diff options
| author |   Patrick McHardy <kaber@trash.net> | 2015-04-11 02:27:39 +0100 |
|---|---|---|
| committer |   Pablo Neira Ayuso <pablo@netfilter.org> | 2015-04-13 17:17:31 +0200 |
| commit | 7d7402642eaf385aef0772eff5a35e34fc4995d7 (patch) | |
| tree | 340e51ce8070314a423634a21a3dc31fe3e6b0c9 /include/net/netfilter/nf_tables.h | |
| parent | netfilter: nf_tables: support variable sized data in nft_data_init() (diff) | |
| download | linux-dev-7d7402642eaf385aef0772eff5a35e34fc4995d7.tar.xz linux-dev-7d7402642eaf385aef0772eff5a35e34fc4995d7.zip | |
netfilter: nf_tables: variable sized set element keys / data
This patch changes sets to support variable sized set element keys / data
up to 64 bytes each by using variable sized set extensions. This allows
to use concatenations with bigger data items suchs as IPv6 addresses.
As a side effect, small keys/data now don't require the full 16 bytes
of struct nft_data anymore but just the space they need.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/net/netfilter/nf_tables.h')
| -rw-r--r-- | include/net/netfilter/nf_tables.h | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h index 160577bf0f0a..cb42da1011ef 100644 --- a/include/net/netfilter/nf_tables.h +++ b/include/net/netfilter/nf_tables.h @@ -158,7 +158,10 @@ struct nft_userdata { * @priv: element private data and extensions */ struct nft_set_elem { - struct nft_data key; + union { + u32 buf[NFT_DATA_VALUE_MAXLEN / sizeof(u32)]; + struct nft_data val; + } key; void *priv; }; |