netlink: remove non-batching routines

This is only needed by 3.16, which was released 8 months after nftables was merged upstream. That kernel version supports a reduced featureset. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Florian Westphal <fw@strlen.de>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2018-03-03 10:18:33 +0100
committer: Florian Westphal <fw@strlen.de> 2018-03-03 10:28:30 +0100
commit: cc8c5fd02448a415473e1afc3f7155bed3940e0d (patch)
tree: 99e105c4a02df792bd0e661cd3745e05150783f4
parent: c1dd0d7269512320e24cb605a5140d85510b7126 (diff)
3 files changed, 45 insertions, 328 deletions
diff --git a/include/netlink.h b/include/netlink.h
index 66686e5a..2c4250e7 100644
--- a/include/netlink.h
+++ b/include/netlink.h
@@ -125,22 +125,22 @@ extern int netlink_replace_rule_batch(struct netlink_ctx *ctx,
 				      const struct rule *rule,
 				      const struct location *loc);
 
-extern int netlink_add_chain(struct netlink_ctx *ctx, const struct handle *h,
+extern int netlink_add_chain_batch(struct netlink_ctx *ctx, const struct handle *h,
 			     const struct location *loc,
 			     const struct chain *chain, uint32_t flags);
-extern int netlink_rename_chain(struct netlink_ctx *ctx, const struct handle *h,
+extern int netlink_rename_chain_batch(struct netlink_ctx *ctx, const struct handle *h,
 				const struct location *loc, const char *name);
-extern int netlink_delete_chain(struct netlink_ctx *ctx, const struct handle *h,
+extern int netlink_delete_chain_batch(struct netlink_ctx *ctx, const struct handle *h,
 				const struct location *loc);
 extern int netlink_list_chains(struct netlink_ctx *ctx, const struct handle *h,
 			       const struct location *loc);
 extern int netlink_flush_chain(struct netlink_ctx *ctx, const struct handle *h,
 			       const struct location *loc);
 
-extern int netlink_add_table(struct netlink_ctx *ctx, const struct handle *h,
+extern int netlink_add_table_batch(struct netlink_ctx *ctx, const struct handle *h,
 			     const struct location *loc,
 			     const struct table *table, uint32_t flags);
-extern int netlink_delete_table(struct netlink_ctx *ctx, const struct handle *h,
+extern int netlink_delete_table_batch(struct netlink_ctx *ctx, const struct handle *h,
 				const struct location *loc);
 extern int netlink_list_tables(struct netlink_ctx *ctx, const struct handle *h,
 			       const struct location *loc);
@@ -149,9 +149,9 @@ extern int netlink_list_table(struct netlink_ctx *ctx, const struct handle *h,
 extern int netlink_flush_table(struct netlink_ctx *ctx, const struct handle *h,
 			       const struct location *loc);
 
-extern int netlink_add_set(struct netlink_ctx *ctx, const struct handle *h,
+extern int netlink_add_set_batch(struct netlink_ctx *ctx, const struct handle *h,
 			   struct set *set, uint32_t flags);
-extern int netlink_delete_set(struct netlink_ctx *ctx, const struct handle *h,
+extern int netlink_delete_set_batch(struct netlink_ctx *ctx, const struct handle *h,
 			      const struct location *loc);
 extern int netlink_list_sets(struct netlink_ctx *ctx, const struct handle *h,
 			     const struct location *loc);
@@ -160,9 +160,9 @@ extern struct stmt *netlink_parse_set_expr(const struct set *set,
 					   const struct nft_cache *cache,
 					   const struct nftnl_expr *nle);
 
-extern int netlink_add_setelems(struct netlink_ctx *ctx, const struct handle *h,
+extern int netlink_add_setelems_batch(struct netlink_ctx *ctx, const struct handle *h,
 				const struct expr *expr, uint32_t flags);
-extern int netlink_delete_setelems(struct netlink_ctx *ctx, const struct handle *h,
+extern int netlink_delete_setelems_batch(struct netlink_ctx *ctx, const struct handle *h,
 				   const struct expr *expr);
 extern int netlink_get_setelems(struct netlink_ctx *ctx, const struct handle *h,
 				const struct location *loc, struct set *set);
diff --git a/src/netlink.c b/src/netlink.c
index 06b1f57a..2ff3ce5e 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -589,43 +589,9 @@ void netlink_dump_chain(const struct nftnl_chain *nlc, struct netlink_ctx *ctx)
 	fprintf(fp, "\n");
 }
 
