From patchwork Sat Dec 23 19:44:20 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Harsha Sharma <harshasharmaiitr@gmail.com>
X-Patchwork-Id: 852690
X-Patchwork-Delegate: pablo@netfilter.org
Return-Path: <netfilter-devel-owner@vger.kernel.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=none (mailfrom) smtp.mailfrom=vger.kernel.org
	(client-ip=209.132.180.67; helo=vger.kernel.org;
	envelope-from=netfilter-devel-owner@vger.kernel.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=gmail.com header.i=@gmail.com
	header.b="M+iM5zg2"; dkim-atps=neutral
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 3z3wnR07xqz9s84
	for <incoming@patchwork.ozlabs.org>;
	Sun, 24 Dec 2017 06:44:42 +1100 (AEDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1750852AbdLWTol (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);
	Sat, 23 Dec 2017 14:44:41 -0500
Received: from mail-pg0-f65.google.com ([74.125.83.65]:35039 "EHLO
	mail-pg0-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1750802AbdLWTok (ORCPT
	<rfc822;netfilter-devel@vger.kernel.org>);
	Sat, 23 Dec 2017 14:44:40 -0500
Received: by mail-pg0-f65.google.com with SMTP id q20so15723265pgv.2
	for <netfilter-devel@vger.kernel.org>;
	Sat, 23 Dec 2017 11:44:40 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gmail.com; s=20161025;
	h=from:to:cc:subject:date:message-id;
	bh=IijQdukBCS0Tlu5+CwOXxmoiyKKz8U11JxPYpFZQ4c8=;
	b=M+iM5zg2+itGNbNykkozA8EQ6oK3GHQFDCvfB3RIv1TKx9RQrs9P0SKe5fLhAL0172
	6Elj2D8d8mISiwxwZ+W9hvIzV8xT7DiuOHSTxXkqfGk2fYQTKNjFMhn4grdE1273Aqz+
	WNc1390LGlX3izMuXT3qZ43vT6pdKWGT6JYZRJpWmyeMy5RfcJ7wHAt5BjXCT1oM73jh
	1xZaHsz5tW2OF9cIRh67li29iQUqkYGYchaN1eKC1O47CXuihvtipuGQXUDbtS6WTLoj
	g7k7S8rRXl6K68wJ6VDBrLEJcbSL9Tby8ie6Teljps2KUian1DPAgQA9Nm8LvBPVcXya
	3oJg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id;
	bh=IijQdukBCS0Tlu5+CwOXxmoiyKKz8U11JxPYpFZQ4c8=;
	b=AHMkb6vmyiOCqx5JgCKDBdv9VjmGVKEYkatfSxJaS+18UxIzVVf/GXDtuLcLHMpTXE
	RPFadDROd8wcW1Bk6mNfommCCqUuKpT3bLf7dfE4CB+w+FqCiXfl+A7JzsYZF7AXtS1R
	qz721cO6qNd6OBPsrw6wob4ZrR2DfPsW/dugy1dSvcmQxjD+lQ7DQfCFNoEXmi7Zb+6k
	TM+7VrjIIKijbCInz07FJhZiKBdd2b63PNBl/1zRjAEj2HLj94t/HNB8eB+32sRLzC/K
	6xDbqSo21m1wk2aPFxLpevmtXMiWWue3MsGcgqeRQEnELkWbbrYUyRDhE3qmkKChG/Jc
	1Cog==
X-Gm-Message-State: AKGB3mJCXV3GEM+8At69sA7k9IQhp8TQ069IWMJz1Wg+XsggKmmzZAcv
	/jAxf2+oiitcqpKcFj8eF1Oz9g==
X-Google-Smtp-Source: 
 ACJfBovJb2CBPlP58z4cP5/kUQRXRsujEwWhfqLzVpqXmsdmZNf2939t+A4gHM52Mcc6hoQI+TnYBA==
X-Received: by 10.101.68.201 with SMTP id g9mr16268634pgs.149.1514058279858;
	Sat, 23 Dec 2017 11:44:39 -0800 (PST)
Received: from ubuntu.localdomain ([157.37.15.9])
	by smtp.gmail.com with ESMTPSA id
	c10sm40723421pgu.61.2017.12.23.11.44.34
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Sat, 23 Dec 2017 11:44:39 -0800 (PST)
From: Harsha Sharma <harshasharmaiitr@gmail.com>
To: pablo@netfilter.org, harshasharmaiitr@gmail.com
Cc: netfilter-devel@vger.kernel.org
Subject: [PATCH] netfilter: nf_tables: allocate table handle
Date: Sat, 23 Dec 2017 11:44:20 -0800
Message-Id: <20171223194420.5962-1-harshasharmaiitr@gmail.com>
X-Mailer: git-send-email 2.11.0
Sender: netfilter-devel-owner@vger.kernel.org
Precedence: bulk
List-ID: <netfilter-devel.vger.kernel.org>
X-Mailing-List: netfilter-devel@vger.kernel.org

This patch adds code to allocate 'handle' in tables, which allow us to
uniquely identify a table.

