From: Phil Sutter <phil@nwl.cc>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: netfilter-devel@vger.kernel.org, Eric Garver <e@erig.me>
Subject: [nft PATCH v4 2/7] libnftables: Keep list of commands in nft context
Date: Tue, 28 May 2019 23:03:18 +0200 [thread overview]
Message-ID: <20190528210323.14605-3-phil@nwl.cc> (raw)
In-Reply-To: <20190528210323.14605-1-phil@nwl.cc>
To fix the pending issues with cache updates, the list of commands needs
to be accessible from within cache_update(). In theory, there is a path
via nft->state->cmds but that struct parser_state is used (and
initialized) by bison parser only so that does not work with JSON
parser.
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
include/nftables.h | 1 +
src/libnftables.c | 21 ++++++++++-----------
2 files changed, 11 insertions(+), 11 deletions(-)
diff --git a/include/nftables.h b/include/nftables.h
index bb9bb2091716d..faacf26509104 100644
--- a/include/nftables.h
+++ b/include/nftables.h
@@ -102,6 +102,7 @@ struct nft_ctx {
struct parser_state *state;
void *scanner;
void *json_root;
+ struct list_head cmds;
FILE *f[MAX_INCLUDE_DEPTH];
};
diff --git a/src/libnftables.c b/src/libnftables.c
index 199dbc97b801c..f6ea668f6770a 100644
--- a/src/libnftables.c
+++ b/src/libnftables.c
@@ -143,6 +143,7 @@ struct nft_ctx *nft_ctx_new(uint32_t flags)
nft_ctx_add_include_path(ctx, DEFAULT_INCLUDE_PATH);
ctx->parser_max_errors = 10;
init_list_head(&ctx->cache.list);
+ init_list_head(&ctx->cmds);
ctx->flags = flags;
ctx->output.output_fp = stdout;
ctx->output.error_fp = stderr;
@@ -342,7 +343,7 @@ static int nft_parse_bison_buffer(struct nft_ctx *nft, const char *buf,
struct cmd *cmd;
int ret;
- parser_init(nft, nft->state, msgs, cmds);
+ parser_init(nft, nft->state, msgs, &nft->cmds);
nft->scanner = scanner_init(nft->state);
scanner_push_buffer(nft->scanner, &indesc_cmdline, buf);
@@ -381,7 +382,6 @@ int nft_run_cmd_from_buffer(struct nft_ctx *nft, const char *buf)
{
struct cmd *cmd, *next;
LIST_HEAD(msgs);
- LIST_HEAD(cmds);
char *nlbuf;
int rc = -EINVAL;
@@ -389,17 +389,17 @@ int nft_run_cmd_from_buffer(struct nft_ctx *nft, const char *buf)
sprintf(nlbuf, "%s\n", buf);
if (nft_output_json(&nft->output))
- rc = nft_parse_json_buffer(nft, nlbuf, &msgs, &cmds);
+ rc = nft_parse_json_buffer(nft, nlbuf, &msgs, &nft->cmds);
if (rc == -EINVAL)
- rc = nft_parse_bison_buffer(nft, nlbuf, &msgs, &cmds);
+ rc = nft_parse_bison_buffer(nft, nlbuf, &msgs, &nft->cmds);
if (rc)
goto err;
- if (nft_netlink(nft, &cmds, &msgs, nft->nf_sock) != 0)
+ if (nft_netlink(nft, &nft->cmds, &msgs, nft->nf_sock) != 0)
rc = -1;
err:
erec_print_list(&nft->output, &msgs, nft->debug_mask);
- list_for_each_entry_safe(cmd, next, &cmds, list) {
+ list_for_each_entry_safe(cmd, next, &nft->cmds, list) {
list_del(&cmd->list);
cmd_free(cmd);
}
@@ -421,7 +421,6 @@ int nft_run_cmd_from_filename(struct nft_ctx *nft, const char *filename)
{
struct cmd *cmd, *next;
LIST_HEAD(msgs);
- LIST_HEAD(cmds);
int rc;
rc = cache_update(nft, CMD_INVALID, &msgs);
@@ -433,17 +432,17 @@ int nft_run_cmd_from_filename(struct nft_ctx *nft, const char *filename)
rc = -EINVAL;
if (nft_output_json(&nft->output))
- rc = nft_parse_json_filename(nft, filename, &msgs, &cmds);
+ rc = nft_parse_json_filename(nft, filename, &msgs, &nft->cmds);
if (rc == -EINVAL)
- rc = nft_parse_bison_filename(nft, filename, &msgs, &cmds);
+ rc = nft_parse_bison_filename(nft, filename, &msgs, &nft->cmds);
if (rc)
goto err;
- if (nft_netlink(nft, &cmds, &msgs, nft->nf_sock) != 0)
+ if (nft_netlink(nft, &nft->cmds, &msgs, nft->nf_sock) != 0)
rc = -1;
err:
erec_print_list(&nft->output, &msgs, nft->debug_mask);
- list_for_each_entry_safe(cmd, next, &cmds, list) {
+ list_for_each_entry_safe(cmd, next, &nft->cmds, list) {
list_del(&cmd->list);
cmd_free(cmd);
}
--
2.21.0
next prev parent reply other threads:[~2019-05-28 21:03 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-05-28 21:03 [nft PATCH v4 0/7] Cache update fix && intra-transaction rule references Phil Sutter
2019-05-28 21:03 ` [nft PATCH v4 1/7] src: Fix cache_flush() in cache_needs_more() logic Phil Sutter
2019-05-28 21:32 ` Eric Garver
2019-05-28 22:23 ` Phil Sutter
2019-05-28 21:03 ` Phil Sutter [this message]
2019-05-28 21:03 ` [nft PATCH v4 3/7] src: Make {table,chain}_not_found() public Phil Sutter
2019-05-28 21:03 ` [nft PATCH v4 4/7] src: Restore local entries after cache update Phil Sutter
2019-05-28 21:03 ` [nft PATCH v4 5/7] rule: Introduce rule_lookup_by_index() Phil Sutter
2019-05-28 21:03 ` [nft PATCH v4 6/7] src: Make cache_is_complete() public Phil Sutter
2019-05-28 21:03 ` [nft PATCH v4 7/7] src: Support intra-transaction rule references Phil Sutter
2019-05-31 16:56 ` Eric Garver
2019-06-03 16:59 ` Pablo Neira Ayuso
2019-06-04 7:17 ` Phil Sutter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190528210323.14605-3-phil@nwl.cc \
--to=phil@nwl.cc \
--cc=e@erig.me \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).