* [PATCH libnftnl 0/2] bitwise shift support
@ 2020-01-10 12:34 Jeremy Sowden
2020-01-10 12:34 ` [PATCH libnftnl 1/2] gitignore: add tag and Emacs back-up files Jeremy Sowden
2020-01-10 12:34 ` [PATCH libnftnl 2/2] bitwise: add support for left and right shifts Jeremy Sowden
0 siblings, 2 replies; 3+ messages in thread
From: Jeremy Sowden @ 2020-01-10 12:34 UTC (permalink / raw)
To: Netfilter Devel
The kernel supports bitwise shift operations. This patch-set adds the
netlink support.
There is a preliminary patch adding some editor artefacts to .gitignore.
Jeremy Sowden (2):
gitignore: add tag and Emacs back-up files.
bitwise: add support for left and right shifts.
.gitignore | 9 ++
include/libnftnl/expr.h | 2 +
include/linux/netfilter/nf_tables.h | 4 +
src/expr/bitwise.c | 68 ++++++++--
tests/nft-expr_bitwise-test.c | 186 +++++++++++++++++++++++++---
5 files changed, 241 insertions(+), 28 deletions(-)
--
2.24.1
^ permalink raw reply [flat|nested] 3+ messages in thread
* [PATCH libnftnl 1/2] gitignore: add tag and Emacs back-up files.
2020-01-10 12:34 [PATCH libnftnl 0/2] bitwise shift support Jeremy Sowden
@ 2020-01-10 12:34 ` Jeremy Sowden
2020-01-10 12:34 ` [PATCH libnftnl 2/2] bitwise: add support for left and right shifts Jeremy Sowden
1 sibling, 0 replies; 3+ messages in thread
From: Jeremy Sowden @ 2020-01-10 12:34 UTC (permalink / raw)
To: Netfilter Devel
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
---
.gitignore | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/.gitignore b/.gitignore
index 1650e5853cd0..e62f850fddf6 100644
--- a/.gitignore
+++ b/.gitignore
@@ -29,3 +29,12 @@ examples/*
tests/*
!tests/*.c
!tests/Makefile.am
+
+# Tag files for Vim and Emacs.
+TAGS
+tags
+
+# Emacs back-up files
+*~
+\#*\#
+.\#*
--
2.24.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [PATCH libnftnl 2/2] bitwise: add support for left and right shifts.
2020-01-10 12:34 [PATCH libnftnl 0/2] bitwise shift support Jeremy Sowden
2020-01-10 12:34 ` [PATCH libnftnl 1/2] gitignore: add tag and Emacs back-up files Jeremy Sowden
@ 2020-01-10 12:34 ` Jeremy Sowden
1 sibling, 0 replies; 3+ messages in thread
From: Jeremy Sowden @ 2020-01-10 12:34 UTC (permalink / raw)
To: Netfilter Devel
Add new attributes to bitwise expressions to implement bit-shifts.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
---
include/libnftnl/expr.h | 2 +
include/linux/netfilter/nf_tables.h | 4 +
src/expr/bitwise.c | 52 +++++++-
tests/nft-expr_bitwise-test.c | 186 +++++++++++++++++++++++++---
4 files changed, 225 insertions(+), 19 deletions(-)
diff --git a/include/libnftnl/expr.h b/include/libnftnl/expr.h
