From patchwork Tue Oct 23 17:14:28 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pablo Neira Ayuso X-Patchwork-Id: 988290 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=netfilter.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 42fg3y2K8bz9sCQ for ; Wed, 24 Oct 2018 04:14:38 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728537AbeJXBiw (ORCPT ); Tue, 23 Oct 2018 21:38:52 -0400 Received: from mail.us.es ([193.147.175.20]:44742 "EHLO mail.us.es" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727758AbeJXBiw (ORCPT ); Tue, 23 Oct 2018 21:38:52 -0400 Received: from antivirus1-rhel7.int (unknown [192.168.2.11]) by mail.us.es (Postfix) with ESMTP id 2E292CE76D for ; Tue, 23 Oct 2018 19:14:35 +0200 (CEST) Received: from antivirus1-rhel7.int (localhost [127.0.0.1]) by antivirus1-rhel7.int (Postfix) with ESMTP id 165CBDA7AB for ; Tue, 23 Oct 2018 19:14:35 +0200 (CEST) Received: by antivirus1-rhel7.int (Postfix, from userid 99) id 158FEDA79C; Tue, 23 Oct 2018 19:14:35 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on antivirus1-rhel7.int X-Spam-Level: X-Spam-Status: No, score=-108.2 required=7.5 tests=ALL_TRUSTED,BAYES_50, SMTPAUTH_US2,USER_IN_WHITELIST autolearn=disabled version=3.4.1 Received: from antivirus1-rhel7.int (localhost [127.0.0.1]) by antivirus1-rhel7.int (Postfix) with ESMTP id F2B7BDA57F for ; Tue, 23 Oct 2018 19:14:32 +0200 (CEST) Received: from 192.168.1.97 (192.168.1.97) by antivirus1-rhel7.int (F-Secure/fsigk_smtp/550/antivirus1-rhel7.int); Tue, 23 Oct 2018 19:14:32 +0200 (CEST) X-Virus-Status: clean(F-Secure/fsigk_smtp/550/antivirus1-rhel7.int) Received: from salvia.here (sys.soleta.eu [212.170.55.40]) (Authenticated sender: pneira@us.es) by entrada.int (Postfix) with ESMTPA id DAE084265A31 for ; Tue, 23 Oct 2018 19:14:32 +0200 (CEST) X-SMTPAUTHUS: auth mail.us.es From: Pablo Neira Ayuso To: netfilter-devel@vger.kernel.org Subject: [PATCH nft 1/3] src: move socket open and reopen to mnl.c Date: Tue, 23 Oct 2018 19:14:28 +0200 Message-Id: <20181023171430.23677-1-pablo@netfilter.org> X-Mailer: git-send-email 2.11.0 X-Virus-Scanned: ClamAV using ClamSMTP Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org These functions are part of the mnl backend, move them there. Remove netlink_close_sock(), use direct call to mnl_socket_close(). Signed-off-by: Pablo Neira Ayuso --- include/mnl.h | 4 ++-- include/netlink.h | 1 - src/libnftables.c | 4 ++-- src/mnl.c | 22 ++++++++++++++++++++++ src/netlink.c | 27 --------------------------- src/rule.c | 2 +- 6 files changed, 27 insertions(+), 33 deletions(-) diff --git a/include/mnl.h b/include/mnl.h index 3ddc82a05cb0..676030e6c4c6 100644 --- a/include/mnl.h +++ b/include/mnl.h @@ -6,8 +6,8 @@ #include #include -struct mnl_socket *netlink_open_sock(void); -void netlink_close_sock(struct mnl_socket *nf_sock); +struct mnl_socket *nft_mnl_socket_open(void); +struct mnl_socket *nft_mnl_socket_reopen(struct mnl_socket *nf_sock); uint32_t mnl_seqnum_alloc(uint32_t *seqnum); uint16_t mnl_genid_get(struct netlink_ctx *ctx); diff --git a/include/netlink.h b/include/netlink.h index 66e400d88f19..af9313d51453 100644 --- a/include/netlink.h +++ b/include/netlink.h @@ -157,7 +157,6 @@ extern void netlink_dump_obj(struct nftnl_obj *nlo, struct netlink_ctx *ctx); extern int netlink_batch_send(struct netlink_ctx *ctx, struct list_head *err_list); -extern struct mnl_socket *netlink_restart(struct mnl_socket *nf_sock); #define netlink_abi_error() \ __netlink_abi_error(__FILE__, __LINE__, strerror(errno)); extern void __noreturn __netlink_abi_error(const char *file, int line, const char *reason); diff --git a/src/libnftables.c b/src/libnftables.c index 44869602c875..0731c532a22a 100644 --- a/src/libnftables.c +++ b/src/libnftables.c @@ -129,7 +129,7 @@ void nft_ctx_clear_include_paths(struct nft_ctx *ctx) static void nft_ctx_netlink_init(struct nft_ctx *ctx) { - ctx->nf_sock = netlink_open_sock(); + ctx->nf_sock = nft_mnl_socket_open(); } struct nft_ctx *nft_ctx_new(uint32_t flags) @@ -266,7 +266,7 @@ const char *nft_ctx_get_error_buffer(struct nft_ctx *ctx) void nft_ctx_free(struct nft_ctx *ctx) { if (ctx->nf_sock) - netlink_close_sock(ctx->nf_sock); + mnl_socket_close(ctx->nf_sock); exit_cookie(&ctx->output.output_cookie); exit_cookie(&ctx->output.error_cookie); diff --git a/src/mnl.c b/src/mnl.c index 9a6248aa0ad9..84727094e27e 100644 --- a/src/mnl.c +++ b/src/mnl.c @@ -28,10 +28,32 @@ #include #include #include +#include #include #include #include +struct mnl_socket *nft_mnl_socket_open(void) +{ + struct mnl_socket *nf_sock; + + nf_sock = mnl_socket_open(NETLINK_NETFILTER); + if (!nf_sock) + netlink_init_error(); + + if (fcntl(mnl_socket_get_fd(nf_sock), F_SETFL, O_NONBLOCK)) + netlink_init_error(); + + return nf_sock; +} + +struct mnl_socket *nft_mnl_socket_reopen(struct mnl_socket *nf_sock) +{ + mnl_socket_close(nf_sock); + + return nft_mnl_socket_open(); +} + uint32_t mnl_seqnum_alloc(unsigned int *seqnum) { return (*seqnum)++; diff --git a/src/netlink.c b/src/netlink.c index 403780ffdefb..8eb2ccad2f8c 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -10,7 +10,6 @@ */ #include -#include #include #include #include @@ -53,32 +52,6 @@ const struct location netlink_location = { .indesc = &indesc_netlink, }; -struct mnl_socket *netlink_open_sock(void) -{ - struct mnl_socket *nf_sock; - - nf_sock = mnl_socket_open(NETLINK_NETFILTER); - if (nf_sock == NULL) - netlink_init_error(); - - if (fcntl(mnl_socket_get_fd(nf_sock), F_SETFL, O_NONBLOCK)) - netlink_init_error(); - - return nf_sock; -} - -void netlink_close_sock(struct mnl_socket *nf_sock) -{ - if (nf_sock) - mnl_socket_close(nf_sock); -} - -struct mnl_socket *netlink_restart(struct mnl_socket *nf_sock) -{ - netlink_close_sock(nf_sock); - return netlink_open_sock(); -} - void __noreturn __netlink_abi_error(const char *file, int line, const char *reason) { diff --git a/src/rule.c b/src/rule.c index 12ac1310034d..9087fd2bd193 100644 --- a/src/rule.c +++ b/src/rule.c @@ -243,7 +243,7 @@ replay: if (ret < 0) { cache_release(cache); if (errno == EINTR) { - nft->nf_sock = netlink_restart(nft->nf_sock); + nft->nf_sock = nft_mnl_socket_reopen(nft->nf_sock); goto replay; } return -1; From patchwork Tue Oct 23 17:14:29 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pablo Neira Ayuso X-Patchwork-Id: 988292 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=netfilter.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 42fg405XMGz9sCQ for ; Wed, 24 Oct 2018 04:14:40 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728574AbeJXBiz (ORCPT ); Tue, 23 Oct 2018 21:38:55 -0400 Received: from mail.us.es ([193.147.175.20]:44788 "EHLO mail.us.es" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728321AbeJXBiz (ORCPT ); Tue, 23 Oct 2018 21:38:55 -0400 Received: from antivirus1-rhel7.int (unknown [192.168.2.11]) by mail.us.es (Postfix) with ESMTP id 601DACE765 for ; Tue, 23 Oct 2018 19:14:36 +0200 (CEST) Received: from antivirus1-rhel7.int (localhost [127.0.0.1]) by antivirus1-rhel7.int (Postfix) with ESMTP id 4B675DA797 for ; Tue, 23 Oct 2018 19:14:36 +0200 (CEST) Received: by antivirus1-rhel7.int (Postfix, from userid 99) id 40C81DA793; Tue, 23 Oct 2018 19:14:36 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on antivirus1-rhel7.int X-Spam-Level: X-Spam-Status: No, score=-108.2 required=7.5 tests=ALL_TRUSTED,BAYES_50, SMTPAUTH_US2,USER_IN_WHITELIST autolearn=disabled version=3.4.1 Received: from antivirus1-rhel7.int (localhost [127.0.0.1]) by antivirus1-rhel7.int (Postfix) with ESMTP id 127EEDA797 for ; Tue, 23 Oct 2018 19:14:34 +0200 (CEST) Received: from 192.168.1.97 (192.168.1.97) by antivirus1-rhel7.int (F-Secure/fsigk_smtp/550/antivirus1-rhel7.int); Tue, 23 Oct 2018 19:14:34 +0200 (CEST) X-Virus-Status: clean(F-Secure/fsigk_smtp/550/antivirus1-rhel7.int) Received: from salvia.here (sys.soleta.eu [212.170.55.40]) (Authenticated sender: pneira@us.es) by entrada.int (Postfix) with ESMTPA id F06864265A31 for ; Tue, 23 Oct 2018 19:14:33 +0200 (CEST) X-SMTPAUTHUS: auth mail.us.es From: Pablo Neira Ayuso To: netfilter-devel@vger.kernel.org Subject: [PATCH nft 2/3] mnl: remove alloc_nftnl_obj() Date: Tue, 23 Oct 2018 19:14:29 +0200 Message-Id: <20181023171430.23677-2-pablo@netfilter.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20181023171430.23677-1-pablo@netfilter.org> References: <20181023171430.23677-1-pablo@netfilter.org> X-Virus-Scanned: ClamAV using ClamSMTP Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org We can remove alloc_nftnl_obj() and consolidate infrastructure in the src/mnl.c file. Signed-off-by: Pablo Neira Ayuso --- In preparation for fine grain error reporting. include/mnl.h | 7 ++-- include/netlink.h | 4 -- src/mnl.c | 107 +++++++++++++++++++++++++++++++++++++++++++++-------- src/netlink.c | 108 ------------------------------------------------------ src/rule.c | 15 ++++---- 5 files changed, 101 insertions(+), 140 deletions(-) diff --git a/include/mnl.h b/include/mnl.h index 676030e6c4c6..457dd2ed1b9c 100644 --- a/include/mnl.h +++ b/include/mnl.h @@ -70,10 +70,9 @@ struct nftnl_obj_list *mnl_nft_obj_dump(struct netlink_ctx *ctx, int family, const char *table, const char *name, uint32_t type, bool dump, bool reset); -int mnl_nft_obj_batch_add(struct nftnl_obj *nln, struct nftnl_batch *batch, - unsigned int flags, uint32_t seqnum); -int mnl_nft_obj_batch_del(struct nftnl_obj *nln, struct nftnl_batch *batch, - unsigned int flags, uint32_t seqnum); +int mnl_nft_obj_add(struct netlink_ctx *ctx, const struct cmd *cmd, + unsigned int flags); +int mnl_nft_obj_del(struct netlink_ctx *ctx, const struct cmd *cmd, int type); struct nftnl_flowtable_list * mnl_nft_flowtable_dump(struct netlink_ctx *ctx, int family, const char *table); diff --git a/include/netlink.h b/include/netlink.h index af9313d51453..b82ca7272fb9 100644 --- a/include/netlink.h +++ b/include/netlink.h @@ -131,10 +131,6 @@ extern int netlink_delinearize_setelem(struct nftnl_set_elem *nlse, extern int netlink_list_objs(struct netlink_ctx *ctx, const struct handle *h); extern int netlink_reset_objs(struct netlink_ctx *ctx, const struct cmd *cmd, uint32_t type, bool dump); -extern int netlink_add_obj(struct netlink_ctx *ctx, const struct cmd *cmd, - uint32_t flags); -extern int netlink_delete_obj(struct netlink_ctx *ctx, const struct cmd *cmd, - uint32_t type); extern struct obj *netlink_delinearize_obj(struct netlink_ctx *ctx, struct nftnl_obj *nlo); diff --git a/src/mnl.c b/src/mnl.c index 84727094e27e..d3129fda2b89 100644 --- a/src/mnl.c +++ b/src/mnl.c @@ -902,32 +902,107 @@ err: return NULL; } -int mnl_nft_obj_batch_add(struct nftnl_obj *nln, struct nftnl_batch *batch, - unsigned int flags, uint32_t seqnum) +int mnl_nft_obj_add(struct netlink_ctx *ctx, const struct cmd *cmd, + unsigned int flags) { + struct obj *obj = cmd->object; + struct nftnl_obj *nlo; struct nlmsghdr *nlh; - nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(batch), - NFT_MSG_NEWOBJ, - nftnl_obj_get_u32(nln, NFTNL_OBJ_FAMILY), - NLM_F_CREATE | flags, seqnum); - nftnl_obj_nlmsg_build_payload(nlh, nln); - mnl_nft_batch_continue(batch); + nlo = nftnl_obj_alloc(); + if (!nlo) + memory_allocation_error(); + + nftnl_obj_set_u32(nlo, NFTNL_OBJ_FAMILY, cmd->handle.family); + nftnl_obj_set_str(nlo, NFTNL_OBJ_TABLE, cmd->handle.table.name); + nftnl_obj_set_str(nlo, NFTNL_OBJ_NAME, cmd->handle.obj.name); + nftnl_obj_set_u32(nlo, NFTNL_OBJ_TYPE, obj->type); + + switch (obj->type) { + case NFT_OBJECT_COUNTER: + nftnl_obj_set_u64(nlo, NFTNL_OBJ_CTR_PKTS, + obj->counter.packets); + nftnl_obj_set_u64(nlo, NFTNL_OBJ_CTR_BYTES, + obj->counter.bytes); + break; + case