Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 1 | /* Copyright (C) 2013 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> |
| 2 | * |
| 3 | * This program is free software; you can redistribute it and/or modify |
| 4 | * it under the terms of the GNU General Public License version 2 as |
| 5 | * published by the Free Software Foundation. |
| 6 | */ |
| 7 | |
| 8 | #ifndef _IP_SET_HASH_GEN_H |
| 9 | #define _IP_SET_HASH_GEN_H |
| 10 | |
| 11 | #include <linux/rcupdate.h> |
| 12 | #include <linux/jhash.h> |
| 13 | #include <linux/netfilter/ipset/ip_set_timeout.h> |
| 14 | #ifndef rcu_dereference_bh |
| 15 | #define rcu_dereference_bh(p) rcu_dereference(p) |
| 16 | #endif |
| 17 | |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 18 | #define rcu_dereference_bh_nfnl(p) rcu_dereference_bh_check(p, 1) |
| 19 | |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 20 | /* Hashing which uses arrays to resolve clashing. The hash table is resized |
| 21 | * (doubled) when searching becomes too long. |
| 22 | * Internally jhash is used with the assumption that the size of the |
| 23 | * stored data is a multiple of sizeof(u32). If storage supports timeout, |
| 24 | * the timeout field must be the last one in the data structure - that field |
| 25 | * is ignored when computing the hash key. |
| 26 | * |
| 27 | * Readers and resizing |
| 28 | * |
| 29 | * Resizing can be triggered by userspace command only, and those |
| 30 | * are serialized by the nfnl mutex. During resizing the set is |
| 31 | * read-locked, so the only possible concurrent operations are |
| 32 | * the kernel side readers. Those must be protected by proper RCU locking. |
| 33 | */ |
| 34 | |
| 35 | /* Number of elements to store in an initial array block */ |
| 36 | #define AHASH_INIT_SIZE 4 |
| 37 | /* Max number of elements to store in an array block */ |
| 38 | #define AHASH_MAX_SIZE (3*AHASH_INIT_SIZE) |
| 39 | |
| 40 | /* Max number of elements can be tuned */ |
| 41 | #ifdef IP_SET_HASH_WITH_MULTI |
| 42 | #define AHASH_MAX(h) ((h)->ahash_max) |
| 43 | |
| 44 | static inline u8 |
| 45 | tune_ahash_max(u8 curr, u32 multi) |
| 46 | { |
| 47 | u32 n; |
| 48 | |
| 49 | if (multi < curr) |
| 50 | return curr; |
| 51 | |
| 52 | n = curr + AHASH_INIT_SIZE; |
| 53 | /* Currently, at listing one hash bucket must fit into a message. |
| 54 | * Therefore we have a hard limit here. |
| 55 | */ |
| 56 | return n > curr && n <= 64 ? n : curr; |
| 57 | } |
| 58 | #define TUNE_AHASH_MAX(h, multi) \ |
| 59 | ((h)->ahash_max = tune_ahash_max((h)->ahash_max, multi)) |
| 60 | #else |
| 61 | #define AHASH_MAX(h) AHASH_MAX_SIZE |
| 62 | #define TUNE_AHASH_MAX(h, multi) |
| 63 | #endif |
| 64 | |
| 65 | /* A hash bucket */ |
| 66 | struct hbucket { |
| 67 | void *value; /* the array of the values */ |
| 68 | u8 size; /* size of the array */ |
| 69 | u8 pos; /* position of the first free entry */ |
| 70 | }; |
| 71 | |
| 72 | /* The hash table: the table size stored here in order to make resizing easy */ |
| 73 | struct htable { |
| 74 | u8 htable_bits; /* size of hash table == 2^htable_bits */ |
| 75 | struct hbucket bucket[0]; /* hashtable buckets */ |
| 76 | }; |
| 77 | |
| 78 | #define hbucket(h, i) (&((h)->bucket[i])) |
| 79 | |
Jozsef Kadlecsik | a04d8b6 | 2013-09-30 09:05:54 +0200 | [diff] [blame^] | 80 | #ifndef IPSET_NET_COUNT |
| 81 | #define IPSET_NET_COUNT 1 |
| 82 | #endif |
| 83 | |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 84 | /* Book-keeping of the prefixes added to the set */ |
| 85 | struct net_prefixes { |
Jozsef Kadlecsik | a04d8b6 | 2013-09-30 09:05:54 +0200 | [diff] [blame^] | 86 | u32 nets[IPSET_NET_COUNT]; /* number of elements per cidr */ |
| 87 | u8 cidr[IPSET_NET_COUNT]; /* the different cidr values in the set */ |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 88 | }; |
| 89 | |
| 90 | /* Compute the hash table size */ |
| 91 | static size_t |
| 92 | htable_size(u8 hbits) |
| 93 | { |
| 94 | size_t hsize; |
| 95 | |
| 96 | /* We must fit both into u32 in jhash and size_t */ |
| 97 | if (hbits > 31) |
| 98 | return 0; |
| 99 | hsize = jhash_size(hbits); |
| 100 | if ((((size_t)-1) - sizeof(struct htable))/sizeof(struct hbucket) |
| 101 | < hsize) |
| 102 | return 0; |
| 103 | |
| 104 | return hsize * sizeof(struct hbucket) + sizeof(struct htable); |
| 105 | } |
| 106 | |
| 107 | /* Compute htable_bits from the user input parameter hashsize */ |
| 108 | static u8 |
| 109 | htable_bits(u32 hashsize) |
| 110 | { |
| 111 | /* Assume that hashsize == 2^htable_bits */ |
| 112 | u8 bits = fls(hashsize - 1); |
| 113 | if (jhash_size(bits) != hashsize) |
| 114 | /* Round up to the first 2^n value */ |
| 115 | bits = fls(hashsize); |
| 116 | |
| 117 | return bits; |
| 118 | } |
| 119 | |
| 120 | /* Destroy the hashtable part of the set */ |
| 121 | static void |
| 122 | ahash_destroy(struct htable *t) |
| 123 | { |
| 124 | struct hbucket *n; |
| 125 | u32 i; |
| 126 | |
| 127 | for (i = 0; i < jhash_size(t->htable_bits); i++) { |
| 128 | n = hbucket(t, i); |
| 129 | if (n->size) |
| 130 | /* FIXME: use slab cache */ |
| 131 | kfree(n->value); |
| 132 | } |
| 133 | |
| 134 | ip_set_free(t); |
| 135 | } |
| 136 | |
| 137 | static int |
| 138 | hbucket_elem_add(struct hbucket *n, u8 ahash_max, size_t dsize) |
| 139 | { |
| 140 | if (n->pos >= n->size) { |
| 141 | void *tmp; |
| 142 | |
| 143 | if (n->size >= ahash_max) |
| 144 | /* Trigger rehashing */ |
| 145 | return -EAGAIN; |
| 146 | |
| 147 | tmp = kzalloc((n->size + AHASH_INIT_SIZE) * dsize, |
| 148 | GFP_ATOMIC); |
| 149 | if (!tmp) |
| 150 | return -ENOMEM; |
| 151 | if (n->size) { |
| 152 | memcpy(tmp, n->value, n->size * dsize); |
| 153 | kfree(n->value); |
| 154 | } |
| 155 | n->value = tmp; |
| 156 | n->size += AHASH_INIT_SIZE; |
| 157 | } |
| 158 | return 0; |
| 159 | } |
| 160 | |
| 161 | #ifdef IP_SET_HASH_WITH_NETS |
| 162 | #ifdef IP_SET_HASH_WITH_NETS_PACKED |
| 163 | /* When cidr is packed with nomatch, cidr - 1 is stored in the entry */ |
| 164 | #define CIDR(cidr) (cidr + 1) |
| 165 | #else |
| 166 | #define CIDR(cidr) (cidr) |
| 167 | #endif |
| 168 | |
| 169 | #define SET_HOST_MASK(family) (family == AF_INET ? 32 : 128) |
| 170 | |
| 171 | #ifdef IP_SET_HASH_WITH_MULTI |
Jozsef Kadlecsik | a04d8b6 | 2013-09-30 09:05:54 +0200 | [diff] [blame^] | 172 | #define NLEN(family) (SET_HOST_MASK(family) + 1) |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 173 | #else |
