From patchwork Mon Apr 4 12:06:15 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Sowden X-Patchwork-Id: 1612960 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; secure) header.d=azazel.net header.i=@azazel.net header.a=rsa-sha256 header.s=20190108 header.b=MJNKzCLC; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2620:137:e000::1:20; helo=out1.vger.email; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Received: from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20]) by bilbo.ozlabs.org (Postfix) with ESMTP id 4KX8dR5QpSz9sGJ for ; Mon, 4 Apr 2022 22:06:35 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234821AbiDDMI0 (ORCPT ); Mon, 4 Apr 2022 08:08:26 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38882 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236964AbiDDMIZ (ORCPT ); Mon, 4 Apr 2022 08:08:25 -0400 Received: from kadath.azazel.net (unknown [IPv6:2001:8b0:135f:bcd1:e0cb:4eff:fedf:e608]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3173C3DA78 for ; Mon, 4 Apr 2022 05:06:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=azazel.net; s=20190108; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=42YeR/A8Gen7h7fisiyu00G51Q9paM/GaM/YEB6QfQo=; b=MJNKzCLCIAVKD6a1J4lQ+ZM1lG HSZL0Di/DL9vbze+yCu7nXktfQLpzlUfjHxLfb01yqGcf8EE6BW01Zpvzf2DbTJm4jpF4pG0GQxvY Dh6SsCKTxqI39gK8l1UzV8TcLBsCyzhRyJNXbiGn7hBlJVZq1TqT+HPWGOBolL97+g8CK9VjPbuBu WewkNEftT/+5GrIE5ckVT+lqjWm2kjwIXmWgUfpWT8L64knz/mUWffGDBNZWKJcL8Bwi3AYEh/XTI L3EdvZkvlOhCRd1v0wyrYPYSdeWvDemMvS4FfqTG9j2I8rp570xyX8oK9Wsd5sSvoTjP/9kiL5Kwo aeUAUaRg==; Received: from ulthar.dreamlands.azazel.net ([2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae]) by kadath.azazel.net with esmtp (Exim 4.94.2) (envelope-from ) id 1nbLTX-007FNA-Iq for netfilter-devel@vger.kernel.org; Mon, 04 Apr 2022 13:06:27 +0100 From: Jeremy Sowden To: Netfilter Devel Subject: [libnftnl PATCH v2 1/9] include: update nf_tables.h Date: Mon, 4 Apr 2022 13:06:15 +0100 Message-Id: <20220404120623.188439-2-jeremy@azazel.net> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220404120623.188439-1-jeremy@azazel.net> References: <20220404120623.188439-1-jeremy@azazel.net> MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae X-SA-Exim-Mail-From: jeremy@azazel.net X-SA-Exim-Scanned: No (on kadath.azazel.net); SAEximRunCond expanded to false X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RDNS_NONE,SPF_HELO_PASS, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org Bump it to 5.17-rc7. Signed-off-by: Jeremy Sowden --- include/linux/netfilter/nf_tables.h | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h index 0ae912054cf1..466fd3f4447c 100644 --- a/include/linux/netfilter/nf_tables.h +++ b/include/linux/netfilter/nf_tables.h @@ -753,7 +753,7 @@ enum nft_dynset_attributes { * @NFT_PAYLOAD_LL_HEADER: link layer header * @NFT_PAYLOAD_NETWORK_HEADER: network header * @NFT_PAYLOAD_TRANSPORT_HEADER: transport header - * @NFT_PAYLOAD_INNER_HEADER: inner header + * @NFT_PAYLOAD_INNER_HEADER: inner header / payload */ enum nft_payload_bases { NFT_PAYLOAD_LL_HEADER, @@ -898,7 +898,8 @@ enum nft_meta_keys { NFT_META_OIF, NFT_META_IIFNAME, NFT_META_OIFNAME, - NFT_META_IIFTYPE, + NFT_META_IFTYPE, +#define NFT_META_IIFTYPE NFT_META_IFTYPE NFT_META_OIFTYPE, NFT_META_SKUID, NFT_META_SKGID, @@ -925,6 +926,7 @@ enum nft_meta_keys { NFT_META_TIME_HOUR, NFT_META_SDIF, NFT_META_SDIFNAME, + __NFT_META_IIFTYPE, }; /** From patchwork Mon Apr 4 12:06:16 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Sowden X-Patchwork-Id: 1612961 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; secure) header.d=azazel.net header.i=@azazel.net header.a=rsa-sha256 header.s=20190108 header.b=gRGdsuii; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2620:137:e000::1:20; helo=out1.vger.email; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Received: from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20]) by bilbo.ozlabs.org (Postfix) with ESMTP id 4KX8dS5lZsz9sGf for ; Mon, 4 Apr 2022 22:06:36 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235625AbiDDMI0 (ORCPT ); Mon, 4 Apr 2022 08:08:26 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38886 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237086AbiDDMIZ (ORCPT ); Mon, 4 Apr 2022 08:08:25 -0400 Received: from kadath.azazel.net (unknown [IPv6:2001:8b0:135f:bcd1:e0cb:4eff:fedf:e608]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 75AD23DA62 for ; Mon, 4 Apr 2022 05:06:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=azazel.net; s=20190108; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=WsFa8wgagDjf0dCFZXOsmSM1LviWs9C0i4Nvri3rRwc=; b=gRGdsuiiNVmsvvdvxqVRLFUBbS zhw4QsU4qiDMtrPzuUuB5xr7HA5ev0cluSWutvPtMDBpxFcj5K5NNLAiuQS9Z4TD2a6pDCfhk9rCA 9tDt3D9f5m47ted3oA3voNT+0JWOJUcoRuyDL99/Pbt93vVQNzQzi9+qjkaIeZw2UICTCVu8/addp 9GYhtRChpHyqhE7gnoPKPyTBafEYNogVc638w3ZRJHHGB+Dhkjn9iRkZEs0nhQLzgZpM7fiFdwzoh IvYKeGDhqmN6CfMLTK29IiJQhuklmmlIrBypnk3Mv/cDxZOwYsDpXJy2nKosIEHEOvWBHAOdIJecN 9i17uM3w==; Received: from ulthar.dreamlands.azazel.net ([2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae]) by kadath.azazel.net with esmtp (Exim 4.94.2) (envelope-from ) id 1nbLTX-007FNA-Lk for netfilter-devel@vger.kernel.org; Mon, 04 Apr 2022 13:06:27 +0100 From: Jeremy Sowden To: Netfilter Devel Subject: [libnftnl PATCH v2 2/9] include: add new bitwise bit-length attribute to nf_tables.h Date: Mon, 4 Apr 2022 13:06:16 +0100 Message-Id: <20220404120623.188439-3-jeremy@azazel.net> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220404120623.188439-1-jeremy@azazel.net> References: <20220404120623.188439-1-jeremy@azazel.net> MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae X-SA-Exim-Mail-From: jeremy@azazel.net X-SA-Exim-Scanned: No (on kadath.azazel.net); SAEximRunCond expanded to false X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RDNS_NONE,SPF_HELO_PASS, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org The kernel can now keep track of the bit-length of boolean expressions. Signed-off-by: Jeremy Sowden --- include/linux/netfilter/nf_tables.