From patchwork Sun Apr 22 09:04:56 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: nevola <nevola@gmail.com>
X-Patchwork-Id: 902585
X-Patchwork-Delegate: pablo@netfilter.org
Return-Path: <netfilter-devel-owner@vger.kernel.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=none (mailfrom) smtp.mailfrom=vger.kernel.org
	(client-ip=209.132.180.67; helo=vger.kernel.org;
	envelope-from=netfilter-devel-owner@vger.kernel.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dmarc=fail (p=none dis=none) header.from=gmail.com
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=gmail.com header.i=@gmail.com
	header.b="bQ8wQpUJ"; dkim-atps=neutral
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 40TNvy2T4hz9s0t
	for <incoming@patchwork.ozlabs.org>;
	Sun, 22 Apr 2018 19:05:02 +1000 (AEST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1751095AbeDVJFB (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);
	Sun, 22 Apr 2018 05:05:01 -0400
Received: from mail-wr0-f196.google.com ([209.85.128.196]:45876 "EHLO
	mail-wr0-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1750890AbeDVJFA (ORCPT
	<rfc822;netfilter-devel@vger.kernel.org>);
	Sun, 22 Apr 2018 05:05:00 -0400
Received: by mail-wr0-f196.google.com with SMTP id p5-v6so5403125wre.12
	for <netfilter-devel@vger.kernel.org>;
	Sun, 22 Apr 2018 02:05:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gmail.com; s=20161025;
	h=date:from:to:subject:message-id:mime-version:content-disposition
	:user-agent; bh=zICPT0YKhu4wgUhad7AXHSSuc4GyR7498QwtC/udlmk=;
	b=bQ8wQpUJIr9arbpWs6CDL2vja9PxHuZ06z1Wp7/S6oL9UO90NToZ9SWyMhoEipr7TU
	hQn+4v3KIYKZWieyyYFhdVAGQ0hY0CSISmLl/1dkaa5OQ7IGFcFG4/UC8KY2+dYd+ztq
	2tp/8M1Wz0bLHuGWkNqjJVwPa0dDUmsoGx+vA10pbmjTRME/j9nbp6hF4PTfGzIQtnAE
	tB+XRnhpdHDvpTRfBjT4Yn+n7uBM5+86XlBceiCZn9yXdM/Uh1pycoXFaIOZoGrmwqMW
	H6ZDQArRiD/7znMmaMA55W644FD39CvAp5sfDkm8opiv4P1EWMx2zb/dsw1h27/cPj+R
	Jvsg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:date:from:to:subject:message-id:mime-version
	:content-disposition:user-agent;
	bh=zICPT0YKhu4wgUhad7AXHSSuc4GyR7498QwtC/udlmk=;
	b=mfm2eIWKgJFTpsBkZ24iMv+O4YMSs3C6ZQMEQZCzW0U2Uc9tuCjFPqn0xOX8CD5i2X
	vQBqhX/V3fXtUsFYyg0HwiATQZ58AqtNud0LuKK19gwNSFwNj6VTy9l1d3nw+1OZgIzh
	5wdEjqntDbvYWOXu/WMZrIJ0yPvQXTKQzF15iGxiNWT6TlWgq41x8gy5BP/cp3qbxfq0
	SjS4A5dX4jCJVPnvDoTq3400oUExjtZnBgVjPgsFhVzv5mOW9wSyFoI6yND626nbWld/
	uoqUr6/+adSOw+C58eqcvoLl34iRBxmrEBkVSCn8qizhrlZzKZpe5i3TwLZnER0/INph
	Vn4g==
X-Gm-Message-State: ALQs6tCfOLLe1ER/nhaO2ODrZK9KjE4e+joWyFEcbBEeI2y8ubcA4TuU
	ovkUGtuf/4dprLUSg5QLqn8psQ==
X-Google-Smtp-Source: 
 AIpwx4/Y4WpLUbXDDQrakrHklePC+86x7Sw0Me4orx6AamGkI2FumMDWBE1X3yn5NbrxOQBZLCCeWg==
X-Received: by 2002:adf:ad61:: with SMTP id
	p88-v6mr13344506wrc.24.1524387899330;
	Sun, 22 Apr 2018 02:04:59 -0700 (PDT)
Received: from nevthink ([91.126.75.228]) by smtp.gmail.com with ESMTPSA id
	l15-v6sm8706263wrb.85.2018.04.22.02.04.58
	for <netfilter-devel@vger.kernel.org>
	(version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
	Sun, 22 Apr 2018 02:04:58 -0700 (PDT)
Date: Sun, 22 Apr 2018 11:04:56 +0200
From: Laura Garcia Liebana <nevola@gmail.com>
To: netfilter-devel@vger.kernel.org
Subject: [PATCH libnftnl] expr: add map lookups for numgen statements
Message-ID: <20180422090456.xes264oqmb6kqic3@nevthink>
MIME-Version: 1.0
Content-Disposition: inline
User-Agent: NeoMutt/20170113 (1.7.2)
Sender: netfilter-devel-owner@vger.kernel.org
Precedence: bulk
List-ID: <netfilter-devel.vger.kernel.org>
X-Mailing-List: netfilter-devel@vger.kernel.org