Signed-off-by: Harsha Sharma <harshasharmaiitr@gmail.com>
---
 include/net/netfilter/nf_tables.h        |  2 ++
 include/uapi/linux/netfilter/nf_tables.h |  2 ++
 net/netfilter/nf_tables_api.c            | 12 +++++++++++-
 3 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h
index 01570a8f2982..bbc7bfcc1a57 100644
--- a/include/net/netfilter/nf_tables.h
+++ b/include/net/netfilter/nf_tables.h
@@ -949,6 +949,7 @@ unsigned int nft_do_chain(struct nft_pktinfo *pkt, void *priv);
  *	@sets: sets in the table
  *	@objects: stateful objects in the table
  *	@hgenerator: handle generator state
+ *	@handle: table handle
  *	@use: number of chain references to this table
  *	@flags: table flag (see enum nft_table_flags)
  *	@genmask: generation mask
@@ -960,6 +961,7 @@ struct nft_table {
 	struct list_head		sets;
 	struct list_head		objects;
 	u64				hgenerator;
+	u64 				handle:42;
 	u32				use;
 	u16				flags:14,
 					genmask:2;
diff --git a/include/uapi/linux/netfilter/nf_tables.h b/include/uapi/linux/netfilter/nf_tables.h
index a3ee277b17a1..a6ab9a962eae 100644
--- a/include/uapi/linux/netfilter/nf_tables.h
+++ b/include/uapi/linux/netfilter/nf_tables.h
@@ -168,6 +168,8 @@ enum nft_table_attributes {
 	NFTA_TABLE_NAME,
 	NFTA_TABLE_FLAGS,
 	NFTA_TABLE_USE,
+	NFTA_TABLE_HANDLE,
+	NFTA_TABLE_PAD,
 	__NFTA_TABLE_MAX
 };
 #define NFTA_TABLE_MAX		(__NFTA_TABLE_MAX - 1)
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index d8327b43e4dc..4a4e247e6028 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -22,6 +22,7 @@
 #include <net/net_namespace.h>
 #include <net/sock.h>
 
+static u64 table_handle;
 static LIST_HEAD(nf_tables_expressions);
 static LIST_HEAD(nf_tables_objects);
 
@@ -430,6 +431,7 @@ static const struct nla_policy nft_table_policy[NFTA_TABLE_MAX + 1] = {
 	[NFTA_TABLE_NAME]	= { .type = NLA_STRING,
 				    .len = NFT_TABLE_MAXNAMELEN - 1 },
 	[NFTA_TABLE_FLAGS]	= { .type = NLA_U32 },
+	[NFTA_TABLE_HANDLE] = { .type = NLA_U64 },
 };
 
 static int nf_tables_fill_table_info(struct sk_buff *skb, struct net *net,
@@ -451,7 +453,9 @@ static int nf_tables_fill_table_info(struct sk_buff *skb, struct net *net,
 
 	if (nla_put_string(skb, NFTA_TABLE_NAME, table->name) ||
 	    nla_put_be32(skb, NFTA_TABLE_FLAGS, htonl(table->flags)) ||
-	    nla_put_be32(skb, NFTA_TABLE_USE, htonl(table->use)))
+	    nla_put_be32(skb, NFTA_TABLE_USE, htonl(table->use)) ||
+	    nla_put_be64(skb, NFTA_TABLE_HANDLE, cpu_to_be64(table->handle),
+			 NFTA_TABLE_PAD))
 		goto nla_put_failure;
 
 	nlmsg_end(skb, nlh);
@@ -734,6 +738,12 @@ static int nf_tables_newtable(struct net *net, struct sock *nlsk,
 	INIT_LIST_HEAD(&table->sets);
 	INIT_LIST_HEAD(&table->objects);
 	table->flags = flags;
+	if (nla[NFTA_TABLE_HANDLE]) {
+		table->handle = be64_to_cpu(nla_get_be64(nla[NFTA_TABLE_HANDLE]));
+	} else {
+		table_handle++;
+		table->handle = table_handle;
+	}
 
 	nft_ctx_init(&ctx, net, skb, nlh, afi, table, NULL, nla);
 	err = nft_trans_table_add(&ctx, NFT_MSG_NEWTABLE);