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h index 466fd3f4447c..f3dcc4a34ff1 100644 --- a/include/linux/netfilter/nf_tables.h +++ b/include/linux/netfilter/nf_tables.h @@ -561,6 +561,7 @@ enum nft_bitwise_ops { * @NFTA_BITWISE_OP: type of operation (NLA_U32: nft_bitwise_ops) * @NFTA_BITWISE_DATA: argument for non-boolean operations * (NLA_NESTED: nft_data_attributes) + * @NFTA_BITWISE_NBITS: length of operation in bits (NLA_U32) * * The bitwise expression supports boolean and shift operations. It implements * the boolean operations by performing the following operation: @@ -584,6 +585,7 @@ enum nft_bitwise_attributes { NFTA_BITWISE_XOR, NFTA_BITWISE_OP, NFTA_BITWISE_DATA, + NFTA_BITWISE_NBITS, __NFTA_BITWISE_MAX }; #define NFTA_BITWISE_MAX (__NFTA_BITWISE_MAX - 1) From patchwork Mon Apr 4 12:06:17 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Sowden X-Patchwork-Id: 1612962 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; secure) header.d=azazel.net header.i=@azazel.net header.a=rsa-sha256 header.s=20190108 header.b=ZU15z2Vz; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2620:137:e000::1:20; helo=out1.vger.email; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Received: from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20]) by bilbo.ozlabs.org (Postfix) with ESMTP id 4KX8dT3zWNz9sFy for ; Mon, 4 Apr 2022 22:06:37 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237086AbiDDMI1 (ORCPT ); Mon, 4 Apr 2022 08:08:27 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38846 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233287AbiDDMIZ (ORCPT ); Mon, 4 Apr 2022 08:08:25 -0400 Received: from kadath.azazel.net (unknown [IPv6:2001:8b0:135f:bcd1:e0cb:4eff:fedf:e608]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7B5B43DA7B for ; Mon, 4 Apr 2022 05:06:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=azazel.net; s=20190108; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=I2bzdxL+k6W681H/Dr3y/gUjY9mgCEGFw8dlPh+wGxc=; b=ZU15z2VzOTMIsFAGtS3GaAxAuO LwZFHI2QtzsCSEytimDDlZs8sieytJVkqXrAICckFEdL/7qz4aJJd8WJYmoutGtvQNc0Xu0BCSZO5 v5qMNcLBKVOcB3Hbxce5afR1i2DxkFXEvT6sZYnbv1IG4W2CfwW+YCt6AqPgpFGB7vY3dtbB/v+Jl QRqzrgyA6x0WsRy8dAD4lz7d1ijqAq4XJerHbDNS7kmj0ylcG8mUMbXlxgYjt0L8TNpdZXhKf5hv2 gvXdwXfq2rd6XRHYzqcKKoH/KNsL1JlLSMLFqgnYiJDHiZQJLiYlX0/9ErWDR6KN8IE8ayf1NhaoZ 3r0ythBg==; Received: from ulthar.dreamlands.azazel.net ([2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae]) by kadath.azazel.net with esmtp (Exim 4.94.2) (envelope-from ) id 1nbLTX-007FNA-QM for netfilter-devel@vger.kernel.org; Mon, 04 Apr 2022 13:06:27 +0100 From: Jeremy Sowden To: Netfilter Devel Subject: [libnftnl PATCH v2 3/9] expr: bitwise: pass bit-length to and from the kernel Date: Mon, 4 Apr 2022 13:06:17 +0100 Message-Id: <20220404120623.188439-4-jeremy@azazel.net> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220404120623.188439-1-jeremy@azazel.net> References: <20220404120623.188439-1-jeremy@azazel.net> MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae X-SA-Exim-Mail-From: jeremy@azazel.net X-SA-Exim-Scanned: No (on kadath.azazel.net); SAEximRunCond expanded to false X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RDNS_NONE,SPF_HELO_PASS, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org The kernel can now keep track of the bit-length of bitwise operations in order to help user space eliminate generated operations during delinearization. Signed-off-by: Jeremy Sowden --- include/libnftnl/expr.h | 1 + src/expr/bitwise.c | 15 +++++++++++++++ tests/nft-expr_bitwise-test.c | 12 ++++++++++++ 3 files changed, 28 insertions(+) diff --git a/include/libnftnl/expr.h b/include/libnftnl/expr.h index 00c63ab9d19b..6adad4c222a6 100644 --- a/include/libnftnl/expr.h +++ b/include/libnftnl/expr.h @@ -128,6 +128,7 @@ enum { NFTNL_EXPR_BITWISE_XOR, NFTNL_EXPR_BITWISE_OP, NFTNL_EXPR_BITWISE_DATA, + NFTNL_EXPR_BITWISE_NBITS, }; enum { diff --git a/src/expr/bitwise.c b/src/expr/bitwise.c index d0c7827eacec..3fa627d7905d 100644 --- a/src/expr/bitwise.c +++ b/src/expr/bitwise.c @@ -29,6 +29,7 @@ struct nftnl_expr_bitwise { union nftnl_data_reg mask; union nftnl_data_reg xor; union nftnl_data_reg data; + unsigned int nbits; }; static int @@ -62,6 +63,9 @@ nftnl_expr_bitwise_set(struct nftnl_expr *e, uint16_t type, memcpy(&bitwise->data.val, data, data_len); bitwise->data.len = data_len; break; + case NFTNL_EXPR_BITWISE_NBITS: + memcpy(&bitwise->nbits, data, sizeof(bitwise->nbits)); + break; default: return -1; } @@ -96,6 +100,9 @@ nftnl_expr_bitwise_get(const struct nftnl_expr *e, uint16_t type, case NFTNL_EXPR_BITWISE_DATA: *data_len = bitwise->data.len; return &bitwise->data.val; + case NFTNL_EXPR_BITWISE_NBITS: + *data_len = sizeof(bitwise->nbits); + return &bitwise->nbits; } return NULL; } @@ -113,6 +120,7 @@ static int nftnl_expr_bitwise_cb(const struct nlattr *attr, void *data) case NFTA_BITWISE_DREG: case NFTA_BITWISE_OP: case NFTA_BITWISE_LEN: + case NFTA_BITWISE_NBITS: if (mnl_attr_validate(attr, MNL_TYPE_U32) < 0) abi_breakage(); break; @@ -141,6 +149,9 @@ nftnl_expr_bitwise_build(struct nlmsghdr *nlh, const struct nftnl_expr *e) mnl_attr_put_u32(nlh, NFTA_BITWISE_OP, htonl(bitwise->op)); if (e->flags & (1 << NFTNL_EXPR_BITWISE_LEN)) mnl_attr_put_u32(nlh, NFTA_BITWISE_LEN, htonl(bitwise->len)); + if (e->flags & (1 << NFTNL_EXPR_BITWISE_NBITS)) + mnl_attr_put_u32(nlh, NFTA_BITWISE_NBITS, + htonl(bitwise->nbits)); if (e->flags & (1 << NFTNL_EXPR_BITWISE_MASK)) { struct nlattr *nest; @@ -205,6 +216,10 @@ nftnl_expr_bitwise_parse(struct nftnl_expr *e, struct nlattr *attr) ret = nftnl_parse_data(&bitwise->data, tb[NFTA_BITWISE_DATA], NULL); e->flags |= (1 << NFTNL_EXPR_BITWISE_DATA); } + if (tb[NFTA_BITWISE_NBITS]) { + bitwise->nbits = ntohl(mnl_attr_get_u32(tb[NFTA_BITWISE_NBITS])); + e->flags |= (1 << NFTNL_EXPR_BITWISE_NBITS); + } return ret; } diff --git a/tests/nft-expr_bitwise-test.c b/tests/nft-expr_bitwise-test.c index f134728fdd86..9d01376a69bd 100644 --- a/tests/nft-expr_bitwise-test.c +++ b/tests/nft-expr_bitwise-test.c @@ -45,6 +45,9 @@ static void cmp_nftnl_expr_bool(struct nftnl_expr *rule_a, if (nftnl_expr_get_u16(rule_a, NFTNL_EXPR_BITWISE_LEN) != nftnl_expr_get_u16(rule_b, NFTNL_EXPR_BITWISE_LEN)) print_err("bool", "Expr BITWISE_LEN mismatches"); + if (nftnl_expr_get_u16(rule_a, NFTNL_EXPR_BITWISE_NBITS) != + nftnl_expr_get_u16(rule_b, NFTNL_EXPR_BITWISE_NBITS)) + print_err("bool", "Expr BITWISE_NBITS mismatches"); nftnl_expr_get(rule_a, NFTNL_EXPR_BITWISE_MASK, &maska); nftnl_expr_get(rule_b, NFTNL_EXPR_BITWISE_MASK, &maskb); if (maska != maskb) @@ -72,6 +75,9 @@ static void cmp_nftnl_expr_lshift(struct nftnl_expr *rule_a, if (nftnl_expr_get_u16(rule_a, NFTNL_EXPR_BITWISE_LEN) != nftnl_expr_get_u16(rule_b, NFTNL_EXPR_BITWISE_LEN)) print_err("lshift", "Expr BITWISE_LEN mismatches"); + if (nftnl_expr_get_u16(rule_a, NFTNL_EXPR_BITWISE_NBITS) != + nftnl_expr_get_u16(rule_b, NFTNL_EXPR_BITWISE_NBITS)) + print_err("lshift", "Expr BITWISE_NBITS mismatches"); nftnl_expr_get(rule_a, NFTNL_EXPR_BITWISE_DATA, &data_a); nftnl_expr_get(rule_b, NFTNL_EXPR_BITWISE_DATA, &data_b); if (data_a != data_b) @@ -95,6 +101,9 @@ static void cmp_nftnl_expr_rshift(struct nftnl_expr *rule_a, if (nftnl_expr_get_u16(rule_a, NFTNL_EXPR_BITWISE_LEN) != nftnl_expr_get_u16(rule_b, NFTNL_EXPR_BITWISE_LEN)) print_err("rshift", "Expr BITWISE_LEN mismatches"); + if (nftnl_expr_get_u16(rule_a, NFTNL_EXPR_BITWISE_NBITS) != + nftnl_expr_get_u16(rule_b, NFTNL_EXPR_BITWISE_NBITS)) + print_err("rshift", "Expr BITWISE_NBITS mismatches"); nftnl_expr_get(rule_a, NFTNL_EXPR_BITWISE_DATA, &data_a); nftnl_expr_get(rule_b, NFTNL_EXPR_BITWISE_DATA, &data_b); if (data_a != data_b) @@ -124,6 +133,7 @@ static void test_bool(void) nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_DREG, 