diff options
| author | Patrick McHardy | 2015-04-11 03:27:39 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso | 2015-04-13 17:17:31 +0200 |
| commit | 7d7402642eaf385aef0772eff5a35e34fc4995d7 (patch) | |
| tree | 340e51ce8070314a423634a21a3dc31fe3e6b0c9 /net/netfilter/nft_rbtree.c | |
| parent | netfilter: nf_tables: support variable sized data in nft_data_init() (diff) | |
| download | kernel-qcow2-linux-7d7402642eaf385aef0772eff5a35e34fc4995d7.tar.gz kernel-qcow2-linux-7d7402642eaf385aef0772eff5a35e34fc4995d7.tar.xz kernel-qcow2-linux-7d7402642eaf385aef0772eff5a35e34fc4995d7.zip | |
netfilter: nf_tables: variable sized set element keys / data
This patch changes sets to support variable sized set element keys / data
up to 64 bytes each by using variable sized set extensions. This allows
to use concatenations with bigger data items suchs as IPv6 addresses.
As a side effect, small keys/data now don't require the full 16 bytes
of struct nft_data anymore but just the space they need.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/nft_rbtree.c')
| -rw-r--r-- | net/netfilter/nft_rbtree.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/net/netfilter/nft_rbtree.c b/net/netfilter/nft_rbtree.c index b888e0cdf1e2..1c30f41cff5b 100644 --- a/net/netfilter/nft_rbtree.c +++ b/net/netfilter/nft_rbtree.c @@ -152,7 +152,8 @@ static void *nft_rbtree_deactivate(const struct nft_set *set, while (parent != NULL) { rbe = rb_entry(parent, struct nft_rbtree_elem, node); - d = memcmp(nft_set_ext_key(&rbe->ext), &elem->key, set->klen); + d = memcmp(nft_set_ext_key(&rbe->ext), &elem->key.val, + set->klen); if (d < 0) parent = parent->rb_left; else if (d > 0) |