netfilter: nf_tables: return set extensions from ->lookup()

Return the extension area from the ->lookup() function to allow to
consolidate common actions.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Patrick McHardy 2015-03-25 14:08:48 +00:00 committed by Pablo Neira Ayuso
parent 61edafbb47
commit b2832dd662
4 changed files with 14 additions and 9 deletions

View File

@ -200,6 +200,8 @@ struct nft_set_estimate {
enum nft_set_class class; enum nft_set_class class;
}; };
struct nft_set_ext;
/** /**
* struct nft_set_ops - nf_tables set operations * struct nft_set_ops - nf_tables set operations
* *
@ -218,7 +220,7 @@ struct nft_set_estimate {
struct nft_set_ops { struct nft_set_ops {
bool (*lookup)(const struct nft_set *set, bool (*lookup)(const struct nft_set *set,
const struct nft_data *key, const struct nft_data *key,
struct nft_data *data); const struct nft_set_ext **ext);
int (*get)(const struct nft_set *set, int (*get)(const struct nft_set *set,
struct nft_set_elem *elem); struct nft_set_elem *elem);
int (*insert)(const struct nft_set *set, int (*insert)(const struct nft_set *set,

View File

@ -66,7 +66,7 @@ static inline int nft_hash_cmp(struct rhashtable_compare_arg *arg,
static bool nft_hash_lookup(const struct nft_set *set, static bool nft_hash_lookup(const struct nft_set *set,
const struct nft_data *key, const struct nft_data *key,
struct nft_data *data) const struct nft_set_ext **ext)
{ {
struct nft_hash *priv = nft_set_priv(set); struct nft_hash *priv = nft_set_priv(set);
const struct nft_hash_elem *he; const struct nft_hash_elem *he;
@ -76,8 +76,8 @@ static bool nft_hash_lookup(const struct nft_set *set,
}; };
he = rhashtable_lookup_fast(&priv->ht, &arg, nft_hash_params); he = rhashtable_lookup_fast(&priv->ht, &arg, nft_hash_params);
if (he && set->flags & NFT_SET_MAP) if (he != NULL)
nft_data_copy(data, nft_set_ext_data(&he->ext)); *ext = &he->ext;
return !!he; return !!he;
} }

View File

@ -31,9 +31,13 @@ static void nft_lookup_eval(const struct nft_expr *expr,
{ {
const struct nft_lookup *priv = nft_expr_priv(expr); const struct nft_lookup *priv = nft_expr_priv(expr);
const struct nft_set *set = priv->set; const struct nft_set *set = priv->set;
const struct nft_set_ext *ext;
if (set->ops->lookup(set, &data[priv->sreg], &data[priv->dreg])) if (set->ops->lookup(set, &data[priv->sreg], &ext)) {
if (set->flags & NFT_SET_MAP)
nft_data_copy(&data[priv->dreg], nft_set_ext_data(ext));
return; return;
}
data[NFT_REG_VERDICT].verdict = NFT_BREAK; data[NFT_REG_VERDICT].verdict = NFT_BREAK;
} }

View File

@ -31,7 +31,7 @@ struct nft_rbtree_elem {
static bool nft_rbtree_lookup(const struct nft_set *set, static bool nft_rbtree_lookup(const struct nft_set *set,
const struct nft_data *key, const struct nft_data *key,
struct nft_data *data) const struct nft_set_ext **ext)
{ {
const struct nft_rbtree *priv = nft_set_priv(set); const struct nft_rbtree *priv = nft_set_priv(set);
const struct nft_rbtree_elem *rbe, *interval = NULL; const struct nft_rbtree_elem *rbe, *interval = NULL;
@ -55,10 +55,9 @@ static bool nft_rbtree_lookup(const struct nft_set *set,
*nft_set_ext_flags(&rbe->ext) & *nft_set_ext_flags(&rbe->ext) &
NFT_SET_ELEM_INTERVAL_END) NFT_SET_ELEM_INTERVAL_END)
goto out; goto out;
if (set->flags & NFT_SET_MAP)
nft_data_copy(data, nft_set_ext_data(&rbe->ext));
spin_unlock_bh(&nft_rbtree_lock); spin_unlock_bh(&nft_rbtree_lock);
*ext = &rbe->ext;
return true; return true;
} }
} }