[nft] create u32_integer type to be used as a key for sets and maps

Message ID 20180314210035.wxg4mddtlndw5s4a@nevthink
State Under Review
Delegated to: Pablo Neira
Headers show
Series
  • [nft] create u32_integer type to be used as a key for sets and maps
Related show

Commit Message

Laura Garcia Liebana March 14, 2018, 9 p.m.
Create the new type u32_integer with a fixed size in order to
be used as a key in maps and sets. The type integer cannot be
used as a key cause is a dynamic size type and is used as a
base type of some subtypes.

Without this patch we obtain the following error:

Error: unqualified key type integer specified in map definition
add map nftlb mapa { type integer : ipv4_addr; }
                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^

After this patch, we can use an u32 integer as a key for sets
and maps:

table ip nftlb {
        map mapa {
                type u32_integer : ipv4_addr
        }

        set conjunto {
                type u32_integer
        }
}

Signed-off-by: Laura Garcia Liebana <nevola@gmail.com>
---
This is the v2 of ("fix integer type size to be used as a key
for sets and maps"), due to this approach fits better with the
current design of nft types than the previous one and avoids
possible side effects.

 include/datatype.h |  3 +++
 src/datatype.c     | 10 ++++++++++
 2 files changed, 13 insertions(+)

Comments

Duncan Roe March 23, 2018, 11:47 p.m. | #1
On Wed, Mar 14, 2018 at 10:00:35PM +0100, Laura Garcia Liebana wrote:
> Create the new type u32_integer with a fixed size in order to
> be used as a key in maps and sets. The type integer cannot be
> used as a key cause is a dynamic size type and is used as a
> base type of some subtypes.
>
> Without this patch we obtain the following error:
>
> Error: unqualified key type integer specified in map definition
> add map nftlb mapa { type integer : ipv4_addr; }
>                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
> After this patch, we can use an u32 integer as a key for sets
> and maps:
>
> table ip nftlb {
>         map mapa {
>                 type u32_integer : ipv4_addr
>         }
>
>         set conjunto {
>                 type u32_integer
>         }
> }
>
> Signed-off-by: Laura Garcia Liebana <nevola@gmail.com>
> ---
> This is the v2 of ("fix integer type size to be used as a key
> for sets and maps"), due to this approach fits better with the
> current design of nft types than the previous one and avoids
> possible side effects.
>
>  include/datatype.h |  3 +++
>  src/datatype.c     | 10 ++++++++++
>  2 files changed, 13 insertions(+)
>
> diff --git a/include/datatype.h b/include/datatype.h
> index 3f612e5..7f106cd 100644
> --- a/include/datatype.h
> +++ b/include/datatype.h
> @@ -42,6 +42,7 @@
>   * @TYPE_DEVGROUP:	devgroup code (integer subtype)
>   * @TYPE_DSCP:		Differentiated Services Code Point (integer subtype)
>   * @TYPE_IFNAME:	interface name (string subtype)
> + * @TYPE_U32_INTEGER:	unsigned 32 bits integer (integer subtype)
>   */
>  enum datatypes {
>  	TYPE_INVALID,
> @@ -86,6 +87,7 @@ enum datatypes {
>  	TYPE_BOOLEAN,
>  	TYPE_CT_EVENTBIT,
>  	TYPE_IFNAME,
> +	TYPE_U32_INTEGER,
>  	__TYPE_MAX
>  };
>  #define TYPE_MAX		(__TYPE_MAX - 1)
> @@ -240,6 +242,7 @@ extern const struct datatype icmpv6_code_type;
>  extern const struct datatype icmpx_code_type;
>  extern const struct datatype time_type;
>  extern const struct datatype boolean_type;
> +extern const struct datatype u32_integer_type;
>
>  extern const struct datatype *concat_type_alloc(uint32_t type);
>  extern void concat_type_destroy(const struct datatype *dtype);
> diff --git a/src/datatype.c b/src/datatype.c
> index 324ac80..f2d1d2b 100644
> --- a/src/datatype.c
> +++ b/src/datatype.c
> @@ -69,6 +69,7 @@ static const struct datatype *datatypes[TYPE_MAX + 1] = {
>  	[TYPE_FIB_ADDR]         = &fib_addr_type,
>  	[TYPE_BOOLEAN]		= &boolean_type,
>  	[TYPE_IFNAME]		= &ifname_type,
> +	[TYPE_U32_INTEGER]	= &u32_integer_type,
>  };
>
>  const struct datatype *datatype_lookup(enum datatypes type)
> @@ -1144,3 +1145,12 @@ const struct datatype boolean_type = {
>  	.basetype	= &integer_type,
>  	.sym_tbl	= &boolean_tbl,
>  };
> +
> +const struct datatype u32_integer_type = {
> +	.type		= TYPE_U32_INTEGER,
> +	.name		= "u32_integer",
> +	.desc		= "32 bits integer",
> +	.size		= 4 * BITS_PER_BYTE,
> +	.byteorder	= BYTEORDER_HOST_ENDIAN,
> +	.basetype	= &integer_type,
> +};
> --
> 2.11.0
>
Why do we need an invented type when there is already uint32_t in
/usr/include/stdint.h?

