summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2018-03-07 15:23:33 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2018-03-07 15:23:52 +0100
commitd2b961353298b26b4e4a1d7eec19ea4ae5d41c47 (patch)
tree5b90788ba61d059b684b24244bb3fb9d54b92fa2
parentfbcb888b311a9386f9e6cf8e36b32a270470e2e7 (diff)
src: remove unused batch support checks
Follow up after cc8c5fd02448 ("netlink: remove non-batching routine"). Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat
-rw-r--r--include/mnl.h2
-rw-r--r--include/netlink.h3
-rw-r--r--src/libnftables.c2
-rw-r--r--src/mnl.c64
-rw-r--r--src/netlink.c8
5 files changed, 0 insertions, 79 deletions
diff --git a/include/mnl.h b/include/mnl.h
index d3eedeb7..91f47834 100644
--- a/include/mnl.h
+++ b/include/mnl.h
@@ -108,6 +108,4 @@ int mnl_nft_event_listener(struct mnl_socket *nf_sock, unsigned int debug_mask,
int (*cb)(const struct nlmsghdr *nlh, void *data),
void *cb_data);
-bool mnl_batch_supported(struct mnl_socket *nf_sock, uint32_t *seqnum);
-
#endif /* _NFTABLES_MNL_H_ */
diff --git a/include/netlink.h b/include/netlink.h
index 905c9d74..240441dd 100644
--- a/include/netlink.h
+++ b/include/netlink.h
@@ -52,7 +52,6 @@ struct netlink_ctx {
const void *data;
uint32_t seqnum;
struct nftnl_batch *batch;
- bool batch_supported;
unsigned int debug_mask;
struct output_ctx *octx;
struct nft_cache *cache;
@@ -246,8 +245,6 @@ struct netlink_mon_handler {
extern int netlink_monitor(struct netlink_mon_handler *monhandler,
struct mnl_socket *nf_sock);
-bool netlink_batch_supported(struct mnl_socket *nf_sock, uint32_t *seqnum);
-
int netlink_echo_callback(const struct nlmsghdr *nlh, void *data);
struct ruleset_parse {
diff --git a/src/libnftables.c b/src/libnftables.c
index 1d1975e9..9b2f65ae 100644
--- a/src/libnftables.c
+++ b/src/libnftables.c
@@ -27,7 +27,6 @@ static int nft_netlink(struct nft_ctx *nft,
struct cmd *cmd;
struct mnl_err *err, *tmp;
LIST_HEAD(err_list);
- bool batch_supported = netlink_batch_supported(nf_sock, &seqnum);
int ret = 0;
if (list_empty(&state->cmds))
@@ -41,7 +40,6 @@ static int nft_netlink(struct nft_ctx *nft,
ctx.msgs = msgs;
ctx.seqnum = cmd->seqnum = mnl_seqnum_alloc(&seqnum);
ctx.batch = batch;
- ctx.batch_supported = batch_supported;
ctx.octx = &nft->output;
ctx.nf_sock = nf_sock;
ctx.cache = &nft->cache;
diff --git a/src/mnl.c b/src/mnl.c
index 3d48bc1b..0bd7e552 100644
--- a/src/mnl.c
+++ b/src/mnl.c
@@ -1196,67 +1196,3 @@ int mnl_nft_event_listener(struct mnl_socket *nf_sock, unsigned int debug_mask,
}
return ret;
}
-
-static void nft_mnl_batch_put(char *buf, uint16_t type, uint32_t seqnum)
-{
- struct nlmsghdr *nlh;
- struct nfgenmsg *nfg;
-
- nlh = mnl_nlmsg_put_header(buf);
- nlh->nlmsg_type = type;
- nlh->nlmsg_flags = NLM_F_REQUEST;
- nlh->nlmsg_seq = seqnum;
-
- nfg = mnl_nlmsg_put_extra_header(nlh, sizeof(*nfg));
- nfg->nfgen_family = AF_INET;
- nfg->version = NFNETLINK_V0;
- nfg->res_id = NFNL_SUBSYS_NFTABLES;
-}
-
-bool mnl_batch_supported(struct mnl_socket *nf_sock, uint32_t *seqnum)
-{
- struct mnl_nlmsg_batch *b;
- char buf[MNL_SOCKET_BUFFER_SIZE];
- int ret;
-
- b = mnl_nlmsg_batch_start(buf, sizeof(buf));
-
- nft_mnl_batch_put(mnl_nlmsg_batch_current(b), NFNL_MSG_BATCH_BEGIN,
- mnl_seqnum_alloc(seqnum));
- mnl_nlmsg_batch_next(b);
-
- nftnl_nlmsg_build_hdr(mnl_nlmsg_batch_current(b), NFT_MSG_NEWSET,
- AF_INET, NLM_F_ACK, mnl_seqnum_alloc(seqnum));
- mnl_nlmsg_batch_next(b);
-
- nft_mnl_batch_put(mnl_nlmsg_batch_current(b), NFNL_MSG_BATCH_END,
- mnl_seqnum_alloc(seqnum));
- mnl_nlmsg_batch_next(b);
-
- ret = mnl_socket_sendto(nf_sock, mnl_nlmsg_batch_head(b),
- mnl_nlmsg_batch_size(b));
- if (ret < 0)
- goto err;
-
- mnl_nlmsg_batch_stop(b);
-
- ret = mnl_socket_recvfrom(nf_sock, buf, sizeof(buf));
- while (ret > 0) {
- ret = mnl_cb_run(buf, ret, 0, mnl_socket_get_portid(nf_sock),
- NULL, NULL);
- if (ret <= 0)
- break;
-
- ret = mnl_socket_recvfrom(nf_sock, buf, sizeof(buf));
- }
-
- /* We're sending an incomplete message to see if the kernel supports
- * set messages in batches. EINVAL means that we sent an incomplete
- * message with missing attributes. The kernel just ignores messages
- * that we cannot include in the batch.
- */
- return (ret == -1 && errno == EINVAL) ? true : false;
-err:
- mnl_nlmsg_batch_stop(b);
- return ret;
-}
diff --git a/src/netlink.c b/src/netlink.c
index 46603976..2422ea11 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -1749,9 +1749,6 @@ int netlink_flush_ruleset(struct netlink_ctx *ctx, const struct handle *h,
struct nftnl_table *nlt;
int err;
- if (!ctx->batch_supported)
- return netlink_io_error(ctx, loc, "Operation not supported");
-
nlt = alloc_nftnl_table(h);
err = mnl_nft_table_batch_del(nlt, ctx->batch, 0, ctx->seqnum);
nftnl_table_free(nlt);
@@ -2344,8 +2341,3 @@ int netlink_markup_parse_cb(const struct nftnl_parse_ctx *ctx)
return 0;
}
-
-bool netlink_batch_supported(struct mnl_socket *nf_sock, uint32_t *seqnum)
-{
- return mnl_batch_supported(nf_sock, seqnum);
-}