netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH] netlink: kill non-batch compat code
@ 2015-04-11 21:55 Patrick McHardy
  0 siblings, 0 replies; only message in thread
From: Patrick McHardy @ 2015-04-11 21:55 UTC (permalink / raw)
  To: pablo; +Cc: netfilter-devel

While trying to reduce code duplication in the non-batch netlink compat
code, I noticed that from day 1 (commit a72315d, "src: add rule batching
support") all rule updates were performed using batching and
mnl_nft_rule_add() didn't have any callers in the tree.

Given that apparently non-compat was never even used, this strongly
indicates that is not needed and can be removed.

Signed-off-by: Patrick McHardy <kaber@trash.net>
---
 include/mnl.h     |  22 ----
 include/netlink.h |   8 --
 src/main.c        |   2 -
 src/mnl.c         | 226 +----------------------------------
 src/netlink.c     | 352 +++++-------------------------------------------------
 src/rule.c        |  10 +-
 6 files changed, 36 insertions(+), 584 deletions(-)

diff --git a/include/mnl.h b/include/mnl.h
index a0dfa1b..7591670 100644
--- a/include/mnl.h
+++ b/include/mnl.h
@@ -27,19 +27,11 @@ int mnl_nft_rule_batch_add(struct nft_rule *nlr, unsigned int flags,
 int mnl_nft_rule_batch_del(struct nft_rule *nlr, unsigned int flags,
 			   uint32_t seqnum);
 
-int mnl_nft_rule_add(struct mnl_socket *nf_sock, struct nft_rule *r,
-		     unsigned int flags);
-int mnl_nft_rule_delete(struct mnl_socket *nf_sock, struct nft_rule *r,
-			unsigned int flags);
 struct nft_rule_list *mnl_nft_rule_dump(struct mnl_socket *nf_sock,
 					int family);
 
-int mnl_nft_chain_add(struct mnl_socket *nf_sock, struct nft_chain *nlc,
-		      unsigned int flags);
 int mnl_nft_chain_batch_add(struct nft_chain *nlc,
 			    unsigned int flags, uint32_t seq);
-int mnl_nft_chain_delete(struct mnl_socket *nf_sock, struct nft_chain *nlc,
-                         unsigned int flags);
 int mnl_nft_chain_batch_del(struct nft_chain *nlc,
 			    unsigned int flags, uint32_t seq);
 struct nft_chain_list *mnl_nft_chain_dump(struct mnl_socket *nf_sock,
@@ -47,12 +39,8 @@ struct nft_chain_list *mnl_nft_chain_dump(struct mnl_socket *nf_sock,
 int mnl_nft_chain_get(struct mnl_socket *nf_sock, struct nft_chain *nlc,
 		      unsigned int flags);
 
-int mnl_nft_table_add(struct mnl_socket *nf_sock, struct nft_table *nlt,
-		      unsigned int flags);
 int mnl_nft_table_batch_add(struct nft_table *nlt,
 			    unsigned int flags, uint32_t seq);
-int mnl_nft_table_delete(struct mnl_socket *nf_sock, struct nft_table *nlt,
-			 unsigned int flags);
 int mnl_nft_table_batch_del(struct nft_table *nlt,
 			    unsigned int flags, uint32_t seq);
 struct nft_table_list *mnl_nft_table_dump(struct mnl_socket *nf_sock,
@@ -60,24 +48,16 @@ struct nft_table_list *mnl_nft_table_dump(struct mnl_socket *nf_sock,
 int mnl_nft_table_get(struct mnl_socket *nf_sock, struct nft_table *nlt,
 		      unsigned int flags);
 
-int mnl_nft_set_add(struct mnl_socket *nf_sock, struct nft_set *nls,
-		    unsigned int flags);
 int mnl_nft_set_batch_add(struct nft_set *nls,
 			  unsigned int flags, uint32_t seq);
-int mnl_nft_set_delete(struct mnl_socket *nf_sock, struct nft_set *nls,
-		       unsigned int flags);
 int mnl_nft_set_batch_del(struct nft_set *nls,
 			  unsigned int flags, uint32_t seq);
 struct nft_set_list *mnl_nft_set_dump(struct mnl_socket *nf_sock, int family,
 				      const char *table);
 int mnl_nft_set_get(struct mnl_socket *nf_sock, struct nft_set *nls);
 
-int mnl_nft_setelem_add(struct mnl_socket *nf_sock, struct nft_set *nls,
-			unsigned int flags);
 int mnl_nft_setelem_batch_add(struct nft_set *nls,
 			      unsigned int flags, uint32_t seq);
-int mnl_nft_setelem_delete(struct mnl_socket *nf_sock, struct nft_set *nls,
-			   unsigned int flags);
 int mnl_nft_setelem_batch_del(struct nft_set *nls,
 			      unsigned int flags, uint32_t seq);
 int mnl_nft_setelem_get(struct mnl_socket *nf_sock, struct nft_set *nls);
@@ -88,6 +68,4 @@ int mnl_nft_event_listener(struct mnl_socket *nf_sock,
 			   int (*cb)(const struct nlmsghdr *nlh, void *data),
 			   void *cb_data);
 