Cheers ... Duncan.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Laura Garcia Liebana March 26, 2018, 7:43 a.m. | #2
On Sat, Mar 24, 2018 at 12:47 AM, Duncan Roe <duncan_roe@optusnet.com.au> wrote:
> On Wed, Mar 14, 2018 at 10:00:35PM +0100, Laura Garcia Liebana wrote:
>> Create the new type u32_integer with a fixed size in order to
>> be used as a key in maps and sets. The type integer cannot be
>> used as a key cause is a dynamic size type and is used as a
>> base type of some subtypes.
>>
>> Without this patch we obtain the following error:
>>
>> Error: unqualified key type integer specified in map definition
>> add map nftlb mapa { type integer : ipv4_addr; }
>>                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^
>>
>> After this patch, we can use an u32 integer as a key for sets
>> and maps:
>>
>> table ip nftlb {
>>         map mapa {
>>                 type u32_integer : ipv4_addr
>>         }
>>
>>         set conjunto {
>>                 type u32_integer
>>         }
>> }
>>
>> Signed-off-by: Laura Garcia Liebana <nevola@gmail.com>
>> ---
>> This is the v2 of ("fix integer type size to be used as a key
>> for sets and maps"), due to this approach fits better with the
>> current design of nft types than the previous one and avoids
>> possible side effects.
>>
>>  include/datatype.h |  3 +++
>>  src/datatype.c     | 10 ++++++++++
>>  2 files changed, 13 insertions(+)
>>
>> diff --git a/include/datatype.h b/include/datatype.h
>> index 3f612e5..7f106cd 100644
>> --- a/include/datatype.h
>> +++ b/include/datatype.h
>> @@ -42,6 +42,7 @@
>>   * @TYPE_DEVGROUP:   devgroup code (integer subtype)
>>   * @TYPE_DSCP:               Differentiated Services Code Point (integer subtype)
>>   * @TYPE_IFNAME:     interface name (string subtype)
>> + * @TYPE_U32_INTEGER:        unsigned 32 bits integer (integer subtype)
>>   */
>>  enum datatypes {
>>       TYPE_INVALID,
>> @@ -86,6 +87,7 @@ enum datatypes {
>>       TYPE_BOOLEAN,
>>       TYPE_CT_EVENTBIT,
>>       TYPE_IFNAME,
>> +     TYPE_U32_INTEGER,
>>       __TYPE_MAX
>>  };
>>  #define TYPE_MAX             (__TYPE_MAX - 1)
>> @@ -240,6 +242,7 @@ extern const struct datatype icmpv6_code_type;
>>  extern const struct datatype icmpx_code_type;
>>  extern const struct datatype time_type;
>>  extern const struct datatype boolean_type;
>> +extern const struct datatype u32_integer_type;
>>
>>  extern const struct datatype *concat_type_alloc(uint32_t type);
>>  extern void concat_type_destroy(const struct datatype *dtype);
>> diff --git a/src/datatype.c b/src/datatype.c
>> index 324ac80..f2d1d2b 100644
>> --- a/src/datatype.c
>> +++ b/src/datatype.c
>> @@ -69,6 +69,7 @@ static const struct datatype *datatypes[TYPE_MAX + 1] = {
>>       [TYPE_FIB_ADDR]         = &fib_addr_type,
>>       [TYPE_BOOLEAN]          = &boolean_type,
>>       [TYPE_IFNAME]           = &ifname_type,
>> +     [TYPE_U32_INTEGER]      = &u32_integer_type,
>>  };
>>
>>  const struct datatype *datatype_lookup(enum datatypes type)
>> @@ -1144,3 +1145,12 @@ const struct datatype boolean_type = {
>>       .basetype       = &integer_type,
>>       .sym_tbl        = &boolean_tbl,
>>  };
>> +
>> +const struct datatype u32_integer_type = {
>> +     .type           = TYPE_U32_INTEGER,
>> +     .name           = "u32_integer",
>> +     .desc           = "32 bits integer",
>> +     .size           = 4 * BITS_PER_BYTE,
>> +     .byteorder      = BYTEORDER_HOST_ENDIAN,
>> +     .basetype       = &integer_type,
>> +};
>> --
>> 2.11.0
>>
> Why do we need an invented type when there is already uint32_t in
> /usr/include/stdint.h?