NFT_OBJECT_QUOTA: + nftnl_obj_set_u64(nlo, NFTNL_OBJ_QUOTA_BYTES, + obj->quota.bytes); + nftnl_obj_set_u64(nlo, NFTNL_OBJ_QUOTA_CONSUMED, + obj->quota.used); + nftnl_obj_set_u32(nlo, NFTNL_OBJ_QUOTA_FLAGS, + obj->quota.flags); + break; + case NFT_OBJECT_LIMIT: + nftnl_obj_set_u64(nlo, NFTNL_OBJ_LIMIT_RATE, obj->limit.rate); + nftnl_obj_set_u64(nlo, NFTNL_OBJ_LIMIT_UNIT, obj->limit.unit); + nftnl_obj_set_u32(nlo, NFTNL_OBJ_LIMIT_BURST, obj->limit.burst); + nftnl_obj_set_u32(nlo, NFTNL_OBJ_LIMIT_TYPE, obj->limit.type); + nftnl_obj_set_u32(nlo, NFTNL_OBJ_LIMIT_FLAGS, obj->limit.flags); + break; + case NFT_OBJECT_CT_HELPER: + nftnl_obj_set_str(nlo, NFTNL_OBJ_CT_HELPER_NAME, + obj->ct_helper.name); + nftnl_obj_set_u8(nlo, NFTNL_OBJ_CT_HELPER_L4PROTO, + obj->ct_helper.l4proto); + if (obj->ct_helper.l3proto) + nftnl_obj_set_u16(nlo, NFTNL_OBJ_CT_HELPER_L3PROTO, + obj->ct_helper.l3proto); + break; + case NFT_OBJECT_CT_TIMEOUT: + nftnl_obj_set_u8(nlo, NFTNL_OBJ_CT_TIMEOUT_L4PROTO, + obj->ct_timeout.l4proto); + if (obj->ct_timeout.l3proto) + nftnl_obj_set_u16(nlo, NFTNL_OBJ_CT_TIMEOUT_L3PROTO, + obj->ct_timeout.l3proto); + nftnl_obj_set(nlo, NFTNL_OBJ_CT_TIMEOUT_ARRAY, + obj->ct_timeout.timeout); + break; + case NFT_OBJECT_SECMARK: + nftnl_obj_set_str(nlo, NFTNL_OBJ_SECMARK_CTX, + obj->secmark.ctx); + break; + default: + BUG("Unknown type %d\n", obj->type); + break; + } + netlink_dump_obj(nlo, ctx); + + nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(ctx->batch), + NFT_MSG_NEWOBJ, cmd->handle.family, + NLM_F_CREATE | flags, ctx->seqnum); + nftnl_obj_nlmsg_build_payload(nlh, nlo); + nftnl_obj_free(nlo); + + mnl_nft_batch_continue(ctx->batch); return 0; } -int mnl_nft_obj_batch_del(struct nftnl_obj *nln, struct nftnl_batch *batch, - unsigned int flags, uint32_t seqnum) +int mnl_nft_obj_del(struct netlink_ctx *ctx, const struct cmd *cmd, int type) { + struct nftnl_obj *nlo; struct nlmsghdr *nlh; - nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(batch), - NFT_MSG_DELOBJ, - nftnl_obj_get_u32(nln, NFTNL_OBJ_FAMILY), - flags, seqnum); - nftnl_obj_nlmsg_build_payload(nlh, nln); - mnl_nft_batch_continue(batch); + nlo = nftnl_obj_alloc(); + if (!nlo) + memory_allocation_error(); + + nftnl_obj_set_u32(nlo, NFTNL_OBJ_FAMILY, cmd->handle.family); + nftnl_obj_set_str(nlo, NFTNL_OBJ_TABLE, cmd->handle.table.name); + nftnl_obj_set_u32(nlo, NFTNL_OBJ_TYPE, type); + if (cmd->handle.obj.name) + nftnl_obj_set_str(nlo, NFTNL_OBJ_NAME, cmd->handle.obj.name); + else if (cmd->handle.handle.id) + nftnl_obj_set_u64(nlo, NFTNL_OBJ_HANDLE, cmd->handle.handle.id); + + nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(ctx->batch), + NFT_MSG_DELOBJ, cmd->handle.family, + 0, ctx->seqnum); + nftnl_obj_nlmsg_build_payload(nlh, nlo); + nftnl_obj_free(nlo); + + mnl_nft_batch_continue(ctx->batch); return 0; } diff --git a/src/netlink.c b/src/netlink.c index 