From patchwork Tue Apr 7 14:34:43 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Phil Sutter X-Patchwork-Id: 1267457 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=nwl.cc Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 48xVLR3NXLz9sSG for ; Wed, 8 Apr 2020 00:35:11 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729081AbgDGOfL (ORCPT ); Tue, 7 Apr 2020 10:35:11 -0400 Received: from orbyte.nwl.cc ([151.80.46.58]:54954 "EHLO orbyte.nwl.cc" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728306AbgDGOfL (ORCPT ); Tue, 7 Apr 2020 10:35:11 -0400 Received: from localhost ([::1]:39812 helo=tatos) by orbyte.nwl.cc with esmtp (Exim 4.91) (envelope-from ) id 1jLpJl-0007fk-Vj; Tue, 07 Apr 2020 16:35:10 +0200 From: Phil Sutter To: Pablo Neira Ayuso Cc: netfilter-devel@vger.kernel.org Subject: [iptables PATCH 1/3] nft: cache: Eliminate init_chain_cache() Date: Tue, 7 Apr 2020 16:34:43 +0200 Message-Id: <20200407143445.26394-2-phil@nwl.cc> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200407143445.26394-1-phil@nwl.cc> References: <20200407143445.26394-1-phil@nwl.cc> MIME-Version: 1.0 Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org The function is always called immediately after fetch_table_cache(), so merge it into the latter. Signed-off-by: Phil Sutter --- iptables/nft-cache.c | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) diff --git a/iptables/nft-cache.c b/iptables/nft-cache.c index a0c76705c848e..369692fe44fc7 100644 --- a/iptables/nft-cache.c +++ b/iptables/nft-cache.c @@ -86,7 +86,7 @@ static int fetch_table_cache(struct nft_handle *h) char buf[16536]; struct nlmsghdr *nlh; struct nftnl_table_list *list; - int ret; + int i, ret; if (h->cache->tables) return 0; @@ -104,13 +104,6 @@ static int fetch_table_cache(struct nft_handle *h) h->cache->tables = list; - return 1; -} - -static int init_chain_cache(struct nft_handle *h) -{ - int i; - for (i = 0; i < NFT_TABLE_MAX; i++) { enum nft_table_type type = h->tables[i].type; @@ -119,9 +112,10 @@ static int init_chain_cache(struct nft_handle *h) h->cache->table[type].chains = nftnl_chain_list_alloc(); if (!h->cache->table[type].chains) - return -1; + return 0; } - return 0; + + return 1; } struct nftnl_chain_list_cb_data { @@ -458,7 +452,6 @@ __nft_build_cache(struct nft_handle *h, enum nft_cache_level level, switch (h->cache_level) { case NFT_CL_NONE: fetch_table_cache(h); - init_chain_cache(h); if (level == NFT_CL_TABLES) break; /* fall through */ @@ -505,7 +498,6 @@ void nft_build_cache(struct nft_handle *h, struct nftnl_chain *c) void nft_fake_cache(struct nft_handle *h) { fetch_table_cache(h); - init_chain_cache(h); h->cache_level = NFT_CL_FAKE; mnl_genid_get(h, &h->nft_genid); From patchwork Tue Apr 7 14:34:44 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Phil Sutter X-Patchwork-Id: 1267456 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=nwl.cc Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 48xVLL4vbCz9sSG for ; Wed, 8 Apr 2020 00:35:06 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729072AbgDGOfG (ORCPT ); Tue, 7 Apr 2020 10:35:06 -0400 Received: from orbyte.nwl.cc ([151.80.46.58]:54948 "EHLO orbyte.nwl.cc" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728306AbgDGOfG (ORCPT ); Tue, 7 Apr 2020 10:35:06 -0400 Received: from localhost ([::1]:39806 helo=tatos) by orbyte.nwl.cc with esmtp (Exim 4.91) (envelope-from ) id 1jLpJg-0007fP-Lr; Tue, 07 Apr 2020 16:35:04 +0200 From: Phil Sutter To: Pablo Neira Ayuso Cc: netfilter-devel@vger.kernel.org Subject: [iptables PATCH 2/3] nft: cache: Init per table set list along with chain list Date: Tue, 7 Apr 2020 16:34:44 +0200 Message-Id: <20200407143445.26394-3-phil@nwl.cc> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200407143445.26394-1-phil@nwl.cc> References: <20200407143445.26394-1-phil@nwl.cc> MIME-Version: 1.0 Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org This simplifies code a bit and also aligns set and chain lists handling in cache. Signed-off-by: Phil Sutter --- iptables/nft-cache.c | 19 ++++--------------- 1 file changed, 4 insertions(+), 15 deletions(-) diff --git a/iptables/nft-cache.c b/iptables/nft-cache.c index 369692fe44fc7..e042bd83bebf5 100644 --- a/iptables/nft-cache.c +++ b/iptables/nft-cache.c @@ -113,6 +113,10 @@ static int fetch_table_cache(struct nft_handle *h) h->cache->table[type].chains = nftnl_chain_list_alloc(); if (!h->cache->table[type].chains) return 0; + + h->cache->table[type].sets = nftnl_set_list_alloc(); + if (!h->cache->table[type].sets) + return 0; } return 1; @@ -254,21 +258,6 @@ static int fetch_set_cache(struct nft_handle *h, char buf[16536]; int i, ret; - if (!t) { - for (i = 0; i < NFT_TABLE_MAX; i++) { - enum nft_table_type type = h->tables[i].type; - - if (!h->tables[i].name) - continue; - - h->cache->table[type].sets = nftnl_set_list_alloc(); - if (!h->cache->table[type].sets) - return -1; - } - } else if (!h->cache->table[t->type].sets) { - h->cache->table[t->type].sets = nftnl_set_list_alloc(); - } - if (t && set) { struct nftnl_set *s = nftnl_set_alloc(); From patchwork Tue Apr 7 14:34:45 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Phil Sutter X-Patchwork-Id: 1267455 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=nwl.cc Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 48xVLF27d2z9sSG for ; Wed, 8 Apr 2020 00:35:01 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728992AbgDGOfB (ORCPT ); Tue, 7 Apr 2020 10:35:01 -0400 Received: from orbyte.nwl.cc ([151.80.46.58]:54934 "EHLO orbyte.nwl.cc" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728306AbgDGOfA (ORCPT ); Tue, 7 Apr 2020 10:35:00 -0400 Received: from localhost ([::1]:39792 helo=tatos) by orbyte.nwl.cc with esmtp (Exim 4.91) (envelope-from ) id 1jLpJb-0007e7-CG; Tue, 07 Apr 2020 16:34:59 +0200 From: Phil Sutter To: Pablo Neira Ayuso Cc: netfilter-devel@vger.kernel.org Subject: [iptables PATCH 3/3] nft: cache: Fetch sets per table Date: Tue, 7 Apr 2020 16:34:45 +0200 Message-Id: <20200407143445.26394-4-phil@nwl.cc> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200407143445.26394-1-phil@nwl.cc> References: <20200407143445.26394-1-phil@nwl.cc> MIME-Version: 1.0 Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org Kernel accepts a table name when dumping sets, so make use of that in case a table was passed to fetch_set_cache() but no set name. Signed-off-by: Phil Sutter --- iptables/nft-cache.c | 26 +++++++++++++++----------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/iptables/nft-cache.c b/iptables/nft-cache.c index e042bd83bebf5..51b371c51c3f4 100644 --- a/iptables/nft-cache.c +++ b/iptables/nft-cache.c @@ -254,25 +254,31 @@ static int fetch_set_cache(struct nft_handle *h, .h = h, .t = t, }; + uint16_t flags = NLM_F_DUMP; + struct nftnl_set *s = NULL; struct nlmsghdr *nlh; char buf[16536]; int i, ret; - if (t && set) { - struct nftnl_set *s = nftnl_set_alloc(); - + if (t) { + s = nftnl_set_alloc(); if (!s) return -1; - nlh = nftnl_set_nlmsg_build_hdr(buf, NFT_MSG_GETSET, h->family, - NLM_F_ACK, h->seq); nftnl_set_set_str(s, NFTNL_SET_TABLE, t->name); - nftnl_set_set_str(s, NFTNL_SET_NAME, set); + + if (set) { + nftnl_set_set_str(s, NFTNL_SET_NAME, set); + flags = NLM_F_ACK; + } + } + + nlh = nftnl_set_nlmsg_build_hdr(buf, NFT_MSG_GETSET, + h->family, flags, h->seq); + + if (s) { nftnl_set_nlmsg_build_payload(nlh, s); nftnl_set_free(s); - } else { - nlh = nftnl_set_nlmsg_build_hdr(buf, NFT_MSG_GETSET, h->family, - NLM_F_DUMP, h->seq); } ret = mnl_talk(h, nlh, nftnl_set_list_cb, &d); @@ -282,8 +288,6 @@ static int fetch_set_cache(struct nft_handle *h, } if (t && set) { - struct nftnl_set *s; - s = nftnl_set_list_lookup_byname(h->cache->table[t->type].sets, set); set_fetch_elem_cb(s, h);