-static int netlink_add_chain_compat(struct netlink_ctx *ctx,
-				    const struct handle *h,
-				    const struct location *loc,
-				    const struct chain *chain, uint32_t flags)
-{
-	struct nftnl_chain *nlc;
-	int err;
-
-	nlc = alloc_nftnl_chain(h);
-	if (chain != NULL) {
-		if (chain->flags & CHAIN_F_BASECHAIN) {
-			nftnl_chain_set_u32(nlc, NFTNL_CHAIN_HOOKNUM,
-					    chain->hooknum);
-			nftnl_chain_set_s32(nlc, NFTNL_CHAIN_PRIO,
-					    chain->priority);
-			nftnl_chain_set_str(nlc, NFTNL_CHAIN_TYPE,
-					    chain->type);
-		}
-		if (chain->policy != -1)
-			nftnl_chain_set_u32(nlc, NFTNL_CHAIN_POLICY,
-					    chain->policy);
-	}
-
-	netlink_dump_chain(nlc, ctx);
-	err = mnl_nft_chain_add(ctx, nlc, flags);
-	nftnl_chain_free(nlc);
-
-	if (err < 0)
-		netlink_io_error(ctx, loc, "Could not add chain: %s",
-				 strerror(errno));
-	return err;
-}
-
-static int netlink_add_chain_batch(struct netlink_ctx *ctx,
-				   const struct handle *h,
-				   const struct location *loc,
-				   const struct chain *chain, uint32_t flags)
+int netlink_add_chain_batch(struct netlink_ctx *ctx, const struct handle *h,
+			    const struct location *loc,
+			    const struct chain *chain, uint32_t flags)
 {
 	struct nftnl_chain *nlc;
 	int err;
@@ -658,40 +624,10 @@ static int netlink_add_chain_batch(struct netlink_ctx *ctx,
 	return err;
 }
 
-int netlink_add_chain(struct netlink_ctx *ctx, const struct handle *h,
-		      const struct location *loc, const struct chain *chain,
-		      uint32_t flags)
-{
-	if (ctx->batch_supported)
-		return netlink_add_chain_batch(ctx, h, loc, chain, flags);
-	else
-		return netlink_add_chain_compat(ctx, h, loc, chain, flags);
-}
-
-static int netlink_rename_chain_compat(struct netlink_ctx *ctx,
-				       const struct handle *h,
-				       const struct location *loc,
-				       const char *name)
-{
-	struct nftnl_chain *nlc;
-	int err;
-
-	nlc = alloc_nftnl_chain(h);
-	nftnl_chain_set_str(nlc, NFTNL_CHAIN_NAME, name);
-	netlink_dump_chain(nlc, ctx);
-	err = mnl_nft_chain_add(ctx, nlc, 0);
-	nftnl_chain_free(nlc);
-
-	if (err < 0)
-		netlink_io_error(ctx, loc, "Could not rename chain: %s",
-				 strerror(errno));
-	return err;
-}
-
-static int netlink_rename_chain_batch(struct netlink_ctx *ctx,
-				      const struct handle *h,
-				      const struct location *loc,
-				      const char *name)
+int netlink_rename_chain_batch(struct netlink_ctx *ctx,
+			       const struct handle *h,
+			       const struct location *loc,
+			       const char *name)
 {
 	struct nftnl_chain *nlc;
 	int err;
@@ -708,36 +644,8 @@ static int netlink_rename_chain_batch(struct netlink_ctx *ctx,
 	return err;
 }
 
