[PATCH nft 3/5] src: add set_spec

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Store location object in handle to improve error reporting.

Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---
 include/rule.h          |  7 ++++++-
 src/evaluate.c          | 36 ++++++++++++++++++------------------
 src/expression.c        |  4 ++--
 src/netlink.c           |  6 +++---
 src/netlink_linearize.c | 10 +++++-----
 src/parser_bison.y      |  6 ++++--
 src/rule.c              | 18 +++++++++---------
 src/segtree.c           |  4 ++--
 8 files changed, 49 insertions(+), 42 deletions(-)

diff --git a/include/rule.h b/include/rule.h
index 4ea09c52b12e..68d32f10c353 100644
--- a/include/rule.h
+++ b/include/rule.h
@@ -37,6 +37,11 @@ struct chain_spec {
 	const char		*name;
 };
 
+struct set_spec {
+	struct location		location;
+	const char		*name;
+};
+
 /**
  * struct handle - handle for tables, chains, rules and sets
  *
@@ -54,7 +59,7 @@ struct handle {
 	uint32_t		family;
 	struct table_spec	table;
 	struct chain_spec	chain;
-	const char		*set;
+	struct set_spec		set;
 	const char		*obj;
 	const char		*flowtable;
 	struct handle_spec	handle;
diff --git a/src/evaluate.c b/src/evaluate.c
index 78ff6071230a..79fa3221e20d 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -84,7 +84,7 @@ static struct expr *implicit_set_declaration(struct eval_ctx *ctx,
 
 	set = set_alloc(&expr->location);
 	set->flags	= NFT_SET_ANONYMOUS | expr->set_flags;
-	set->handle.set = xstrdup(name);
+	set->handle.set.name = xstrdup(name);
 	set->key	= key;
 	set->init	= expr;
 	set->automerge	= set->flags & NFT_SET_INTERVAL;
@@ -2749,10 +2749,10 @@ static int setelem_evaluate(struct eval_ctx *ctx, struct expr **expr)
 		return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
 				 ctx->cmd->handle.table.name);
 
-	set = set_lookup(table, ctx->cmd->handle.set);
+	set = set_lookup(table, ctx->cmd->handle.set.name);
 	if (set == NULL)
 		return cmd_error(ctx, "Could not process rule: Set '%s' does not exist",
-				 ctx->cmd->handle.set);
+				 ctx->cmd->handle.set.name);
 
 	ctx->set = set;
 	expr_set_context(&ctx->ectx, set->key->dtype, set->key->len);
@@ -2813,7 +2813,7 @@ static int set_evaluate(struct eval_ctx *ctx, struct set *set)
 	}
 	ctx->set = NULL;
 
-	if (set_lookup(table, set->handle.set) == NULL)
+	if (set_lookup(table, set->handle.set.name) == NULL)
 		set_add_hash(set_get(set), table);
 
 	/* Default timeout value implies timeout support */
@@ -3089,10 +3089,10 @@ static int cmd_evaluate_get(struct eval_ctx *ctx, struct cmd *cmd)
 		if (table == NULL)
 			return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
 					 cmd->handle.table.name);
-		set = set_lookup(table, cmd->handle.set);
+		set = set_lookup(table, cmd->handle.set.name);
 		if (set == NULL || set->flags & (NFT_SET_MAP | NFT_SET_EVAL))
 			return cmd_error(ctx, "Could not process rule: Set '%s' does not exist",
-					 cmd->handle.set);
+					 cmd->handle.set.name);
 