8eb2ccad2f8c..97e8ebaeb75e 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -175,84 +175,6 @@ static struct nftnl_set_elem *alloc_nftnl_setelem(const struct expr *set, return nlse; } -static struct nftnl_obj * -__alloc_nftnl_obj(const struct handle *h, uint32_t type) -{ - struct nftnl_obj *nlo; - - nlo = nftnl_obj_alloc(); - if (nlo == NULL) - memory_allocation_error(); - - nftnl_obj_set_u32(nlo, NFTNL_OBJ_FAMILY, h->family); - nftnl_obj_set_str(nlo, NFTNL_OBJ_TABLE, h->table.name); - if (h->obj.name != NULL) - nftnl_obj_set_str(nlo, NFTNL_OBJ_NAME, h->obj.name); - - nftnl_obj_set_u32(nlo, NFTNL_OBJ_TYPE, type); - if (h->handle.id) - nftnl_obj_set_u64(nlo, NFTNL_OBJ_HANDLE, h->handle.id); - - return nlo; -} - -static struct nftnl_obj * -alloc_nftnl_obj(const struct handle *h, struct obj *obj) -{ - struct nftnl_obj *nlo; - - nlo = __alloc_nftnl_obj(h, obj->type); - - switch (obj->type) { - case NFT_OBJECT_COUNTER: - nftnl_obj_set_u64(nlo, NFTNL_OBJ_CTR_PKTS, - obj->counter.packets); - nftnl_obj_set_u64(nlo, NFTNL_OBJ_CTR_BYTES, - obj->counter.bytes); - break; - case NFT_OBJECT_QUOTA: - nftnl_obj_set_u64(nlo, NFTNL_OBJ_QUOTA_BYTES, - obj->quota.bytes); - nftnl_obj_set_u64(nlo, NFTNL_OBJ_QUOTA_CONSUMED, - obj->quota.used); - nftnl_obj_set_u32(nlo, NFTNL_OBJ_QUOTA_FLAGS, - obj->quota.flags); - break; - case NFT_OBJECT_SECMARK: - nftnl_obj_set_str(nlo, NFTNL_OBJ_SECMARK_CTX, - obj->secmark.ctx); - break; - case NFT_OBJECT_CT_HELPER: - nftnl_obj_set_str(nlo, NFTNL_OBJ_CT_HELPER_NAME, - obj->ct_helper.name); - nftnl_obj_set_u8(nlo, NFTNL_OBJ_CT_HELPER_L4PROTO, - obj->ct_helper.l4proto); - if (obj->ct_helper.l3proto) - nftnl_obj_set_u16(nlo, NFTNL_OBJ_CT_HELPER_L3PROTO, - obj->ct_helper.l3proto); - break; - case NFT_OBJECT_CT_TIMEOUT: - nftnl_obj_set_u8(nlo, NFTNL_OBJ_CT_TIMEOUT_L4PROTO, - obj->ct_timeout.l4proto); - if (obj->ct_timeout.l3proto) - nftnl_obj_set_u16(nlo, NFTNL_OBJ_CT_TIMEOUT_L3PROTO, - obj->ct_timeout.l3proto); - nftnl_obj_set(nlo, NFTNL_OBJ_CT_TIMEOUT_ARRAY, obj->ct_timeout.timeout); - break; - case NFT_OBJECT_LIMIT: - nftnl_obj_set_u64(nlo, NFTNL_OBJ_LIMIT_RATE, obj->limit.rate); - nftnl_obj_set_u64(nlo, NFTNL_OBJ_LIMIT_UNIT, obj->limit.unit); - nftnl_obj_set_u32(nlo, NFTNL_OBJ_LIMIT_BURST, obj->limit.burst); - nftnl_obj_set_u32(nlo, NFTNL_OBJ_LIMIT_TYPE, obj->limit.type); - nftnl_obj_set_u32(nlo, NFTNL_OBJ_LIMIT_FLAGS, obj->limit.flags); - break; - default: - BUG("Unknown type %d\n", obj->type); - break; - } - return nlo; -} - void netlink_gen_raw_data(const mpz_t value, enum byteorder byteorder, unsigned int len, struct nft_data_linearize *data) { @@ -1006,36 +928,6 @@ void netlink_dump_obj(struct nftnl_obj *nln, struct netlink_ctx *ctx) fprintf(fp, "\n"); } -int netlink_add_obj(struct netlink_ctx *ctx, const struct cmd *cmd, - uint32_t flags) -{ - struct nftnl_obj *nlo; - int err; - - nlo = alloc_nftnl_obj(&cmd->handle, cmd->object); - netlink_dump_obj(nlo, ctx); - - err = mnl_nft_obj_batch_add(nlo, ctx->batch, flags, ctx->seqnum); - nftnl_obj_free(nlo); - - return err; -} - -int netlink_delete_obj(struct netlink_ctx *ctx, const struct cmd *cmd, - uint32_t type) -{ - struct nftnl_obj *nlo; - int err; - - nlo = __alloc_nftnl_obj(&cmd->handle, type); - netlink_dump_obj(nlo, ctx); - - err = mnl_nft_obj_batch_del(nlo, ctx->batch, 0, ctx->seqnum); - nftnl_obj_free(nlo); - - return err; -} - struct obj *netlink_delinearize_obj(struct netlink_ctx *ctx, struct nftnl_obj *nlo) { diff --git a/src/rule.c b/src/rule.c index 9087fd2bd193..718987dc3edf 100644 --- a/src/rule.c +++ b/src/rule.c @@ -1415,7 +1415,7 @@ static int do_command_add(struct netlink_ctx *ctx, struct cmd *cmd, bool excl) case CMD_OBJ_CT_TIMEOUT: case CMD_OBJ_LIMIT: case CMD_OBJ_SECMARK: - return netlink_add_obj(ctx, cmd, flags); + return mnl_nft_obj_add(ctx, cmd, flags); case CMD_OBJ_FLOWTABLE: return netlink_add_flowtable(ctx, cmd, flags); default: @@ -1493,18 +1493,17 @@ static int do_command_delete(struct netlink_ctx *ctx, struct cmd *cmd) case CMD_OBJ_SETELEM: return do_delete_setelems(ctx, cmd); case CMD_OBJ_COUNTER: - return netlink_delete_obj(ctx, cmd, NFT_OBJECT_COUNTER); + return mnl_nft_obj_del(ctx, cmd, NFT_OBJECT_COUNTER); case CMD_OBJ_QUOTA: - return netlink_delete_obj(ctx, cmd, NFT_OBJECT_QUOTA); + return mnl_nft_obj_del(ctx, cmd, NFT_OBJECT_QUOTA); case CMD_OBJ_CT_HELPER: - return netlink_delete_obj(ctx, cmd, NFT_OBJECT_CT_HELPER); + return mnl_nft_obj_del(ctx, cmd, NFT_OBJECT_CT_HELPER); case CMD_OBJ_CT_TIMEOUT: - return netlink_delete_obj(ctx, cmd, - NFT_OBJECT_CT_TIMEOUT); + return mnl_nft_obj_del(ctx, cmd, NFT_OBJECT_CT_TIMEOUT); case CMD_OBJ_LIMIT: - return netlink_delete_obj(ctx, cmd, NFT_OBJECT_LIMIT); + return mnl_nft_obj_del(ctx, cmd, NFT_OBJECT_LIMIT); case CMD_OBJ_SECMARK: - return netlink_delete_obj(ctx, cmd, NFT_OBJECT_SECMARK); + return mnl_nft_obj_del(ctx, cmd, NFT_OBJECT_SECMARK); case CMD_OBJ_FLOWTABLE: return netlink_delete_flowtable(ctx, cmd); default: From patchwork Tue Oct 23 17:14:30 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pablo Neira Ayuso X-Patchwork-Id: 988291 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=netfilter.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 42fg3z24wqz9sDr for ; Wed, 24 Oct 2018 04:14:39 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728553AbeJXBiy (ORCPT ); Tue, 23 Oct 2018 21:38:54 -0400 Received: from mail.us.es ([193.147.175.20]:44790 "EHLO mail.us.es" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728467AbeJXBiy (ORCPT ); Tue, 23 Oct 2018 21:38:54 -0400 Received: from antivirus1-rhel7.int (unknown [192.168.2.11]) by mail.us.es (Postfix) with ESMTP id AE25DCE76E for ; Tue, 23 Oct 2018 19:14:36 +0200 (CEST) Received: from antivirus1-rhel7.int (localhost [127.0.0.1]) by antivirus1-rhel7.int (Postfix) with ESMTP id 9EA73DA73F for ; Tue, 23 Oct 