-int netlink_rename_chain(struct netlink_ctx *ctx, const struct handle *h,
-			 const struct location *loc, const char *name)
-{
-	if (ctx->batch_supported)
-		return netlink_rename_chain_batch(ctx, h, loc, name);
-	else
-		return netlink_rename_chain_compat(ctx, h, loc, name);
-}
-
-static int netlink_del_chain_compat(struct netlink_ctx *ctx,
-				    const struct handle *h,
-				    const struct location *loc)
-{
-	struct nftnl_chain *nlc;
-	int err;
-
-	nlc = alloc_nftnl_chain(h);
-	netlink_dump_chain(nlc, ctx);
-	err = mnl_nft_chain_delete(ctx, nlc, 0);
-	nftnl_chain_free(nlc);
-
-	if (err < 0)
-		netlink_io_error(ctx, loc, "Could not delete chain: %s",
-				 strerror(errno));
-	return err;
-}
-
-static int netlink_del_chain_batch(struct netlink_ctx *ctx,
-				   const struct handle *h,
-				   const struct location *loc)
+int netlink_delete_chain_batch(struct netlink_ctx *ctx, const struct handle *h,
+			    const struct location *loc)
 {
 	struct nftnl_chain *nlc;
 	int err;
@@ -753,15 +661,6 @@ static int netlink_del_chain_batch(struct netlink_ctx *ctx,
 	return err;
 }
 
-int netlink_delete_chain(struct netlink_ctx *ctx, const struct handle *h,
-			 const struct location *loc)
-{
-	if (ctx->batch_supported)
-		return netlink_del_chain_batch(ctx, h, loc);
-	else
-		return netlink_del_chain_compat(ctx, h, loc);
-}
-
 static struct chain *netlink_delinearize_chain(struct netlink_ctx *ctx,
 					       const struct nftnl_chain *nlc)
 {
@@ -863,28 +762,9 @@ int netlink_flush_chain(struct netlink_ctx *ctx, const struct handle *h,
 	return netlink_del_rule_batch(ctx, h, loc);
 }
 
-static int netlink_add_table_compat(struct netlink_ctx *ctx,
-				    const struct handle *h,
-				    const struct location *loc,
-				    const struct table *table, uint32_t flags)
-{
-	struct nftnl_table *nlt;
-	int err;
-
-	nlt = alloc_nftnl_table(h);
-	err = mnl_nft_table_add(ctx, nlt, flags);
-	nftnl_table_free(nlt);
-
-	if (err < 0)
-		netlink_io_error(ctx, loc, "Could not add table: %s",
-				 strerror(errno));
-	return err;
-}
-
-static int netlink_add_table_batch(struct netlink_ctx *ctx,
-				   const struct handle *h,
-				   const struct location *loc,
-				   const struct table *table, uint32_t flags)
+int netlink_add_table_batch(struct netlink_ctx *ctx, const struct handle *h,
+			    const struct location *loc,
+			    const struct table *table, uint32_t flags)
 {
 	struct nftnl_table *nlt;
 	int err;
@@ -904,36 +784,8 @@ static int netlink_add_table_batch(struct netlink_ctx *ctx,
 	return err;
 }
 
-int netlink_add_table(struct netlink_ctx *ctx, const struct handle *h,
-		      const struct location *loc,
-		      const struct table *table, uint32_t flags)
-{
-	if (ctx->batch_supported)
-		return netlink_add_table_batch(ctx, h, loc, table, flags);
-	else
-		return netlink_add_table_compat(ctx, h, loc, table, flags);
-}
-
-static int netlink_del_table_compat(struct netlink_ctx *ctx,
-				    const struct handle *h,
-				    const struct location *loc)
-{
-	struct nftnl_table *nlt;
-	int err;
-
-	nlt = alloc_nftnl_table(h);
-	err = mnl_nft_table_delete(ctx, nlt, 0);
-	nftnl_table_free(nlt);
-
-	if (err < 0)
-		netlink_io_error(ctx, loc, "Could not delete table: %s",
-				 strerror(errno));
-	return err;
-}
-
-static int netlink_del_table_batch(struct netlink_ctx *ctx,
-				   const struct handle *h,
-				   const struct location *loc)
+int netlink_delete_table_batch(struct netlink_ctx *ctx, const struct handle *h,
+			    const struct location *loc)
 {
 	struct nftnl_table *nlt;
 	int err;
@@ -948,15 +800,6 @@ static int netlink_del_table_batch(struct netlink_ctx *ctx,
 	return err;
 }
 
