netfilter: ipset: Expose the initval hash parameter to userspace (3976ca10) · Commits · 戴 / test

include/uapi/linux/netfilter/ipset/ip_set.h

+1 −1

Original line number	Diff line number	Diff line
		@@ -92,7 +92,7 @@ enum {
		/* Reserve empty slots */
		IPSET_ATTR_CADT_MAX = 16,
		/* Create-only specific attributes */
		IPSET_ATTR_GC,
		IPSET_ATTR_INITVAL, /* was unused IPSET_ATTR_GC */
		IPSET_ATTR_HASHSIZE,
		IPSET_ATTR_MAXELEM,
		IPSET_ATTR_NETMASK,

+9 −4

Original line number	Diff line number	Diff line
		@@ -1301,9 +1301,11 @@ mtype_head(struct ip_set set, struct sk_buff skb)
		if (nla_put_u32(skb, IPSET_ATTR_MARKMASK, h->markmask))
		goto nla_put_failure;
		#endif
		if (set->flags & IPSET_CREATE_FLAG_BUCKETSIZE &&
		nla_put_u8(skb, IPSET_ATTR_BUCKETSIZE, h->bucketsize))
		if (set->flags & IPSET_CREATE_FLAG_BUCKETSIZE) {
		if (nla_put_u8(skb, IPSET_ATTR_BUCKETSIZE, h->bucketsize) \|\|
		nla_put_net32(skb, IPSET_ATTR_INITVAL, htonl(h->initval)))
		goto nla_put_failure;
		}
		if (nla_put_net32(skb, IPSET_ATTR_REFERENCES, htonl(set->ref)) \|\|
		nla_put_net32(skb, IPSET_ATTR_MEMSIZE, htonl(memsize)) \|\|
		nla_put_net32(skb, IPSET_ATTR_ELEMENTS, htonl(elements)))
		@@ -1546,6 +1548,9 @@ IPSET_TOKEN(HTYPE, _create)(struct net net, struct ip_set set,
		#ifdef IP_SET_HASH_WITH_MARKMASK
		h->markmask = markmask;
		#endif
		if (tb[IPSET_ATTR_INITVAL])
		h->initval = ntohl(nla_get_be32(tb[IPSET_ATTR_INITVAL]));
		else
		get_random_bytes(&h->initval, sizeof(h->initval));
		h->bucketsize = AHASH_MAX_SIZE;
		if (tb[IPSET_ATTR_BUCKETSIZE]) {

+2 −1

Original line number	Diff line number	Diff line
		@@ -24,7 +24,7 @@
		/* 2 Comments support */
		/* 3 Forceadd support */
		/* 4 skbinfo support */
		#define IPSET_TYPE_REV_MAX 5 /* bucketsize support */
		#define IPSET_TYPE_REV_MAX 5 /* bucketsize, initval support */

		MODULE_LICENSE("GPL");
		MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@netfilter.org>");
		@@ -283,6 +283,7 @@ static struct ip_set_type hash_ip_type __read_mostly = {
		.create_policy = {
		[IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 },
		[IPSET_ATTR_MAXELEM] = { .type = NLA_U32 },
		[IPSET_ATTR_INITVAL] = { .type = NLA_U32 },
		[IPSET_ATTR_BUCKETSIZE] = { .type = NLA_U8 },
		[IPSET_ATTR_RESIZE] = { .type = NLA_U8 },
		[IPSET_ATTR_TIMEOUT] = { .type = NLA_U32 },

+2 −1

Original line number	Diff line number	Diff line
		@@ -23,7 +23,7 @@
		#include <linux/netfilter/ipset/ip_set_hash.h>

		#define IPSET_TYPE_REV_MIN 0
		#define IPSET_TYPE_REV_MAX 1 /* bucketsize support */
		#define IPSET_TYPE_REV_MAX 1 /* bucketsize, initval support */

		MODULE_LICENSE("GPL");
		MODULE_AUTHOR("Tomasz Chilinski <tomasz.chilinski@chilan.com>");
		@@ -273,6 +273,7 @@ static struct ip_set_type hash_ipmac_type __read_mostly = {
		.create_policy = {
		[IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 },
		[IPSET_ATTR_MAXELEM] = { .type = NLA_U32 },
		[IPSET_ATTR_INITVAL] = { .type = NLA_U32 },
		[IPSET_ATTR_BUCKETSIZE] = { .type = NLA_U8 },
		[IPSET_ATTR_RESIZE] = { .type = NLA_U8 },
		[IPSET_ATTR_TIMEOUT] = { .type = NLA_U32 },

+2 −1

Original line number	Diff line number	Diff line
		@@ -22,7 +22,7 @@
		#define IPSET_TYPE_REV_MIN 0
		/* 1 Forceadd support */
		/* 2 skbinfo support */
		#define IPSET_TYPE_REV_MAX 3 /* bucketsize support */
		#define IPSET_TYPE_REV_MAX 3 /* bucketsize, initval support */

		MODULE_LICENSE("GPL");
		MODULE_AUTHOR("Vytas Dauksa <vytas.dauksa@smoothwall.net>");
		@@ -281,6 +281,7 @@ static struct ip_set_type hash_ipmark_type __read_mostly = {
		[IPSET_ATTR_MARKMASK] = { .type = NLA_U32 },
		[IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 },
		[IPSET_ATTR_MAXELEM] = { .type = NLA_U32 },
		[IPSET_ATTR_INITVAL] = { .type = NLA_U32 },
		[IPSET_ATTR_BUCKETSIZE] = { .type = NLA_U8 },
		[IPSET_ATTR_RESIZE] = { .type = NLA_U8 },
		[IPSET_ATTR_TIMEOUT] = { .type = NLA_U32 },