From patchwork Sat Oct 12 23:09:03 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Duncan Roe X-Patchwork-Id: 1996460 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20230601 header.b=lYYkhWsn; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2604:1380:45d1:ec00::1; helo=ny.mirrors.kernel.org; envelope-from=netfilter-devel+bounces-4400-incoming=patchwork.ozlabs.org@vger.kernel.org; receiver=patchwork.ozlabs.org) Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org [IPv6:2604:1380:45d1:ec00::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4XQzj90gSFz1xv6 for ; Sun, 13 Oct 2024 10:09:48 +1100 (AEDT) Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 0D0931C20C48 for ; Sat, 12 Oct 2024 23:09:46 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 22B1319CC1D; Sat, 12 Oct 2024 23:09:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="lYYkhWsn" X-Original-To: netfilter-devel@vger.kernel.org Received: from mail-pf1-f170.google.com (mail-pf1-f170.google.com [209.85.210.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8B1D019C557 for ; Sat, 12 Oct 2024 23:09:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.170 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774567; cv=none; b=eOtjGbGJd9qn/eLv/4WcBhubxwMzLGdBIR8EeTYo6eWIMau9bP0okAwoCgS+yoegZBlqbV3cOh35NhN6hwBbvCDnfgm5u58MjIzoZpTuIJCXX1LAuIm3O6wNamaWtLuhETQIFSy4ULkBa8wCgkn0FYEUSyFXe9wUqP4gLsl84Po= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774567; c=relaxed/simple; bh=kKkcH8iuE595RLhmt/+T5DX8KikyUJwUF5gjg/dgK98=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=EydKPssPy3///eDhtcYMF2AVF4dCgfsH/udaz/bHqxvkX8bD93hGJOhkrBQAG5UeNQMKu6arlobGJ6ZCY66PlRKGGJdYWS50FjX0tevf31vzl17H2En/zdQkldeuISwreQ0DdvyHDxVyoVMUHSAplZIauejsQyVIwnOabZubS/E= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=lYYkhWsn; arc=none smtp.client-ip=209.85.210.170 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-pf1-f170.google.com with SMTP id d2e1a72fcca58-71e03be0d92so2532136b3a.3 for ; Sat, 12 Oct 2024 16:09:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728774565; x=1729379365; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:from:to:cc:subject:date :message-id:reply-to; bh=oMaYhZPmAYftpBoCVGQYD2yOx0YIU4mkNuj7lfx7uXU=; b=lYYkhWsnVDOAQxZyHaIHOc/z4Cb4iFh8u0Yj03YC4FbHQXMAh8QEGPhgZ4ZboVcjIX Unzyq1BoymoStwP4c0B2YvPbD0qZdat+oDTtkquA62uL/usf7cSwfgOBzhQMyMhuZr5i /lZu2w7hBVQz9JkresTTol8GiNUb3jlaW4mYeFp3G4hlDzNtkE+1bokJIkbi4lhqEMP2 efRlWWpB9hm3MHpXnc5AFebKTwpxu7nPAKrGJEmvIfra3GShaqEKJEjEYh2gIEmF9EME ch7m6uA9y9q7K421gmfn0GuDS/988WCEt28pEtqkCiVw8mD93pl24SfaQm1CeG4+VO91 vJKQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728774565; x=1729379365; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=oMaYhZPmAYftpBoCVGQYD2yOx0YIU4mkNuj7lfx7uXU=; b=EP2bXfU77jmJ47hSbReskKlFlGKPdVNnHLedBLSylvko9yQU7pjT1dSbihjUcaoNYB nTWQBHNzvatmo2lXpormoJXNrQJzuP1jNnonYQYA/ZPFv7VYU4wrSnnINnk+4yowB+72 /8o2+4fo7eWHknLMWcGWgis3BA2mptktVAot0LVupVchvDZ5WgEddq1s2SXkUW8OvUwQ 5yRQR7Z9sJcMhx7CCQ7evf3PD1m0QbLWE88iJfVBPzE7CF7N+mfZYWKsCjztccxXR0cy 7goJ20Q+G/kOeru+LrXAncUeVsXn4Ag/b5hQvvH+s8XzaC5Q9J5p1t0mm0aMwVarflxh 4G/g== X-Gm-Message-State: AOJu0YzCK3KXk2oyHDQlpd5jt1gLZaJeBrc6TXXqj1r2MeRrnEQzMnyW p3x/nHnhvKY6b7u589DPVLuKFm+Kw/V6FJrUZOybYEemQbFGoxBb9m38bw== X-Google-Smtp-Source: AGHT+IHJtxHx4Hqebtti3IyyBDm0zK79sAYR+IXP2ib73K0JjsBB0sYujDqbPiDDFmYz89UydtEKUA== X-Received: by 2002:a05:6a20:2d22:b0:1cf:ff65:22f4 with SMTP id adf61e73a8af0-1d8bcfc5946mr11155015637.41.1728774564601; Sat, 12 Oct 2024 16:09:24 -0700 (PDT) Received: from slk15.local.net (n175-33-111-144.meb22.vic.optusnet.com.au. [175.33.111.144]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-71e2aab5bf9sm4854195b3a.145.2024.10.12.16.09.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Oct 2024 16:09:24 -0700 (PDT) Sender: Duncan Roe From: Duncan Roe To: pablo@netfilter.org Cc: netfilter-devel@vger.kernel.org Subject: [PATCH libnetfilter_queue v3 01/15] src: Convert nfq_open() to use libmnl Date: Sun, 13 Oct 2024 10:09:03 +1100 Message-Id: <20241012230917.11467-2-duncan_roe@optusnet.com.au> X-Mailer: git-send-email 2.35.8 In-Reply-To: <20241012230917.11467-1-duncan_roe@optusnet.com.au> References: <20241012230917.11467-1-duncan_roe@optusnet.com.au> Precedence: bulk X-Mailing-List: netfilter-devel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Add copies of nfnl_handle, nfnl_subsys_handle & mnl_socket to libnetfilter_queue.c. After calling mnl_socket_open() & mnl_socket_bind(), fill in the libnfnetlink structs as if nfnl_open() had been called. Call a static extended version of nfq_open_nfnl(), __nfq_open_nfnl() which can tell how it was called via an extra argument: struct nfq_handle *qh. nfq_open() passes the qh returned by mnl_open(). nfq_open_nfnl() passes NULL. __nfq_open_nfnl() creates and returns a qh if it wasn't given one. Otherwise it returns the qh it was given or NULL on error (but the passed-in qh is not freed). Signed-off-by: Duncan Roe --- Changes in v3: (none) Changes in v2: - Rather than inline nfnl subsys code, minimally modify nfq_open_nfnl() as per updated commit message - Replace NFNL_BUFFSIZE with MNL_SOCKET_BUFFER_SIZE - Use calloc instead of malloc + memset in new code - Don't rename struct nfq_handle *qh to *h - Fix checkpatch space before tab warnings in lines 143,147,159,165 - Keep nfq_errno doxygen/doxygen.cfg.in | 3 ++ src/libnetfilter_queue.c | 86 ++++++++++++++++++++++++++++++++++------ 2 files changed, 77 insertions(+), 12 deletions(-) diff --git a/doxygen/doxygen.cfg.in b/doxygen/doxygen.cfg.in index 97174ff..6dd7017 100644 --- a/doxygen/doxygen.cfg.in +++ b/doxygen/doxygen.cfg.in @@ -13,6 +13,9 @@ EXCLUDE_SYMBOLS = EXPORT_SYMBOL \ nfq_handle \ nfq_data \ nfq_q_handle \ + nfnl_handle \ + nfnl_subsys_handle \ + mnl_socket \ tcp_flag_word EXAMPLE_PATTERNS = INPUT_FILTER = "sed 's/EXPORT_SYMBOL//g'" diff --git a/src/libnetfilter_queue.c b/src/libnetfilter_queue.c index bf67a19..f366198 100644 --- a/src/libnetfilter_queue.c +++ b/src/libnetfilter_queue.c @@ -31,6 +31,7 @@ #include #include +#include #include #include #include "internal.h" @@ -134,11 +135,43 @@ gcc -g3 -ggdb -Wall -lmnl -lnetfilter_queue -o nf-queue nf-queue.c * burst */ +/* Copy of private libnfnetlink structures */ + +#define NFNL_MAX_SUBSYS 16 + +struct nfnl_subsys_handle { + struct nfnl_handle *nfnlh; + uint32_t subscriptions; + uint8_t subsys_id; + uint8_t cb_count; + struct nfnl_callback *cb; /* array of callbacks */ +}; + +struct nfnl_handle { + int fd; + struct sockaddr_nl local; + struct sockaddr_nl peer; + uint32_t subscriptions; + uint32_t seq; + uint32_t dump; + uint32_t rcv_buffer_size; /* for nfnl_catch */ + uint32_t flags; + struct nlmsghdr *last_nlhdr; + struct nfnl_subsys_handle subsys[NFNL_MAX_SUBSYS+1]; +}; + +/* Copy of private libmnl structure */ +struct mnl_socket { + int fd; + struct sockaddr_nl addr; +}; + struct nfq_handle { struct nfnl_handle *nfnlh; struct nfnl_subsys_handle *nfnlssh; struct nfq_q_handle *qh_list; + struct mnl_socket *nl; }; struct nfq_q_handle @@ -157,6 +190,9 @@ struct nfq_data { EXPORT_SYMBOL int nfq_errno; +static struct nfq_handle *__nfq_open_nfnl(struct nfnl_handle *nfnlh, + struct nfq_handle *qh); + /*********************************************************************** * low level stuff ***********************************************************************/ @@ -383,20 +419,41 @@ int nfq_fd(struct nfq_handle *h) EXPORT_SYMBOL struct nfq_handle *nfq_open(void) { - struct nfnl_handle *nfnlh = nfnl_open(); struct nfq_handle *qh; + struct nfq_handle *h; - if (!nfnlh) - return NULL; - - /* unset netlink sequence tracking by default */ - nfnl_unset_sequence_tracking(nfnlh); - - qh = nfq_open_nfnl(nfnlh); + qh = calloc(1, sizeof(*qh)); if (!qh) - nfnl_close(nfnlh); + return NULL; + qh->nl = mnl_socket_open(NETLINK_NETFILTER); + if (!qh->nl) + goto err_free; + + if (mnl_socket_bind(qh->nl, 0, MNL_SOCKET_AUTOPID) < 0) + goto err_close; + + /* Manufacture an nfnl handle */ + qh->nfnlh = calloc(1, sizeof(*qh->nfnlh)); + if (!qh->nfnlh) + goto err_close; + qh->nfnlh->fd = qh->nl->fd; + qh->nfnlh->local = qh->nl->addr; + qh->nfnlh->peer.nl_family = AF_NETLINK; + qh->nfnlh->rcv_buffer_size = MNL_SOCKET_BUFFER_SIZE; + + h = __nfq_open_nfnl(qh->nfnlh, qh); /* Will return qh or NULL */ + if (!h) + goto err_free2; return qh; + +err_free2: + free(qh->nfnlh); +err_close: + mnl_socket_close(qh->nl); +err_free: + free(qh); + return NULL; } /** @@ -415,6 +472,11 @@ struct nfq_handle *nfq_open(void) */ EXPORT_SYMBOL struct nfq_handle *nfq_open_nfnl(struct nfnl_handle *nfnlh) +{ + return __nfq_open_nfnl(nfnlh, NULL); +} +static struct nfq_handle *__nfq_open_nfnl(struct nfnl_handle *nfnlh, + struct nfq_handle *qh) { struct nfnl_callback pkt_cb = { .call = __nfq_rcv_pkt, @@ -423,11 +485,10 @@ struct nfq_handle *nfq_open_nfnl(struct nfnl_handle *nfnlh) struct nfq_handle *h; int err; - h = malloc(sizeof(*h)); + h = qh ? qh : calloc(1, sizeof(*h)); if (!h) return NULL; - memset(h, 0, sizeof(*h)); h->nfnlh = nfnlh; h->nfnlssh = nfnl_subsys_open(h->nfnlh, NFNL_SUBSYS_QUEUE, @@ -448,7 +509,8 @@ struct nfq_handle *nfq_open_nfnl(struct nfnl_handle *nfnlh) out_close: nfnl_subsys_close(h->nfnlssh); out_free: - free(h); + if (!qh) + free(h); return NULL; } From patchwork Sat Oct 12 23:09:04 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Duncan Roe X-Patchwork-Id: 1996462 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20230601 header.b=LeWcJJEb; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2604:1380:45d1:ec00::1; helo=ny.mirrors.kernel.org; envelope-from=netfilter-devel+bounces-4402-incoming=patchwork.ozlabs.org@vger.kernel.org; receiver=patchwork.ozlabs.org) Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org [IPv6:2604:1380:45d1:ec00::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4XQzjD4lq9z1xv6 for ; Sun, 13 Oct 2024 10:09:52 +1100 (AEDT) Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id AF10C1C20D3E for ; Sat, 12 Oct 2024 23:09:50 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 966CD19CC3A; Sat, 12 Oct 2024 23:09:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="LeWcJJEb" X-Original-To: netfilter-devel@vger.kernel.org Received: from mail-pf1-f173.google.com (mail-pf1-f173.google.com [209.85.210.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B003719CC25 for ; Sat, 12 Oct 2024 23:09:27 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.173 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774570; cv=none; b=EucIcbk9gL67sEMzOpMY6jJsEifbX1BM8bHVzjqhXzrbQ9+mhiW5oT90moFnqyRAh/uAEi9HBwQYPzbSTXnsTVlQheWqiQOyLYZPAHUQhlv9YJeEza3EybUlYG2NldDS1sGWZ6oOQpxY94bGYzX65fVcW0WRNx1Tb3jD63VJW0k= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774570; c=relaxed/simple; bh=Tnja4z7mKISn7j88gvHcN8MRxXIVuqW14vgtfqd+M7c=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=nzq2RsOzlMTMQr5YZ5pgd89EydPHIBixd26NR9FnYzZO23p3AcfPxJZzdLa3vRW4CghF7JJ56MTBR3+S0zYAb4rma5pMpvZNvYyNPMxX8YaCDe2vv5GzMoyYt5CxqsPqH7BbX93aUwD0l/GILqGV5dsSWnsBGszTUuN5nkN+NxQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=LeWcJJEb; arc=none smtp.client-ip=209.85.210.173 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-pf1-f173.google.com with SMTP id d2e1a72fcca58-71e3fce4a60so1099804b3a.0 for ; Sat, 12 Oct 2024 16:09:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728774567; x=1729379367; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:from:to:cc:subject:date :message-id:reply-to; bh=dVTwAdalhzDndSJVPJ2g6UNWS4gcZv4toBrasYb+7Do=; b=LeWcJJEbWlr3FfI4JSE6ml2uGsrq1h1bI3NMEhpGqu+K9LMRBWC7aPh5lsDJS4GbF1 PsSmo2eS/yDfGtMn/EWci5zatRuMNXFQqMWyaIdZDAsyFlLjdF5D9BvaaL0P+a5EGx2G XwZKM1SntcpO8XOaYtWlWVvK46T4hsOsfEDP7weiTchg6EUyZPlf89fVWMuNLeK2Pc1P PxHzmKx9GcywIc5IAjVH3JRvjE+nfwIcrhpk1lNTwZ0LBOno48RjhEe/fH4G1xOlgfiq v7PfeWLJ0WNdIJZ9JtLXx8I+obbdbXZ2NHC41V347wEWo4ZsdIYBITtxZMjzuRZY6I6q 7TYA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728774567; x=1729379367; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=dVTwAdalhzDndSJVPJ2g6UNWS4gcZv4toBrasYb+7Do=; b=i9SLDyXwsNJikN34+FwzmKBKShzvEueqnW232g6febOHyNxSL9JB8WKfsgI73qMppi eRmADiLBL3pQTHSaDcXmADvYpvc6R+TVlgk7JcBxdUymfTm1kqVUTiZnhGtFwL6QCZvS b1fyMBLrkeOol6GROCB8OkLRrldCJXbdl7YcVzjp+YmF+DoVp5Iwdj8YMOKIYH2eXV67 0tDNxQS6T63imr3NHdoDayGEPY6GiJemX66xE6I2fH395LE1pEKn0bIZsJ9FSQhcO5A0 xUcjxBwpQXLCEEdvcnBGge4PTqG64DAG9Q9efoji8t1UqfcdecqKig4ipk0Fx57bbt2O g0SQ== X-Gm-Message-State: AOJu0YxSmO4T/7pqGbMehuH1IBAk0FeG4aSf7tvbAGhuzoumo6HWz2Up UotUnskiCqmnelnlcS01Dq/wsRcV2PwlYxqRbI5LpYdGr0XP2lim0vZsTA== X-Google-Smtp-Source: AGHT+IEDMOwytsmd+/oghOxbpLSgajrGsqCQGKK5yzW2t/GDffax4d15QXrNc95uhkY7ZmlUYTT+dg== X-Received: by 2002:a05:6a21:e8d:b0:1d8:a260:fd75 with SMTP id adf61e73a8af0-1d8bcf00c49mr11656742637.7.1728774566833; Sat, 12 Oct 2024 16:09:26 -0700 (PDT) Received: from slk15.local.net (n175-33-111-144.meb22.vic.optusnet.com.au. [175.33.111.144]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-71e2aab5bf9sm4854195b3a.145.2024.10.12.16.09.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Oct 2024 16:09:26 -0700 (PDT) Sender: Duncan Roe From: Duncan Roe To: pablo@netfilter.org Cc: netfilter-devel@vger.kernel.org Subject: [PATCH libnetfilter_queue v3 02/15] src: Convert nfq_open_nfnl() to use libmnl Date: Sun, 13 Oct 2024 10:09:04 +1100 Message-Id: <20241012230917.11467-3-duncan_roe@optusnet.com.au> X-Mailer: git-send-email 2.35.8 In-Reply-To: <20241012230917.11467-1-duncan_roe@optusnet.com.au> References: <20241012230917.11467-1-duncan_roe@optusnet.com.au> Precedence: bulk X-Mailing-List: netfilter-devel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 __nfq_open_nfnl() manufactures a libmnl handle if called by nfq_open_nfnl(). Replace calls to nfnl_subsys_open() and nfnl_callback_register() with inline code. Signed-off-by: Duncan Roe --- Changes in v3: (none) Changes in v2: - Pretty much re-written as per updated commit message. In particular: - Don't clear message sequencing - original didn't do that. - Don't close the socket in any error path since it was open on entry. src/libnetfilter_queue.c | 56 ++++++++++++++++++++++++++++++++-------- 1 file changed, 45 insertions(+), 11 deletions(-) diff --git a/src/libnetfilter_queue.c b/src/libnetfilter_queue.c index f366198..bfb6482 100644 --- a/src/libnetfilter_queue.c +++ b/src/libnetfilter_queue.c @@ -484,33 +484,67 @@ static struct nfq_handle *__nfq_open_nfnl(struct nfnl_handle *nfnlh, }; struct nfq_handle *h; int err; + int i; + uint32_t new_subscriptions; h = qh ? qh : calloc(1, sizeof(*h)); if (!h) return NULL; + if (!qh) { + /* Manufacture the libmnl handle */ + h->nl = calloc(1, sizeof(*h->nl)); + if (!h->nl) + goto out_free; + h->nl->fd = nfnlh->fd; + h->nl->addr = nfnlh->local; + } h->nfnlh = nfnlh; - h->nfnlssh = nfnl_subsys_open(h->nfnlh, NFNL_SUBSYS_QUEUE, - NFQNL_MSG_MAX, 0); - if (!h->nfnlssh) { + /* Replace nfnl_subsys_open() with code adapted from libnfnetlink */ + h->nfnlssh = &h->nfnlh->subsys[NFNL_SUBSYS_QUEUE]; + if (h->nfnlssh->cb) { + errno = EBUSY; + goto out_free; + } + h->nfnlssh->cb = calloc(NFQNL_MSG_MAX, sizeof(*(h->nfnlssh->cb))); + if (!h->nfnlssh->cb) { /* FIXME: nfq_errno */ goto out_free; } + h->nfnlssh->nfnlh = h->nfnlh; + h->nfnlssh->cb_count = NFQNL_MSG_MAX; + h->nfnlssh->subsys_id = NFNL_SUBSYS_QUEUE; + + /* Replacement code for recalc_rebind_subscriptions() */ + new_subscriptions = nfnlh->subscriptions; + for (i = 0; i < NFNL_MAX_SUBSYS; i++) + new_subscriptions |= nfnlh->subsys[i].subscriptions; + nfnlh->local.nl_groups = new_subscriptions; + err = bind(nfnlh->fd, (struct sockaddr *)&nfnlh->local, + sizeof(nfnlh->local)); + if (err == -1) { + free(h->nfnlssh->cb); + h->nfnlssh->cb = NULL; + goto out_free; + } + h->nfnlssh->subscriptions = new_subscriptions; pkt_cb.data = h; - err = nfnl_callback_register(h->nfnlssh, NFQNL_MSG_PACKET, &pkt_cb); - if (err < 0) { - nfq_errno = err; - goto out_close; - } + /* Replacement code for nfnl_callback_register() + * The only error return from nfnl_callback_register() is not possible + * here: NFQNL_MSG_PACKET (= 0) will be less than h->nfnlssh->cb_count + * (set to NFQNL_MSG_MAX (= 4) a few lines back). + */ + memcpy(&h->nfnlssh->cb[NFQNL_MSG_PACKET], &pkt_cb, sizeof(pkt_cb)); return h; -out_close: - nfnl_subsys_close(h->nfnlssh); out_free: - if (!qh) + if (!qh) { + if (h->nl) + free(h->nl); free(h); + } return NULL; } From patchwork Sat Oct 12 23:09:05 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Duncan Roe X-Patchwork-Id: 1996463 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20230601 header.b=a/eOyzZu; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2604:1380:4601:e00::3; helo=am.mirrors.kernel.org; envelope-from=netfilter-devel+bounces-4403-incoming=patchwork.ozlabs.org@vger.kernel.org; receiver=patchwork.ozlabs.org) Received: from am.mirrors.kernel.org (am.mirrors.kernel.org [IPv6:2604:1380:4601:e00::3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4XQzjH4jG8z1xv6 for ; Sun, 13 Oct 2024 10:09:55 +1100 (AEDT) Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 6D72E1F21A85 for ; Sat, 12 Oct 2024 23:09:53 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id D47AD19B3EC; Sat, 12 Oct 2024 23:09:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="a/eOyzZu" X-Original-To: netfilter-devel@vger.kernel.org Received: from mail-pg1-f181.google.com (mail-pg1-f181.google.com [209.85.215.181]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D2C1A15530F for ; Sat, 12 Oct 2024 23:09:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.181 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774572; cv=none; b=PIcCsd9DjJsMqCiKtDXiHl1hk3o5d3zsCXj0IKSdD7YhrT+KsPccuDQfPyLBL+P3iwnS84ndmr33Xyz8sZsGUcQoUzabBy9VgdbnaGEhk4UywNqum0VAQOTZCVB31mFOPf0KTo6g/OHleVh9nMQLio8WIQTIz0fznY/aCSdCl6c= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774572; c=relaxed/simple; bh=AioASHeBlmIQr6AY5nq51U2iezKDejGoonz3t2+/iGc=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=d7edaj8pQidN99L8W+HNi4yO4f07dW3YWHAwaQ2jXnY5fQh3TMLsSP1cXnG6yamseY5oaAizJX0KJdltou6cxJA+gX2qs6sbKOeOiiw10VyzEnl3WQv2HsihoUQJlf8XcjYhJ34cs+zTqqCnaw+XfqxlCdqjb1oFL6IZ92XL21E= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=a/eOyzZu; arc=none smtp.client-ip=209.85.215.181 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-pg1-f181.google.com with SMTP id 41be03b00d2f7-7ea7d509e61so26897a12.1 for ; Sat, 12 Oct 2024 16:09:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728774570; x=1729379370; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:from:to:cc:subject:date :message-id:reply-to; bh=BjCWNMDkBJZWtuQwdPiKVrwMEgyoiPeAXrU3EzyhAVs=; b=a/eOyzZuBc9dYCGTnkIaiGiw0FwK/0TQfOaodxD3WbJem+22rTpKLbdprQBbFfMLsM kZGGLZXDjZKY/Q162amfZ3JcY9pTL2f2ufAawpESTVsrE7NvEsRpGtmA85UP1Jcl5O1K cS/x80O7udkX6Wjsjpl53OCe1CYep4yAvF/q5dL6zt0PjscZ0O2hhERB2IhjOK9cLHRz cd1MdcpyRBy3dBtPUlNDfPHj4KtNEVTUKy7Nk9Ng7A1lJKKDWArv5ZRjpfgrT1pG5ej2 Z+dhXBrW0rqGf3MF3BqfiTP8hZcyCWWSnEUganwAyJaYKhBzkyMAU0Qz8ESJejjQYTpt YeCg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728774570; x=1729379370; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=BjCWNMDkBJZWtuQwdPiKVrwMEgyoiPeAXrU3EzyhAVs=; b=raichUvOdWKsbFiG+3BI/kb7/11Ow0Y4tM8DqlhpD864TX6MvvTAhO2R4idaEmHiVU 21IKYcySqkE4baZqNxDOqKKB/imrCkS1fI+L+5EzGmIcPhJg/8HZ0UTkot+uVCNAiFhD iLQ9EnETmvzWIKveEpTqVKKoLN90SXblE5HtsKm+chxy048RvDsn3Qn9i25PaBNUVrmw CGYpJo+9dC9k3L/+tVLNxar3Ngx8x+v3RBS48pL8wU1n5WaH1XSzrFauj8mOTQm+za4+ EDPovH2lFBm3iOiRumN1YDZbtd++yEnPojqaGLlAfKDF0bGF18wIheTEWHoPV6I0Z46e aTPg== X-Gm-Message-State: AOJu0YxhJkhwskoLPA2VfLvSA4ytBAZHGmRMpNVBONg53wOfh5+rqJu7 dIBzMt1CsAXf43WbcR1tDiu0vKlrhUk6LKHx4XnXjD4cPDY/6yOxQMtCgw== X-Google-Smtp-Source: AGHT+IHqiuEh/XUNaqnoxGLppFIyMmN3NSkXRfknkQ+JnCzQSndhO+spHhZOdgIO0jhl/kLalQiTqg== X-Received: by 2002:a05:6a21:e8b:b0:1cf:359b:1a3e with SMTP id adf61e73a8af0-1d8bcfaa393mr10251972637.32.1728774570143; Sat, 12 Oct 2024 16:09:30 -0700 (PDT) Received: from slk15.local.net (n175-33-111-144.meb22.vic.optusnet.com.au. [175.33.111.144]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-71e2aab5bf9sm4854195b3a.145.2024.10.12.16.09.