Received: by 10.192.165.148 with SMTP id m20csp3823799imm;
        Mon, 23 Apr 2018 13:03:18 -0700 (PDT)
X-Google-Smtp-Source: AIpwx4/k39axr/2g8UtYuKkGwM1811AHgvKSEObVItf7bfvxMsjcIQx4O1HT7fkGem1k8cLR16+z
X-Received: by 10.98.69.26 with SMTP id s26mr21197854pfa.29.1524513798581;
        Mon, 23 Apr 2018 13:03:18 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1524513798; cv=none;
        d=google.com; s=arc-20160816;
        b=KHw2KDnk7/nP92zZYxc7DxnXQAggdtY2aC+zpzvKwmg3biToEpxASIHfIpj0q4M3R5
         7M+zK49T3ST7w/bEpMd8eSEfS7sOhciVfLaZlRIAL9A8rXFQekxM9P8r4qJwHvw9PU3u
         hz+C45zqsRbq7d2gyiY3fOHXPelRGXlc6UMaV9dWVI4sVn/G4Q7J3PmSXY0F0L9i4mxX
         I662SfAZCcY2xNKSy+WJwi9OYrKYDQ2Dn+QVqwin6WW7K4xdMm9W06fmXDUz9vtYPv7s
         sciLPn22fuplK2jxGp99AmR8ObVU51y7MChh3skixVUacHifDewKsgCpS5AxelmrByOO
         Snqg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:subject:cc:to:from:date
         :dkim-signature:arc-authentication-results;
        bh=9s6B3hZ2keoeWEW1UWxBCXlat62rCI6XaTgJf9eHCEo=;
        b=ZWaKjlk+PCBSsrR670Peo0j5+hDSmMin+g2QPQxONIHKyopWQz33aCD03YoKgl29U5
         5hF0NaTMtSs/kDMrCIIqaW5Lf7mmgwsq5B8smo9G7KOIL+fH/U2NQds6VfXghUJaGQb1
         IacRYSAYosoQH2TEqQHa2T2RpmfQqqyyp4Q1vP0E2TAS134SpDjFlfs9Gwr3rMuhjoOU
         hBNiQTvo3IHZbrKFeexkGdpn5eN1iJo9JGzh0Twg8UnYS1EU01AAvC4EdaQrIEf52y6G
         C5i5i1jh5Z5DXs4WXenSVKHLmxdMvEihW+/HdbZzeq3MSSlzqpRYNiZpo3CZLqeXHE+a
         QGww==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=LxPIqQeL;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id w10si11024080pfi.88.2018.04.23.13.03.04;
        Mon, 23 Apr 2018 13:03:18 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=LxPIqQeL;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S932428AbeDWUBy (ORCPT <rfc822;learnos2017@gmail.com>
        + 99 others); Mon, 23 Apr 2018 16:01:54 -0400
Received: from mail-wr0-f195.google.com ([209.85.128.195]:36667 "EHLO
        mail-wr0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S932306AbeDWUBx (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 23 Apr 2018 16:01:53 -0400
Received: by mail-wr0-f195.google.com with SMTP id u18-v6so17289675wrg.3;
        Mon, 23 Apr 2018 13:01:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=date:from:to:cc:subject:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=9s6B3hZ2keoeWEW1UWxBCXlat62rCI6XaTgJf9eHCEo=;
        b=LxPIqQeLA+QZXY4py0BrzZ/prvcQ1stW5u1pJwPuT8wRw/0RsynhGj8UIYQ9QPCC9Q
         xVoiQrm6PJrxd0xvpuBJ+X0hPL3ItlkF7E6aQBRmQmCsjQWuWEw5afZtdb+uv398eq1C
         YdF9uC1H1qnrS/Bn3u3rzAoMBmjhVxXif/Gf5GTWl22pDTUZ1UCB693jkij4FoSUFBc0
         f5+tSLi8ZeB8igKX9JG33l3e3sAqfkZHkT+wD7IndqfLNw6qsjtw6vcL1jISMax0LA4q
         kNbm7JOL4D7mjkr11RUpmI2qM4w8i8yeqhOUSmx2/sPj23dVHFANn0JV+ZxhWYBVR32C
         EapA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:from:to:cc:subject:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=9s6B3hZ2keoeWEW1UWxBCXlat62rCI6XaTgJf9eHCEo=;
        b=bffjNRHZOVXLekgTeRX+BsCmbk69kjg4+qy2rWZxdc84ueFWPOwPJx8xnuo4gBgo/l
         9wflAFfJ7kz5InK3rJGTuA9wFceK7x0H+PPHG3oZJy3L6LS3trUh2WKS4KKEPDLII7cp
         v4OyonRl1zTsJgu9TAkokCOVEMahJauyloMvjN86R3EaDLY20aIf/e53ncn3+4YVyqKN
         4lf4Wqwx2AJxX6/NUSZrS7DQtrPXK1+g42l61wNiZccxgNqzA7CjMR69RY2DErS8h9dD
         XdjBW1dlicLo0sBaemap4PBGnLX6bsLr0GpxBmOFlP4K9/Ic0C8xjRkXwk01d+J4Ysc+
         jKpg==
X-Gm-Message-State: ALQs6tAX20dojsUET+sxFbubCkOYw8UP51j9v3dLrwkB/W/tMbJygt1+
        ay2oPhDThFgWYlivrFDj2eE=
X-Received: by 10.28.55.129 with SMTP id e123mr10025149wma.141.1524513711121;
        Mon, 23 Apr 2018 13:01:51 -0700 (PDT)
Received: from AHABDELS-M-M2VD (wifi-guest-target.gssi.infn.it. [192.135.27.147])
        by smtp.gmail.com with ESMTPSA id p33-v6sm18571995wrc.14.2018.04.23.13.01.49
        (version=TLS1 cipher=AES128-SHA bits=128/128);
        Mon, 23 Apr 2018 13:01:50 -0700 (PDT)
Date:   Mon, 23 Apr 2018 22:01:48 +0200
From:   Ahmed Abdelsalam <amsalam20@gmail.com>
To:     Pablo Neira Ayuso <pablo@netfilter.org>
Cc:     fw@strlen.de, davem@davemloft.net, dav.lebrun@gmail.com,
        linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org,
        coreteam@netfilter.org, netdev@vger.kernel.org
Subject: Re: [nf-next] netfilter: extend SRH match to support matching
 previous, next and last SID
Message-Id: <20180423220148.03800031d0cb8e8a7a83dc31@gmail.com>
In-Reply-To: <20180423173047.gsf2xjlmpichyvte@salvia>
References: <1524480503-1883-1-git-send-email-amsalam20@gmail.com>
        <1524480503-1883-2-git-send-email-amsalam20@gmail.com>
        <20180423173047.gsf2xjlmpichyvte@salvia>
X-Mailer: Sylpheed 3.4.1 (GTK+ 2.24.21; x86_64-apple-darwin10.8.0)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, 23 Apr 2018 19:30:47 +0200
Pablo Neira Ayuso <pablo@netfilter.org> wrote:

> On Mon, Apr 23, 2018 at 05:48:22AM -0500, Ahmed Abdelsalam wrote:
> > Signed-off-by: Ahmed Abdelsalam <amsalam20@gmail.com>
> > ---
> >  include/uapi/linux/netfilter_ipv6/ip6t_srh.h | 22 +++++++++++++--
> >  net/ipv6/netfilter/ip6t_srh.c                | 41 +++++++++++++++++++++++++++-
> >  2 files changed, 60 insertions(+), 3 deletions(-)
> > 
> > diff --git a/include/uapi/linux/netfilter_ipv6/ip6t_srh.h b/include/uapi/linux/netfilter_ipv6/ip6t_srh.h
> > index f3cc0ef..9808382 100644
> > --- a/include/uapi/linux/netfilter_ipv6/ip6t_srh.h
> > +++ b/include/uapi/linux/netfilter_ipv6/ip6t_srh.h
> > @@ -17,7 +17,10 @@
> >  #define IP6T_SRH_LAST_GT        0x0100
> >  #define IP6T_SRH_LAST_LT        0x0200
> >  #define IP6T_SRH_TAG            0x0400
> > -#define IP6T_SRH_MASK           0x07FF
> > +#define IP6T_SRH_PSID           0x0800
> > +#define IP6T_SRH_NSID           0x1000
> > +#define IP6T_SRH_LSID           0x2000
> > +#define IP6T_SRH_MASK           0x3FFF
> >  
> >  /* Values for "mt_invflags" field in struct ip6t_srh */
> >  #define IP6T_SRH_INV_NEXTHDR    0x0001
> > @@ -31,7 +34,10 @@
> >  #define IP6T_SRH_INV_LAST_GT    0x0100
> >  #define IP6T_SRH_INV_LAST_LT    0x0200
> >  #define IP6T_SRH_INV_TAG        0x0400
> > -#define IP6T_SRH_INV_MASK       0x07FF
> > +#define IP6T_SRH_INV_PSID       0x0800
> > +#define IP6T_SRH_INV_NSID       0x1000
> > +#define IP6T_SRH_INV_LSID       0x2000
> > +#define IP6T_SRH_INV_MASK       0x3FFF
> >  
> >  /**
> >   *      struct ip6t_srh - SRH match options
> > @@ -40,6 +46,12 @@
> >   *      @ segs_left: Segments left field of SRH
> >   *      @ last_entry: Last entry field of SRH
> >   *      @ tag: Tag field of SRH
> > + *      @ psid_addr: Address of previous SID in SRH SID list
> > + *      @ nsid_addr: Address of NEXT SID in SRH SID list
> > + *      @ lsid_addr: Address of LAST SID in SRH SID list
> > + *      @ psid_msk: Mask of previous SID in SRH SID list
> > + *      @ nsid_msk: Mask of next SID in SRH SID list
> > + *      @ lsid_msk: MAsk of last SID in SRH SID list
> >   *      @ mt_flags: match options
> >   *      @ mt_invflags: Invert the sense of match options
> >   */
> > @@ -50,6 +62,12 @@ struct ip6t_srh {
> >  	__u8                    segs_left;
> >  	__u8                    last_entry;
> >  	__u16                   tag;
> > +	struct in6_addr		psid_addr;
> > +	struct in6_addr		nsid_addr;
> > +	struct in6_addr		lsid_addr;
> > +	struct in6_addr		psid_msk;
> > +	struct in6_addr		nsid_msk;
> > +	struct in6_addr		lsid_msk;
> 
> This is changing something exposed through UAPI, so you will need a
> new revision for this.