-bool mnl_batch_supported(struct mnl_socket *nf_sock);
-
 #endif /* _NFTABLES_MNL_H_ */
diff --git a/include/netlink.h b/include/netlink.h
index c1ff9c6..98d5a85 100644
--- a/include/netlink.h
+++ b/include/netlink.h
@@ -30,7 +30,6 @@ struct netlink_ctx {
 	struct set		*set;
 	const void		*data;
 	uint32_t		seqnum;
-	bool			batch_supported;
 };
 
 extern struct nft_table *alloc_nft_table(const struct handle *h);
@@ -77,12 +76,6 @@ extern int netlink_delete_rule(struct netlink_ctx *ctx, const struct handle *h,
 			       const struct location *loc);
 extern int netlink_add_rule_list(struct netlink_ctx *ctx, const struct handle *h,
 				 struct list_head *rule_list);
-extern int netlink_add_rule_batch(struct netlink_ctx *ctx,
-				  const struct handle *h,
-				  const struct rule *rule, uint32_t flags);
-extern int netlink_del_rule_batch(struct netlink_ctx *ctx,
-				  const struct handle *h,
-				  const struct location *loc);
 
 extern int netlink_add_chain(struct netlink_ctx *ctx, const struct handle *h,
 			     const struct location *loc,
@@ -163,6 +156,5 @@ struct netlink_mon_handler {
 };
 
 extern int netlink_monitor(struct netlink_mon_handler *monhandler);
-bool netlink_batch_supported(void);
 
 #endif /* NFTABLES_NETLINK_H */
diff --git a/src/main.c b/src/main.c
index 4590c30..95bcd57 100644
--- a/src/main.c
+++ b/src/main.c
@@ -178,7 +178,6 @@ static int nft_netlink(struct parser_state *state, struct list_head *msgs)
 	struct mnl_err *err, *tmp;
 	LIST_HEAD(err_list);
 	uint32_t batch_seqnum;
-	bool batch_supported = netlink_batch_supported();
 	int ret = 0;
 
 	netlink_genid_get();
@@ -189,7 +188,6 @@ static int nft_netlink(struct parser_state *state, struct list_head *msgs)
 		memset(&ctx, 0, sizeof(ctx));
 		ctx.msgs = msgs;
 		ctx.seqnum = cmd->seqnum = mnl_seqnum_alloc();
-		ctx.batch_supported = batch_supported;
 		init_list_head(&ctx.list);
 		ret = do_command(&ctx, cmd);
 		if (ret < 0)
diff --git a/src/mnl.c b/src/mnl.c
index 89c2bb5..6375cb8 100644
--- a/src/mnl.c
+++ b/src/mnl.c
@@ -342,6 +342,10 @@ int mnl_batch_talk(struct mnl_socket *nl, struct list_head *err_list)
 	return ret;
 }
 
+/*
+ * Rule
+ */
+
 int mnl_nft_rule_batch_add(struct nft_rule *nlr, unsigned int flags,
 			   uint32_t seqnum)
 {
@@ -374,37 +378,6 @@ int mnl_nft_rule_batch_del(struct nft_rule *nlr, unsigned int flags,
 	return 0;
 }
 
-/*
- * Rule
- */
-int mnl_nft_rule_add(struct mnl_socket *nf_sock, struct nft_rule *nlr,
-		     unsigned int flags)
-{
-	char buf[MNL_SOCKET_BUFFER_SIZE];
-	struct nlmsghdr *nlh;
-
-	nlh = nft_rule_nlmsg_build_hdr(buf, NFT_MSG_NEWRULE,
-			nft_rule_attr_get_u32(nlr, NFT_RULE_ATTR_FAMILY),
-			NLM_F_ACK | NLM_F_CREATE | flags, seq);
-	nft_rule_nlmsg_build_payload(nlh, nlr);
-
-	return nft_mnl_talk(nf_sock, nlh, nlh->nlmsg_len, NULL, NULL);
-}
-
-int mnl_nft_rule_delete(struct mnl_socket *nf_sock, struct nft_rule *nlr,
-			unsigned int flags)
-{
-	char buf[MNL_SOCKET_BUFFER_SIZE];
-	struct nlmsghdr *nlh;
-
-	nlh = nft_rule_nlmsg_build_hdr(buf, NFT_MSG_DELRULE,
-			nft_rule_attr_get_u32(nlr, NFT_RULE_ATTR_FAMILY),
-			NLM_F_ACK, seq);
-	nft_rule_nlmsg_build_payload(nlh, nlr);
-
-	return nft_mnl_talk(nf_sock, nlh, nlh->nlmsg_len, NULL, NULL);
-}
-
 static int rule_cb(const struct nlmsghdr *nlh, void *data)
 {
 	struct nft_rule_list *nlr_list = data;
@@ -455,20 +428,6 @@ err:
 /*
  * Chain
  */
-int mnl_nft_chain_add(struct mnl_socket *nf_sock, struct nft_chain *nlc,
-		      unsigned int flags)
-
-{
-	char buf[MNL_SOCKET_BUFFER_SIZE];
-	struct nlmsghdr *nlh;
-
-	nlh = nft_chain_nlmsg_build_hdr(buf, NFT_MSG_NEWCHAIN,
-			nft_chain_attr_get_u32(nlc, NFT_CHAIN_ATTR_FAMILY),
-			NLM_F_CREATE | NLM_F_ACK | flags, seq);
-	nft_chain_nlmsg_build_payload(nlh, nlc);
-
-	return nft_mnl_talk(nf_sock, nlh, nlh->nlmsg_len, NULL, NULL);
-}
 
 int mnl_nft_chain_batch_add(struct nft_chain *nlc, unsigned int flags,
 			    uint32_t seqnum)
@@ -486,20 +445,6 @@ int mnl_nft_chain_batch_add(struct nft_chain *nlc, unsigned int flags,
 	return 0;
 }
 