0x78123456); nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_OP, NFT_BITWISE_BOOL); nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_LEN, 0x56781234); + nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_NBITS, 0x11223344); nftnl_expr_set(ex, NFTNL_EXPR_BITWISE_MASK, &mask, sizeof(mask)); nftnl_expr_set(ex, NFTNL_EXPR_BITWISE_XOR, &xor, sizeof(xor)); @@ -179,6 +189,7 @@ static void test_lshift(void) nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_DREG, 0x78123456); nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_OP, NFT_BITWISE_LSHIFT); nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_LEN, 0x56781234); + nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_NBITS, 0x11223344); nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_DATA, 13); nftnl_rule_add_expr(a, ex); @@ -233,6 +244,7 @@ static void test_rshift(void) nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_DREG, 0x78123456); nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_OP, NFT_BITWISE_RSHIFT); nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_LEN, 0x56781234); + nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_NBITS, 0x11223344); nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_DATA, 17); nftnl_rule_add_expr(a, ex); From patchwork Mon Apr 4 12:06:18 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Sowden X-Patchwork-Id: 1612964 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; secure) header.d=azazel.net header.i=@azazel.net header.a=rsa-sha256 header.s=20190108 header.b=amyouxWR; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2620:137:e000::1:20; helo=out1.vger.email; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Received: from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20]) by bilbo.ozlabs.org (Postfix) with ESMTP id 4KX8dW5K02z9sGf for ; Mon, 4 Apr 2022 22:06:39 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237021AbiDDMI3 (ORCPT ); Mon, 4 Apr 2022 08:08:29 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38848 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235739AbiDDMIZ (ORCPT ); Mon, 4 Apr 2022 08:08:25 -0400 Received: from kadath.azazel.net (unknown [IPv6:2001:8b0:135f:bcd1:e0cb:4eff:fedf:e608]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 93C243DA7D for ; Mon, 4 Apr 2022 05:06:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=azazel.net; s=20190108; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=4nsoYQ2bgmrXih9U6b3FulBAW95OoWRWepWvUC5G4ig=; b=amyouxWRAUytLjsEN1UNQLrDzC TS5gYFo4f28v9i8vlppaS+drHKqSXOu4T73OF+GTwh06+BWMOzNgDqeh0hvIEwXtDxmn0/zPWo32w /jBCjsInW+93yQP0Gg+IB0svA5KQNu+DOzJQ8NgF1lslFypYDpLWSkfAjIsKVxFtOBX2pWl7hCXcI scs4HGyyX6ZJiZa84IrgXe+4T29VVB2D15vtMK/JQFNaYbfGhzLfWeM3WjYB+7PHiIywESSnzrjTk 4fKD8vcP6dNw50MyfMoDc/NgOKvaHNzCUna7N819++ZlEhn+ZQRW+5XoV99chBsrie0zTYoEpkQ4p nkbAVAQA==; Received: from ulthar.dreamlands.azazel.net ([2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae]) by kadath.azazel.net with esmtp (Exim 4.94.2) (envelope-from ) id 1nbLTX-007FNA-UA for netfilter-devel@vger.kernel.org; Mon, 04 Apr 2022 13:06:28 +0100 From: Jeremy Sowden To: Netfilter Devel Subject: [libnftnl PATCH v2 4/9] include: add new bitwise boolean attributes to nf_tables.h Date: Mon, 4 Apr 2022 13:06:18 +0100 Message-Id: <20220404120623.188439-5-jeremy@azazel.net> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220404120623.188439-1-jeremy@azazel.net> References: <20220404120623.188439-1-jeremy@azazel.net> MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae X-SA-Exim-Mail-From: jeremy@azazel.net X-SA-Exim-Scanned: No (on kadath.azazel.net); SAEximRunCond expanded to false X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RDNS_NONE,SPF_HELO_PASS, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org The kernel now has native support for AND, OR and XOR bitwise operations. Signed-off-by: Jeremy Sowden --- include/linux/netfilter/nf_tables.h | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h index f3dcc4a34ff1..cd3e9e4ac646 100644 --- a/include/linux/netfilter/nf_tables.h +++ b/include/linux/netfilter/nf_tables.h @@ -539,16 +539,27 @@ enum nft_immediate_attributes { /** * enum nft_bitwise_ops - nf_tables bitwise operations * - * @NFT_BITWISE_BOOL: mask-and-xor operation used to implement NOT, AND, OR and - * XOR boolean operations + * @NFT_BITWISE_MASK_XOR: mask-and-xor operation used to implement NOT, AND, OR + * and XOR boolean operations * @NFT_BITWISE_LSHIFT: left-shift operation * @NFT_BITWISE_RSHIFT: right-shift operation + * @NFT_BITWISE_AND: and operation + * @NFT_BITWISE_OR: or operation + * @NFT_BITWISE_XOR: xor operation */ enum nft_bitwise_ops { - NFT_BITWISE_BOOL, + NFT_BITWISE_MASK_XOR, NFT_BITWISE_LSHIFT, NFT_BITWISE_RSHIFT, + NFT_BITWISE_AND, + NFT_BITWISE_OR, + NFT_BITWISE_XOR, }; +/* + * Old name for NFT_BITWISE_MASK_XOR, predating the addition of NFT_BITWISE_AND, + * NFT_BITWISE_OR and NFT_BITWISE_XOR. Retained for backwards-compatibility. + */ +#define NFT_BITWISE_BOOL NFT_BITWISE_MASK_XOR /** * enum nft_bitwise_attributes - nf_tables bitwise expression netlink attributes @@ -562,6 +573,7 @@ enum nft_bitwise_ops { * @NFTA_BITWISE_DATA: argument for non-boolean operations * (NLA_NESTED: nft_data_attributes) * @NFTA_BITWISE_NBITS: length of operation in bits (NLA_U32) + * @NFTA_BITWISE_SREG2: second source register (NLA_U32: nft_registers) * * The bitwise expression supports boolean and shift operations. It implements * the boolean operations by performing the following operation: @@ -586,6 +598,7 @@ enum nft_bitwise_attributes { NFTA_BITWISE_OP, NFTA_BITWISE_DATA, NFTA_BITWISE_NBITS, + NFTA_BITWISE_SREG2, __NFTA_BITWISE_MAX }; #define NFTA_BITWISE_MAX (__NFTA_BITWISE_MAX - 1) From patchwork Mon Apr 4 12:06:19 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Sowden X-Patchwork-Id: 1612963 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; secure) header.d=azazel.net header.i=@azazel.net header.a=rsa-sha256 header.s=20190108 header.b=ctVM1jS3; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2620:137:e000::1:20; helo=out1.vger.email; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Received: from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20]) by bilbo.ozlabs.org (Postfix) with ESMTP id 4KX8dV5qgTz9sGJ for ; Mon, 4 Apr 2022 22:06:38 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233287AbiDDMI2 (ORCPT ); Mon, 4 Apr 2022 08:08:28 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38904 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236845AbiDDMIZ (ORCPT ); Mon, 4 Apr 2022 08:08:25 -0400 Received: from kadath.azazel.net (unknown [IPv6:2001:8b0:135f:bcd1:e0cb:4eff:fedf:e608]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D752A3DA7E for ; Mon, 4 Apr 2022 05:06:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=azazel.net; s=20190108; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=WQwlmDZMI4sQ0WE712nKquGgmG3rQcl+8QulA3onZ2Q=; b=ctVM1jS3S2zoFkTAqWf8XJd17R QIxqOHerI1+gvsQoGOMfr9qcyakQEq/BvimQZWcZZU2jGtta3h1qbNUrtqvb/RaOOCsY9C+CC6d5W