netfilter: bitwise: add NFTA_BITWISE_DATA attribute. (779f725e) · Commits · 戴 / test

include/uapi/linux/netfilter/nf_tables.h

+3 −0

Original line number	Diff line number	Diff line
		@@ -503,6 +503,8 @@ enum nft_bitwise_ops {
		* @NFTA_BITWISE_MASK: mask value (NLA_NESTED: nft_data_attributes)
		* @NFTA_BITWISE_XOR: xor value (NLA_NESTED: nft_data_attributes)
		* @NFTA_BITWISE_OP: type of operation (NLA_U32: nft_bitwise_ops)
		* @NFTA_BITWISE_DATA: argument for non-boolean operations
		* (NLA_NESTED: nft_data_attributes)
		*
		* The bitwise expression performs the following operation:
		*
		@@ -524,6 +526,7 @@ enum nft_bitwise_attributes {
		NFTA_BITWISE_MASK,
		NFTA_BITWISE_XOR,
		NFTA_BITWISE_OP,
		NFTA_BITWISE_DATA,
		__NFTA_BITWISE_MAX
		};
		#define NFTA_BITWISE_MAX (__NFTA_BITWISE_MAX - 1)

+5 −0

Original line number	Diff line number	Diff line
		@@ -22,6 +22,7 @@ struct nft_bitwise {
		u8 len;
		struct nft_data mask;
		struct nft_data xor;
		struct nft_data data;
		};

		static void nft_bitwise_eval_bool(u32 dst, const u32 src,
		@@ -54,6 +55,7 @@ static const struct nla_policy nft_bitwise_policy[NFTA_BITWISE_MAX + 1] = {
		[NFTA_BITWISE_MASK] = { .type = NLA_NESTED },
		[NFTA_BITWISE_XOR] = { .type = NLA_NESTED },
		[NFTA_BITWISE_OP] = { .type = NLA_U32 },
		[NFTA_BITWISE_DATA] = { .type = NLA_NESTED },
		};

		static int nft_bitwise_init_bool(struct nft_bitwise *priv,
		@@ -62,6 +64,9 @@ static int nft_bitwise_init_bool(struct nft_bitwise *priv,
		struct nft_data_desc d1, d2;
		int err;

		if (tb[NFTA_BITWISE_DATA])
		return -EINVAL;

		if (!tb[NFTA_BITWISE_MASK] \|\|
		!tb[NFTA_BITWISE_XOR])
		return -EINVAL;