index 3e0f5b078c7a..062261a2dc38 100644
--- a/include/libnftnl/expr.h
+++ b/include/libnftnl/expr.h
@@ -116,6 +116,8 @@ enum {
NFTNL_EXPR_BITWISE_LEN,
NFTNL_EXPR_BITWISE_MASK,
NFTNL_EXPR_BITWISE_XOR,
+ NFTNL_EXPR_BITWISE_LSHIFT,
+ NFTNL_EXPR_BITWISE_RSHIFT,
};
enum {
diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h
index e237ecbdcd8a..36cc99407eb6 100644
--- a/include/linux/netfilter/nf_tables.h
+++ b/include/linux/netfilter/nf_tables.h
@@ -492,6 +492,8 @@ enum nft_immediate_attributes {
* @NFTA_BITWISE_LEN: length of operands (NLA_U32)
* @NFTA_BITWISE_MASK: mask value (NLA_NESTED: nft_data_attributes)
* @NFTA_BITWISE_XOR: xor value (NLA_NESTED: nft_data_attributes)
+ * @NFTA_BITWISE_LSHIFT: left shift value (NLA_U32)
+ * @NFTA_BITWISE_RSHIFT: right shift value (NLA_U32)
*
* The bitwise expression performs the following operation:
*
@@ -512,6 +514,8 @@ enum nft_bitwise_attributes {
NFTA_BITWISE_LEN,
NFTA_BITWISE_MASK,
NFTA_BITWISE_XOR,
+ NFTA_BITWISE_LSHIFT,
+ NFTA_BITWISE_RSHIFT,
__NFTA_BITWISE_MAX
};
#define NFTA_BITWISE_MAX (__NFTA_BITWISE_MAX - 1)
diff --git a/src/expr/bitwise.c b/src/expr/bitwise.c
index c9d40df34b54..49595c7ff442 100644
--- a/src/expr/bitwise.c
+++ b/src/expr/bitwise.c
@@ -27,6 +27,8 @@ struct nftnl_expr_bitwise {
unsigned int len;
union nftnl_data_reg mask;
union nftnl_data_reg xor;
+ unsigned int lshift;
+ unsigned int rshift;
};
static int
@@ -53,6 +55,12 @@ nftnl_expr_bitwise_set(struct nftnl_expr *e, uint16_t type,
memcpy(&bitwise->xor.val, data, data_len);
bitwise->xor.len = data_len;
break;
+ case NFTNL_EXPR_BITWISE_LSHIFT:
+ memcpy(&bitwise->lshift, data, sizeof(bitwise->lshift));
+ break;
+ case NFTNL_EXPR_BITWISE_RSHIFT:
+ memcpy(&bitwise->rshift, data, sizeof(bitwise->rshift));
+ break;
default:
return -1;
}
@@ -81,6 +89,12 @@ nftnl_expr_bitwise_get(const struct nftnl_expr *e, uint16_t type,
case NFTNL_EXPR_BITWISE_XOR:
*data_len = bitwise->xor.len;
return &bitwise->xor.val;
+ case NFTNL_EXPR_BITWISE_LSHIFT:
+ *data_len = sizeof(bitwise->lshift);
+ return &bitwise->lshift;
+ case NFTNL_EXPR_BITWISE_RSHIFT:
+ *data_len = sizeof(bitwise->rshift);
+ return &bitwise->rshift;
}
return NULL;
}
@@ -97,6 +111,8 @@ static int nftnl_expr_bitwise_cb(const struct nlattr *attr, void *data)
case NFTA_BITWISE_SREG:
case NFTA_BITWISE_DREG:
case NFTA_BITWISE_LEN:
+ case NFTA_BITWISE_LSHIFT:
+ case NFTA_BITWISE_RSHIFT:
if (mnl_attr_validate(attr, MNL_TYPE_U32) < 0)
abi_breakage();
break;
@@ -138,6 +154,12 @@ nftnl_expr_bitwise_build(struct nlmsghdr *nlh, const struct nftnl_expr *e)
bitwise->xor.val);
mnl_attr_nest_end(nlh, nest);
}
+ if (e->flags & (1 << NFTNL_EXPR_BITWISE_LSHIFT))