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Oct 2024 16:09:28 -0700 (PDT) Sender: Duncan Roe From: Duncan Roe To: pablo@netfilter.org Cc: netfilter-devel@vger.kernel.org Subject: [PATCH libnetfilter_queue v3 03/15] src: Convert nfq_close() to use libmnl Date: Sun, 13 Oct 2024 10:09:05 +1100 Message-Id: <20241012230917.11467-4-duncan_roe@optusnet.com.au> X-Mailer: git-send-email 2.35.8 In-Reply-To: <20241012230917.11467-1-duncan_roe@optusnet.com.au> References: <20241012230917.11467-1-duncan_roe@optusnet.com.au> Precedence: bulk X-Mailing-List: netfilter-devel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Use mnl_close() and clean up the NFNL_SUBSYS_QUEUE subsystem as nfnl_close() would have done Signed-off-by: Duncan Roe --- Changes in v3: manually merge f05b188f8b4c patch Changes in v2: - Propogate return from mnl_socket_close() - Don't free callbacks in the qh_list since nfq_close() didn't (reported as a bug) - Do a complete emulation of nfnl_close() - Add explanatory comments src/libnetfilter_queue.c | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/src/libnetfilter_queue.c b/src/libnetfilter_queue.c index b3d1835..8698431 100644 --- a/src/libnetfilter_queue.c +++ b/src/libnetfilter_queue.c @@ -577,6 +577,7 @@ EXPORT_SYMBOL int nfq_close(struct nfq_handle *h) { int ret; + int i; struct nfq_q_handle *qh; while (h->qh_list) { @@ -584,7 +585,29 @@ int nfq_close(struct nfq_handle *h) h->qh_list = qh->next; free(qh); } - ret = nfnl_close(h->nfnlh); + + ret = mnl_socket_close(h->nl); + h->nl = NULL; /* mnl_socket_close() always frees it */ + + /* Replacement code for nfnl_close(). + * It seems unlikely that we need to go through all 16 subsystems + * instead of only subsys[NFNL_SUBSYS_QUEUE] which h->nfnlssh + * conveniently points to, but better safe than sorry. + */ + for (i = 0; i < NFNL_MAX_SUBSYS; i++) { + h->nfnlh->subsys[i].subscriptions = 0; + h->nfnlh->subsys[i].cb_count = 0; + if (h->nfnlh->subsys[i].cb) { + free(h->nfnlh->subsys[i].cb); + h->nfnlh->subsys[i].cb = NULL; + } + } + if (ret == 0) + free(h->nfnlh); + + /* nfnl_close() didn't free nfnlh if close() returned an error. + * Presumably that's why nfq_close() doesn't free h in that case. + */ if (ret == 0) free(h); return ret; From patchwork Sat Oct 12 23:09:06 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Duncan Roe X-Patchwork-Id: 1996464 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20230601 header.b=MihGl3Zc; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2604:1380:4601:e00::3; helo=am.mirrors.kernel.org; envelope-from=netfilter-devel+bounces-4404-incoming=patchwork.ozlabs.org@vger.kernel.org; receiver=patchwork.ozlabs.org) Received: from am.mirrors.kernel.org (am.mirrors.kernel.org [IPv6:2604:1380:4601:e00::3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4XQzjK5BSxz1xv6 for ; Sun, 13 Oct 2024 10:09:57 +1100 (AEDT) Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 586BF1F20631 for ; Sat, 12 Oct 2024 23:09:55 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id D848919B5B5; Sat, 12 Oct 2024 23:09:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="MihGl3Zc" X-Original-To: netfilter-devel@vger.kernel.org Received: from mail-pg1-f179.google.com (mail-pg1-f179.google.com [209.85.215.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 070FF15530F for ; Sat, 12 Oct 2024 23:09:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.179 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774574; cv=none; b=iIKgeYnrbgaW9wmYIxBmoXzvTRBF+5mIqywQKn+aSvDsVhcGVbaEMpR0bD4HDRmB11SAChmk/o145gA2JpBg1u0zQDZlnOLkIl6s5jcCLP31us683Hgo2X36qSgeJCk91repKDyJjU67+75Mf+97WqyPg7mwpyWuzNfeATM4KZo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774574; c=relaxed/simple; bh=J+7VcLdXp5/DS88Ion8LOz0cSK/u6e3P3Dh2scq0UqM=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=iKEOqPZcTcmHJG3Q1GEUG+ONFo7l8kRPKMvCo39rBoTWVZEUwh4BtHRVrlZdnTFpft5o+uoBQ273IxA7Bz+Iqf0EqT0n7gtvyLbHj8YIeI0rKWN/T0LxoVgCJ6FeRrHi9zSHl1Tqf54mBTyezCsj6UfSPrTB53Ao4SxCKdBjM3w= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=MihGl3Zc; arc=none smtp.client-ip=209.85.215.179 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-pg1-f179.google.com with SMTP id 41be03b00d2f7-7ea6a4f287bso577850a12.3 for ; Sat, 12 Oct 2024 16:09:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728774572; x=1729379372; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:from:to:cc:subject:date :message-id:reply-to; bh=jw4EFRae7Les8LbFrziAwH/AwSSmWFfwkyisug8XZY8=; b=MihGl3ZciuYwUMIABsCY8gbcK8azcxv35DJ10yrBd7jxlnQIFQDf5LxMqJfAla1yD+ ayxlYBE9ElvKN4+yvhzU7JWWe6NzEGaQpGoeL7DDbPyBpjUGu6QFuZGrplTbDtyo2nCR Y7Ckg5S74e1o3Al1Zg+oJTR9e3SyVUQ6Fda+crUd3SjwvIgRGGNAYSeXSkKSGk2zjYIP TbTlVtMUfzeKiT4pW+oxjesspqYBYP1+C5HiWHaAdRb4RjIT/BCrGjCp7QrE2l6g87rx q2ybGNTmQi+0LY4VbBi8hKj+tILhPbOSI5F91hnNO68cUuM5iMUwMSG8Ly+2MdSBmcjR w5DA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728774572; x=1729379372; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=jw4EFRae7Les8LbFrziAwH/AwSSmWFfwkyisug8XZY8=; b=eVhuhVbAAhQdIKdH5yEDAIQFKq+wTPbHYekgUEeShJmbVSkA/EUW/U0JhTlKApCmQV iUJ4gW+GneQT6ZFXlZlSZTqqVyTl8xWAld3rPnxgn2tyKlVXae7cFYIibJ08oAPm/sZp t/kwI5ss9JF4G+Pf6xPHUHYCe+aBNyK0Ys3a/bYmeJwOn8bhzgh+R45tA7HPH2pdlXJ8 vwvfrGhX/v3huK6YadC16HK+FGDpIJhDMse9SOnXFuQG1aazUQ6ygDhbd4dKO0ME3kYQ 2RUbc4f9OKHIsgLJi/uuJLrArzvIbhRkS53lFH14Z58SXWmmZJmsyG4fWjLSx2FySOQw M3mg== X-Gm-Message-State: AOJu0YwpiZQZT1egvhmirGTdOyZPklh2VVljzST2XWaB8N9ta26nSn47 g+73ZhvWjATiLz8R9IVoVR+hfOWeMci1px9XsJ9Bq5ZSETiWIxsI1l9xKQ== X-Google-Smtp-Source: AGHT+IGkn3zbfJrbfMaTiVjkc+blSsw8iRqPaj3Phg7sekedYOF/4iyIE9WH76MFj2Xho0AYZx4oaw== X-Received: by 2002:a05:6a21:31c8:b0:1d8:ae90:c651 with SMTP id adf61e73a8af0-1d8c96c4746mr5760538637.47.1728774572291; Sat, 12 Oct 2024 16:09:32 -0700 (PDT) Received: from slk15.local.net (n175-33-111-144.meb22.vic.optusnet.com.au. [175.33.111.144]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-71e2aab5bf9sm4854195b3a.145.2024.10.12.16.09.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Oct 2024 16:09:31 -0700 (PDT) Sender: Duncan Roe From: Duncan Roe To: pablo@netfilter.org Cc: netfilter-devel@vger.kernel.org Subject: [PATCH libnetfilter_queue v3 04/15] src: Convert nfq_create_queue(), nfq_bind_pf() & nfq_unbind_pf() to use libmnl Date: Sun, 13 Oct 2024 10:09:06 +1100 Message-Id: <20241012230917.11467-5-duncan_roe@optusnet.com.au> X-Mailer: git-send-email 2.35.8 In-Reply-To: <20241012230917.11467-1-duncan_roe@optusnet.com.au> References: <20241012230917.11467-1-duncan_roe@optusnet.com.au> Precedence: bulk X-Mailing-List: netfilter-devel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Convert static function __build_send_cfg_msg() to use libmnl. This by itself converts the 3 public functions. Signed-off-by: Duncan Roe --- Changes in v3: (none) Changes in v2: - Rename nfq_query to __nfq_query so as not to pollute Posix namespace - rebase to account for updated patches 1 - 3 src/libnetfilter_queue.c | 32 +++++++++++++++++++------------- 1 file changed, 19 insertions(+), 13 deletions(-) diff --git a/src/libnetfilter_queue.c b/src/libnetfilter_queue.c index 0483780..b64f14a 100644 --- a/src/libnetfilter_queue.c +++ b/src/libnetfilter_queue.c @@ -230,27 +230,33 @@ static struct nfq_q_handle *find_qh(struct nfq_handle *h, uint16_t id) return NULL; } +static int __nfq_query(struct nfq_handle *h, struct nlmsghdr *nlh, char *buf, + size_t bufsiz) +{ + int ret; + + ret = mnl_socket_sendto(h->nl, nlh, nlh->nlmsg_len); + if (ret != -1) + ret = mnl_socket_recvfrom(h->nl, buf, bufsiz); + if (ret != -1) + ret = mnl_cb_run(buf, ret, 0, mnl_socket_get_portid(h->nl), + NULL, NULL); + return ret; +} + /* build a NFQNL_MSG_CONFIG message */ static int __build_send_cfg_msg(struct nfq_handle *h, uint8_t command, uint16_t queuenum, uint16_t pf) { - union { - char buf[NFNL_HEADER_LEN - +NFA_LENGTH(sizeof(struct nfqnl_msg_config_cmd))]; - struct nlmsghdr nmh; - } u; - struct nfqnl_msg_config_cmd cmd; + char buf[MNL_SOCKET_BUFFER_SIZE]; + struct nlmsghdr *nlh; - nfnl_fill_hdr(h->nfnlssh, &u.nmh, 0, AF_UNSPEC, queuenum, - NFQNL_MSG_CONFIG, NLM_F_REQUEST|NLM_F_ACK); + nlh = nfq_nlmsg_put2(buf, NFQNL_MSG_CONFIG, queuenum, NLM_F_ACK); - cmd._pad = 0; - cmd.command = command; - cmd.pf = htons(pf); - nfnl_addattr_l(&u.nmh, sizeof(u), NFQA_CFG_CMD, &cmd, sizeof(cmd)); + nfq_nlmsg_cfg_put_cmd(nlh, AF_UNSPEC, command); - return nfnl_query(h->nfnlh, &u.nmh); + return __nfq_query(h, nlh, buf, sizeof(buf)); } static int __nfq_rcv_pkt(struct nlmsghdr *nlh, struct nfattr *nfa[], From patchwork Sat Oct 12 23:09:07 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Duncan Roe X-Patchwork-Id: 1996465 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20230601 header.b=Hjs3F7RZ; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=147.75.48.161; helo=sy.mirrors.kernel.org; envelope-from=netfilter-devel+bounces-4405-incoming=patchwork.ozlabs.org@vger.kernel.org; receiver=patchwork.ozlabs.org) Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org [147.75.48.161]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4XQzjL59SCz1xvm for ; Sun, 13 Oct 2024 10:09:58 +1100 (AEDT) Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 84921B21F4E for ; Sat, 12 Oct 2024 23:09:57 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 4480019CC3C; Sat, 12 Oct 2024 23:09:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="Hjs3F7RZ" X-Original-To: netfilter-devel@vger.kernel.org Received: from mail-pf1-f169.google.com (mail-pf1-f169.google.com [209.85.210.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5807A15530F for ; Sat, 12 Oct 2024 23:09:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.169 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774576; cv=none; b=caoJi3k+UZjAacePtYLe1FC6z+n9TGhuzTBRNbDn/IFW2+4kVpBWzUkcg3u8uq7whdbxjnlitRnOPI67e8gN9wkLMgojaUOGuXVZ5YOfbCOZETSbIm5AyLsY10rvBMeZtfNdVxMcNxIBQQDVrgnejuQNxnBd8Lf0fSOtD2Kjlr0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774576; c=relaxed/simple; bh=b1fhhiBGYzl4CF3GNP86oQExrichJEQTmn+2CjODYz0=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=sqs0Ka3ZiDbmN/MI2sF+EdimzIH/nHmD+jsiLy0363NhHpUnJ+XUuBdfr6Rq2dHV0Qu/zbCS8CLF2bRHq1q5uAE+ayR3p418mhYU9pS+C/H1Yr/Dh8bgSMMuvGiiB0EgUP6WOhusYqH6o1B2wFBu2988JiFQAKIg2s27CacEVnQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=Hjs3F7RZ; arc=none smtp.client-ip=209.85.210.169 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-pf1-f169.google.com with SMTP id d2e1a72fcca58-71e053cf1f3so2874211b3a.2 for ; Sat, 12 Oct 2024 16:09:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728774575; x=1729379375; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:from:to:cc:subject:date :message-id:reply-to; bh=mfsnGPl4SLLCVoELpc7h4Ldtukm4MyYpcyZZE2WAyYk=; b=Hjs3F7RZrKy129UDhUFxIc6GVDF6sVA6gNN5JJVE0IPMKPTSHkK0lY0pXyOGh2SBvm 08Uc6uiglXXiIqCkxGFbYdRt6YZvyiM6soQ9cm0LYYGFSviUcSp2LIomt8mmIOgTewVq OczfxEoyGzBg+/SQ6dcL5MVIBG4EpCfTzOQUzsvbquuGbj1FqYAwkk1pMZHBoQ6GY1ed aIXCxgZ1EjNcS7H1aZUIzX8ZcpOuxNl2WGSplCtDgw3SQ1+MCqjfMqQ4NnkG1nptJHPN LsG8hmsthwJoYfC3hPJS0OxzLIiakR4MdgNRVHw9joJBPdrceS07DZcindMR4/gYIcqD JlZw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728774575; x=1729379375; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=mfsnGPl4SLLCVoELpc7h4Ldtukm4MyYpcyZZE2WAyYk=; b=ka/KoXnoZXP2OnfuQ+sqPOBMkWAVaikcQUNKpPF6TaY4lNumPd2ij1SHZkC14Jr6vI JpCqE+PcQEta3bpjG3+KpumogkYKpjZiFN5JZi4fspXkWweqxrbTmgtc37t7RASv7xm3 MfX/LruvpsIBZ29si57xtHuuzUBFKs4n1kzOKJAB02bokquX59cjlyoKRhE79qAHaaLy P7oLbXEMbDnLpsxT52znclb1nPcVdtJkrKX2MuOt7/LBEEEcTB2H/5N/62WeEkEv3HF1 f/XL9WoJCZEiV7eWrKG0hX80O10hgtD8sV0mRF/kYRHhbyosUH4KVwrAyndT8RYCCZI/ QkVQ== X-Gm-Message-State: AOJu0YzQSZOzN5Tl6XCrO2GKlBey9iPiFHkLK0+FifTjH2ffHWHN0xV/ 3Efwk/BPN/Apkm+i9MPbJZWoICdt6OiNNWCT1bGwWL22q9sr0RhYehQxlQ== X-Google-Smtp-Source: AGHT+IGfkdcsgqOecEpoktOAcPealnTdWpytZvafZkR06Z2QYCC2UpkbP7HxPJbTlPk0BQ0teHU9og== X-Received: by 2002:a05:6a00:b4b:b0:71e:5e04:be9b with SMTP id d2e1a72fcca58-71e5e04bfc0mr292523b3a.12.1728774574578; Sat, 12 Oct 2024 16:09:34 -0700 (PDT) Received: from slk15.local.net (n175-33-111-144.meb22.vic.optusnet.com.au. [175.33.111.144]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-71e2aab5bf9sm4854195b3a.145.2024.10.12.16.09.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Oct 2024 16:09:33 -0700 (PDT) Sender: Duncan Roe From: Duncan Roe To: pablo@netfilter.org Cc: netfilter-devel@vger.kernel.org Subject: [PATCH libnetfilter_queue v3 05/15] src: Convert nfq_set_queue_flags(), nfq_set_queue_maxlen() & nfq_set_mode() to use libmnl Date: Sun, 13 Oct 2024 10:09:07 +1100 Message-Id: <20241012230917.11467-6-duncan_roe@optusnet.com.au> X-Mailer: git-send-email 2.35.8 In-Reply-To: <20241012230917.11467-1-duncan_roe@optusnet.com.au> References: <20241012230917.11467-1-duncan_roe@optusnet.com.au> Precedence: bulk X-Mailing-List: netfilter-devel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Use a buffer of MNL_SOCKET_BUFFER_SIZE; no union required. Signed-off-by: Duncan Roe --- Changes in v3: rebased Changes in v2: - Rename nfq_query to __nfq_query so as not to pollute Posix namespace - Also convert nfq_set_mode() here because of using the same strategy - rebase to account for updated patches 1 - 3 src/libnetfilter_queue.c | 58 ++++++++++++++++------------------------ 1 file changed, 23 insertions(+), 35 deletions(-) diff --git a/src/libnetfilter_queue.c b/src/libnetfilter_queue.c index b64f14a..0ef3bd3 100644 --- a/src/libnetfilter_queue.c +++ b/src/libnetfilter_queue.c @@ -789,22 +789,21 @@ int nfq_handle_packet(struct nfq_handle *h, char *buf, int len) EXPORT_SYMBOL int nfq_set_mode(struct nfq_q_handle *qh, uint8_t mode, uint32_t range) { - union { - char buf[NFNL_HEADER_LEN - +NFA_LENGTH(sizeof(struct nfqnl_msg_config_params))]; - struct nlmsghdr nmh; - } u; - struct nfqnl_msg_config_params params; + char buf[MNL_SOCKET_BUFFER_SIZE]; + struct nlmsghdr *nlh; + int ret; - nfnl_fill_hdr(qh->h->nfnlssh, &u.nmh, 0, AF_UNSPEC, qh->id, - NFQNL_MSG_CONFIG, NLM_F_REQUEST|NLM_F_ACK); + nlh = nfq_nlmsg_put2(buf, NFQNL_MSG_CONFIG, qh->id, NLM_F_ACK); - params.copy_range = htonl(range); - params.copy_mode = mode; - nfnl_addattr_l(&u.nmh, sizeof(u), NFQA_CFG_PARAMS, ¶ms, - sizeof(params)); + nfq_nlmsg_cfg_put_params(nlh, mode, range); - return nfnl_query(qh->h->nfnlh, &u.nmh); + ret = mnl_socket_sendto(qh->h->nl, nlh, nlh->nlmsg_len); + if (ret != -1) + ret = mnl_socket_recvfrom(qh->h->nl, buf, sizeof(buf)); + if (ret != -1) + ret = mnl_cb_run(buf, ret, 0, mnl_socket_get_portid(qh->h->nl), + NULL, NULL); + return ret; } /** @@ -878,23 +877,18 @@ int nfq_set_mode(struct nfq_q_handle *qh, uint8_t mode, uint32_t range) EXPORT_SYMBOL int nfq_set_queue_flags(struct nfq_q_handle *qh, uint32_t mask, uint32_t flags) { - union { - char buf[NFNL_HEADER_LEN - +NFA_LENGTH(sizeof(mask) - +NFA_LENGTH(sizeof(flags)))]; - struct nlmsghdr nmh; - } u; + char buf[MNL_SOCKET_BUFFER_SIZE]; + struct nlmsghdr *nlh; mask = htonl(mask); flags = htonl(flags); - nfnl_fill_hdr(qh->h->nfnlssh, &u.nmh, 0, AF_UNSPEC, qh->id, - NFQNL_MSG_CONFIG, NLM_F_REQUEST|NLM_F_ACK); + nlh = nfq_nlmsg_put2(buf, NFQNL_MSG_CONFIG, qh->id, NLM_F_ACK); - nfnl_addattr32(&u.nmh, sizeof(u), NFQA_CFG_FLAGS, flags); - nfnl_addattr32(&u.nmh, sizeof(u), NFQA_CFG_MASK, mask); + mnl_attr_put_u32(nlh, NFQA_CFG_FLAGS, flags); + mnl_attr_put_u32(nlh, NFQA_CFG_MASK, mask); - return nfnl_query(qh->h->nfnlh, &u.nmh); + return __nfq_query(qh->h, nlh, buf, sizeof(buf)); } /** @@ -911,20 +905,14 @@ int nfq_set_queue_flags(struct nfq_q_handle *qh, uint32_t mask, uint32_t flags) EXPORT_SYMBOL int nfq_set_queue_maxlen(struct nfq_q_handle *qh, uint32_t queuelen) { - union { - char buf[NFNL_HEADER_LEN - +NFA_LENGTH(sizeof(struct nfqnl_msg_config_params))]; - struct nlmsghdr nmh; - } u; - uint32_t queue_maxlen = htonl(queuelen); + char buf[MNL_SOCKET_BUFFER_SIZE]; + struct nlmsghdr *nlh; - nfnl_fill_hdr(qh->h->nfnlssh, &u.nmh, 0, AF_UNSPEC, qh->id, - NFQNL_MSG_CONFIG, NLM_F_REQUEST|NLM_F_ACK); + nlh = nfq_nlmsg_put2(buf, NFQNL_MSG_CONFIG, qh->id, NLM_F_ACK); - nfnl_addattr_l(&u.nmh, sizeof(u), NFQA_CFG_QUEUE_MAXLEN, &queue_maxlen, - sizeof(queue_maxlen)); + mnl_attr_put_u32(nlh, NFQA_CFG_QUEUE_MAXLEN, htonl(queuelen)); - return nfnl_query(qh->h->nfnlh, &u.nmh); + return __nfq_query(qh->h, nlh, buf, sizeof(buf)); } /** From patchwork Sat Oct 12 23:09:08 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Duncan Roe X-Patchwork-Id: 1996466 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20230601 header.b=COTy0Q8P; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=139.178.88.99; helo=sv.mirrors.kernel.org; envelope-from=netfilter-devel+bounces-4406-incoming=patchwork.ozlabs.org@vger.kernel.org; receiver=patchwork.ozlabs.org) Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org [139.178.88.99]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4XQzjQ0vJsz1xv6 for ; Sun, 13 Oct 2024 10:10:02 +1100 (AEDT) Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id A1D54282A77 for ; Sat, 12 Oct 2024 23:10:00 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 0A4B519D067; Sat, 12 Oct 2024 23:09:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="COTy0Q8P" X-Original-To: netfilter-devel@vger.kernel.org Received: from mail-pf1-f177.google.com (mail-pf1-f177.google.com [209.85.210.