exthdr: add parse and build userdata interface

Add support for meta userdata area.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Florian Westphal <fw@strlen.de>

diff --git a/src/expression.c b/src/expression.c
index a79c6f55a54829593f1d0025f7c74c5429a30378..847c88ee82c5532ad87258893cd846bea66bddeb 100644 (file)
--- a/src/expression.c
+++ b/src/expression.c
@@ -1227,6 +1227,7 @@ const struct expr_ops *expr_ops_by_type(enum expr_types etype)
 {
        switch (etype) {
        case EXPR_PAYLOAD: return &payload_expr_ops;
+       case EXPR_EXTHDR: return &exthdr_expr_ops;
        case EXPR_META: return &meta_expr_ops;
        default:
                break;

diff --git a/src/exthdr.c b/src/exthdr.c
index 925b523290030afb445fc731fce2bda8e8f96301..0b23e0d38b910cca4b79dfce82e9f0975c06bb41 100644 (file)
--- a/src/exthdr.c
+++ b/src/exthdr.c
@@ -91,6 +91,78 @@ static void exthdr_expr_clone(struct expr *new, const struct expr *expr)
        new->exthdr.flags = expr->exthdr.flags;
 }
 
+#define NFTNL_UDATA_EXTHDR_DESC 0
+#define NFTNL_UDATA_EXTHDR_TYPE 1
+#define NFTNL_UDATA_EXTHDR_MAX 2
+
+static int exthdr_parse_udata(const struct nftnl_udata *attr, void *data)
+{
+       const struct nftnl_udata **ud = data;
+       uint8_t type = nftnl_udata_type(attr);
+       uint8_t len = nftnl_udata_len(attr);
+
+       switch (type) {
+       case NFTNL_UDATA_EXTHDR_DESC:
+       case NFTNL_UDATA_EXTHDR_TYPE:
+               if (len != sizeof(uint32_t))
+                       return -1;
+               break;
+       default:
+               return 0;
+       }
+
+       ud[type] = attr;
+       return 0;
+}
+
+static struct expr *exthdr_expr_parse_udata(const struct nftnl_udata *attr)
+{
+       const struct nftnl_udata *ud[NFTNL_UDATA_EXTHDR_MAX + 1] = {};
+       const struct exthdr_desc *desc;
+       unsigned int type;
+       uint32_t desc_id;
+       int err;
+
+       err = nftnl_udata_parse(nftnl_udata_get(attr), nftnl_udata_len(attr),
+                               exthdr_parse_udata, ud);
+       if (err < 0)
+               return NULL;
+
+       if (!ud[NFTNL_UDATA_EXTHDR_DESC] ||
+           !ud[NFTNL_UDATA_EXTHDR_TYPE])
+               return NULL;
+
+       desc_id = nftnl_udata_get_u32(ud[NFTNL_UDATA_EXTHDR_DESC]);
+       desc = exthdr_find_desc(desc_id);
+       if (!desc)
+               return NULL;
+
+       type = nftnl_udata_get_u32(ud[NFTNL_UDATA_EXTHDR_TYPE]);
+
+       return exthdr_expr_alloc(&internal_location, desc, type);
+}
+
+static unsigned int expr_exthdr_type(const struct exthdr_desc *desc,
+                                    const struct proto_hdr_template *tmpl)
+{
+       unsigned int offset = (unsigned int)(tmpl - &desc->templates[0]);
+
+       return offset / sizeof(*tmpl);
+}
+
+static int exthdr_expr_build_udata(struct nftnl_udata_buf *udbuf,
+                                  const struct expr *expr)
+{
+       const struct proto_hdr_template *tmpl = expr->exthdr.tmpl;
+       const struct exthdr_desc *desc = expr->exthdr.desc;
+       unsigned int type = expr_exthdr_type(desc, tmpl);
+
+       nftnl_udata_put_u32(udbuf, NFTNL_UDATA_EXTHDR_DESC, desc->id);
+       nftnl_udata_put_u32(udbuf, NFTNL_UDATA_EXTHDR_TYPE, type);
+
+       return 0;
+}
+
 const struct expr_ops exthdr_expr_ops = {
        .type           = EXPR_EXTHDR,
        .name           = "exthdr",
@@ -98,6 +170,8 @@ const struct expr_ops exthdr_expr_ops = {
        .json           = exthdr_expr_json,
        .cmp            = exthdr_expr_cmp,
        .clone          = exthdr_expr_clone,
+       .build_udata    = exthdr_expr_build_udata,
+       .parse_udata    = exthdr_expr_parse_udata,
 };
 
 static const struct proto_hdr_template exthdr_unknown_template =