Jozsef Kadlecsik | a04d8b6 | 2013-09-30 09:05:54 +0200 | [diff] [blame^] | 174 | #define NLEN(family) SET_HOST_MASK(family) |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 175 | #endif |
| 176 | |
| 177 | #else |
Jozsef Kadlecsik | a04d8b6 | 2013-09-30 09:05:54 +0200 | [diff] [blame^] | 178 | #define NLEN(family) 0 |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 179 | #endif /* IP_SET_HASH_WITH_NETS */ |
| 180 | |
| 181 | #define ext_timeout(e, h) \ |
| 182 | (unsigned long *)(((void *)(e)) + (h)->offset[IPSET_OFFSET_TIMEOUT]) |
Jozsef Kadlecsik | 00d71b2 | 2013-04-08 23:11:02 +0200 | [diff] [blame] | 183 | #define ext_counter(e, h) \ |
| 184 | (struct ip_set_counter *)(((void *)(e)) + (h)->offset[IPSET_OFFSET_COUNTER]) |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 185 | |
| 186 | #endif /* _IP_SET_HASH_GEN_H */ |
| 187 | |
| 188 | /* Family dependent templates */ |
| 189 | |
| 190 | #undef ahash_data |
| 191 | #undef mtype_data_equal |
| 192 | #undef mtype_do_data_match |
| 193 | #undef mtype_data_set_flags |
| 194 | #undef mtype_data_reset_flags |
| 195 | #undef mtype_data_netmask |
| 196 | #undef mtype_data_list |
| 197 | #undef mtype_data_next |
| 198 | #undef mtype_elem |
| 199 | |
| 200 | #undef mtype_add_cidr |
| 201 | #undef mtype_del_cidr |
| 202 | #undef mtype_ahash_memsize |
| 203 | #undef mtype_flush |
| 204 | #undef mtype_destroy |
| 205 | #undef mtype_gc_init |
| 206 | #undef mtype_same_set |
| 207 | #undef mtype_kadt |
| 208 | #undef mtype_uadt |
| 209 | #undef mtype |
| 210 | |
| 211 | #undef mtype_add |
| 212 | #undef mtype_del |
| 213 | #undef mtype_test_cidrs |
| 214 | #undef mtype_test |
| 215 | #undef mtype_expire |
| 216 | #undef mtype_resize |
| 217 | #undef mtype_head |
| 218 | #undef mtype_list |
| 219 | #undef mtype_gc |
| 220 | #undef mtype_gc_init |
| 221 | #undef mtype_variant |
| 222 | #undef mtype_data_match |
| 223 | |
| 224 | #undef HKEY |
| 225 | |
Jozsef Kadlecsik | 35b8dcf | 2013-04-30 23:02:43 +0200 | [diff] [blame] | 226 | #define mtype_data_equal IPSET_TOKEN(MTYPE, _data_equal) |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 227 | #ifdef IP_SET_HASH_WITH_NETS |
Jozsef Kadlecsik | 35b8dcf | 2013-04-30 23:02:43 +0200 | [diff] [blame] | 228 | #define mtype_do_data_match IPSET_TOKEN(MTYPE, _do_data_match) |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 229 | #else |
| 230 | #define mtype_do_data_match(d) 1 |
| 231 | #endif |
Jozsef Kadlecsik | 35b8dcf | 2013-04-30 23:02:43 +0200 | [diff] [blame] | 232 | #define mtype_data_set_flags IPSET_TOKEN(MTYPE, _data_set_flags) |
| 233 | #define mtype_data_reset_flags IPSET_TOKEN(MTYPE, _data_reset_flags) |
| 234 | #define mtype_data_netmask IPSET_TOKEN(MTYPE, _data_netmask) |
| 235 | #define mtype_data_list IPSET_TOKEN(MTYPE, _data_list) |
| 236 | #define mtype_data_next IPSET_TOKEN(MTYPE, _data_next) |
| 237 | #define mtype_elem IPSET_TOKEN(MTYPE, _elem) |
| 238 | #define mtype_add_cidr IPSET_TOKEN(MTYPE, _add_cidr) |
| 239 | #define mtype_del_cidr IPSET_TOKEN(MTYPE, _del_cidr) |
| 240 | #define mtype_ahash_memsize IPSET_TOKEN(MTYPE, _ahash_memsize) |
| 241 | #define mtype_flush IPSET_TOKEN(MTYPE, _flush) |
| 242 | #define mtype_destroy IPSET_TOKEN(MTYPE, _destroy) |
| 243 | #define mtype_gc_init IPSET_TOKEN(MTYPE, _gc_init) |
| 244 | #define mtype_same_set IPSET_TOKEN(MTYPE, _same_set) |
| 245 | #define mtype_kadt IPSET_TOKEN(MTYPE, _kadt) |
| 246 | #define mtype_uadt IPSET_TOKEN(MTYPE, _uadt) |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 247 | #define mtype MTYPE |
| 248 | |
Jozsef Kadlecsik | 35b8dcf | 2013-04-30 23:02:43 +0200 | [diff] [blame] | 249 | #define mtype_elem IPSET_TOKEN(MTYPE, _elem) |
| 250 | #define mtype_add IPSET_TOKEN(MTYPE, _add) |
| 251 | #define mtype_del IPSET_TOKEN(MTYPE, _del) |
| 252 | #define mtype_test_cidrs IPSET_TOKEN(MTYPE, _test_cidrs) |
| 253 | #define mtype_test IPSET_TOKEN(MTYPE, _test) |
| 254 | #define mtype_expire IPSET_TOKEN(MTYPE, _expire) |
| 255 | #define mtype_resize IPSET_TOKEN(MTYPE, _resize) |
| 256 | #define mtype_head IPSET_TOKEN(MTYPE, _head) |
| 257 | #define mtype_list IPSET_TOKEN(MTYPE, _list) |
| 258 | #define mtype_gc IPSET_TOKEN(MTYPE, _gc) |
| 259 | #define mtype_variant IPSET_TOKEN(MTYPE, _variant) |
| 260 | #define mtype_data_match IPSET_TOKEN(MTYPE, _data_match) |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 261 | |
| 262 | #ifndef HKEY_DATALEN |
| 263 | #define HKEY_DATALEN sizeof(struct mtype_elem) |
| 264 | #endif |
| 265 | |
| 266 | #define HKEY(data, initval, htable_bits) \ |
| 267 | (jhash2((u32 *)(data), HKEY_DATALEN/sizeof(u32), initval) \ |
| 268 | & jhash_mask(htable_bits)) |
| 269 | |
| 270 | #ifndef htype |
| 271 | #define htype HTYPE |
| 272 | |
| 273 | /* The generic hash structure */ |
| 274 | struct htype { |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 275 | struct htable __rcu *table; /* the hash table */ |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 276 | u32 maxelem; /* max elements in the hash */ |
| 277 | u32 elements; /* current element (vs timeout) */ |
| 278 | u32 initval; /* random jhash init value */ |
| 279 | u32 timeout; /* timeout value, if enabled */ |
| 280 | size_t dsize; /* data struct size */ |
| 281 | size_t offset[IPSET_OFFSET_MAX]; /* Offsets to extensions */ |
| 282 | struct timer_list gc; /* garbage collection when timeout enabled */ |
| 283 | struct mtype_elem next; /* temporary storage for uadd */ |
| 284 | #ifdef IP_SET_HASH_WITH_MULTI |
| 285 | u8 ahash_max; /* max elements in an array block */ |
| 286 | #endif |
| 287 | #ifdef IP_SET_HASH_WITH_NETMASK |
| 288 | u8 netmask; /* netmask value for subnets to store */ |
| 289 | #endif |
| 290 | #ifdef IP_SET_HASH_WITH_RBTREE |
| 291 | struct rb_root rbtree; |
| 292 | #endif |
| 293 | #ifdef IP_SET_HASH_WITH_NETS |
| 294 | struct net_prefixes nets[0]; /* book-keeping of prefixes */ |
| 295 | #endif |
| 296 | }; |
| 297 | #endif |
| 298 | |
| 299 | #ifdef IP_SET_HASH_WITH_NETS |
| 300 | /* Network cidr size book keeping when the hash stores different |
| 301 | * sized networks */ |
| 302 | static void |
Jozsef Kadlecsik | a04d8b6 | 2013-09-30 09:05:54 +0200 | [diff] [blame^] | 303 | mtype_add_cidr(struct htype *h, u8 cidr, u8 nets_length, u8 n) |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 304 | { |
| 305 | int i, j; |
| 306 | |
| 307 | /* Add in increasing prefix order, so larger cidr first */ |