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C399915530F for ; Sat, 12 Oct 2024 23:09:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.177 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774579; cv=none; b=HtRicjJvYiyXndRLpEf9HFI4aAl3I5gJ9X2OnKHl1kNZL/p3T7yBgw34PFw1trEDBdDp+be75Pnt49c1q9U0JYb+k6HzYcOyebHouwc44uKMA/FoLn5TVX+MTNmoHhQUl5aMsgi067G1mABhM40McxOUHjHKfB7DwTHFiW8II74= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774579; c=relaxed/simple; bh=Vqgx2359CItaGZs+PO52Ftgqjk0u1KL54LJH8N/jDAQ=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=E3c9eSRapXoHjYqNliu9Gl6t3S/GHPCWiaLAon83SvAG2zrHfIKDqUBGN77/lpwzfhOND090m0EN20f2CX63Ed0wf0hoJbSkS6qAhEjnpKJ1ulHbMFB8LjQGdZO4LCyjvILd+tzawC8zn/axo6QRPjdFlo4uwe2uGbJ54+SwqkI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=COTy0Q8P; arc=none smtp.client-ip=209.85.210.177 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-pf1-f177.google.com with SMTP id d2e1a72fcca58-71e5ae69880so155891b3a.2 for ; Sat, 12 Oct 2024 16:09:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728774577; x=1729379377; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:from:to:cc:subject:date :message-id:reply-to; bh=NE50aRDeE21puYla3y9hkCqQqzi9pRq7xNtXkJ7i6Wc=; b=COTy0Q8PNxDamk76ZeuSFKBadFohWj+RAm3/bcPKSImRkYaeGNyS3Md35Tep75jnw9 oAqTIiGQYmHSG8HQDActso/IDCNsL6xh9mylHtcXzgg41gEEsxlqKrnZ0exMmIeRN6f+ r20mgmcYWnnnNlRVUEqGPLUo5OfMvPt5oIh71XnhZK2hCPgpX8mLWp+DEuYfFX/41nXf IkC7l/mOzRKcQ5Qp5+hwuo2UjhtIROM3I4JFu0jYm3D3wsM8jmpml3leeZIFac3iRufG nzHdbiPAPq7HlizDiz8YAmXJu8h3u1cm7esOg4eCj7S44vJ15RxBo42Y6Vd1jegdat6d HKUA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728774577; x=1729379377; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=NE50aRDeE21puYla3y9hkCqQqzi9pRq7xNtXkJ7i6Wc=; b=w9wW+yZrFTat+4bWvWO20fbumv3RhBwPdcPmVRYtXmBbVt4TrRgUvYd3+o3I3dtCbG RNhywMhO8OVtGFmY+Ymbrun4Yll/2tupfJso2CPQS+fxUApteIqr+TLJjIQsAQ2VGJbT lybwbU1CeWEFitJA1hRgi8rV+9ioiYfkmaew9GLSRoePW1ppvYuAHu5M0SVmaEmvMyRa sS0LvPIPhcXluC+zX/9K/f+mPDGTDe01YlNzw/yijRRpiHbmglvH7rawvbNJuNSHvrhW q0mLii/e1YbqezNlRXhxoxnIoUWYXrXoF+XEWntND1xLSO4eGhkybOR3gMc0Y8V5IKG3 QFYw== X-Gm-Message-State: AOJu0YzOr1VyfpTgiDwtcVe5qXEHw/UkKeiWNa60dTcGyQ87qXIz1Q2E GuTpUk+owlmfWoSro/jhc5nX/7rqv+9kCvKYUX01tnFWAzB0bl2OQTf3oQ== X-Google-Smtp-Source: AGHT+IGAAYaP4qRIymho+aGGebgtAlgC+5H+3f93M9RFUenBKAt18IX0kKJEzU+C7fdvC7gsVJd16Q== X-Received: by 2002:a05:6a00:1818:b0:717:87af:fca0 with SMTP id d2e1a72fcca58-71e37c542cbmr13222711b3a.0.1728774576835; Sat, 12 Oct 2024 16:09:36 -0700 (PDT) Received: from slk15.local.net (n175-33-111-144.meb22.vic.optusnet.com.au. [175.33.111.144]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-71e2aab5bf9sm4854195b3a.145.2024.10.12.16.09.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Oct 2024 16:09:36 -0700 (PDT) Sender: Duncan Roe From: Duncan Roe To: pablo@netfilter.org Cc: netfilter-devel@vger.kernel.org Subject: [PATCH libnetfilter_queue v3 06/15] src: Convert nfq_handle_packet(), nfq_get_secctx(), nfq_get_payload() and all the nfq_get_ functions to use libmnl Date: Sun, 13 Oct 2024 10:09:08 +1100 Message-Id: <20241012230917.11467-7-duncan_roe@optusnet.com.au> X-Mailer: git-send-email 2.35.8 In-Reply-To: <20241012230917.11467-1-duncan_roe@optusnet.com.au> References: <20241012230917.11467-1-duncan_roe@optusnet.com.au> Precedence: bulk X-Mailing-List: netfilter-devel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 The opaque struct nfq_data is now an array of struct nlattr instead of struct nfattr. Because of using mnl_attr_parse(), the first array element is for attribute 0 instead of attribute 1 as previously. Because of this, all the nfq_get_ functions have to be converted for this commit. Functions now using libmnl exclusively: nfq_get_msg_packet_hdr(), nfq_get_nfmark(), nfq_get_timestamp(), nfq_get_indev(), nfq_get_physindev(), nfq_get_outdev(), nfq_get_physoutdev(), nfqnl_msg_packet_hw(), nfq_get_uid() & nfq_get_gid(). Signed-off-by: Duncan Roe --- Changes in v3: - rebased - Don't include a kernel header (don't need it anyway) Changes in v2: - Fix spelling error in commit message - Fix checkpatch warning re space before __nfq_handle_msg declaration - rebase to account for updated patches doxygen/doxygen.cfg.in | 1 + src/libnetfilter_queue.c | 124 ++++++++++++++++++++++++++++----------- 2 files changed, 92 insertions(+), 33 deletions(-) diff --git a/doxygen/doxygen.cfg.in b/doxygen/doxygen.cfg.in index 6dd7017..fcfc045 100644 --- a/doxygen/doxygen.cfg.in +++ b/doxygen/doxygen.cfg.in @@ -16,6 +16,7 @@ EXCLUDE_SYMBOLS = EXPORT_SYMBOL \ nfnl_handle \ nfnl_subsys_handle \ mnl_socket \ + nfnl_callback2 \ tcp_flag_word EXAMPLE_PATTERNS = INPUT_FILTER = "sed 's/EXPORT_SYMBOL//g'" diff --git a/src/libnetfilter_queue.c b/src/libnetfilter_queue.c index 0ef3bd3..6500fec 100644 --- a/src/libnetfilter_queue.c +++ b/src/libnetfilter_queue.c @@ -144,7 +151,7 @@ struct nfnl_subsys_handle { uint32_t subscriptions; uint8_t subsys_id; uint8_t cb_count; - struct nfnl_callback *cb; /* array of callbacks */ + struct nfnl_callback2 *cb; /* array of callbacks with struct nlattr* */ }; struct nfnl_handle { @@ -166,6 +173,13 @@ struct mnl_socket { struct sockaddr_nl addr; }; +/* Amended callback prototype */ +struct nfnl_callback2 { + int (*call)(struct nlmsghdr *nlh, struct nlattr *nfa[], void *data); + void *data; + uint16_t attr_count; +}; + struct nfq_handle { struct nfnl_handle *nfnlh; @@ -185,7 +199,7 @@ struct nfq_q_handle }; struct nfq_data { - struct nfattr **data; + struct nlattr **data; }; EXPORT_SYMBOL int nfq_errno; @@ -259,7 +273,7 @@ __build_send_cfg_msg(struct nfq_handle *h, uint8_t command, return __nfq_query(h, nlh, buf, sizeof(buf)); } -static int __nfq_rcv_pkt(struct nlmsghdr *nlh, struct nfattr *nfa[], +static int __nfq_rcv_pkt(struct nlmsghdr *nlh, struct nlattr *nfa[], void *data) { struct nfgenmsg *nfmsg = NLMSG_DATA(nlh); @@ -484,7 +498,7 @@ struct nfq_handle *nfq_open_nfnl(struct nfnl_handle *nfnlh) static struct nfq_handle *__nfq_open_nfnl(struct nfnl_handle *nfnlh, struct nfq_handle *qh) { - struct nfnl_callback pkt_cb = { + struct nfnl_callback2 pkt_cb = { .call = __nfq_rcv_pkt, .attr_count = NFQA_MAX, }; @@ -657,6 +671,25 @@ int nfq_unbind_pf(struct nfq_handle *h, uint16_t pf) * @} */ +static int __nfq_handle_msg(const struct nlmsghdr *nlh, void *data) +{ + struct nfq_handle *h = data; + struct nfq_q_handle *qh; + struct nlattr *nfa[NFQA_MAX + 1] = {}; + struct nfq_data nfad = {nfa}; + struct nfgenmsg *nfmsg = NLMSG_DATA(nlh); + + if (nfq_nlmsg_parse(nlh, nfa) < 0) + return MNL_CB_ERROR; + + /* Find our queue handler (to get CB fn) */ + qh = find_qh(h, ntohs(nfmsg->res_id)); + if (!qh) + return MNL_CB_ERROR; + + return qh->cb(qh, nfmsg, &nfad, qh->data); +} + /** * \addtogroup Queue * @{ @@ -768,7 +801,8 @@ int nfq_destroy_queue(struct nfq_q_handle *qh) EXPORT_SYMBOL int nfq_handle_packet(struct nfq_handle *h, char *buf, int len) { - return nfnl_handle_packet(h->nfnlh, buf, len); + return mnl_cb_run(buf, len, 0, mnl_socket_get_portid(h->nl), + __nfq_handle_msg, h); } /** @@ -937,7 +971,7 @@ static int __set_verdict(struct nfq_q_handle *qh, uint32_t id, /* This must be declared here (and not inside the data * handling block) because the iovec points to this. */ - struct nfattr data_attr; + struct nlattr data_attr; memset(iov, 0, sizeof(iov)); @@ -958,15 +992,17 @@ static int __set_verdict(struct nfq_q_handle *qh, uint32_t id, nvecs = 1; if (data_len) { - /* The typecast here is to cast away data's const-ness: */ - nfnl_build_nfa_iovec(&iov[1], &data_attr, NFQA_PAYLOAD, - data_len, (unsigned char *) data); + /* Temporary cast until we get rid of nfnl_build_nfa_iovec() */ + nfnl_build_nfa_iovec(&iov[1], (struct nfattr *)&data_attr, + //nfnl_build_nfa_iovec(&iov[1], &data_attr, + NFQA_PAYLOAD, data_len, + (unsigned char *) data); nvecs += 2; /* Add the length of the appended data to the message * header. The size of the attribute is given in the - * nfa_len field and is set in the nfnl_build_nfa_iovec() + * nla_len field and is set in the nfnl_build_nfa_iovec() * function. */ - u.nmh.nlmsg_len += data_attr.nfa_len; + u.nmh.nlmsg_len += data_attr.nla_len; } return nfnl_sendiov(qh->h->nfnlh, iov, nvecs, 0); @@ -1130,8 +1166,10 @@ int nfq_set_verdict_mark(struct nfq_q_handle *qh, uint32_t id, EXPORT_SYMBOL struct nfqnl_msg_packet_hdr *nfq_get_msg_packet_hdr(struct nfq_data *nfad) { - return nfnl_get_pointer_to_data(nfad->data, NFQA_PACKET_HDR, - struct nfqnl_msg_packet_hdr); + if (!nfad->data[NFQA_PACKET_HDR]) + return NULL; + + return mnl_attr_get_payload(nfad->data[NFQA_PACKET_HDR]); } /** @@ -1143,6 +1181,10 @@ struct nfqnl_msg_packet_hdr *nfq_get_msg_packet_hdr(struct nfq_data *nfad) EXPORT_SYMBOL uint32_t nfq_get_nfmark(struct nfq_data *nfad) { + if (!nfad->data[NFQA_MARK]) + return 0; + + return ntohl(mnl_attr_get_u32(nfad->data[NFQA_MARK])); return ntohl(nfnl_get_data(nfad->data, NFQA_MARK, uint32_t)); } @@ -1159,11 +1201,12 @@ EXPORT_SYMBOL int nfq_get_timestamp(struct nfq_data *nfad, struct timeval *tv) { struct nfqnl_msg_packet_timestamp *qpt; - qpt = nfnl_get_pointer_to_data(nfad->data, NFQA_TIMESTAMP, - struct nfqnl_msg_packet_timestamp); - if (!qpt) + + if (!nfad->data[NFQA_TIMESTAMP]) return -1; + qpt = mnl_attr_get_payload(nfad->data[NFQA_TIMESTAMP]); + tv->tv_sec = __be64_to_cpu(qpt->sec); tv->tv_usec = __be64_to_cpu(qpt->usec); @@ -1184,7 +1227,10 @@ int nfq_get_timestamp(struct nfq_data *nfad, struct timeval *tv) EXPORT_SYMBOL uint32_t nfq_get_indev(struct nfq_data *nfad) { - return ntohl(nfnl_get_data(nfad->data, NFQA_IFINDEX_INDEV, uint32_t)); + if (!nfad->data[NFQA_IFINDEX_INDEV]) + return 0; + + return ntohl(mnl_attr_get_u32(nfad->data[NFQA_IFINDEX_INDEV])); } /** @@ -1198,7 +1244,10 @@ uint32_t nfq_get_indev(struct nfq_data *nfad) EXPORT_SYMBOL uint32_t nfq_get_physindev(struct nfq_data *nfad) { - return ntohl(nfnl_get_data(nfad->data, NFQA_IFINDEX_PHYSINDEV, uint32_t)); + if (!nfad->data[NFQA_IFINDEX_PHYSINDEV]) + return 0; + + return ntohl(mnl_attr_get_u32(nfad->data[NFQA_IFINDEX_PHYSINDEV])); } /** @@ -1212,7 +1261,10 @@ uint32_t nfq_get_physindev(struct nfq_data *nfad) EXPORT_SYMBOL uint32_t nfq_get_outdev(struct nfq_data *nfad) { - return ntohl(nfnl_get_data(nfad->data, NFQA_IFINDEX_OUTDEV, uint32_t)); + if (!nfad->data[NFQA_IFINDEX_OUTDEV]) + return 0; + + return ntohl(mnl_attr_get_u32(nfad->data[NFQA_IFINDEX_OUTDEV])); } /** @@ -1228,7 +1280,10 @@ uint32_t nfq_get_outdev(struct nfq_data *nfad) EXPORT_SYMBOL uint32_t nfq_get_physoutdev(struct nfq_data *nfad) { - return ntohl(nfnl_get_data(nfad->data, NFQA_IFINDEX_PHYSOUTDEV, uint32_t)); + if (!nfad->data[NFQA_IFINDEX_PHYSOUTDEV]) + return 0; + + return ntohl(mnl_attr_get_u32(nfad->data[NFQA_IFINDEX_PHYSOUTDEV])); } /** @@ -1363,8 +1418,10 @@ int nfq_get_physoutdev_name(struct nlif_handle *nlif_handle, EXPORT_SYMBOL struct nfqnl_msg_packet_hw *nfq_get_packet_hw(struct nfq_data *nfad) { - return nfnl_get_pointer_to_data(nfad->data, NFQA_HWADDR, - struct nfqnl_msg_packet_hw); + if (!nfad->data[NFQA_HWADDR]) + return NULL; + + return mnl_attr_get_payload(nfad->data[NFQA_HWADDR]); } /** @@ -1412,10 +1469,10 @@ uint32_t nfq_get_skbinfo(struct nfq_data *nfad) EXPORT_SYMBOL int nfq_get_uid(struct nfq_data *nfad, uint32_t *uid) { - if (!nfnl_attr_present(nfad->data, NFQA_UID)) + if (!nfad->data[NFQA_UID]) return 0; - *uid = ntohl(nfnl_get_data(nfad->data, NFQA_UID, uint32_t)); + *uid = ntohl(mnl_attr_get_u32(nfad->data[NFQA_UID])); return 1; } @@ -1433,10 +1490,10 @@ int nfq_get_uid(struct nfq_data *nfad, uint32_t *uid) EXPORT_SYMBOL int nfq_get_gid(struct nfq_data *nfad, uint32_t *gid) { - if (!nfnl_attr_present(nfad->data, NFQA_GID)) + if (!nfad->data[NFQA_GID]) return 0; - *gid = ntohl(nfnl_get_data(nfad->data, NFQA_GID, uint32_t)); + *gid = ntohl(mnl_attr_get_u32(nfad->data[NFQA_GID])); return 1; } @@ -1454,14 +1511,13 @@ int nfq_get_gid(struct nfq_data *nfad, uint32_t *gid) EXPORT_SYMBOL int nfq_get_secctx(struct nfq_data *nfad, unsigned char **secdata) { - if (!nfnl_attr_present(nfad->data, NFQA_SECCTX)) + if (!nfad->data[NFQA_SECCTX]) return -1; - *secdata = (unsigned char *)nfnl_get_pointer_to_data(nfad->data, - NFQA_SECCTX, char); + *secdata = mnl_attr_get_payload(nfad->data[NFQA_SECCTX]); if (*secdata) - return NFA_PAYLOAD(nfad->data[NFQA_SECCTX-1]); + return mnl_attr_get_payload_len(nfad->data[NFQA_SECCTX]); return 0; } @@ -1480,10 +1536,12 @@ int nfq_get_secctx(struct nfq_data *nfad, unsigned char **secdata) EXPORT_SYMBOL int nfq_get_payload(struct nfq_data *nfad, unsigned char **data) { - *data = (unsigned char *) - nfnl_get_pointer_to_data(nfad->data, NFQA_PAYLOAD, char); + if (!nfad->data[NFQA_PAYLOAD]) + return -1; + + *data = mnl_attr_get_payload(nfad->data[NFQA_PAYLOAD]); if (*data) - return NFA_PAYLOAD(nfad->data[NFQA_PAYLOAD-1]); + return mnl_attr_get_payload_len(nfad->data[NFQA_PAYLOAD]); return -1; } From patchwork Sat Oct 12 23:09:09 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Duncan Roe X-Patchwork-Id: 1996467 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20230601 header.b=JRKsvPQ4; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=147.75.80.249; helo=am.mirrors.kernel.org; envelope-from=netfilter-devel+bounces-4407-incoming=patchwork.ozlabs.org@vger.kernel.org; receiver=patchwork.ozlabs.org) Received: from am.mirrors.kernel.org (am.mirrors.kernel.org [147.75.80.249]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4XQzjt4Jgmz1xtp for ; Sun, 13 Oct 2024 10:10:26 +1100 (AEDT) Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 269841F212BC for ; Sat, 12 Oct 2024 23:10:23 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 7827519E982; Sat, 12 Oct 2024 23:09:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="JRKsvPQ4" X-Original-To: netfilter-devel@vger.kernel.org Received: from mail-pf1-f182.google.com (mail-pf1-f182.google.com [209.85.210.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 09FC019C55D for ; Sat, 12 Oct 2024 23:09:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.182 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774583; cv=none; b=FZdLgKZt0clihEXIsTcPT/Xb2oXquC2pssPR0sEukH6dz/4JRJNQr/7yoxzIEeTY9ei9mlrfL1fCvzlMTzs5XKdCoAGOcfQNhKJQlkuaD8UMi0w3vyJTW/YkQbB8bsF4VGDaSfiPwyoP13Kh6kKiCfRY+XExZlX2hW/gLCOzAUQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774583; c=relaxed/simple; bh=1hEHnl/BFFfHoLF2zo53x2JLpg0CCYCgKA7EnejJKIc=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=nfWI9uZcYGV5VAbcaKL5E4fIJ3Fm7cwJZVULrUMdZ/GWCqiVUHbifBdR+8UG5cbr84pHOpSbfSGqBkARVSzV9V+wxYFakjH1S24fuuufw3xN62jXLRAhWhLjI8fkwoPaCMtt3qgD596OYDf4xh5A9uc1u8BCDAKHUDbz5NMe/kw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=JRKsvPQ4; arc=none smtp.client-ip=209.85.210.182 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-pf1-f182.google.com with SMTP id d2e1a72fcca58-71e49ad46b1so795856b3a.1 for ; Sat, 12 Oct 2024 16:09:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728774579; x=1729379379; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:from:to:cc:subject:date :message-id:reply-to; bh=Ka4qhUTCvvBOtkFjA90jCWVdIrdm9csG92ooZ5YHLL0=; b=JRKsvPQ4HXsMtqNgYsPnd8ZYGpOmiOUc2wTW3hcQGp+3jev7IFg94sJ/mcnzOhU2D2 +YkT+C2yfkQ9vOjM1Ui61Mvl9dKt/MRWr57lKkV0pYAH0HP3zBYOEAxz74kAOZhrlxDQ uXkFS9JXZvNL2LyRmn29fK38a3BOG5jbTQku0nUJZG1W76ZTL37/IlLbxmaOevV1YScG F+4/Rcd6RKT7pOf5K3EJC4FghxpunL/h+Lu1msWRcvE2/DfHmgLQuDI5zMMQiXsJMnHg 5JovfvvIlvpGNu+ceyRJpu9HCfYg5pULQ9aiw0kPLgArBnL7o5eGVKSnZymLBsj2EHmF ekBQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728774579; x=1729379379; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=Ka4qhUTCvvBOtkFjA90jCWVdIrdm9csG92ooZ5YHLL0=; b=Zvb4lPxQqHFGuXIkUPhqg4b5ZRM/fRL44yBw5JaYDcRypakor5Qbb78NVX/GD+yXgz wKfJjryExq+S48xcZ6SZGlMM64s+bjzW3LaT4sColRqPIPSc8mngx4bA+vZl6fwvJxI2 VEOEn6wz+5BvRSjfKL87O6qmuvcF/fO+0zBv243jYISJSZetzkuxWFUmZeEL3g8VESAE nQysIpUFZKYy621SeSuRtLkrun56lIrfzmZJfug30OQIS0R8EfT3jH8xga9sOKnpGWiQ ACpT0jzMBsGqL1d8Qz3fp8SYP7Xp0v6nC6iDSWD7b8DM8nL8q5qOY9sdeMnZ3z1rlolB ipZw== X-Gm-Message-State: AOJu0Yy0nPaHdcxhwEos1cGIficX+nz0S1qWfvg5xgllf6gbBCw/1qvU YgKrufZtWa1pbx1dqXSlI5SYV4WWcc/ZFoFpBCPykyCw2SvcwqDy0UfM+w== X-Google-Smtp-Source: AGHT+IHB1TEyc62ieKOCsXB7i4ygbO3RNZfijI0TNKcJNFJJ7U5LY3TaBhVSZOwy8JGVxbGv09w4tg== X-Received: by 2002:a05:6a20:c997:b0:1cf:499c:f918 with SMTP id adf61e73a8af0-1d8bcf2bf22mr11676004637.18.1728774579122; Sat, 12 Oct 2024 16:09:39 -0700 (PDT) Received: from slk15.local.net (n175-33-111-144.meb22.vic.optusnet.com.au. [175.33.111.144]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-71e2aab5bf9sm4854195b3a.145.2024.10.12.16.09.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Oct 2024 16:09:38 -0700 (PDT) Sender: Duncan Roe From: Duncan Roe To: pablo@netfilter.org Cc: netfilter-devel@vger.kernel.org Subject: [PATCH libnetfilter_queue v3 07/15] src: Convert nfq_set_verdict() and nfq_set_verdict2() to use libmnl if there is no data Date: Sun, 13 Oct 2024 10:09:09 +1100 Message-Id: <20241012230917.11467-8-duncan_roe@optusnet.com.au> X-Mailer: git-send-email 2.35.8 In-Reply-To: <20241012230917.11467-1-duncan_roe@optusnet.com.au> References: <20241012230917.11467-1-duncan_roe@optusnet.com.au> Precedence: bulk X-Mailing-List: netfilter-devel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 static __set_verdict() uses mnl-API calls in enough places that the path for no (mangled) data doesn't use any nfnl-API functions. With no data, __set_verdict() uses sendto() (faster than sendmsg()). nfq_set_verdict2() must not use htonl() on the packet mark. Signed-off-by: Duncan Roe --- v3: - rebased - defer removal of libnfnetlink/libnfnetlink.h include to 13/15 v2: - rebase to account for updated patches 1 - 3 - fix checkpatch warning re block comment termination src/libnetfilter_queue.c | 36 +++++++++++++++++------------------- 1 file changed, 17 insertions(+), 19 deletions(-) diff --git a/src/libnetfilter_queue.c b/src/libnetfilter_queue.c index 6500fec..3fa8d2d 100644 --- a/src/libnetfilter_queue.c +++ b/src/libnetfilter_queue.c @@ -951,13 +951,8 @@ static int __set_verdict(struct nfq_q_handle *qh, uint32_t id, uint32_t data_len, const unsigned char *data, enum nfqnl_msg_types type) { - struct nfqnl_msg_verdict_hdr vh; - union { - char buf[NFNL_HEADER_LEN - +NFA_LENGTH(sizeof(mark)) - +NFA_LENGTH(sizeof(vh))]; - struct nlmsghdr nmh; - } u; + char buf[MNL_SOCKET_BUFFER_SIZE]; + struct nlmsghdr *nlh; struct iovec iov[3]; int nvecs; @@ -968,20 +963,23 @@ static int __set_verdict(struct nfq_q_handle *qh, uint32_t id, memset(iov, 0, sizeof(iov)); - vh.verdict = htonl(verdict); - vh.id = htonl(id); - - nfnl_fill_hdr(qh->h->nfnlssh, &u.nmh, 0, AF_UNSPEC, qh->id, - type, NLM_F_REQUEST); + nlh = nfq_nlmsg_put(buf, NFQNL_MSG_VERDICT, qh->id); /* add verdict header */ - nfnl_addattr_l(&u.nmh, sizeof(u), NFQA_VERDICT_HDR, &vh, sizeof(vh)); + nfq_nlmsg_verdict_put(nlh, id, verdict); if (set_mark) - nfnl_addattr32(&u.nmh, sizeof(u), NFQA_MARK, mark); + nfq_nlmsg_verdict_put_mark(nlh, mark); + + /* Efficiency gain: when there is only 1 iov, + * sendto() is faster than sendmsg() because the kernel only has + * 1 userspace address to validate instead of 2. + */ + if (!data_len) + return mnl_socket_sendto(qh->h->nl, nlh, nlh->nlmsg_len); - iov[0].iov_base = &u.nmh; - iov[0].iov_len = NLMSG_TAIL(&u.nmh) - (void *)&u.nmh; + iov[0].iov_base = nlh; + iov[0].iov_len = NLMSG_TAIL(nlh) - (void *)nlh; nvecs = 1; if (data_len) { @@ -995,7 +993,7 @@ static int __set_verdict(struct nfq_q_handle *qh, uint32_t id, * header. The size of the attribute is given in the * nla_len field and is set in the nfnl_build_nfa_iovec() * function. */ - u.nmh.nlmsg_len += data_attr.nla_len; + nlh->nlmsg_len += data_attr.nla_len; } return nfnl_sendiov(qh->h->nfnlh, iov, nvecs, 0); @@ -1052,7 +1050,7 @@ int nfq_set_verdict2(struct nfq_q_handle *qh, uint32_t id, uint32_t verdict, uint32_t mark, uint32_t data_len, const unsigned char *buf) { - return __set_verdict(qh, id, verdict, htonl(mark), 1, data_len, + return __set_verdict(qh, id, verdict, mark, 1, data_len, buf, NFQNL_MSG_VERDICT); } From patchwork Sat Oct 12 23:09:10 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Duncan Roe X-Patchwork-Id: 1996468 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20230601 header.b=JxDaK9sw; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2604:1380:4601:e00::3; helo=am.mirrors.kernel.org; envelope-from=netfilter-devel+bounces-4408-incoming=patchwork.ozlabs.org@vger.kernel.org; receiver=patchwork.ozlabs.org) Received: from am.mirrors.kernel.org (am.mirrors.kernel.org [IPv6:2604:1380:4601:e00::3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4XQzjv2Pmxz1xvm for ; Sun, 13 Oct 2024 10:10:27 +1100 (AEDT) Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 3CA471F21B2E for ; Sat, 12 Oct 2024 23:10:25 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 46F1619E98C; Sat, 12 Oct 2024 23:09:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="JxDaK9sw" X-Original-To: netfilter-devel@vger.kernel.org Received: from mail-pf1-f169.google.com (mail-pf1-f169.google.com [209.85.210.