-int mnl_nft_chain_delete(struct mnl_socket *nf_sock, struct nft_chain *nlc,
-			 unsigned int flags)
-{
-	char buf[MNL_SOCKET_BUFFER_SIZE];
-	struct nlmsghdr *nlh;
-
-	nlh = nft_chain_nlmsg_build_hdr(buf, NFT_MSG_DELCHAIN,
-			nft_chain_attr_get_u32(nlc, NFT_CHAIN_ATTR_FAMILY),
-			NLM_F_ACK, seq);
-	nft_chain_nlmsg_build_payload(nlh, nlc);
-
-	return nft_mnl_talk(nf_sock, nlh, nlh->nlmsg_len, NULL, NULL);
-}
-
 int mnl_nft_chain_batch_del(struct nft_chain *nlc, unsigned int flags,
 			    uint32_t seqnum)
 {
@@ -585,19 +530,6 @@ int mnl_nft_chain_get(struct mnl_socket *nf_sock, struct nft_chain *nlc,
 /*
  * Table
  */
-int mnl_nft_table_add(struct mnl_socket *nf_sock, struct nft_table *nlt,
-		      unsigned int flags)
-{
-	char buf[MNL_SOCKET_BUFFER_SIZE];
-	struct nlmsghdr *nlh;
-
-	nlh = nft_table_nlmsg_build_hdr(buf, NFT_MSG_NEWTABLE,
-			nft_table_attr_get_u32(nlt, NFT_TABLE_ATTR_FAMILY),
-			NLM_F_ACK | flags, seq);
-	nft_table_nlmsg_build_payload(nlh, nlt);
-
-	return nft_mnl_talk(nf_sock, nlh, nlh->nlmsg_len, NULL, NULL);
-}
 
 int mnl_nft_table_batch_add(struct nft_table *nlt, unsigned int flags,
 			    uint32_t seqnum)
@@ -614,20 +546,6 @@ int mnl_nft_table_batch_add(struct nft_table *nlt, unsigned int flags,
 	return 0;
 }
 
-int mnl_nft_table_delete(struct mnl_socket *nf_sock, struct nft_table *nlt,
-		      unsigned int flags)
-{
-	char buf[MNL_SOCKET_BUFFER_SIZE];
-	struct nlmsghdr *nlh;
-
-	nlh = nft_table_nlmsg_build_hdr(buf, NFT_MSG_DELTABLE,
-			nft_table_attr_get_u32(nlt, NFT_TABLE_ATTR_FAMILY),
-			NLM_F_ACK, seq);
-	nft_table_nlmsg_build_payload(nlh, nlt);
-
-	return nft_mnl_talk(nf_sock, nlh, nlh->nlmsg_len, NULL, NULL);
-}
-
 int mnl_nft_table_batch_del(struct nft_table *nlt, unsigned int flags,
 			    uint32_t seqnum)
 {
@@ -715,39 +633,6 @@ int mnl_nft_table_get(struct mnl_socket *nf_sock, struct nft_table *nlt,
 /*
  * Set
  */
-static int set_add_cb(const struct nlmsghdr *nlh, void *data)
-{
-	nft_set_nlmsg_parse(nlh, data);
-	return MNL_CB_OK;
-}
-
-int mnl_nft_set_add(struct mnl_socket *nf_sock, struct nft_set *nls,
-		    unsigned int flags)
-{
-	char buf[MNL_SOCKET_BUFFER_SIZE];
-	struct nlmsghdr *nlh;
-
-	nlh = nft_set_nlmsg_build_hdr(buf, NFT_MSG_NEWSET,
-			nft_set_attr_get_u32(nls, NFT_SET_ATTR_FAMILY),
-			NLM_F_CREATE | NLM_F_ACK | flags, seq);
-	nft_set_nlmsg_build_payload(nlh, nls);
-
-	return nft_mnl_talk(nf_sock, nlh, nlh->nlmsg_len, set_add_cb, nls);
-}
-
-int mnl_nft_set_delete(struct mnl_socket *nf_sock, struct nft_set *nls,
-		       unsigned int flags)
-{
-	char buf[MNL_SOCKET_BUFFER_SIZE];
-	struct nlmsghdr *nlh;
-
-	nlh = nft_set_nlmsg_build_hdr(buf, NFT_MSG_DELSET,
-			nft_set_attr_get_u32(nls, NFT_SET_ATTR_FAMILY),
-			flags|NLM_F_ACK, seq);
-	nft_set_nlmsg_build_payload(nlh, nls);
-
-	return nft_mnl_talk(nf_sock, nlh, nlh->nlmsg_len, NULL, NULL);
-}
 