xbvQCh6SSIvg0gNXER5kHLoTHzxd4uh46H1mPpMwaPQaQBDq9I81JxqI+AhAb2+Oj7hSuBRyAi3oo Lh1EfVaIVPslCnNqAHkNKGOe0rt92JHraMcp97rKRGtdYWGmAj7jjf8SuWB5YFzQqkcxvvMMfoXId RrjzchXUE//cY5buR7n4QkO8qVA75ELWITGH2Swut+OxjEMy4xmj7kBWaw6Y8upzerwGzZoSK4yiN TvmSaQHQ==; Received: from ulthar.dreamlands.azazel.net ([2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae]) by kadath.azazel.net with esmtp (Exim 4.94.2) (envelope-from ) id 1nbLTY-007FNA-2D for netfilter-devel@vger.kernel.org; Mon, 04 Apr 2022 13:06:28 +0100 From: Jeremy Sowden To: Netfilter Devel Subject: [libnftnl PATCH v2 5/9] expr: bitwise: fix a couple of white-space mistakes Date: Mon, 4 Apr 2022 13:06:19 +0100 Message-Id: <20220404120623.188439-6-jeremy@azazel.net> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220404120623.188439-1-jeremy@azazel.net> References: <20220404120623.188439-1-jeremy@azazel.net> MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae X-SA-Exim-Mail-From: jeremy@azazel.net X-SA-Exim-Scanned: No (on kadath.azazel.net); SAEximRunCond expanded to false X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RDNS_NONE,SPF_HELO_PASS, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org Add spaces round an operator, and break a couple of long lines. Signed-off-by: Jeremy Sowden --- src/expr/bitwise.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/expr/bitwise.c b/src/expr/bitwise.c index 3fa627d7905d..d695cb1cc3a9 100644 --- a/src/expr/bitwise.c +++ b/src/expr/bitwise.c @@ -182,7 +182,7 @@ static int nftnl_expr_bitwise_parse(struct nftnl_expr *e, struct nlattr *attr) { struct nftnl_expr_bitwise *bitwise = nftnl_expr_data(e); - struct nlattr *tb[NFTA_BITWISE_MAX+1] = {}; + struct nlattr *tb[NFTA_BITWISE_MAX + 1] = {}; int ret = 0; if (mnl_attr_parse_nested(attr, nftnl_expr_bitwise_cb, tb) < 0) @@ -279,10 +279,12 @@ nftnl_expr_bitwise_snprintf(char *buf, size_t size, err = nftnl_expr_bitwise_snprintf_bool(buf, size, bitwise); break; case NFT_BITWISE_LSHIFT: - err = nftnl_expr_bitwise_snprintf_shift(buf, size, "<<", bitwise); + err = nftnl_expr_bitwise_snprintf_shift(buf, size, "<<", + bitwise); break; case NFT_BITWISE_RSHIFT: - err = nftnl_expr_bitwise_snprintf_shift(buf, size, ">>", bitwise); + err = nftnl_expr_bitwise_snprintf_shift(buf, size, ">>", + bitwise); break; } From patchwork Mon Apr 4 12:06:20 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Sowden X-Patchwork-Id: 1612965 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; secure) header.d=azazel.net header.i=@azazel.net header.a=rsa-sha256 header.s=20190108 header.b=Gnm3ZkC6; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2620:137:e000::1:20; helo=out1.vger.email; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Received: from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20]) by bilbo.ozlabs.org (Postfix) with ESMTP id 4KX8dY3Hr7z9sFy for ; Mon, 4 Apr 2022 22:06:41 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235739AbiDDMIb (ORCPT ); Mon, 4 Apr 2022 08:08:31 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38918 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232912AbiDDMIZ (ORCPT ); Mon, 4 Apr 2022 08:08:25 -0400 Received: from kadath.azazel.net (unknown [IPv6:2001:8b0:135f:bcd1:e0cb:4eff:fedf:e608]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 124873DA7F for ; Mon, 4 Apr 2022 05:06:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=azazel.net; s=20190108; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=AagCtf7xGIJ457g/dDr0GNcWght3+kazxKmjAUDNaqQ=; b=Gnm3ZkC6MYua7/QrZ0xV89a2+V RvWZmOtVjF9RgQ1vRoQmldeLfXDqmmLH922RPMarET+xQ311N9etpFJe/gO6nuIv47Ob47iPAevwN 0emCKcAO7gdjerhJaCaTXWcb4f4sii78rmp+ZIhjP3hh1n/JuZePg2n0s8Z5Ej+DqcuU/Xc7Gn2B7 kdua7qoKKNBk+E35YbtUPei0P3gKxxi93JYfk2y6xh12GGA++Bf/+Q1wiTVnLNKi67Q0A1cCamPxO TFvj9+lr0otE7QuyIkYrQ0ye3y4/5yUVuIuYE/iLTlwfthbgPVJ+UutrXc6X/jgSzL4PRt2SNC7lx cxBmwGjg==; Received: from ulthar.dreamlands.azazel.net ([2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae]) by kadath.azazel.net with esmtp (Exim 4.94.2) (envelope-from ) id 1nbLTY-007FNA-5k for netfilter-devel@vger.kernel.org; Mon, 04 Apr 2022 13:06:28 +0100 From: Jeremy Sowden To: Netfilter Devel Subject: [libnftnl PATCH v2 6/9] expr: bitwise: rename some boolean operation functions Date: Mon, 4 Apr 2022 13:06:20 +0100 Message-Id: <20220404120623.188439-7-jeremy@azazel.net> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220404120623.188439-1-jeremy@azazel.net> References: <20220404120623.188439-1-jeremy@azazel.net> MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae X-SA-Exim-Mail-From: jeremy@azazel.net X-SA-Exim-Scanned: No (on kadath.azazel.net); SAEximRunCond expanded to false X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RDNS_NONE,SPF_HELO_PASS, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org In the next patch we add support for doing AND, OR and XOR operations directly in the kernel, so rename some functions and an enum constant related to mask-and-xor boolean operations. Signed-off-by: Jeremy Sowden --- src/expr/bitwise.c | 8 ++++---- tests/nft-expr_bitwise-test.c | 36 +++++++++++++++++------------------ 2 files changed, 22 insertions(+), 22 deletions(-) diff --git a/src/expr/bitwise.c b/src/expr/bitwise.c index d695cb1cc3a9..c7428af6adf8 100644 --- a/src/expr/bitwise.c +++ b/src/expr/bitwise.c @@ -225,8 +225,8 @@ nftnl_expr_bitwise_parse(struct nftnl_expr *e, struct nlattr *attr) } static int -nftnl_expr_bitwise_snprintf_bool(char *buf, size_t remain, - const struct nftnl_expr_bitwise *bitwise) +nftnl_expr_bitwise_snprintf_mask_xor(char *buf, size_t remain, + const struct nftnl_expr_bitwise *bitwise) { int offset = 0, ret; @@ -275,8 +275,8 @@ nftnl_expr_bitwise_snprintf(char *buf, size_t size, int err = -1; switch (bitwise->op) { - case NFT_BITWISE_BOOL: - err = nftnl_expr_bitwise_snprintf_bool(buf, size, bitwise); + case NFT_BITWISE_MASK_XOR: + err = nftnl_expr_bitwise_snprintf_mask_xor(buf, size, bitwise); break; case NFT_BITWISE_LSHIFT: err = nftnl_expr_bitwise_snprintf_shift(buf, size, "<<", diff --git a/tests/nft-expr_bitwise-test.c b/tests/nft-expr_bitwise-test.c index 9d01376a69bd..96298a4a97d2 100644 --- a/tests/nft-expr_bitwise-test.c +++ b/tests/nft-expr_bitwise-test.c @@ -27,35 +27,35 @@ static void print_err(const char *test, const char *msg) printf("\033[31mERROR:\e[0m [%s] %s\n", test, msg); } -static void cmp_nftnl_expr_bool(struct nftnl_expr *rule_a, - struct nftnl_expr *rule_b) +static void cmp_nftnl_expr_mask_xor(struct nftnl_expr *rule_a, + struct nftnl_expr *rule_b) { uint32_t maska, maskb; uint32_t xora, xorb; if (nftnl_expr_get_u32(rule_a, NFTNL_EXPR_BITWISE_DREG) != nftnl_expr_get_u32(rule_b, NFTNL_EXPR_BITWISE_DREG)) - print_err("bool", "Expr BITWISE_DREG mismatches"); + print_err("mask & xor", "Expr BITWISE_DREG mismatches"); if (nftnl_expr_get_u32(rule_a, NFTNL_EXPR_BITWISE_SREG) != nftnl_expr_get_u32(rule_b, NFTNL_EXPR_BITWISE_SREG)) - print_err("bool", "Expr BITWISE_SREG