From patchwork Mon Feb 26 08:34:23 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Pablo Neira Ayuso <pablo@netfilter.org>
X-Patchwork-Id: 877708
X-Patchwork-Delegate: pablo@netfilter.org
Return-Path: <netfilter-devel-owner@vger.kernel.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=none (mailfrom) smtp.mailfrom=vger.kernel.org
	(client-ip=209.132.180.67; helo=vger.kernel.org;
	envelope-from=netfilter-devel-owner@vger.kernel.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none)
	header.from=netfilter.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 3zqZs50kPNz9s0x
	for <incoming@patchwork.ozlabs.org>;
	Mon, 26 Feb 2018 19:35:21 +1100 (AEDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752389AbeBZIee (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);
	Mon, 26 Feb 2018 03:34:34 -0500
Received: from mail.us.es ([193.147.175.20]:56206 "EHLO mail.us.es"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1752034AbeBZIea (ORCPT <rfc822; netfilter-devel@vger.kernel.org>);
	Mon, 26 Feb 2018 03:34:30 -0500
Received: from antivirus1-rhel7.int (unknown [192.168.2.11])
	by mail.us.es (Postfix) with ESMTP id F0930E2C40
	for <netfilter-devel@vger.kernel.org>;
	Mon, 26 Feb 2018 09:34:28 +0100 (CET)
Received: from antivirus1-rhel7.int (localhost [127.0.0.1])
	by antivirus1-rhel7.int (Postfix) with ESMTP id DD091DA243
	for <netfilter-devel@vger.kernel.org>;
	Mon, 26 Feb 2018 09:34:28 +0100 (CET)
Received: by antivirus1-rhel7.int (Postfix, from userid 99)
	id DC072DA242; Mon, 26 Feb 2018 09:34:28 +0100 (CET)
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on
	antivirus1-rhel7.int
X-Spam-Level: 
X-Spam-Status: No, score=-108.2 required=7.5 tests=ALL_TRUSTED,BAYES_50,
	SMTPAUTH_US2,USER_IN_WHITELIST autolearn=disabled version=3.4.1
Received: from antivirus1-rhel7.int (localhost [127.0.0.1])
	by antivirus1-rhel7.int (Postfix) with ESMTP id DC5CBDA3B4
	for <netfilter-devel@vger.kernel.org>;
	Mon, 26 Feb 2018 09:34:26 +0100 (CET)
Received: from 192.168.1.97 (192.168.1.97) by antivirus1-rhel7.int
	(F-Secure/fsigk_smtp/550/antivirus1-rhel7.int);
	Mon, 26 Feb 2018 09:34:26 +0100 (CET)
X-Virus-Status: clean(F-Secure/fsigk_smtp/550/antivirus1-rhel7.int)
Received: from salvia.here (sys.soleta.eu [212.170.55.40])
	(Authenticated sender: pneira@us.es)
	by entrada.int (Postfix) with ESMTPA id BA1A24265A2F
	for <netfilter-devel@vger.kernel.org>;
	Mon, 26 Feb 2018 09:34:26 +0100 (CET)
X-SMTPAUTHUS: auth mail.us.es
From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-devel@vger.kernel.org
Subject: [PATCH libnftnl] flowtable: allow to specify size
Date: Mon, 26 Feb 2018 09:34:23 +0100
Message-Id: <20180226083423.4122-1-pablo@netfilter.org>
X-Mailer: git-send-email 2.11.0
X-Virus-Scanned: ClamAV using ClamSMTP
Sender: netfilter-devel-owner@vger.kernel.org
Precedence: bulk
List-ID: <netfilter-devel.vger.kernel.org>
X-Mailing-List: netfilter-devel@vger.kernel.org

This new attribute allows you to specify the flowtable size.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 include/libnftnl/flowtable.h        |  1 +
 include/linux/netfilter/nf_tables.h |  5 +++++
 src/flowtable.c                     | 23 +++++++++++++++++++++--
 3 files changed, 27 insertions(+), 2 deletions(-)