 int mnl_nft_set_batch_add(struct nft_set *nls, unsigned int flags,
 			  uint32_t seqnum)
@@ -860,44 +745,6 @@ int mnl_nft_set_get(struct mnl_socket *nf_sock, struct nft_set *nls)
 /*
  * Set elements
  */
-int mnl_nft_setelem_add(struct mnl_socket *nf_sock, struct nft_set *nls,
-			unsigned int flags)
-{
-	char buf[NFT_NLMSG_MAXSIZE];
-	struct nlmsghdr *nlh;
-	struct nft_set_elems_iter *iter;
-	int ret, err;
-
-	iter = nft_set_elems_iter_create(nls);
-	if (iter == NULL)
-		memory_allocation_error();
-
-	do {
-		nlh = nft_set_elem_nlmsg_build_hdr(buf, NFT_MSG_NEWSETELEM,
-				nft_set_attr_get_u32(nls, NFT_SET_ATTR_FAMILY),
-				NLM_F_CREATE | NLM_F_ACK | flags, seq);
-		ret = nft_set_elems_nlmsg_build_payload_iter(nlh, iter);
-		err = nft_mnl_talk(nf_sock, nlh, nlh->nlmsg_len, NULL, NULL);
-	} while (ret > 0 && err >= 0);
-
-	nft_set_elems_iter_destroy(iter);
-
-	return err;
-}
-
-int mnl_nft_setelem_delete(struct mnl_socket *nf_sock, struct nft_set *nls,
-			   unsigned int flags)
-{
-	char buf[NFT_NLMSG_MAXSIZE];
-	struct nlmsghdr *nlh;
-
-	nlh = nft_set_elem_nlmsg_build_hdr(buf, NFT_MSG_DELSETELEM,
-			nft_set_attr_get_u32(nls, NFT_SET_ATTR_FAMILY),
-			NLM_F_ACK, seq);
-	nft_set_elems_nlmsg_build_payload(nlh, nls);
-
-	return nft_mnl_talk(nf_sock, nlh, nlh->nlmsg_len, NULL, NULL);
-}
 
 static int set_elem_cb(const struct nlmsghdr *nlh, void *data)
 {
@@ -1030,68 +877,3 @@ int mnl_nft_event_listener(struct mnl_socket *nf_sock,
 {
 	return nft_mnl_recv(nf_sock, 0, 0, cb, cb_data);
 }
-
-static void nft_mnl_batch_put(char *buf, uint16_t type, uint32_t seq)
-{
-	struct nlmsghdr *nlh;
-	struct nfgenmsg *nfg;
-
-	nlh = mnl_nlmsg_put_header(buf);
-	nlh->nlmsg_type = type;
-	nlh->nlmsg_flags = NLM_F_REQUEST;
-	nlh->nlmsg_seq = seq;
-
-	nfg = mnl_nlmsg_put_extra_header(nlh, sizeof(*nfg));
-	nfg->nfgen_family = AF_INET;
-	nfg->version = NFNETLINK_V0;
-	nfg->res_id = NFNL_SUBSYS_NFTABLES;
-}
-
-bool mnl_batch_supported(struct mnl_socket *nf_sock)
-{
-	struct mnl_nlmsg_batch *b;
-	char buf[MNL_SOCKET_BUFFER_SIZE];
-	int ret;
-
-	b = mnl_nlmsg_batch_start(buf, sizeof(buf));
-
-	nft_mnl_batch_put(mnl_nlmsg_batch_current(b), NFNL_MSG_BATCH_BEGIN,
-			  seq++);
-	mnl_nlmsg_batch_next(b);
-
-	nft_set_nlmsg_build_hdr(mnl_nlmsg_batch_current(b),
-				NFT_MSG_NEWSET, AF_INET,
-				NLM_F_ACK, seq++);
-	mnl_nlmsg_batch_next(b);
-
-	nft_mnl_batch_put(mnl_nlmsg_batch_current(b), NFNL_MSG_BATCH_END,
-			  seq++);
-	mnl_nlmsg_batch_next(b);
-
-	ret = mnl_socket_sendto(nf_sock, mnl_nlmsg_batch_head(b),
-				mnl_nlmsg_batch_size(b));
-	if (ret < 0)
-		goto err;
-
-	mnl_nlmsg_batch_stop(b);
-
-	ret = mnl_socket_recvfrom(nf_sock, buf, sizeof(buf));
-	while (ret > 0) {
-		ret = mnl_cb_run(buf, ret, 0, mnl_socket_get_portid(nf_sock),
-				 NULL, NULL);
-		if (ret <= 0)
-			break;
-
-		ret = mnl_socket_recvfrom(nf_sock, buf, sizeof(buf));
-	}
-
-	/* We're sending an incomplete message to see if the kernel supports
-	 * set messages in batches. EINVAL means that we sent an incomplete
-	 * message with missing attributes. The kernel just ignores messages
-	 * that we cannot include in the batch.
-	 */
-	return (ret == -1 && errno == EINVAL) ? true : false;
-err:
-	mnl_nlmsg_batch_stop(b);
-	return ret;
-}
diff --git a/src/netlink.c b/src/netlink.c
index f957295..e56041c 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -354,9 +354,8 @@ struct expr *netlink_alloc_data(const struct location *loc,
 	}
 }
 
