git.kernel.dk Git - linux-block.git/commit

author	Jeremy Sowden <jeremy@azazel.net>
	Thu, 14 Nov 2024 21:08:13 +0000 (22:08 +0100)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Fri, 15 Nov 2024 11:07:04 +0000 (12:07 +0100)
commit	b0ccf4f53d968e794a4ea579d5135cc1aaf1a53f
tree	2cb8ea3597f9d3d3483a15bee772db65173e2af0	tree
parent	a12143e6084c502fc3cfaa8b717bffc8c14cf806	commit \| diff

netfilter: bitwise: add support for doing AND, OR and XOR directly

Hitherto, these operations have been converted in user space to
mask-and-xor operations on one register and two immediate values, and it
is the latter which have been evaluated by the kernel. We add support
for evaluating these operations directly in kernel space on one register
and either an immediate value or a second register.

Pablo made a few changes to the original patch:

- EINVAL if NFTA_BITWISE_SREG2 is used with fast version.
- Allow _AND,_OR,_XOR with _DATA != sizeof(u32)
- Dump _SREG2 or _DATA with _AND,_OR,_XOR

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

include/uapi/linux/netfilter/nf_tables.h		diff \| blob \| blame \| history
net/netfilter/nft_bitwise.c		diff \| blob \| blame \| history