xfrm: add parse and build userdata interface

Add support for meta userdata area.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Florian Westphal <fw@strlen.de>

diff --git a/src/expression.c b/src/expression.c
index 43d2c9f94a848a21c0c686775e47432c9117a863..cb11cda43792955d02ed676cbb22d3224be7cd0b 100644 (file)
--- a/src/expression.c
+++ b/src/expression.c
@@ -1236,6 +1236,7 @@ const struct expr_ops *expr_ops_by_type(enum expr_types etype)
        case EXPR_HASH: return &hash_expr_ops;
        case EXPR_RT: return &rt_expr_ops;
        case EXPR_FIB: return &fib_expr_ops;
+       case EXPR_XFRM: return &xfrm_expr_ops;
        default:
                break;
        }

diff --git a/src/xfrm.c b/src/xfrm.c
index 4dd53c3213f6871bdab61416dc209600b141bbcc..d0773ab789f1a832bf6b926bbd7f520ae928b4e9 100644 (file)
--- a/src/xfrm.c
+++ b/src/xfrm.c
@@ -91,6 +91,65 @@ static void xfrm_expr_clone(struct expr *new, const struct expr *expr)
        memcpy(&new->xfrm, &expr->xfrm, sizeof(new->xfrm));
 }
 
+#define NFTNL_UDATA_XFRM_KEY 0
+#define NFTNL_UDATA_XFRM_SPNUM 1
+#define NFTNL_UDATA_XFRM_DIR 2
+#define NFTNL_UDATA_XFRM_MAX 3
+
+static int xfrm_expr_build_udata(struct nftnl_udata_buf *udbuf,
+                                const struct expr *expr)
+{
+       nftnl_udata_put_u32(udbuf, NFTNL_UDATA_XFRM_KEY, expr->xfrm.key);
+       nftnl_udata_put_u32(udbuf, NFTNL_UDATA_XFRM_SPNUM, expr->xfrm.spnum);
+       nftnl_udata_put_u32(udbuf, NFTNL_UDATA_XFRM_DIR, expr->xfrm.direction);
+
+       return 0;
+}
+
+static int xfrm_parse_udata(const struct nftnl_udata *attr, void *data)
+{
+       const struct nftnl_udata **ud = data;
+       uint8_t type = nftnl_udata_type(attr);
+       uint8_t len = nftnl_udata_len(attr);
+
+       switch (type) {
+       case NFTNL_UDATA_XFRM_KEY:
+       case NFTNL_UDATA_XFRM_SPNUM:
+       case NFTNL_UDATA_XFRM_DIR:
+               if (len != sizeof(uint32_t))
+                       return -1;
+               break;
+       default:
+               return 0;
+       }
+
+       ud[type] = attr;
+       return 0;
+}
+
+static struct expr *xfrm_expr_parse_udata(const struct nftnl_udata *attr)
+{
+       const struct nftnl_udata *ud[NFTNL_UDATA_XFRM_MAX + 1] = {};
+       uint32_t key, dir, spnum;
+       int err;
+
+       err = nftnl_udata_parse(nftnl_udata_get(attr), nftnl_udata_len(attr),
+                               xfrm_parse_udata, ud);
+       if (err < 0)
+               return NULL;
+
+       if (!ud[NFTNL_UDATA_XFRM_KEY] ||
+           !ud[NFTNL_UDATA_XFRM_DIR] ||
+           !ud[NFTNL_UDATA_XFRM_SPNUM])
+               return NULL;
+
+       key = nftnl_udata_get_u32(ud[NFTNL_UDATA_XFRM_KEY]);
+       dir = nftnl_udata_get_u32(ud[NFTNL_UDATA_XFRM_DIR]);
+       spnum = nftnl_udata_get_u32(ud[NFTNL_UDATA_XFRM_SPNUM]);
+
+       return xfrm_expr_alloc(&internal_location, dir, spnum, key);
+}
+
 const struct expr_ops xfrm_expr_ops = {
        .type           = EXPR_XFRM,
        .name           = "xfrm",
@@ -98,6 +157,8 @@ const struct expr_ops xfrm_expr_ops = {
        .json           = xfrm_expr_json,
        .cmp            = xfrm_expr_cmp,
        .clone          = xfrm_expr_clone,
+       .parse_udata    = xfrm_expr_parse_udata,
+       .build_udata    = xfrm_expr_build_udata,
 };
 
 struct expr *xfrm_expr_alloc(const struct location *loc,