+ mnl_attr_put_u32(nlh, NFTA_BITWISE_LSHIFT,
+ htonl(bitwise->lshift));
+ if (e->flags & (1 << NFTNL_EXPR_BITWISE_RSHIFT))
+ mnl_attr_put_u32(nlh, NFTA_BITWISE_RSHIFT,
+ htonl(bitwise->rshift));
}
static int
@@ -170,6 +192,14 @@ nftnl_expr_bitwise_parse(struct nftnl_expr *e, struct nlattr *attr)
ret = nftnl_parse_data(&bitwise->xor, tb[NFTA_BITWISE_XOR], NULL);
e->flags |= (1 << NFTA_BITWISE_XOR);
}
+ if (tb[NFTA_BITWISE_LSHIFT]) {
+ bitwise->lshift = ntohl(mnl_attr_get_u32(tb[NFTA_BITWISE_LSHIFT]));
+ e->flags |= (1 << NFTNL_EXPR_BITWISE_LSHIFT);
+ }
+ if (tb[NFTA_BITWISE_RSHIFT]) {
+ bitwise->rshift = ntohl(mnl_attr_get_u32(tb[NFTA_BITWISE_RSHIFT]));
+ e->flags |= (1 << NFTNL_EXPR_BITWISE_RSHIFT);
+ }
return ret;
}
@@ -180,19 +210,37 @@ static int nftnl_expr_bitwise_snprintf_default(char *buf, size_t size,
struct nftnl_expr_bitwise *bitwise = nftnl_expr_data(e);
int remain = size, offset = 0, ret;
+ if (e->flags & (1 << NFTNL_EXPR_BITWISE_LSHIFT)) {
+
+ ret = snprintf(buf, remain, "reg %u = (reg %u << %u) ",
+ bitwise->dreg, bitwise->sreg, bitwise->lshift);
+ SNPRINTF_BUFFER_SIZE(ret, remain, offset);
+ return offset;
+
+ }
+
+ if (e->flags & (1 << NFTNL_EXPR_BITWISE_RSHIFT)) {
+
+ ret = snprintf(buf, remain, "reg %u = (reg %u >> %u) ",
+ bitwise->dreg, bitwise->sreg, bitwise->rshift);
+ SNPRINTF_BUFFER_SIZE(ret, remain, offset);
+ return offset;
+
+ }
+
ret = snprintf(buf, remain, "reg %u = (reg=%u & ",
bitwise->dreg, bitwise->sreg);
SNPRINTF_BUFFER_SIZE(ret, remain, offset);
ret = nftnl_data_reg_snprintf(buf + offset, remain, &bitwise->mask,
- NFTNL_OUTPUT_DEFAULT, 0, DATA_VALUE);
+ NFTNL_OUTPUT_DEFAULT, 0, DATA_VALUE);
SNPRINTF_BUFFER_SIZE(ret, remain, offset);
ret = snprintf(buf + offset, remain, ") ^ ");
SNPRINTF_BUFFER_SIZE(ret, remain, offset);
ret = nftnl_data_reg_snprintf(buf + offset, remain, &bitwise->xor,
- NFTNL_OUTPUT_DEFAULT, 0, DATA_VALUE);
+ NFTNL_OUTPUT_DEFAULT, 0, DATA_VALUE);
SNPRINTF_BUFFER_SIZE(ret, remain, offset);
return offset;
diff --git a/tests/nft-expr_bitwise-test.c b/tests/nft-expr_bitwise-test.c
index 64c14466dbd2..83cfdc71a790 100644
--- a/tests/nft-expr_bitwise-test.c
+++ b/tests/nft-expr_bitwise-test.c
@@ -21,38 +21,72 @@
static int test_ok = 1;
-static void print_err(const char *msg)
+static void print_err(const char *test, const char *msg)
{
test_ok = 0;
- printf("\033[31mERROR:\e[0m %s\n", msg);
+ printf("\033[31mERROR:\e[0m [%s] %s\n", test, msg);
}
-static void cmp_nftnl_expr(struct nftnl_expr *rule_a,
- struct nftnl_expr *rule_b)
+static void cmp_nftnl_expr_bool(struct nftnl_expr *rule_a,
+ struct nftnl_expr *rule_b)
{