2018 19:14:36 +0200 (CEST) Received: by antivirus1-rhel7.int (Postfix, from userid 99) id 946ACDA79D; Tue, 23 Oct 2018 19:14:36 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on antivirus1-rhel7.int X-Spam-Level: X-Spam-Status: No, score=-108.2 required=7.5 tests=ALL_TRUSTED,BAYES_50, SMTPAUTH_US2,USER_IN_WHITELIST autolearn=disabled version=3.4.1 Received: from antivirus1-rhel7.int (localhost [127.0.0.1]) by antivirus1-rhel7.int (Postfix) with ESMTP id B2B2FDA73F for ; Tue, 23 Oct 2018 19:14:34 +0200 (CEST) Received: from 192.168.1.97 (192.168.1.97) by antivirus1-rhel7.int (F-Secure/fsigk_smtp/550/antivirus1-rhel7.int); Tue, 23 Oct 2018 19:14:34 +0200 (CEST) X-Virus-Status: clean(F-Secure/fsigk_smtp/550/antivirus1-rhel7.int) Received: from salvia.here (sys.soleta.eu [212.170.55.40]) (Authenticated sender: pneira@us.es) by entrada.int (Postfix) with ESMTPA id 9B7FD4265A31 for ; Tue, 23 Oct 2018 19:14:34 +0200 (CEST) X-SMTPAUTHUS: auth mail.us.es From: Pablo Neira Ayuso To: netfilter-devel@vger.kernel.org Subject: [PATCH nft 3/3] mnl: use either name or handle to refer to objects Date: Tue, 23 Oct 2018 19:14:30 +0200 Message-Id: <20181023171430.23677-3-pablo@netfilter.org> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20181023171430.23677-1-pablo@netfilter.org> References: <20181023171430.23677-1-pablo@netfilter.org> X-Virus-Scanned: ClamAV using ClamSMTP Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org We can only specify either name or handle to refer to objects. Signed-off-by: Pablo Neira Ayuso --- src/mnl.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/src/mnl.c b/src/mnl.c index d3129fda2b89..2be8ca14e50d 100644 --- a/src/mnl.c +++ b/src/mnl.c @@ -660,7 +660,7 @@ int mnl_nft_table_del(struct netlink_ctx *ctx, const struct cmd *cmd) nftnl_table_set_u32(nlt, NFTNL_TABLE_FAMILY, cmd->handle.family); if (cmd->handle.table.name) nftnl_table_set(nlt, NFTNL_TABLE_NAME, cmd->handle.table.name); - if (cmd->handle.handle.id) + else if (cmd->handle.handle.id) nftnl_table_set_u64(nlt, NFTNL_TABLE_HANDLE, cmd->handle.handle.id); @@ -830,7 +830,7 @@ int mnl_nft_set_del(struct netlink_ctx *ctx, const struct cmd *cmd) nftnl_set_set_str(nls, NFTNL_SET_TABLE, h->table.name); if (h->set.name) nftnl_set_set_str(nls, NFTNL_SET_NAME, h->set.name); - if (h->handle.id) + else if (h->handle.id) nftnl_set_set_u64(nls, NFTNL_SET_HANDLE, h->handle.id); nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(ctx->batch), @@ -1189,8 +1189,9 @@ int mnl_nft_setelem_del(struct netlink_ctx *ctx, const struct cmd *cmd) nftnl_set_set_u32(nls, NFTNL_SET_FAMILY, h->family); nftnl_set_set_str(nls, NFTNL_SET_TABLE, h->table.name); - nftnl_set_set_str(nls, NFTNL_SET_NAME, h->set.name); - if (h->handle.id) + if (h->set.name) + nftnl_set_set_str(nls, NFTNL_SET_NAME, h->set.name); + else if (h->handle.id) nftnl_set_set_u64(nls, NFTNL_SET_HANDLE, h->handle.id); if (cmd->expr)