 		return setelem_evaluate(ctx, &cmd->expr);
 	default:
@@ -3144,30 +3144,30 @@ static int cmd_evaluate_list(struct eval_ctx *ctx, struct cmd *cmd)
 		if (table == NULL)
 			return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
 					 cmd->handle.table.name);
-		set = set_lookup(table, cmd->handle.set);
+		set = set_lookup(table, cmd->handle.set.name);
 		if (set == NULL || set->flags & (NFT_SET_MAP | NFT_SET_EVAL))
 			return cmd_error(ctx, "Could not process rule: Set '%s' does not exist",
-					 cmd->handle.set);
+					 cmd->handle.set.name);
 		return 0;
 	case CMD_OBJ_METER:
 		table = table_lookup(&cmd->handle, ctx->cache);
 		if (table == NULL)
 			return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
 					 cmd->handle.table.name);
-		set = set_lookup(table, cmd->handle.set);
+		set = set_lookup(table, cmd->handle.set.name);
 		if (set == NULL || !(set->flags & NFT_SET_EVAL))
 			return cmd_error(ctx, "Could not process rule: Meter '%s' does not exist",
-					 cmd->handle.set);
+					 cmd->handle.set.name);
 		return 0;
 	case CMD_OBJ_MAP:
 		table = table_lookup(&cmd->handle, ctx->cache);
 		if (table == NULL)
 			return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
 					 cmd->handle.table.name);
-		set = set_lookup(table, cmd->handle.set);
+		set = set_lookup(table, cmd->handle.set.name);
 		if (set == NULL || !(set->flags & NFT_SET_MAP))
 			return cmd_error(ctx, "Could not process rule: Map '%s' does not exist",
-					 cmd->handle.set);
+					 cmd->handle.set.name);
 		return 0;
 	case CMD_OBJ_CHAIN:
 		table = table_lookup(&cmd->handle, ctx->cache);
@@ -3260,10 +3260,10 @@ static int cmd_evaluate_flush(struct eval_ctx *ctx, struct cmd *cmd)
 		if (table == NULL)
 			return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
 					 cmd->handle.table.name);
-		set = set_lookup(table, cmd->handle.set);
+		set = set_lookup(table, cmd->handle.set.name);
 		if (set == NULL || set->flags & (NFT_SET_MAP | NFT_SET_EVAL))
 			return cmd_error(ctx, "Could not process rule: Set '%s' does not exist",
-					 cmd->handle.set);
+					 cmd->handle.set.name);
 		return 0;
 	case CMD_OBJ_MAP:
 		ret = cache_update(ctx->nf_sock, ctx->cache, cmd->op, ctx->msgs,
@@ -3275,10 +3275,10 @@ static int cmd_evaluate_flush(struct eval_ctx *ctx, struct cmd *cmd)
 		if (table == NULL)
 			return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
 					 cmd->handle.table.name);
-		set = set_lookup(table, cmd->handle.set);
+		set = set_lookup(table, cmd->handle.set.name);
 		if (set == NULL || !(set->flags & NFT_SET_MAP))
 			return cmd_error(ctx, "Could not process rule: Map '%s' does not exist",
-					 cmd->handle.set);
+					 cmd->handle.set.name);
 		return 0;
 	case CMD_OBJ_METER:
 		ret = cache_update(ctx->nf_sock, ctx->cache, cmd->op, ctx->msgs,
@@ -3290,10 +3290,10 @@ static int cmd_evaluate_flush(struct eval_ctx *ctx, struct cmd *cmd)
 		if (table == NULL)
 			return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
 					 cmd->handle.table.name);
-		set = set_lookup(table, cmd->handle.set);
+		set = set_lookup(table, cmd->handle.set.name);
 		if (set == NULL || !(set->flags & NFT_SET_EVAL))
 			return cmd_error(ctx, "Could not process rule: Meter '%s' does not exist",
-					 cmd->handle.set);
+					 cmd->handle.set.name);
 		return 0;
 	default:
 		BUG("invalid command object type %u\n", cmd->obj);
diff --git a/src/expression.c b/src/expression.c
index e698b14c969c..239cf8825c4f 100644
--- a/src/expression.c
+++ b/src/expression.c
@@ -978,11 +978,11 @@ static void set_ref_expr_print(const struct expr *expr, struct output_ctx *octx)
 {
 	if (expr->set->flags & NFT_SET_ANONYMOUS) {
 		if (expr->set->flags & NFT_SET_EVAL)
-			nft_print(octx, "%s", expr->set->handle.set);
+			nft_print(octx, "%s", expr->set->handle.set.name);
 		else
 			expr_print(expr->set->init, octx);
 	} else {
-		nft_print(octx, "@%s", expr->set->handle.set);
+		nft_print(octx, "@%s", expr->set->handle.set.name);
 	}
 }
 
diff --git a/src/netlink.c b/src/netlink.c
index e33e094e1992..e465daa79c84 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -192,8 +192,8 @@ struct nftnl_set *alloc_nftnl_set(const struct handle *h)
 
 	nftnl_set_set_u32(nls, NFTNL_SET_FAMILY, h->family);
 	nftnl_set_set_str(nls, NFTNL_SET_TABLE, h->table.name);
-	if (h->set != NULL)
-		nftnl_set_set_str(nls, NFTNL_SET_NAME, h->set);
+	if (h->set.name != NULL)
+		nftnl_set_set_str(nls, NFTNL_SET_NAME, h->set.name);
 	if (h->set_id)
 		nftnl_set_set_u32(nls, NFTNL_SET_ID, h->set_id);
 	if (h->handle.id)
@@ -926,7 +926,7 @@ struct set *netlink_delinearize_set(struct netlink_ctx *ctx,
 	set = set_alloc(&netlink_location);
 	set->handle.family = nftnl_set_get_u32(nls, NFTNL_SET_FAMILY);
 	set->handle.table.name = xstrdup(nftnl_set_get_str(nls, NFTNL_SET_TABLE));
-	set->handle.set    = xstrdup(nftnl_set_get_str(nls, NFTNL_SET_NAME));
+	set->handle.set.name = xstrdup(nftnl_set_get_str(nls, NFTNL_SET_NAME));
 	set->automerge	   = automerge;
 