uint32_t maska, maskb;
uint32_t xora, xorb;
if (nftnl_expr_get_u32(rule_a, NFTNL_EXPR_BITWISE_DREG) !=
nftnl_expr_get_u32(rule_b, NFTNL_EXPR_BITWISE_DREG))
- print_err("Expr BITWISE_DREG mismatches");
+ print_err("bool", "Expr BITWISE_DREG mismatches");
if (nftnl_expr_get_u32(rule_a, NFTNL_EXPR_BITWISE_SREG) !=
nftnl_expr_get_u32(rule_b, NFTNL_EXPR_BITWISE_SREG))
- print_err("Expr BITWISE_SREG mismatches");
+ print_err("bool", "Expr BITWISE_SREG mismatches");
if (nftnl_expr_get_u16(rule_a, NFTNL_EXPR_BITWISE_LEN) !=
nftnl_expr_get_u16(rule_b, NFTNL_EXPR_BITWISE_LEN))
- print_err("Expr BITWISE_DREG mismatches");
+ print_err("bool", "Expr BITWISE_DREG mismatches");
nftnl_expr_get(rule_a, NFTNL_EXPR_BITWISE_MASK, &maska);
nftnl_expr_get(rule_b, NFTNL_EXPR_BITWISE_MASK, &maskb);
if (maska != maskb)
- print_err("Size of BITWISE_MASK mismatches");
+ print_err("bool", "Size of BITWISE_MASK mismatches");
nftnl_expr_get(rule_a, NFTNL_EXPR_BITWISE_XOR, &xora);
nftnl_expr_get(rule_b, NFTNL_EXPR_BITWISE_XOR, &xorb);
if (xora != xorb)
- print_err("Size of BITWISE_XOR mismatches");
+ print_err("bool", "Size of BITWISE_XOR mismatches");
+}
+static void cmp_nftnl_expr_lshift(struct nftnl_expr *rule_a,
+ struct nftnl_expr *rule_b)
+{
+ if (nftnl_expr_get_u32(rule_a, NFTNL_EXPR_BITWISE_DREG) !=
+ nftnl_expr_get_u32(rule_b, NFTNL_EXPR_BITWISE_DREG))
+ print_err("lshift", "Expr BITWISE_DREG mismatches");
+ if (nftnl_expr_get_u32(rule_a, NFTNL_EXPR_BITWISE_SREG) !=
+ nftnl_expr_get_u32(rule_b, NFTNL_EXPR_BITWISE_SREG))
+ print_err("lshift", "Expr BITWISE_SREG mismatches");
+ if (nftnl_expr_get_u16(rule_a, NFTNL_EXPR_BITWISE_LEN) !=
+ nftnl_expr_get_u16(rule_b, NFTNL_EXPR_BITWISE_LEN))
+ print_err("lshift", "Expr BITWISE_DREG mismatches");
+ if (nftnl_expr_get_u32(rule_a, NFTNL_EXPR_BITWISE_LSHIFT) !=
+ nftnl_expr_get_u32(rule_b, NFTNL_EXPR_BITWISE_LSHIFT))
+ print_err("lshift", "Expr BITWISE_LSHIFT mismatches");
}
-int main(int argc, char *argv[])
+
+static void cmp_nftnl_expr_rshift(struct nftnl_expr *rule_a,
+ struct nftnl_expr *rule_b)
+{
+ if (nftnl_expr_get_u32(rule_a, NFTNL_EXPR_BITWISE_DREG) !=
+ nftnl_expr_get_u32(rule_b, NFTNL_EXPR_BITWISE_DREG))
+ print_err("rshift", "Expr BITWISE_DREG mismatches");
+ if (nftnl_expr_get_u32(rule_a, NFTNL_EXPR_BITWISE_SREG) !=
+ nftnl_expr_get_u32(rule_b, NFTNL_EXPR_BITWISE_SREG))
+ print_err("rshift", "Expr BITWISE_SREG mismatches");
+ if (nftnl_expr_get_u16(rule_a, NFTNL_EXPR_BITWISE_LEN) !=
+ nftnl_expr_get_u16(rule_b, NFTNL_EXPR_BITWISE_LEN))
+ print_err("rshift", "Expr BITWISE_DREG mismatches");
+ if (nftnl_expr_get_u32(rule_a, NFTNL_EXPR_BITWISE_RSHIFT) !=
