| Message ID | 20140415075842.18544.32525.stgit@nfdev.cica.es |
|---|---|
| State | Superseded |
| Headers | show |
On Tue, Apr 15, 2014 at 09:58:42AM +0200, Arturo Borrero Gonzalez wrote: > Add a helper that returns a pointer to the first set_elem in a given set. > > This function is useful in situations where you know the set only have one > element (ie, event reporting from the kernel). That doesn't seem right to me. As I said in my review of the notification patch, userspace *must* be prepared for multiple elements being reported at once since it is very likely that we will change the kernel side in the future for efficiency reasons. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Tue, Apr 15, 2014 at 10:04:32AM +0200, Patrick McHardy wrote: > On Tue, Apr 15, 2014 at 09:58:42AM +0200, Arturo Borrero Gonzalez wrote: > > Add a helper that returns a pointer to the first set_elem in a given set. > > > > This function is useful in situations where you know the set only have one > > element (ie, event reporting from the kernel). > > That doesn't seem right to me. As I said in my review of the notification > patch, userspace *must* be prepared for multiple elements being reported > at once since it is very likely that we will change the kernel side in > the future for efficiency reasons. I see. Arturo, you have to consider that the set may have more than one element in the event from userspace, even if currently we only have one single element. So use the set iterator to print all the elements in the set instead. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On 15 April 2014 10:11, Pablo Neira Ayuso <pablo@netfilter.org> wrote: > On Tue, Apr 15, 2014 at 10:04:32AM +0200, Patrick McHardy wrote: >> On Tue, Apr 15, 2014 at 09:58:42AM +0200, Arturo Borrero Gonzalez wrote: >> > Add a helper that returns a pointer to the first set_elem in a given set. >> > >> > This function is useful in situations where you know the set only have one >> > element (ie, event reporting from the kernel). >> >> That doesn't seem right to me. As I said in my review of the notification >> patch, userspace *must* be prepared for multiple elements being reported >> at once since it is very likely that we will change the kernel side in >> the future for efficiency reasons. > > I see. Arturo, you have to consider that the set may have more than > one element in the event from userspace, even if currently we only > have one single element. So use the set iterator to print all the > elements in the set instead. ok! regards.
diff --git a/include/libnftnl/set.h b/include/libnftnl/set.h index a975f1c..739fa2a 100644 --- a/include/libnftnl/set.h +++ b/include/libnftnl/set.h @@ -89,6 +89,7 @@ struct nft_set_elem *nft_set_elem_alloc(void); void nft_set_elem_free(struct nft_set_elem *s); void nft_set_elem_add(struct nft_set *s, struct nft_set_elem *elem); +struct nft_set_elem *nft_set_get_first_elem(struct nft_set *s); void nft_set_elem_attr_unset(struct nft_set_elem *s, uint16_t attr); void nft_set_elem_attr_set(struct nft_set_elem *s, uint16_t attr, const void *data, uint32_t data_len); diff --git a/src/libnftnl.map b/src/libnftnl.map index b11db67..b63c2d1 100644 --- a/src/libnftnl.map +++ b/src/libnftnl.map @@ -151,6 +151,7 @@ global: nft_set_elem_alloc; nft_set_elem_free; nft_set_elem_add; + nft_set_get_first_elem; nft_set_elem_foreach; nft_set_elem_attr_is_set; nft_set_elem_attr_unset; diff --git a/src/set.c b/src/set.c index 550c262..50107d3 100644 --- a/src/set.c +++ b/src/set.c @@ -737,6 +737,22 @@ void nft_set_elem_add(struct nft_set *s, struct nft_set_elem *elem) } EXPORT_SYMBOL(nft_set_elem_add); +struct nft_set_elem *nft_set_get_first_elem(struct nft_set *s) +{ + struct nft_set_elems_iter *sei; + struct nft_set_elem *se; + + sei = nft_set_elems_iter_create(nls); + if (sei == NULL) + return NULL; + + se = nft_set_elems_iter_cur(sei); + nft_set_elems_iter_destroy(sei); + + return se; +} +EXPORT_SYMBOL(nft_set_get_first_elem); + struct nft_set_list { struct list_head list; };
Add a helper that returns a pointer to the first set_elem in a given set. This function is useful in situations where you know the set only have one element (ie, event reporting from the kernel). Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> --- include/libnftnl/set.h | 1 + src/libnftnl.map | 1 + src/set.c | 16 ++++++++++++++++ 3 files changed, 18 insertions(+) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html