mismatches"); + print_err("mask & xor", "Expr BITWISE_SREG mismatches"); if (nftnl_expr_get_u32(rule_a, NFTNL_EXPR_BITWISE_OP) != nftnl_expr_get_u32(rule_b, NFTNL_EXPR_BITWISE_OP)) - print_err("bool", "Expr BITWISE_OP mismatches"); + print_err("mask & xor", "Expr BITWISE_OP mismatches"); if (nftnl_expr_get_u16(rule_a, NFTNL_EXPR_BITWISE_LEN) != nftnl_expr_get_u16(rule_b, NFTNL_EXPR_BITWISE_LEN)) - print_err("bool", "Expr BITWISE_LEN mismatches"); + print_err("mask & xor", "Expr BITWISE_LEN mismatches"); if (nftnl_expr_get_u16(rule_a, NFTNL_EXPR_BITWISE_NBITS) != nftnl_expr_get_u16(rule_b, NFTNL_EXPR_BITWISE_NBITS)) - print_err("bool", "Expr BITWISE_NBITS mismatches"); + print_err("mask & xor", "Expr BITWISE_NBITS mismatches"); nftnl_expr_get(rule_a, NFTNL_EXPR_BITWISE_MASK, &maska); nftnl_expr_get(rule_b, NFTNL_EXPR_BITWISE_MASK, &maskb); if (maska != maskb) - print_err("bool", "Size of BITWISE_MASK mismatches"); + print_err("mask & xor", "Size of BITWISE_MASK mismatches"); nftnl_expr_get(rule_a, NFTNL_EXPR_BITWISE_XOR, &xora); nftnl_expr_get(rule_b, NFTNL_EXPR_BITWISE_XOR, &xorb); if (xora != xorb) - print_err("bool", "Size of BITWISE_XOR mismatches"); + print_err("mask & xor", "Size of BITWISE_XOR mismatches"); } static void cmp_nftnl_expr_lshift(struct nftnl_expr *rule_a, @@ -110,7 +110,7 @@ static void cmp_nftnl_expr_rshift(struct nftnl_expr *rule_a, print_err("rshift", "Expr BITWISE_DATA mismatches"); } -static void test_bool(void) +static void test_mask_xor(void) { struct nftnl_rule *a, *b = NULL; struct nftnl_expr *ex = NULL; @@ -124,10 +124,10 @@ static void test_bool(void) a = nftnl_rule_alloc(); b = nftnl_rule_alloc(); if (a == NULL || b == NULL) - print_err("bool", "OOM"); + print_err("mask & xor", "OOM"); ex = nftnl_expr_alloc("bitwise"); if (ex == NULL) - print_err("bool", "OOM"); + print_err("mask & xor", "OOM"); nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_SREG, 0x12345678); nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_DREG, 0x78123456); @@ -143,26 +143,26 @@ static void test_bool(void) nftnl_rule_nlmsg_build_payload(nlh, a); if (nftnl_rule_nlmsg_parse(nlh, b) < 0) - print_err("bool", "parsing problems"); + print_err("mask & xor", "parsing problems"); iter_a = nftnl_expr_iter_create(a); iter_b = nftnl_expr_iter_create(b); if (iter_a == NULL || iter_b == NULL) - print_err("bool", "OOM"); + print_err("mask & xor", "OOM"); rule_a = nftnl_expr_iter_next(iter_a); rule_b = nftnl_expr_iter_next(iter_b); if (rule_a == NULL || rule_b == NULL) - print_err("bool", "OOM"); + print_err("mask & xor", "OOM"); if (nftnl_expr_iter_next(iter_a) != NULL || nftnl_expr_iter_next(iter_b) != NULL) - print_err("bool", "More 1 expr."); + print_err("mask & xor", "More 1 expr."); nftnl_expr_iter_destroy(iter_a); nftnl_expr_iter_destroy(iter_b); - cmp_nftnl_expr_bool(rule_a,rule_b); + cmp_nftnl_expr_mask_xor(rule_a,rule_b); nftnl_rule_free(a); nftnl_rule_free(b); @@ -280,7 +280,7 @@ static void test_rshift(void) int main(int argc, char *argv[]) { - test_bool(); + test_mask_xor(); if (!test_ok) exit(EXIT_FAILURE); From patchwork Mon Apr 4 12:06:21 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Sowden X-Patchwork-Id: 1612968 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; secure) header.d=azazel.net header.i=@azazel.net header.a=rsa-sha256 header.s=20190108 header.b=AVlqtCd8; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2620:137:e000::1:20; helo=out1.vger.email; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Received: from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20]) by bilbo.ozlabs.org (Postfix) with ESMTP id 4KX8dd4GZDz9sFy for ; Mon, 4 Apr 2022 22:06:45 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236964AbiDDMIg (ORCPT ); Mon, 4 Apr 2022 08:08:36 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38936 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236944AbiDDMI0 (ORCPT ); Mon, 4 Apr 2022 08:08:26 -0400 Received: from kadath.azazel.net (unknown [IPv6:2001:8b0:135f:bcd1:e0cb:4eff:fedf:e608]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 127613DDC0 for ; Mon, 4 Apr 2022 05:06:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=azazel.net; s=20190108; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=KZLXTjHiBYDanp4xxjZerTaxMdfU9O/sjCutVCzFHgs=; b=AVlqtCd88amN27mi4HL5c/Bw7U 77dzebqfoIXPyIxgP5pH6Dve5s51oKXknShPos/+3bXpbJoB0cX9cxDpiYDKN8v2V/F6nE5Xeug/p DGQxqbasBY7VhmtZCK5Bahni1oF+wp+vlURAHhQzl8nbNivJd+ZGzRuCnGNji8SgaM/wbmGlGYCAz ZXV4hWF+DjHgYMavQ3tN4ZbqPBv5KN5ZlenIm7S7juZ0mPKvonSxSb+UjWd3/fJjiRtJqTHUSrWQ8 Huk1r/NczmoL/fsHwBa9ioFaUIzYUnMa1TV2tDiQNo/vRfAUS1HChCo+Bip7PqCEjLfzW7tIV8zv+ U6gnZlug==; Received: from ulthar.dreamlands.azazel.net ([2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae]) by kadath.azazel.net with esmtp (Exim 4.94.2) (envelope-from ) id 1nbLTY-007FNA-A7 for netfilter-devel@vger.kernel.org; Mon, 04 Apr 2022 13:06:28 +0100 From: Jeremy Sowden To: Netfilter Devel Subject: [libnftnl PATCH v2 7/9] expr: bitwise: add support for kernel space AND, OR and XOR operations Date: Mon, 4 Apr 2022 13:06:21 +0100 Message-Id: <20220404120623.188439-8-jeremy@azazel.net> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220404120623.188439-1-jeremy@azazel.net> References: <20220404120623.188439-1-jeremy@azazel.net> MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae X-SA-Exim-Mail-From: jeremy@azazel.net X-SA-Exim-Scanned: No (on kadath.azazel.net); SAEximRunCond expanded to false X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RDNS_NONE,SPF_HELO_PASS, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org Hitherto, the kernel has only supported boolean operations of the form: dst = (src & mask) ^ xor where `src` is held in a register, and `mask` and `xor` are immediate values. User space has converted AND, OR and XOR operations to this form, and so one operand has had to be immediate. The kernel now supports performing AND, OR and XOR operations directly, on one register and an immediate value or on two registers, so we make that support available to user space. Signed-off-by: Jeremy Sowden --- include/libnftnl/expr.h | 1 + src/expr/bitwise.c | 55 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 56 insertions(+) diff --git a/include/libnftnl/expr.h b/include/libnftnl/expr.h index 6adad4c222a6..be91e2dc58ca 100644 --- a/include/libnftnl/expr.h +++ b/include/libnftnl/expr.h @@ -129,6 +129,7 @@ enum { NFTNL_EXPR_BITWISE_OP, NFTNL_EXPR_BITWISE_DATA, NFTNL_EXPR_BITWISE_NBITS, + NFTNL_EXPR_BITWISE_SREG2, }; enum { diff --git a/src/expr/bitwise.c b/src/expr/bitwise.c index c7428af6adf8..e2ebd83fee0e 100644 --- a/src/expr/bitwise.c +++ b/src/expr/bitwise.c @@ -23,6 +23,7 @@ struct nftnl_expr_bitwise { enum nft_registers sreg; + enum nft_registers sreg2; enum nft_registers dreg; enum nft_bitwise_ops op; unsigned int len; @@ -42,6 +43,11 @@ nftnl_expr_bitwise_set(struct nftnl_expr *e, uint16_t type, case NFTNL_EXPR_BITWISE_SREG: memcpy(&bitwise->sreg, data, sizeof(bitwise->sreg)); break; + case