On Wed, Aug 10, 2016 at 10:38:08AM +0800, Liping Zhang wrote:
> Hi Laura,
>
> 2016-08-10 2:22 GMT+08:00 Laura Garcia Liebana <nevola@xxxxxxxxx>:
> > This patch adds a new hash expression, this provides jhash support but
> > this can be extended to support for other hash functions.
> >
> > The modulus and seed already comes embedded into this new expression.
> >
> > Use case example:
> > meta mark set hash ip saddr mod 10
> >
> > +static int nft_hash_init(const struct nft_ctx *ctx,
> > + const struct nft_expr *expr,
> > + const struct nlattr * const tb[])
> > +{
> > + struct nft_hash *priv = nft_expr_priv(expr);
> > + u32 len;
> > +
> > + if (!tb[NFTA_HASH_SREG] ||
> > + !tb[NFTA_HASH_DREG] ||
> > + !tb[NFTA_HASH_LEN])
> > + return -EINVAL;
>
> I think tb[NFTA_HASH_MODULUS] and tb[NFTA_HASH_SEED] should also be
> checked is NULL or not? :)
>
tb[NFTA_HASH_MODULUS] is not optional now so we can check it here, but
tb[NFTA_HASH_SEED] is optional so we can check and if it's null, then
assign 0 to the seed value.
> > +
> > + priv->sreg = nft_parse_register(tb[NFTA_HASH_SREG]);
> > + priv->dreg = nft_parse_register(tb[NFTA_HASH_DREG]);
>
> Should we use nft_validate_register_load and
> nft_validate_register_store here to check the validity ?
>
Yes, I'll include that.
Thank you Liping.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