This patch introduces two new attributes for numgen to allow map
lookups where the number generator will be the key.

Two new attributes needs to be included: NFTNL_EXPR_NG_SET_NAME and
NFTNL_EXPR_NG_SET_ID in order to identify the given map.

Signed-off-by: Laura Garcia Liebana <nevola@gmail.com>
---
 include/libnftnl/expr.h             |  2 ++
 include/linux/netfilter/nf_tables.h |  4 +++
 src/expr/numgen.c                   | 49 +++++++++++++++++++++++++++++++++++++
 3 files changed, 55 insertions(+)

diff --git a/include/libnftnl/expr.h b/include/libnftnl/expr.h
index 76df942..25d4103 100644
--- a/include/libnftnl/expr.h
+++ b/include/libnftnl/expr.h
@@ -57,6 +57,8 @@ enum {
 	NFTNL_EXPR_NG_MODULUS,
 	NFTNL_EXPR_NG_TYPE,
 	NFTNL_EXPR_NG_OFFSET,
+	NFTNL_EXPR_NG_SET_NAME,
+	NFTNL_EXPR_NG_SET_ID,
 };
 
 enum {
diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h
index b904e33..54e35c1 100644
--- a/include/linux/netfilter/nf_tables.h
+++ b/include/linux/netfilter/nf_tables.h
@@ -1448,6 +1448,8 @@ enum nft_trace_types {
  * @NFTA_NG_MODULUS: maximum counter value (NLA_U32)
  * @NFTA_NG_TYPE: operation type (NLA_U32)
  * @NFTA_NG_OFFSET: offset to be added to the counter (NLA_U32)
+ * @NFTA_NG_SET_NAME: name of the map to lookup (NLA_STRING)
+ * @NFTA_NG_SET_ID: if of the map (NLA_U32)
  */
 enum nft_ng_attributes {
 	NFTA_NG_UNSPEC,
@@ -1455,6 +1457,8 @@ enum nft_ng_attributes {
 	NFTA_NG_MODULUS,
 	NFTA_NG_TYPE,
 	NFTA_NG_OFFSET,
+	NFTA_NG_SET_NAME,
+	NFTA_NG_SET_ID,
 	__NFTA_NG_MAX
 };
 #define NFTA_NG_MAX	(__NFTA_NG_MAX - 1)
diff --git a/src/expr/numgen.c b/src/expr/numgen.c
index 1369b01..5336fde 100644
--- a/src/expr/numgen.c
+++ b/src/expr/numgen.c
@@ -25,6 +25,10 @@ struct nftnl_expr_ng {
 	unsigned int		modulus;
 	enum nft_ng_types	type;
 	unsigned int		offset;
+	struct {
+		const char	*name;
+		uint32_t	id;
+	} map;
 };
 
