH (ORCPT ); Wed, 20 Sep 2023 10:31:07 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 009E9DE for ; Wed, 20 Sep 2023 07:30:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1695220219; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=va5SmwycX8iA3d3rZyPKfEVB9DSFOxFvAVTor7HOtX4=; b=cD/bst2u5wT4XFnX6sz5MNoFPwFCCSWm/bNF/rQy6ubc5jfOyC2CSsJKHWRR+ESCZXBjuo 8GgxphM8+OqpKG0Jm4pUP4oFApNl2HWIMaE41nrTWJZqK12axAADUQ9EJO4eLLj1HDkAD4 F7EaiugT3ZjGpVQXQlTlTBuDoAei3Xc= Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-246-OTqJautyMRS54tOejpHoNQ-1; Wed, 20 Sep 2023 10:30:17 -0400 X-MC-Unique: OTqJautyMRS54tOejpHoNQ-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 670F73C11A0F for ; Wed, 20 Sep 2023 14:30:17 +0000 (UTC) Received: from localhost.localdomain (unknown [10.39.192.6]) by smtp.corp.redhat.com (Postfix) with ESMTPS id DAAB01004145; Wed, 20 Sep 2023 14:30:16 +0000 (UTC) From: Thomas Haller To: NetFilter Cc: Thomas Haller Subject: [PATCH nft 9/9] proto: add missing proto_definitions for PROTO_DESC_GENEVE Date: Wed, 20 Sep 2023 16:26:10 +0200 Message-ID: <20230920142958.566615-10-thaller@redhat.com> In-Reply-To: <20230920142958.566615-1-thaller@redhat.com> References: <20230920142958.566615-1-thaller@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3 X-Spam-Status: No, score=1.2 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,RCVD_IN_SBL_CSS,SPF_HELO_NONE, SPF_NONE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Level: * X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org While at it, make proto_definitions const. For global variables, this allows the linker to mark the memory as read only. It's just good to do by default. Fixes: 156d22654003 ('src: add geneve matching support') Signed-off-by: Thomas Haller --- src/proto.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/proto.c b/src/proto.c index b5cb0106dd7b..735e37f850c5 100644 --- a/src/proto.c +++ b/src/proto.c @@ -1281,7 +1281,7 @@ const struct proto_desc proto_netdev = { }, }; -static const struct proto_desc *proto_definitions[PROTO_DESC_MAX + 1] = { +static const struct proto_desc *const proto_definitions[PROTO_DESC_MAX + 1] = { [PROTO_DESC_AH] = &proto_ah, [PROTO_DESC_ESP] = &proto_esp, [PROTO_DESC_COMP] = &proto_comp, @@ -1300,6 +1300,7 @@ static const struct proto_desc *proto_definitions[PROTO_DESC_MAX + 1] = { [PROTO_DESC_VLAN] = &proto_vlan, [PROTO_DESC_ETHER] = &proto_eth, [PROTO_DESC_VXLAN] = &proto_vxlan, + [PROTO_DESC_GENEVE] = &proto_geneve, [PROTO_DESC_GRE] = &proto_gre, [PROTO_DESC_GRETAP] = &proto_gretap, };