Store location object in handle to improve error reporting. Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> --- include/rule.h | 7 ++++++- src/evaluate.c | 36 ++++++++++++++++++------------------ src/expression.c | 4 ++-- src/netlink.c | 6 +++--- src/netlink_linearize.c | 10 +++++----- src/parser_bison.y | 6 ++++-- src/rule.c | 18 +++++++++--------- src/segtree.c | 4 ++-- 8 files changed, 49 insertions(+), 42 deletions(-) diff --git a/include/rule.h b/include/rule.h index 4ea09c52b12e..68d32f10c353 100644 --- a/include/rule.h +++ b/include/rule.h @@ -37,6 +37,11 @@ struct chain_spec { const char *name; }; +struct set_spec { + struct location location; + const char *name; +}; + /** * struct handle - handle for tables, chains, rules and sets * @@ -54,7 +59,7 @@ struct handle { uint32_t family; struct table_spec table; struct chain_spec chain; - const char *set; + struct set_spec set; const char *obj; const char *flowtable; struct handle_spec handle; diff --git a/src/evaluate.c b/src/evaluate.c index 78ff6071230a..79fa3221e20d 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -84,7 +84,7 @@ static struct expr *implicit_set_declaration(struct eval_ctx *ctx, set = set_alloc(&expr->location); set->flags = NFT_SET_ANONYMOUS | expr->set_flags; - set->handle.set = xstrdup(name); + set->handle.set.name = xstrdup(name); set->key = key; set->init = expr; set->automerge = set->flags & NFT_SET_INTERVAL; @@ -2749,10 +2749,10 @@ static int setelem_evaluate(struct eval_ctx *ctx, struct expr **expr) return cmd_error(ctx, "Could not process rule: Table '%s' does not exist", ctx->cmd->handle.table.name); - set = set_lookup(table, ctx->cmd->handle.set); + set = set_lookup(table, ctx->cmd->handle.set.name); if (set == NULL) return cmd_error(ctx, "Could not process rule: Set '%s' does not exist", - ctx->cmd->handle.set); + ctx->cmd->handle.set.name); ctx->set = set; expr_set_context(&ctx->ectx, set->key->dtype, set->key->len); @@ -2813,7 +2813,7 @@ static int set_evaluate(struct eval_ctx *ctx, struct set *set) } ctx->set = NULL; - if (set_lookup(table, set->handle.set) == NULL) + if (set_lookup(table, set->handle.set.name) == NULL) set_add_hash(set_get(set), table); /* Default timeout value implies timeout support */ @@ -3089,10 +3089,10 @@ static int cmd_evaluate_get(struct eval_ctx *ctx, struct cmd *cmd) if (table == NULL) return cmd_error(ctx, "Could not process rule: Table '%s' does not exist", cmd->handle.table.name); - set = set_lookup(table, cmd->handle.set); + set = set_lookup(table, cmd->handle.set.name); if (set == NULL || set->flags & (NFT_SET_MAP | NFT_SET_EVAL)) return cmd_error(ctx, "Could not process rule: Set '%s' does not exist", - cmd->handle.set); + cmd->handle.set.name); return setelem_evaluate(ctx, &cmd->expr); default: @@ -3144,30 +3144,30 @@ static int cmd_evaluate_list(struct eval_ctx *ctx, struct cmd *cmd) if (table == NULL) return cmd_error(ctx, "Could not process rule: Table '%s' does not exist", cmd->handle.table.name); - set = set_lookup(table, cmd->handle.set); + set = set_lookup(table, cmd->handle.set.name); if (set == NULL || set->flags & (NFT_SET_MAP | NFT_SET_EVAL)) return cmd_error(ctx, "Could not process rule: Set '%s' does not exist", - cmd->handle.set); + cmd->handle.set.name); return 0; case CMD_OBJ_METER: table = table_lookup(&cmd->handle, ctx->cache); if (table == NULL) return cmd_error(ctx, "Could not process rule: Table '%s' does not exist", cmd->handle.table.name); - set = set_lookup(table, cmd->handle.set); + set = set_lookup(table, cmd->handle.set.name); if (set == NULL || !