This series combines the two series submitted earlier since they became
closely related in this iteration.
Patch 1 fixes a basic problem with cache_flush() after Eric's
cache_needs_more() change.
Patches 2, 3, 5 and 6 are requirements for patches 4 and 7 which are the
interesting ones: Patch 4 restores needed cache entries from command
list after a cache update. Patch 7 enables referencing a rule added by
the same transaction from another new rule by further exploiting the
logic added by patch 4.
Changes since v2 of "Resolve cache update woes" and v1 of "Support
intra-transaction rule references":
- Adjust cache_release() just like cache_flush().
- Split preparation work into separate patches.
- Adjust cache_add_commands() for later reuse by rule reference code,
also add error handling in case kernel ruleset changes incompatibly.
- Finally drop that workaround in tests/json_echo.
- Introduce rule_cache_update() as requested.
- Avoid fetching a full cache if the new rule does not contain any
reference.
Phil Sutter (7):
src: Fix cache_flush() in cache_needs_more() logic
libnftables: Keep list of commands in nft context
src: Make {table,chain}_not_found() public
src: Restore local entries after cache update
rule: Introduce rule_lookup_by_index()
src: Make cache_is_complete() public
src: Support intra-transaction rule references
include/nftables.h | 1 +
include/rule.h | 12 ++
src/evaluate.c | 107 +++++++-----
src/libnftables.c | 21 ++-
src/mnl.c | 4 +
src/rule.c | 152 +++++++++++++++++-
tests/json_echo/run-test.py | 6 +-
.../shell/testcases/cache/0003_cache_update_0 | 7 +
.../shell/testcases/nft-f/0006action_object_0 | 2 +-
tests/shell/testcases/transactions/0024rule_0 | 17 ++
.../transactions/dumps/0024rule_0.nft | 8 +
11 files changed, 280 insertions(+), 57 deletions(-)
create mode 100755 tests/shell/testcases/transactions/0024rule_0
create mode 100644 tests/shell/testcases/transactions/dumps/0024rule_0.nft
--
2.21.0
