summaryrefslogtreecommitdiffstats
path: root/src/libnftables.c
diff options
context:
space:
mode:
authorJeremy Sowden <jeremy@azazel.net>2019-07-19 12:10:09 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2019-07-22 23:27:36 +0200
commitfc6d0f8b0cb1895effd5248020906941d100d7b7 (patch)
tree42f5cc829f0cb730a9be4b46a49c0fcb55f3195a /src/libnftables.c
parent5d9dce41a72875396f1fddff30c770138d650c29 (diff)
libnftables: get rid of repeated initialization of netlink_ctx
Most members in the context don't change, so there is no need to memset it and reassign them on every iteration. Moved that code out of the loop. Fixes: a72315d2bad4 ("src: add rule batching support") Reported-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Jeremy Sowden <jeremy@azazel.net> Acked-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/libnftables.c')
-rw-r--r--src/libnftables.c23
1 files changed, 10 insertions, 13 deletions
diff --git a/src/libnftables.c b/src/libnftables.c
index 2f77a770..4a139c58 100644
--- a/src/libnftables.c
+++ b/src/libnftables.c
@@ -22,8 +22,12 @@ static int nft_netlink(struct nft_ctx *nft,
struct mnl_socket *nf_sock)
{
uint32_t batch_seqnum, seqnum = 0, num_cmds = 0;
- struct nftnl_batch *batch;
- struct netlink_ctx ctx;
+ struct netlink_ctx ctx = {
+ .nft = nft,
+ .msgs = msgs,
+ .list = LIST_HEAD_INIT(ctx.list),
+ .batch = mnl_batch_init(),
+ };
struct cmd *cmd;
struct mnl_err *err, *tmp;
LIST_HEAD(err_list);
@@ -32,16 +36,9 @@ static int nft_netlink(struct nft_ctx *nft,
if (list_empty(cmds))
return 0;
- batch = mnl_batch_init();
-
- batch_seqnum = mnl_batch_begin(batch, mnl_seqnum_alloc(&seqnum));
+ batch_seqnum = mnl_batch_begin(ctx.batch, mnl_seqnum_alloc(&seqnum));
list_for_each_entry(cmd, cmds, list) {
- memset(&ctx, 0, sizeof(ctx));
- ctx.msgs = msgs;
ctx.seqnum = cmd->seqnum = mnl_seqnum_alloc(&seqnum);
- ctx.batch = batch;
- ctx.nft = nft;
- init_list_head(&ctx.list);
ret = do_command(&ctx, cmd);
if (ret < 0) {
netlink_io_error(&ctx, &cmd->location,
@@ -52,9 +49,9 @@ static int nft_netlink(struct nft_ctx *nft,
num_cmds++;
}
if (!nft->check)
- mnl_batch_end(batch, mnl_seqnum_alloc(&seqnum));
+ mnl_batch_end(ctx.batch, mnl_seqnum_alloc(&seqnum));
- if (!mnl_batch_ready(batch))
+ if (!mnl_batch_ready(ctx.batch))
goto out;
ret = mnl_batch_talk(&ctx, &err_list, num_cmds);
@@ -83,7 +80,7 @@ static int nft_netlink(struct nft_ctx *nft,
}
}
out:
- mnl_batch_reset(batch);
+ mnl_batch_reset(ctx.batch);
return ret;
}