All of lore.kernel.org
 help / color / mirror / Atom feed
From: Jeremy Sowden <jeremy@azazel.net>
To: Netfilter Devel <netfilter-devel@vger.kernel.org>
Subject: [nft PATCH 08/11] src: add a helper that returns a payload dependency for a particular base
Date: Tue, 21 Dec 2021 19:36:54 +0000	[thread overview]
Message-ID: <20211221193657.430866-9-jeremy@azazel.net> (raw)
In-Reply-To: <20211221193657.430866-1-jeremy@azazel.net>

Currently, with only one base and dependency stored this is superfluous,
but it will become more useful when the next commit adds support for
storing a payload for every base.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
---
 include/payload.h         |  2 ++
 src/netlink_delinearize.c |  4 +++-
 src/payload.c             | 31 +++++++++++++++++++++++++++----
 3 files changed, 32 insertions(+), 5 deletions(-)

diff --git a/include/payload.h b/include/payload.h
index 8bc3fb9a8a54..10ae9fe4f9c5 100644
--- a/include/payload.h
+++ b/include/payload.h
@@ -47,6 +47,8 @@ extern void payload_dependency_store(struct payload_dep_ctx *ctx,
 				     enum proto_bases base);
 extern bool payload_dependency_exists(const struct payload_dep_ctx *ctx,
 				      enum proto_bases base);
+extern struct stmt *payload_dependency_get(struct payload_dep_ctx *ctx,
+					   enum proto_bases base);
 extern void payload_dependency_release(struct payload_dep_ctx *ctx);
 extern void payload_dependency_kill(struct payload_dep_ctx *ctx,
 				    struct expr *expr, unsigned int family);
diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c
index fd81e07151c2..2a62b309be1d 100644
--- a/src/netlink_delinearize.c
+++ b/src/netlink_delinearize.c
@@ -2060,11 +2060,13 @@ static bool meta_may_dependency_kill(struct payload_dep_ctx *ctx,
 				     const struct expr *expr)
 {
 	uint8_t l4proto, nfproto = NFPROTO_UNSPEC;
-	struct expr *dep = ctx->pdep->expr;
+	struct expr *dep;
 
 	if (ctx->pbase != PROTO_BASE_NETWORK_HDR)
 		return true;
 
+	dep = payload_dependency_get(ctx, PROTO_BASE_NETWORK_HDR)->expr;
+
 	if (__meta_dependency_may_kill(dep, &nfproto))
 		return true;
 
diff --git a/src/payload.c b/src/payload.c
index 576eb149f71d..902b318ae23a 100644
--- a/src/payload.c
+++ b/src/payload.c
@@ -631,6 +631,27 @@ bool payload_dependency_exists(const struct payload_dep_ctx *ctx,
 	       (ctx->pbase == base || (base == PROTO_BASE_TRANSPORT_HDR && ctx->pbase == base + 1));
 }
 
+/**
+ * payload_dependency_get - return a payload dependency if available
+ * @ctx: payload dependency context
+ * @base: payload protocol base
+ *
+ * If we have seen a protocol key payload expression for this base, we return
+ * it.
+ */
+struct stmt *payload_dependency_get(struct payload_dep_ctx *ctx,
+				    enum proto_bases base)
+{
+	if (ctx->pbase == base)
+		return ctx->pdep;
+
+	if (base == PROTO_BASE_TRANSPORT_HDR &&
+	    ctx->pbase == PROTO_BASE_INNER_HDR)
+		return ctx->pdep;
+
+	return NULL;
+}
+
 void payload_dependency_release(struct payload_dep_ctx *ctx)
 {
 	list_del(&ctx->pdep->list);
@@ -661,7 +682,7 @@ static uint8_t icmp_dep_to_type(enum icmp_hdr_field_type t)
 
 static bool payload_may_dependency_kill_icmp(struct payload_dep_ctx *ctx, struct expr *expr)
 {
-	const struct expr *dep = ctx->pdep->expr;
+	const struct expr *dep = payload_dependency_get(ctx, expr->payload.base)->expr;
 	uint8_t icmp_type;
 
 	icmp_type = expr->payload.tmpl->icmp_dep;
@@ -678,9 +699,11 @@ static bool payload_may_dependency_kill_icmp(struct payload_dep_ctx *ctx, struct
 
 static bool payload_may_dependency_kill_ll(struct payload_dep_ctx *ctx, struct expr *expr)
 {
-	const struct expr *dep = ctx->pdep->expr;
+	const struct expr *dep = payload_dependency_get(ctx, expr->payload.base)->expr;
 
-	/* Never remove a 'vlan type 0x...' expression, they are never added implicitly */
+	/* Never remove a 'vlan type 0x...' expression, they are never added
+	 * implicitly
+	 */
 	if (dep->left->payload.desc == &proto_vlan)
 		return false;
 
@@ -697,7 +720,7 @@ static bool payload_may_dependency_kill_ll(struct payload_dep_ctx *ctx, struct e
 static bool payload_may_dependency_kill(struct payload_dep_ctx *ctx,
 					unsigned int family, struct expr *expr)
 {
-	struct expr *dep = ctx->pdep->expr;
+	struct expr *dep = payload_dependency_get(ctx, expr->payload.base)->expr;
 
 	/* Protocol key payload expression at network base such as 'ip6 nexthdr'
 	 * need to be left in place since it implicitly restricts matching to
-- 
2.34.1


  parent reply	other threads:[~2021-12-21 19:37 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-12-21 19:36 [nft PATCH 00/11] Store multiple payload dependencies Jeremy Sowden
2021-12-21 19:36 ` [nft PATCH 01/11] tests: py: fix inet/sets.t netdev payload Jeremy Sowden
2021-12-21 19:36 ` [nft PATCH 02/11] tests: py: fix inet/ip.t payloads Jeremy Sowden
2021-12-21 19:36 ` [nft PATCH 03/11] tests: py: fix inet/ip_tcp.t test Jeremy Sowden
2021-12-21 19:36 ` [nft PATCH 04/11] netlink_delinearize: fix typo Jeremy Sowden
2021-12-21 19:36 ` [nft PATCH 05/11] src: remove arithmetic on booleans Jeremy Sowden
2021-12-21 19:36 ` [nft PATCH 06/11] src: reduce indentation Jeremy Sowden
2021-12-21 19:36 ` [nft PATCH 07/11] src: simplify logic governing storing payload dependencies Jeremy Sowden
2021-12-21 19:36 ` Jeremy Sowden [this message]
2022-01-15 16:48   ` [nft PATCH 08/11] src: add a helper that returns a payload dependency for a particular base Florian Westphal
2022-01-15 16:57     ` Jeremy Sowden
2022-01-15 17:07       ` Jeremy Sowden
2022-01-15 17:09         ` Florian Westphal
2022-01-15 17:09           ` Jeremy Sowden
2021-12-21 19:36 ` [nft PATCH 09/11] src: store more than one payload dependency Jeremy Sowden
2021-12-21 19:36 ` [nft PATCH 10/11] tests: py: remove redundant payload expressions Jeremy Sowden
2021-12-21 19:36 ` [nft PATCH 11/11] tests: shell: " Jeremy Sowden

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20211221193657.430866-9-jeremy@azazel.net \
    --to=jeremy@azazel.net \
    --cc=netfilter-devel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.