 	set->key     = constant_expr_alloc(&netlink_location,
diff --git a/src/netlink_linearize.c b/src/netlink_linearize.c
index 6c49969bf5a9..2ab8accf0bf4 100644
--- a/src/netlink_linearize.c
+++ b/src/netlink_linearize.c
@@ -265,7 +265,7 @@ static void netlink_gen_map(struct netlink_linearize_ctx *ctx,
 	netlink_put_register(nle, NFTNL_EXPR_LOOKUP_SREG, sreg);
 	netlink_put_register(nle, NFTNL_EXPR_LOOKUP_DREG, dreg);
 	nftnl_expr_set_str(nle, NFTNL_EXPR_LOOKUP_SET,
-			   expr->mappings->set->handle.set);
+			   expr->mappings->set->handle.set.name);
 	nftnl_expr_set_u32(nle, NFTNL_EXPR_LOOKUP_SET_ID,
 			   expr->mappings->set->handle.set_id);
 
@@ -291,7 +291,7 @@ static void netlink_gen_lookup(struct netlink_linearize_ctx *ctx,
 	nle = alloc_nft_expr("lookup");
 	netlink_put_register(nle, NFTNL_EXPR_LOOKUP_SREG, sreg);
 	nftnl_expr_set_str(nle, NFTNL_EXPR_LOOKUP_SET,
-			   expr->right->set->handle.set);
+			   expr->right->set->handle.set.name);
 	nftnl_expr_set_u32(nle, NFTNL_EXPR_LOOKUP_SET_ID,
 			   expr->right->set->handle.set_id);
 	if (expr->op == OP_NEQ)
@@ -716,7 +716,7 @@ static void netlink_gen_objref_stmt(struct netlink_linearize_ctx *ctx,
 
 		nftnl_expr_set_u32(nle, NFTNL_EXPR_OBJREF_SET_SREG, sreg_key);
 		nftnl_expr_set_str(nle, NFTNL_EXPR_OBJREF_SET_NAME,
-				   expr->mappings->set->handle.set);
+				   expr->mappings->set->handle.set.name);
 		nftnl_expr_set_u32(nle, NFTNL_EXPR_OBJREF_SET_ID,
 				   expr->mappings->set->handle.set_id);
 		break;
@@ -1172,7 +1172,7 @@ static void netlink_gen_set_stmt(struct netlink_linearize_ctx *ctx,
 		nftnl_expr_set_u64(nle, NFTNL_EXPR_DYNSET_TIMEOUT,
 				   stmt->set.key->timeout);
 	nftnl_expr_set_u32(nle, NFTNL_EXPR_DYNSET_OP, stmt->set.op);
-	nftnl_expr_set_str(nle, NFTNL_EXPR_DYNSET_SET_NAME, set->handle.set);
+	nftnl_expr_set_str(nle, NFTNL_EXPR_DYNSET_SET_NAME, set->handle.set.name);
 	nftnl_expr_set_u32(nle, NFTNL_EXPR_DYNSET_SET_ID, set->handle.set_id);
 	nftnl_rule_add_expr(ctx->nlr, nle);
 }
@@ -1228,7 +1228,7 @@ static void netlink_gen_meter_stmt(struct netlink_linearize_ctx *ctx,
 		nftnl_expr_set_u64(nle, NFTNL_EXPR_DYNSET_TIMEOUT,
 				   stmt->meter.key->timeout);
 	nftnl_expr_set_u32(nle, NFTNL_EXPR_DYNSET_OP, op);
-	nftnl_expr_set_str(nle, NFTNL_EXPR_DYNSET_SET_NAME, set->handle.set);
+	nftnl_expr_set_str(nle, NFTNL_EXPR_DYNSET_SET_NAME, set->handle.set.name);
 	nftnl_expr_set_u32(nle, NFTNL_EXPR_DYNSET_SET_ID, set->handle.set_id);
 	nftnl_expr_set(nle, NFTNL_EXPR_DYNSET_EXPR,
 		       netlink_gen_stmt_stateful(ctx, stmt->meter.stmt), 0);
diff --git a/src/parser_bison.y b/src/parser_bison.y
index 1d44189775f0..e4b83523b411 100644
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -1886,7 +1886,8 @@ chain_identifier	:	identifier
 set_spec		:	table_spec	identifier
 			{
 				$$		= $1;
-				$$.set		= $2;
+				$$.set.name	= $2;
+				$$.set.location	= @2;
 			}
 			;
 