NFTNL_EXPR_BITWISE_SREG2: + if (e->flags & (1 << NFTNL_EXPR_BITWISE_DATA)) + return -1; + memcpy(&bitwise->sreg2, data, sizeof(bitwise->sreg2)); + break; case NFTNL_EXPR_BITWISE_DREG: memcpy(&bitwise->dreg, data, sizeof(bitwise->dreg)); break; @@ -60,6 +66,8 @@ nftnl_expr_bitwise_set(struct nftnl_expr *e, uint16_t type, bitwise->xor.len = data_len; break; case NFTNL_EXPR_BITWISE_DATA: + if (e->flags & (1 << NFTNL_EXPR_BITWISE_SREG2)) + return -1; memcpy(&bitwise->data.val, data, data_len); bitwise->data.len = data_len; break; @@ -82,6 +90,9 @@ nftnl_expr_bitwise_get(const struct nftnl_expr *e, uint16_t type, case NFTNL_EXPR_BITWISE_SREG: *data_len = sizeof(bitwise->sreg); return &bitwise->sreg; + case NFTNL_EXPR_BITWISE_SREG2: + *data_len = sizeof(bitwise->sreg2); + return &bitwise->sreg2; case NFTNL_EXPR_BITWISE_DREG: *data_len = sizeof(bitwise->dreg); return &bitwise->dreg; @@ -117,6 +128,7 @@ static int nftnl_expr_bitwise_cb(const struct nlattr *attr, void *data) switch(type) { case NFTA_BITWISE_SREG: + case NFTA_BITWISE_SREG2: case NFTA_BITWISE_DREG: case NFTA_BITWISE_OP: case NFTA_BITWISE_LEN: @@ -143,6 +155,8 @@ nftnl_expr_bitwise_build(struct nlmsghdr *nlh, const struct nftnl_expr *e) if (e->flags & (1 << NFTNL_EXPR_BITWISE_SREG)) mnl_attr_put_u32(nlh, NFTA_BITWISE_SREG, htonl(bitwise->sreg)); + if (e->flags & (1 << NFTNL_EXPR_BITWISE_SREG2)) + mnl_attr_put_u32(nlh, NFTA_BITWISE_SREG2, htonl(bitwise->sreg2)); if (e->flags & (1 << NFTNL_EXPR_BITWISE_DREG)) mnl_attr_put_u32(nlh, NFTA_BITWISE_DREG, htonl(bitwise->dreg)); if (e->flags & (1 << NFTNL_EXPR_BITWISE_OP)) @@ -192,6 +206,10 @@ nftnl_expr_bitwise_parse(struct nftnl_expr *e, struct nlattr *attr) bitwise->sreg = ntohl(mnl_attr_get_u32(tb[NFTA_BITWISE_SREG])); e->flags |= (1 << NFTNL_EXPR_BITWISE_SREG); } + if (tb[NFTA_BITWISE_SREG2]) { + bitwise->sreg2 = ntohl(mnl_attr_get_u32(tb[NFTA_BITWISE_SREG2])); + e->flags |= (1 << NFTNL_EXPR_BITWISE_SREG2); + } if (tb[NFTA_BITWISE_DREG]) { bitwise->dreg = ntohl(mnl_attr_get_u32(tb[NFTA_BITWISE_DREG])); e->flags |= (1 << NFTNL_EXPR_BITWISE_DREG); @@ -267,6 +285,31 @@ nftnl_expr_bitwise_snprintf_shift(char *buf, size_t remain, const char *op, return offset; } +static int +nftnl_expr_bitwise_snprintf_bool(char *buf, size_t remain, const char *op, + const struct nftnl_expr *e, + const struct nftnl_expr_bitwise *bitwise) +{ + int offset = 0, ret; + + ret = snprintf(buf, remain, "reg %u = ( reg %u %s ", + bitwise->dreg, bitwise->sreg, op); + SNPRINTF_BUFFER_SIZE(ret, remain, offset); + + if (e->flags & (1 << NFTNL_EXPR_BITWISE_SREG2)) + ret = snprintf(buf + offset, remain, "reg %u ", bitwise->sreg2); + else + ret = nftnl_data_reg_snprintf(buf + offset, remain, + &bitwise->data, + 0, DATA_VALUE); + SNPRINTF_BUFFER_SIZE(ret, remain, offset); + + ret = snprintf(buf + offset, remain, ") "); + SNPRINTF_BUFFER_SIZE(ret, remain, offset); + + return offset; +} + static int nftnl_expr_bitwise_snprintf(char *buf, size_t size, uint32_t flags, const struct nftnl_expr *e) @@ -286,6 +329,18 @@ nftnl_expr_bitwise_snprintf(char *buf, size_t size, err = nftnl_expr_bitwise_snprintf_shift(buf, size, ">>", bitwise); break; + case NFT_BITWISE_AND: + err = nftnl_expr_bitwise_snprintf_bool(buf, size, "&", e, + bitwise); + break; + case NFT_BITWISE_OR: + err = nftnl_expr_bitwise_snprintf_bool(buf, size, "|", e, + bitwise); + break; + case NFT_BITWISE_XOR: + err = nftnl_expr_bitwise_snprintf_bool(buf, size, "^", e, + bitwise); + break; } return err; From patchwork Mon Apr 4 12:06:22 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Sowden X-Patchwork-Id: 1612967 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; secure) header.d=azazel.net header.i=@azazel.net header.a=rsa-sha256 header.s=20190108 header.b=Sgf1QY+q; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2620:137:e000::1:20; helo=out1.vger.email; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Received: from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20]) by bilbo.ozlabs.org (Postfix) with ESMTP id 4KX8dc2FfDz9sGf for ; Mon, 4 Apr 2022 22:06:44 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237379AbiDDMIe (ORCPT ); Mon, 4 Apr 2022 08:08:34 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38940 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236964AbiDDMI0 (ORCPT ); Mon, 4 Apr 2022 08:08:26 -0400 Received: from kadath.azazel.net (unknown [IPv6:2001:8b0:135f:bcd1:e0cb:4eff:fedf:e608]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 16BFE3DDC3 for ; Mon, 4 Apr 2022 05:06:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=azazel.net; s=20190108; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=owonsmGp7Udrvmblrix9dbLtwwiDelEkhhGyOdNakIo=; b=Sgf1QY+qxJtWjt1+6MqidNFdS8 0x/a17wtQoVM9vOh+e8GqSdqe3VSM24pARGuMicYJ6Vg4n5SmVJb2k14wy3nmmSKKFupCRW13drMs tOHEWPItp1IMYag1FTbXg771uvl9u2nhgYevOfQS/VUcMDoc/Bxxe4HTTxTKu6mZO5EUAfz29xNVV 6xa/igi9bTCeGw5JcHrqmnM8eTCFE8PYr4k/Oo4HYl8jrIRQ1ORH/loFkpkHWgG/Mm+MJ2j7hFYWf 80Tx6dizjIjnV5M9R2eQP2gQdWUKjN2ASJgPmcQUlYdcJNHM3s5vYTBLF9YMIbufOlqYkbMPGWQhf +OCBNUew==; Received: from ulthar.dreamlands.azazel.net ([2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae]) by kadath.azazel.net with esmtp (Exim 4.94.2) (envelope-from ) id 1nbLTY-007FNA-DK for netfilter-devel@vger.kernel.org; Mon, 04 Apr 2022 13:06:28 +0100 From: Jeremy Sowden To: Netfilter Devel Subject: [libnftnl PATCH v2 8/9] tests: bitwise: refactor shift tests Date: Mon, 4 Apr 2022 13:06:22 +0100 Message-Id: <20220404120623.188439-9-jeremy@azazel.net> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220404120623.188439-1-jeremy@azazel.net> References: <20220404120623.188439-1-jeremy@azazel.net> MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae X-SA-Exim-Mail-From: jeremy@azazel.net X-SA-Exim-Scanned: No (on kadath.azazel.net); SAEximRunCond expanded to false X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RDNS_NONE,SPF_HELO_PASS, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org Deduplicate shift tests: instead of having separate implementations for left- and right-shifts, have one and pass the operation to it. Signed-off-by: Jeremy Sowden --- tests/nft-expr_bitwise-test.c | 163 ++++++++++------------------------ 1 file changed, 47 insertions(+), 116 deletions(-) diff --git a/tests/nft-expr_bitwise-test.c b/tests/nft-expr_bitwise-test.c index 96298a4a97d2..5e7e277a5081 100644 --- a/tests/nft-expr_bitwise-test.c +++ b/tests/nft-expr_bitwise-test.c @@ -58,58 +58,6 @@ static void cmp_nftnl_expr_mask_xor(struct nftnl_expr *rule_a, print_err("mask & xor", "Size of BITWISE_XOR mismatches"); } -static void cmp_nftnl_expr_lshift(struct nftnl_expr *rule_a, - struct nftnl_expr *rule_b) -{ - uint32_t data_a, data_b; - - if (nftnl_expr_get_u32(rule_a, NFTNL_EXPR_BITWISE_DREG) != - nftnl_expr_get_u32(rule_b, NFTNL_EXPR_BITWISE_DREG)) - print_err("lshift", "Expr BITWISE_DREG mismatches"); - if (nftnl_expr_get_u32(rule_a, NFTNL_EXPR_BITWISE_SREG) != - nftnl_expr_get_u32(rule_b, NFTNL_EXPR_BITWISE_SREG)) - print_err("lshift", "Expr BITWISE_SREG mismatches"); - if (nftnl_expr_get_u32(rule_a, NFTNL_EXPR_BITWISE_OP) != - nftnl_expr_get_u32(rule_b, NFTNL_EXPR_BITWISE_OP)) - print_err("lshift", "Expr BITWISE_OP mismatches"); - if (nftnl_expr_get_u16(rule_a, NFTNL_EXPR_BITWISE_LEN) != - nftnl_expr_get_u16(rule_b, NFTNL_EXPR_BITWISE_LEN)) - print_err("lshift", "Expr BITWISE_LEN mismatches"); - if (nftnl_expr_get_u16(rule_a, NFTNL_EXPR_BITWISE_NBITS) != - nftnl_expr_get_u16(rule_b, NFTNL_EXPR_BITWISE_NBITS)) - print_err("lshift", "Expr BITWISE_NBITS mismatches"); - nftnl_expr_get(rule_a, NFTNL_EXPR_BITWISE_DATA, &data_a); - nftnl_expr_get(rule_b, NFTNL_EXPR_BITWISE_DATA, &data_b); - if (data_a != data_b) - print_err("lshift", "Expr BITWISE_DATA mismatches"); -} - -static void cmp_nftnl_expr_rshift(struct nftnl_expr *rule_a, - struct nftnl_expr *rule_b) -{ - uint32_t data_a, data_b; - - if (nftnl_expr_get_u32(rule_a, NFTNL_EXPR_BITWISE_DREG) != - nftnl_expr_get_u32(rule_b, NFTNL_EXPR_BITWISE_DREG)) - print_err("rshift", "Expr BITWISE_DREG mismatches"); - if (nftnl_expr_get_u32(rule_a, NFTNL_EXPR_BITWISE_SREG) != - nftnl_expr_get_u32(rule_b, NFTNL_EXPR_BITWISE_SREG)) - print_err("rshift", "Expr BITWISE_SREG mismatches"); - if (nftnl_expr_get_u32(rule_a, NFTNL_EXPR_BITWISE_OP) != - nftnl_expr_get_u32(rule_b, NFTNL_EXPR_BITWISE_OP)) - print_err("rshift", "Expr BITWISE_OP mismatches"); - if (nftnl_expr_get_u16(rule_a, NFTNL_EXPR_BITWISE_LEN) != - nftnl_expr_get_u16(rule_b, NFTNL_EXPR_BITWISE_LEN)) - print_err("rshift", "Expr BITWISE_LEN mismatches"); - if (nftnl_expr_get_u16(rule_a, NFTNL_EXPR_BITWISE_NBITS) != - nftnl_expr_get_u16(rule_b, NFTNL_EXPR_BITWISE_NBITS)) - print_err("rshift", "Expr BITWISE_NBITS mismatches"); - nftnl_expr_get(rule_a, NFTNL_EXPR_BITWISE_DATA, &data_a); - nftnl_expr_get(rule_b, NFTNL_EXPR_BITWISE_DATA, &data_b); - if (data_a != data_b) - print_err("rshift", "Expr BITWISE_DATA mismatches"); -} - static void test_mask_xor(void) { struct nftnl_rule *a, *b = NULL; @@ -168,26 +116,54 @@ static void test_mask_xor(void) nftnl_rule_free(b); } -static void test_lshift(void) +static void cmp_nftnl_expr_shift(const char *opname, + const struct nftnl_expr *rule_a, + const struct nftnl_expr *rule_b) { - struct nftnl_rule *a, *b = NULL; - struct nftnl_expr *ex = NULL; + uint32_t data_a, data_b; + + if (nftnl_expr_get_u32(rule_a, NFTNL_EXPR_BITWISE_DREG) != + nftnl_expr_get_u32(rule_b, NFTNL_EXPR_BITWISE_DREG)) + print_err(opname, "Expr BITWISE_DREG mismatches"); + if (nftnl_expr_get_u32(rule_a, NFTNL_EXPR_BITWISE_SREG) != + nftnl_expr_get_u32(rule_b, NFTNL_EXPR_BITWISE_SREG)) + print_err(opname, "Expr BITWISE_SREG mismatches"); + if (nftnl_expr_get_u32(rule_a, NFTNL_EXPR_BITWISE_OP) != + nftnl_expr_get_u32(rule_b, NFTNL_EXPR_BITWISE_OP)) + print_err(opname, "Expr BITWISE_OP mismatches"); + if (nftnl_expr_get_u16(rule_a, NFTNL_EXPR_BITWISE_LEN) != + nftnl_expr_get_u16(rule_b, NFTNL_EXPR_BITWISE_LEN)) + print_err(opname, "Expr BITWISE_LEN mismatches"); + if (nftnl_expr_get_u16(rule_a, NFTNL_EXPR_BITWISE_NBITS) != + nftnl_expr_get_u16(rule_b, NFTNL_EXPR_BITWISE_NBITS)) + print_err(opname, "Expr BITWISE_NBITS mismatches"); + nftnl_expr_get(rule_a, NFTNL_EXPR_BITWISE_DATA, &data_a); + nftnl_expr_get(rule_b, NFTNL_EXPR_BITWISE_DATA, &data_b); + if (data_a != data_b) + print_err(opname, "Expr BITWISE_DATA mismatches"); +} + +static void test_shift(enum nft_bitwise_ops op) +{ + struct nftnl_rule *a, *b; + struct nftnl_expr *ex; struct nlmsghdr *nlh; char buf[4096]; - struct nftnl_expr_iter *iter_a, *iter_b = NULL; - struct nftnl_expr *rule_a, *rule_b = NULL; + struct nftnl_expr_iter *iter_a, *iter_b; + struct nftnl_expr *rule_a, *rule_b; + const char *opname = op == NFT_BITWISE_LSHIFT ? "lshift" : "rshift"; a = nftnl_rule_alloc(); b = nftnl_rule_alloc(); if (a == NULL || b == NULL) - print_err("lshift", "OOM"); + print_err(opname, "OOM"); ex = nftnl_expr_alloc("bitwise"); if (ex == NULL) - print_err("lshift", "OOM"); + print_err(opname, "OOM"); nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_SREG, 0x12345678); nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_DREG, 0x78123456); - nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_OP, NFT_BITWISE_LSHIFT); + nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_OP, op); nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_LEN, 0x56781234); nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_NBITS, 0x11223344); nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_DATA, 13); @@ -198,84 +174,39 @@ static void test_lshift(void) nftnl_rule_nlmsg_build_payload(nlh, a); if (nftnl_rule_nlmsg_parse(nlh, b) < 0) - print_err("lshift", "parsing problems"); + print_err(opname, "parsing problems"); iter_a = nftnl_expr_iter_create(a); iter_b = nftnl_expr_iter_create(b); if (iter_a == NULL || iter_b == NULL) - print_err("lshift", "OOM"); + print_err(opname, "OOM"); rule_a = nftnl_expr_iter_next(iter_a); rule_b = nftnl_expr_iter_next(iter_b); if (rule_a == NULL || rule_b == NULL) - print_err("lshift", "OOM"); + print_err(opname, "OOM"); if (nftnl_expr_iter_next(iter_a) != NULL || nftnl_expr_iter_next(iter_b) != NULL) - print_err("lshift", "More 1 expr."); + print_err(opname, "More 1 expr."); nftnl_expr_iter_destroy(iter_a); nftnl_expr_iter_destroy(iter_b); - cmp_nftnl_expr_lshift(rule_a,rule_b); + cmp_nftnl_expr_shift(opname, rule_a, rule_b); nftnl_rule_free(a); nftnl_rule_free(b); } -static void test_rshift(void) +static void test_lshift(void) { - struct nftnl_rule *a, *b = NULL; - struct nftnl_expr *ex = NULL; - struct nlmsghdr *nlh; - char buf[4096]; - struct nftnl_expr_iter *iter_a, *iter_b = NULL; - struct nftnl_expr *rule_a, *rule_b = NULL; - - a = nftnl_rule_alloc(); - b = nftnl_rule_alloc(); - if (a == NULL || b == NULL) - print_err("rshift", "OOM"); - ex = nftnl_expr_alloc("bitwise"); - if (ex == NULL) - print_err("rshift", "OOM"); - - nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_SREG, 0x12345678); - nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_DREG, 0x78123456); - nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_OP, NFT_BITWISE_RSHIFT); - nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_LEN, 0x56781234); - nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_NBITS, 0x11223344); - nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_DATA, 17); - - nftnl_rule_add_expr(a, ex); - - nlh = nftnl_rule_nlmsg_build_hdr(buf, NFT_MSG_NEWRULE, AF_INET, 0, 1234); - nftnl_rule_nlmsg_build_payload(nlh, a); - - if (nftnl_rule_nlmsg_parse(nlh, b) < 0) - print_err("rshift", "parsing problems"); - - iter_a = nftnl_expr_iter_create(a); - iter_b = nftnl_expr_iter_create(b); - if (iter_a == NULL || iter_b == NULL) - print_err("rshift", "OOM"); - - rule_a = nftnl_expr_iter_next(iter_a); - rule_b = nftnl_expr_iter_next(iter_b); - if (rule_a == NULL || rule_b == NULL) - print_err("rshift", "OOM"); - - if (nftnl_expr_iter_next(iter_a) != NULL || - nftnl_expr_iter_next(iter_b) != NULL) - print_err("rshift", "More 1 expr."); - - nftnl_expr_iter_destroy(iter_a); - nftnl_expr_iter_destroy(iter_b); - - cmp_nftnl_expr_rshift(rule_a,rule_b); + test_shift(NFT_BITWISE_LSHIFT); +} - nftnl_rule_free(a); - nftnl_rule_free(b); +static void test_rshift(void) +{ + test_shift(NFT_BITWISE_RSHIFT); } int main(int argc, char *argv[]) From patchwork Mon Apr 4 12:06:23 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeremy Sowden X-Patchwork-Id: 1612966 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; secure) header.d=azazel.net header.i=@azazel.net header.a=rsa-sha256 header.s=20190108 header.b=sMa9fQSU; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org (client-ip=2620:137:e000::1:20; helo=out1.vger.email; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Received: from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20]) by bilbo.ozlabs.org (Postfix) with ESMTP id 4KX8dZ6y3Fz9sGJ for ; Mon, 4 Apr 2022 22:06:42 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232912AbiDDMIc (ORCPT ); Mon, 4 Apr 2022 08:08:32 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38938 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236869AbiDDMI0 (ORCPT ); Mon, 4 Apr 2022 08:08:26 -0400 Received: from kadath.azazel.net (unknown [IPv6:2001:8b0:135f:bcd1:e0cb:4eff:fedf:e608]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 512D43DA61 for ; Mon, 4 Apr 2022 05:06:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=azazel.net; s=20190108; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=7y2adnOkir0FaL/gNIRALlSBxnY1d9TpGCPzRTo0gBQ=; b=sMa9fQSU6kBj84C53FrMvq0kzF NpmiKYEpmHrI1MsXsjg6ZVhrTFy2eUbSAqkFynwKuPk0RiPR0bvEFg1XBqrJ5bc8acf7qkQkA7RxR PV4p4Si7KV5pQzE7482Yt1AfNGelyXui6RTv4fDt68movGzlESt7sRWTITR43++V9C9laHOh9KTfY 5oBXBnvT2udaidTd8qmK1r97G71eEZwk8ChW7xr4noM5rovQ0Q+ZAl9cUoQeSmM+8P38QnWECJvnK aotKl4ja4pdd7BiMVX5d4e9PZdAYQ9H92k7Vf49ChqpPy4Xf30YpSOqUX7V+MuuTb553IewW2DGGN 940EvImA==; Received: from ulthar.dreamlands.azazel.net ([2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae]) by kadath.azazel.net with esmtp (Exim 4.94.2) (envelope-from ) id 1nbLTY-007FNA-Fx for netfilter-devel@vger.kernel.org; Mon, 04 Apr 2022 13:06:28 +0100 From: Jeremy Sowden To: Netfilter Devel Subject: [libnftnl PATCH v2 9/9] tests: bitwise: add tests for new boolean operations Date: Mon, 4 Apr 2022 13:06:23 +0100 Message-Id: <20220404120623.188439-10-jeremy@azazel.net> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220404120623.188439-1-jeremy@azazel.net> References: <20220404120623.188439-1-jeremy@azazel.net> MIME-Version: 1.0 X-SA-Exim-Connect-IP: 2001:8b0:fb7d:d6d7:2e4d:54ff:fe4b:a9ae X-SA-Exim-Mail-From: jeremy@azazel.net X-SA-Exim-Scanned: No (on kadath.azazel.net); SAEximRunCond expanded to false X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RDNS_NONE,SPF_HELO_PASS, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org We already have tests for mask-and-xor operations with constant RHS operands. Add tests for new operations with variable RHS operands. Signed-off-by: Jeremy Sowden --- tests/nft-expr_bitwise-test.c | 109 ++++++++++++++++++++++++++++++++++ 1 file changed, 109 insertions(+) diff --git a/tests/nft-expr_bitwise-test.c b/tests/nft-expr_bitwise-test.c index 5e7e277a5081..b613d7d70d49 100644 --- a/tests/nft-expr_bitwise-test.c +++ b/tests/nft-expr_bitwise-test.c @@ -209,6 +209,103 @@ static void test_rshift(void) test_shift(NFT_BITWISE_RSHIFT); } +static void cmp_nftnl_expr_bool(const char *opname, + const struct nftnl_expr *rule_a, + const struct nftnl_expr *rule_b) +{ + if (nftnl_expr_get_u32(rule_a, NFTNL_EXPR_BITWISE_DREG) != + nftnl_expr_get_u32(rule_b, NFTNL_EXPR_BITWISE_DREG)) + print_err(opname, "Expr BITWISE_DREG mismatches"); + if (nftnl_expr_get_u32(rule_a, NFTNL_EXPR_BITWISE_SREG) != + nftnl_expr_get_u32(rule_b, NFTNL_EXPR_BITWISE_SREG)) + print_err(opname, "Expr BITWISE_SREG mismatches"); + if (nftnl_expr_get_u32(rule_a, NFTNL_EXPR_BITWISE_SREG2) != + nftnl_expr_get_u32(rule_b, NFTNL_EXPR_BITWISE_SREG2)) + print_err(opname, "Expr BITWISE_SREG2 mismatches"); + if (nftnl_expr_get_u32(rule_a, NFTNL_EXPR_BITWISE_OP) != + nftnl_expr_get_u32(rule_b, NFTNL_EXPR_BITWISE_OP)) + print_err(opname, "Expr BITWISE_OP mismatches"); + if (nftnl_expr_get_u16(rule_a, NFTNL_EXPR_BITWISE_LEN) != + nftnl_expr_get_u16(rule_b, NFTNL_EXPR_BITWISE_LEN)) + print_err(opname, "Expr BITWISE_LEN mismatches"); + if (nftnl_expr_get_u16(rule_a, NFTNL_EXPR_BITWISE_NBITS) != + nftnl_expr_get_u16(rule_b, NFTNL_EXPR_BITWISE_NBITS)) + print_err(opname, "Expr BITWISE_NBITS mismatches"); +} + +static void test_bool(enum nft_bitwise_ops op) +{ + struct nftnl_rule *a, *b; + struct nftnl_expr *ex; + struct nlmsghdr *nlh; + char buf[4096]; + struct nftnl_expr_iter *iter_a, *iter_b; + struct nftnl_expr *rule_a, *rule_b; + const char *opname = + op == NFT_BITWISE_AND ? "and" : + op == NFT_BITWISE_OR ? "or" : "xor"; + + a = nftnl_rule_alloc(); + b = nftnl_rule_alloc(); + if (a == NULL || b == NULL) + print_err(opname, "OOM"); + ex = nftnl_expr_alloc("bitwise"); + if (ex == NULL) + print_err(opname, "OOM"); + + nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_SREG, 0x12345678); + nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_SREG2, 0x90abcdef); + nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_DREG, 0x78123456); + nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_OP, op); + nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_LEN, 0x56781234); + nftnl_expr_set_u32(ex, NFTNL_EXPR_BITWISE_NBITS, 0x11223344); + + nftnl_rule_add_expr(a, ex); + + nlh = nftnl_rule_nlmsg_build_hdr(buf, NFT_MSG_NEWRULE, AF_INET, 0, 1234); + nftnl_rule_nlmsg_build_payload(nlh, a); + + if (nftnl_rule_nlmsg_parse(nlh, b) < 0) + print_err(opname, "parsing problems"); + + iter_a = nftnl_expr_iter_create(a); + iter_b = nftnl_expr_iter_create(b); + if (iter_a == NULL || iter_b == NULL) + print_err(opname, "OOM"); + + rule_a = nftnl_expr_iter_next(iter_a); + rule_b = nftnl_expr_iter_next(iter_b); + if (rule_a == NULL || rule_b == NULL) + print_err(opname, "OOM"); + + if (nftnl_expr_iter_next(iter_a) != NULL || + nftnl_expr_iter_next(iter_b) != NULL) + print_err(opname, "More 1 expr."); + + nftnl_expr_iter_destroy(iter_a); + nftnl_expr_iter_destroy(iter_b); + + cmp_nftnl_expr_bool(opname, rule_a, rule_b); + + nftnl_rule_free(a); + nftnl_rule_free(b); +} + +static void test_and(void) +{ + test_bool(NFT_BITWISE_AND); +} + +static void test_or(void) +{ + test_bool(NFT_BITWISE_OR); +} + +static void test_xor(void) +{ + test_bool(NFT_BITWISE_XOR); +} + int main(int argc, char *argv[]) { test_mask_xor(); @@ -223,6 +320,18 @@ int main(int argc, char *argv[]) if (!test_ok) exit(EXIT_FAILURE); + test_and(); + if (!test_ok) + exit(EXIT_FAILURE); + + test_or(); + if (!test_ok) + exit(EXIT_FAILURE); + + test_xor(); + if (!test_ok) + exit(EXIT_FAILURE); + printf("%s: \033[32mOK\e[0m\n", argv[0]); return EXIT_SUCCESS; }