Jozsef Kadlecsik | a04d8b6 | 2013-09-30 09:05:54 +0200 | [diff] [blame^] | 308 | for (i = 0, j = -1; i < nets_length && h->nets[i].nets[n]; i++) { |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 309 | if (j != -1) |
| 310 | continue; |
Jozsef Kadlecsik | a04d8b6 | 2013-09-30 09:05:54 +0200 | [diff] [blame^] | 311 | else if (h->nets[i].cidr[n] < cidr) |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 312 | j = i; |
Jozsef Kadlecsik | a04d8b6 | 2013-09-30 09:05:54 +0200 | [diff] [blame^] | 313 | else if (h->nets[i].cidr[n] == cidr) { |
| 314 | h->nets[i].nets[n]++; |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 315 | return; |
| 316 | } |
| 317 | } |
| 318 | if (j != -1) { |
| 319 | for (; i > j; i--) { |
Jozsef Kadlecsik | a04d8b6 | 2013-09-30 09:05:54 +0200 | [diff] [blame^] | 320 | h->nets[i].cidr[n] = h->nets[i - 1].cidr[n]; |
| 321 | h->nets[i].nets[n] = h->nets[i - 1].nets[n]; |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 322 | } |
| 323 | } |
Jozsef Kadlecsik | a04d8b6 | 2013-09-30 09:05:54 +0200 | [diff] [blame^] | 324 | h->nets[i].cidr[n] = cidr; |
| 325 | h->nets[i].nets[n] = 1; |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 326 | } |
| 327 | |
| 328 | static void |
Jozsef Kadlecsik | a04d8b6 | 2013-09-30 09:05:54 +0200 | [diff] [blame^] | 329 | mtype_del_cidr(struct htype *h, u8 cidr, u8 nets_length, u8 n) |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 330 | { |
Oliver Smith | 2cf5512 | 2013-09-16 20:30:57 +0200 | [diff] [blame] | 331 | u8 i, j, net_end = nets_length - 1; |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 332 | |
Oliver Smith | 2cf5512 | 2013-09-16 20:30:57 +0200 | [diff] [blame] | 333 | for (i = 0; i < nets_length; i++) { |
Jozsef Kadlecsik | a04d8b6 | 2013-09-30 09:05:54 +0200 | [diff] [blame^] | 334 | if (h->nets[i].cidr[n] != cidr) |
Oliver Smith | 2cf5512 | 2013-09-16 20:30:57 +0200 | [diff] [blame] | 335 | continue; |
Jozsef Kadlecsik | a04d8b6 | 2013-09-30 09:05:54 +0200 | [diff] [blame^] | 336 | if (h->nets[i].nets[n] > 1 || i == net_end || |
| 337 | h->nets[i + 1].nets[n] == 0) { |
| 338 | h->nets[i].nets[n]--; |
Oliver Smith | 2cf5512 | 2013-09-16 20:30:57 +0200 | [diff] [blame] | 339 | return; |
| 340 | } |
Jozsef Kadlecsik | a04d8b6 | 2013-09-30 09:05:54 +0200 | [diff] [blame^] | 341 | for (j = i; j < net_end && h->nets[j].nets[n]; j++) { |
| 342 | h->nets[j].cidr[n] = h->nets[j + 1].cidr[n]; |
| 343 | h->nets[j].nets[n] = h->nets[j + 1].nets[n]; |
Oliver Smith | 2cf5512 | 2013-09-16 20:30:57 +0200 | [diff] [blame] | 344 | } |
Jozsef Kadlecsik | a04d8b6 | 2013-09-30 09:05:54 +0200 | [diff] [blame^] | 345 | h->nets[j].nets[n] = 0; |
Oliver Smith | 2cf5512 | 2013-09-16 20:30:57 +0200 | [diff] [blame] | 346 | return; |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 347 | } |
| 348 | } |
| 349 | #endif |
| 350 | |
| 351 | /* Calculate the actual memory size of the set data */ |
| 352 | static size_t |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 353 | mtype_ahash_memsize(const struct htype *h, const struct htable *t, |
| 354 | u8 nets_length) |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 355 | { |
| 356 | u32 i; |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 357 | size_t memsize = sizeof(*h) |
| 358 | + sizeof(*t) |
| 359 | #ifdef IP_SET_HASH_WITH_NETS |
| 360 | + sizeof(struct net_prefixes) * nets_length |
| 361 | #endif |
| 362 | + jhash_size(t->htable_bits) * sizeof(struct hbucket); |
| 363 | |
| 364 | for (i = 0; i < jhash_size(t->htable_bits); i++) |
| 365 | memsize += t->bucket[i].size * h->dsize; |
| 366 | |
| 367 | return memsize; |
| 368 | } |
| 369 | |
| 370 | /* Flush a hash type of set: destroy all elements */ |
| 371 | static void |
| 372 | mtype_flush(struct ip_set *set) |
| 373 | { |
| 374 | struct htype *h = set->data; |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 375 | struct htable *t; |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 376 | struct hbucket *n; |
| 377 | u32 i; |
| 378 | |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 379 | t = rcu_dereference_bh_nfnl(h->table); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 380 | for (i = 0; i < jhash_size(t->htable_bits); i++) { |
| 381 | n = hbucket(t, i); |
| 382 | if (n->size) { |
| 383 | n->size = n->pos = 0; |
| 384 | /* FIXME: use slab cache */ |
| 385 | kfree(n->value); |
| 386 | } |
| 387 | } |
| 388 | #ifdef IP_SET_HASH_WITH_NETS |
Jozsef Kadlecsik | a04d8b6 | 2013-09-30 09:05:54 +0200 | [diff] [blame^] | 389 | memset(h->nets, 0, sizeof(struct net_prefixes) * NLEN(set->family)); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 390 | #endif |
| 391 | h->elements = 0; |
| 392 | } |
| 393 | |
| 394 | /* Destroy a hash type of set */ |
| 395 | static void |
| 396 | mtype_destroy(struct ip_set *set) |
| 397 | { |
| 398 | struct htype *h = set->data; |
| 399 | |
| 400 | if (set->extensions & IPSET_EXT_TIMEOUT) |
| 401 | del_timer_sync(&h->gc); |
| 402 | |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 403 | ahash_destroy(rcu_dereference_bh_nfnl(h->table)); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 404 | #ifdef IP_SET_HASH_WITH_RBTREE |
| 405 | rbtree_destroy(&h->rbtree); |
| 406 | #endif |
| 407 | kfree(h); |
| 408 | |
| 409 | set->data = NULL; |
| 410 | } |
| 411 | |
| 412 | static void |
| 413 | mtype_gc_init(struct ip_set *set, void (*gc)(unsigned long ul_set)) |
| 414 | { |
| 415 | struct htype *h = set->data; |
| 416 | |
| 417 | init_timer(&h->gc); |
| 418 | h->gc.data = (unsigned long) set; |
| 419 | h->gc.function = gc; |
| 420 | h->gc.expires = jiffies + IPSET_GC_PERIOD(h->timeout) * HZ; |
| 421 | add_timer(&h->gc); |
| 422 | pr_debug("gc initialized, run in every %u\n", |
| 423 | IPSET_GC_PERIOD(h->timeout)); |
| 424 | } |
| 425 | |
| 426 | static bool |
| 427 | mtype_same_set(const struct ip_set *a, const struct ip_set *b) |
| 428 | { |
| 429 | const struct htype *x = a->data; |
| 430 | const struct htype *y = b->data; |
| 431 | |
| 432 | /* Resizing changes htable_bits, so we ignore it */ |
| 433 | return x->maxelem == y->maxelem && |
| 434 | x->timeout == y->timeout && |
| 435 | #ifdef IP_SET_HASH_WITH_NETMASK |
| 436 | x->netmask == y->netmask && |
| 437 | #endif |
| 438 | a->extensions == b->extensions; |
| 439 | } |
| 440 | |
| 441 | /* Get the ith element from the array block n */ |
| 442 | #define ahash_data(n, i, dsize) \ |