-int netlink_delete_table(struct netlink_ctx *ctx, const struct handle *h,
-			 const struct location *loc)
-{
-	if (ctx->batch_supported)
-		return netlink_del_table_batch(ctx, h, loc);
-	else
-		return netlink_del_table_compat(ctx, h, loc);
-}
-
 static struct table *netlink_delinearize_table(struct netlink_ctx *ctx,
 					       const struct nftnl_table *nlt)
 {
@@ -1160,41 +1003,9 @@ static struct set *netlink_delinearize_set(struct netlink_ctx *ctx,
 	return set;
 }
 
-static int netlink_add_set_compat(struct netlink_ctx *ctx,
-				  const struct handle *h, struct set *set,
-				  uint32_t flags)
-{
-	struct nftnl_set *nls;
-	int err;
-
-	nls = alloc_nftnl_set(h);
-	nftnl_set_set_u32(nls, NFTNL_SET_FLAGS, set->flags);
-	nftnl_set_set_u32(nls, NFTNL_SET_KEY_TYPE,
-			  dtype_map_to_kernel(set->key->dtype));
-	nftnl_set_set_u32(nls, NFTNL_SET_KEY_LEN,
-			  div_round_up(set->key->len, BITS_PER_BYTE));
-	if (set->flags & NFT_SET_MAP) {
-		nftnl_set_set_u32(nls, NFTNL_SET_DATA_TYPE,
-				  dtype_map_to_kernel(set->datatype));
-		nftnl_set_set_u32(nls, NFTNL_SET_DATA_LEN,
-				  set->datalen / BITS_PER_BYTE);
-	}
-	netlink_dump_set(nls, ctx);
-
-	err = mnl_nft_set_add(ctx, nls, NLM_F_ECHO | flags);
-	if (err < 0)
-		netlink_io_error(ctx, &set->location, "Could not add set: %s",
-				 strerror(errno));
-
-	set->handle.set = xstrdup(nftnl_set_get_str(nls, NFTNL_SET_NAME));
-	nftnl_set_free(nls);
-
-	return err;
-}
-
-static int netlink_add_set_batch(struct netlink_ctx *ctx,
-				 const struct handle *h, struct set *set,
-				 uint32_t flags)
+int netlink_add_set_batch(struct netlink_ctx *ctx,
+			  const struct handle *h, struct set *set,
+			  uint32_t flags)
 {
 	struct nftnl_udata_buf *udbuf;
 	struct nftnl_set *nls;
@@ -1265,35 +1076,8 @@ static int netlink_add_set_batch(struct netlink_ctx *ctx,
 	return err;
 }
 
-int netlink_add_set(struct netlink_ctx *ctx, const struct handle *h,
-		    struct set *set, uint32_t flags)
-{
-	if (ctx->batch_supported)
-		return netlink_add_set_batch(ctx, h, set, flags);
-	else
-		return netlink_add_set_compat(ctx, h, set, flags);
-}
-
-static int netlink_del_set_compat(struct netlink_ctx *ctx,
-				  const struct handle *h,
-				  const struct location *loc)
-{
-	struct nftnl_set *nls;
-	int err;
-
-	nls = alloc_nftnl_set(h);
-	err = mnl_nft_set_delete(ctx, nls, 0);
-	nftnl_set_free(nls);
-
-	if (err < 0)
-		netlink_io_error(ctx, loc, "Could not delete set: %s",
-				 strerror(errno));
-	return err;
-}
-
-static int netlink_del_set_batch(struct netlink_ctx *ctx,
-				 const struct handle *h,
-				 const struct location *loc)
+int netlink_delete_set_batch(struct netlink_ctx *ctx, const struct handle *h,
+			  const struct location *loc)
 {
 	struct nftnl_set *nls;
 	int err;
@@ -1308,15 +1092,6 @@ static int netlink_del_set_batch(struct netlink_ctx *ctx,
 	return err;
 }
 
