Patch Detail

HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 814637,
    "url": "http://patchwork.ozlabs.org/api/patches/814637/?format=api",
    "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/patch/20170917110751.7923-2-rafi@rbk.ms/",
    "project": {
        "id": 26,
        "url": "http://patchwork.ozlabs.org/api/projects/26/?format=api",
        "name": "Netfilter Development",
        "link_name": "netfilter-devel",
        "list_id": "netfilter-devel.vger.kernel.org",
        "list_email": "netfilter-devel@vger.kernel.org",
        "web_url": null,
        "scm_url": null,
        "webscm_url": null,
        "list_archive_url": "",
        "list_archive_url_format": "",
        "commit_url_format": ""
    },
    "msgid": "<20170917110751.7923-2-rafi@rbk.ms>",
    "list_archive_url": null,
    "date": "2017-09-17T11:07:50",
    "name": "[1/2] iptables: support match info fixup after tc_init",
    "commit_ref": null,
    "pull_url": null,
    "state": "changes-requested",
    "archived": false,
    "hash": "659f8c5a623b402eedad90b4d940d1820170b368",
    "submitter": {
        "id": 72382,
        "url": "http://patchwork.ozlabs.org/api/people/72382/?format=api",
        "name": "Shmulik Ladkani",
        "email": "shmulik@nsof.io"
    },
    "delegate": {
        "id": 6139,
        "url": "http://patchwork.ozlabs.org/api/users/6139/?format=api",
        "username": "pablo",
        "first_name": "Pablo",
        "last_name": "Neira",
        "email": "pablo@netfilter.org"
    },
    "mbox": "http://patchwork.ozlabs.org/project/netfilter-devel/patch/20170917110751.7923-2-rafi@rbk.ms/mbox/",
    "series": [
        {
            "id": 3506,
            "url": "http://patchwork.ozlabs.org/api/series/3506/?format=api",
            "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/list/?series=3506",
            "date": "2017-09-17T11:07:49",
            "name": "xt_bpf: fix handling of pinned objects",
            "version": 1,
            "mbox": "http://patchwork.ozlabs.org/series/3506/mbox/"
        }
    ],
    "comments": "http://patchwork.ozlabs.org/api/patches/814637/comments/",
    "check": "pending",
    "checks": "http://patchwork.ozlabs.org/api/patches/814637/checks/",
    "tags": {},
    "related": [],
    "headers": {
        "Return-Path": "<netfilter-devel-owner@vger.kernel.org>",
        "X-Original-To": "incoming@patchwork.ozlabs.org",
        "Delivered-To": "patchwork-incoming@bilbo.ozlabs.org",
        "Authentication-Results": [
            "ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=vger.kernel.org\n\t(client-ip=209.132.180.67; helo=vger.kernel.org;\n\tenvelope-from=netfilter-devel-owner@vger.kernel.org;\n\treceiver=<UNKNOWN>)",
            "ozlabs.org;\n\tdkim=fail reason=\"signature verification failed\" (1024-bit key;\n\tunprotected) header.d=nsof.io header.i=@nsof.io header.b=\"qcud1Z/l\";\n\tdkim-atps=neutral"
        ],
        "Received": [
            "from vger.kernel.org (vger.kernel.org [209.132.180.67])\n\tby ozlabs.org (Postfix) with ESMTP id 3xw5wP22vqz9sBZ\n\tfor <incoming@patchwork.ozlabs.org>;\n\tSun, 17 Sep 2017 21:08:21 +1000 (AEST)",
            "(majordomo@vger.kernel.org) by vger.kernel.org via listexpand\n\tid S1750851AbdIQLIV (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);\n\tSun, 17 Sep 2017 07:08:21 -0400",
