From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-devel@vger.kernel.org
Cc: davem@davemloft.net, netdev@vger.kernel.org, kuba@kernel.org,
pabeni@redhat.com, edumazet@google.com, fw@strlen.de
Subject: [PATCH net-next 13/19] netfilter: nf_tables: Carry reset boolean in nft_obj_dump_ctx
Date: Wed, 25 Oct 2023 23:25:49 +0200 [thread overview]
Message-ID: <20231025212555.132775-14-pablo@netfilter.org> (raw)
In-Reply-To: <20231025212555.132775-1-pablo@netfilter.org>
From: Phil Sutter <phil@nwl.cc>
Relieve the dump callback from having to inspect nlmsg_type upon each
call, just do it once at start of the dump.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
net/netfilter/nf_tables_api.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index c84e2cc6d3b3..ecb251f6c6a6 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -7685,6 +7685,7 @@ struct nft_obj_dump_ctx {
unsigned int s_idx;
char *table;
u32 type;
+ bool reset;
};
static int nf_tables_dump_obj(struct sk_buff *skb, struct netlink_callback *cb)
@@ -7698,12 +7699,8 @@ static int nf_tables_dump_obj(struct sk_buff *skb, struct netlink_callback *cb)
unsigned int entries = 0;
struct nft_object *obj;
unsigned int idx = 0;
- bool reset = false;
int rc = 0;
- if (NFNL_MSG_TYPE(cb->nlh->nlmsg_type) == NFT_MSG_GETOBJ_RESET)
- reset = true;
-
rcu_read_lock();
nft_net = nft_pernet(net);
cb->seq = READ_ONCE(nft_net->base_seq);
@@ -7730,7 +7727,7 @@ static int nf_tables_dump_obj(struct sk_buff *skb, struct netlink_callback *cb)
NFT_MSG_NEWOBJ,
NLM_F_MULTI | NLM_F_APPEND,
table->family, table,
- obj, reset);
+ obj, ctx->reset);
if (rc < 0)
break;
@@ -7739,7 +7736,7 @@ static int nf_tables_dump_obj(struct sk_buff *skb, struct netlink_callback *cb)
cont:
idx++;
}
- if (reset && entries)
+ if (ctx->reset && entries)
audit_log_obj_reset(table, nft_net->base_seq, entries);
if (rc < 0)
break;
@@ -7766,6 +7763,9 @@ static int nf_tables_dump_obj_start(struct netlink_callback *cb)
if (nla[NFTA_OBJ_TYPE])
ctx->type = ntohl(nla_get_be32(nla[NFTA_OBJ_TYPE]));
+ if (NFNL_MSG_TYPE(cb->nlh->nlmsg_type) == NFT_MSG_GETOBJ_RESET)
+ ctx->reset = true;
+
return 0;
}
--
2.30.2
next prev parent reply other threads:[~2023-10-25 21:26 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-25 21:25 [PATCH net-next 00/19] Netfilter updates for net-next Pablo Neira Ayuso
2023-10-25 21:25 ` [PATCH net-next 01/19] netfilter: nft_set_rbtree: rename gc deactivate+erase function Pablo Neira Ayuso
2023-10-26 13:30 ` patchwork-bot+netdevbpf
2023-10-25 21:25 ` [PATCH net-next 02/19] netfilter: nft_set_rbtree: prefer sync gc to async worker Pablo Neira Ayuso
2023-11-03 17:34 ` Simon Horman
2023-11-03 17:55 ` Florian Westphal
2023-10-25 21:25 ` [PATCH net-next 03/19] netfilter: nf_tables: Open-code audit log call in nf_tables_getrule() Pablo Neira Ayuso
2023-10-25 21:25 ` [PATCH net-next 04/19] netfilter: nf_tables: Introduce nf_tables_getrule_single() Pablo Neira Ayuso
2023-10-25 21:25 ` [PATCH net-next 05/19] netfilter: nf_tables: Add locking for NFT_MSG_GETRULE_RESET requests Pablo Neira Ayuso
2023-10-25 21:25 ` [PATCH net-next 06/19] br_netfilter: use single forward hook for ip and arp Pablo Neira Ayuso
2023-10-25 21:25 ` [PATCH net-next 07/19] netfilter: conntrack: switch connlabels to atomic_t Pablo Neira Ayuso
2023-10-25 21:25 ` [PATCH net-next 08/19] netfilter: nf_tables: Drop pointless memset in nf_tables_dump_obj Pablo Neira Ayuso
2023-10-25 21:25 ` [PATCH net-next 09/19] netfilter: nf_tables: Unconditionally allocate nft_obj_filter Pablo Neira Ayuso
2023-10-25 21:25 ` [PATCH net-next 10/19] netfilter: nf_tables: A better name for nft_obj_filter Pablo Neira Ayuso
2023-10-25 21:25 ` [PATCH net-next 11/19] netfilter: nf_tables: Carry s_idx in nft_obj_dump_ctx Pablo Neira Ayuso
2023-10-25 21:25 ` [PATCH net-next 12/19] netfilter: nf_tables: nft_obj_filter fits into cb->ctx Pablo Neira Ayuso
2023-10-25 21:25 ` Pablo Neira Ayuso [this message]
2023-10-25 21:25 ` [PATCH net-next 14/19] netfilter: nft_set_pipapo: no need to call pipapo_deactivate() from flush Pablo Neira Ayuso
2023-10-25 21:25 ` [PATCH net-next 15/19] netfilter: nf_tables: set backend .flush always succeeds Pablo Neira Ayuso
2023-10-25 21:25 ` [PATCH net-next 16/19] netfilter: nf_tables: expose opaque set element as struct nft_elem_priv Pablo Neira Ayuso
2023-10-25 21:25 ` [PATCH net-next 17/19] netfilter: nf_tables: shrink memory consumption of set elements Pablo Neira Ayuso
2023-10-25 21:25 ` [PATCH net-next 18/19] netfilter: nf_tables: set->ops->insert returns opaque set element in case of EEXIST Pablo Neira Ayuso
2023-10-25 21:25 ` [PATCH net-next 19/19] netfilter: nf_tables: Carry reset boolean in nft_set_dump_ctx Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231025212555.132775-14-pablo@netfilter.org \
--to=pablo@netfilter.org \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=fw@strlen.de \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=pabeni@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).