On Thu, Sep 28, 2023 at 06:52:43PM +0200, Phil Sutter wrote:
> Relieve the dump callback from having to check nlmsg_type upon each
> call. Prep work for set element reset locking.
Maybe add this as a preparation patch first place in this series,
rather making this cleanup at this late stage of the batch.
> Signed-off-by: Phil Sutter <phil@xxxxxx>
> ---
> Changes since v1:
> - New patch
> ---
> net/netfilter/nf_tables_api.c | 18 ++++++++----------
> 1 file changed, 8 insertions(+), 10 deletions(-)
>
> diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
> index f154fcc341421..1491d4c65fed9 100644
> --- a/net/netfilter/nf_tables_api.c
> +++ b/net/netfilter/nf_tables_api.c
> @@ -5731,6 +5731,7 @@ static void audit_log_nft_set_reset(const struct nft_table *table,
> struct nft_set_dump_ctx {
> const struct nft_set *set;
> struct nft_ctx ctx;
> + bool reset;
> };
>
> static int nft_set_catchall_dump(struct net *net, struct sk_buff *skb,
> @@ -5770,7 +5771,6 @@ static int nf_tables_dump_set(struct sk_buff *skb, struct netlink_callback *cb)
> bool set_found = false;
> struct nlmsghdr *nlh;
> struct nlattr *nest;
> - bool reset = false;
> u32 portid, seq;
> int event;
>
> @@ -5818,12 +5818,9 @@ static int nf_tables_dump_set(struct sk_buff *skb, struct netlink_callback *cb)
> if (nest == NULL)
> goto nla_put_failure;
>
> - if (NFNL_MSG_TYPE(cb->nlh->nlmsg_type) == NFT_MSG_GETSETELEM_RESET)
> - reset = true;
> -
> args.cb = cb;
> args.skb = skb;
> - args.reset = reset;
> + args.reset = dump_ctx->reset;
> args.iter.genmask = nft_genmask_cur(net);
> args.iter.skip = cb->args[0];
> args.iter.count = 0;
> @@ -5833,11 +5830,11 @@ static int nf_tables_dump_set(struct sk_buff *skb, struct netlink_callback *cb)
>
> if (!args.iter.err && args.iter.count == cb->args[0])
> args.iter.err = nft_set_catchall_dump(net, skb, set,
> - reset, cb->seq);
> + dump_ctx->reset, cb->seq);
> nla_nest_end(skb, nest);
> nlmsg_end(skb, nlh);
>
> - if (reset && args.iter.count > args.iter.skip)
> + if (dump_ctx->reset && args.iter.count > args.iter.skip)
> audit_log_nft_set_reset(table, cb->seq,
> args.iter.count - args.iter.skip);
>
> @@ -6088,6 +6085,9 @@ static int nf_tables_getsetelem(struct sk_buff *skb,
>
> nft_ctx_init(&ctx, net, skb, info->nlh, family, table, NULL, nla);
>
> + if (NFNL_MSG_TYPE(info->nlh->nlmsg_type) == NFT_MSG_GETSETELEM_RESET)
> + reset = true;
> +
> if (info->nlh->nlmsg_flags & NLM_F_DUMP) {
> struct netlink_dump_control c = {
> .start = nf_tables_dump_set_start,
> @@ -6098,6 +6098,7 @@ static int nf_tables_getsetelem(struct sk_buff *skb,
> struct nft_set_dump_ctx dump_ctx = {
> .set = set,
> .ctx = ctx,
> + .reset = reset,
> };
>
> c.data = &dump_ctx;
> @@ -6107,9 +6108,6 @@ static int nf_tables_getsetelem(struct sk_buff *skb,
> if (!nla[NFTA_SET_ELEM_LIST_ELEMENTS])
> return -EINVAL;
>
> - if (NFNL_MSG_TYPE(info->nlh->nlmsg_type) == NFT_MSG_GETSETELEM_RESET)
> - reset = true;
> -
> nla_for_each_nested(attr, nla[NFTA_SET_ELEM_LIST_ELEMENTS], rem) {
> err = nft_get_set_elem(&ctx, set, attr, reset);
> if (err < 0) {
> --
> 2.41.0
>