            "from mail-wr0-f175.google.com ([209.85.128.175]:55955 \"EHLO\n\tmail-wr0-f175.google.com\" rhost-flags-OK-OK-OK-OK) by vger.kernel.org\n\twith ESMTP id S1750793AbdIQLIU (ORCPT\n\t<rfc822;netfilter-devel@vger.kernel.org>);\n\tSun, 17 Sep 2017 07:08:20 -0400",
            "by mail-wr0-f175.google.com with SMTP id l39so4329547wrl.12\n\tfor <netfilter-devel@vger.kernel.org>;\n\tSun, 17 Sep 2017 04:08:19 -0700 (PDT)",
            "from localhost.localdomain (bzq-82-81-225-244.cablep.bezeqint.net.\n\t[82.81.225.244]) by smtp.gmail.com with ESMTPSA id\n\tl4sm4716895wrb.74.2017.09.17.04.08.17\n\t(version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);\n\tSun, 17 Sep 2017 04:08:18 -0700 (PDT)"
        ],
        "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=nsof.io; s=google;\n\th=from:to:cc:subject:date:message-id:in-reply-to:references;\n\tbh=+bkghMDx0L6jVJnBNQSvGYqSp0dJPlrhoKcmtanLtG8=;\n\tb=qcud1Z/lS7viYA4kMxQ6e4SVYHrU4Db+OduOyPGjEZjzMfZ1z+s/qHmtfSOhJ+W2q8\n\tVEWuWYpPMpJs3hoFi/b4RGEAw69KNiVXG9pzOFy66O3Cj5lljdTCkup60WPp6VMJkUzn\n\tJCEocn1RcUjfWDwpF54J94pRIpjyHROcdxfwE=",
        "X-Google-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n\td=1e100.net; s=20161025;\n\th=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to\n\t:references;\n\tbh=+bkghMDx0L6jVJnBNQSvGYqSp0dJPlrhoKcmtanLtG8=;\n\tb=PajFYFsfhB9f+63/hPAOfL1VpGxCfAxZJrhzWa9tv9b1AjrVVCpMsFDVVPLJmNHSh4\n\tsh+gvREwghFziBSoggUnG99t9E8/FMjTSHXtKeknYJTrdn5YpaQk2HTSVnQzGHliev27\n\tKIFRPQN/3iPPqGMKd3icJtVExEdWLGMh7UGE/Ob0nnpLSsP85/NcJiQ/G4l3ANrdwIE6\n\tqP4ZQL5t1pCTP28fRAzasq3rNcntAGcLkEVpYglO8rxOJShSsWZ/FORXK3sTt3M1Q/YE\n\t0lFWs49C8+wsWJI4feLzBRpumgjsaoupOw9879F93MDFrZTlxb4Xuu8Q1QiKF26sR2+7\n\t47EQ==",
        "X-Gm-Message-State": "AHPjjUij0XkjRetscC0GJGKfYwNy50IeYlPopu3ekDAPnbHr8kDH3xl8\n\t5Ykxod/mvhGd4dfNVNZhqQ==",
        "X-Google-Smtp-Source": "ADKCNb5GFyhIo3lAMu5uhfzEIpFUV28/qGr6hKh4nEwA8GztX2x/96Nlrtpk2aa+G9EeUe0/tXlO3w==",
        "X-Received": "by 10.223.177.222 with SMTP id\n\tr30mr24377205wra.128.1505646498588; \n\tSun, 17 Sep 2017 04:08:18 -0700 (PDT)",
        "From": "Rafael Buchbinder <shmulik@nsof.io>",
        "X-Google-Original-From": "Rafael Buchbinder <rafi@rbk.ms>",
        "To": "netfilter-devel@vger.kernel.org, Pablo Neira Ayuso <pablo@netfilter.org>",
        "Cc": "Willem de Bruijn <willemb@google.com>, rbk@nsof.io,\n\tshmulik@nsof.io, Rafael Buchbinder <rafi@rbk.ms>",
        "Subject": "[PATCH 1/2] iptables: support match info fixup after tc_init",
        "Date": "Sun, 17 Sep 2017 14:07:50 +0300",
        "Message-Id": "<20170917110751.7923-2-rafi@rbk.ms>",
        "X-Mailer": "git-send-email 2.14.1",
        "In-Reply-To": "<20170917110751.7923-1-rafi@rbk.ms>",
        "References": "<20170917110751.7923-1-rafi@rbk.ms>",
        "Sender": "netfilter-devel-owner@vger.kernel.org",
        "Precedence": "bulk",
        "List-ID": "<netfilter-devel.vger.kernel.org>",
        "X-Mailing-List": "netfilter-devel@vger.kernel.org"
    },
    "content": "This commit introduces a framework to fixup match info,\nwhich may be required by an extension.\n\nSigned-off-by: Rafael Buchbinder <rafi@rbk.ms>\nSigned-off-by: Shmulik Ladkani <shmulik@nsof.io>\n---\n include/xtables.h    |  3 +++\n iptables/ip6tables.c | 35 +++++++++++++++++++++++++++++++++++\n iptables/iptables.c  | 34 ++++++++++++++++++++++++++++++++++\n 3 files changed, 72 insertions(+)",