| 443 | ((struct mtype_elem *)((n)->value + ((i) * (dsize)))) |
| 444 | |
| 445 | /* Delete expired elements from the hashtable */ |
| 446 | static void |
| 447 | mtype_expire(struct htype *h, u8 nets_length, size_t dsize) |
| 448 | { |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 449 | struct htable *t; |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 450 | struct hbucket *n; |
| 451 | struct mtype_elem *data; |
| 452 | u32 i; |
| 453 | int j; |
| 454 | |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 455 | rcu_read_lock_bh(); |
| 456 | t = rcu_dereference_bh(h->table); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 457 | for (i = 0; i < jhash_size(t->htable_bits); i++) { |
| 458 | n = hbucket(t, i); |
| 459 | for (j = 0; j < n->pos; j++) { |
| 460 | data = ahash_data(n, j, dsize); |
| 461 | if (ip_set_timeout_expired(ext_timeout(data, h))) { |
| 462 | pr_debug("expired %u/%u\n", i, j); |
| 463 | #ifdef IP_SET_HASH_WITH_NETS |
| 464 | mtype_del_cidr(h, CIDR(data->cidr), |
Jozsef Kadlecsik | a04d8b6 | 2013-09-30 09:05:54 +0200 | [diff] [blame^] | 465 | nets_length, 0); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 466 | #endif |
| 467 | if (j != n->pos - 1) |
| 468 | /* Not last one */ |
| 469 | memcpy(data, |
| 470 | ahash_data(n, n->pos - 1, dsize), |
| 471 | dsize); |
| 472 | n->pos--; |
| 473 | h->elements--; |
| 474 | } |
| 475 | } |
| 476 | if (n->pos + AHASH_INIT_SIZE < n->size) { |
| 477 | void *tmp = kzalloc((n->size - AHASH_INIT_SIZE) |
| 478 | * dsize, |
| 479 | GFP_ATOMIC); |
| 480 | if (!tmp) |
| 481 | /* Still try to delete expired elements */ |
| 482 | continue; |
| 483 | n->size -= AHASH_INIT_SIZE; |
| 484 | memcpy(tmp, n->value, n->size * dsize); |
| 485 | kfree(n->value); |
| 486 | n->value = tmp; |
| 487 | } |
| 488 | } |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 489 | rcu_read_unlock_bh(); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 490 | } |
| 491 | |
| 492 | static void |
| 493 | mtype_gc(unsigned long ul_set) |
| 494 | { |
| 495 | struct ip_set *set = (struct ip_set *) ul_set; |
| 496 | struct htype *h = set->data; |
| 497 | |
| 498 | pr_debug("called\n"); |
| 499 | write_lock_bh(&set->lock); |
Jozsef Kadlecsik | a04d8b6 | 2013-09-30 09:05:54 +0200 | [diff] [blame^] | 500 | mtype_expire(h, NLEN(set->family), h->dsize); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 501 | write_unlock_bh(&set->lock); |
| 502 | |
| 503 | h->gc.expires = jiffies + IPSET_GC_PERIOD(h->timeout) * HZ; |
| 504 | add_timer(&h->gc); |
| 505 | } |
| 506 | |
| 507 | /* Resize a hash: create a new hash table with doubling the hashsize |
| 508 | * and inserting the elements to it. Repeat until we succeed or |
| 509 | * fail due to memory pressures. */ |
| 510 | static int |
| 511 | mtype_resize(struct ip_set *set, bool retried) |
| 512 | { |
| 513 | struct htype *h = set->data; |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 514 | struct htable *t, *orig = rcu_dereference_bh_nfnl(h->table); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 515 | u8 htable_bits = orig->htable_bits; |
| 516 | #ifdef IP_SET_HASH_WITH_NETS |
| 517 | u8 flags; |
| 518 | #endif |
| 519 | struct mtype_elem *data; |
| 520 | struct mtype_elem *d; |
| 521 | struct hbucket *n, *m; |
| 522 | u32 i, j; |
| 523 | int ret; |
| 524 | |
| 525 | /* Try to cleanup once */ |
| 526 | if (SET_WITH_TIMEOUT(set) && !retried) { |
| 527 | i = h->elements; |
| 528 | write_lock_bh(&set->lock); |
Jozsef Kadlecsik | a04d8b6 | 2013-09-30 09:05:54 +0200 | [diff] [blame^] | 529 | mtype_expire(set->data, NLEN(set->family), h->dsize); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 530 | write_unlock_bh(&set->lock); |
| 531 | if (h->elements < i) |
| 532 | return 0; |
| 533 | } |
| 534 | |
| 535 | retry: |
| 536 | ret = 0; |
| 537 | htable_bits++; |
| 538 | pr_debug("attempt to resize set %s from %u to %u, t %p\n", |
| 539 | set->name, orig->htable_bits, htable_bits, orig); |
| 540 | if (!htable_bits) { |
| 541 | /* In case we have plenty of memory :-) */ |
| 542 | pr_warning("Cannot increase the hashsize of set %s further\n", |
| 543 | set->name); |
| 544 | return -IPSET_ERR_HASH_FULL; |
| 545 | } |
| 546 | t = ip_set_alloc(sizeof(*t) |
| 547 | + jhash_size(htable_bits) * sizeof(struct hbucket)); |
| 548 | if (!t) |
| 549 | return -ENOMEM; |
| 550 | t->htable_bits = htable_bits; |
| 551 | |
| 552 | read_lock_bh(&set->lock); |
| 553 | for (i = 0; i < jhash_size(orig->htable_bits); i++) { |
| 554 | n = hbucket(orig, i); |
| 555 | for (j = 0; j < n->pos; j++) { |
| 556 | data = ahash_data(n, j, h->dsize); |
| 557 | #ifdef IP_SET_HASH_WITH_NETS |
| 558 | flags = 0; |
| 559 | mtype_data_reset_flags(data, &flags); |
| 560 | #endif |
| 561 | m = hbucket(t, HKEY(data, h->initval, htable_bits)); |
| 562 | ret = hbucket_elem_add(m, AHASH_MAX(h), h->dsize); |
| 563 | if (ret < 0) { |
| 564 | #ifdef IP_SET_HASH_WITH_NETS |
| 565 | mtype_data_reset_flags(data, &flags); |
| 566 | #endif |
| 567 | read_unlock_bh(&set->lock); |
| 568 | ahash_destroy(t); |
| 569 | if (ret == -EAGAIN) |
| 570 | goto retry; |
| 571 | return ret; |
| 572 | } |
| 573 | d = ahash_data(m, m->pos++, h->dsize); |
| 574 | memcpy(d, data, h->dsize); |
| 575 | #ifdef IP_SET_HASH_WITH_NETS |
| 576 | mtype_data_reset_flags(d, &flags); |
| 577 | #endif |
| 578 | } |
| 579 | } |
| 580 | |
| 581 | rcu_assign_pointer(h->table, t); |
| 582 | read_unlock_bh(&set->lock); |
| 583 | |
| 584 | /* Give time to other readers of the set */ |
| 585 | synchronize_rcu_bh(); |
| 586 | |
| 587 | pr_debug("set %s resized from %u (%p) to %u (%p)\n", set->name, |
| 588 | orig->htable_bits, orig, t->htable_bits, t); |
| 589 | ahash_destroy(orig); |
| 590 | |
| 591 | return 0; |
| 592 | } |
| 593 | |
| 594 | /* Add an element to a hash and update the internal counters when succeeded, |
| 595 | * otherwise report the proper error code. */ |
| 596 | static int |
| 597 | mtype_add(struct ip_set *set, void *value, const struct ip_set_ext *ext, |
| 598 | struct ip_set_ext *mext, u32 flags) |
| 599 | { |
| 600 | struct htype *h = set->data; |
| 601 | struct htable *t; |
| 602 | const struct mtype_elem *d = value; |
| 603 | struct mtype_elem *data; |
| 604 | struct hbucket *n; |
| 605 | int i, ret = 0; |
| 606 | int j = AHASH_MAX(h) + 1; |
| 607 | bool flag_exist = flags & IPSET_FLAG_EXIST; |
| 608 | u32 key, multi = 0; |
| 609 | |
| 610 | if (SET_WITH_TIMEOUT(set) && h->elements >= h->maxelem) |