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 47CD019E7F9 for ; Sat, 12 Oct 2024 23:09:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.169 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774583; cv=none; b=KfcsCi9tcVBuG3DleiCWiiDO45HLK2iInMdYqa8D0IZzfUdjucK7nmlQ/mATZTWkoGLdo+Dqx5wUnZ0DZISG0qH7zZol4CsNlKv88YdgMM59GSAG2UBwGxF9aTRXMKB8UFi+ZmhlhUNtjN+vPDFviznXnfrGyrDbQlki4P9EBl0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774583; c=relaxed/simple; bh=PiTvFyoqPPvRAohGQUnfZRFku/LY+6vFRFoHBPMDm0g=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=WqW+IRRlCWMNwPwyIu2QCE0IwkAHLkK7LzhMb0eb4PC1EwAslDqBvZMmu6jry8AS2hMnUgKKUjVjj9KBnUr78vNWI0zlmmTy3wot315ShB1aXGCXPjzzz8XfskeVS9KMZjqAFVzglDBre4W7X2uo4KWFSmhEzapR7B6p1Ct8taw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=JxDaK9sw; arc=none smtp.client-ip=209.85.210.169 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-pf1-f169.google.com with SMTP id d2e1a72fcca58-71e038f3835so2833701b3a.0 for ; Sat, 12 Oct 2024 16:09:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728774581; x=1729379381; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:from:to:cc:subject:date :message-id:reply-to; bh=QnyxGVPxPXRhSsY6Sr4YYotX9Gd7NNLALEP+M3K0jVQ=; b=JxDaK9swkK52VwpBbeDNeKmIT9nKKppJMh2m5b5uiqhn70+39PfxX+fJ+KJwoLK0Hg Jd8pis4XaZ8waOGJqowD7/9njVuA6eN2ZISmFsNAyNkyuuoUpMlV7XVz55fUGN/oxr/g 21Gh9KhOWPBFXNQ4HHKKa7Fy0l2bI0dsExbuGFD6QpggLjnKqN1IPRVIcuhkSkT5YmBc hnlcSmHwBJMrKXrQboyTJzRrV2kmFn9hfHT+mP2gvXtWQu+/W7lP52amvtTzdP7ZBaHE HtqKFc7ipopqLG4ZjKksQt9ksx9m6oEpZ3JnYqFeGCNcEV8R2YWyQSTelR1zHYM8EFXE L+dg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728774581; x=1729379381; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=QnyxGVPxPXRhSsY6Sr4YYotX9Gd7NNLALEP+M3K0jVQ=; b=U5ANgLVc1g2wGHU3ztxNomWcEFFo7ACHrbpSno4trLwDlffRo1PmeXj88pgGlZCCFn 7Lg4OoauuvmfSDAX8TQcAuedxZ0KZnO53Nf5AdTSyui/sMIKsDlA8G19yC8JFTsxzNHE muhLtgNDqWLG5QVW0K9ON8pDlVC2kLf42v57F2/K/JJEo00i6keQG1tUv1wcVeq4gTos xaLU8PmKasDvkT76vt769DVDTuP5pspQZSzbkvAC3o9te1wtusNyBNHEd1S2GwL26v5e NAV/rTneUv4Q5qpoWkGJGmOFqHUV2zuEyZtLDl7/LBPGSUBHOZLtrf84jM7b/Rk1cNDH EpeQ== X-Gm-Message-State: AOJu0YyGm1BVpPmGXUxckArhOT9ZrL/uH9fDDAAl0xPaN25wk9DXPn7d wbUdclfnlIk3HUYiBL/oy6x47Qh8RrxJGm0Yhl3hzqQeBeHXOTNEbICueQ== X-Google-Smtp-Source: AGHT+IEyYTdF4yaKrk8zqDeaEPBXlihU7w+Wuf4dCd2YMh8be/OYoKoa9fnTLbqbT0UT3s9/OHt1qQ== X-Received: by 2002:a05:6a20:cfa9:b0:1d2:e458:4063 with SMTP id adf61e73a8af0-1d8bcfb26cbmr10166614637.33.1728774581431; Sat, 12 Oct 2024 16:09:41 -0700 (PDT) Received: from slk15.local.net (n175-33-111-144.meb22.vic.optusnet.com.au. [175.33.111.144]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-71e2aab5bf9sm4854195b3a.145.2024.10.12.16.09.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Oct 2024 16:09:40 -0700 (PDT) Sender: Duncan Roe From: Duncan Roe To: pablo@netfilter.org Cc: netfilter-devel@vger.kernel.org Subject: [PATCH libnetfilter_queue v3 08/15] src: Incorporate nfnl_rcvbufsiz() in libnetfilter_queue Date: Sun, 13 Oct 2024 10:09:10 +1100 Message-Id: <20241012230917.11467-9-duncan_roe@optusnet.com.au> X-Mailer: git-send-email 2.35.8 In-Reply-To: <20241012230917.11467-1-duncan_roe@optusnet.com.au> References: <20241012230917.11467-1-duncan_roe@optusnet.com.au> Precedence: bulk X-Mailing-List: netfilter-devel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 nfnl_rcvbufsiz() is the first bullet point in the Performance section of the libnetfilter_queue HTML main page. We have to assume people have used it, so supply a version that uses libmnl. Signed-off-by: Duncan Roe --- v3: rebased v2: rebase to account for updated patches .../libnetfilter_queue/libnetfilter_queue.h | 2 ++ src/libnetfilter_queue.c | 36 +++++++++++++++++++ 2 files changed, 38 insertions(+) diff --git a/include/libnetfilter_queue/libnetfilter_queue.h b/include/libnetfilter_queue/libnetfilter_queue.h index f7e68d8..9327f8c 100644 --- a/include/libnetfilter_queue/libnetfilter_queue.h +++ b/include/libnetfilter_queue/libnetfilter_queue.h @@ -35,6 +35,8 @@ typedef int nfq_callback(struct nfq_q_handle *gh, struct nfgenmsg *nfmsg, struct nfq_data *nfad, void *data); +extern unsigned int nfnl_rcvbufsiz(const struct nfnl_handle *h, + unsigned int size); extern struct nfq_handle *nfq_open(void); extern struct nfq_handle *nfq_open_nfnl(struct nfnl_handle *nfnlh); extern int nfq_close(struct nfq_handle *h); diff --git a/src/libnetfilter_queue.c b/src/libnetfilter_queue.c index 3fa8d2d..f26b65f 100644 --- a/src/libnetfilter_queue.c +++ b/src/libnetfilter_queue.c @@ -578,6 +578,42 @@ out_free: * @{ */ +/** + * nfnl_rcvbufsiz - set the socket buffer size + * \param h nfnetlink connection handle obtained via call to \b nfq_nfnlh() + * \param size size of the buffer we want to set + * + * This nfnl-API function sets the new size of the socket buffer. + * Use this setting + * to increase the socket buffer size if your system is reporting ENOBUFS + * errors. + * + * \return new size of kernel socket buffer + */ + +EXPORT_SYMBOL +unsigned int nfnl_rcvbufsiz(const struct nfnl_handle *h, unsigned int size) +{ + int status; + socklen_t socklen = sizeof(size); + unsigned int read_size = 0; + + /* first we try the FORCE option, which is introduced in kernel + * 2.6.14 to give "root" the ability to override the system wide + * maximum + */ + status = setsockopt(h->fd, SOL_SOCKET, SO_RCVBUFFORCE, &size, socklen); + if (status < 0) { + /* if this didn't work, we try at least to get the system + * wide maximum (or whatever the user requested) + */ + setsockopt(h->fd, SOL_SOCKET, SO_RCVBUF, &size, socklen); + } + getsockopt(h->fd, SOL_SOCKET, SO_RCVBUF, &read_size, &socklen); + + return read_size; +} + /** * nfq_close - close a nfqueue handler * \param h Netfilter queue connection handle obtained via call to nfq_open() From patchwork Sat Oct 12 23:09:11 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Duncan Roe X-Patchwork-Id: 1996469 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20230601 header.b=al2WSQIG; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2604:1380:45e3:2400::1; helo=sv.mirrors.kernel.org; envelope-from=netfilter-devel+bounces-4409-incoming=patchwork.ozlabs.org@vger.kernel.org; receiver=patchwork.ozlabs.org) Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org [IPv6:2604:1380:45e3:2400::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4XQzjv6RbDz1xvq for ; Sun, 13 Oct 2024 10:10:27 +1100 (AEDT) Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 138BF282A1D for ; Sat, 12 Oct 2024 23:10:26 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id CD9B019E997; Sat, 12 Oct 2024 23:09:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="al2WSQIG" X-Original-To: netfilter-devel@vger.kernel.org Received: from mail-pg1-f176.google.com (mail-pg1-f176.google.com [209.85.215.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DD39E19CC0D for ; Sat, 12 Oct 2024 23:09:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.176 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774586; cv=none; b=kcKGDDduWka8gKyd057Z+82uO2eQ0C8NNdOzhIO0MSEmmYCis7CD17C8g/O3x0wwFpMhnLgs5PjexxBFjHvAcqVoOdiHrJjOHNbFvo9PTlg7i3XEs4ds/YT4CdDgGvz4sHGIIVffFJycoE6zeZyaRhBO+7PaNU1b56wDi3tIuUE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774586; c=relaxed/simple; bh=VSeh+0I3/uWYuPZ4VgK9pWvjcgfWjhwgyxtSF+Anm00=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=OgeIbXI3pQ1U50dYEHD/PliDHDZNr+rrgBk7y/7KTvVMk+Cd54ui44h7T5OfCbnCYL8ib3H8Ic9dM1F2ke+cN/STvThx1eyvJEY/ScqOn8+qxuhnZqDd6UwQaq4VC+0vxyYJbxbscCLyO/HS+bmJiZd534mSJd9PDSdeIfMo2N4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=al2WSQIG; arc=none smtp.client-ip=209.85.215.176 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-pg1-f176.google.com with SMTP id 41be03b00d2f7-7d4f85766f0so2426741a12.2 for ; Sat, 12 Oct 2024 16:09:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728774584; x=1729379384; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:from:to:cc:subject:date :message-id:reply-to; bh=QYBSHXrCIY0jb4GK7o9ta9PaRYW/4Y6KgplyD2PflqE=; b=al2WSQIGE9ln4KOBhPu+Ahc4qZslEYZ/HQbUHOS2VPwwlD6NcdnkOYr03o9kNI7afF U0CUvzmZ2LDc7nbwZg/KTzwNl6rA0TwljkDOQ/Pm37rT0wWtW/7NgHX/ZPWGT3z85qWY CxN82c7ngUrnCwxbhdFYXu/dTVxQlfYWzn4YxLxNMHA3Lfyd/8sFJcuAanBTu/AlRmny RVBqM0QHW7jAv9wD6BJdVst7XuXnQnh4zWyHYQyNvfuiUrt8a3Qi+smondp3D2RenxNx bm2B5BBOwxaK02gzFPG6gfq+vvjGqwmu7+fZ23MDEirePPeJxG3Xab2xtPSgX6Ha5KWo mjcg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728774584; x=1729379384; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=QYBSHXrCIY0jb4GK7o9ta9PaRYW/4Y6KgplyD2PflqE=; b=C7DTmXw84mjOoSvrmzfYiF/OFqIcE0MhulR/p7oc8bmeqDhWCs1lUX8tFuzEaj1/ZE +oF9awsz3NGH3IsleKk6rryd7xt1NaM8cjGOdzgTboYu1qLFNH4AjjcOHrLygNXm17Rb Sa2qXMp8vyJEFQrxnr0aeV/TOWkLQNzExmiFxtBbNhdAOKei5VMbjLrwCQ/QG/mqxIjB yyy8JHseU40weu6ZFp2OHJvyogJ0BfwRvWoM7V0cF0+vNTvbSxIykwN9FDs2W398x3zm GIvH5Cp81H5A1HyHkxwfJOeuDFTdP7qPwRhO6lOOZ4TAJqOmGqtxZNDrpZFUaqKtnpIo 1OGw== X-Gm-Message-State: AOJu0YzD79Waes4TDtU3bPYQPP/8SKJra4LW8Ev7zaNLOJ6KTQiJsoKW DOlWRASurNZe88X5vBi64/jQIs4IvvzTci1lsQSQwrdhHQP+fHtc X-Google-Smtp-Source: AGHT+IEivvYHpE4wVVMB9P0Wrdu2V/nnzc0h0+FYZWs1OLkObZ5F5LuhF3htLMFXPe73HgVfpBZuMQ== X-Received: by 2002:a05:6a21:2d8f:b0:1d8:a13d:d6c0 with SMTP id adf61e73a8af0-1d8bcefc67fmr9176282637.3.1728774583708; Sat, 12 Oct 2024 16:09:43 -0700 (PDT) Received: from slk15.local.net (n175-33-111-144.meb22.vic.optusnet.com.au. [175.33.111.144]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-71e2aab5bf9sm4854195b3a.145.2024.10.12.16.09.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Oct 2024 16:09:43 -0700 (PDT) Sender: Duncan Roe From: Duncan Roe To: pablo@netfilter.org Cc: netfilter-devel@vger.kernel.org Subject: [PATCH libnetfilter_queue v3 09/15] src: Convert nfq_fd() to use libmnl Date: Sun, 13 Oct 2024 10:09:11 +1100 Message-Id: <20241012230917.11467-10-duncan_roe@optusnet.com.au> X-Mailer: git-send-email 2.35.8 In-Reply-To: <20241012230917.11467-1-duncan_roe@optusnet.com.au> References: <20241012230917.11467-1-duncan_roe@optusnet.com.au> Precedence: bulk X-Mailing-List: netfilter-devel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 struct nfq_handle has a struct mnl_socket * now, use that. Signed-off-by: Duncan Roe --- v3: rebased v2: rebase to account for updated patches src/libnetfilter_queue.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libnetfilter_queue.c b/src/libnetfilter_queue.c index f26b65f..8a11f41 100644 --- a/src/libnetfilter_queue.c +++ b/src/libnetfilter_queue.c @@ -377,7 +377,7 @@ struct nfnl_handle *nfq_nfnlh(struct nfq_handle *h) EXPORT_SYMBOL int nfq_fd(struct nfq_handle *h) { - return nfnl_fd(nfq_nfnlh(h)); + return mnl_socket_get_fd(h->nl); } /** * @} From patchwork Sat Oct 12 23:09:12 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Duncan Roe X-Patchwork-Id: 1996470 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20230601 header.b=anzwQTZn; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2604:1380:45d1:ec00::1; helo=ny.mirrors.kernel.org; envelope-from=netfilter-devel+bounces-4410-incoming=patchwork.ozlabs.org@vger.kernel.org; receiver=patchwork.ozlabs.org) Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org [IPv6:2604:1380:45d1:ec00::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4XQzjy005Lz1xtp for ; Sun, 13 Oct 2024 10:10:29 +1100 (AEDT) Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 286E11C20E12 for ; Sat, 12 Oct 2024 23:10:28 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id C295E19C557; Sat, 12 Oct 2024 23:09:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="anzwQTZn" X-Original-To: netfilter-devel@vger.kernel.org Received: from mail-pf1-f178.google.com (mail-pf1-f178.google.com [209.85.210.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C80BA19E7F9 for ; Sat, 12 Oct 2024 23:09:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.178 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774588; cv=none; b=B7WFGRlX8IDEm4RFZwXMqI1EtTG20uP6pe8lCwxS4d5zNlP19lsGGAPU7xpmezuti8aR1NOPMnkxcWleMgLvSjLqikU1FQWAvbhmpU1kVcOFTQG9xHtpfEJjiZRUeHwNQVK00+teEGaYpB5lMi1DxKlfDsQaO4HkjgXKRtism54= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774588; c=relaxed/simple; bh=8XbsdWtuVe+klRcqCB50FJ2VIMcPP8W+8tFUTTgUCPY=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=jYcohp8ZEu/CX6I3NJfCX7JD3zUU8LTcOsHINDNX3WkHeDlXx+Y6qPBUjQ6oOcRR7tby/ct8CoRJ4LH/0wYD1y2ovdrlSeQtNsghttNQTXC7kRhqkbNlUhNwc9Yo2TbAlcFXiHxmdVgvPAkat3iJyT+SNMi9th7FWNhiCGF/cWw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=anzwQTZn; arc=none smtp.client-ip=209.85.210.178 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-pf1-f178.google.com with SMTP id d2e1a72fcca58-71e5130832aso340533b3a.0 for ; Sat, 12 Oct 2024 16:09:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728774586; x=1729379386; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:from:to:cc:subject:date :message-id:reply-to; bh=X1KS8BWkVdM5sMjzMozGDoZUMWXHNUL/xg+9VjJpunE=; b=anzwQTZndAtYUfAwvsiPUSFN6jKlPiDszCXtL1U6aimXWxDdIpNCcjI+uLLlDpyCiu CJonlGWewDOHZ4f/967ng1LFxGUUvKmpIWtJYC4mrRAiz8BtvfrZoazDEEcIoeiO1LLM QtOnlMlZJPQsOaX8HlFSM/ChjQQrRP0XrQnkP/8ldHtVjrDovTj1lz4xBaKopexPF1nE M1gGyM0sE7eAlltN3yAgRLBxeTGk8PjUcIXB0mdMXT4B46o0/jYaDD6cjruA5t6tNbw5 8D5ErTb98FzSrl1gcpSr2QvJ+zrSU7OPo5MIz0uFYi97eYp4KaezOzG5CFOgenx2tP0J +NvQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728774586; x=1729379386; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=X1KS8BWkVdM5sMjzMozGDoZUMWXHNUL/xg+9VjJpunE=; b=mmVPKDeYxzNkWcbUjIFnzqSkjUbGOS7nf1Zy9J2GgdA//zNLNGvWUKXrI2f+6fq2ZV LT6HCskpVU7mYvtYd7MBFHs56ay0pN7TTJ19QyKl0zLLoQobmgQvtaXJlfI5v5tPvqrz Hx+trmJ+s9bCKdMiCI7FCPyHx5HQ1MzZ3nyyFZS/itUlhwRMy5atd96XB2A7AMeZlrGj s5Oy92XJTz6nSHSoDWgqpFfnBrBJnAVpgONKJHALnC3ufUxukCCWCINlvXRQ3ITX/I50 ziakMbRsvXeT6IU9RDOUPXFpOSCudqFhpy8+ixFqv7XeNC+tpfb1pklo7HAyzEyY7WAU jmJw== X-Gm-Message-State: AOJu0YzcijGRob/53aLLPS7piaSC2DTzz2gCJg3fcDOqm5ed8k3mRBNA gPG2F2G2b9GrRiOSDJD8VggJJj+KG3rVUvakN+7NMM4yCayPOkpaFRowTg== X-Google-Smtp-Source: AGHT+IE85e2w0DD4JTrTyxsLD/mmM4KJesChcSfe0Z+Q5iMa+ruDdtuMM0Li8PFGgfV8o1As6fJ+QQ== X-Received: by 2002:a05:6a21:99a2:b0:1d8:abc6:71a4 with SMTP id adf61e73a8af0-1d8c955c952mr6216599637.6.1728774585956; Sat, 12 Oct 2024 16:09:45 -0700 (PDT) Received: from slk15.local.net (n175-33-111-144.meb22.vic.optusnet.com.au. [175.33.111.144]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-71e2aab5bf9sm4854195b3a.145.2024.10.12.16.09.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Oct 2024 16:09:45 -0700 (PDT) Sender: Duncan Roe From: Duncan Roe To: pablo@netfilter.org Cc: netfilter-devel@vger.kernel.org Subject: [PATCH libnetfilter_queue v3 10/15] src: Convert remaining nfq_* functions to use libmnl Date: Sun, 13 Oct 2024 10:09:12 +1100 Message-Id: <20241012230917.11467-11-duncan_roe@optusnet.com.au> X-Mailer: git-send-email 2.35.8 In-Reply-To: <20241012230917.11467-1-duncan_roe@optusnet.com.au> References: <20241012230917.11467-1-duncan_roe@optusnet.com.au> Precedence: bulk X-Mailing-List: netfilter-devel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Converted: nfq_set_verdict2(), nfq_set_verdict_batch2(), nfq_set_verdict_mark(), nfq_get_nfmark() [again] & nfq_get_skbinfo() We only use 2 iovecs instead of 3 by tacking the data attribute onto the end of the first iovec buffer. Signed-off-by: Duncan Roe --- Changes in v3: (none) Changes in v2: - Move nfq_set_mode() conversion to patch 5 - Rebase to account for updated patches src/libnetfilter_queue.c | 67 +++++++++++++++++++++------------------- 1 file changed, 35 insertions(+), 32 deletions(-) diff --git a/src/libnetfilter_queue.c b/src/libnetfilter_queue.c index 8a11f41..ecdd144 100644 --- a/src/libnetfilter_queue.c +++ b/src/libnetfilter_queue.c @@ -989,17 +989,9 @@ static int __set_verdict(struct nfq_q_handle *qh, uint32_t id, { char buf[MNL_SOCKET_BUFFER_SIZE]; struct nlmsghdr *nlh; + static struct sockaddr_nl snl = {.nl_family = AF_NETLINK }; - struct iovec iov[3]; - int nvecs; - - /* This must be declared here (and not inside the data - * handling block) because the iovec points to this. */ - struct nlattr data_attr; - - memset(iov, 0, sizeof(iov)); - - nlh = nfq_nlmsg_put(buf, NFQNL_MSG_VERDICT, qh->id); + nlh = nfq_nlmsg_put(buf, type, qh->id); /* add verdict header */ nfq_nlmsg_verdict_put(nlh, id, verdict); @@ -1013,26 +1005,38 @@ static int __set_verdict(struct nfq_q_handle *qh, uint32_t id, */ if (!data_len) return mnl_socket_sendto(qh->h->nl, nlh, nlh->nlmsg_len); + { + struct iovec iov[2]; + struct nlattr *data_attr = mnl_nlmsg_get_payload_tail(nlh); + const struct msghdr msg = { + .msg_name = &snl, + .msg_namelen = sizeof(snl), + .msg_iov = iov, + .msg_iovlen = 2, + .msg_control = NULL, + .msg_controllen = 0, + .msg_flags = 0, + }; + + mnl_attr_put(nlh, NFQA_PAYLOAD, 0, NULL); + + iov[0].iov_base = nlh; + iov[0].iov_len = nlh->nlmsg_len; + /* The typecast here is to cast away data's const-ness: */ + iov[1].iov_base = (unsigned char *)data; + iov[1].iov_len = data_len; - iov[0].iov_base = nlh; - iov[0].iov_len = NLMSG_TAIL(nlh) - (void *)nlh; - nvecs = 1; - - if (data_len) { - /* Temporary cast until we get rid of nfnl_build_nfa_iovec() */ - nfnl_build_nfa_iovec(&iov[1], (struct nfattr *)&data_attr, - //nfnl_build_nfa_iovec(&iov[1], &data_attr, - NFQA_PAYLOAD, data_len, - (unsigned char *) data); - nvecs += 2; /* Add the length of the appended data to the message - * header. The size of the attribute is given in the - * nla_len field and is set in the nfnl_build_nfa_iovec() - * function. */ - nlh->nlmsg_len += data_attr.nla_len; - } + * header and attribute length. + * No padding is needed: this is the end of the message. + */ + + nlh->nlmsg_len += data_len; - return nfnl_sendiov(qh->h->nfnlh, iov, nvecs, 0); + data_attr->nla_len += data_len; + + return sendmsg(qh->h->nfnlh->fd, &msg, 0); + } } /** @@ -1121,7 +1125,7 @@ EXPORT_SYMBOL int nfq_set_verdict_batch2(struct nfq_q_handle *qh, uint32_t id, uint32_t verdict, uint32_t mark) { - return __set_verdict(qh, id, verdict, htonl(mark), 1, 0, + return __set_verdict(qh, id, verdict, mark, 1, 0, NULL, NFQNL_MSG_VERDICT_BATCH); } @@ -1144,7 +1148,7 @@ int nfq_set_verdict_mark(struct nfq_q_handle *qh, uint32_t id, uint32_t verdict, uint32_t mark, uint32_t data_len, const unsigned char *buf) { - return __set_verdict(qh, id, verdict, mark, 1, data_len, buf, + return __set_verdict(qh, id, verdict, ntohl(mark), 