src: parse new handle attribute for sets

This patch adds code to allocate set handles and delete sets via set
handle.

Signed-off-by: Harsha Sharma <harshasharmaiitr@gmail.com>

diff --git a/include/libnftnl/set.h b/include/libnftnl/set.h
index e760d31e0e2b964417025a7141841ca160908562..27f5bc43e7b7f8eaf7515a44e9dc80fa00245ea5 100644 (file)
--- a/include/libnftnl/set.h
+++ b/include/libnftnl/set.h
@@ -24,6 +24,7 @@ enum nftnl_set_attr {
        NFTNL_SET_GC_INTERVAL,
        NFTNL_SET_USERDATA,
        NFTNL_SET_OBJ_TYPE,
+       NFTNL_SET_HANDLE,
        __NFTNL_SET_MAX
 };
 #define NFTNL_SET_MAX (__NFTNL_SET_MAX - 1)

diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h
index 1938bb75f1ea09ff6188ba26aa72de47cf1ad715..5833297b059913cfdc832e6aa74ab4c3334a790a 100644 (file)
--- a/include/linux/netfilter/nf_tables.h
+++ b/include/linux/netfilter/nf_tables.h
@@ -317,6 +317,7 @@ enum nft_set_desc_attributes {
  * @NFTA_SET_GC_INTERVAL: garbage collection interval (NLA_U32)
  * @NFTA_SET_USERDATA: user data (NLA_BINARY)
  * @NFTA_SET_OBJ_TYPE: stateful object type (NLA_U32: NFT_OBJECT_*)
+ * @NFTA_SET_HANDLE: numerical table handle (NLA_U64)
  */
 enum nft_set_attributes {
        NFTA_SET_UNSPEC,
@@ -335,6 +336,7 @@ enum nft_set_attributes {
        NFTA_SET_USERDATA,
        NFTA_SET_PAD,
        NFTA_SET_OBJ_TYPE,
+       NFTA_SET_HANDLE,
        __NFTA_SET_MAX
 };
 #define NFTA_SET_MAX           (__NFTA_SET_MAX - 1)

diff --git a/include/set.h b/include/set.h
index c6deb73f54f41c96e0299d779251a75a1b7b6114..3bcec7c8c1b3945fecb5f3d51f996ddea7450987 100644 (file)
--- a/include/set.h
+++ b/include/set.h
@@ -10,6 +10,7 @@ struct nftnl_set {
        uint32_t                set_flags;
        const char              *table;
        const char              *name;
+       uint64_t                handle;
        uint32_t                key_type;
        uint32_t                key_len;
        uint32_t                data_type;

diff --git a/src/set.c b/src/set.c
index ac24eae6bb1636f0e4333c2cf3c9cccda606c5fc..0889b00b87f9c3f8fc4873115e9b42bac071867f 100644 (file)
--- a/src/set.c
+++ b/src/set.c
@@ -78,6 +78,7 @@ void nftnl_set_unset(struct nftnl_set *s, uint16_t attr)
        case NFTNL_SET_NAME:
                xfree(s->name);
                break;
+       case NFTNL_SET_HANDLE:
        case NFTNL_SET_FLAGS:
        case NFTNL_SET_KEY_TYPE:
        case NFTNL_SET_KEY_LEN:
@@ -102,6 +103,7 @@ void nftnl_set_unset(struct nftnl_set *s, uint16_t attr)
 }
 
 static uint32_t nftnl_set_validate[NFTNL_SET_MAX + 1] = {
+       [NFTNL_SET_HANDLE]              = sizeof(uint64_t),
        [NFTNL_SET_FLAGS]               = sizeof(uint32_t),
        [NFTNL_SET_KEY_TYPE]            = sizeof(uint32_t),
        [NFTNL_SET_KEY_LEN]             = sizeof(uint32_t),
@@ -139,6 +141,9 @@ int nftnl_set_set_data(struct nftnl_set *s, uint16_t attr, const void *data,
                if (!s->name)
                        return -1;
                break;
+       case NFTNL_SET_HANDLE:
+               s->handle = *((uint64_t *)data);
+               break;
        case NFTNL_SET_FLAGS:
                s->set_flags = *((uint32_t *)data);
                break;
@@ -228,6 +233,9 @@ const void *nftnl_set_get_data(const struct nftnl_set *s, uint16_t attr,
        case NFTNL_SET_NAME:
                *data_len = strlen(s->name) + 1;
                return s->name;
+       case NFTNL_SET_HANDLE:
+               *data_len = sizeof(uint64_t);
+               return &s->handle;
        case NFTNL_SET_FLAGS:
                *data_len = sizeof(uint32_t);
                return &s->set_flags;
@@ -360,6 +368,8 @@ void nftnl_set_nlmsg_build_payload(struct nlmsghdr *nlh, struct nftnl_set *s)
                mnl_attr_put_strz(nlh, NFTA_SET_TABLE, s->table);
        if (s->flags & (1 << NFTNL_SET_NAME))
                mnl_attr_put_strz(nlh, NFTA_SET_NAME, s->name);
+       if (s->handle & (1 << NFTNL_SET_HANDLE))
+               mnl_attr_put_u64(nlh, NFTA_SET_HANDLE, htobe64(s->handle));
        if (s->flags & (1 << NFTNL_SET_FLAGS))
                mnl_attr_put_u32(nlh, NFTA_SET_FLAGS, htonl(s->set_flags));
        if (s->flags & (1 << NFTNL_SET_KEY_TYPE))
@@ -402,6 +412,10 @@ static int nftnl_set_parse_attr_cb(const struct nlattr *attr, void *data)
                if (mnl_attr_validate(attr, MNL_TYPE_STRING) < 0)
                        abi_breakage();
                break;
+       case NFTA_SET_HANDLE:
+               if (mnl_attr_validate(attr, MNL_TYPE_U64) < 0)
+                       abi_breakage();
+               break;
        case NFTA_SET_FLAGS:
        case NFTA_SET_KEY_TYPE:
        case NFTA_SET_KEY_LEN:
@@ -492,6 +506,10 @@ int nftnl_set_nlmsg_parse(const struct nlmsghdr *nlh, struct nftnl_set *s)
                        return -1;
                s->flags |= (1 << NFTNL_SET_NAME);
        }
+       if (tb[NFTA_SET_HANDLE]) {
+               s->handle = be64toh(mnl_attr_get_u64(tb[NFTA_SET_HANDLE]));
+               s->flags |= (1 << NFTNL_SET_HANDLE);
+       }
        if (tb[NFTA_SET_FLAGS]) {
                s->set_flags = ntohl(mnl_attr_get_u32(tb[NFTA_SET_FLAGS]));
                s->flags |= (1 << NFTNL_SET_FLAGS);