| Message ID | 1395911972-17259-4-git-send-email-tomasz.bursztyka@linux.intel.com |
|---|---|
| State | Superseded |
| Headers | show |
On Thu, Mar 27, 2014 at 11:19:32AM +0200, Tomasz Bursztyka wrote: > Currently, when looking up for the proper expression type, what comes > first is returned. Which might end up to be a non-family tight type. > Instead, if a specific family type exist, it will be better to return > this one. Easier suggestion: Change nft_register_expr() to appent NFPROTO_UNSPEC to the end of the list and prepend all others. > > Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com> > --- > net/netfilter/nf_tables_api.c | 17 ++++++++++------- > 1 file changed, 10 insertions(+), 7 deletions(-) > > diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c > index adce01e..83de6c1 100644 > --- a/net/netfilter/nf_tables_api.c > +++ b/net/netfilter/nf_tables_api.c > @@ -1117,14 +1117,17 @@ EXPORT_SYMBOL_GPL(nft_unregister_expr); > static const struct nft_expr_type *__nft_expr_type_get(u8 family, > struct nlattr *nla) > { > - const struct nft_expr_type *type; > - > - list_for_each_entry(type, &nf_tables_expressions, list) { > - if (!nla_strcmp(nla, type->name) && > - (!type->family || type->family == family)) > - return type; > + const struct nft_expr_type *test, *type = NULL; > + > + list_for_each_entry(test, &nf_tables_expressions, list) { > + if (!nla_strcmp(nla, test->name)) { > + if (test->family == family) > + return test; > + if (!test->family) > + type = test; > + } > } > - return NULL; > + return type; > } > > static const struct nft_expr_type *nft_expr_type_get(u8 family, > -- > 1.8.3.2 > > -- > To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
>> Currently, when looking up for the proper expression type, what comes >> >first is returned. Which might end up to be a non-family tight type. >> >Instead, if a specific family type exist, it will be better to return >> >this one. > Easier suggestion: > > Change nft_register_expr() to appent NFPROTO_UNSPEC to the end of the > list and prepend all others. Obvious one which I missed, as usual. Thanks Patrick Tomasz -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c index adce01e..83de6c1 100644 --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c @@ -1117,14 +1117,17 @@ EXPORT_SYMBOL_GPL(nft_unregister_expr); static const struct nft_expr_type *__nft_expr_type_get(u8 family, struct nlattr *nla) { - const struct nft_expr_type *type; - - list_for_each_entry(type, &nf_tables_expressions, list) { - if (!nla_strcmp(nla, type->name) && - (!type->family || type->family == family)) - return type; + const struct nft_expr_type *test, *type = NULL; + + list_for_each_entry(test, &nf_tables_expressions, list) { + if (!nla_strcmp(nla, test->name)) { + if (test->family == family) + return test; + if (!test->family) + type = test; + } } - return NULL; + return type; } static const struct nft_expr_type *nft_expr_type_get(u8 family,
Currently, when looking up for the proper expression type, what comes first is returned. Which might end up to be a non-family tight type. Instead, if a specific family type exist, it will be better to return this one. Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com> --- net/netfilter/nf_tables_api.c | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-)