-int netlink_add_rule_batch(struct netlink_ctx *ctx,
-			   const struct handle *h,
-		           const struct rule *rule, uint32_t flags)
+int netlink_add_rule(struct netlink_ctx *ctx, const struct handle *h,
+		     const struct rule *rule, uint32_t flags)
 {
 	struct nft_rule *nlr;
 	int err;
@@ -378,15 +377,15 @@ int netlink_add_rule_list(struct netlink_ctx *ctx, const struct handle *h,
 	struct rule *rule;
 
 	list_for_each_entry(rule, rule_list, list) {
-		if (netlink_add_rule_batch(ctx, &rule->handle, rule,
-					   NLM_F_APPEND) < 0)
+		if (netlink_add_rule(ctx, &rule->handle, rule,
+				     NLM_F_APPEND) < 0)
 			return -1;
 	}
 	return 0;
 }
 
-int netlink_del_rule_batch(struct netlink_ctx *ctx, const struct handle *h,
-			   const struct location *loc)
+int netlink_delete_rule(struct netlink_ctx *ctx, const struct handle *h,
+			const struct location *loc)
 {
 	struct nft_rule *nlr;
 	int err;
@@ -475,7 +474,7 @@ static int netlink_list_rules(struct netlink_ctx *ctx, const struct handle *h,
 static int netlink_flush_rules(struct netlink_ctx *ctx, const struct handle *h,
 			       const struct location *loc)
 {
-	return netlink_del_rule_batch(ctx, h, loc);
+	return netlink_delete_rule(ctx, h, loc);
 }
 
 void netlink_dump_chain(struct nft_chain *nlc)
@@ -491,43 +490,9 @@ void netlink_dump_chain(struct nft_chain *nlc)
 #endif
 }
 
-static int netlink_add_chain_compat(struct netlink_ctx *ctx,
-				    const struct handle *h,
-				    const struct location *loc,
-				    const struct chain *chain, bool excl)
-{
-	struct nft_chain *nlc;
-	int err;
-
-	nlc = alloc_nft_chain(h);
-	if (chain != NULL) {
-		if (chain->flags & CHAIN_F_BASECHAIN) {
-			nft_chain_attr_set_u32(nlc, NFT_CHAIN_ATTR_HOOKNUM,
-					       chain->hooknum);
-			nft_chain_attr_set_s32(nlc, NFT_CHAIN_ATTR_PRIO,
-					       chain->priority);
-			nft_chain_attr_set_str(nlc, NFT_CHAIN_ATTR_TYPE,
-					       chain->type);
-		}
-		if (chain->policy != -1)
-			nft_chain_attr_set_u32(nlc, NFT_CHAIN_ATTR_POLICY,
-					       chain->policy);
-	}
-
-	netlink_dump_chain(nlc);
-	err = mnl_nft_chain_add(nf_sock, nlc, excl ? NLM_F_EXCL : 0);
-	nft_chain_free(nlc);
-
-	if (err < 0)
-		netlink_io_error(ctx, loc, "Could not add chain: %s",
-				 strerror(errno));
-	return err;
-}
-
-static int netlink_add_chain_batch(struct netlink_ctx *ctx,
-				   const struct handle *h,
-				   const struct location *loc,
-				   const struct chain *chain, bool excl)
+int netlink_add_chain(struct netlink_ctx *ctx, const struct handle *h,
+		      const struct location *loc, const struct chain *chain,
+		      bool excl)
 {
 	struct nft_chain *nlc;
 	int err;
@@ -558,40 +523,8 @@ static int netlink_add_chain_batch(struct netlink_ctx *ctx,
 	return err;
 }
 
-int netlink_add_chain(struct netlink_ctx *ctx, const struct handle *h,
-		      const struct location *loc, const struct chain *chain,
-		      bool excl)
-{
-	if (ctx->batch_supported)
-		return netlink_add_chain_batch(ctx, h, loc, chain, excl);
-	else
-		return netlink_add_chain_compat(ctx, h, loc, chain, excl);
-}
-
-static int netlink_rename_chain_compat(struct netlink_ctx *ctx,
-				       const struct handle *h,
-				       const struct location *loc,
-				       const char *name)
-{
-	struct nft_chain *nlc;
-	int err;
-
-	nlc = alloc_nft_chain(h);
-	nft_chain_attr_set_str(nlc, NFT_CHAIN_ATTR_NAME, name);
-	netlink_dump_chain(nlc);
-	err = mnl_nft_chain_add(nf_sock, nlc, 0);
-	nft_chain_free(nlc);
-
-	if (err < 0)
-		netlink_io_error(ctx, loc, "Could not rename chain: %s",
-				 strerror(errno));
-	return err;
-}
-
-static int netlink_rename_chain_batch(struct netlink_ctx *ctx,
-				      const struct handle *h,
-				      const struct location *loc,
-				      const char *name)
+int netlink_rename_chain(struct netlink_ctx *ctx, const struct handle *h,
+			 const struct location *loc, const char *name)
 {
 	struct nft_chain *nlc;
 	int err;
@@ -608,36 +541,8 @@ static int netlink_rename_chain_batch(struct netlink_ctx *ctx,
 	return err;
 }
 
