Message ID | 20180314210035.wxg4mddtlndw5s4a@nevthink |
---|---|
State | Deferred |
Delegated to: | Pablo Neira |
Headers | show |
Series | [nft] create u32_integer type to be used as a key for sets and maps | expand |
On Wed, Mar 14, 2018 at 10:00:35PM +0100, Laura Garcia Liebana wrote: > Create the new type u32_integer with a fixed size in order to > be used as a key in maps and sets. The type integer cannot be > used as a key cause is a dynamic size type and is used as a > base type of some subtypes. > > Without this patch we obtain the following error: > > Error: unqualified key type integer specified in map definition > add map nftlb mapa { type integer : ipv4_addr; } > ^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > After this patch, we can use an u32 integer as a key for sets > and maps: > > table ip nftlb { > map mapa { > type u32_integer : ipv4_addr > } > > set conjunto { > type u32_integer > } > } > > Signed-off-by: Laura Garcia Liebana <nevola@gmail.com> > --- > This is the v2 of ("fix integer type size to be used as a key > for sets and maps"), due to this approach fits better with the > current design of nft types than the previous one and avoids > possible side effects. > > include/datatype.h | 3 +++ > src/datatype.c | 10 ++++++++++ > 2 files changed, 13 insertions(+) > > diff --git a/include/datatype.h b/include/datatype.h > index 3f612e5..7f106cd 100644 > --- a/include/datatype.h > +++ b/include/datatype.h > @@ -42,6 +42,7 @@ > * @TYPE_DEVGROUP: devgroup code (integer subtype) > * @TYPE_DSCP: Differentiated Services Code Point (integer subtype) > * @TYPE_IFNAME: interface name (string subtype) > + * @TYPE_U32_INTEGER: unsigned 32 bits integer (integer subtype) > */ > enum datatypes { > TYPE_INVALID, > @@ -86,6 +87,7 @@ enum datatypes { > TYPE_BOOLEAN, > TYPE_CT_EVENTBIT, > TYPE_IFNAME, > + TYPE_U32_INTEGER, > __TYPE_MAX > }; > #define TYPE_MAX (__TYPE_MAX - 1) > @@ -240,6 +242,7 @@ extern const struct datatype icmpv6_code_type; > extern const struct datatype icmpx_code_type; > extern const struct datatype time_type; > extern const struct datatype boolean_type; > +extern const struct datatype u32_integer_type; > > extern const struct datatype *concat_type_alloc(uint32_t type); > extern void concat_type_destroy(const struct datatype *dtype); > diff --git a/src/datatype.c b/src/datatype.c > index 324ac80..f2d1d2b 100644 > --- a/src/datatype.c > +++ b/src/datatype.c > @@ -69,6 +69,7 @@ static const struct datatype *datatypes[TYPE_MAX + 1] = { > [TYPE_FIB_ADDR] = &fib_addr_type, > [TYPE_BOOLEAN] = &boolean_type, > [TYPE_IFNAME] = &ifname_type, > + [TYPE_U32_INTEGER] = &u32_integer_type, > }; > > const struct datatype *datatype_lookup(enum datatypes type) > @@ -1144,3 +1145,12 @@ const struct datatype boolean_type = { > .basetype = &integer_type, > .sym_tbl = &boolean_tbl, > }; > + > +const struct datatype u32_integer_type = { > + .type = TYPE_U32_INTEGER, > + .name = "u32_integer", > + .desc = "32 bits integer", > + .size = 4 * BITS_PER_BYTE, > + .byteorder = BYTEORDER_HOST_ENDIAN, > + .basetype = &integer_type, > +}; > -- > 2.11.0 > Why do we need an invented type when there is already uint32_t in /usr/include/stdint.h? Cheers ... Duncan. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Sat, Mar 24, 2018 at 12:47 AM, Duncan Roe <duncan_roe@optusnet.com.au> wrote: > On Wed, Mar 14, 2018 at 10:00:35PM +0100, Laura Garcia Liebana wrote: >> Create the new type u32_integer with a fixed size in order to >> be used as a key in maps and sets. The type integer cannot be >> used as a key cause is a dynamic size type and is used as a >> base type of some subtypes. >> >> Without this patch we obtain the following error: >> >> Error: unqualified key type integer specified in map definition >> add map nftlb mapa { type integer : ipv4_addr; } >> ^^^^^^^^^^^^^^^^^^^^^^^^^^^ >> >> After this patch, we can use an u32 integer as a key for sets >> and maps: >> >> table ip nftlb { >> map mapa { >> type u32_integer : ipv4_addr >> } >> >> set conjunto { >> type u32_integer >> } >> } >> >> Signed-off-by: Laura Garcia Liebana <nevola@gmail.com> >> --- >> This is the v2 of ("fix integer type size to be used as a key >> for sets and maps"), due to this approach fits better with the >> current design of nft types than the previous one and avoids >> possible side effects. >> >> include/datatype.h | 3 +++ >> src/datatype.c | 10 ++++++++++ >> 2 files changed, 13 insertions(+) >> >> diff --git a/include/datatype.h b/include/datatype.h >> index 3f612e5..7f106cd 100644 >> --- a/include/datatype.h >> +++ b/include/datatype.h >> @@ -42,6 +42,7 @@ >> * @TYPE_DEVGROUP: devgroup code (integer subtype) >> * @TYPE_DSCP: Differentiated Services Code Point (integer subtype) >> * @TYPE_IFNAME: interface name (string subtype) >> + * @TYPE_U32_INTEGER: unsigned 32 bits integer (integer subtype) >> */ >> enum datatypes { >> TYPE_INVALID, >> @@ -86,6 +87,7 @@ enum datatypes { >> TYPE_BOOLEAN, >> TYPE_CT_EVENTBIT, >> TYPE_IFNAME, >> + TYPE_U32_INTEGER, >> __TYPE_MAX >> }; >> #define TYPE_MAX (__TYPE_MAX - 1) >> @@ -240,6 +242,7 @@ extern const struct datatype icmpv6_code_type; >> extern const struct datatype icmpx_code_type; >> extern const struct datatype time_type; >> extern const struct datatype boolean_type; >> +extern const struct datatype u32_integer_type; >> >> extern const struct datatype *concat_type_alloc(uint32_t type); >> extern void concat_type_destroy(const struct datatype *dtype); >> diff --git a/src/datatype.c b/src/datatype.c >> index 324ac80..f2d1d2b 100644 >> --- a/src/datatype.c >> +++ b/src/datatype.c >> @@ -69,6 +69,7 @@ static const struct datatype *datatypes[TYPE_MAX + 1] = { >> [TYPE_FIB_ADDR] = &fib_addr_type, >> [TYPE_BOOLEAN] = &boolean_type, >> [TYPE_IFNAME] = &ifname_type, >> + [TYPE_U32_INTEGER] = &u32_integer_type, >> }; >> >> const struct datatype *datatype_lookup(enum datatypes type) >> @@ -1144,3 +1145,12 @@ const struct datatype boolean_type = { >> .basetype = &integer_type, >> .sym_tbl = &boolean_tbl, >> }; >> + >> +const struct datatype u32_integer_type = { >> + .type = TYPE_U32_INTEGER, >> + .name = "u32_integer", >> + .desc = "32 bits integer", >> + .size = 4 * BITS_PER_BYTE, >> + .byteorder = BYTEORDER_HOST_ENDIAN, >> + .basetype = &integer_type, >> +}; >> -- >> 2.11.0 >> > Why do we need an invented type when there is already uint32_t in > /usr/include/stdint.h? Hi Duncan, Cause the nft parser doesn't understand uint32_t and the way that nft sends the types to the kernel requires to specify the base type, size, byteorder, etc. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Mon, Mar 26, 2018 at 09:43:06AM +0200, Laura Garcia wrote: > On Sat, Mar 24, 2018 at 12:47 AM, Duncan Roe <duncan_roe@optusnet.com.au> wrote: > > On Wed, Mar 14, 2018 at 10:00:35PM +0100, Laura Garcia Liebana wrote: > >> Create the new type u32_integer with a fixed size in order to > >> be used as a key in maps and sets. The type integer cannot be > >> used as a key cause is a dynamic size type and is used as a > >> base type of some subtypes. > >> > >> Without this patch we obtain the following error: > >> > >> Error: unqualified key type integer specified in map definition > >> add map nftlb mapa { type integer : ipv4_addr; } > >> ^^^^^^^^^^^^^^^^^^^^^^^^^^^ > >> > >> After this patch, we can use an u32 integer as a key for sets > >> and maps: > >> > >> table