Hi Duncan,

Cause the nft parser doesn't understand uint32_t and the way
that nft sends the types to the kernel requires to specify
the base type, size, byteorder, etc.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Duncan Roe March 26, 2018, 11:17 p.m. | #3
On Mon, Mar 26, 2018 at 09:43:06AM +0200, Laura Garcia wrote:
> On Sat, Mar 24, 2018 at 12:47 AM, Duncan Roe <duncan_roe@optusnet.com.au> wrote:
> > On Wed, Mar 14, 2018 at 10:00:35PM +0100, Laura Garcia Liebana wrote:
> >> Create the new type u32_integer with a fixed size in order to
> >> be used as a key in maps and sets. The type integer cannot be
> >> used as a key cause is a dynamic size type and is used as a
> >> base type of some subtypes.
> >>
> >> Without this patch we obtain the following error:
> >>
> >> Error: unqualified key type integer specified in map definition
> >> add map nftlb mapa { type integer : ipv4_addr; }
> >>                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >>
> >> After this patch, we can use an u32 integer as a key for sets
> >> and maps:
> >>
> >> table ip nftlb {
> >>         map mapa {
> >>                 type u32_integer : ipv4_addr
> >>         }
> >>
> >>         set conjunto {
> >>                 type u32_integer
> >>         }
> >> }
> >>
> >> Signed-off-by: Laura Garcia Liebana <nevola@gmail.com>
> >> ---
> >> This is the v2 of ("fix integer type size to be used as a key
> >> for sets and maps"), due to this approach fits better with the
> >> current design of nft types than the previous one and avoids
> >> possible side effects.
> >>
> >>  include/datatype.h |  3 +++
> >>  src/datatype.c     | 10 ++++++++++
> >>  2 files changed, 13 insertions(+)
> >>
> >> diff --git a/include/datatype.h b/include/datatype.h
> >> index 3f612e5..7f106cd 100644
> >> --- a/include/datatype.h
> >> +++ b/include/datatype.h
[...]
> > Why do we need an invented type when there is already uint32_t in
> > /usr/include/stdint.h?
>
> Hi Duncan,
>
> Cause the nft parser doesn't understand uint32_t and the way
> that nft sends the types to the kernel requires to specify
> the base type, size, byteorder, etc.
Thanks for the explanation - looks fine then,

Cheers ... Duncan.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Patch

diff --git a/include/datatype.h b/include/datatype.h
index 3f612e5..7f106cd 100644
--- a/include/datatype.h
+++ b/include/datatype.h
@@ -42,6 +42,7 @@ 
  * @TYPE_DEVGROUP:	devgroup code (integer subtype)
  * @TYPE_DSCP:		Differentiated Services Code Point (integer subtype)
  * @TYPE_IFNAME:	interface name (string subtype)
+ * @TYPE_U32_INTEGER:	unsigned 32 bits integer (integer subtype)
  */
 enum datatypes {
 	TYPE_INVALID,
@@ -86,6 +87,7 @@  enum datatypes {
 	TYPE_BOOLEAN,
 	TYPE_CT_EVENTBIT,
 	TYPE_IFNAME,
+	TYPE_U32_INTEGER,
 	__TYPE_MAX
 };
 #define TYPE_MAX		(__TYPE_MAX - 1)
@@ -240,6 +242,7 @@  extern const struct datatype icmpv6_code_type;
 extern const struct datatype icmpx_code_type;
 extern const struct datatype time_type;
 extern const struct datatype boolean_type;
+extern const struct datatype u32_integer_type;
 
 extern const struct datatype *concat_type_alloc(uint32_t type);
 extern void concat_type_destroy(const struct datatype *dtype);
diff --git a/src/datatype.c b/src/datatype.c
index 324ac80..f2d1d2b 100644
--- a/src/datatype.c
+++ b/src/datatype.c
@@ -69,6 +69,7 @@  static const struct datatype *datatypes[TYPE_MAX + 1] = {
 	[TYPE_FIB_ADDR]         = &fib_addr_type,
 	[TYPE_BOOLEAN]		= &boolean_type,
 	[TYPE_IFNAME]		= &ifname_type,
+	[TYPE_U32_INTEGER]	= &u32_integer_type,
 };
 
 const struct datatype *datatype_lookup(enum datatypes type)
@@ -1144,3 +1145,12 @@  const struct datatype boolean_type = {
 	.basetype	= &integer_type,
 	.sym_tbl	= &boolean_tbl,
 };
+
+const struct datatype u32_integer_type = {
+	.type		= TYPE_U32_INTEGER,
+	.name		= "u32_integer",
+	.desc		= "32 bits integer",
+	.size		= 4 * BITS_PER_BYTE,
+	.byteorder	= BYTEORDER_HOST_ENDIAN,
+	.basetype	= &integer_type,
+};