| 611 | /* FIXME: when set is full, we slow down here */ |
Jozsef Kadlecsik | a04d8b6 | 2013-09-30 09:05:54 +0200 | [diff] [blame^] | 612 | mtype_expire(h, NLEN(set->family), h->dsize); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 613 | |
| 614 | if (h->elements >= h->maxelem) { |
| 615 | if (net_ratelimit()) |
| 616 | pr_warning("Set %s is full, maxelem %u reached\n", |
| 617 | set->name, h->maxelem); |
| 618 | return -IPSET_ERR_HASH_FULL; |
| 619 | } |
| 620 | |
| 621 | rcu_read_lock_bh(); |
| 622 | t = rcu_dereference_bh(h->table); |
| 623 | key = HKEY(value, h->initval, t->htable_bits); |
| 624 | n = hbucket(t, key); |
| 625 | for (i = 0; i < n->pos; i++) { |
| 626 | data = ahash_data(n, i, h->dsize); |
| 627 | if (mtype_data_equal(data, d, &multi)) { |
| 628 | if (flag_exist || |
| 629 | (SET_WITH_TIMEOUT(set) && |
| 630 | ip_set_timeout_expired(ext_timeout(data, h)))) { |
| 631 | /* Just the extensions could be overwritten */ |
| 632 | j = i; |
| 633 | goto reuse_slot; |
| 634 | } else { |
| 635 | ret = -IPSET_ERR_EXIST; |
| 636 | goto out; |
| 637 | } |
| 638 | } |
| 639 | /* Reuse first timed out entry */ |
| 640 | if (SET_WITH_TIMEOUT(set) && |
| 641 | ip_set_timeout_expired(ext_timeout(data, h)) && |
| 642 | j != AHASH_MAX(h) + 1) |
| 643 | j = i; |
| 644 | } |
| 645 | reuse_slot: |
| 646 | if (j != AHASH_MAX(h) + 1) { |
| 647 | /* Fill out reused slot */ |
| 648 | data = ahash_data(n, j, h->dsize); |
| 649 | #ifdef IP_SET_HASH_WITH_NETS |
Jozsef Kadlecsik | a04d8b6 | 2013-09-30 09:05:54 +0200 | [diff] [blame^] | 650 | mtype_del_cidr(h, CIDR(data->cidr), NLEN(set->family), 0); |
| 651 | mtype_add_cidr(h, CIDR(d->cidr), NLEN(set->family), 0); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 652 | #endif |
| 653 | } else { |
| 654 | /* Use/create a new slot */ |
| 655 | TUNE_AHASH_MAX(h, multi); |
| 656 | ret = hbucket_elem_add(n, AHASH_MAX(h), h->dsize); |
| 657 | if (ret != 0) { |
| 658 | if (ret == -EAGAIN) |
| 659 | mtype_data_next(&h->next, d); |
| 660 | goto out; |
| 661 | } |
| 662 | data = ahash_data(n, n->pos++, h->dsize); |
| 663 | #ifdef IP_SET_HASH_WITH_NETS |
Jozsef Kadlecsik | a04d8b6 | 2013-09-30 09:05:54 +0200 | [diff] [blame^] | 664 | mtype_add_cidr(h, CIDR(d->cidr), NLEN(set->family), 0); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 665 | #endif |
| 666 | h->elements++; |
| 667 | } |
| 668 | memcpy(data, d, sizeof(struct mtype_elem)); |
| 669 | #ifdef IP_SET_HASH_WITH_NETS |
| 670 | mtype_data_set_flags(data, flags); |
| 671 | #endif |
| 672 | if (SET_WITH_TIMEOUT(set)) |
| 673 | ip_set_timeout_set(ext_timeout(data, h), ext->timeout); |
Jozsef Kadlecsik | 00d71b2 | 2013-04-08 23:11:02 +0200 | [diff] [blame] | 674 | if (SET_WITH_COUNTER(set)) |
| 675 | ip_set_init_counter(ext_counter(data, h), ext); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 676 | |
| 677 | out: |
| 678 | rcu_read_unlock_bh(); |
| 679 | return ret; |
| 680 | } |
| 681 | |
| 682 | /* Delete an element from the hash: swap it with the last element |
| 683 | * and free up space if possible. |
| 684 | */ |
| 685 | static int |
| 686 | mtype_del(struct ip_set *set, void *value, const struct ip_set_ext *ext, |
| 687 | struct ip_set_ext *mext, u32 flags) |
| 688 | { |
| 689 | struct htype *h = set->data; |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 690 | struct htable *t; |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 691 | const struct mtype_elem *d = value; |
| 692 | struct mtype_elem *data; |
| 693 | struct hbucket *n; |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 694 | int i, ret = -IPSET_ERR_EXIST; |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 695 | u32 key, multi = 0; |
| 696 | |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 697 | rcu_read_lock_bh(); |
| 698 | t = rcu_dereference_bh(h->table); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 699 | key = HKEY(value, h->initval, t->htable_bits); |
| 700 | n = hbucket(t, key); |
| 701 | for (i = 0; i < n->pos; i++) { |
| 702 | data = ahash_data(n, i, h->dsize); |
| 703 | if (!mtype_data_equal(data, d, &multi)) |
| 704 | continue; |
| 705 | if (SET_WITH_TIMEOUT(set) && |
| 706 | ip_set_timeout_expired(ext_timeout(data, h))) |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 707 | goto out; |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 708 | if (i != n->pos - 1) |
| 709 | /* Not last one */ |
| 710 | memcpy(data, ahash_data(n, n->pos - 1, h->dsize), |
| 711 | h->dsize); |
| 712 | |
| 713 | n->pos--; |
| 714 | h->elements--; |
| 715 | #ifdef IP_SET_HASH_WITH_NETS |
Jozsef Kadlecsik | a04d8b6 | 2013-09-30 09:05:54 +0200 | [diff] [blame^] | 716 | mtype_del_cidr(h, CIDR(d->cidr), NLEN(set->family), 0); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 717 | #endif |
| 718 | if (n->pos + AHASH_INIT_SIZE < n->size) { |
| 719 | void *tmp = kzalloc((n->size - AHASH_INIT_SIZE) |
| 720 | * h->dsize, |
| 721 | GFP_ATOMIC); |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 722 | if (!tmp) { |
| 723 | ret = 0; |
| 724 | goto out; |
| 725 | } |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 726 | n->size -= AHASH_INIT_SIZE; |
| 727 | memcpy(tmp, n->value, n->size * h->dsize); |
| 728 | kfree(n->value); |
| 729 | n->value = tmp; |
| 730 | } |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 731 | ret = 0; |
| 732 | goto out; |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 733 | } |
| 734 | |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 735 | out: |
| 736 | rcu_read_unlock_bh(); |
| 737 | return ret; |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 738 | } |
| 739 | |
| 740 | static inline int |
| 741 | mtype_data_match(struct mtype_elem *data, const struct ip_set_ext *ext, |
| 742 | struct ip_set_ext *mext, struct ip_set *set, u32 flags) |
| 743 | { |
Jozsef Kadlecsik | 00d71b2 | 2013-04-08 23:11:02 +0200 | [diff] [blame] | 744 | if (SET_WITH_COUNTER(set)) |
| 745 | ip_set_update_counter(ext_counter(data, |
| 746 | (struct htype *)(set->data)), |
| 747 | ext, mext, flags); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 748 | return mtype_do_data_match(data); |
| 749 | } |
| 750 | |
| 751 | #ifdef IP_SET_HASH_WITH_NETS |
| 752 | /* Special test function which takes into account the different network |
| 753 | * sizes added to the set */ |
| 754 | static int |
| 755 | mtype_test_cidrs(struct ip_set *set, struct mtype_elem *d, |
