aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHarald Welte <laforge@netfilter.org>2005-10-10 23:52:19 -0400
committerDavid S. Miller <davem@davemloft.net>2005-10-10 23:52:19 -0400
commitebe0bbf06c9e03613bdcb6b5a704595a9344b7ff (patch)
tree33453cb2cd33095e3a226d0866bdfe1019473646
parentf40863cec87464f3f4ec3a6c00e3fda3bbb0c91b (diff)
[NETFILTER] nfnetlink: use highest bit of nfa_type to indicate nested TLV
As Henrik Nordstrom pointed out, all our efforts with "split endian" (i.e. host byte order tags, net byte order values) are useless, unless a parser can determine whether an attribute is nested or not. This patch steals the highest bit of nfattr.nfa_type to indicate whether the data payload contains a nested nfattr (1) or not (0). This will break userspace compatibility, but luckily no kernel with nfnetlink was released so far. Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--include/linux/netfilter/nfnetlink.h12
-rw-r--r--net/netfilter/nfnetlink.c4
2 files changed, 10 insertions, 6 deletions
diff --git a/include/linux/netfilter/nfnetlink.h b/include/linux/netfilter/nfnetlink.h
index 1d5b10ae2399..f08e870100f4 100644
--- a/include/linux/netfilter/nfnetlink.h
+++ b/include/linux/netfilter/nfnetlink.h
@@ -41,11 +41,15 @@ enum nfnetlink_groups {
41struct nfattr 41struct nfattr
42{ 42{
43 u_int16_t nfa_len; 43 u_int16_t nfa_len;
44 u_int16_t nfa_type; 44 u_int16_t nfa_type; /* we use 15 bits for the type, and the highest
45 * bit to indicate whether the payload is nested */
45} __attribute__ ((packed)); 46} __attribute__ ((packed));
46 47
47/* FIXME: Shamelessly copy and pasted from rtnetlink.h, it's time 48/* FIXME: Apart from NFNL_NFA_NESTED shamelessly copy and pasted from
48 * to put this in a generic file */ 49 * rtnetlink.h, it's time to put this in a generic file */
50
51#define NFNL_NFA_NEST 0x8000
52#define NFA_TYPE(attr) ((attr)->nfa_type & 0x7fff)
49 53
50#define NFA_ALIGNTO 4 54#define NFA_ALIGNTO 4
51#define NFA_ALIGN(len) (((len) + NFA_ALIGNTO - 1) & ~(NFA_ALIGNTO - 1)) 55#define NFA_ALIGN(len) (((len) + NFA_ALIGNTO - 1) & ~(NFA_ALIGNTO - 1))
@@ -59,7 +63,7 @@ struct nfattr
59#define NFA_PAYLOAD(nfa) ((int)((nfa)->nfa_len) - NFA_LENGTH(0)) 63#define NFA_PAYLOAD(nfa) ((int)((nfa)->nfa_len) - NFA_LENGTH(0))
60#define NFA_NEST(skb, type) \ 64#define NFA_NEST(skb, type) \
61({ struct nfattr *__start = (struct nfattr *) (skb)->tail; \ 65({ struct nfattr *__start = (struct nfattr *) (skb)->tail; \
62 NFA_PUT(skb, type, 0, NULL); \ 66 NFA_PUT(skb, (NFNL_NFA_NEST | type), 0, NULL); \
63 __start; }) 67 __start; })
64#define NFA_NEST_END(skb, start) \ 68#define NFA_NEST_END(skb, start) \
65({ (start)->nfa_len = ((skb)->tail - (unsigned char *) (start)); \ 69({ (start)->nfa_len = ((skb)->tail - (unsigned char *) (start)); \
diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c
index 1caaca06f698..4bc27a6334c1 100644
--- a/net/netfilter/nfnetlink.c
+++ b/net/netfilter/nfnetlink.c
@@ -133,7 +133,7 @@ int nfattr_parse(struct nfattr *tb[], int maxattr, struct nfattr *nfa, int len)
133 memset(tb, 0, sizeof(struct nfattr *) * maxattr); 133 memset(tb, 0, sizeof(struct nfattr *) * maxattr);
134 134
135 while (NFA_OK(nfa, len)) { 135 while (NFA_OK(nfa, len)) {
136 unsigned flavor = nfa->nfa_type; 136 unsigned flavor = NFA_TYPE(nfa);
137 if (flavor && flavor <= maxattr) 137 if (flavor && flavor <= maxattr)
138 tb[flavor-1] = nfa; 138 tb[flavor-1] = nfa;
139 nfa = NFA_NEXT(nfa, len); 139 nfa = NFA_NEXT(nfa, len);
@@ -177,7 +177,7 @@ nfnetlink_check_attributes(struct nfnetlink_subsystem *subsys,
177 int attrlen = nlh->nlmsg_len - NLMSG_ALIGN(min_len); 177 int attrlen = nlh->nlmsg_len - NLMSG_ALIGN(min_len);
178 178
179 while (NFA_OK(attr, attrlen)) { 179 while (NFA_OK(attr, attrlen)) {
180 unsigned flavor = attr->nfa_type; 180 unsigned flavor = NFA_TYPE(attr);
181 if (flavor) { 181 if (flavor) {
182 if (flavor > attr_count) 182 if (flavor > attr_count)
183 return -EINVAL; 183 return -EINVAL;