[PATCH nft 3/4] mnl: remove alloc_nftnl_table()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The netlink layer sits in between the mnl and the rule layers, remove
it. We can remove alloc_nftnl_table() and consolidate infrastructure in
the src/mnl.c file.

Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---
 include/mnl.h     |  9 +++++----
 include/netlink.h |  7 -------
 src/mnl.c         | 55 ++++++++++++++++++++++++++++++++++++++++-----------
 src/netlink.c     | 59 -------------------------------------------------------
 src/rule.c        |  7 ++++---
 5 files changed, 52 insertions(+), 85 deletions(-)

diff --git a/include/mnl.h b/include/mnl.h
index 36109c7ad94e..44dd90f91814 100644
--- a/include/mnl.h
+++ b/include/mnl.h
@@ -3,6 +3,7 @@
 
 #include <list.h>
 #include <netlink.h>
+#include <rule.h>
 #include <libmnl/libmnl.h>
 
 struct mnl_socket *netlink_open_sock(void);
@@ -42,10 +43,10 @@ int mnl_nft_chain_batch_del(struct nftnl_chain *nlc, struct nftnl_batch *batch,
 struct nftnl_chain_list *mnl_nft_chain_dump(struct netlink_ctx *ctx,
 					    int family);
 
-int mnl_nft_table_batch_add(struct nftnl_table *nlt, struct nftnl_batch *batch,
-			    unsigned int flags, uint32_t seqnum);
-int mnl_nft_table_batch_del(struct nftnl_table *nlt, struct nftnl_batch *batch,
-			    unsigned int flags, uint32_t seqnum);
+int mnl_nft_table_add(struct netlink_ctx *ctx, const struct cmd *cmd,
+		      unsigned int flags);
+int mnl_nft_table_del(struct netlink_ctx *ctx, const struct cmd *cmd);
+
 struct nftnl_table_list *mnl_nft_table_dump(struct netlink_ctx *ctx,
 					    int family);
 
diff --git a/include/netlink.h b/include/netlink.h
index 4925af04a707..42c3eb902a1e 100644
--- a/include/netlink.h
+++ b/include/netlink.h
@@ -57,7 +57,6 @@ struct netlink_ctx {
 	struct nft_cache	*cache;
 };
 
-extern struct nftnl_table *alloc_nftnl_table(const struct handle *h);
 extern struct nftnl_chain *alloc_nftnl_chain(const struct handle *h);
 extern struct nftnl_rule *alloc_nftnl_rule(const struct handle *h);
 extern struct nftnl_expr *alloc_nft_expr(const char *name);
@@ -130,10 +129,6 @@ extern int netlink_flush_chain(struct netlink_ctx *ctx, const struct cmd *cmd);
 extern struct chain *netlink_delinearize_chain(struct netlink_ctx *ctx,
 					       const struct nftnl_chain *nlc);
 
-extern int netlink_add_table_batch(struct netlink_ctx *ctx,
-				   const struct cmd *cmd, uint32_t flags);
-extern int netlink_delete_table_batch(struct netlink_ctx *ctx,
-				      const struct cmd *cmd);
 extern int netlink_list_tables(struct netlink_ctx *ctx, const struct handle *h);
 extern int netlink_list_table(struct netlink_ctx *ctx, const struct handle *h);
 extern int netlink_flush_table(struct netlink_ctx *ctx, const struct cmd *cmd);
@@ -205,8 +200,6 @@ extern int netlink_io_error(struct netlink_ctx *ctx,
 	__netlink_init_error(__FILE__, __LINE__, strerror(errno));
 extern void __noreturn __netlink_init_error(const char *file, int line, const char *reason);
 
-extern int netlink_flush_ruleset(struct netlink_ctx *ctx, const struct cmd *cmd);
-
 extern struct nftnl_ruleset *netlink_dump_ruleset(struct netlink_ctx *ctx,
 						const struct handle *h,
 						const struct location *loc);
diff --git a/src/mnl.c b/src/mnl.c
index 6a6d45ce71db..8cc4f168829c 100644
--- a/src/mnl.c
+++ b/src/mnl.c
@@ -468,32 +468,63 @@ err:
 /*
  * Table
  */
-int mnl_nft_table_batch_add(struct nftnl_table *nlt, struct nftnl_batch *batch,
-			    unsigned int flags, uint32_t seqnum)
+int mnl_nft_table_add(struct netlink_ctx *ctx, const struct cmd *cmd,
+		      unsigned int flags)
 {
+	struct nftnl_table *nlt;
 	struct nlmsghdr *nlh;
 