| 756 | const struct ip_set_ext *ext, |
| 757 | struct ip_set_ext *mext, u32 flags) |
| 758 | { |
| 759 | struct htype *h = set->data; |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 760 | struct htable *t = rcu_dereference_bh(h->table); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 761 | struct hbucket *n; |
| 762 | struct mtype_elem *data; |
| 763 | int i, j = 0; |
| 764 | u32 key, multi = 0; |
Jozsef Kadlecsik | a04d8b6 | 2013-09-30 09:05:54 +0200 | [diff] [blame^] | 765 | u8 nets_length = NLEN(set->family); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 766 | |
| 767 | pr_debug("test by nets\n"); |
Jozsef Kadlecsik | a04d8b6 | 2013-09-30 09:05:54 +0200 | [diff] [blame^] | 768 | for (; j < nets_length && h->nets[j].nets[0] && !multi; j++) { |
| 769 | mtype_data_netmask(d, h->nets[j].cidr[0]); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 770 | key = HKEY(d, h->initval, t->htable_bits); |
| 771 | n = hbucket(t, key); |
| 772 | for (i = 0; i < n->pos; i++) { |
| 773 | data = ahash_data(n, i, h->dsize); |
| 774 | if (!mtype_data_equal(data, d, &multi)) |
| 775 | continue; |
| 776 | if (SET_WITH_TIMEOUT(set)) { |
| 777 | if (!ip_set_timeout_expired( |
| 778 | ext_timeout(data, h))) |
| 779 | return mtype_data_match(data, ext, |
| 780 | mext, set, |
| 781 | flags); |
| 782 | #ifdef IP_SET_HASH_WITH_MULTI |
| 783 | multi = 0; |
| 784 | #endif |
| 785 | } else |
| 786 | return mtype_data_match(data, ext, |
| 787 | mext, set, flags); |
| 788 | } |
| 789 | } |
| 790 | return 0; |
| 791 | } |
| 792 | #endif |
| 793 | |
| 794 | /* Test whether the element is added to the set */ |
| 795 | static int |
| 796 | mtype_test(struct ip_set *set, void *value, const struct ip_set_ext *ext, |
| 797 | struct ip_set_ext *mext, u32 flags) |
| 798 | { |
| 799 | struct htype *h = set->data; |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 800 | struct htable *t; |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 801 | struct mtype_elem *d = value; |
| 802 | struct hbucket *n; |
| 803 | struct mtype_elem *data; |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 804 | int i, ret = 0; |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 805 | u32 key, multi = 0; |
| 806 | |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 807 | rcu_read_lock_bh(); |
| 808 | t = rcu_dereference_bh(h->table); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 809 | #ifdef IP_SET_HASH_WITH_NETS |
| 810 | /* If we test an IP address and not a network address, |
| 811 | * try all possible network sizes */ |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 812 | if (CIDR(d->cidr) == SET_HOST_MASK(set->family)) { |
| 813 | ret = mtype_test_cidrs(set, d, ext, mext, flags); |
| 814 | goto out; |
| 815 | } |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 816 | #endif |
| 817 | |
| 818 | key = HKEY(d, h->initval, t->htable_bits); |
| 819 | n = hbucket(t, key); |
| 820 | for (i = 0; i < n->pos; i++) { |
| 821 | data = ahash_data(n, i, h->dsize); |
| 822 | if (mtype_data_equal(data, d, &multi) && |
| 823 | !(SET_WITH_TIMEOUT(set) && |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 824 | ip_set_timeout_expired(ext_timeout(data, h)))) { |
| 825 | ret = mtype_data_match(data, ext, mext, set, flags); |
| 826 | goto out; |
| 827 | } |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 828 | } |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 829 | out: |
| 830 | rcu_read_unlock_bh(); |
| 831 | return ret; |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 832 | } |
| 833 | |
| 834 | /* Reply a HEADER request: fill out the header part of the set */ |
| 835 | static int |
| 836 | mtype_head(struct ip_set *set, struct sk_buff *skb) |
| 837 | { |
| 838 | const struct htype *h = set->data; |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 839 | const struct htable *t; |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 840 | struct nlattr *nested; |
| 841 | size_t memsize; |
| 842 | |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 843 | t = rcu_dereference_bh_nfnl(h->table); |
Jozsef Kadlecsik | a04d8b6 | 2013-09-30 09:05:54 +0200 | [diff] [blame^] | 844 | memsize = mtype_ahash_memsize(h, t, NLEN(set->family)); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 845 | |
| 846 | nested = ipset_nest_start(skb, IPSET_ATTR_DATA); |
| 847 | if (!nested) |
| 848 | goto nla_put_failure; |
| 849 | if (nla_put_net32(skb, IPSET_ATTR_HASHSIZE, |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 850 | htonl(jhash_size(t->htable_bits))) || |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 851 | nla_put_net32(skb, IPSET_ATTR_MAXELEM, htonl(h->maxelem))) |
| 852 | goto nla_put_failure; |
| 853 | #ifdef IP_SET_HASH_WITH_NETMASK |
| 854 | if (h->netmask != HOST_MASK && |
| 855 | nla_put_u8(skb, IPSET_ATTR_NETMASK, h->netmask)) |
| 856 | goto nla_put_failure; |
| 857 | #endif |
| 858 | if (nla_put_net32(skb, IPSET_ATTR_REFERENCES, htonl(set->ref - 1)) || |
| 859 | nla_put_net32(skb, IPSET_ATTR_MEMSIZE, htonl(memsize)) || |
| 860 | ((set->extensions & IPSET_EXT_TIMEOUT) && |
Jozsef Kadlecsik | 00d71b2 | 2013-04-08 23:11:02 +0200 | [diff] [blame] | 861 | nla_put_net32(skb, IPSET_ATTR_TIMEOUT, htonl(h->timeout))) || |
| 862 | ((set->extensions & IPSET_EXT_COUNTER) && |
| 863 | nla_put_net32(skb, IPSET_ATTR_CADT_FLAGS, |
| 864 | htonl(IPSET_FLAG_WITH_COUNTERS)))) |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 865 | goto nla_put_failure; |
| 866 | ipset_nest_end(skb, nested); |
| 867 | |
| 868 | return 0; |
| 869 | nla_put_failure: |
| 870 | return -EMSGSIZE; |
| 871 | } |
| 872 | |
| 873 | /* Reply a LIST/SAVE request: dump the elements of the specified set */ |
| 874 | static int |
| 875 | mtype_list(const struct ip_set *set, |
| 876 | struct sk_buff *skb, struct netlink_callback *cb) |
| 877 | { |
| 878 | const struct htype *h = set->data; |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 879 | const struct htable *t = rcu_dereference_bh_nfnl(h->table); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 880 | struct nlattr *atd, *nested; |
| 881 | const struct hbucket *n; |
| 882 | const struct mtype_elem *e; |
| 883 | u32 first = cb->args[2]; |
| 884 | /* We assume that one hash bucket fills into one page */ |
| 885 | void *incomplete; |
| 886 | int i; |
| 887 | |
| 888 | atd = ipset_nest_start(skb, IPSET_ATTR_ADT); |
| 889 | if (!atd) |
| 890 | return -EMSGSIZE; |