    "diff": "diff --git a/include/xtables.h b/include/xtables.h\nindex e9bc3b7d..687cfe9f 100644\n--- a/include/xtables.h\n+++ b/include/xtables.h\n@@ -273,6 +273,9 @@ struct xtables_match {\n \t/* ip is struct ipt_ip * for example */\n \tvoid (*save)(const void *ip, const struct xt_entry_match *match);\n \n+\t/* Fixes the match info after init. */\n+\tvoid (*tc_init_fixup)(struct xt_entry_match *match);\n+\n \t/* Print match name or alias */\n \tconst char *(*alias)(const struct xt_entry_match *match);\n \ndiff --git a/iptables/ip6tables.c b/iptables/ip6tables.c\nindex 49bd006f..0a6afa77 100644\n--- a/iptables/ip6tables.c\n+++ b/iptables/ip6tables.c\n@@ -925,6 +925,39 @@ delete_chain6(const xt_chainlabel chain, int verbose,\n \treturn ip6tc_delete_chain(chain, handle);\n }\n \n+\n+static int\n+tc_init_fixup_match(struct xt_entry_match *m)\n+{\n+\tconst struct xtables_match *match =\n+\t\txtables_find_match(m->u.user.name, XTF_TRY_LOAD, NULL);\n+\n+\tif (match) {\n+\t\tif (match->tc_init_fixup && m->u.user.revision == match->revision)\n+\t\t\tmatch->tc_init_fixup(m);\n+\t}\n+\n+\t/* Don't stop iterating. */\n+\treturn 0;\n+}\n+\n+static void\n+tc_init_fixup(struct xtc_handle *handle)\n+{\n+\tconst char *chain;\n+\n+\tfor (chain = ip6tc_first_chain(handle);\n+\t     chain;\n+\t     chain = ip6tc_next_chain(handle)) {\n+\t\tconst struct ip6t_entry *entry = ip6tc_first_rule(chain, handle);\n+\n+\t\twhile (entry) {\n+\t\t\tIP6T_MATCH_ITERATE(entry, tc_init_fixup_match);\n+\t\t\tentry = ip6tc_next_rule(entry, handle);\n+\t\t}\n+\t}\n+}\n+\n static int\n list_entries(const xt_chainlabel chain, int rulenum, int verbose, int numeric,\n \t     int expanded, int linenumbers, struct xtc_handle *handle)\n@@ -1795,6 +1828,8 @@ int do_command6(int argc, char *argv[], char **table,\n \t\t\t\"can't initialize ip6tables table `%s': %s\",\n \t\t\t*table, ip6tc_strerror(errno));\n \n+\ttc_init_fixup(*handle);\n+\n \tif (command == CMD_APPEND\n \t    || command == CMD_DELETE\n \t    || command == CMD_CHECK\ndiff --git a/iptables/iptables.c b/iptables/iptables.c\nindex 69d19fec..f220a8e4 100644\n--- a/iptables/iptables.c\n+++ b/iptables/iptables.c\n@@ -909,6 +909,38 @@ delete_chain4(const xt_chainlabel chain, int verbose,\n \treturn iptc_delete_chain(chain, handle);\n }\n \n+static int\n+tc_init_fixup_match(struct xt_entry_match *m)\n+{\n+\tconst struct xtables_match *match =\n+\t\txtables_find_match(m->u.user.name, XTF_TRY_LOAD, NULL);\n+\n+\tif (match) {\n+\t\tif (match->tc_init_fixup && m->u.user.revision == match->revision)\n+\t\t\tmatch->tc_init_fixup(m);\n+\t}\n+\n+\t/* Don't stop iterating. */\n+\treturn 0;\n+}\n+\n+static void\n+tc_init_fixup(struct xtc_handle *handle)\n+{\n+\tconst char *chain;\n+\n+\tfor (chain = iptc_first_chain(handle);\n+\t     chain;\n+\t     chain = iptc_next_chain(handle)) {\n+\t\tconst struct ipt_entry *entry = iptc_first_rule(chain, handle);\n+\n+\t\twhile (entry) {\n+\t\t\tIPT_MATCH_ITERATE(entry, tc_init_fixup_match);\n+\t\t\tentry = iptc_next_rule(entry, handle);\n+\t\t}\n+\t}\n+}\n+\n static int\n list_entries(const xt_chainlabel chain, int rulenum, int verbose, int numeric,\n \t     int expanded, int linenumbers, struct xtc_handle *handle)\n@@ -1781,6 +1813,8 @@ int do_command4(int argc, char *argv[], char **table,\n \t\t\t   \"can't initialize iptables table `%s': %s\",\n \t\t\t   *table, iptc_strerror(errno));\n \n+\ttc_init_fixup(*handle);\n+\n \tif (command == CMD_APPEND\n \t    || command == CMD_DELETE\n \t    || command == CMD_CHECK\n",
    "prefixes": [
        "1/2"
    ]
}