@@ -1901,7 +1902,8 @@ setid_spec 		: 	table_spec 	HANDLE NUM
 set_identifier		:	identifier
 			{
 				memset(&$$, 0, sizeof($$));
-				$$.set		= $1;
+				$$.set.name	= $1;
+				$$.set.location	= @1;
 			}
 			;
 
diff --git a/src/rule.c b/src/rule.c
index bbf23a6bcb50..7d18bd08c1fb 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -32,7 +32,7 @@ void handle_free(struct handle *h)
 {
 	xfree(h->table.name);
 	xfree(h->chain.name);
-	xfree(h->set);
+	xfree(h->set.name);
 	xfree(h->flowtable);
 }
 
@@ -44,8 +44,8 @@ void handle_merge(struct handle *dst, const struct handle *src)
 		dst->table.name = xstrdup(src->table.name);
 	if (dst->chain.name == NULL && src->chain.name != NULL)
 		dst->chain.name = xstrdup(src->chain.name);
-	if (dst->set == NULL && src->set != NULL)
-		dst->set = xstrdup(src->set);
+	if (dst->set.name == NULL && src->set.name != NULL)
+		dst->set.name = xstrdup(src->set.name);
 	if (dst->flowtable == NULL && src->flowtable != NULL)
 		dst->flowtable = xstrdup(src->flowtable);
 	if (dst->obj == NULL && src->obj != NULL)
@@ -257,7 +257,7 @@ struct set *set_lookup(const struct table *table, const char *name)
 	struct set *set;
 
 	list_for_each_entry(set, &table->sets, list) {
-		if (!strcmp(set->handle.set, name))
+		if (!strcmp(set->handle.set.name, name))
 			return set;
 	}
 	return NULL;
@@ -322,7 +322,7 @@ static void set_print_declaration(const struct set *set,
 	if (opts->table != NULL)
 		nft_print(octx, " %s", opts->table);
 
-	nft_print(octx, " %s {", set->handle.set);
+	nft_print(octx, " %s {", set->handle.set.name);
 
 	if (octx->handle > 0)
 		nft_print(octx, " # handle %" PRIu64, set->handle.handle.id);
@@ -1100,7 +1100,7 @@ static int do_add_setelems(struct netlink_ctx *ctx, struct cmd *cmd,
 	struct set *set;
 
 	table = table_lookup(h, ctx->cache);
-	set = set_lookup(table, h->set);
+	set = set_lookup(table, h->set.name);
 
 	if (set->flags & NFT_SET_INTERVAL &&
 	    set_to_intervals(ctx->msgs, set, init, true,
@@ -1212,7 +1212,7 @@ static int do_delete_setelems(struct netlink_ctx *ctx, struct cmd *cmd)
 	struct set *set;
 
 	table = table_lookup(h, ctx->cache);
-	set = set_lookup(table, h->set);
+	set = set_lookup(table, h->set.name);
 
 	if (set->flags & NFT_SET_INTERVAL &&
 	    set_to_intervals(ctx->msgs, set, expr, false,
@@ -1800,7 +1800,7 @@ static int do_list_set(struct netlink_ctx *ctx, struct cmd *cmd,
 {
 	struct set *set;
 
-	set = set_lookup(table, cmd->handle.set);
+	set = set_lookup(table, cmd->handle.set.name);
 	if (set == NULL)
 		return -1;
 
@@ -1867,7 +1867,7 @@ static int do_get_setelems(struct netlink_ctx *ctx, struct cmd *cmd,
 	struct expr *init;
 	int err;
 
-	set = set_lookup(table, cmd->handle.set);
+	set = set_lookup(table, cmd->handle.set.name);
 
 	/* Create a list of elements based of what we got from command line. */
 	if (set->flags & NFT_SET_INTERVAL)
diff --git a/src/segtree.c b/src/segtree.c
index 5939d8fc7b4a..e1339daf1341 100644
--- a/src/segtree.c
+++ b/src/segtree.c
@@ -686,7 +686,7 @@ void get_set_decompose(struct table *table, struct set *set)
 		} else {
 			if (left) {
 				left = get_set_interval_end(table,
-							    set->handle.set,
+							    set->handle.set.name,
 							    left);
 				compound_expr_add(new_init, left);
 			}
@@ -694,7 +694,7 @@ void get_set_decompose(struct table *table, struct set *set)
 		}
 	}
 	if (left) {
-		left = get_set_interval_end(table, set->handle.set, left);
+		left = get_set_interval_end(table, set->handle.set.name, left);
 		compound_expr_add(new_init, left);
 	}
 
-- 
2.11.0

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux