[PATCH nft 02/11] evaluate: move inet/netdev protocol context supersede logic to supersede_dep()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This is a cleanup to untangle this logic a bit.

Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---
 src/evaluate.c | 48 +++++++++++++++++++++++++-----------------------
 1 file changed, 25 insertions(+), 23 deletions(-)

diff --git a/src/evaluate.c b/src/evaluate.c
index 7898ed4..93f408d 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -359,16 +359,32 @@ conflict_resolution_gen_dependency(struct eval_ctx *ctx, int protocol,
  * ip saddr adds meta dependency on ipv4 packets
  * ether saddr adds another dependeny on ethernet frames.
  */
-static bool supersede_dep(const struct proto_desc *have,
-			  struct expr *payload)
+static int supersede_dep(struct eval_ctx *ctx, const struct proto_desc *have,
+			 struct expr *payload)
 {
+	enum proto_bases base = payload->payload.base;
+	struct stmt *nstmt;
+	uint16_t type;
+
 	if (payload->payload.base != PROTO_BASE_LL_HDR || have->length)
-		return false;
+		return 1;
 
 	if (have != &proto_inet && have != &proto_netdev)
-		return false;
+		return 1;
 
-	return true;
+	if (proto_dev_type(payload->payload.desc, &type) < 0)
+		return expr_error(ctx->msgs, payload,
+				  "protocol specification is invalid "
+				  "for this family");
+
+	nstmt = meta_stmt_meta_iiftype(&payload->location, type);
+	if (stmt_evaluate(ctx, nstmt) < 0)
+		return expr_error(ctx->msgs, payload,
+				  "dependency statement is invalid");
+
+	list_add_tail(&nstmt->list, &ctx->stmt->list);
+	ctx->pctx.protocol[base].desc = payload->payload.desc;
+	return 0;
 }
 
 static int resolve_protocol_conflict(struct eval_ctx *ctx, struct expr *payload)
@@ -377,7 +393,7 @@ static int resolve_protocol_conflict(struct eval_ctx *ctx, struct expr *payload)
 	enum proto_bases base = payload->payload.base;
 	const struct proto_desc *desc;
 	struct stmt *nstmt = NULL;
-	int link;
+	int link, err;
 
 	desc = ctx->pctx.protocol[base].desc;
 	if (desc == payload->payload.desc) {
@@ -388,23 +404,9 @@ static int resolve_protocol_conflict(struct eval_ctx *ctx, struct expr *payload)
 	if (payload->payload.base != h->base)
 		return 1;
 
-	if (supersede_dep(desc, payload)) {
-		uint16_t type;
-
-		if (proto_dev_type(payload->payload.desc, &type) < 0)
-			return expr_error(ctx->msgs, payload,
-					  "protocol specification is invalid "
-					  "for this family");
-
-		nstmt = meta_stmt_meta_iiftype(&payload->location, type);
-		if (stmt_evaluate(ctx, nstmt) < 0)
-			return expr_error(ctx->msgs, payload,
-					  "dependency statement is invalid");
-
-		list_add_tail(&nstmt->list, &ctx->stmt->list);
-		ctx->pctx.protocol[base].desc = payload->payload.desc;
-		return 0;
-	}
+	err = supersede_dep(ctx, desc, payload);
+	if (err <= 0)
+		return err;
 
 	if (base < PROTO_BASE_MAX) {
 		const struct proto_desc *next = ctx->pctx.protocol[base + 1].desc;
-- 
2.1.4

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux