From patchwork Tue Dec 26 19:29:00 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Harsha Sharma X-Patchwork-Id: 853012 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="Hh+wXbn/"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3z5mJJ58VVz9s4q for ; Wed, 27 Dec 2017 06:29:20 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751091AbdLZT3T (ORCPT ); Tue, 26 Dec 2017 14:29:19 -0500 Received: from mail-pf0-f194.google.com ([209.85.192.194]:44517 "EHLO mail-pf0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750822AbdLZT3T (ORCPT ); Tue, 26 Dec 2017 14:29:19 -0500 Received: by mail-pf0-f194.google.com with SMTP id m26so18984471pfj.11 for ; Tue, 26 Dec 2017 11:29:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=XD1U0Y5jtaOa0Rk6M3Xn/HOJvRlkitNVi/1CKm7CqwI=; b=Hh+wXbn/CoyhtklXoUEP162FuA4JMCUacs2ahuqT0TASX0kZUOXfA8c0LwEHWDSEmx KLSrY8ys1xCCiIt4lZyvYa/Q8GNjgfEGmMHbUDaCeZAy0pG5XYXHP/cl5gAMvps5c8ci eKBl7jnltFXVChlmd745R/4IlIhgCFibR4hWqrbzuPK6bpDXa9Ai/FrfHFkrjex0LONP apND5tDc5qaT90dHl+XvDi1IH9o0zNnBZtKVg68w21fsNKaUxHjW3fCv9kkCfS3JXDGQ ZiaZSQet1CWnsiOwd2Hh9QlBLHs3t1y13FTN/B2wf8KO/p8yoBfHd0xRDaw7mBC9d65z 9UbA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=XD1U0Y5jtaOa0Rk6M3Xn/HOJvRlkitNVi/1CKm7CqwI=; b=OAe+xHgs5KqxAlKQ7z9XtdiXrrlXxnw6XY3b7xJB76U+akm68xW/Rmg5zNaUMInM33 c2ydsmxicCqcQSh8uIVbmgLWvazlcpfW7iH5t5U+NqpV77ZY7UMBt07jYQjvghxzm4gk 6k1pxmPGXf7i6hYSQpBD493XY6RJ4Ie2aNMTtbpvxulJekWaVmhHYhZ1CNYd/wnmz/4K +BzRGdPAaLqHV3awaEKrdv4xzmM0hs/28dERahjjyrcdXrx8g+EoZPvsqIMXegC0701h b8ewcz8TSDZD6Od0NUzcURyJ/XCsKiiRUklYGUeluCrHPDbOaYazCNbTIxeq2f7WDMDT 3Iug== X-Gm-Message-State: AKGB3mJygk9DI+aKUJkrBmv0WcYw3NJ8Qnla8+GdtyvZOzj/4/B2ohDN vQ41Pfqh0RBhTdLHNnaqfVM= X-Google-Smtp-Source: ACJfBosPtt3QECB9cVtPH4eU4iEXPQ5ENk3XnQL2YK1pgFCOm/10q8PkytoqQha6dHdElcQIsfbI+w== X-Received: by 10.99.146.65 with SMTP id s1mr23737677pgn.354.1514316557995; Tue, 26 Dec 2017 11:29:17 -0800 (PST) Received: from localhost.localdomain ([2405:205:138a:b1a:647b:92ad:9650:64a7]) by smtp.gmail.com with ESMTPSA id g1sm9894544pgc.32.2017.12.26.11.29.13 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 26 Dec 2017 11:29:17 -0800 (PST) From: Harsha Sharma To: pablo@netfilter.org, harshasharmaiitr@gmail.com Cc: netfilter-devel@vger.kernel.org Subject: [PATCH v2] netfilter: nf_tables: allocate table handle Date: Wed, 27 Dec 2017 00:59:00 +0530 Message-Id: <20171226192900.3289-1-harshasharmaiitr@gmail.com> X-Mailer: git-send-email 2.11.0 Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org This patch adds code to allocate 'handle' in tables, which allow us to uniquely identify a table. Signed-off-by: Harsha Sharma --- Changes in v2: -Don't restore table handle in nf_tables_newtable -Remove spaces before tabs include/net/netfilter/nf_tables.h | 2 ++ include/uapi/linux/netfilter/nf_tables.h | 2 ++ net/netfilter/nf_tables_api.c | 7 ++++++- 3 files changed, 10 insertions(+), 1 deletion(-) diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h index 01570a8f2982..488a8d8b41d2 100644 --- a/include/net/netfilter/nf_tables.h +++ b/include/net/netfilter/nf_tables.h @@ -949,6 +949,7 @@ unsigned int nft_do_chain(struct nft_pktinfo *pkt, void *priv); * @sets: sets in the table * @objects: stateful objects in the table * @hgenerator: handle generator state + * @handle: table handle * @use: number of chain references to this table * @flags: table flag (see enum nft_table_flags) * @genmask: generation mask @@ -960,6 +961,7 @@ struct nft_table { struct list_head sets; struct list_head objects; u64 hgenerator; + u64 handle:42; u32 use; u16 flags:14, genmask:2; diff --git a/include/uapi/linux/netfilter/nf_tables.h b/include/uapi/linux/netfilter/nf_tables.h index a3ee277b17a1..a6ab9a962eae 100644 --- a/include/uapi/linux/netfilter/nf_tables.h +++ b/include/uapi/linux/netfilter/nf_tables.h @@ -168,6 +168,8 @@ enum nft_table_attributes { NFTA_TABLE_NAME, NFTA_TABLE_FLAGS, NFTA_TABLE_USE, + NFTA_TABLE_HANDLE, + NFTA_TABLE_PAD, __NFTA_TABLE_MAX }; #define NFTA_TABLE_MAX (__NFTA_TABLE_MAX - 1) diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c index d8327b43e4dc..dabdd2ed66c8 100644 --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c @@ -22,6 +22,7 @@ #include #include +static u64 table_handle; static LIST_HEAD(nf_tables_expressions); static LIST_HEAD(nf_tables_objects); @@ -430,6 +431,7 @@ static const struct nla_policy nft_table_policy[NFTA_TABLE_MAX + 1] = { [NFTA_TABLE_NAME] = { .type = NLA_STRING, .len = NFT_TABLE_MAXNAMELEN - 1 }, [NFTA_TABLE_FLAGS] = { .type = NLA_U32 }, + [NFTA_TABLE_HANDLE] = { .type = NLA_U64 }, }; static int nf_tables_fill_table_info(struct sk_buff *skb, struct net *net, @@ -451,7 +453,9 @@ static int nf_tables_fill_table_info(struct sk_buff *skb, struct net *net, if (nla_put_string(skb, NFTA_TABLE_NAME, table->name) || nla_put_be32(skb, NFTA_TABLE_FLAGS, htonl(table->flags)) || - nla_put_be32(skb, NFTA_TABLE_USE, htonl(table->use))) + nla_put_be32(skb, NFTA_TABLE_USE, htonl(table->use)) || + nla_put_be64(skb, NFTA_TABLE_HANDLE, cpu_to_be64(table->handle), + NFTA_TABLE_PAD)) goto nla_put_failure; nlmsg_end(skb, nlh); @@ -734,6 +738,7 @@ static int nf_tables_newtable(struct net *net, struct sock *nlsk, INIT_LIST_HEAD(&table->sets); INIT_LIST_HEAD(&table->objects); table->flags = flags; + table->handle = ++table_handle; nft_ctx_init(&ctx, net, skb, nlh, afi, table, NULL, nla); err = nft_trans_table_add(&ctx, NFT_MSG_NEWTABLE);