(set->flags & NFT_SET_EVAL)) return cmd_error(ctx, "Could not process rule: Meter '%s' does not exist", - cmd->handle.set); + cmd->handle.set.name); return 0; case CMD_OBJ_MAP: table = table_lookup(&cmd->handle, ctx->cache); if (table == NULL) return cmd_error(ctx, "Could not process rule: Table '%s' does not exist", cmd->handle.table.name); - set = set_lookup(table, cmd->handle.set); + set = set_lookup(table, cmd->handle.set.name); if (set == NULL || !(set->flags & NFT_SET_MAP)) return cmd_error(ctx, "Could not process rule: Map '%s' does not exist", - cmd->handle.set); + cmd->handle.set.name); return 0; case CMD_OBJ_CHAIN: table = table_lookup(&cmd->handle, ctx->cache); @@ -3260,10 +3260,10 @@ static int cmd_evaluate_flush(struct eval_ctx *ctx, struct cmd *cmd) if (table == NULL) return cmd_error(ctx, "Could not process rule: Table '%s' does not exist", cmd->handle.table.name); - set = set_lookup(table, cmd->handle.set); + set = set_lookup(table, cmd->handle.set.name); if (set == NULL || set->flags & (NFT_SET_MAP | NFT_SET_EVAL)) return cmd_error(ctx, "Could not process rule: Set '%s' does not exist", - cmd->handle.set); + cmd->handle.set.name); return 0; case CMD_OBJ_MAP: ret = cache_update(ctx->nf_sock, ctx->cache, cmd->op, ctx->msgs, @@ -3275,10 +3275,10 @@ static int cmd_evaluate_flush(struct eval_ctx *ctx, struct cmd *cmd) if (table == NULL) return cmd_error(ctx, "Could not process rule: Table '%s' does not exist", cmd->handle.table.name); - set = set_lookup(table, cmd->handle.set); + set = set_lookup(table, cmd->handle.set.name); if (set == NULL || !(set->flags & NFT_SET_MAP)) return cmd_error(ctx, "Could not process rule: Map '%s' does not exist", - cmd->handle.set); + cmd->handle.set.name); return 0; case CMD_OBJ_METER: ret = cache_update(ctx->nf_sock, ctx->cache, cmd->op, ctx->msgs, @@ -3290,10 +3290,10 @@ static int cmd_evaluate_flush(struct eval_ctx *ctx, struct cmd *cmd) if (table == NULL) return cmd_error(ctx, "Could not process rule: Table '%s' does not exist", cmd->handle.table.name); - set = set_lookup(table, cmd->handle.set); + set = set_lookup(table, cmd->handle.set.name); if (set == NULL || !(set->flags & NFT_SET_EVAL)) return cmd_error(ctx, "Could not process rule: Meter '%s' does not exist", - cmd->handle.set); + cmd->handle.set.name); return 0; default: BUG("invalid command object type %u\n", cmd->obj); diff --git a/src/expression.c b/src/expression.c index e698b14c969c..239cf8825c4f 100644 --- a/src/expression.c +++ b/src/expression.c @@ -978,11 +978,11 @@ static void set_ref_expr_print(const struct expr *expr, struct output_ctx *octx) { if (expr->set->flags & NFT_SET_ANONYMOUS) { if (expr->set->flags & NFT_SET_EVAL) - nft_print(octx, "%s", expr->set->handle.set); + nft_print(octx, "%s", expr->set->handle.set.name); else expr_print(expr->set->init, octx); } else { - nft_print(octx, "@%s", expr->set->handle.set); + nft_print(octx, "@%s", expr->set->handle.set.name); } } diff --git a/src/netlink.c b/src/netlink.c index e33e094e1992..e465daa79c84 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -192,8 +192,8 @@ struct nftnl_set *alloc_nftnl_set(const struct handle *h) nftnl_set_set_u32(nls, NFTNL_SET_FAMILY, h->family); nftnl_set_set_str(nls, NFTNL_SET_TABLE, h->table.name); - if (h->set != NULL) - nftnl_set_set_str(nls, NFTNL_SET_NAME, h->set); + if (h->set.name != NULL) + nftnl_set_set_str(nls, NFTNL_SET_NAME, h->set.name); if (h->set_id) nftnl_set_set_u32(nls, NFTNL_SET_ID, h->set_id); if (h->handle.id) @@ -926,7 +926,7 @@ struct set *netlink_delinearize_set(struct netlink_ctx *ctx, set = set_alloc(&netlink_location); set->handle.family = nftnl_set_get_u32(nls, NFTNL_SET_FAMILY); set->handle.table.name = xstrdup(nftnl_set_get_str(nls, NFTNL_SET_TABLE)); - set->handle.set = xstrdup(nftnl_set_get_str(nls, NFTNL_SET_NAME)); + set->handle.set.name = xstrdup(nftnl_set_get_str(nls, NFTNL_SET_NAME)); set->automerge = automerge; set->key = constant_expr_alloc(&netlink_location, diff --git a/src/netlink_linearize.c b/src/netlink_linearize.c index 6c49969bf5a9..2ab8accf0bf4 100644 --- a/src/netlink_linearize.c +++ b/src/netlink_linearize.c @@ -265,7 +265,7 @@ static void netlink_gen_map(struct netlink_linearize_ctx *ctx, netlink_put_register(nle, NFTNL_EXPR_LOOKUP_SREG, sreg); netlink_put_register(nle, NFTNL_EXPR_LOOKUP_DREG, dreg); nftnl_expr_set_str(nle, NFTNL_EXPR_LOOKUP_SET, - expr->mappings->set->handle.set); + expr->mappings->set->handle.set.name); nftnl_expr_set_u32(nle, NFTNL_EXPR_LOOKUP_SET_ID, expr->mappings->set->handle.set_id); @@ -291,7 +291,7 @@ static void netlink_gen_lookup(struct netlink_linearize_ctx *ctx, nle = alloc_nft_expr("lookup"); netlink_put_register(nle, NFTNL_EXPR_LOOKUP_SREG, sreg); nftnl_expr_set_str(nle, NFTNL_EXPR_LOOKUP_SET, - expr->right->set->handle.set); + expr->right->set->handle.set.name); nftnl_expr_set_u32(nle, NFTNL_EXPR_LOOKUP_SET_ID, expr->right->set->handle.set_id); if (expr->op == OP_NEQ) @@ -716,7 +716,7 @@ static void netlink_gen_objref_stmt(struct netlink_linearize_ctx *ctx, nftnl_expr_set_u32(nle, NFTNL_EXPR_OBJREF_SET_SREG, sreg_key); nftnl_expr_set_str(nle, NFTNL_EXPR_OBJREF_SET_NAME, - expr->mappings->set->handle.set); + expr->mappings->set->handle.set.name); nftnl_expr_set_u32(nle, NFTNL_EXPR_OBJREF_SET_ID, expr->mappings->set->handle.set_id); break; @@ -1172,7 +1172,7 @@ static void netlink_gen_set_stmt(struct netlink_linearize_ctx *ctx, nftnl_expr_set_u64(nle, NFTNL_EXPR_DYNSET_TIMEOUT, stmt->set.key->timeout); nftnl_expr_set_u32(nle, NFTNL_EXPR_DYNSET_OP, stmt->set.op); - nftnl_expr_set_str(nle, NFTNL_EXPR_DYNSET_SET_NAME, set->handle.set); + nftnl_expr_set_str(nle, NFTNL_EXPR_DYNSET_SET_NAME, set->handle.set.name); nftnl_expr_set_u32(nle, NFTNL_EXPR_DYNSET_SET_ID, set->handle.set_id); nftnl_rule_add_expr(ctx->nlr, nle); } @@ -1228,7 +1228,7 @@ static void netlink_gen_meter_stmt(struct netlink_linearize_ctx *ctx, nftnl_expr_set_u64(nle, NFTNL_EXPR_DYNSET_TIMEOUT, stmt->meter.key->timeout); nftnl_expr_set_u32(nle, NFTNL_EXPR_DYNSET_OP, op); - nftnl_expr_set_str(nle, NFTNL_EXPR_DYNSET_SET_NAME, set->handle.set); + nftnl_expr_set_str(nle, NFTNL_EXPR_DYNSET_SET_NAME, set->handle.set.name); nftnl_expr_set_u32(nle, NFTNL_EXPR_DYNSET_SET_ID, set->handle.set_id); nftnl_expr_set(nle, NFTNL_EXPR_DYNSET_EXPR, netlink_gen_stmt_stateful(ctx, stmt->meter.stmt), 0); diff --git a/src/parser_bison.y b/src/parser_bison.y index 1d44189775f0..e4b83523b411 100644 --- a/src/parser_bison.y +++ b/src/parser_bison.y @@ -1886,7 +1886,8 @@ chain_identifier : identifier set_spec : table_spec identifier { $$ = $1; - $$.set = $2; + $$.set.name = $2; + $$.set.location = @2; } ; @@ -1901,7 +1902,8 @@ setid_spec : table_spec HANDLE NUM set_identifier : identifier { memset(&$$, 0, sizeof($$)); - $$.set = $1; + $$.set.name = $1; + $$.set.location = @1; } ; diff --git a/src/rule.c b/src/rule.c index bbf23a6bcb50..7d18bd08c1fb 100644 --- a/src/rule.c +++ b/src/rule.c @@ -32,7 +32,7 @@ void handle_free(struct handle *h) { xfree(h->table.name); xfree(h->chain.name); - xfree(h->set); + xfree(h->set.name); xfree(h->flowtable); } @@ -44,8 +44,8 @@ void handle_merge(struct handle *dst, const struct handle *src) dst->table.name = xstrdup(src->table.name); if (dst->chain.name == NULL && src->chain.name != NULL) dst->chain.name = xstrdup(src->chain.name); - if (dst->set == NULL && src->set != NULL) - dst->set = xstrdup(src->set); + if (dst->set.name == NULL && src->set.name != NULL) + dst->set.name = xstrdup(src->set.name); if (dst->flowtable == NULL && src->flowtable != NULL) dst->flowtable = xstrdup(src->flowtable); if (dst->obj == NULL && src->obj != NULL) @@ -257,7 +257,7 @@ struct set *set_lookup(const struct table *table, const char *name) struct set *set; list_for_each_entry(set, &table->sets, list) { - if (!strcmp(set->handle.set, name)) + if (!strcmp(set->handle.set.name, name)) return set; } return NULL; @@ -322,7 +322,7 @@ static void set_print_declaration(const struct set *set, if (opts->table != NULL) nft_print(octx, " %s", opts->table); - nft_print(octx, " %s {", set->handle.set); + nft_print(octx, " %s {", set->handle.set.name); if (octx->handle > 0) nft_print(octx, " # handle %" PRIu64, set->handle.handle.id); @@ -1100,7 +1100,7 @@ static int do_add_setelems(struct netlink_ctx *ctx, struct cmd *cmd, struct set *set; table = table_lookup(h, ctx->cache); - set = set_lookup(table, h->set); + set = set_lookup(table, h->set.name); if (set->flags & NFT_SET_INTERVAL && set_to_intervals(ctx->msgs, set, init, true, @@ -1212,7 +1212,7 @@ static int do_delete_setelems(struct netlink_ctx *ctx, struct cmd *cmd) struct set *set; table = table_lookup(h, ctx->cache); - set = set_lookup(table, h->set); + set = set_lookup(table, h->set.name); if (set->flags & NFT_SET_INTERVAL && set_to_intervals(ctx->msgs, set, expr, false, @@ -1800,7 +1800,7 @@ static int do_list_set(struct netlink_ctx *ctx, struct cmd *cmd, { struct set *set; - set = set_lookup(table, cmd->handle.set); + set = set_lookup(table, cmd->handle.set.name); if (set == NULL) return -1; @@ -1867,7 +1867,7 @@ static int do_get_setelems(struct netlink_ctx *ctx, struct cmd *cmd, struct expr *init; int err; - set = set_lookup(table, cmd->handle.set); + set = set_lookup(table, cmd->handle.set.name); /* Create a list of elements based of what we got from command line. */ if (set->flags & NFT_SET_INTERVAL) diff --git a/src/segtree.c b/src/segtree.c index 5939d8fc7b4a..e1339daf1341 100644 --- a/src/segtree.c +++ b/src/segtree.c @@ -686,7 +686,7 @@ void get_set_decompose(struct table *table, struct set *set) } else { if (left) { left = get_set_interval_end(table, - set->handle.set, + set->handle.set.name, left); compound_expr_add(new_init, left); } @@ -694,7 +694,7 @@ void get_set_decompose(struct table *table, struct set *set) } } if (left) { - left = get_set_interval_end(table, set->handle.set, left); + left = get_set_interval_end(table, set->handle.set.name, left); compound_expr_add(new_init, left); } -- 2.11.0 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html