diff --git a/include/libnftnl/flowtable.h b/include/libnftnl/flowtable.h
index 0f8f3252da18..06b06a6f627f 100644
--- a/include/libnftnl/flowtable.h
+++ b/include/libnftnl/flowtable.h
@@ -25,6 +25,7 @@ enum nftnl_flowtable_attr {
 	NFTNL_FLOWTABLE_PRIO	= 4,
 	NFTNL_FLOWTABLE_USE,
 	NFTNL_FLOWTABLE_DEVICES,
+	NFTNL_FLOWTABLE_SIZE,
 	__NFTNL_FLOWTABLE_MAX
 };
 #define NFTNL_FLOWTABLE_MAX (__NFTNL_FLOWTABLE_MAX - 1)
diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h
index ede8c4de9453..3f725200cb7b 100644
--- a/include/linux/netfilter/nf_tables.h
+++ b/include/linux/netfilter/nf_tables.h
@@ -1328,6 +1328,8 @@ enum nft_object_attributes {
  * @NFTA_FLOWTABLE_NAME: name of this flow table (NLA_STRING)
  * @NFTA_FLOWTABLE_HOOK: netfilter hook configuration(NLA_U32)
  * @NFTA_FLOWTABLE_USE: number of references to this flow table (NLA_U32)
+ * @NFTA_FLOWTABLE_HANDLE: object handle (NLA_U64)
+ * @NFTA_FLOWTABLE_SIZE: maximum size (NLA_U32)
  */
 enum nft_flowtable_attributes {
 	NFTA_FLOWTABLE_UNSPEC,
@@ -1335,6 +1337,9 @@ enum nft_flowtable_attributes {
 	NFTA_FLOWTABLE_NAME,
 	NFTA_FLOWTABLE_HOOK,
 	NFTA_FLOWTABLE_USE,
+	NFTA_FLOWTABLE_HANDLE,
+	NFTA_FLOWTABLE_PAD,
+	NFTA_FLOWTABLE_SIZE,
 	__NFTA_FLOWTABLE_MAX
 };
 #define NFTA_FLOWTABLE_MAX	(__NFTA_FLOWTABLE_MAX - 1)
diff --git a/src/flowtable.c b/src/flowtable.c
index 61f18044c491..b62aa657e793 100644
--- a/src/flowtable.c
+++ b/src/flowtable.c
@@ -26,6 +26,7 @@ struct nftnl_flowtable {
 	int			family;
 	uint32_t		hooknum;
 	int32_t			prio;
+	uint32_t		size;
 	const char		**dev_array;
 	uint32_t		dev_array_len;
 	uint32_t		use;
@@ -157,6 +158,9 @@ int nftnl_flowtable_set_data(struct nftnl_flowtable *c, uint16_t attr,
 
 		c->dev_array_len = len;
 		break;
+	case NFTNL_FLOWTABLE_SIZE:
+		memcpy(&c->size, data, sizeof(c->size));
+		break;
 	}
 	c->flags |= (1 << attr);
 	return 0;
@@ -217,6 +221,9 @@ const void *nftnl_flowtable_get_data(const struct nftnl_flowtable *c,
 		return &c->family;
 	case NFTNL_FLOWTABLE_DEVICES:
 		return &c->dev_array[0];
+	case NFTNL_FLOWTABLE_SIZE:
+		*data_len = sizeof(int32_t);
+		return &c->size;
 	}
 	return NULL;
 }
@@ -293,6 +300,8 @@ void nftnl_flowtable_nlmsg_build_payload(struct nlmsghdr *nlh,
 	}
 	if (c->flags & (1 << NFTNL_FLOWTABLE_USE))
 		mnl_attr_put_u32(nlh, NFTA_FLOWTABLE_USE, htonl(c->use));
+	if (c->flags & (1 << NFTNL_FLOWTABLE_SIZE))
+		mnl_attr_put_u32(nlh, NFTA_FLOWTABLE_SIZE, htonl(c->size));
 }
 EXPORT_SYMBOL(nftnl_flowtable_nlmsg_build_payload);
 
@@ -438,6 +447,10 @@ int nftnl_flowtable_nlmsg_parse(const struct nlmsghdr *nlh, struct nftnl_flowtab
 		c->use = ntohl(mnl_attr_get_u32(tb[NFTA_FLOWTABLE_USE]));
 		c->flags |= (1 << NFTNL_FLOWTABLE_USE);
 	}
+	if (tb[NFTA_FLOWTABLE_SIZE]) {
+		c->size = ntohl(mnl_attr_get_u32(tb[NFTA_FLOWTABLE_SIZE]));
+		c->flags |= (1 << NFTNL_FLOWTABLE_SIZE);
+	}
 
 	c->family = nfg->nfgen_family;
 	c->flags |= (1 << NFTNL_FLOWTABLE_FAMILY);
@@ -504,6 +517,7 @@ static int nftnl_jansson_parse_flowtable(struct nftnl_flowtable *c,
 {
 	const char *name, *table, *hooknum_str;
 	int32_t family, prio, hooknum;
+	uint32_t size;
 	json_t *root;
 
 	root = nftnl_jansson_get_node(tree, "flowtable", err);
@@ -536,6 +550,9 @@ static int nftnl_jansson_parse_flowtable(struct nftnl_flowtable *c,
 					       hooknum);
 		}
 	}
+	if (nftnl_jansson_parse_val(root, "size", NFTNL_TYPE_U32,
+				    &size, err) == 0)
+		nftnl_flowtable_set_u32(c, NFTNL_FLOWTABLE_SIZE, size);
 
 	return 0;
 }
@@ -628,6 +645,8 @@ static int nftnl_flowtable_export(char *buf, size_t size,
 		if (c->flags & (1 << NFTNL_FLOWTABLE_PRIO))
 			nftnl_buf_s32(&b, type, c->prio, PRIO);
 	}
+	if (c->flags & (1 << NFTNL_FLOWTABLE_SIZE))
+		nftnl_buf_u32(&b, type, c->size, SIZE);
 
 	nftnl_buf_close(&b, type, CHAIN);
 
@@ -639,8 +658,8 @@ static int nftnl_flowtable_snprintf_default(char *buf, size_t size,
 {
 	int ret, remain = size, offset = 0, i;
 
-	ret = snprintf(buf, remain, "flow table %s %s use %u",
-		       c->table, c->name, c->use);
+	ret = snprintf(buf, remain, "flow table %s %s use %u size %u",
+		       c->table, c->name, c->use, c->size);
 	SNPRINTF_BUFFER_SIZE(ret, remain, offset);
 
 	if (c->flags & (1 << NFTNL_FLOWTABLE_HOOKNUM)) {