+ nftnl_expr_get_u32(rule_b, NFTNL_EXPR_BITWISE_RSHIFT))
+ print_err("rshift", "Expr BITWISE_RSHIFT mismatches");
+}
+
+static void test_bool(void)
{
struct nftnl_rule *a, *b = NULL;
struct nftnl_expr *ex = NULL;
@@ -66,10 +100,10 @@ int main(int argc, char *argv[])
a = nftnl_rule_alloc();
b = nftnl_rule_alloc();
if (a == NULL || b == NULL)
- print_err("OOM");
+ print_err("bool", "OOM");
ex = nftnl_expr_alloc("bitwise");
if (ex == NULL)
- print_err("OOM");
+ print_err("bool", "OOM");
nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_SREG, 0x12345678);
nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_DREG, 0x78123456);
@@ -83,30 +117,148 @@ int main(int argc, char *argv[])
nftnl_rule_nlmsg_build_payload(nlh, a);
if (nftnl_rule_nlmsg_parse(nlh, b) < 0)
- print_err("parsing problems");
+ print_err("bool", "parsing problems");
+
+ iter_a = nftnl_expr_iter_create(a);
+ iter_b = nftnl_expr_iter_create(b);
+ if (iter_a == NULL || iter_b == NULL)
+ print_err("bool", "OOM");
+
+ rule_a = nftnl_expr_iter_next(iter_a);
+ rule_b = nftnl_expr_iter_next(iter_b);
+ if (rule_a == NULL || rule_b == NULL)
+ print_err("bool", "OOM");
+
+ if (nftnl_expr_iter_next(iter_a) != NULL ||
+ nftnl_expr_iter_next(iter_b) != NULL)
+ print_err("bool", "More 1 expr.");
+
+ nftnl_expr_iter_destroy(iter_a);
+ nftnl_expr_iter_destroy(iter_b);
+
+ cmp_nftnl_expr_bool(rule_a,rule_b);
+
+ nftnl_rule_free(a);
+ nftnl_rule_free(b);
+}
+
+static void test_lshift(void)
+{
+ struct nftnl_rule *a, *b = NULL;
+ struct nftnl_expr *ex = NULL;
+ struct nlmsghdr *nlh;
+ char buf[4096];
+ struct nftnl_expr_iter *iter_a, *iter_b = NULL;
+ struct nftnl_expr *rule_a, *rule_b = NULL;
+
+ a = nftnl_rule_alloc();
+ b = nftnl_rule_alloc();
+ if (a == NULL || b == NULL)
+ print_err("lshift", "OOM");
+ ex = nftnl_expr_alloc("bitwise");
+ if (ex == NULL)
+ print_err("lshift", "OOM");
+
+ nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_SREG, 0x12345678);
+ nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_DREG, 0x78123456);
+ nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_LEN, 0x56781234);
+ nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_LSHIFT, 13);
+
+ nftnl_rule_add_expr(a, ex);
+
+ nlh = nftnl_rule_nlmsg_build_hdr(buf, NFT_MSG_NEWRULE, AF_INET, 0, 1234);
+ nftnl_rule_nlmsg_build_payload(nlh, a);
+
+ if (nftnl_rule_nlmsg_parse(nlh, b) < 0)
+ print_err("lshift", "parsing problems");
+
+ iter_a = nftnl_expr_iter_create(a);
+ iter_b = nftnl_expr_iter_create(b);
+ if (iter_a == NULL || iter_b == NULL)
+ print_err("lshift", "OOM");
+
+ rule_a = nftnl_expr_iter_next(iter_a);
+ rule_b = nftnl_expr_iter_next(iter_b);
+ if (rule_a == NULL || rule_b == NULL)
+ print_err("lshift", "OOM");
+
+ if (nftnl_expr_iter_next(iter_a) != NULL ||
+ nftnl_expr_iter_next(iter_b) != NULL)
+ print_err("lshift", "More 1 expr.");
+
+ nftnl_expr_iter_destroy(iter_a);
+ nftnl_expr_iter_destroy(iter_b);
+
+ cmp_nftnl_expr_lshift(rule_a,rule_b);
+
+ nftnl_rule_free(a);
+ nftnl_rule_free(b);
+}
+
+static void test_rshift(void)
+{
+ struct nftnl_rule *a, *b = NULL;
+ struct nftnl_expr *ex = NULL;
+ struct nlmsghdr *nlh;
+ char buf[4096];
+ struct nftnl_expr_iter *iter_a, *iter_b = NULL;
+ struct nftnl_expr *rule_a, *rule_b = NULL;
+
+ a = nftnl_rule_alloc();
+ b = nftnl_rule_alloc();
+ if (a == NULL || b == NULL)
+ print_err("rshift", "OOM");
+ ex = nftnl_expr_alloc("bitwise");
+ if (ex == NULL)
+ print_err("rshift", "OOM");
+
+ nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_SREG, 0x12345678);
+ nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_DREG, 0x78123456);
+ nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_LEN, 0x56781234);
+ nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_RSHIFT, 17);
+
+ nftnl_rule_add_expr(a, ex);
+
+ nlh = nftnl_rule_nlmsg_build_hdr(buf, NFT_MSG_NEWRULE, AF_INET, 0, 1234);
+ nftnl_rule_nlmsg_build_payload(nlh, a);
+
+ if (nftnl_rule_nlmsg_parse(nlh, b) < 0)
+ print_err("rshift", "parsing problems");
iter_a = nftnl_expr_iter_create(a);
iter_b = nftnl_expr_iter_create(b);
if (iter_a == NULL || iter_b == NULL)
- print_err("OOM");
+ print_err("rshift", "OOM");
rule_a = nftnl_expr_iter_next(iter_a);
rule_b = nftnl_expr_iter_next(iter_b);
if (rule_a == NULL || rule_b == NULL)
- print_err("OOM");
+ print_err("rshift", "OOM");
if (nftnl_expr_iter_next(iter_a) != NULL ||
nftnl_expr_iter_next(iter_b) != NULL)
- print_err("More 1 expr.");
+ print_err("rshift", "More 1 expr.");
nftnl_expr_iter_destroy(iter_a);
nftnl_expr_iter_destroy(iter_b);
- cmp_nftnl_expr(rule_a,rule_b);
+ cmp_nftnl_expr_rshift(rule_a,rule_b);
nftnl_rule_free(a);
nftnl_rule_free(b);
+}
+
+int main(int argc, char *argv[])
+{
+ test_bool();
+ if (!test_ok)
+ exit(EXIT_FAILURE);
+
+ test_lshift();
+ if (!test_ok)
+ exit(EXIT_FAILURE);
+ test_rshift();
if (!test_ok)
exit(EXIT_FAILURE);
--
2.24.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-01-10 12:34 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-01-10 12:34 [PATCH libnftnl 0/2] bitwise shift support Jeremy Sowden
2020-01-10 12:34 ` [PATCH libnftnl 1/2] gitignore: add tag and Emacs back-up files Jeremy Sowden
2020-01-10 12:34 ` [PATCH libnftnl 2/2] bitwise: add support for left and right shifts Jeremy Sowden
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.