diff options
author | Patrick McHardy <kaber@trash.net> | 2015-04-11 04:27:39 +0300 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2015-04-13 18:17:31 +0300 |
commit | 7d7402642eaf385aef0772eff5a35e34fc4995d7 (patch) | |
tree | 340e51ce8070314a423634a21a3dc31fe3e6b0c9 /net/netfilter/nft_rbtree.c | |
parent | d0a11fc3dc4ab4c717642c9c15c8ad1cbc00d2ec (diff) | |
download | linux-7d7402642eaf385aef0772eff5a35e34fc4995d7.tar.xz |
netfilter: nf_tables: variable sized set element keys / data
This patch changes sets to support variable sized set element keys / data
up to 64 bytes each by using variable sized set extensions. This allows
to use concatenations with bigger data items suchs as IPv6 addresses.
As a side effect, small keys/data now don't require the full 16 bytes
of struct nft_data anymore but just the space they need.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/nft_rbtree.c')
-rw-r--r-- | net/netfilter/nft_rbtree.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/net/netfilter/nft_rbtree.c b/net/netfilter/nft_rbtree.c index b888e0cdf1e2..1c30f41cff5b 100644 --- a/net/netfilter/nft_rbtree.c +++ b/net/netfilter/nft_rbtree.c @@ -152,7 +152,8 @@ static void *nft_rbtree_deactivate(const struct nft_set *set, while (parent != NULL) { rbe = rb_entry(parent, struct nft_rbtree_elem, node); - d = memcmp(nft_set_ext_key(&rbe->ext), &elem->key, set->klen); + d = memcmp(nft_set_ext_key(&rbe->ext), &elem->key.val, + set->klen); if (d < 0) parent = parent->rb_left; else if (d > 0) |