1, data_len, buf, NFQNL_MSG_VERDICT); } @@ -1212,7 +1216,6 @@ uint32_t nfq_get_nfmark(struct nfq_data *nfad) return 0; return ntohl(mnl_attr_get_u32(nfad->data[NFQA_MARK])); - return ntohl(nfnl_get_data(nfad->data, NFQA_MARK, uint32_t)); } /** @@ -1476,10 +1479,10 @@ struct nfqnl_msg_packet_hw *nfq_get_packet_hw(struct nfq_data *nfad) EXPORT_SYMBOL uint32_t nfq_get_skbinfo(struct nfq_data *nfad) { - if (!nfnl_attr_present(nfad->data, NFQA_SKB_INFO)) + if (!nfad->data[NFQA_SKB_INFO]) return 0; - return ntohl(nfnl_get_data(nfad->data, NFQA_SKB_INFO, uint32_t)); + return ntohl(mnl_attr_get_u32(nfad->data[NFQA_SKB_INFO])); } /** From patchwork Sat Oct 12 23:09:13 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Duncan Roe X-Patchwork-Id: 1996472 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20230601 header.b=IVwtw617; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2604:1380:4601:e00::3; helo=am.mirrors.kernel.org; envelope-from=netfilter-devel+bounces-4411-incoming=patchwork.ozlabs.org@vger.kernel.org; receiver=patchwork.ozlabs.org) Received: from am.mirrors.kernel.org (am.mirrors.kernel.org [IPv6:2604:1380:4601:e00::3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4XQzk11pwqz1xvm for ; Sun, 13 Oct 2024 10:10:33 +1100 (AEDT) Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id CDE061F219FB for ; Sat, 12 Oct 2024 23:10:30 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id AFD9F19CC3A; Sat, 12 Oct 2024 23:09:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="IVwtw617" X-Original-To: netfilter-devel@vger.kernel.org Received: from mail-pf1-f175.google.com (mail-pf1-f175.google.com [209.85.210.175]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9877219CC0C for ; Sat, 12 Oct 2024 23:09:49 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.175 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774592; cv=none; b=gNHHhA80DodpjTZwIpV+U45LN3sigESKBiH6vOZnKI3RQABij6UDgCEBnn3NsaXocneECUE8/0IEi7rUSF20lGJoJOSGzRAUB3XshRJH96s6/grakyTM4fDlYsIEVCHI6gcnm2Yui2PLDSJs9cESCGo80rckCscy07telKkdFOk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774592; c=relaxed/simple; bh=8gBJf5d5Xl2o6iiPNnzwLJt5ACvfZILezMmXpAd3BUQ=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=Kyu6MPsyEsOkmJi5WorQ0kwjqGbH6Ajvknp0lWQ4D+NvBfYJckzhVHFWNnDQYkmBTo7a5AIThZ8l2jklm8w3Y/+aseSnCwqIchJ08LvLSTNeZvgnjrbNhPcebUP66uUDMqMUCFk0aga734Zeys9yPOf1txl6bliH2ZNDkDtiWys= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=IVwtw617; arc=none smtp.client-ip=209.85.210.175 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-pf1-f175.google.com with SMTP id d2e1a72fcca58-71e49ef3bb9so797742b3a.1 for ; Sat, 12 Oct 2024 16:09:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728774589; x=1729379389; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:from:to:cc:subject:date :message-id:reply-to; bh=iMdu56MWFl9v1Lv0mwqCsWQTpyZJp69abm4qU9f+U8Y=; b=IVwtw617ojYB/04idgtFu3YSJ+4xKwZLQFyWfr0pC8wFMJGjsAAEaUIp20nEtg4R0N UGi0S4yMb8xPporU+9eRTQO6uj0iYfXhAc20U6g4LKOr8t/IGqAU204U+0clas54H/dQ gxEjlyWsVXTeOfiGoGPZDfsxRJlsIh+Oo5VerNPKpT7kjRLnGrWgD5XqgDdo+U5BOQ44 ZDVyb12s02zVgGsmapDBtEe8EuEeXQjCnaFqOhVeuOoVatc76Csof+nMyQ7AX2/bYBnn /obBEdkPdk8369RMsPzjO/F5sXXXrTGhrHsoqYtmb3gzlAdQCMGUz5YqNJNKYCwqYWtH zSyg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728774589; x=1729379389; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=iMdu56MWFl9v1Lv0mwqCsWQTpyZJp69abm4qU9f+U8Y=; b=hjvT9iCCWwsiii6rsW3Rpy4HDnMq3yQSjjk1zvNol5dSwUKk9loYZaTRapHGGfVi1k l7bimrULtVToTtsckuzys9x4RHMKzcemJQNYO4FVXAXPdyeO7YOZokKZXI1NjHEEpCDu VCY6plo4cXBdNDzeHEIkX3XUo80Xu6E9NF+ajhZW/3ubA/TmeOs6lLJobppJ2DuMmI6V TtNlYOxKz2KrJCDABPJ3Wy56PhjoDsW0SuTqT5E9EQ7USj/DJYbHk+fkF7GWkDYPEmgR 62jVZuY63yy5oMiM4mDosLte2vzokKh+2B4ivFeJ7A5MdP2jWQnuFfAvF4+TGlCGj/uE myzg== X-Gm-Message-State: AOJu0Yz5hzBt83SBQYH7A5yoG5Q+SLSXzDpQAZ3+mHSb6S1kqXdxfHWs hw9iTkcFC371Q3rRE8s1SF7rhsnbkScZfN3g09qWLbLqUpGy9nKe0wvbTQ== X-Google-Smtp-Source: AGHT+IFuI9jPy+GDAlKlysGrI9x0D1rKxDIBsoS3brdcFcER49tYnYEQOzAouLRhUIwIPO5j/ioSWQ== X-Received: by 2002:a05:6a00:a87:b0:717:8b4e:a17f with SMTP id d2e1a72fcca58-71e378d4862mr9250558b3a.4.1728774588546; Sat, 12 Oct 2024 16:09:48 -0700 (PDT) Received: from slk15.local.net (n175-33-111-144.meb22.vic.optusnet.com.au. [175.33.111.144]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-71e2aab5bf9sm4854195b3a.145.2024.10.12.16.09.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Oct 2024 16:09:47 -0700 (PDT) Sender: Duncan Roe From: Duncan Roe To: pablo@netfilter.org Cc: netfilter-devel@vger.kernel.org Subject: [PATCH libnetfilter_queue v3 11/15] src: Copy nlif-related files from libnfnetlink Date: Sun, 13 Oct 2024 10:09:13 +1100 Message-Id: <20241012230917.11467-12-duncan_roe@optusnet.com.au> X-Mailer: git-send-email 2.35.8 In-Reply-To: <20241012230917.11467-1-duncan_roe@optusnet.com.au> References: <20241012230917.11467-1-duncan_roe@optusnet.com.au> Precedence: bulk X-Mailing-List: netfilter-devel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Introduce include/libnetfilter_queue/linux_list.h and src/iftable.c. These are not exact copies: all tractable checkpatch errors are fixed. Also complete iftable.c kerneldoc to doxygen translation. This commit doesn't actually do anything with the new files. Signed-off-by: Duncan Roe --- Changes in v3: - Move doxygen.cfg changes to here from patch 12/15 (otherwise if no more patches are applied then man pages don't build) Changes in v2: - This was originally patch 12 of 32 - Update commit message - Don't copy src/rtnl.c since it's not kept - Fix checkpatch errors on the fly. - Finish kerneldoc xlation on the fly (was patch 16 of 32). doxygen/doxygen.cfg.in | 2 ++ include/libnetfilter_queue/linux_list.h | 730 ++++++++++++++++++++++++ src/iftable.c | 355 ++++++++++++ 3 files changed, 1087 insertions(+) create mode 100644 include/libnetfilter_queue/linux_list.h create mode 100644 src/iftable.c diff --git a/doxygen/doxygen.cfg.in b/doxygen/doxygen.cfg.in index fcfc045..bf6cba8 100644 --- a/doxygen/doxygen.cfg.in +++ b/doxygen/doxygen.cfg.in @@ -16,6 +16,8 @@ EXCLUDE_SYMBOLS = EXPORT_SYMBOL \ nfnl_handle \ nfnl_subsys_handle \ mnl_socket \ + ifindex_node \ + nlif_handle \ nfnl_callback2 \ tcp_flag_word EXAMPLE_PATTERNS = diff --git a/include/libnetfilter_queue/linux_list.h b/include/libnetfilter_queue/linux_list.h new file mode 100644 index 0000000..68637c3 --- /dev/null +++ b/include/libnetfilter_queue/linux_list.h @@ -0,0 +1,730 @@ +#ifndef _LINUX_LIST_H +#define _LINUX_LIST_H + +#include + +#undef offsetof +#define offsetof(TYPE, MEMBER) ((size_t) &((TYPE *)0)->MEMBER) + +/** + * container_of - cast a member of a structure out to the containing structure + * + * @ptr: the pointer to the member. + * @type: the type of the container struct this is embedded in. + * @member: the name of the member within the struct. + * + */ +#define container_of(ptr, type, member) ({ \ + typeof(((type *)0)->member) *__mptr = (ptr); \ + (type *)((char *)__mptr - offsetof(type, member)); }) + +/* + * Check at compile time that something is of a particular type. + * Always evaluates to 1 so you may use it easily in comparisons. + */ +#define typecheck(type, x) \ +({ type __dummy; \ + typeof(x) __dummy2; \ + (void)(&__dummy == &__dummy2); \ + 1; \ +}) + +#define prefetch(x) ((void)0) + +/* empty define to make this work in userspace -HW */ +#ifndef smp_wmb +#define smp_wmb() /* Comment to placate checkpatch */ +#endif + +/* + * These are non-NULL pointers that will result in page faults + * under normal circumstances, used to verify that nobody uses + * non-initialized list entries. + */ +#define LIST_POISON1 ((void *) 0x00100100) +#define LIST_POISON2 ((void *) 0x00200200) + +/* + * Simple doubly linked list implementation. + * + * Some of the internal functions ("__xxx") are useful when + * manipulating whole lists rather than single entries, as + * sometimes we already know the next/prev entries and we can + * generate better code by using them directly rather than + * using the generic single-entry routines. + */ + +struct list_head { + struct list_head *next, *prev; +}; + +#define LIST_HEAD_INIT(name) { &(name), &(name) } + +#define LIST_HEAD(name) \ + struct list_head name = LIST_HEAD_INIT(name) + +#define INIT_LIST_HEAD(ptr) do { \ + (ptr)->next = (ptr); (ptr)->prev = (ptr); \ +} while (0) + +/* + * Insert a new entry between two known consecutive entries. + * + * This is only for internal list manipulation where we know + * the prev/next entries already! + */ +static inline void __list_add(struct list_head *new, + struct list_head *prev, + struct list_head *next) +{ + next->prev = new; + new->next = next; + new->prev = prev; + prev->next = new; +} + +/** + * list_add - add a new entry + * @new: new entry to be added + * @head: list head to add it after + * + * Insert a new entry after the specified head. + * This is good for implementing stacks. + */ +static inline void list_add(struct list_head *new, struct list_head *head) +{ + __list_add(new, head, head->next); +} + +/** + * list_add_tail - add a new entry + * @new: new entry to be added + * @head: list head to add it before + * + * Insert a new entry before the specified head. + * This is useful for implementing queues. + */ +static inline void list_add_tail(struct list_head *new, struct list_head *head) +{ + __list_add(new, head->prev, head); +} + +/* + * Insert a new entry between two known consecutive entries. + * + * This is only for internal list manipulation where we know + * the prev/next entries already! + */ +static inline void __list_add_rcu(struct list_head *new, + struct list_head *prev, struct list_head *next) +{ + new->next = next; + new->prev = prev; + smp_wmb(); /* Comment to placate checkpatch */ + next->prev = new; + prev->next = new; +} + +/** + * list_add_rcu - add a new entry to rcu-protected list + * @new: new entry to be added + * @head: list head to add it after + * + * Insert a new entry after the specified head. + * This is good for implementing stacks. + * + * The caller must take whatever precautions are necessary + * (such as holding appropriate locks) to avoid racing + * with another list-mutation primitive, such as list_add_rcu() + * or list_del_rcu(), running on this same list. + * However, it is perfectly legal to run concurrently with + * the _rcu list-traversal primitives, such as + * list_for_each_entry_rcu(). + */ +static inline void list_add_rcu(struct list_head *new, struct list_head *head) +{ + __list_add_rcu(new, head, head->next); +} + +/** + * list_add_tail_rcu - add a new entry to rcu-protected list + * @new: new entry to be added + * @head: list head to add it before + * + * Insert a new entry before the specified head. + * This is useful for implementing queues. + * + * The caller must take whatever precautions are necessary + * (such as holding appropriate locks) to avoid racing + * with another list-mutation primitive, such as list_add_tail_rcu() + * or list_del_rcu(), running on this same list. + * However, it is perfectly legal to run concurrently with + * the _rcu list-traversal primitives, such as + * list_for_each_entry_rcu(). + */ +static inline void list_add_tail_rcu(struct list_head *new, + struct list_head *head) +{ + __list_add_rcu(new, head->prev, head); +} + +/* + * Delete a list entry by making the prev/next entries + * point to each other. + * + * This is only for internal list manipulation where we know + * the prev/next entries already! + */ +static inline void __list_del(struct list_head *prev, struct list_head *next) +{ + next->prev = prev; + prev->next = next; +} + +/** + * list_del - deletes entry from list. + * @entry: the element to delete from the list. + * Note: list_empty on entry does not return true after this, the entry is + * in an undefined state. + */ +static inline void list_del(struct list_head *entry) +{ + __list_del(entry->prev, entry->next); + entry->next = LIST_POISON1; + entry->prev = LIST_POISON2; +} + +/** + * list_del_rcu - deletes entry from list without re-initialization + * @entry: the element to delete from the list. + * + * Note: list_empty on entry does not return true after this, + * the entry is in an undefined state. It is useful for RCU based + * lockfree traversal. + * + * In particular, it means that we can not poison the forward + * pointers that may still be used for walking the list. + * + * The caller must take whatever precautions are necessary + * (such as holding appropriate locks) to avoid racing + * with another list-mutation primitive, such as list_del_rcu() + * or list_add_rcu(), running on this same list. + * However, it is perfectly legal to run concurrently with + * the _rcu list-traversal primitives, such as + * list_for_each_entry_rcu(). + * + * Note that the caller is not permitted to immediately free + * the newly deleted entry. Instead, either synchronize_kernel() + * or call_rcu() must be used to defer freeing until an RCU + * grace period has elapsed. + */ +static inline void list_del_rcu(struct list_head *entry) +{ + __list_del(entry->prev, entry->next); + entry->prev = LIST_POISON2; +} + +/** + * list_del_init - deletes entry from list and reinitialize it. + * @entry: the element to delete from the list. + */ +static inline void list_del_init(struct list_head *entry) +{ + __list_del(entry->prev, entry->next); + INIT_LIST_HEAD(entry); +} + +/** + * list_move - delete from one list and add as another's head + * @list: the entry to move + * @head: the head that will precede our entry + */ +static inline void list_move(struct list_head *list, struct list_head *head) +{ + __list_del(list->prev, list->next); + list_add(list, head); +} + +/** + * list_move_tail - delete from one list and add as another's tail + * @list: the entry to move + * @head: the head that will follow our entry + */ +static inline void list_move_tail(struct list_head *list, + struct list_head *head) +{ + __list_del(list->prev, list->next); + list_add_tail(list, head); +} + +/** + * list_empty - tests whether a list is empty + * @head: the list to test. + */ +static inline int list_empty(const struct list_head *head) +{ + return head->next == head; +} + +/** + * list_empty_careful - tests whether a list is + * empty _and_ checks that no other CPU might be + * in the process of still modifying either member + * + * NOTE: using list_empty_careful() without synchronization + * can only be safe if the only activity that can happen + * to the list entry is list_del_init(). Eg. it cannot be used + * if another CPU could re-list_add() it. + * + * @head: the list to test. + */ +static inline int list_empty_careful(const struct list_head *head) +{ + struct list_head *next = head->next; + + return (next == head) && (next == head->prev); +} + +static inline void __list_splice(struct list_head *list, + struct list_head *head) +{ + struct list_head *first = list->next; + struct list_head *last = list->prev; + struct list_head *at = head->next; + + first->prev = head; + head->next = first; + + last->next = at; + at->prev = last; +} + +/** + * list_splice - join two lists + * @list: the new list to add. + * @head: the place to add it in the first list. + */ +static inline void list_splice(struct list_head *list, struct list_head *head) +{ + if (!list_empty(list)) + __list_splice(list, head); +} + +/** + * list_splice_init - join two lists and reinitialise the emptied list. + * @list: the new list to add. + * @head: the place to add it in the first list. + * + * The list at @list is reinitialised + */ +static inline void list_splice_init(struct list_head *list, + struct list_head *head) +{ + if (!list_empty(list)) { + __list_splice(list, head); + INIT_LIST_HEAD(list); + } +} + +/** + * list_entry - get the struct for this entry + * @ptr: the &struct list_head pointer. + * @type: the type of the struct this is embedded in. + * @member: the name of the list_struct within the struct. + */ +#define list_entry(ptr, type, member) \ + container_of(ptr, type, member) + +/** + * list_for_each - iterate over a list + * @pos: the &struct list_head to use as a loop counter. + * @head: the head for your list. + */ +#define list_for_each(pos, head) \ + for (pos = (head)->next, prefetch(pos->next); pos != (head); \ + pos = pos->next, prefetch(pos->next)) + +/** + * __list_for_each - iterate over a list + * @pos: the &struct list_head to use as a loop counter. + * @head: the head for your list. + * + * This variant differs from list_for_each() in that it's the + * simplest possible list iteration code, no prefetching is done. + * Use this for code that knows the list to be very short (empty + * or 1 entry) most of the time. + */ +#define __list_for_each(pos, head) \ + for (pos = (head)->next; pos != (head); pos = pos->next) + +/** + * list_for_each_prev - iterate over a list backwards + * @pos: the &struct list_head to use as a loop counter. + * @head: the head for your list. + */ +#define list_for_each_prev(pos, head) \ + for (pos = (head)->prev, prefetch(pos->prev); pos != (head); \ + pos = pos->prev, prefetch(pos->prev)) + +/** + * list_for_each_safe - iterate over a list safe against removal of list entry + * @pos: the &struct list_head to use as a loop counter. + * @n: another &struct list_head to use as temporary storage + * @head: the head for your list. + */ +#define list_for_each_safe(pos, n, head) \ + for (pos = (head)->next, n = pos->next; pos != (head); \ + pos = n, n = pos->next) + +/** + * list_for_each_entry - iterate over list of given type + * @pos: the type * to use as a loop counter. + * @head: the head for your list. + * @member: the name of the list_struct within the struct. + */ +#define list_for_each_entry(pos, head, member) \ + for (pos = list_entry((head)->next, typeof(*pos), member), \ + prefetch(pos->member.next); \ + &pos->member != (head); \ + pos = list_entry(pos->member.next, typeof(*pos), member), \ + prefetch(pos->member.next)) + +/** + * list_for_each_entry_reverse - iterate backwards over list of given type. + * @pos: the type * to use as a loop counter. + * @head: the head for your list. + * @member: the name of the list_struct within the struct. + */ +#define list_for_each_entry_reverse(pos, head, member) \ + for (pos = list_entry((head)->prev, typeof(*pos), member), \ + prefetch(pos->member.prev); \ + &pos->member != (head); \ + pos = list_entry(pos->member.prev, typeof(*pos), member), \ + prefetch(pos->member.prev)) + +/** + * list_prepare_entry - prepare a pos entry for use as a start point in + * list_for_each_entry_continue + * @pos: the type * to use as a start point + * @head: the head of the list + * @member: the name of the list_struct within the struct. + */ +#define list_prepare_entry(pos, head, member) \ + ((pos) ? : list_entry(head, typeof(*pos), member)) + +/** + * list_for_each_entry_continue - iterate over list of given type + * continuing after existing point + * @pos: the type * to use as a loop counter. + * @head: the head for your list. + * @member: the name of the list_struct within the struct. + */ +#define list_for_each_entry_continue(pos, head, member) \ + for (pos = list_entry(pos->member.next, typeof(*pos), member), \ + prefetch(pos->member.next); \ + &pos->member != (head); \ + pos = list_entry(pos->member.next, typeof(*pos), member), \ + prefetch(pos->member.next)) + +/** + * list_for_each_entry_safe - iterate over list of given type safe against removal of list entry + * @pos: the type * to use as a loop counter. + * @n: another type * to use as temporary storage + * @head: the head for your list. + * @member: the name of the list_struct within the struct. + */ +#define list_for_each_entry_safe(pos, n, head, member) \ + for (pos = list_entry((head)->next, typeof(*pos), member), \ + n = list_entry(pos->member.next, typeof(*pos), member); \ + &pos->member != (head); \ + pos = n, n = list_entry(n->member.next, typeof(*n), member)) + +/** + * list_for_each_rcu - iterate over an rcu-protected list + * @pos: the &struct list_head to use as a loop counter. + * @head: the head for your list. + * + * This list-traversal primitive may safely run concurrently with + * the _rcu list-mutation primitives such as list_add_rcu() + * as long as the traversal is guarded by rcu_read_lock(). + */ +#define list_for_each_rcu(pos, head) \ + for (pos = (head)->next, prefetch(pos->next); pos != (head); \ + pos = pos->next, ({ smp_read_barrier_depends(); 0; }), prefetch(pos->next)) + +#define __list_for_each_rcu(pos, head) \ + for (pos = (head)->next; pos != (head); \ + pos = pos->next, ({ smp_read_barrier_depends(); 0; })) + +/** + * list_for_each_safe_rcu - iterate over an rcu-protected list safe + * against removal of list entry + * @pos: the &struct list_head to use as a loop counter. + * @n: another &struct list_head to use as temporary storage + * @head: the head for your list. + * + * This list-traversal primitive may safely run concurrently with + * the _rcu list-mutation primitives such as list_add_rcu() + * as long as the traversal is guarded by rcu_read_lock(). + */ +#define list_for_each_safe_rcu(pos, n, head) \ + for (pos = (head)->next, n = pos->next; pos != (head); \ + pos = n, ({ smp_read_barrier_depends(); 0; }), n = pos->next) + +/** + * list_for_each_entry_rcu - iterate over rcu list of given type + * @pos: the type * to use as a loop counter. + * @head: the head for your list. + * @member: the name of the list_struct within the struct. + * + * This list-traversal primitive may safely run concurrently with + * the _rcu list-mutation primitives such as list_add_rcu() + * as long as the traversal is guarded by rcu_read_lock(). + */ +#define list_for_each_entry_rcu(pos, head, member) \ + for (pos = list_entry((head)->next, typeof(*pos), member), \ + prefetch(pos->member.next); \ + &pos->member != (head); \ + pos = list_entry(pos->member.next, typeof(*pos), member), \ + ({ smp_read_barrier_depends(); 0; }), \ + prefetch(pos->member.next)) + + +/** + * list_for_each_continue_rcu - iterate over an rcu-protected list + * continuing after existing point. + * @pos: the &struct list_head to use as a loop counter. + * @head: the head for your list. + * + * This list-traversal primitive may safely run concurrently with + * the _rcu list-mutation primitives such as list_add_rcu() + * as long as the traversal is guarded by rcu_read_lock(). + */ +#define list_for_each_continue_rcu(pos, head) \ + for ((pos) = (pos)->next, prefetch((pos)->next); (pos) != (head); \ + (pos) = (pos)->next, ({ smp_read_barrier_depends(); 0; }), prefetch((pos)->next)) + +/* + * Double linked lists with a single pointer list head. + * Mostly useful for hash tables where the two pointer list head is + * too wasteful. + * You lose the ability to access the tail in O(1). + */ + +struct hlist_head { + struct hlist_node *first; +}; + +struct hlist_node { + struct hlist_node *next, **pprev; +}; + +#define HLIST_HEAD_INIT { .first = NULL } +#define HLIST_HEAD(name) struct hlist_head name = { .first = NULL } +#define INIT_HLIST_HEAD(ptr) ((ptr)->first = NULL) +#define INIT_HLIST_NODE(ptr) ((ptr)->next = NULL, (ptr)->pprev = NULL) + +static inline int hlist_unhashed(const struct hlist_node *h) +{ + return !h->pprev; +} + +static inline int hlist_empty(const struct hlist_head *h) +{ + return !h->first; +} + +static inline void __hlist_del(struct hlist_node *n) +{ + struct hlist_node *next = n->next; + struct hlist_node **pprev = n->pprev; + *pprev = next; + if (next) + next->pprev = pprev; +} + +static inline void hlist_del(struct hlist_node *n) +{ + __hlist_del(n); + n->next = LIST_POISON1; + n->pprev = LIST_POISON2; +} + +/** + * hlist_del_rcu - deletes entry from hash list without re-initialization + * @n: the element to delete from the hash list. + * + * Note: list_unhashed() on entry does not return true after this, + * the entry is in an undefined state. It is useful for RCU based + * lockfree traversal. + * + * In particular, it means that we can not poison the forward + * pointers that may still be used for walking the hash list. + * + * The caller must take whatever precautions are necessary + * (such as holding appropriate locks) to avoid racing + * with another list-mutation primitive, such as hlist_add_head_rcu() + * or hlist_del_rcu(), running on this same list. + * However, it is perfectly legal to run concurrently with + * the _rcu list-traversal primitives, such as + * hlist_for_each_entry(). + */ +static inline void hlist_del_rcu(struct hlist_node *n) +{ + __hlist_del(n); + n->pprev = LIST_POISON2; +} + +static inline void hlist_del_init(struct hlist_node *n) +{ + if (n->pprev) { + __hlist_del(n); + INIT_HLIST_NODE(n); + } +} + +#define hlist_del_rcu_init hlist_del_init + +static inline void hlist_add_head(struct hlist_node *n, struct hlist_head *h) +{ + struct hlist_node *first = h->first; + + n->next = first; + if (first) + first->pprev = &n->next; + h->first = n; + n->pprev = &h->first; +} + + +/** + * hlist_add_head_rcu - adds the specified element to the specified hlist, + * while permitting racing traversals. + * @n: the element to add to the hash list. + * @h: the list to add to. + * + * The caller must take whatever precautions are necessary + * (such as holding appropriate locks) to avoid racing + * with another list-mutation primitive, such as hlist_add_head_rcu() + * or hlist_del_rcu(), running on this same list. + * However, it is perfectly legal to run concurrently with + * the _rcu list-traversal primitives, such as + * hlist_for_each_entry(), but only if smp_read_barrier_depends() + * is used to prevent memory-consistency problems on Alpha CPUs. + * Regardless of the type of CPU, the list-traversal primitive + * must be guarded by rcu_read_lock(). + * + * OK, so why don't we have an hlist_for_each_entry_rcu()??? + */ +static inline void hlist_add_head_rcu(struct hlist_node *n, + struct hlist_head *h) +{ + struct hlist_node *first = h->first; + + n->next = first; + n->pprev = &h->first; + smp_wmb(); /* Comment to placate checkpatch */ + if (first) + first->pprev = &n->next; + h->first = n; +} + +/* next must be != NULL */ +static inline void hlist_add_before(struct hlist_node *n, + struct hlist_node *next) +{ + n->pprev = next->pprev; + n->next = next; + next->pprev = &n->next; + *(n->pprev) = n; +} + +static inline void hlist_add_after(struct hlist_node *n, + struct hlist_node *next) +{ + next->next = n->next; + n->next = next; + next->pprev = &n->next; + + if (next->next) + next->next->pprev = &next->next; +} + +#define hlist_entry(ptr, type, member) container_of(ptr, type, member) + +#define hlist_for_each(pos, head) \ + for (pos = (head)->first; pos && ({ prefetch(pos->next); 1; }); \ + pos = pos->next) + +#define hlist_for_each_safe(pos, n, head) \ + for (pos = (head)->first; pos && ({ n = pos->next; 1; }); \ + pos = n) + +/** + * hlist_for_each_entry - iterate over list of given type + * @tpos: the type * to use as a loop counter. + * @pos: the &struct hlist_node to use as a loop counter. + * @head: the head for your list. + * @member: the name of the hlist_node within the struct. + */ +#define hlist_for_each_entry(tpos, pos, head, member) \ + for (pos = (head)->first; \ + pos && ({ prefetch(pos->next); 1; }) && \ + ({ tpos = hlist_entry(pos, typeof(*tpos), member); 1; }); \ + pos = pos->next) + +/** + * hlist_for_each_entry_continue - iterate over a hlist continuing after existing point + * @tpos: the type * to use as a loop counter. + * @pos: the &struct hlist_node to use as a loop counter. + * @member: the name of the hlist_node within the struct. + */ +#define hlist_for_each_entry_continue(tpos, pos, member) \ + for (pos = (pos)->next; \ + pos && ({ prefetch(pos->next); 1; }) && \ + ({ tpos = hlist_entry(pos, typeof(*tpos), member); 1; }); \ + pos = pos->next) + +/** + * hlist_for_each_entry_from - iterate over a hlist continuing from existing point + * @tpos: the type * to use as a loop counter. + * @pos: the &struct hlist_node to use as a loop counter. + * @member: the name of the hlist_node within the struct. + */ +#define hlist_for_each_entry_from(tpos, pos, member) \ + for (; pos && ({ prefetch(pos->next); 1; }) && \ + ({ tpos = hlist_entry(pos, typeof(*tpos), member); 1; }); \ + pos = pos->next) + +/** + * hlist_for_each_entry_safe - iterate over list of given type safe against removal of list entry + * @tpos: the type * to use as a loop counter. + * @pos: the &struct hlist_node to use as a loop counter. + * @n: another &struct hlist_node to use as temporary storage + * @head: the head for your list. + * @member: the name of the hlist_node within the struct. + */ +#define hlist_for_each_entry_safe(tpos, pos, n, head, member) \ + for (pos = (head)->first; \ + pos && ({ n = pos->next; 1; }) && \ + ({ tpos = hlist_entry(pos, typeof(*tpos), member); 1; }); \ + pos = n) + +/** + * hlist_for_each_entry_rcu - iterate over rcu list of given type + * @pos: the type * to use as a loop counter. + * @pos: the &struct hlist_node to use as a loop counter. + * @head: the head for your list. + * @member: the name of the hlist_node within the struct. + * + * This list-traversal primitive may safely run concurrently with + * the _rcu list-mutation primitives such as hlist_add_rcu() + * as long as the traversal is guarded by rcu_read_lock(). + */ +#define hlist_for_each_entry_rcu(tpos, pos, head, member) \ + for (pos = (head)->first; \ + pos && ({ prefetch(pos->next); 1; }) && \ + ({ tpos = hlist_entry(pos, typeof(*tpos), member); 1; }); \ + pos = pos->next, ({ smp_read_barrier_depends(); 0; })) + +#endif diff --git a/src/iftable.c b/src/iftable.c new file mode 100644 index 0000000..4673001 --- /dev/null +++ b/src/iftable.c @@ -0,0 +1,355 @@ +/* iftable - table of network interfaces + * + * (C) 2004 by Astaro AG, written by Harald Welte + * (C) 2008 by Pablo Neira Ayuso + * (C) 2024 by Duncan Roe + * + * This software is Free Software and licensed under GNU GPLv2+. + */ + +/* IFINDEX handling */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +#include +#include "rtnl.h" +#include "linux_list.h" + +/** + * \defgroup iftable Functions to manage a table of network interfaces + * These functions maintain a database of the name and flags of each + * network interface. + * @{ + */ + +struct ifindex_node { + struct list_head head; + + uint32_t index; + uint32_t type; + uint32_t alen; + uint32_t flags; + char addr[8]; + char name[16]; +}; + +struct nlif_handle { + struct list_head ifindex_hash[16]; + struct rtnl_handle *rtnl_handle; + struct rtnl_handler ifadd_handler; + struct rtnl_handler ifdel_handler; +}; + +/* iftable_add - Add/Update an entry to/in the interface table + * \param n: netlink message header of a RTM_NEWLINK message + * \param arg: not used + * + * This function adds/updates an entry in the intrface table. + * Returns -1 on error, 1 on success. + */ +static int iftable_add(struct nlmsghdr *n, void *arg) +{ + unsigned int hash, found = 0; + struct ifinfomsg *ifi_msg = NLMSG_DATA(n); + struct ifindex_node *this; + struct rtattr *cb[IFLA_MAX+1]; + struct nlif_handle *h = arg; + + if (n->nlmsg_type != RTM_NEWLINK) + return -1; + + if (n->nlmsg_len < NLMSG_LENGTH(sizeof(ifi_msg))) + return -1; + + rtnl_parse_rtattr(cb, IFLA_MAX, IFLA_RTA(ifi_msg), IFLA_PAYLOAD(n)); + + if (!cb[IFLA_IFNAME]) + return -1; + + hash = ifi_msg->ifi_index & 0xF; + list_for_each_entry(this, &h->ifindex_hash[hash], head) { + if (this->index == ifi_msg->ifi_index) { + found = 1; + break; + } + } + + if (!found) { + this = malloc(sizeof(*this)); + if (!this) + return -1; + + this->index = ifi_msg->ifi_index; + } + + this->type = ifi_msg->ifi_type; + this->flags = ifi_msg->ifi_flags; + if (cb[IFLA_ADDRESS]) { + unsigned int alen; + + this->alen = alen = RTA_PAYLOAD(cb[IFLA_ADDRESS]); + if (alen > sizeof(this->addr)) + alen = sizeof(this->addr); + memcpy(this->addr, RTA_DATA(cb[IFLA_ADDRESS]), alen); + } else { + this->alen = 0; + memset(this->addr, 0, sizeof(this->addr)); + } + strcpy(this->name, RTA_DATA(cb[IFLA_IFNAME])); + + if (!found) + list_add(&this->head, &h->ifindex_hash[hash]); + + return 1; +} + +/* iftable_del - Delete an entry from the interface table + * \param n: netlink message header of a RTM_DELLINK nlmsg + * \param arg: not used + * + * Delete an entry from the interface table. + * Returns -1 on error, 0 if no matching entry was found or 1 on success. + */ +static int iftable_del(struct nlmsghdr *n, void *arg) +{ + struct ifinfomsg *ifi_msg = NLMSG_DATA(n); + struct rtattr *cb[IFLA_MAX+1]; + struct nlif_handle *h = arg; + struct ifindex_node *this, *tmp; + unsigned int hash; + + if (n->nlmsg_type != RTM_DELLINK) + return -1; + + if (n->nlmsg_len < NLMSG_LENGTH(sizeof(ifi_msg))) + return -1; + + rtnl_parse_rtattr(cb, IFLA_MAX, IFLA_RTA(ifi_msg), IFLA_PAYLOAD(n)); + + hash = ifi_msg->ifi_index & 0xF; + list_for_each_entry_safe(this, tmp, &h->ifindex_hash[hash], head) { + if (this->index == ifi_msg->ifi_index) { + list_del(&this->head); + free(this); + return 1; + } + } + + return 0; +} + +/** + * nlif_index2name - get the name for an ifindex + * + * \param h pointer to nlif_handle created by nlif_open() + * \param index ifindex to be resolved + * \param name interface name, pass a buffer of IFNAMSIZ size + * \return -1 on error, 1 on success + */ +int nlif_index2name(struct nlif_handle *h, + unsigned int index, + char *name) +{ + unsigned int hash; + struct ifindex_node *this; + + assert(h != NULL); + assert(name != NULL); + + if (index == 0) { + strcpy(name, "*"); + return 1; + } + + hash = index & 0xF; + list_for_each_entry(this, &h->ifindex_hash[hash], head) { + if (this->index == index) { + strcpy(name, this->name); + return 1; + } + } + + errno = ENOENT; + return -1; +} + +/** + * nlif_get_ifflags - get the flags for an ifindex + * + * \param h pointer to nlif_handle created by nlif_open() + * \param index ifindex to be resolved + * \param flags pointer to variable used to store the interface flags + * \return -1 on error, 1 on success + */ +int nlif_get_ifflags(const struct nlif_handle *h, + unsigned int index, + unsigned int *flags) +{ + unsigned int hash; + struct ifindex_node *this; + + assert(h != NULL); + assert(flags != NULL); + + if (index == 0) { + errno = ENOENT; + return -1; + } + + hash = index & 0xF; + list_for_each_entry(this, &h->ifindex_hash[hash], head) { + if (this->index == index) { + *flags = this->flags; + return 1; + } + } + errno = ENOENT; + return -1; +} + +/** + * nlif_open - initialize interface table + * + * Initialize rtnl interface and interface table + * Call this before any nlif_* function + * + * \return file descriptor to netlink socket + */ +struct nlif_handle *nlif_open(void) +{ + int i; + struct nlif_handle *h; + + h = calloc(1, sizeof(struct nlif_handle)); + if (h == NULL) + goto err; + + for (i = 0; i < 16; i++) + INIT_LIST_HEAD(&h->ifindex_hash[i]); + + h->ifadd_handler.nlmsg_type = RTM_NEWLINK; + h->ifadd_handler.handlefn = iftable_add; + h->ifadd_handler.arg = h; + h->ifdel_handler.nlmsg_type = RTM_DELLINK; + h->ifdel_handler.handlefn = iftable_del; + h->ifdel_handler.arg = h; + + h->rtnl_handle = rtnl_open(); + if (h->rtnl_handle == NULL) + goto err; + + if (rtnl_handler_register(h->rtnl_handle, &h->ifadd_handler) < 0) + goto err_close; + + if (rtnl_handler_register(h->rtnl_handle, &h->ifdel_handler) < 0) + goto err_unregister; + + return h; + +err_unregister: + rtnl_handler_unregister(h->rtnl_handle, &h->ifadd_handler); +err_close: + rtnl_close(h->rtnl_handle); + free(h); +err: + return NULL; +} + +/** + * nlif_close - free all resources associated with the interface table + * + * \param h pointer to nlif_handle created by nlif_open() + */ +void nlif_close(struct nlif_handle *h) +{ + int i; + struct ifindex_node *this, *tmp; + + assert(h != NULL); + + rtnl_handler_unregister(h->rtnl_handle, &h->ifadd_handler); + rtnl_handler_unregister(h->rtnl_handle, &h->ifdel_handler); + rtnl_close(h->rtnl_handle); + + for (i = 0; i < 16; i++) { + list_for_each_entry_safe(this, tmp, &h->ifindex_hash[i], head) { + list_del(&this->head); + free(this); + } + } + + free(h); + h = NULL; /* bugtrap */ +} + +/** + * nlif_catch - receive message from netlink and update interface table + * + * FIXME - elaborate a bit + * + * \param h pointer to nlif_handle created by nlif_open() + * \return 0 if OK + */ +int nlif_catch(struct nlif_handle *h) +{ + assert(h != NULL); + + if (h->rtnl_handle) + return rtnl_receive(h->rtnl_handle); + + return -1; +} + +static int nlif_catch_multi(struct nlif_handle *h) +{ + assert(h != NULL); + + if (h->rtnl_handle) + return rtnl_receive_multi(h->rtnl_handle); + + return -1; +} + +/** + * nlif_query - request a dump of interfaces available in the system + * \param h: pointer to a valid nlif_handler + */ +int nlif_query(struct nlif_handle *h) +{ + assert(h != NULL); + + if (rtnl_dump_type(h->rtnl_handle, RTM_GETLINK) < 0) + return -1; + + return nlif_catch_multi(h); +} + +/** + * nlif_fd - get file descriptor for the netlink socket + * + * \param h pointer to nlif_handle created by nlif_open() + * \return The fd or -1 if there's an error + */ +int nlif_fd(struct nlif_handle *h) +{ + assert(h != NULL); + + if (h->rtnl_handle) + return h->rtnl_handle->rtnl_fd; + + return -1; +} + +/** + * @} + */ From patchwork Sat Oct 12 23:09:14 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Duncan Roe X-Patchwork-Id: 1996471 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20230601 header.b=lRdhRAoh; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2604:1380:45e3:2400::1; helo=sv.mirrors.kernel.org; envelope-from=netfilter-devel+bounces-4412-incoming=patchwork.ozlabs.org@vger.kernel.org; receiver=patchwork.ozlabs.org) Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org [IPv6:2604:1380:45e3:2400::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4XQzk06nrwz1xtp for ; Sun, 13 Oct 2024 10:10:32 +1100 (AEDT) Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id A8169282AC8 for ; Sat, 12 Oct 2024 23:10:31 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 9BA631527B1; Sat, 12 Oct 2024 23:09:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="lRdhRAoh" X-Original-To: netfilter-devel@vger.kernel.org Received: from mail-pf1-f180.google.com (mail-pf1-f180.google.com [209.85.210.