-int netlink_delete_set(struct netlink_ctx *ctx, const struct handle *h,
-		       const struct location *loc)
-{
-	if (ctx->batch_supported)
-		return netlink_del_set_batch(ctx, h, loc);
-	else
-		return netlink_del_set_compat(ctx, h, loc);
-}
-
 static int list_set_cb(struct nftnl_set *nls, void *arg)
 {
 	struct netlink_ctx *ctx = arg;
@@ -1359,9 +1134,8 @@ static void alloc_setelem_cache(const struct expr *set, struct nftnl_set *nls)
 	}
 }
 
-static int netlink_add_setelems_batch(struct netlink_ctx *ctx,
-				      const struct handle *h,
-				      const struct expr *expr, uint32_t flags)
+int netlink_add_setelems_batch(struct netlink_ctx *ctx, const struct handle *h,
+			       const struct expr *expr, uint32_t flags)
 {
 	struct nftnl_set *nls;
 	int err;
@@ -1379,38 +1153,8 @@ static int netlink_add_setelems_batch(struct netlink_ctx *ctx,
 	return err;
 }
 
-static int netlink_add_setelems_compat(struct netlink_ctx *ctx,
-				       const struct handle *h,
-				       const struct expr *expr, uint32_t flags)
-{
-	struct nftnl_set *nls;
-	int err;
-
-	nls = alloc_nftnl_set(h);
-	alloc_setelem_cache(expr, nls);
-	netlink_dump_set(nls, ctx);
-
-	err = mnl_nft_setelem_add(ctx, nls, flags);
-	nftnl_set_free(nls);
-	if (err < 0)
-		netlink_io_error(ctx, &expr->location,
-				 "Could not add set elements: %s",
-				 strerror(errno));
-	return err;
-}
-
-int netlink_add_setelems(struct netlink_ctx *ctx, const struct handle *h,
-			 const struct expr *expr, uint32_t flags)
-{
-	if (ctx->batch_supported)
-		return netlink_add_setelems_batch(ctx, h, expr, flags);
-	else
-		return netlink_add_setelems_compat(ctx, h, expr, flags);
-}
-
-static int netlink_del_setelems_batch(struct netlink_ctx *ctx,
-				      const struct handle *h,
-				      const struct expr *expr)
+int netlink_delete_setelems_batch(struct netlink_ctx *ctx,
+			       const struct handle *h, const struct expr *expr)
 {
 	struct nftnl_set *nls;
 	int err;
@@ -1429,26 +1173,6 @@ static int netlink_del_setelems_batch(struct netlink_ctx *ctx,
 	return err;
 }
 
-static int netlink_del_setelems_compat(struct netlink_ctx *ctx,
-				       const struct handle *h,
-				       const struct expr *expr)
-{
-	struct nftnl_set *nls;
-	int err;
-
-	nls = alloc_nftnl_set(h);
-	alloc_setelem_cache(expr, nls);
-	netlink_dump_set(nls, ctx);
-
-	err = mnl_nft_setelem_delete(ctx, nls, 0);
-	nftnl_set_free(nls);
-	if (err < 0)
-		netlink_io_error(ctx, &expr->location,
-				 "Could not delete set elements: %s",
-				 strerror(errno));
-	return err;
-}
-
 int netlink_flush_setelems(struct netlink_ctx *ctx, const struct handle *h,
 			   const struct location *loc)
 {
@@ -1622,15 +1346,6 @@ out:
 	return 0;
 }
 
-int netlink_delete_setelems(struct netlink_ctx *ctx, const struct handle *h,
-			    const struct expr *expr)
-{
-	if (ctx->batch_supported)
-		return netlink_del_setelems_batch(ctx, h, expr);
-	else
-		return netlink_del_setelems_compat(ctx, h, expr);
-}
-
 static int list_setelem_cb(struct nftnl_set_elem *nlse, void *arg)
 {
 	struct netlink_ctx *ctx = arg;
diff --git a/src/rule.c b/src/rule.c
index a53908f6..c0b42b1c 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -999,7 +999,7 @@ static int __do_add_setelems(struct netlink_ctx *ctx, const struct handle *h,
 			     struct set *set, struct expr *expr, uint32_t flags)
 {
 	expr->set_flags |= set->flags;
-	if (netlink_add_setelems(ctx, h, expr, flags) < 0)
+	if (netlink_add_setelems_batch(ctx, h, expr, flags) < 0)
 		return -1;
 