ip nftlb { > >> map mapa { > >> type u32_integer : ipv4_addr > >> } > >> > >> set conjunto { > >> type u32_integer > >> } > >> } > >> > >> Signed-off-by: Laura Garcia Liebana <nevola@gmail.com> > >> --- > >> This is the v2 of ("fix integer type size to be used as a key > >> for sets and maps"), due to this approach fits better with the > >> current design of nft types than the previous one and avoids > >> possible side effects. > >> > >> include/datatype.h | 3 +++ > >> src/datatype.c | 10 ++++++++++ > >> 2 files changed, 13 insertions(+) > >> > >> diff --git a/include/datatype.h b/include/datatype.h > >> index 3f612e5..7f106cd 100644 > >> --- a/include/datatype.h > >> +++ b/include/datatype.h [...] > > Why do we need an invented type when there is already uint32_t in > > /usr/include/stdint.h? > > Hi Duncan, > > Cause the nft parser doesn't understand uint32_t and the way > that nft sends the types to the kernel requires to specify > the base type, size, byteorder, etc. Thanks for the explanation - looks fine then, Cheers ... Duncan. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/include/datatype.h b/include/datatype.h index 3f612e5..7f106cd 100644 --- a/include/datatype.h +++ b/include/datatype.h @@ -42,6 +42,7 @@ * @TYPE_DEVGROUP: devgroup code (integer subtype) * @TYPE_DSCP: Differentiated Services Code Point (integer subtype) * @TYPE_IFNAME: interface name (string subtype) + * @TYPE_U32_INTEGER: unsigned 32 bits integer (integer subtype) */ enum datatypes { TYPE_INVALID, @@ -86,6 +87,7 @@ enum datatypes { TYPE_BOOLEAN, TYPE_CT_EVENTBIT, TYPE_IFNAME, + TYPE_U32_INTEGER, __TYPE_MAX }; #define TYPE_MAX (__TYPE_MAX - 1) @@ -240,6 +242,7 @@ extern const struct datatype icmpv6_code_type; extern const struct datatype icmpx_code_type; extern const struct datatype time_type; extern const struct datatype boolean_type; +extern const struct datatype u32_integer_type; extern const struct datatype *concat_type_alloc(uint32_t type); extern void concat_type_destroy(const struct datatype *dtype); diff --git a/src/datatype.c b/src/datatype.c index 324ac80..f2d1d2b 100644 --- a/src/datatype.c +++ b/src/datatype.c @@ -69,6 +69,7 @@ static const struct datatype *datatypes[TYPE_MAX + 1] = { [TYPE_FIB_ADDR] = &fib_addr_type, [TYPE_BOOLEAN] = &boolean_type, [TYPE_IFNAME] = &ifname_type, + [TYPE_U32_INTEGER] = &u32_integer_type, }; const struct datatype *datatype_lookup(enum datatypes type) @@ -1144,3 +1145,12 @@ const struct datatype boolean_type = { .basetype = &integer_type, .sym_tbl = &boolean_tbl, }; + +const struct datatype u32_integer_type = { + .type = TYPE_U32_INTEGER, + .name = "u32_integer", + .desc = "32 bits integer", + .size = 4 * BITS_PER_BYTE, + .byteorder = BYTEORDER_HOST_ENDIAN, + .basetype = &integer_type, +};
Create the new type u32_integer with a fixed size in order to be used as a key in maps and sets. The type integer cannot be used as a key cause is a dynamic size type and is used as a base type of some subtypes. Without this patch we obtain the following error: Error: unqualified key type integer specified in map definition add map nftlb mapa { type integer : ipv4_addr; } ^^^^^^^^^^^^^^^^^^^^^^^^^^^ After this patch, we can use an u32 integer as a key for sets and maps: table ip nftlb { map mapa { type u32_integer : ipv4_addr } set conjunto { type u32_integer } } Signed-off-by: Laura Garcia Liebana <nevola@gmail.com> --- This is the v2 of ("fix integer type size to be used as a key for sets and maps"), due to this approach fits better with the current design of nft types than the previous one and avoids possible side effects. include/datatype.h | 3 +++ src/datatype.c | 10 ++++++++++ 2 files changed, 13 insertions(+)