diff options
| author | Phil Sutter <phil@nwl.cc> | 2017-11-11 00:06:17 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-11-16 14:31:32 +0100 |
| commit | 657fdefc7d5c70056b8738da214d3d78f421b19c (patch) | |
| tree | b059d870dd19ced851278f1c1401dc7e536f3987 /include | |
| parent | 0ca812ad41bf2d89073a43f8efd3ee712031e3cb (diff) | |
Eliminate struct mnl_ctx
The issue leading to this patch was that debug output in nft_mnl_talk()
bypasses the application-defined output_fp. While investigating, another
problem was discovered: Most of the ad-hoc defined mnl_ctx objects have
their field 'debug_mask' set to zero regardless of what netlink_ctx
contains (this affects non-batch code path only).
The intuitive solution to both of those issues required to extend
function parameters of all the non-batch functions as well as the common
nft_mnl_talk() one. Instead of complicating them even further, this
patch instead makes them accept a pointer to netlink_ctx as first
parameter to gather both the old (nf_sock, seqnum) and the new values
(debug_mask, octx) from.
Since after the above change struct mnl_ctx was not really used anymore,
so the remaining places were adjusted as well to allow for removing the
struct altogether.
Note that cache routines needed special treatment: Although parameters
of cache_update() make it a candidate for the same change, it can't be
converted since it is called in evaluation phase sometimes in which
there is no netlink context available (but just eval context instead).
Since netlink_genid_get() needs a netlink context though, the ad-hoc
netlink_ctx definition from cache_init() is moved into cache_update() to
have it available there already.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include')
| -rw-r--r-- | include/mnl.h | 72 | ||||
| -rw-r--r-- | include/netlink.h | 2 |
2 files changed, 34 insertions, 40 deletions
diff --git a/include/mnl.h b/include/mnl.h index 84c362a2..4662cd04 100644 --- a/include/mnl.h +++ b/include/mnl.h @@ -5,17 +5,11 @@ #include <netlink.h> #include <libmnl/libmnl.h> -struct mnl_ctx { - struct mnl_socket *nf_sock; - unsigned int seqnum; - unsigned int debug_mask; -}; - struct mnl_socket *netlink_open_sock(void); void netlink_close_sock(struct mnl_socket *nf_sock); uint32_t mnl_seqnum_alloc(uint32_t *seqnum); -uint16_t mnl_genid_get(struct mnl_socket *nf_sock, uint32_t seqnum); +uint16_t mnl_genid_get(struct netlink_ctx *ctx); struct mnl_err { struct list_head head; @@ -38,57 +32,56 @@ int mnl_nft_rule_batch_del(struct nftnl_rule *nlr, struct nftnl_batch *batch, int mnl_nft_rule_batch_replace(struct nftnl_rule *nlr, struct nftnl_batch *batch, unsigned int flags, uint32_t seqnum); -struct nftnl_rule_list *mnl_nft_rule_dump(struct mnl_socket *nf_sock, - int family, uint32_t seqnum); +struct nftnl_rule_list *mnl_nft_rule_dump(struct netlink_ctx *ctx, + int family); -int mnl_nft_chain_add(struct mnl_socket *nf_sock, struct nftnl_chain *nlc, - unsigned int flags, uint32_t seqnum); +int mnl_nft_chain_add(struct netlink_ctx *ctx, struct nftnl_chain *nlc, + unsigned int flags); int mnl_nft_chain_batch_add(struct nftnl_chain *nlc, struct nftnl_batch *batch, unsigned int flags, uint32_t seqnum); -int mnl_nft_chain_delete(struct mnl_socket *nf_sock, struct nftnl_chain *nlc, - unsigned int flags, uint32_t seqnum); +int mnl_nft_chain_delete(struct netlink_ctx *ctx, struct nftnl_chain *nlc, + unsigned int flags); int mnl_nft_chain_batch_del(struct nftnl_chain *nlc, struct nftnl_batch *batch, unsigned int flags, uint32_t seqnum); -struct nftnl_chain_list *mnl_nft_chain_dump(struct mnl_socket *nf_sock, - int family, uint32_t seqnum); +struct nftnl_chain_list *mnl_nft_chain_dump(struct netlink_ctx *ctx, + int family); -int mnl_nft_table_add(struct mnl_socket *nf_sock, struct nftnl_table *nlt, - unsigned int flags, uint32_t seqnum); +int mnl_nft_table_add(struct netlink_ctx *ctx, struct nftnl_table *nlt, + unsigned int flags); int mnl_nft_table_batch_add(struct nftnl_table *nlt, struct nftnl_batch *batch, unsigned int flags, uint32_t seqnum); -int mnl_nft_table_delete(struct mnl_socket *nf_sock, struct nftnl_table *nlt, - unsigned int flags, uint32_t seqnum); +int mnl_nft_table_delete(struct netlink_ctx *ctx, struct nftnl_table *nlt, + unsigned int flags); int mnl_nft_table_batch_del(struct nftnl_table *nlt, struct nftnl_batch *batch, unsigned int flags, uint32_t seqnum); -struct nftnl_table_list *mnl_nft_table_dump(struct mnl_socket *nf_sock, - int family, uint32_t seqnum); +struct nftnl_table_list *mnl_nft_table_dump(struct netlink_ctx *ctx, + int family); -int mnl_nft_set_add(struct mnl_socket *nf_sock, struct nftnl_set *nls, - unsigned int flags, uint32_t seqnum); +int mnl_nft_set_add(struct netlink_ctx *ctx, struct nftnl_set *nls, + unsigned int flags); int mnl_nft_set_batch_add(struct nftnl_set *nls, struct nftnl_batch *batch, unsigned int flags, uint32_t seqnum); -int mnl_nft_set_delete(struct mnl_socket *nf_sock, struct nftnl_set *nls, - unsigned int flags, uint32_t seqnum); +int mnl_nft_set_delete(struct netlink_ctx *ctx, struct nftnl_set *nls, + unsigned int flags); int mnl_nft_set_batch_del(struct nftnl_set *nls, struct nftnl_batch *batch, unsigned int flags, uint32_t seqnum); -struct nftnl_set_list *mnl_nft_set_dump(struct mnl_socket *nf_sock, int family, - const char *table, uint32_t seqnum); +struct nftnl_set_list *mnl_nft_set_dump(struct netlink_ctx *ctx, int family, + const char *table); -int mnl_nft_setelem_add(struct mnl_socket *nf_sock, struct nftnl_set *nls, - unsigned int flags, uint32_t seqnum); +int mnl_nft_setelem_add(struct netlink_ctx *ctx, struct nftnl_set *nls, + unsigned int flags); int mnl_nft_setelem_batch_add(struct nftnl_set *nls, struct nftnl_batch *batch, unsigned int flags, uint32_t seqnum); -int mnl_nft_setelem_delete(struct mnl_socket *nf_sock, struct nftnl_set *nls, - unsigned int flags, uint32_t seqnum); +int mnl_nft_setelem_delete(struct netlink_ctx *ctx, struct nftnl_set *nls, + unsigned int flags); int mnl_nft_setelem_batch_del(struct nftnl_set *nls, struct nftnl_batch *batch, - unsigned int flags, uint32_t seq); + unsigned int flags, uint32_t seqnum); int mnl_nft_setelem_batch_flush(struct nftnl_set *nls, struct nftnl_batch *batch, unsigned int flags, uint32_t seqnum); -int mnl_nft_setelem_get(struct mnl_socket *nf_sock, struct nftnl_set *nls, - uint32_t seqnum); +int mnl_nft_setelem_get(struct netlink_ctx *ctx, struct nftnl_set *nls); -struct nftnl_obj_list *mnl_nft_obj_dump(struct mnl_socket *nf_sock, int family, - uint32_t seqnum, const char *table, +struct nftnl_obj_list *mnl_nft_obj_dump(struct netlink_ctx *ctx, int family, + const char *table, const char *name, uint32_t type, bool dump, bool reset); int mnl_nft_obj_batch_add(struct nftnl_obj *nln, struct nftnl_batch *batch, @@ -96,9 +89,10 @@ int mnl_nft_obj_batch_add(struct nftnl_obj *nln, struct nftnl_batch *batch, int mnl_nft_obj_batch_del(struct nftnl_obj *nln, struct nftnl_batch *batch, unsigned int flags, uint32_t seqnum); -struct nftnl_ruleset *mnl_nft_ruleset_dump(struct mnl_socket *nf_sock, - uint32_t family, uint32_t seqnum); -int mnl_nft_event_listener(struct mnl_ctx *ctx, +struct nftnl_ruleset *mnl_nft_ruleset_dump(struct netlink_ctx *ctx, + uint32_t family); +int mnl_nft_event_listener(struct mnl_socket *nf_sock, unsigned int debug_mask, + struct output_ctx *octx, int (*cb)(const struct nlmsghdr *nlh, void *data), void *cb_data); diff --git a/include/netlink.h b/include/netlink.h index b30c05f8..51cd5c9d 100644 --- a/include/netlink.h +++ b/include/netlink.h @@ -191,7 +191,7 @@ extern void netlink_dump_obj(struct nftnl_obj *nlo, struct netlink_ctx *ctx); extern int netlink_batch_send(struct netlink_ctx *ctx, struct list_head *err_list); -extern uint16_t netlink_genid_get(struct mnl_socket *nf_sock, uint32_t seqnum); +extern uint16_t netlink_genid_get(struct netlink_ctx *ctx); extern void netlink_restart(struct mnl_socket *nf_sock); #define netlink_abi_error() \ __netlink_abi_error(__FILE__, __LINE__, strerror(errno)); |