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 928B91547CE for ; Sat, 12 Oct 2024 23:09:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.180 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774593; cv=none; b=uD4wC9/A/C3Y4Yz2eRTdt9EWFpLdYOiPHLivxrwQ6jI5Y8nohyaCvXSatMU0OOkWlV1QUxvdWN5WgAxHiwAXGO3Fe9yzvstuzoVMMZUrkCZznwHmqpn8B5uFLQreoO1uj3vQQ5cMGYwJLJF/8LPjuCHpcdgC3H8Pody2A645780= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774593; c=relaxed/simple; bh=yVcoUdHuNYoDoMCAStA1S9ZfW+JtshUmf3ZofciTkH4=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=WwEe2Wu2Tl/bxHaryujpV3m0iv/WyQpsIiireWJ0Y0ovhh6vhQdbnpC7VFvtBI7IPp/8mumyqD5yp8qy81GIFz7pKdgsPH/wi5GycTu+uDTbY+tntOtewT/izkqIyGehTW5xVH543puj+0rpqbRQIJLWWkKbzCF0jxGM1WT8cnc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=lRdhRAoh; arc=none smtp.client-ip=209.85.210.180 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-pf1-f180.google.com with SMTP id d2e1a72fcca58-71e4e481692so755544b3a.1 for ; Sat, 12 Oct 2024 16:09:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728774591; x=1729379391; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:from:to:cc:subject:date :message-id:reply-to; bh=rYQEoHeQdhC8793BkWJEFYVjrg7FB8ZMcZdvaI+WXNA=; b=lRdhRAohIdPYW0pDfUmZ5H7O0vUbmQV5VNNodOCHPJm6ffNyIgz0AvCC5taK9pP4em cdbX6d8Gxc0TpYurZLl06hLii7xjbRI29qxIaWK9MLixZzwmKi9QadhQHPB/XAfo/JQB Eu/+mo+YN2TfKCELVNa+nTVPgzNs6SvzpQ3Gcp5CFTOs/xhK44dCoUDmEYjKZUEgh+2M Ju7vQzgusws6KFeZQN1kh+lu1Jmc0eIuXalKV1GINAokn02HfeaVESrE7+hvdWZPYi2D HGq6xUAo76iNQZHckUqJ5rcywyXqto2wiZViKzR/jMd/DrofT2s/0VQTkDplSWWnolkk DBRg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728774591; x=1729379391; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=rYQEoHeQdhC8793BkWJEFYVjrg7FB8ZMcZdvaI+WXNA=; b=ZoZMV5TfSJAVnDK3882AbjN6n2NtfwSpPnjuTpf4Qesr1crX+cITD1T6zCT+S5QGpI 8KK6lV0oD1hY1r0JgIwHkKWjbf9nwbXQ9dPeLjAn4i0KqVWymbYg6oYPu4SM40m9ERD6 gG9Cr0UKZegWyTYlPfOh9M1lM1nTJWkeX6A0mNQNlM0nNpo460jwX5LNqZia056cuxAb v0yW5DM6fVIymcToNAyoTM7qZfHN/0tktkIPXahz8Dsq5SVS8NjjBm+ntRlZY2cuAIUD Mv/85yDOuhaR+90fSN5HsXzwFMi2tIgm4ycpo4lsOk/seTMWMdE/Ze4ieVVh2yQaOp8i TFEQ== X-Gm-Message-State: AOJu0YwHcn3hL12pD3FEnzMFSGLElnvvKbX2xu9tCZZfd70DxNUwuUDw M3h7oZ3dyE65ACz6WWXYVuWmwKSqR/37RvKIm8sm7zSSLS0fSqcX9sxsAQ== X-Google-Smtp-Source: AGHT+IF3ZazmfmqeSBrecG+BGJXlsai/xFLn5wqyk/B3ZX/WArd8FUHgEDOBmHabwuFBCYJDvXOfQQ== X-Received: by 2002:a05:6a00:23c7:b0:71e:695:41ee with SMTP id d2e1a72fcca58-71e4c139383mr6118919b3a.5.1728774590793; Sat, 12 Oct 2024 16:09:50 -0700 (PDT) Received: from slk15.local.net (n175-33-111-144.meb22.vic.optusnet.com.au. [175.33.111.144]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-71e2aab5bf9sm4854195b3a.145.2024.10.12.16.09.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Oct 2024 16:09:50 -0700 (PDT) Sender: Duncan Roe From: Duncan Roe To: pablo@netfilter.org Cc: netfilter-devel@vger.kernel.org Subject: [PATCH libnetfilter_queue v3 12/15] doc: Add iftable.c to the doxygen system Date: Sun, 13 Oct 2024 10:09:14 +1100 Message-Id: <20241012230917.11467-13-duncan_roe@optusnet.com.au> X-Mailer: git-send-email 2.35.8 In-Reply-To: <20241012230917.11467-1-duncan_roe@optusnet.com.au> References: <20241012230917.11467-1-duncan_roe@optusnet.com.au> Precedence: bulk X-Mailing-List: netfilter-devel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 iftable.c has a usage description (moved from libnetfilter_queue.c), but is not yet converted to use libmnl. Signed-off-by: Duncan Roe --- v3: - rebased - move doxygen.cfg patch from here to 11/15 v2: Created from patches 14/32 & 16/32 doxygen/Makefile.am | 1 + src/iftable.c | 49 ++++++++++++++++++++++++++++++++++++++++ src/libnetfilter_queue.c | 38 ++++--------------------------- 3 files changed, 54 insertions(+), 34 deletions(-) diff --git a/doxygen/Makefile.am b/doxygen/Makefile.am index 68be963..a6cd83a 100644 --- a/doxygen/Makefile.am +++ b/doxygen/Makefile.am @@ -2,6 +2,7 @@ if HAVE_DOXYGEN doc_srcs = $(top_srcdir)/src/libnetfilter_queue.c\ $(top_srcdir)/src/nlmsg.c\ + $(top_srcdir)/src/iftable.c\ $(top_srcdir)/src/extra/checksum.c\ $(top_srcdir)/src/extra/ipv4.c\ $(top_srcdir)/src/extra/pktbuff.c\ diff --git a/src/iftable.c b/src/iftable.c index 4673001..9884a52 100644 --- a/src/iftable.c +++ b/src/iftable.c @@ -29,6 +29,55 @@ * \defgroup iftable Functions to manage a table of network interfaces * These functions maintain a database of the name and flags of each * network interface. + * + * Programs access an nlif database through an opaque __struct nlif_handle__ + * interface resolving handle. Call nlif_open() to get a handle: + * \verbatim + h = nlif_open(); + if (h == NULL) { + perror("nlif_open"); + exit(EXIT_FAILURE); + } +\endverbatim + * Once the handler is open, you need to fetch the interface table at a + * whole via a call to nlif_query. + * \verbatim + nlif_query(h); +\endverbatim + * libnetfilter_queue is able to update the interface mapping + * when a new interface appears. + * To do so, you need to call nlif_catch() on the handler after each + * interface related event. The simplest way to get and treat event is to run + * a **select()** or **poll()** against the nlif and netilter_queue + * file descriptors. + * E.g. use nlif_fd() to get the nlif file descriptor, then give this fd to + * **poll()** as in this code snippet (error-checking removed): + * \verbatim + if_fd = nlif_fd(h); + qfd = mnl_socket_get_fd(nl); // For mnl API or ... + qfd = nfq_fd(qh); // For nfnl API + . . . + fds[0].fd = ifd; + fds[0].events = POLLIN; + fds[1].fd = qfd; + fds[1].events = POLLIN; + for(;;) + { + poll((struct pollfd *)&fds, 2, -1); + if (fds[0].revents & POLLIN) + nlif_catch(h); +\endverbatim + * Don't forget to close the handler when you don't need the feature anymore: + * \verbatim + nlif_close(h); +\endverbatim + * + * \manonly +.SH SYNOPSIS +.nf +\fB +#include +\endmanonly * @{ */ diff --git a/src/libnetfilter_queue.c b/src/libnetfilter_queue.c index ecdd144..970aea2 100644 --- a/src/libnetfilter_queue.c +++ b/src/libnetfilter_queue.c @@ -1324,34 +1324,7 @@ uint32_t nfq_get_physoutdev(struct nfq_data *nfad) * \param name pointer to the buffer to receive the interface name; * not more than \c IFNAMSIZ bytes will be copied to it. * \return -1 in case of error, >0 if it succeed. - * - * To use a nlif_handle, You need first to call nlif_open() and to open - * an handler. Don't forget to store the result as it will be used - * during all your program life: - * \verbatim - h = nlif_open(); - if (h == NULL) { - perror("nlif_open"); - exit(EXIT_FAILURE); - } -\endverbatim - * Once the handler is open, you need to fetch the interface table at a - * whole via a call to nlif_query. - * \verbatim - nlif_query(h); -\endverbatim - * libnfnetlink is able to update the interface mapping when a new interface - * appears. To do so, you need to call nlif_catch() on the handler after each - * interface related event. The simplest way to get and treat event is to run - * a select() or poll() against the nlif file descriptor. To get this file - * descriptor, you need to use nlif_fd: - * \verbatim - if_fd = nlif_fd(h); -\endverbatim - * Don't forget to close the handler when you don't need the feature anymore: - * \verbatim - nlif_close(h); -\endverbatim + * \sa __nlif_open__(3) * */ EXPORT_SYMBOL @@ -1370,9 +1343,8 @@ int nfq_get_indev_name(struct nlif_handle *nlif_handle, * \param name pointer to the buffer to receive the interface name; * not more than \c IFNAMSIZ bytes will be copied to it. * - * See nfq_get_indev_name() documentation for nlif_handle usage. - * * \return -1 in case of error, > 0 if it succeed. + * \sa __nlif_open__(3) */ EXPORT_SYMBOL int nfq_get_physindev_name(struct nlif_handle *nlif_handle, @@ -1390,9 +1362,8 @@ int nfq_get_physindev_name(struct nlif_handle *nlif_handle, * \param name pointer to the buffer to receive the interface name; * not more than \c IFNAMSIZ bytes will be copied to it. * - * See nfq_get_indev_name() documentation for nlif_handle usage. - * * \return -1 in case of error, > 0 if it succeed. + * \sa __nlif_open__(3) */ EXPORT_SYMBOL int nfq_get_outdev_name(struct nlif_handle *nlif_handle, @@ -1410,9 +1381,8 @@ int nfq_get_outdev_name(struct nlif_handle *nlif_handle, * \param name pointer to the buffer to receive the interface name; * not more than \c IFNAMSIZ bytes will be copied to it. * - * See nfq_get_indev_name() documentation for nlif_handle usage. - * * \return -1 in case of error, > 0 if it succeed. + * \sa __nlif_open__(3) */ EXPORT_SYMBOL From patchwork Sat Oct 12 23:09:15 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Duncan Roe X-Patchwork-Id: 1996473 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20230601 header.b=PXH2MZoV; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2604:1380:45e3:2400::1; helo=sv.mirrors.kernel.org; envelope-from=netfilter-devel+bounces-4413-incoming=patchwork.ozlabs.org@vger.kernel.org; receiver=patchwork.ozlabs.org) Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org [IPv6:2604:1380:45e3:2400::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4XQzk25DHbz1xtp for ; Sun, 13 Oct 2024 10:10:34 +1100 (AEDT) Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 7BE04282B27 for ; Sat, 12 Oct 2024 23:10:33 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 5858919CC10; Sat, 12 Oct 2024 23:09:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="PXH2MZoV" X-Original-To: netfilter-devel@vger.kernel.org Received: from mail-pf1-f180.google.com (mail-pf1-f180.google.com [209.85.210.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0655B12C549 for ; Sat, 12 Oct 2024 23:09:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.180 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774595; cv=none; b=VHcMCXWShew1MtkiCHfXj8DyQN+7sEH53G3b4B5jCeYnFG+mEVu9l35KkRm2ndYQVIvBIRdr+uFNp28i3rhsLcJNVRWpNAMJoMoxnIz6tqZni7QmpjhVui3vMA3LSt6MJoWBPRD580mpkb3ytnn4nxW1oBGs1ARGJWsID5vJsho= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774595; c=relaxed/simple; bh=MXr5yRjF80YgBd0hOpqu1S+wLUc/zHv3HACE28yrMuA=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=t0yoOjbcyF5mQ99418pdadWoIoUuX5ZOnib9KbzvkJ4scPS40Z5L/xRKnzCCsL9Bix2qA/OfTtrDKIhjbUjUHqtIrv2TAwVM5R2xQUwRN9ufMlhjd40IbfkVP+6wtJTTOhhpgLZd+hjc92pJfsEp7mfyiTJdeD4V0HWlyWGfoYU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=PXH2MZoV; arc=none smtp.client-ip=209.85.210.180 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-pf1-f180.google.com with SMTP id d2e1a72fcca58-71e3296e273so1938647b3a.3 for ; Sat, 12 Oct 2024 16:09:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728774593; x=1729379393; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:from:to:cc:subject:date :message-id:reply-to; bh=uXZ+2Y3Felz2oMW0OpREyXXFTdfP13cHcCJRTjNdx7M=; b=PXH2MZoVhoiojAFhwsnCQoXlZDBq6rvWBMHhiW5V53VCIZ9DDamQdrr7JFAr1ZWgJv nEj357MoHs0LKKrqoYDVAzLOcTgmSSCwjWaDDfd7k2IRQzZq9xVuCZIIoVVn4bvC8tCW Qjam/sJvQNZ5ghvmW2W6HfV4gPe/DTTwxV6L/SgpZNqXLgvN6IjhVbGEyiYrueFgnTTG 6rkSdjBdCUvClnUpdhCg7es3bnWwGw87+O0G6rPyIVbXkRjnWgIyKRJUNzNXeK+FrIFW iR2ZyK8oDzm6QoPdaFTodmWY0FnhZKW0LBQN69D6V5z4a/NuO3rjuZpeEdo0jg6Uv9kQ 7aYw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728774593; x=1729379393; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=uXZ+2Y3Felz2oMW0OpREyXXFTdfP13cHcCJRTjNdx7M=; b=HwioFdH5OZeZRc/YgBDmlpTMYuXYrHsz4drRbYwEpZMAJ1YNgyQ6v9ZM7FJby9/TkV YrYsw2moiJHuKYiy5ltcflmmePPErdMn4dFiJf/mlazLvOu6Q7Ui+g6100WSgeMS8K29 AniKbp4991JFv2cv+iytlQXvSl9lvkZUE0Unq2KzClTpRvwmY5UhpnjphiIII4NXdpdn MRdKXuH07NPFvwV5jS10+yoflLoN7FlkJcR2NvqeoW3JcRgJGwa3K1W96b/+8hlvkRRE i7NaOwobSqAC4DFcALp4TupHoGEfxqU8a9VuL4i48TswYLl47YHdB1UkYVAhuyX17Rif oW1w== X-Gm-Message-State: AOJu0Yz+7x2ZPuIlV+G9K2QstkrJYaKpl4u99q3K5thQIsn6kJy9+n95 ORBVwDENjaB/SZTzNLZfVtqHgnZSGC/910f0Xr8XL8WWO0auh/ecMK+8yQ== X-Google-Smtp-Source: AGHT+IEk8zIM8T6n+ag8SaB8OeQnlhslvNcS/Is13wCy4tbIAutuJBOpA3sV0QTQeWNafJV7wmjwNw== X-Received: by 2002:a05:6a00:21d2:b0:71e:117d:b12e with SMTP id d2e1a72fcca58-71e37e970efmr10443199b3a.9.1728774593093; Sat, 12 Oct 2024 16:09:53 -0700 (PDT) Received: from slk15.local.net (n175-33-111-144.meb22.vic.optusnet.com.au. [175.33.111.144]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-71e2aab5bf9sm4854195b3a.145.2024.10.12.16.09.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Oct 2024 16:09:52 -0700 (PDT) Sender: Duncan Roe From: Duncan Roe To: pablo@netfilter.org Cc: netfilter-devel@vger.kernel.org Subject: [PATCH libnetfilter_queue v3 13/15] src: Convert all nlif_* functions to use libmnl Date: Sun, 13 Oct 2024 10:09:15 +1100 Message-Id: <20241012230917.11467-14-duncan_roe@optusnet.com.au> X-Mailer: git-send-email 2.35.8 In-Reply-To: <20241012230917.11467-1-duncan_roe@optusnet.com.au> References: <20241012230917.11467-1-duncan_roe@optusnet.com.au> Precedence: bulk X-Mailing-List: netfilter-devel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 In iftable.c, replace calls to functions in rtnetlink.c with inline code (converted to use libmnl instead of libnfnetlink). It is essential to offer *all* functions originally provided by libnfnetlink so that a built program will either take its nlif_*() functions from libnetfilter_queue or libnfnetlink (depending on the build-time order in LIBS). While being about it, remove unnecessary libnfnetlink.h include and libnfnetlink dependency in libnetfilter_queue.c. Signed-off-by: Duncan Roe --- v3: - remove libnfnetlink.h include from libnetfilter_queue.c (done here since this is the last src patch in the series) v2: created from patches 19/32 & (some of) 32/32 src/Makefile.am | 1 + src/iftable.c | 311 ++++++++++++++++++++++-------------------------- src/libnetfilter_queue.c | 3 +-- 3 files changed, 142 insertions(+), 173 deletions(-) diff --git a/src/Makefile.am b/src/Makefile.am index 079853e..a6813e8 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -30,6 +30,7 @@ libnetfilter_queue_la_LDFLAGS = -Wc,-nostartfiles \ -version-info $(LIBVERSION) libnetfilter_queue_la_SOURCES = libnetfilter_queue.c \ nlmsg.c \ + iftable.c \ extra/checksum.c \ extra/icmp.c \ extra/ipv6.c \ diff --git a/src/iftable.c b/src/iftable.c index 9884a52..54364b3 100644 --- a/src/iftable.c +++ b/src/iftable.c @@ -11,19 +11,29 @@ #include #include +#include #include #include #include #include #include #include -#include #include -#include -#include "rtnl.h" -#include "linux_list.h" +#include +#include +#include +#include +#include + +#include "internal.h" + +#define NUM_NLIF_BITS 4 +#define NUM_NLIF_ENTRIES (1 << NUM_NLIF_BITS) +#define NLIF_ENTRY_MASK (NUM_NLIF_ENTRIES - 1) + +static int data_cb(const struct nlmsghdr *nlh, void *data); /** * \defgroup iftable Functions to manage a table of network interfaces @@ -86,117 +96,15 @@ struct ifindex_node { uint32_t index; uint32_t type; - uint32_t alen; uint32_t flags; - char addr[8]; - char name[16]; + char name[IFNAMSIZ]; }; struct nlif_handle { - struct list_head ifindex_hash[16]; - struct rtnl_handle *rtnl_handle; - struct rtnl_handler ifadd_handler; - struct rtnl_handler ifdel_handler; + struct list_head ifindex_hash[NUM_NLIF_ENTRIES]; + struct mnl_socket *nl; }; -/* iftable_add - Add/Update an entry to/in the interface table - * \param n: netlink message header of a RTM_NEWLINK message - * \param arg: not used - * - * This function adds/updates an entry in the intrface table. - * Returns -1 on error, 1 on success. - */ -static int iftable_add(struct nlmsghdr *n, void *arg) -{ - unsigned int hash, found = 0; - struct ifinfomsg *ifi_msg = NLMSG_DATA(n); - struct ifindex_node *this; - struct rtattr *cb[IFLA_MAX+1]; - struct nlif_handle *h = arg; - - if (n->nlmsg_type != RTM_NEWLINK) - return -1; - - if (n->nlmsg_len < NLMSG_LENGTH(sizeof(ifi_msg))) - return -1; - - rtnl_parse_rtattr(cb, IFLA_MAX, IFLA_RTA(ifi_msg), IFLA_PAYLOAD(n)); - - if (!cb[IFLA_IFNAME]) - return -1; - - hash = ifi_msg->ifi_index & 0xF; - list_for_each_entry(this, &h->ifindex_hash[hash], head) { - if (this->index == ifi_msg->ifi_index) { - found = 1; - break; - } - } - - if (!found) { - this = malloc(sizeof(*this)); - if (!this) - return -1; - - this->index = ifi_msg->ifi_index; - } - - this->type = ifi_msg->ifi_type; - this->flags = ifi_msg->ifi_flags; - if (cb[IFLA_ADDRESS]) { - unsigned int alen; - - this->alen = alen = RTA_PAYLOAD(cb[IFLA_ADDRESS]); - if (alen > sizeof(this->addr)) - alen = sizeof(this->addr); - memcpy(this->addr, RTA_DATA(cb[IFLA_ADDRESS]), alen); - } else { - this->alen = 0; - memset(this->addr, 0, sizeof(this->addr)); - } - strcpy(this->name, RTA_DATA(cb[IFLA_IFNAME])); - - if (!found) - list_add(&this->head, &h->ifindex_hash[hash]); - - return 1; -} - -/* iftable_del - Delete an entry from the interface table - * \param n: netlink message header of a RTM_DELLINK nlmsg - * \param arg: not used - * - * Delete an entry from the interface table. - * Returns -1 on error, 0 if no matching entry was found or 1 on success. - */ -static int iftable_del(struct nlmsghdr *n, void *arg) -{ - struct ifinfomsg *ifi_msg = NLMSG_DATA(n); - struct rtattr *cb[IFLA_MAX+1]; - struct nlif_handle *h = arg; - struct ifindex_node *this, *tmp; - unsigned int hash; - - if (n->nlmsg_type != RTM_DELLINK) - return -1; - - if (n->nlmsg_len < NLMSG_LENGTH(sizeof(ifi_msg))) - return -1; - - rtnl_parse_rtattr(cb, IFLA_MAX, IFLA_RTA(ifi_msg), IFLA_PAYLOAD(n)); - - hash = ifi_msg->ifi_index & 0xF; - list_for_each_entry_safe(this, tmp, &h->ifindex_hash[hash], head) { - if (this->index == ifi_msg->ifi_index) { - list_del(&this->head); - free(this); - return 1; - } - } - - return 0; -} - /** * nlif_index2name - get the name for an ifindex * @@ -205,6 +113,7 @@ static int iftable_del(struct nlmsghdr *n, void *arg) * \param name interface name, pass a buffer of IFNAMSIZ size * \return -1 on error, 1 on success */ +EXPORT_SYMBOL int nlif_index2name(struct nlif_handle *h, unsigned int index, char *name) @@ -212,9 +121,6 @@ int nlif_index2name(struct nlif_handle *h, unsigned int hash; struct ifindex_node *this; - assert(h != NULL); - assert(name != NULL); - if (index == 0) { strcpy(name, "*"); return 1; @@ -240,6 +146,7 @@ int nlif_index2name(struct nlif_handle *h, * \param flags pointer to variable used to store the interface flags * \return -1 on error, 1 on success */ +EXPORT_SYMBOL int nlif_get_ifflags(const struct nlif_handle *h, unsigned int index, unsigned int *flags) @@ -247,9 +154,6 @@ int nlif_get_ifflags(const struct nlif_handle *h, unsigned int hash; struct ifindex_node *this; - assert(h != NULL); - assert(flags != NULL); - if (index == 0) { errno = ENOENT; return -1; @@ -269,11 +173,12 @@ int nlif_get_ifflags(const struct nlif_handle *h, /** * nlif_open - initialize interface table * - * Initialize rtnl interface and interface table - * Call this before any nlif_* function + * Open a netlink socket and initialize interface table + * Call this before any other nlif_* function * - * \return file descriptor to netlink socket + * \return NULL on error, else valid pointer to an nlif_handle structure */ +EXPORT_SYMBOL struct nlif_handle *nlif_open(void) { int i; @@ -283,32 +188,21 @@ struct nlif_handle *nlif_open(void) if (h == NULL) goto err; - for (i = 0; i < 16; i++) + for (i = 0; i < NUM_NLIF_ENTRIES; i++) INIT_LIST_HEAD(&h->ifindex_hash[i]); - h->ifadd_handler.nlmsg_type = RTM_NEWLINK; - h->ifadd_handler.handlefn = iftable_add; - h->ifadd_handler.arg = h; - h->ifdel_handler.nlmsg_type = RTM_DELLINK; - h->ifdel_handler.handlefn = iftable_del; - h->ifdel_handler.arg = h; + h->nl = mnl_socket_open(NETLINK_ROUTE); + if (!h->nl) + goto err_free; - h->rtnl_handle = rtnl_open(); - if (h->rtnl_handle == NULL) - goto err; - - if (rtnl_handler_register(h->rtnl_handle, &h->ifadd_handler) < 0) + if (mnl_socket_bind(h->nl, RTMGRP_LINK, MNL_SOCKET_AUTOPID) < 0) goto err_close; - if (rtnl_handler_register(h->rtnl_handle, &h->ifdel_handler) < 0) - goto err_unregister; - return h; -err_unregister: - rtnl_handler_unregister(h->rtnl_handle, &h->ifadd_handler); err_close: - rtnl_close(h->rtnl_handle); + mnl_socket_close(h->nl); +err_free: free(h); err: return NULL; @@ -319,18 +213,15 @@ err: * * \param h pointer to nlif_handle created by nlif_open() */ +EXPORT_SYMBOL void nlif_close(struct nlif_handle *h) { int i; struct ifindex_node *this, *tmp; - assert(h != NULL); + mnl_socket_close(h->nl); - rtnl_handler_unregister(h->rtnl_handle, &h->ifadd_handler); - rtnl_handler_unregister(h->rtnl_handle, &h->ifdel_handler); - rtnl_close(h->rtnl_handle); - - for (i = 0; i < 16; i++) { + for (i = 0; i < NUM_NLIF_ENTRIES; i++) { list_for_each_entry_safe(this, tmp, &h->ifindex_hash[i], head) { list_del(&this->head); free(this); @@ -344,61 +235,139 @@ void nlif_close(struct nlif_handle *h) /** * nlif_catch - receive message from netlink and update interface table * - * FIXME - elaborate a bit - * * \param h pointer to nlif_handle created by nlif_open() * \return 0 if OK */ +EXPORT_SYMBOL int nlif_catch(struct nlif_handle *h) { - assert(h != NULL); - - if (h->rtnl_handle) - return rtnl_receive(h->rtnl_handle); - - return -1; -} - -static int nlif_catch_multi(struct nlif_handle *h) -{ - assert(h != NULL); - - if (h->rtnl_handle) - return rtnl_receive_multi(h->rtnl_handle); + /* + * Use MNL_SOCKET_BUFFER_SIZE instead of MNL_SOCKET_DUMP_SIZE + * to keep memory footprint same as it was. + */ + char buf[MNL_SOCKET_BUFFER_SIZE]; + int ret; + + if (!h->nl) /* The old library had this test */ + return -1; - return -1; + ret = mnl_socket_recvfrom(h->nl, buf, sizeof(buf)); + if (ret == -1) + return -1; + return mnl_cb_run(buf, ret, 0, mnl_socket_get_portid(h->nl), + data_cb, h) == -1 ? -1 : 0; } /** * nlif_query - request a dump of interfaces available in the system * \param h: pointer to a valid nlif_handler + * \return -1 on error with errno set, else >=0 */ +EXPORT_SYMBOL int nlif_query(struct nlif_handle *h) { - assert(h != NULL); - - if (rtnl_dump_type(h->rtnl_handle, RTM_GETLINK) < 0) + char buf[MNL_SOCKET_BUFFER_SIZE]; + struct nlmsghdr *nlh; + uint32_t seq; + int ret; + struct rtgenmsg *rt; + + nlh = mnl_nlmsg_put_header(buf); + nlh->nlmsg_type = RTM_GETLINK; + nlh->nlmsg_flags = NLM_F_REQUEST | NLM_F_DUMP; + nlh->nlmsg_seq = seq = time(NULL); + rt = mnl_nlmsg_put_extra_header(nlh, sizeof(struct rtgenmsg)); + rt->rtgen_family = AF_PACKET; + if (mnl_socket_sendto(h->nl, nlh, nlh->nlmsg_len) < 0) return -1; - - return nlif_catch_multi(h); + ret = mnl_socket_recvfrom(h->nl, buf, sizeof(buf)); + while (ret > 0) { + ret = mnl_cb_run(buf, ret, seq, mnl_socket_get_portid(h->nl), + data_cb, h); + if (ret <= MNL_CB_STOP) + break; + ret = mnl_socket_recvfrom(h->nl, buf, sizeof(buf)); + } + return ret; } /** * nlif_fd - get file descriptor for the netlink socket * * \param h pointer to nlif_handle created by nlif_open() - * \return The fd or -1 if there's an error + * \return socket fd or -1 on error */ +EXPORT_SYMBOL int nlif_fd(struct nlif_handle *h) { - assert(h != NULL); - - if (h->rtnl_handle) - return h->rtnl_handle->rtnl_fd; - - return -1; + return h->nl ? mnl_socket_get_fd(h->nl) : -1; } /** * @} */ + +/* + * data_cb - callback for rtnetlink messages + * caller will put nlif_handle in data + */ + +static int data_cb(const struct nlmsghdr *nlh, void *data) +{ + struct ifinfomsg *ifi_msg = mnl_nlmsg_get_payload(nlh); + struct nlif_handle *h = data; + struct nlattr *attr; + uint32_t hash; + struct ifindex_node *this, *tmp; + + if (nlh->nlmsg_type != RTM_NEWLINK && nlh->nlmsg_type != RTM_DELLINK) { + errno = EPROTO; + return MNL_CB_ERROR; + } + hash = ifi_msg->ifi_index & NLIF_ENTRY_MASK; + + /* RTM_DELLINK is simple, do it first for less indenting */ + if (nlh->nlmsg_type == RTM_DELLINK) { + /* + * The original code used list_for_each_entry_safe when deleting + * and list_for_each_entry when adding. + * The code is only ever going to delete one entry + * so what does the safe variant achieve? + * In a multi-threaded app, + * I'd suggest a pthread rwlock on all nlif accesses. + */ + list_for_each_entry_safe(this, tmp, &h->ifindex_hash[hash], + head) { + if (this->index == ifi_msg->ifi_index) { + list_del(&this->head); + free(this); + } + } + return MNL_CB_OK; + } + + list_for_each_entry(this, &h->ifindex_hash[hash], head) { + if (this->index == ifi_msg->ifi_index) + goto found; + } + this = calloc(1, sizeof(*this)); + if (!this) + return MNL_CB_ERROR; + this->index = ifi_msg->ifi_index; + this->type = ifi_msg->ifi_type; + this->flags = ifi_msg->ifi_flags; + list_add(&this->head, &h->ifindex_hash[hash]); +found: + mnl_attr_for_each(attr, nlh, sizeof(*ifi_msg)) { + /* All we want is the interface name */ + if (mnl_attr_get_type(attr) == IFLA_IFNAME) { + if (mnl_attr_validate(attr, MNL_TYPE_STRING) < 0) { + perror("mnl_attr_validate"); + return MNL_CB_ERROR; + } + strcpy(this->name, mnl_attr_get_str(attr)); + break; + } + } + return MNL_CB_OK; +} diff --git a/src/libnetfilter_queue.c b/src/libnetfilter_queue.c index 334f898..dd9c9db 100644 --- a/src/libnetfilter_queue.c +++ b/src/libnetfilter_queue.c @@ -32,7 +32,6 @@ #include #include -#include #include #include "internal.h" @@ -47,7 +46,7 @@ * https://netfilter.org/projects/libnetfilter_queue/ *

Dependencies

- * libnetfilter_queue requires libmnl, libnfnetlink and a kernel that includes + * libnetfilter_queue requires libmnl and a kernel that includes * the Netfilter NFQUEUE over NFNETLINK interface (i.e. 2.6.14 or later). * *

Main Features

From patchwork Sat Oct 12 23:09:16 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Duncan Roe X-Patchwork-Id: 1996474 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20230601 header.b=KJXpDnd1; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2604:1380:45e3:2400::1; helo=sv.mirrors.kernel.org; envelope-from=netfilter-devel+bounces-4414-incoming=patchwork.ozlabs.org@vger.kernel.org; receiver=patchwork.ozlabs.org) Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org [IPv6:2604:1380:45e3:2400::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4XQzk44FFYz1xtp for ; Sun, 13 Oct 2024 10:10:36 +1100 (AEDT) Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 522D8282B2E for ; Sat, 12 Oct 2024 23:10:35 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 0B191146A73; Sat, 12 Oct 2024 23:09:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="KJXpDnd1" X-Original-To: netfilter-devel@vger.kernel.org Received: from mail-pf1-f169.google.com (mail-pf1-f169.google.com [209.85.210.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0719A19B3F6 for ; Sat, 12 Oct 2024 23:09:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.169 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774597; cv=none; b=AremH2/ijDOzwdSqumpUFCzSLJkApGCtxaUAsyxY/CeQOEcIFVFtLR8DDKW9Sz2rb1QHF4rwPNeG8zpEnZ5eFtJJQpUAYmzzAkbjaVsWEIY7iC4EqcdQOoLZmdFaPRWT7T97q2dZ+MPmSjGdOKeQf+XErmMfYA7PRJEQ5IsfDPE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774597; c=relaxed/simple; bh=LqL9DaQ7VQ+AgtvOv/X6xNTn+AwxOFExF80CiOHxa0c=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=UAy61D05shpu2VbI6iKqomCNt2mmFU3dF5aUSEFUZsIXW7Jyb6ng+JLoEsqiiHuW1jwAY74LKBhkjC7Zq1I0tQ8qhqxEzAAc4DRNsA7CUnuoDZYjOM/5bb6pmV/VbYlgMOpoSU5qsbIPmjT/fk+Ln3n2zzPfnjPQooafe1jFqIQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=KJXpDnd1; arc=none smtp.client-ip=209.85.210.169 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-pf1-f169.google.com with SMTP id d2e1a72fcca58-71e06ba441cso2646784b3a.1 for ; Sat, 12 Oct 2024 16:09:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728774595; x=1729379395; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:from:to:cc:subject:date :message-id:reply-to; bh=QZHPjSpt6InkI2chKvTg3lHQRRTjz1vX3ht7WO8bTVs=; b=KJXpDnd1VueBn8h0kkmN0iu2kTtOsWU5NMHofkNsvJlpkwF+a+OF2v1W7bBvHFZxtW 78auhmxMkAJxpw3Su//M49GtkdlYUpVtcAkll4SZGe4BS2ChU/joeCzrXCbmVwD0UCvh FG6H/ipFweooVDkLKC36jRgIkhZPVX7RtwU+KwQ8aFg8z+BgT/ZCN4+zL3g+JRuswpiz c/QCOCugwje/zWnWWeBuJY2CDiaobpaEVcq4d1MfRKulDND43fVaRYE7vYTzF9Q7cDRI NoBfHmeZ+50IFWKY0W/y28pgO4eTGSDkR6G2PGpFySytVDK1V7J+QLPr2jEl97f7wnv8 qDJg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728774595; x=1729379395; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=QZHPjSpt6InkI2chKvTg3lHQRRTjz1vX3ht7WO8bTVs=; b=J/LEk6E3nGHO+Ux2rdmhBeVYR4x17amPttm7MG2RjXVKEsMuOdDHz9IlVRb7GsZ6Xs xtwyeIs8RB/uh3DKWwYU81NXuMIPdHHZDlPuJJNgQu1ucOEJ26AYg1Nwy8DBiNaP2o9b XyKx1/FCmYNUcL1xSM5/qs9IbRhfNZY6t6Y5jyAsJfy6lwHoh8rzsX4WxAN8vJ8P/lk9 9BIM+wkMI3qGkDIkfoGGlJCbItbXOTmkAXMMBJcu6DhD2ntyniU+5/sjU/S2sTMBxDXq WYsPZYXBNrfhMiNS77HAkYhfSM3Q3JHYkRWckHrpDxUpL4kPzKHyWt1tY1MEC7kRO4gt /9AA== X-Gm-Message-State: AOJu0YzOr19V+o4cPJ770vGdT7seMmhucgWAU3dIgikvh3IL68Ohetgl MKsBPbZvc6AR44uQ/sxnjaBbaN/Hlfy3DfpiIoUAjgYnvlPMANiMaoQ+Ow== X-Google-Smtp-Source: AGHT+IFMMqxn/V0TDsVrDy5qAUVQ9KA6J4VEU963143kSMiaFxBdDEZn0Yj+zk0PhIrabI81ih4xbA== X-Received: by 2002:a05:6a00:8d0:b0:71e:1875:f16b with SMTP id d2e1a72fcca58-71e37ee1db5mr10994658b3a.16.1728774595376; Sat, 12 Oct 2024 16:09:55 -0700 (PDT) Received: from slk15.local.net (n175-33-111-144.meb22.vic.optusnet.com.au. [175.33.111.144]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-71e2aab5bf9sm4854195b3a.145.2024.10.12.16.09.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Oct 2024 16:09:54 -0700 (PDT) Sender: Duncan Roe From: Duncan Roe To: pablo@netfilter.org Cc: netfilter-devel@vger.kernel.org Subject: [PATCH libnetfilter_queue v3 14/15] include: Use libmnl.h instead of libnfnetlink.h Date: Sun, 13 Oct 2024 10:09:16 +1100 Message-Id: <20241012230917.11467-15-duncan_roe@optusnet.com.au> X-Mailer: git-send-email 2.35.8 In-Reply-To: <20241012230917.11467-1-duncan_roe@optusnet.com.au> References: <20241012230917.11467-1-duncan_roe@optusnet.com.au> Precedence: bulk X-Mailing-List: netfilter-devel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Add nlif_* prototypes and 64-bit converters to libnetfilter_queue.h. Update (deprecated) include/libnetfilter_queue/linux_nfnetlink_queue.h to not include linux/nfnetlink.h (no replacement required) Signed-off-by: Duncan Roe --- Changes in v3: - Remove include of linux/nfnetlink.h (not needed) - Rebased Changes in v2: - This was patch 18 v1 - Update commit message: - libnetfilter_queue.c has no libnfnetlink.h references (removed in patch 6 v2). - Incorporate patch 22 v1 .../libnetfilter_queue/libnetfilter_queue.h | 36 ++++++++++++++++++- .../linux_nfnetlink_queue.h | 3 +- 2 files changed, 37 insertions(+), 2 deletions(-) diff --git a/include/libnetfilter_queue/libnetfilter_queue.h b/include/libnetfilter_queue/libnetfilter_queue.h index 9327f8c..46289f2 100644 --- a/include/libnetfilter_queue/libnetfilter_queue.h +++ b/include/libnetfilter_queue/libnetfilter_queue.h @@ -14,7 +14,7 @@ #define __LIBCTNETLINK_H #include -#include +#include #include @@ -25,6 +25,7 @@ extern "C" { struct nfq_handle; struct nfq_q_handle; struct nfq_data; +struct nlif_handle; extern int nfq_errno; @@ -155,8 +156,41 @@ int nfq_nlmsg_parse(const struct nlmsghdr *nlh, struct nlattr **attr); struct nlmsghdr *nfq_nlmsg_put(char *buf, int type, uint32_t queue_num); struct nlmsghdr *nfq_nlmsg_put2(char *buf, int type, uint32_t queue_num, uint16_t flags); +/* + * Network Interface Table API + */ + +#ifndef IFNAMSIZ +#define IFNAMSIZ 16 +#endif + +struct nlif_handle *nlif_open(void); +void nlif_close(struct nlif_handle *orig); +int nlif_fd(struct nlif_handle *nlif_handle); +int nlif_query(struct nlif_handle *nlif_handle); +int nlif_catch(struct nlif_handle *nlif_handle); +int nlif_index2name(struct nlif_handle *nlif_handle, unsigned int if_index, char *name); +int nlif_get_ifflags(const struct nlif_handle *h, unsigned int index, unsigned int *flags); + #ifdef __cplusplus } /* extern "C" */ #endif +/* + * __be46 stuff - should be in libmnl.h maybe? + */ + +#include +#if __BYTE_ORDER == __BIG_ENDIAN +# ifndef __be64_to_cpu +# define __be64_to_cpu(x) (x) +# endif +# else +# if __BYTE_ORDER == __LITTLE_ENDIAN +# ifndef __be64_to_cpu +# define __be64_to_cpu(x) __bswap_64(x) +# endif +# endif +#endif + #endif /* __LIBNFQNETLINK_H */ diff --git a/include/libnetfilter_queue/linux_nfnetlink_queue.h b/include/libnetfilter_queue/linux_nfnetlink_queue.h index 6844270..82d8ece 100644 --- a/include/libnetfilter_queue/linux_nfnetlink_queue.h +++ b/include/libnetfilter_queue/linux_nfnetlink_queue.h @@ -8,7 +8,6 @@ #endif #include -#include enum nfqnl_msg_types { NFQNL_MSG_PACKET, /* packet from kernel to userspace */ From patchwork Sat Oct 12 23:09:17 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Duncan Roe X-Patchwork-Id: 1996475 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20230601 header.b=JAe3bArH; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2604:1380:45d1:ec00::1; helo=ny.mirrors.kernel.org; envelope-from=netfilter-devel+bounces-4415-incoming=patchwork.ozlabs.org@vger.kernel.org; receiver=patchwork.ozlabs.org) Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org [IPv6:2604:1380:45d1:ec00::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4XQzk71wXBz1xtp for ; Sun, 13 Oct 2024 10:10:39 +1100 (AEDT) Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 553191C20DC4 for ; Sat, 12 Oct 2024 23:10:37 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 3495B19B3F6; Sat, 12 Oct 2024 23:10:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="JAe3bArH" X-Original-To: netfilter-devel@vger.kernel.org Received: from mail-pf1-f174.google.com (mail-pf1-f174.google.com [209.85.210.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5426313D29A for ; Sat, 12 Oct 2024 23:09:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.174 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774599; cv=none; b=LAJvnsFh21SFyt1r+gKeBNGTUlyts4r8dEoc+OY3+nuTXcApI4m10lD2+JViyi2ZDPsUG2wCDOeoXnULbJLbtKjYU/VMLdZuAG9Pjxuxxl0r4X5u8qPzsWXv5/7ZS69p3/0dDQ4BJs54JLYosC95Vl04jxuZCWawOttKrdlWPhg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728774599; c=relaxed/simple; bh=Gz8yL3O+Vo03l/rDIikrDVqq4lhCPeRPZ3EXLKj1bZY=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=pC4MH4APJMPGU6kedVkWUGHZ5LlV/amzTr8jCqXVUaz41BwI7ip/hM35u5T11ibx56iZTwlukVMvL4eA385LX8oZ/3+PerG0MMMn8ICD3+BXpHSDMPBk2TX/pqfSvC4L/y9KKTBbRrsOWRw5/V0DllKh+HvVWm454PjJnYGB4K0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=JAe3bArH; arc=none smtp.client-ip=209.85.210.174 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=optusnet.com.au Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-pf1-f174.google.com with SMTP id d2e1a72fcca58-71e580256c2so248048b3a.3 for ; Sat, 12 Oct 2024 16:09:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1728774597; x=1729379397; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:from:to:cc:subject:date :message-id:reply-to; bh=+woaX/kz0i+zZjaFmPWAfc+jsPO0Wn6eUxHNT7FQPYc=; b=JAe3bArHI8PiA0kPLAgnNzj5JrCdC7K3SSJcn77Sf8BoIPDrv43EpJBW/Fbtd6OoAh X0/ks1m7WypHURwZ/KXXSa52xAtpcFzPBBB5MuHoOYP7t98KV+UuvtG86R7gFOncRzg/ MPit92xhvnGJPFfYqqEeQHi+ifDy7S3ANdClEnrJXYCFWOUiiBA1vllHzqHXMXbvMFvD sRB44ISR/MHn0on+rAEqzNgx1Ub3exMkRxcitm8nlZExuaWHgfm7p6k9m6G11GYo6ygK 7qAFFz4/En/PgQkHGDZFGo3APVFR71+vT8XET725KB/7iKA02TMQ3N++NcowJAiwPmN6 8HUg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728774597; x=1729379397; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=+woaX/kz0i+zZjaFmPWAfc+jsPO0Wn6eUxHNT7FQPYc=; b=b2Lq0pigA328ajMJcE1mAGmH1EXhMzmEJ1QsofcYoflceMQOHe/FZmxp0q7fWE39bp YO6Bi7KDVACPETG0qFRKnwXVxwNmJRHf+nvtIOkvwHbqodwqplYbEY8TYhQcrCdtLDSJ 01PjFn2iLdT310qb34hGc5K27d7kCT3kw46SrYEUYinCjI169Boda/H+Tal70uSnVkEx mZSNTxzrdE5LAWbvAu+FQGQFYtouv0csJkNNZZWAEMO69ojh0LI7pWSfeRxYYivi+xdY DPpoFF8fRw0B/TA6iTyKS7dtvH53/0h7dsKlYJrbWzjLm+ImGsp5QuAphg+zvTbk7V/D K/1g== X-Gm-Message-State: AOJu0YwPgRPoLiosKBYD8lJREhYsFzpi+2QljxfVlqP5xBeb5HFgwWgh eXHAc9HYg1uq2rhaFqvA370MSvZDrq7Or/aDAarpkoVVkqcNS5L7KozTeA== X-Google-Smtp-Source: AGHT+IG3+3X7xp7RYkFAKsF/KJFm6Byz3P4szyebg0BBt83Wips26NQiiY18Vkd2/Kb/gr1JiI7Fbw== X-Received: by 2002:a05:6a21:38c:b0:1d8:aca5:ea86 with SMTP id adf61e73a8af0-1d8bcf42336mr10295779637.23.1728774597558; Sat, 12 Oct 2024 16:09:57 -0700 (PDT) Received: from slk15.local.net (n175-33-111-144.meb22.vic.optusnet.com.au. [175.33.111.144]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-71e2aab5bf9sm4854195b3a.145.2024.10.12.16.09.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 12 Oct 2024 16:09:57 -0700 (PDT) Sender: Duncan Roe From: Duncan Roe To: pablo@netfilter.org Cc: netfilter-devel@vger.kernel.org Subject: [PATCH libnetfilter_queue v3 15/15] build: Remove libnfnetlink from the build Date: Sun, 13 Oct 2024 10:09:17 +1100 Message-Id: <20241012230917.11467-16-duncan_roe@optusnet.com.au> X-Mailer: git-send-email 2.35.8 In-Reply-To: <20241012230917.11467-1-duncan_roe@optusnet.com.au> References: <20241012230917.11467-1-duncan_roe@optusnet.com.au> Precedence: bulk X-Mailing-List: netfilter-devel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 libnfnetlink was a "private library" - always loaded whether user apps used it or not. Remove it now it is no longer needed. Signed-off-by: Duncan Roe --- v3: no change v2: This was patch 21/32. No changes. Make_global.am | 2 +- configure.ac | 1 - libnetfilter_queue.pc.in | 2 -- src/Makefile.am | 2 +- 4 files changed, 2 insertions(+), 5 deletions(-) diff --git a/Make_global.am b/Make_global.am index 91da5da..4d8a58e 100644 --- a/Make_global.am +++ b/Make_global.am @@ -1,2 +1,2 @@ -AM_CPPFLAGS = -I${top_srcdir}/include ${LIBNFNETLINK_CFLAGS} ${LIBMNL_CFLAGS} +AM_CPPFLAGS = -I${top_srcdir}/include ${LIBMNL_CFLAGS} AM_CFLAGS = -Wall ${GCC_FVISIBILITY_HIDDEN} diff --git a/configure.ac b/configure.ac index 7359fba..ba7b15f 100644 --- a/configure.ac +++ b/configure.ac @@ -42,7 +42,6 @@ case "$host" in esac dnl Dependencies -PKG_CHECK_MODULES([LIBNFNETLINK], [libnfnetlink >= 0.0.41]) PKG_CHECK_MODULES([LIBMNL], [libmnl >= 1.0.3]) AS_IF([test "$enable_man_pages" = no -a "$enable_html_doc" = no], diff --git a/libnetfilter_queue.pc.in b/libnetfilter_queue.pc.in index 9c6c2c4..1927a8a 100644 --- a/libnetfilter_queue.pc.in +++ b/libnetfilter_queue.pc.in @@ -9,8 +9,6 @@ Name: libnetfilter_queue Description: netfilter userspace packet queueing library URL: http://netfilter.org/projects/libnetfilter_queue/ Version: @VERSION@ -Requires: libnfnetlink Conflicts: Libs: -L${libdir} -lnetfilter_queue -Libs.private: @LIBNFNETLINK_LIBS@ Cflags: -I${includedir} diff --git a/src/Makefile.am b/src/Makefile.am index a6813e8..e5e1d66 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -39,4 +39,4 @@ libnetfilter_queue_la_SOURCES = libnetfilter_queue.c \ extra/pktbuff.c \ extra/udp.c -libnetfilter_queue_la_LIBADD = ${LIBNFNETLINK_LIBS} ${LIBMNL_LIBS} +libnetfilter_queue_la_LIBADD = ${LIBMNL_LIBS}