-	nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(batch),
+	nlt = nftnl_table_alloc();
+	if (nlt == NULL)
+		memory_allocation_error();
+
+	nftnl_table_set_u32(nlt, NFTNL_TABLE_FAMILY, cmd->handle.family);
+	nftnl_table_set(nlt, NFTNL_TABLE_NAME, cmd->handle.table.name);
+	if (cmd->table)
+		nftnl_table_set_u32(nlt, NFTNL_TABLE_FLAGS, cmd->table->flags);
+	else
+		nftnl_table_set_u32(nlt, NFTNL_TABLE_FLAGS, 0);
+
+	nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(ctx->batch),
 				    NFT_MSG_NEWTABLE,
-				    nftnl_table_get_u32(nlt, NFTNL_TABLE_FAMILY),
-				    flags, seqnum);
+				    cmd->handle.family,
+				    flags, ctx->seqnum);
 	nftnl_table_nlmsg_build_payload(nlh, nlt);
-	mnl_nft_batch_continue(batch);
+	nftnl_table_free(nlt);
+
+	mnl_nft_batch_continue(ctx->batch);
 
 	return 0;
 }
 
-int mnl_nft_table_batch_del(struct nftnl_table *nlt, struct nftnl_batch *batch,
-			    unsigned int flags, uint32_t seqnum)
+int mnl_nft_table_del(struct netlink_ctx *ctx, const struct cmd *cmd)
 {
+	struct nftnl_table *nlt;
 	struct nlmsghdr *nlh;
 
-	nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(batch),
+	nlt = nftnl_table_alloc();
+	if (nlt == NULL)
+		memory_allocation_error();
+
+	nftnl_table_set_u32(nlt, NFTNL_TABLE_FAMILY, cmd->handle.family);
+	if (cmd->handle.table.name)
+		nftnl_table_set(nlt, NFTNL_TABLE_NAME, cmd->handle.table.name);
+	if (cmd->handle.handle.id)
+		nftnl_table_set_u64(nlt, NFTNL_TABLE_HANDLE,
+				    cmd->handle.handle.id);
+
+	nlt = nftnl_table_alloc();
+	if (nlt == NULL)
+		memory_allocation_error();
+
+	nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(ctx->batch),
 				    NFT_MSG_DELTABLE,
-				    nftnl_table_get_u32(nlt, NFTNL_TABLE_FAMILY),
-				    NLM_F_ACK, seqnum);
+				    cmd->handle.family,
+				    NLM_F_ACK, ctx->seqnum);
 	nftnl_table_nlmsg_build_payload(nlh, nlt);
-	mnl_nft_batch_continue(batch);
+	nftnl_table_free(nlt);
+
+	mnl_nft_batch_continue(ctx->batch);
 
 	return 0;
 }
diff --git a/src/netlink.c b/src/netlink.c
index f40678f8c01b..f84c050102f5 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -111,23 +111,6 @@ void __noreturn __netlink_init_error(const char *filename, int line,
 	exit(NFT_EXIT_NONL);
 }
 
-struct nftnl_table *alloc_nftnl_table(const struct handle *h)
-{
-	struct nftnl_table *nlt;
-
-	nlt = nftnl_table_alloc();
-	if (nlt == NULL)
-		memory_allocation_error();
-
-	nftnl_table_set_u32(nlt, NFTNL_TABLE_FAMILY, h->family);
-	if (h->table.name != NULL)
-		nftnl_table_set(nlt, NFTNL_TABLE_NAME, h->table.name);
-	if (h->handle.id)
-		nftnl_table_set_u64(nlt, NFTNL_TABLE_HANDLE, h->handle.id);
-
-	return nlt;
-}
-
 struct nftnl_chain *alloc_nftnl_chain(const struct handle *h)
 {
 	struct nftnl_chain *nlc;
@@ -733,36 +716,6 @@ int netlink_flush_chain(struct netlink_ctx *ctx, const struct cmd *cmd)
 	return netlink_del_rule_batch(ctx, cmd);
 }
 