 static int
@@ -46,6 +50,14 @@ nftnl_expr_ng_set(struct nftnl_expr *e, uint16_t type,
 	case NFTNL_EXPR_NG_OFFSET:
 		ng->offset = *((uint32_t *)data);
 		break;
+	case NFTNL_EXPR_NG_SET_NAME:
+		ng->map.name = strdup(data);
+		if (!ng->map.name)
+			return -1;
+		break;
+	case NFTNL_EXPR_NG_SET_ID:
+		ng->map.id = *((uint32_t *)data);
+		break;
 	default:
 		return -1;
 	}
@@ -71,6 +83,12 @@ nftnl_expr_ng_get(const struct nftnl_expr *e, uint16_t type,
 	case NFTNL_EXPR_NG_OFFSET:
 		*data_len = sizeof(ng->offset);
 		return &ng->offset;
+	case NFTNL_EXPR_NG_SET_NAME:
+		*data_len = strlen(ng->map.name) + 1;
+		return ng->map.name;
+	case NFTNL_EXPR_NG_SET_ID:
+		*data_len = sizeof(ng->map.id);
+		return &ng->map.id;
 	}
 	return NULL;
 }
@@ -88,9 +106,14 @@ static int nftnl_expr_ng_cb(const struct nlattr *attr, void *data)
 	case NFTA_NG_MODULUS:
 	case NFTA_NG_TYPE:
 	case NFTA_NG_OFFSET:
+	case NFTA_NG_SET_ID:
 		if (mnl_attr_validate(attr, MNL_TYPE_U32) < 0)
 			abi_breakage();
 		break;
+	case NFTA_NG_SET_NAME:
+		if (mnl_attr_validate(attr, MNL_TYPE_STRING) < 0)
+			abi_breakage();
+		break;
 	}
 
 	tb[type] = attr;
@@ -110,6 +133,10 @@ nftnl_expr_ng_build(struct nlmsghdr *nlh, const struct nftnl_expr *e)
 		mnl_attr_put_u32(nlh, NFTA_NG_TYPE, htonl(ng->type));
 	if (e->flags & (1 << NFTNL_EXPR_NG_OFFSET))
 		mnl_attr_put_u32(nlh, NFTA_NG_OFFSET, htonl(ng->offset));
+	if (e->flags & (1 << NFTNL_EXPR_NG_SET_NAME))
+		mnl_attr_put_str(nlh, NFTA_NG_SET_NAME, ng->map.name);
+	if (e->flags & (1 << NFTNL_EXPR_NG_SET_ID))
+		mnl_attr_put_u32(nlh, NFTA_NG_SET_ID, htonl(ng->map.id));
 }
 
 static int
@@ -138,6 +165,16 @@ nftnl_expr_ng_parse(struct nftnl_expr *e, struct nlattr *attr)
 		ng->offset = ntohl(mnl_attr_get_u32(tb[NFTA_NG_OFFSET]));
 		e->flags |= (1 << NFTNL_EXPR_NG_OFFSET);
 	}
+	if (tb[NFTA_NG_SET_NAME]) {
+		ng->map.name =
+			strdup(mnl_attr_get_str(tb[NFTA_NG_SET_NAME]));
+		e->flags |= (1 << NFTNL_EXPR_NG_SET_NAME);
+	}
+	if (tb[NFTA_NG_SET_ID]) {
+		ng->map.id =
+			ntohl(mnl_attr_get_u32(tb[NFTA_NG_SET_ID]));
+		e->flags |= (1 << NFTNL_EXPR_NG_SET_ID);
+	}
 
 	return ret;
 }
@@ -198,6 +235,12 @@ nftnl_expr_ng_snprintf_default(char *buf, size_t size,
 		SNPRINTF_BUFFER_SIZE(ret, remain, offset);
 	}
 
+	if (ng->map.id) {
+		ret = snprintf(buf + offset, remain, "set %s id %u ",
+			       ng->map.name, ng->map.id);
+		SNPRINTF_BUFFER_SIZE(ret, remain, offset);
+	}
+
 	return offset;
 }
 
@@ -216,6 +259,8 @@ static int nftnl_expr_ng_export(char *buf, size_t size,
 		nftnl_buf_u32(&b, type, ng->type, TYPE);
 	if (e->flags & (1 << NFTNL_EXPR_NG_OFFSET))
 		nftnl_buf_u32(&b, type, ng->type, OFFSET);
+	if (e->flags & (1 << NFTNL_EXPR_NG_SET_NAME))
+		nftnl_buf_str(&b, type, ng->map.name, SET);
 
 	return nftnl_buf_done(&b);
 }
@@ -251,6 +296,10 @@ static bool nftnl_expr_ng_cmp(const struct nftnl_expr *e1,
 		eq &= (n1->type == n2->type);
 	if (e1->flags & (1 << NFTNL_EXPR_NG_OFFSET))
 		eq &= (n1->offset == n2->offset);
+	if (e1->flags & (1 << NFTNL_EXPR_NG_SET_NAME))
+		eq &= !strcmp(n1->map.name, n2->map.name);
+	if (e1->flags & (1 << NFTNL_EXPR_NG_SET_ID))
+		eq &= (n1->map.id == n2->map.id);
 
 	return eq;
 }