| 891 | pr_debug("list hash set %s\n", set->name); |
| 892 | for (; cb->args[2] < jhash_size(t->htable_bits); cb->args[2]++) { |
| 893 | incomplete = skb_tail_pointer(skb); |
| 894 | n = hbucket(t, cb->args[2]); |
| 895 | pr_debug("cb->args[2]: %lu, t %p n %p\n", cb->args[2], t, n); |
| 896 | for (i = 0; i < n->pos; i++) { |
| 897 | e = ahash_data(n, i, h->dsize); |
| 898 | if (SET_WITH_TIMEOUT(set) && |
| 899 | ip_set_timeout_expired(ext_timeout(e, h))) |
| 900 | continue; |
| 901 | pr_debug("list hash %lu hbucket %p i %u, data %p\n", |
| 902 | cb->args[2], n, i, e); |
| 903 | nested = ipset_nest_start(skb, IPSET_ATTR_DATA); |
| 904 | if (!nested) { |
| 905 | if (cb->args[2] == first) { |
| 906 | nla_nest_cancel(skb, atd); |
| 907 | return -EMSGSIZE; |
| 908 | } else |
| 909 | goto nla_put_failure; |
| 910 | } |
| 911 | if (mtype_data_list(skb, e)) |
| 912 | goto nla_put_failure; |
| 913 | if (SET_WITH_TIMEOUT(set) && |
| 914 | nla_put_net32(skb, IPSET_ATTR_TIMEOUT, |
| 915 | htonl(ip_set_timeout_get( |
| 916 | ext_timeout(e, h))))) |
| 917 | goto nla_put_failure; |
Jozsef Kadlecsik | 00d71b2 | 2013-04-08 23:11:02 +0200 | [diff] [blame] | 918 | if (SET_WITH_COUNTER(set) && |
| 919 | ip_set_put_counter(skb, ext_counter(e, h))) |
| 920 | goto nla_put_failure; |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 921 | ipset_nest_end(skb, nested); |
| 922 | } |
| 923 | } |
| 924 | ipset_nest_end(skb, atd); |
| 925 | /* Set listing finished */ |
| 926 | cb->args[2] = 0; |
| 927 | |
| 928 | return 0; |
| 929 | |
| 930 | nla_put_failure: |
| 931 | nlmsg_trim(skb, incomplete); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 932 | if (unlikely(first == cb->args[2])) { |
| 933 | pr_warning("Can't list set %s: one bucket does not fit into " |
| 934 | "a message. Please report it!\n", set->name); |
| 935 | cb->args[2] = 0; |
| 936 | return -EMSGSIZE; |
| 937 | } |
Jozsef Kadlecsik | 122ebbf | 2013-04-27 21:02:59 +0200 | [diff] [blame] | 938 | ipset_nest_end(skb, atd); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 939 | return 0; |
| 940 | } |
| 941 | |
| 942 | static int |
Jozsef Kadlecsik | 35b8dcf | 2013-04-30 23:02:43 +0200 | [diff] [blame] | 943 | IPSET_TOKEN(MTYPE, _kadt)(struct ip_set *set, const struct sk_buff *skb, |
| 944 | const struct xt_action_param *par, |
| 945 | enum ipset_adt adt, struct ip_set_adt_opt *opt); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 946 | |
| 947 | static int |
Jozsef Kadlecsik | 35b8dcf | 2013-04-30 23:02:43 +0200 | [diff] [blame] | 948 | IPSET_TOKEN(MTYPE, _uadt)(struct ip_set *set, struct nlattr *tb[], |
| 949 | enum ipset_adt adt, u32 *lineno, u32 flags, bool retried); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 950 | |
| 951 | static const struct ip_set_type_variant mtype_variant = { |
| 952 | .kadt = mtype_kadt, |
| 953 | .uadt = mtype_uadt, |
| 954 | .adt = { |
| 955 | [IPSET_ADD] = mtype_add, |
| 956 | [IPSET_DEL] = mtype_del, |
| 957 | [IPSET_TEST] = mtype_test, |
| 958 | }, |
| 959 | .destroy = mtype_destroy, |
| 960 | .flush = mtype_flush, |
| 961 | .head = mtype_head, |
| 962 | .list = mtype_list, |
| 963 | .resize = mtype_resize, |
| 964 | .same_set = mtype_same_set, |
| 965 | }; |
| 966 | |
| 967 | #ifdef IP_SET_EMIT_CREATE |
| 968 | static int |
Jozsef Kadlecsik | 35b8dcf | 2013-04-30 23:02:43 +0200 | [diff] [blame] | 969 | IPSET_TOKEN(HTYPE, _create)(struct ip_set *set, struct nlattr *tb[], u32 flags) |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 970 | { |
| 971 | u32 hashsize = IPSET_DEFAULT_HASHSIZE, maxelem = IPSET_DEFAULT_MAXELEM; |
Jozsef Kadlecsik | 00d71b2 | 2013-04-08 23:11:02 +0200 | [diff] [blame] | 972 | u32 cadt_flags = 0; |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 973 | u8 hbits; |
| 974 | #ifdef IP_SET_HASH_WITH_NETMASK |
| 975 | u8 netmask; |
| 976 | #endif |
| 977 | size_t hsize; |
| 978 | struct HTYPE *h; |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 979 | struct htable *t; |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 980 | |
| 981 | if (!(set->family == NFPROTO_IPV4 || set->family == NFPROTO_IPV6)) |
| 982 | return -IPSET_ERR_INVALID_FAMILY; |
| 983 | #ifdef IP_SET_HASH_WITH_NETMASK |
| 984 | netmask = set->family == NFPROTO_IPV4 ? 32 : 128; |
| 985 | pr_debug("Create set %s with family %s\n", |
| 986 | set->name, set->family == NFPROTO_IPV4 ? "inet" : "inet6"); |
| 987 | #endif |
| 988 | |
| 989 | if (unlikely(!ip_set_optattr_netorder(tb, IPSET_ATTR_HASHSIZE) || |
| 990 | !ip_set_optattr_netorder(tb, IPSET_ATTR_MAXELEM) || |
| 991 | !ip_set_optattr_netorder(tb, IPSET_ATTR_TIMEOUT) || |
| 992 | !ip_set_optattr_netorder(tb, IPSET_ATTR_CADT_FLAGS))) |
| 993 | return -IPSET_ERR_PROTOCOL; |
| 994 | |
| 995 | if (tb[IPSET_ATTR_HASHSIZE]) { |
| 996 | hashsize = ip_set_get_h32(tb[IPSET_ATTR_HASHSIZE]); |
| 997 | if (hashsize < IPSET_MIMINAL_HASHSIZE) |
| 998 | hashsize = IPSET_MIMINAL_HASHSIZE; |
| 999 | } |
| 1000 | |
| 1001 | if (tb[IPSET_ATTR_MAXELEM]) |
| 1002 | maxelem = ip_set_get_h32(tb[IPSET_ATTR_MAXELEM]); |
| 1003 | |
| 1004 | #ifdef IP_SET_HASH_WITH_NETMASK |
| 1005 | if (tb[IPSET_ATTR_NETMASK]) { |
| 1006 | netmask = nla_get_u8(tb[IPSET_ATTR_NETMASK]); |
| 1007 | |
| 1008 | if ((set->family == NFPROTO_IPV4 && netmask > 32) || |
| 1009 | (set->family == NFPROTO_IPV6 && netmask > 128) || |
| 1010 | netmask == 0) |
| 1011 | return -IPSET_ERR_INVALID_NETMASK; |
| 1012 | } |
| 1013 | #endif |
| 1014 | |
| 1015 | hsize = sizeof(*h); |
| 1016 | #ifdef IP_SET_HASH_WITH_NETS |
| 1017 | hsize += sizeof(struct net_prefixes) * |
| 1018 | (set->family == NFPROTO_IPV4 ? 32 : 128); |
| 1019 | #endif |
| 1020 | h = kzalloc(hsize, GFP_KERNEL); |
| 1021 | if (!h) |
| 1022 | return -ENOMEM; |
| 1023 | |
| 1024 | h->maxelem = maxelem; |
| 1025 | #ifdef IP_SET_HASH_WITH_NETMASK |
| 1026 | h->netmask = netmask; |
| 1027 | #endif |
| 1028 | get_random_bytes(&h->initval, sizeof(h->initval)); |
| 1029 | h->timeout = IPSET_NO_TIMEOUT; |
| 1030 | |
| 1031 | hbits = htable_bits(hashsize); |
| 1032 | hsize = htable_size(hbits); |
| 1033 | if (hsize == 0) { |
| 1034 | kfree(h); |
| 1035 | return -ENOMEM; |
| 1036 | } |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 1037 | t = ip_set_alloc(hsize); |
| 1038 | if (!t) { |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 1039 | kfree(h); |
| 1040 | return -ENOMEM; |
| 1041 | } |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 1042 | t->htable_bits = hbits; |
| 1043 | rcu_assign_pointer(h->table, t); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 1044 | |
| 1045 | set->data = h; |
| 1046 | if (set->family == NFPROTO_IPV4) |
Jozsef Kadlecsik | 35b8dcf | 2013-04-30 23:02:43 +0200 | [diff] [blame] | 1047 | set->variant = &IPSET_TOKEN(HTYPE, 4_variant); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 1048 | else |
Jozsef Kadlecsik | 35b8dcf | 2013-04-30 23:02:43 +0200 | [diff] [blame] | 1049 | set->variant = &IPSET_TOKEN(HTYPE, 6_variant); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 1050 | |
Jozsef Kadlecsik | 00d71b2 | 2013-04-08 23:11:02 +0200 | [diff] [blame] | 1051 | if (tb[IPSET_ATTR_CADT_FLAGS]) |
| 1052 | cadt_flags = ip_set_get_h32(tb[IPSET_ATTR_CADT_FLAGS]); |
| 1053 | if (cadt_flags & IPSET_FLAG_WITH_COUNTERS) { |
| 1054 | set->extensions |= IPSET_EXT_COUNTER; |
| 1055 | if (tb[IPSET_ATTR_TIMEOUT]) { |
| 1056 | h->timeout = |
| 1057 | ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT]); |
| 1058 | set->extensions |= IPSET_EXT_TIMEOUT; |
| 1059 | if (set->family == NFPROTO_IPV4) { |
Jozsef Kadlecsik | 35b8dcf | 2013-04-30 23:02:43 +0200 | [diff] [blame] | 1060 | h->dsize = sizeof(struct |
| 1061 | IPSET_TOKEN(HTYPE, 4ct_elem)); |
Jozsef Kadlecsik | 00d71b2 | 2013-04-08 23:11:02 +0200 | [diff] [blame] | 1062 | h->offset[IPSET_OFFSET_TIMEOUT] = |
Jozsef Kadlecsik | 35b8dcf | 2013-04-30 23:02:43 +0200 | [diff] [blame] | 1063 | offsetof(struct |
| 1064 | IPSET_TOKEN(HTYPE, 4ct_elem), |
| 1065 | timeout); |
Jozsef Kadlecsik | 00d71b2 | 2013-04-08 23:11:02 +0200 | [diff] [blame] | 1066 | h->offset[IPSET_OFFSET_COUNTER] = |
Jozsef Kadlecsik | 35b8dcf | 2013-04-30 23:02:43 +0200 | [diff] [blame] | 1067 | offsetof(struct |
| 1068 | IPSET_TOKEN(HTYPE, 4ct_elem), |
| 1069 | counter); |
| 1070 | IPSET_TOKEN(HTYPE, 4_gc_init)(set, |
| 1071 | IPSET_TOKEN(HTYPE, 4_gc)); |
Jozsef Kadlecsik | 00d71b2 | 2013-04-08 23:11:02 +0200 | [diff] [blame] | 1072 | } else { |
Jozsef Kadlecsik | 35b8dcf | 2013-04-30 23:02:43 +0200 | [diff] [blame] | 1073 | h->dsize = sizeof(struct |
| 1074 | IPSET_TOKEN(HTYPE, 6ct_elem)); |
Jozsef Kadlecsik | 00d71b2 | 2013-04-08 23:11:02 +0200 | [diff] [blame] | 1075 | h->offset[IPSET_OFFSET_TIMEOUT] = |
Jozsef Kadlecsik | 35b8dcf | 2013-04-30 23:02:43 +0200 | [diff] [blame] | 1076 | offsetof(struct |
| 1077 | IPSET_TOKEN(HTYPE, 6ct_elem), |
| 1078 | timeout); |
Jozsef Kadlecsik | 00d71b2 | 2013-04-08 23:11:02 +0200 | [diff] [blame] | 1079 | h->offset[IPSET_OFFSET_COUNTER] = |
Jozsef Kadlecsik | 35b8dcf | 2013-04-30 23:02:43 +0200 | [diff] [blame] | 1080 | offsetof(struct |
| 1081 | IPSET_TOKEN(HTYPE, 6ct_elem), |
| 1082 | counter); |
| 1083 | IPSET_TOKEN(HTYPE, 6_gc_init)(set, |
| 1084 | IPSET_TOKEN(HTYPE, 6_gc)); |
Jozsef Kadlecsik | 00d71b2 | 2013-04-08 23:11:02 +0200 | [diff] [blame] | 1085 | } |
| 1086 | } else { |
| 1087 | if (set->family == NFPROTO_IPV4) { |
| 1088 | h->dsize = |
Jozsef Kadlecsik | 35b8dcf | 2013-04-30 23:02:43 +0200 | [diff] [blame] | 1089 | sizeof(struct |
| 1090 | IPSET_TOKEN(HTYPE, 4c_elem)); |
Jozsef Kadlecsik | 00d71b2 | 2013-04-08 23:11:02 +0200 | [diff] [blame] | 1091 | h->offset[IPSET_OFFSET_COUNTER] = |
Jozsef Kadlecsik | 35b8dcf | 2013-04-30 23:02:43 +0200 | [diff] [blame] | 1092 | offsetof(struct |
| 1093 | IPSET_TOKEN(HTYPE, 4c_elem), |
| 1094 | counter); |
Jozsef Kadlecsik | 00d71b2 | 2013-04-08 23:11:02 +0200 | [diff] [blame] | 1095 | } else { |
| 1096 | h->dsize = |
Jozsef Kadlecsik | 35b8dcf | 2013-04-30 23:02:43 +0200 | [diff] [blame] | 1097 | sizeof(struct |
| 1098 | IPSET_TOKEN(HTYPE, 6c_elem)); |
Jozsef Kadlecsik | 00d71b2 | 2013-04-08 23:11:02 +0200 | [diff] [blame] | 1099 | h->offset[IPSET_OFFSET_COUNTER] = |
Jozsef Kadlecsik | 35b8dcf | 2013-04-30 23:02:43 +0200 | [diff] [blame] | 1100 | offsetof(struct |
| 1101 | IPSET_TOKEN(HTYPE, 6c_elem), |
| 1102 | counter); |
Jozsef Kadlecsik | 00d71b2 | 2013-04-08 23:11:02 +0200 | [diff] [blame] | 1103 | } |
| 1104 | } |
| 1105 | } else if (tb[IPSET_ATTR_TIMEOUT]) { |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 1106 | h->timeout = ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT]); |
| 1107 | set->extensions |= IPSET_EXT_TIMEOUT; |
| 1108 | if (set->family == NFPROTO_IPV4) { |
Jozsef Kadlecsik | 35b8dcf | 2013-04-30 23:02:43 +0200 | [diff] [blame] | 1109 | h->dsize = sizeof(struct IPSET_TOKEN(HTYPE, 4t_elem)); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 1110 | h->offset[IPSET_OFFSET_TIMEOUT] = |
Jozsef Kadlecsik | 35b8dcf | 2013-04-30 23:02:43 +0200 | [diff] [blame] | 1111 | offsetof(struct IPSET_TOKEN(HTYPE, 4t_elem), |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 1112 | timeout); |
Jozsef Kadlecsik | 35b8dcf | 2013-04-30 23:02:43 +0200 | [diff] [blame] | 1113 | IPSET_TOKEN(HTYPE, 4_gc_init)(set, |
| 1114 | IPSET_TOKEN(HTYPE, 4_gc)); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 1115 | } else { |
Jozsef Kadlecsik | 35b8dcf | 2013-04-30 23:02:43 +0200 | [diff] [blame] | 1116 | h->dsize = sizeof(struct IPSET_TOKEN(HTYPE, 6t_elem)); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 1117 | h->offset[IPSET_OFFSET_TIMEOUT] = |
Jozsef Kadlecsik | 35b8dcf | 2013-04-30 23:02:43 +0200 | [diff] [blame] | 1118 | offsetof(struct IPSET_TOKEN(HTYPE, 6t_elem), |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 1119 | timeout); |
Jozsef Kadlecsik | 35b8dcf | 2013-04-30 23:02:43 +0200 | [diff] [blame] | 1120 | IPSET_TOKEN(HTYPE, 6_gc_init)(set, |
| 1121 | IPSET_TOKEN(HTYPE, 6_gc)); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 1122 | } |
| 1123 | } else { |
| 1124 | if (set->family == NFPROTO_IPV4) |
Jozsef Kadlecsik | 35b8dcf | 2013-04-30 23:02:43 +0200 | [diff] [blame] | 1125 | h->dsize = sizeof(struct IPSET_TOKEN(HTYPE, 4_elem)); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 1126 | else |
Jozsef Kadlecsik | 35b8dcf | 2013-04-30 23:02:43 +0200 | [diff] [blame] | 1127 | h->dsize = sizeof(struct IPSET_TOKEN(HTYPE, 6_elem)); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 1128 | } |
| 1129 | |
| 1130 | pr_debug("create %s hashsize %u (%u) maxelem %u: %p(%p)\n", |
Jozsef Kadlecsik | a0f28dc | 2013-04-30 21:23:18 +0200 | [diff] [blame] | 1131 | set->name, jhash_size(t->htable_bits), |
| 1132 | t->htable_bits, h->maxelem, set->data, t); |
Jozsef Kadlecsik | 1feab10 | 2013-04-08 21:05:44 +0200 | [diff] [blame] | 1133 | |
| 1134 | return 0; |
| 1135 | } |
| 1136 | #endif /* IP_SET_EMIT_CREATE */ |