-int netlink_rename_chain(struct netlink_ctx *ctx, const struct handle *h,
-			 const struct location *loc, const char *name)
-{
-	if (ctx->batch_supported)
-		return netlink_rename_chain_batch(ctx, h, loc, name);
-	else
-		return netlink_rename_chain_compat(ctx, h, loc, name);
-}
-
-static int netlink_del_chain_compat(struct netlink_ctx *ctx,
-				    const struct handle *h,
-				    const struct location *loc)
-{
-	struct nft_chain *nlc;
-	int err;
-
-	nlc = alloc_nft_chain(h);
-	netlink_dump_chain(nlc);
-	err = mnl_nft_chain_delete(nf_sock, nlc, 0);
-	nft_chain_free(nlc);
-
-	if (err < 0)
-		netlink_io_error(ctx, loc, "Could not delete chain: %s",
-				 strerror(errno));
-	return err;
-}
-
-static int netlink_del_chain_batch(struct netlink_ctx *ctx,
-				   const struct handle *h,
-				   const struct location *loc)
+int netlink_delete_chain(struct netlink_ctx *ctx, const struct handle *h,
+			 const struct location *loc)
 {
 	struct nft_chain *nlc;
 	int err;
@@ -653,15 +558,6 @@ static int netlink_del_chain_batch(struct netlink_ctx *ctx,
 	return err;
 }
 
-int netlink_delete_chain(struct netlink_ctx *ctx, const struct handle *h,
-			 const struct location *loc)
-{
-	if (ctx->batch_supported)
-		return netlink_del_chain_batch(ctx, h, loc);
-	else
-		return netlink_del_chain_compat(ctx, h, loc);
-}
-
 static struct chain *netlink_delinearize_chain(struct netlink_ctx *ctx,
 					       struct nft_chain *nlc)
 {
@@ -785,31 +681,12 @@ int netlink_list_chain(struct netlink_ctx *ctx, const struct handle *h,
 int netlink_flush_chain(struct netlink_ctx *ctx, const struct handle *h,
 			const struct location *loc)
 {
-	return netlink_del_rule_batch(ctx, h, loc);
+	return netlink_delete_rule(ctx, h, loc);
 }
 
-static int netlink_add_table_compat(struct netlink_ctx *ctx,
-				    const struct handle *h,
-				    const struct location *loc,
-				    const struct table *table, bool excl)
-{
-	struct nft_table *nlt;
-	int err;
-
-	nlt = alloc_nft_table(h);
-	err = mnl_nft_table_add(nf_sock, nlt, excl ? NLM_F_EXCL : 0);
-	nft_table_free(nlt);
-
-	if (err < 0)
-		netlink_io_error(ctx, loc, "Could not add table: %s",
-				 strerror(errno));
-	return err;
-}
-
-static int netlink_add_table_batch(struct netlink_ctx *ctx,
-				   const struct handle *h,
-				   const struct location *loc,
-				   const struct table *table, bool excl)
+int netlink_add_table(struct netlink_ctx *ctx, const struct handle *h,
+		      const struct location *loc,
+		      const struct table *table, bool excl)
 {
 	struct nft_table *nlt;
 	int err;
@@ -830,36 +707,8 @@ static int netlink_add_table_batch(struct netlink_ctx *ctx,
 	return err;
 }
 
-int netlink_add_table(struct netlink_ctx *ctx, const struct handle *h,
-		      const struct location *loc,
-		      const struct table *table, bool excl)
-{
-	if (ctx->batch_supported)
-		return netlink_add_table_batch(ctx, h, loc, table, excl);
-	else
-		return netlink_add_table_compat(ctx, h, loc, table, excl);
-}
-
-static int netlink_del_table_compat(struct netlink_ctx *ctx,
-				    const struct handle *h,
-				    const struct location *loc)
-{
-	struct nft_table *nlt;
-	int err;
-
-	nlt = alloc_nft_table(h);
-	err = mnl_nft_table_delete(nf_sock, nlt, 0);
-	nft_table_free(nlt);
-
-	if (err < 0)
-		netlink_io_error(ctx, loc, "Could not delete table: %s",
-				 strerror(errno));
-	return err;
-}
-
-static int netlink_del_table_batch(struct netlink_ctx *ctx,
-				   const struct handle *h,
-				   const struct location *loc)
+int netlink_delete_table(struct netlink_ctx *ctx, const struct handle *h,
+			 const struct location *loc)
 {
 	struct nft_table *nlt;
 	int err;
@@ -874,15 +723,6 @@ static int netlink_del_table_batch(struct netlink_ctx *ctx,
 	return err;
 }
 
