diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-08-25 15:46:20 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-08-26 10:35:23 +0200 |
| commit | 058a943cefbdde9aee273115624de27cf15dd3f3 (patch) | |
| tree | c44e60552eca5a190c96fa120b4239193f565360 | |
| parent | ecd19f46056ba7b5c29160c4b455d077217dec56 (diff) | |
cache: provide a empty list for flowtables and objects when request fails
Old kernels do not support for dumping the flowtable and object lists,
provide an empty list instead to unbreak the cache initialization.
Fixes: 560963c4d41e ("cache: add hashtable cache for flowtable")
Fixes: 45a84088ecbd ("cache: add hashtable cache for object")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
| -rw-r--r-- | src/cache.c | 36 |
1 files changed, 20 insertions, 16 deletions
diff --git a/src/cache.c b/src/cache.c index 8300ce8e..42e6b65c 100644 --- a/src/cache.c +++ b/src/cache.c @@ -415,8 +415,7 @@ static int obj_cache_init(struct netlink_ctx *ctx, struct table *table, } static struct nftnl_obj_list *obj_cache_dump(struct netlink_ctx *ctx, - const struct table *table, - int *err) + const struct table *table) { struct nftnl_obj_list *obj_list; @@ -424,12 +423,15 @@ static struct nftnl_obj_list *obj_cache_dump(struct netlink_ctx *ctx, table->handle.table.name, NULL, 0, true, false); if (!obj_list) { - if (errno == EINTR) { - *err = -1; + if (errno == EINTR) return NULL; - } - *err = 0; - return NULL; + + /* old kernels do not support this, provide an empty list. */ + obj_list = nftnl_obj_list_alloc(); + if (!obj_list) + memory_allocation_error(); + + return obj_list; } return obj_list; @@ -500,20 +502,22 @@ static int ft_cache_init(struct netlink_ctx *ctx, struct table *table, } static struct nftnl_flowtable_list *ft_cache_dump(struct netlink_ctx *ctx, - const struct table *table, - int *err) + const struct table *table) { struct nftnl_flowtable_list *ft_list; ft_list = mnl_nft_flowtable_dump(ctx, table->handle.family, table->handle.table.name); if (!ft_list) { - if (errno == EINTR) { - *err = -1; + if (errno == EINTR) return NULL; - } - *err = 0; - return NULL; + + /* old kernels do not support this, provide an empty list. */ + ft_list = nftnl_flowtable_list_alloc(); + if (!ft_list) + memory_allocation_error(); + + return ft_list; } return ft_list; @@ -628,7 +632,7 @@ static int cache_init_objects(struct netlink_ctx *ctx, unsigned int flags) } } if (flags & NFT_CACHE_FLOWTABLE_BIT) { - ft_list = ft_cache_dump(ctx, table, &ret); + ft_list = ft_cache_dump(ctx, table); if (!ft_list) { ret = -1; goto cache_fails; @@ -643,7 +647,7 @@ static int cache_init_objects(struct netlink_ctx *ctx, unsigned int flags) } } if (flags & NFT_CACHE_OBJECT_BIT) { - obj_list = obj_cache_dump(ctx, table, &ret); + obj_list = obj_cache_dump(ctx, table); if (!obj_list) { ret = -1; goto cache_fails; |