Could you please advice what should be done in this case? 

> 
> >  	__u16                   mt_flags;
> >  	__u16                   mt_invflags;
> >  };
> > diff --git a/net/ipv6/netfilter/ip6t_srh.c b/net/ipv6/netfilter/ip6t_srh.c
> > index 33719d5..2b5cc73 100644
> > --- a/net/ipv6/netfilter/ip6t_srh.c
> > +++ b/net/ipv6/netfilter/ip6t_srh.c
> > @@ -30,7 +30,9 @@ static bool srh_mt6(const struct sk_buff *skb, struct xt_action_param *par)
> >  	const struct ip6t_srh *srhinfo = par->matchinfo;
> >  	struct ipv6_sr_hdr *srh;
> >  	struct ipv6_sr_hdr _srh;
> > -	int hdrlen, srhoff = 0;
> > +	int hdrlen, psidoff, nsidoff, lsidoff, srhoff = 0;
> > +	struct in6_addr *psid, *nsid, *lsid;
> > +	struct in6_addr _psid, _nsid, _lsid;
> 
> Could you rearrange variable definitions? ie. longest line first, eg.
> 
> 	int hdrlen, psidoff, nsidoff, lsidoff, srhoff = 0;
>   	const struct ip6t_srh *srhinfo = par->matchinfo;
> 	struct in6_addr *psid, *nsid, *lsid;
>   	struct ipv6_sr_hdr *srh;
>   	struct ipv6_sr_hdr _srh;
> 

Ok I will re-arrange them in reverse christmas tree form. 

Ahmed 

-- 
Ahmed Abdelsalam <amsalam20@gmail.com>