exthdr: prepare exthdr_gen_dependency for tcp support

currently exthdr always needs ipv6 dependency (i.e. link layer), but
with upcomming TCP option matching we also need to include TCP at the
network layer.

This patch prepares this change by adding two parameters to
exthdr_gen_dependency.

Signed-off-by: Manuel Messner <mm@skelett.io>
Signed-off-by: Florian Westphal <fw@strlen.de>

diff --git a/include/payload.h b/include/payload.h
index bda31886fa9e33b4d789ae75f22e0d7569972e22..5952b24fd1520099fb5ead0b3a06e0e5a4fc2f28 100644 (file)
--- a/include/payload.h
+++ b/include/payload.h
@@ -16,7 +16,8 @@ struct stmt;
 extern int payload_gen_dependency(struct eval_ctx *ctx, const struct expr *expr,
                                  struct stmt **res);
 extern int exthdr_gen_dependency(struct eval_ctx *ctx, const struct expr *expr,
-                                 struct stmt **res);
+                                const struct proto_desc *dependency,
+                                enum proto_bases pb, struct stmt **res);
 
 /**
  * struct payload_dep_ctx - payload protocol dependency tracking

diff --git a/src/evaluate.c b/src/evaluate.c
index 94412f278e6d9b0ed8e81b5107a8eb55d8147fc2..0e02548ceec320034aaded954c6a931c237d5dd2 100644 (file)
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -448,19 +448,20 @@ static int __expr_evaluate_exthdr(struct eval_ctx *ctx, struct expr **exprp)
  */
 static int expr_evaluate_exthdr(struct eval_ctx *ctx, struct expr **exprp)
 {
-       const struct proto_desc *base;
+       const struct proto_desc *base, *dependency = &proto_ip6;
+       enum proto_bases pb = PROTO_BASE_NETWORK_HDR;
        struct expr *expr = *exprp;
        struct stmt *nstmt;
 
-       base = ctx->pctx.protocol[PROTO_BASE_NETWORK_HDR].desc;
-       if (base == &proto_ip6)
+       base = ctx->pctx.protocol[pb].desc;
+       if (base == dependency)
                return __expr_evaluate_exthdr(ctx, exprp);
 
        if (base)
                return expr_error(ctx->msgs, expr,
                                  "cannot use exthdr with %s", base->name);
 
-       if (exthdr_gen_dependency(ctx, expr, &nstmt) < 0)
+       if (exthdr_gen_dependency(ctx, expr, dependency, pb - 1, &nstmt) < 0)
                return -1;
 
        list_add(&nstmt->list, &ctx->rule->stmts);

diff --git a/src/payload.c b/src/payload.c
index 74f8254aa12d5ec5ffb93bbdcff4f2f4cb64a8e4..efd19602d01d4b0d806c25ecbb2e89eba0da62ad 100644 (file)
--- a/src/payload.c
+++ b/src/payload.c
@@ -317,18 +317,19 @@ int payload_gen_dependency(struct eval_ctx *ctx, const struct expr *expr,
 }
 
 int exthdr_gen_dependency(struct eval_ctx *ctx, const struct expr *expr,
-                         struct stmt **res)
+                         const struct proto_desc *dependency,
+                         enum proto_bases pb, struct stmt **res)
 {
        const struct proto_desc *desc;
 
-       desc = ctx->pctx.protocol[PROTO_BASE_LL_HDR].desc;
+       desc = ctx->pctx.protocol[pb].desc;
        if (desc == NULL)
                return expr_error(ctx->msgs, expr,
                                  "Cannot generate dependency: "
                                  "no %s protocol specified",
-                                 proto_base_names[PROTO_BASE_LL_HDR]);
+                                 proto_base_names[pb]);
 
-       return payload_add_dependency(ctx, desc, &proto_ip6, expr, res);
+       return payload_add_dependency(ctx, desc, dependency, expr, res);
 }
 
 /**