-int netlink_delete_table(struct netlink_ctx *ctx, const struct handle *h,
-			 const struct location *loc)
-{
-	if (ctx->batch_supported)
-		return netlink_del_table_batch(ctx, h, loc);
-	else
-		return netlink_del_table_compat(ctx, h, loc);
-}
-
 void netlink_dump_table(struct nft_table *nlt)
 {
 #ifdef DEBUG
@@ -1072,43 +912,11 @@ static struct set *netlink_delinearize_set(struct netlink_ctx *ctx,
 	return set;
 }
 
-static int netlink_add_set_compat(struct netlink_ctx *ctx,
-				  const struct handle *h, struct set *set)
-{
-	struct nft_set *nls;
-	int err;
-
-	nls = alloc_nft_set(h);
-	nft_set_attr_set_u32(nls, NFT_SET_ATTR_FLAGS, set->flags);
-	nft_set_attr_set_u32(nls, NFT_SET_ATTR_KEY_TYPE,
-			     dtype_map_to_kernel(set->keytype));
-	nft_set_attr_set_u32(nls, NFT_SET_ATTR_KEY_LEN,
-			     set->keylen / BITS_PER_BYTE);
-	if (set->flags & NFT_SET_MAP) {
-		nft_set_attr_set_u32(nls, NFT_SET_ATTR_DATA_TYPE,
-				     dtype_map_to_kernel(set->datatype));
-		nft_set_attr_set_u32(nls, NFT_SET_ATTR_DATA_LEN,
-				     set->datalen / BITS_PER_BYTE);
-	}
-	netlink_dump_set(nls);
-
-	err = mnl_nft_set_add(nf_sock, nls, NLM_F_EXCL | NLM_F_ECHO);
-	if (err < 0)
-		netlink_io_error(ctx, &set->location, "Could not add set: %s",
-				 strerror(errno));
-
-	set->handle.set =
-		xstrdup(nft_set_attr_get_str(nls, NFT_SET_ATTR_NAME));
-	nft_set_free(nls);
-
-	return err;
-}
-
 /* internal ID to uniquely identify a set in the batch */
 static uint32_t set_id;
 
-static int netlink_add_set_batch(struct netlink_ctx *ctx,
-				 const struct handle *h, struct set *set)
+int netlink_add_set(struct netlink_ctx *ctx, const struct handle *h,
+		    struct set *set)
 {
 	struct nft_set *nls;
 	int err;
@@ -1151,35 +959,8 @@ static int netlink_add_set_batch(struct netlink_ctx *ctx,
 	return err;
 }
 
-int netlink_add_set(struct netlink_ctx *ctx, const struct handle *h,
-		    struct set *set)
-{
-	if (ctx->batch_supported)
-		return netlink_add_set_batch(ctx, h, set);
-	else
-		return netlink_add_set_compat(ctx, h, set);
-}
-
-static int netlink_del_set_compat(struct netlink_ctx *ctx,
-				  const struct handle *h,
-				  const struct location *loc)
-{
-	struct nft_set *nls;
-	int err;
-
-	nls = alloc_nft_set(h);
-	err = mnl_nft_set_delete(nf_sock, nls, 0);
-	nft_set_free(nls);
-
-	if (err < 0)
-		netlink_io_error(ctx, loc, "Could not delete set: %s",
-				 strerror(errno));
-	return err;
-}
-
-static int netlink_del_set_batch(struct netlink_ctx *ctx,
-				 const struct handle *h,
-				 const struct location *loc)
+int netlink_delete_set(struct netlink_ctx *ctx, const struct handle *h,
+		       const struct location *loc)
 {
 	struct nft_set *nls;
 	int err;
@@ -1194,15 +975,6 @@ static int netlink_del_set_batch(struct netlink_ctx *ctx,
 	return err;
 }
 
-int netlink_delete_set(struct netlink_ctx *ctx, const struct handle *h,
-		       const struct location *loc)
-{
-	if (ctx->batch_supported)
-		return netlink_del_set_batch(ctx, h, loc);
-	else
-		return netlink_del_set_compat(ctx, h, loc);
-}
-
 static int list_set_cb(struct nft_set *nls, void *arg)
 {
 	struct netlink_ctx *ctx = arg;
@@ -1274,9 +1046,8 @@ static void alloc_setelem_cache(const struct expr *set, struct nft_set *nls)
 	}
 }
 
-static int netlink_add_setelems_batch(struct netlink_ctx *ctx,
-				      const struct handle *h,
-				      const struct expr *expr)
+int netlink_add_setelems(struct netlink_ctx *ctx, const struct handle *h,
+			 const struct expr *expr)
 {
 	struct nft_set *nls;
 	int err;
@@ -1294,38 +1065,8 @@ static int netlink_add_setelems_batch(struct netlink_ctx *ctx,
 	return err;
 }
 
