Commit d583e88e authored by Daniel Borkmann's avatar Daniel Borkmann Committed by Stephen Hemminger

ip, realms: also allow to pass in raw realms value

If get_rt_realms() fails, try to get a possible raw u32 realms
value for the u32 RTA_FLOW/FRA_FLOW attribute, as it might be
useful to directly configure the hex value itself. And only if
that fails, then bail out.

The source realm is provided in the upper u16 (mask: 0xffff0000)
and the destination realm through the lower u16 part (mask:
0x0000ffff). This can be useful for tc's bpf realm matcher, but
also a full hex/mask param can be provided already for matching
through iptables' --realm cmdline option, for example.
Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
parent 89bb4c6a
...@@ -4,7 +4,6 @@ ...@@ -4,7 +4,6 @@
char *rtnl_rtntype_n2a(int id, char *buf, int len); char *rtnl_rtntype_n2a(int id, char *buf, int len);
int rtnl_rtntype_a2n(int *id, char *arg); int rtnl_rtntype_a2n(int *id, char *arg);
int get_rt_realms(__u32 *realms, char *arg); int get_rt_realms_or_raw(__u32 *realms, char *arg);
#endif /* __RTM_MAP_H__ */ #endif /* __RTM_MAP_H__ */
...@@ -749,7 +749,7 @@ static int parse_one_nh(struct rtmsg *r, struct rtattr *rta, ...@@ -749,7 +749,7 @@ static int parse_one_nh(struct rtmsg *r, struct rtattr *rta,
} else if (matches(*argv, "realms") == 0) { } else if (matches(*argv, "realms") == 0) {
__u32 realm; __u32 realm;
NEXT_ARG(); NEXT_ARG();
if (get_rt_realms(&realm, *argv)) if (get_rt_realms_or_raw(&realm, *argv))
invarg("\"realm\" value is invalid\n", *argv); invarg("\"realm\" value is invalid\n", *argv);
rta_addattr32(rta, 4096, RTA_FLOW, realm); rta_addattr32(rta, 4096, RTA_FLOW, realm);
rtnh->rtnh_len += sizeof(struct rtattr) + 4; rtnh->rtnh_len += sizeof(struct rtattr) + 4;
...@@ -1050,7 +1050,7 @@ static int iproute_modify(int cmd, unsigned flags, int argc, char **argv) ...@@ -1050,7 +1050,7 @@ static int iproute_modify(int cmd, unsigned flags, int argc, char **argv)
} else if (matches(*argv, "realms") == 0) { } else if (matches(*argv, "realms") == 0) {
__u32 realm; __u32 realm;
NEXT_ARG(); NEXT_ARG();
if (get_rt_realms(&realm, *argv)) if (get_rt_realms_or_raw(&realm, *argv))
invarg("\"realm\" value is invalid\n", *argv); invarg("\"realm\" value is invalid\n", *argv);
addattr32(&req.n, sizeof(req), RTA_FLOW, realm); addattr32(&req.n, sizeof(req), RTA_FLOW, realm);
} else if (strcmp(*argv, "onlink") == 0) { } else if (strcmp(*argv, "onlink") == 0) {
...@@ -1383,7 +1383,7 @@ static int iproute_list_flush_or_save(int argc, char **argv, int action) ...@@ -1383,7 +1383,7 @@ static int iproute_list_flush_or_save(int argc, char **argv, int action)
} else if (matches(*argv, "realms") == 0) { } else if (matches(*argv, "realms") == 0) {
__u32 realm; __u32 realm;
NEXT_ARG(); NEXT_ARG();
if (get_rt_realms(&realm, *argv)) if (get_rt_realms_or_raw(&realm, *argv))
invarg("invalid realms\n", *argv); invarg("invalid realms\n", *argv);
filter.realm = realm; filter.realm = realm;
filter.realmmask = ~0U; filter.realmmask = ~0U;
......
...@@ -391,7 +391,7 @@ static int iprule_modify(int cmd, int argc, char **argv) ...@@ -391,7 +391,7 @@ static int iprule_modify(int cmd, int argc, char **argv)
} else if (matches(*argv, "realms") == 0) { } else if (matches(*argv, "realms") == 0) {
__u32 realm; __u32 realm;
NEXT_ARG(); NEXT_ARG();
if (get_rt_realms(&realm, *argv)) if (get_rt_realms_or_raw(&realm, *argv))
invarg("invalid realms\n", *argv); invarg("invalid realms\n", *argv);
addattr32(&req.n, sizeof(req), FRA_FLOW, realm); addattr32(&req.n, sizeof(req), FRA_FLOW, realm);
} else if (matches(*argv, "table") == 0 || } else if (matches(*argv, "table") == 0 ||
......
...@@ -93,7 +93,7 @@ int rtnl_rtntype_a2n(int *id, char *arg) ...@@ -93,7 +93,7 @@ int rtnl_rtntype_a2n(int *id, char *arg)
return 0; return 0;
} }
int get_rt_realms(__u32 *realms, char *arg) static int get_rt_realms(__u32 *realms, char *arg)
{ {
__u32 realm = 0; __u32 realm = 0;
char *p = strchr(arg, '/'); char *p = strchr(arg, '/');
...@@ -114,3 +114,11 @@ int get_rt_realms(__u32 *realms, char *arg) ...@@ -114,3 +114,11 @@ int get_rt_realms(__u32 *realms, char *arg)
*realms |= realm; *realms |= realm;
return 0; return 0;
} }
int get_rt_realms_or_raw(__u32 *realms, char *arg)
{
if (!get_rt_realms(realms, arg))
return 0;
return get_unsigned(realms, arg, 0);
}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment