A better way to implement this from userspace has been found without specific code in the kernel side, revert this. Fixes: bb4b75aea5c0 ("expr: add map lookups for hash statements") Signed-off-by: Laura Garcia Liebana <nevola@xxxxxxxxx> --- include/libnftnl/expr.h | 4 ++-- include/linux/netfilter/nf_tables.h | 4 ++-- src/expr/hash.c | 43 ------------------------------------- 3 files changed, 4 insertions(+), 47 deletions(-) diff --git a/include/libnftnl/expr.h b/include/libnftnl/expr.h index 7d128fe..3d99d24 100644 --- a/include/libnftnl/expr.h +++ b/include/libnftnl/expr.h @@ -259,8 +259,8 @@ enum { NFTNL_EXPR_HASH_SEED, NFTNL_EXPR_HASH_OFFSET, NFTNL_EXPR_HASH_TYPE, - NFTNL_EXPR_HASH_SET_NAME, - NFTNL_EXPR_HASH_SET_ID, + NFTNL_EXPR_HASH_SET_NAME, /* deprecated */ + NFTNL_EXPR_HASH_SET_ID, /* deprecated */ }; enum { diff --git a/include/linux/netfilter/nf_tables.h b/include/linux/netfilter/nf_tables.h index 9075cbf..a3541b5 100644 --- a/include/linux/netfilter/nf_tables.h +++ b/include/linux/netfilter/nf_tables.h @@ -870,8 +870,8 @@ enum nft_hash_attributes { NFTA_HASH_SEED, NFTA_HASH_OFFSET, NFTA_HASH_TYPE, - NFTA_HASH_SET_NAME, - NFTA_HASH_SET_ID, + NFTA_HASH_SET_NAME, /* deprecated */ + NFTA_HASH_SET_ID, /* deprecated */ __NFTA_HASH_MAX, }; #define NFTA_HASH_MAX (__NFTA_HASH_MAX - 1) diff --git a/src/expr/hash.c b/src/expr/hash.c index f553a3c..2c801d2 100644 --- a/src/expr/hash.c +++ b/src/expr/hash.c @@ -28,10 +28,6 @@ struct nftnl_expr_hash { unsigned int modulus; unsigned int seed; unsigned int offset; - struct { - const char *name; - uint32_t id; - } map; }; static int @@ -61,14 +57,6 @@ nftnl_expr_hash_set(struct nftnl_expr *e, uint16_t type, case NFTNL_EXPR_HASH_TYPE: memcpy(&hash->type, data, sizeof(hash->type)); break; - case NFTNL_EXPR_HASH_SET_NAME: - hash->map.name = strdup(data); - if (!hash->map.name) - return -1; - break; - case NFTNL_EXPR_HASH_SET_ID: - memcpy(&hash->map.id, data, sizeof(hash->map.id)); - break; default: return -1; } @@ -103,12 +91,6 @@ nftnl_expr_hash_get(const struct nftnl_expr *e, uint16_t type, case NFTNL_EXPR_HASH_TYPE: *data_len = sizeof(hash->type); return &hash->type; - case NFTNL_EXPR_HASH_SET_NAME: - *data_len = strlen(hash->map.name) + 1; - return hash->map.name; - case NFTNL_EXPR_HASH_SET_ID: - *data_len = sizeof(hash->map.id); - return &hash->map.id; } return NULL; } @@ -129,14 +111,9 @@ static int nftnl_expr_hash_cb(const struct nlattr *attr, void *data) case NFTA_HASH_SEED: case NFTA_HASH_OFFSET: case NFTA_HASH_TYPE: - case NFTA_HASH_SET_ID: if (mnl_attr_validate(attr, MNL_TYPE_U32) < 0) abi_breakage(); break; - case NFTA_HASH_SET_NAME: - if (mnl_attr_validate(attr, MNL_TYPE_STRING) < 0) - abi_breakage(); - break; } tb[type] = attr; @@ -162,10 +139,6 @@ nftnl_expr_hash_build(struct nlmsghdr *nlh, const struct nftnl_expr *e) mnl_attr_put_u32(nlh, NFTA_HASH_OFFSET, htonl(hash->offset)); if (e->flags & (1 << NFTNL_EXPR_HASH_TYPE)) mnl_attr_put_u32(nlh, NFTA_HASH_TYPE, htonl(hash->type)); - if (e->flags & (1 << NFTNL_EXPR_HASH_SET_NAME)) - mnl_attr_put_str(nlh, NFTA_HASH_SET_NAME, hash->map.name); - if (e->flags & (1 << NFTNL_EXPR_HASH_SET_ID)) - mnl_attr_put_u32(nlh, NFTA_HASH_SET_ID, htonl(hash->map.id)); } static int @@ -206,16 +179,6 @@ nftnl_expr_hash_parse(struct nftnl_expr *e, struct nlattr *attr) hash->type = ntohl(mnl_attr_get_u32(tb[NFTA_HASH_TYPE])); e->flags |= (1 << NFTNL_EXPR_HASH_TYPE); } - if (tb[NFTA_HASH_SET_NAME]) { - hash->map.name = - strdup(mnl_attr_get_str(tb[NFTA_HASH_SET_NAME])); - e->flags |= (1 << NFTNL_EXPR_HASH_SET_NAME); - } - if (tb[NFTA_HASH_SET_ID]) { - hash->map.id = - ntohl(mnl_attr_get_u32(tb[NFTA_HASH_SET_ID])); - e->flags |= (1 << NFTNL_EXPR_HASH_SET_ID); - } return ret; } @@ -252,12 +215,6 @@ nftnl_expr_hash_snprintf_default(char *buf, size_t size, SNPRINTF_BUFFER_SIZE(ret, remain, offset); } - if (hash->map.id) { - ret = snprintf(buf + offset, remain, "set %s id %u ", - hash->map.name, hash->map.id); - SNPRINTF_BUFFER_SIZE(ret, remain, offset); - } - return offset; } -- 2.11.0