-static int netlink_add_setelems_compat(struct netlink_ctx *ctx,
-				       const struct handle *h,
-				       const struct expr *expr)
-{
-	struct nft_set *nls;
-	int err;
-
-	nls = alloc_nft_set(h);
-	alloc_setelem_cache(expr, nls);
-	netlink_dump_set(nls);
-
-	err = mnl_nft_setelem_add(nf_sock, nls, 0);
-	nft_set_free(nls);
-	if (err < 0)
-		netlink_io_error(ctx, &expr->location,
-				 "Could not add set elements: %s",
-				 strerror(errno));
-	return err;
-}
-
-int netlink_add_setelems(struct netlink_ctx *ctx, const struct handle *h,
-			 const struct expr *expr)
-{
-	if (ctx->batch_supported)
-		return netlink_add_setelems_batch(ctx, h, expr);
-	else
-		return netlink_add_setelems_compat(ctx, h, expr);
-}
-
-static int netlink_del_setelems_batch(struct netlink_ctx *ctx,
-				      const struct handle *h,
-				      const struct expr *expr)
+int netlink_delete_setelems(struct netlink_ctx *ctx, const struct handle *h,
+			    const struct expr *expr)
 {
 	struct nft_set *nls;
 	int err;
@@ -1343,26 +1084,6 @@ static int netlink_del_setelems_batch(struct netlink_ctx *ctx,
 	return err;
 }
 
-static int netlink_del_setelems_compat(struct netlink_ctx *ctx,
-				       const struct handle *h,
-				       const struct expr *expr)
-{
-	struct nft_set *nls;
-	int err;
-
-	nls = alloc_nft_set(h);
-	alloc_setelem_cache(expr, nls);
-	netlink_dump_set(nls);
-
-	err = mnl_nft_setelem_delete(nf_sock, nls, 0);
-	nft_set_free(nls);
-	if (err < 0)
-		netlink_io_error(ctx, &expr->location,
-				 "Could not delete set elements: %s",
-				 strerror(errno));
-	return err;
-}
-
 static int netlink_delinearize_setelem(struct nft_set_elem *nlse,
 				       struct set *set)
 {
@@ -1416,15 +1137,6 @@ out:
 	return 0;
 }
 
-int netlink_delete_setelems(struct netlink_ctx *ctx, const struct handle *h,
-			    const struct expr *expr)
-{
-	if (ctx->batch_supported)
-		return netlink_del_setelems_batch(ctx, h, expr);
-	else
-		return netlink_del_setelems_compat(ctx, h, expr);
-}
-
 static int list_setelem_cb(struct nft_set_elem *nlse, void *arg)
 {
 	struct netlink_ctx *ctx = arg;
@@ -1477,9 +1189,6 @@ int netlink_flush_ruleset(struct netlink_ctx *ctx, const struct handle *h,
 	struct nft_table *nlt;
 	int err;
 
-	if (!ctx->batch_supported)
-		return netlink_io_error(ctx, loc, "Operation not supported");
-
 	nlt = alloc_nft_table(h);
 	err = mnl_nft_table_batch_del(nlt, 0, ctx->seqnum);
 	nft_table_free(nlt);
@@ -2092,8 +1801,3 @@ int netlink_monitor(struct netlink_mon_handler *monhandler)
 	return mnl_nft_event_listener(nf_mon_sock, netlink_events_cb,
 				      monhandler);
 }
-
-bool netlink_batch_supported(void)
-{
-	return mnl_batch_supported(nf_sock);
-}
diff --git a/src/rule.c b/src/rule.c
index 7114380..86cf080 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -730,8 +730,8 @@ static int do_command_add(struct netlink_ctx *ctx, struct cmd *cmd, bool excl)
 		return do_add_chain(ctx, &cmd->handle, &cmd->location,
 				    cmd->chain, excl);
 	case CMD_OBJ_RULE:
-		return netlink_add_rule_batch(ctx, &cmd->handle,
-					      cmd->rule, NLM_F_APPEND);
+		return netlink_add_rule(ctx, &cmd->handle,
+					cmd->rule, NLM_F_APPEND);
 	case CMD_OBJ_SET:
 		return do_add_set(ctx, &cmd->handle, cmd->set);
 	case CMD_OBJ_SETELEM:
@@ -746,8 +746,7 @@ static int do_command_insert(struct netlink_ctx *ctx, struct cmd *cmd)
 {
 	switch (cmd->obj) {
 	case CMD_OBJ_RULE:
-		return netlink_add_rule_batch(ctx, &cmd->handle,
-					      cmd->rule, 0);
+		return netlink_add_rule(ctx, &cmd->handle, cmd->rule, 0);
 	default:
 		BUG("invalid command object type %u\n", cmd->obj);
 	}
@@ -762,8 +761,7 @@ static int do_command_delete(struct netlink_ctx *ctx, struct cmd *cmd)
 	case CMD_OBJ_CHAIN:
 		return netlink_delete_chain(ctx, &cmd->handle, &cmd->location);
 	case CMD_OBJ_RULE:
-		return netlink_del_rule_batch(ctx, &cmd->handle,
-					      &cmd->location);
+		return netlink_delete_rule(ctx, &cmd->handle, &cmd->location);
 	case CMD_OBJ_SET:
 		return netlink_delete_set(ctx, &cmd->handle, &cmd->location);
 	case CMD_OBJ_SETELEM:
-- 
2.1.0


^ permalink raw reply related	[flat|nested] only message in thread
only message in thread, other threads:[~2015-04-11 21:55 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-04-11 21:55 [PATCH] netlink: kill non-batch compat code Patrick McHardy

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).