 	return 0;
@@ -1031,7 +1031,7 @@ static int do_add_set(struct netlink_ctx *ctx, const struct handle *h,
 				     ctx->debug_mask, set->automerge) < 0)
 			return -1;
 	}
-	if (netlink_add_set(ctx, h, set, flags) < 0)
+	if (netlink_add_set_batch(ctx, h, set, flags) < 0)
 		return -1;
 	if (set->init != NULL) {
 		return __do_add_setelems(ctx, &set->handle, set, set->init,
@@ -1057,11 +1057,13 @@ static int do_command_add(struct netlink_ctx *ctx, struct cmd *cmd, bool excl)
 
 	switch (cmd->obj) {
 	case CMD_OBJ_TABLE:
-		return netlink_add_table(ctx, &cmd->handle, &cmd->location,
-					 cmd->table, flags);
+		return netlink_add_table_batch(ctx, &cmd->handle,
+					       &cmd->location, cmd->table,
+					       flags);
 	case CMD_OBJ_CHAIN:
-		return netlink_add_chain(ctx, &cmd->handle, &cmd->location,
-					 cmd->chain, flags);
+		return netlink_add_chain_batch(ctx, &cmd->handle,
+					       &cmd->location, cmd->chain,
+					       flags);
 	case CMD_OBJ_RULE:
 		return netlink_add_rule_batch(ctx, &cmd->handle,
 					      cmd->rule, flags | NLM_F_APPEND);
@@ -1131,7 +1133,7 @@ static int do_delete_setelems(struct netlink_ctx *ctx, const struct handle *h,
 			     ctx->debug_mask, set->automerge) < 0)
 		return -1;
 
-	if (netlink_delete_setelems(ctx, h, expr) < 0)
+	if (netlink_delete_setelems_batch(ctx, h, expr) < 0)
 		return -1;
 
 	return 0;
@@ -1141,14 +1143,14 @@ static int do_command_delete(struct netlink_ctx *ctx, struct cmd *cmd)
 {
 	switch (cmd->obj) {
 	case CMD_OBJ_TABLE:
-		return netlink_delete_table(ctx, &cmd->handle, &cmd->location);
+		return netlink_delete_table_batch(ctx, &cmd->handle, &cmd->location);
 	case CMD_OBJ_CHAIN:
-		return netlink_delete_chain(ctx, &cmd->handle, &cmd->location);
+		return netlink_delete_chain_batch(ctx, &cmd->handle, &cmd->location);
 	case CMD_OBJ_RULE:
 		return netlink_del_rule_batch(ctx, &cmd->handle,
 					      &cmd->location);
 	case CMD_OBJ_SET:
-		return netlink_delete_set(ctx, &cmd->handle, &cmd->location);
+		return netlink_delete_set_batch(ctx, &cmd->handle, &cmd->location);
 	case CMD_OBJ_SETELEM:
 		return do_delete_setelems(ctx, &cmd->handle, cmd->expr);
 	case CMD_OBJ_COUNTER:
@@ -1714,7 +1716,7 @@ static int do_command_rename(struct netlink_ctx *ctx, struct cmd *cmd)
 	case CMD_OBJ_CHAIN:
 		chain = chain_lookup(table, &cmd->handle);
 
-		return netlink_rename_chain(ctx, &chain->handle, &cmd->location,
+		return netlink_rename_chain_batch(ctx, &chain->handle, &cmd->location,
 					    cmd->arg);
 	default:
 		BUG("invalid command object type %u\n", cmd->obj);
author	Pablo Neira Ayuso <pablo@netfilter.org>	2018-03-03 10:18:33 +0100
committer	Florian Westphal <fw@strlen.de>	2018-03-03 10:28:30 +0100
commit	cc8c5fd02448a415473e1afc3f7155bed3940e0d (patch)
tree	99e105c4a02df792bd0e661cd3745e05150783f4
parent	c1dd0d7269512320e24cb605a5140d85510b7126 (diff)