-int netlink_add_table_batch(struct netlink_ctx *ctx, const struct cmd *cmd,
-			    uint32_t flags)
-{
-	struct nftnl_table *nlt;
-	int err;
-
-	nlt = alloc_nftnl_table(&cmd->handle);
-	if (cmd->table != NULL)
-		nftnl_table_set_u32(nlt, NFTNL_TABLE_FLAGS, cmd->table->flags);
-	else
-		nftnl_table_set_u32(nlt, NFTNL_TABLE_FLAGS, 0);
-
-	err = mnl_nft_table_batch_add(nlt, ctx->batch, flags, ctx->seqnum);
-	nftnl_table_free(nlt);
-
-	return err;
-}
-
-int netlink_delete_table_batch(struct netlink_ctx *ctx, const struct cmd *cmd)
-{
-	struct nftnl_table *nlt;
-	int err;
-
-	nlt = alloc_nftnl_table(&cmd->handle);
-	err = mnl_nft_table_batch_del(nlt, ctx->batch, 0, ctx->seqnum);
-	nftnl_table_free(nlt);
-
-	return err;
-}
-
 struct table *netlink_delinearize_table(struct netlink_ctx *ctx,
 					const struct nftnl_table *nlt)
 {
@@ -1652,18 +1605,6 @@ int netlink_batch_send(struct netlink_ctx *ctx, struct list_head *err_list)
 	return mnl_batch_talk(ctx, err_list);
 }
 
-int netlink_flush_ruleset(struct netlink_ctx *ctx, const struct cmd *cmd)
-{
-	struct nftnl_table *nlt;
-	int err;
-
-	nlt = alloc_nftnl_table(&cmd->handle);
-	err = mnl_nft_table_batch_del(nlt, ctx->batch, 0, ctx->seqnum);
-	nftnl_table_free(nlt);
-
-	return err;
-}
-
 struct nftnl_ruleset *netlink_dump_ruleset(struct netlink_ctx *ctx,
 					 const struct handle *h,
 					 const struct location *loc)
diff --git a/src/rule.c b/src/rule.c
index 32b13b19b6e1..81d5c3e9f41f 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -21,6 +21,7 @@
 #include <utils.h>
 #include <netdb.h>
 #include <netlink.h>
+#include <mnl.h>
 #include <json.h>
 
 #include <libnftnl/common.h>
@@ -1409,7 +1410,7 @@ static int do_command_add(struct netlink_ctx *ctx, struct cmd *cmd, bool excl)
 
 	switch (cmd->obj) {
 	case CMD_OBJ_TABLE:
-		return netlink_add_table_batch(ctx, cmd, flags);
+		return mnl_nft_table_add(ctx, cmd, flags);
 	case CMD_OBJ_CHAIN:
 		return netlink_add_chain_batch(ctx, cmd, flags);
 	case CMD_OBJ_RULE:
@@ -1492,7 +1493,7 @@ static int do_command_delete(struct netlink_ctx *ctx, struct cmd *cmd)
 {
 	switch (cmd->obj) {
 	case CMD_OBJ_TABLE:
-		return netlink_delete_table_batch(ctx, cmd);
+		return mnl_nft_table_del(ctx, cmd);
 	case CMD_OBJ_CHAIN:
 		return netlink_delete_chain_batch(ctx, cmd);
 	case CMD_OBJ_RULE:
@@ -2267,7 +2268,7 @@ static int do_command_flush(struct netlink_ctx *ctx, struct cmd *cmd)
 	case CMD_OBJ_METER:
 		return netlink_flush_setelems(ctx, cmd);
 	case CMD_OBJ_RULESET:
-		return netlink_flush_ruleset(ctx, cmd);
+		return mnl_nft_table_del(ctx, cmd);
 	default:
 		BUG("invalid command object type %u\n", cmd->obj);
 	}
-- 
2.11.0
[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux