mnl: remove alloc_nftnl_rule()

We can remove alloc_nftnl_rule() and consolidate infrastructure in the src/mnl.c file. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2018-10-10 13:30:12 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2018-10-10 13:58:09 +0200
commit: f354d6d24809f2ef520f6566b8f0e7095e76995d (patch)
tree: a65a4e52a5a8f3b9879763ab1c5c6d30bbca0069 /src
parent: 1494cc26fe524f25d3984b20938b51ce681cb44d (diff)
3 files changed, 79 insertions, 95 deletions
diff --git a/src/mnl.c b/src/mnl.c
index 337e0658..07316395 100644
--- a/src/mnl.c
+++ b/src/mnl.c
@@ -287,47 +287,103 @@ int mnl_batch_talk(struct netlink_ctx *ctx, struct list_head *err_list)
 	return err;
 }
 
-int mnl_nft_rule_batch_add(struct nftnl_rule *nlr, struct nftnl_batch *batch,
-			   unsigned int flags, uint32_t seqnum)
+int mnl_nft_rule_add(struct netlink_ctx *ctx, const struct cmd *cmd,
+		     unsigned int flags)
 {
+	struct rule *rule = cmd->rule;
+	struct handle *h = &rule->handle;
+	struct nftnl_rule *nlr;
 	struct nlmsghdr *nlh;
 
-	nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(batch),
+	nlr = nftnl_rule_alloc();
+	if (!nlr)
+		memory_allocation_error();
+
+	nftnl_rule_set_u32(nlr, NFTNL_RULE_FAMILY, h->family);
+	nftnl_rule_set_str(nlr, NFTNL_RULE_TABLE, h->table.name);
+	nftnl_rule_set_str(nlr, NFTNL_RULE_CHAIN, h->chain.name);
+	if (h->position.id)
+		nftnl_rule_set_u64(nlr, NFTNL_RULE_POSITION, h->position.id);
+
+	netlink_linearize_rule(ctx, nlr, rule);
+	nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(ctx->batch),
 				    NFT_MSG_NEWRULE,
-				    nftnl_rule_get_u32(nlr, NFTNL_RULE_FAMILY),
-				    NLM_F_CREATE | flags, seqnum);
+				    cmd->handle.family,
+				    NLM_F_CREATE | flags, ctx->seqnum);
 	nftnl_rule_nlmsg_build_payload(nlh, nlr);
-	mnl_nft_batch_continue(batch);
+	nftnl_rule_free(nlr);
+
+	mnl_nft_batch_continue(ctx->batch);
 
 	return 0;
 }
 
-int mnl_nft_rule_batch_replace(struct nftnl_rule *nlr, struct nftnl_batch *batch,
-			       unsigned int flags, uint32_t seqnum)
+int mnl_nft_rule_replace(struct netlink_ctx *ctx, const struct cmd *cmd)
 {
+	struct rule *rule = cmd->rule;
+	struct handle *h = &rule->handle;
+	unsigned int flags = 0;
+	struct nftnl_rule *nlr;
 	struct nlmsghdr *nlh;
+	int err;
 
-	nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(batch),
+	if (ctx->octx->echo) {
+		err = cache_update(ctx->nf_sock, ctx->cache,
+				   CMD_INVALID, ctx->msgs,
+				   ctx->debug_mask, ctx->octx);
+		if (err < 0)
+			return err;
+
+		flags |= NLM_F_ECHO;
+	}
+
+	nlr = nftnl_rule_alloc();
+	if (!nlr)
+		memory_allocation_error();
+
+	nftnl_rule_set_u32(nlr, NFTNL_RULE_FAMILY, h->family);
+	nftnl_rule_set_str(nlr, NFTNL_RULE_TABLE, h->table.name);
+	nftnl_rule_set_str(nlr, NFTNL_RULE_CHAIN, h->chain.name);
+	nftnl_rule_set_u64(nlr, NFTNL_RULE_HANDLE, h->handle.id);
+
+	netlink_linearize_rule(ctx, nlr, rule);
+	nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(ctx->batch),
 				    NFT_MSG_NEWRULE,
-				    nftnl_rule_get_u32(nlr, NFTNL_RULE_FAMILY),
-				    NLM_F_REPLACE | flags, seqnum);
+				    cmd->handle.family,
+				    NLM_F_REPLACE | flags, ctx->seqnum);
 	nftnl_rule_nlmsg_build_payload(nlh, nlr);
-	mnl_nft_batch_continue(batch);
+	nftnl_rule_free(nlr);
+
+	mnl_nft_batch_continue(ctx->batch);
 
 	return 0;
 }
 
-int mnl_nft_rule_batch_del(struct nftnl_rule *nlr, struct nftnl_batch *batch,
-			   unsigned int flags, uint32_t seqnum)
+int mnl_nft_rule_del(struct netlink_ctx *ctx, const struct cmd *cmd)
 {
+	const struct handle *h = &cmd->handle;
+	struct nftnl_rule *nlr;
 	struct nlmsghdr *nlh;
 
-	nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(batch),
+	nlr = nftnl_rule_alloc();
+	if (!nlr)
+		memory_allocation_error();
+
+	nftnl_rule_set_u32(nlr, NFTNL_RULE_FAMILY, h->family);
+	nftnl_rule_set_str(nlr, NFTNL_RULE_TABLE, h->table.name);
+	if (h->chain.name)
+		nftnl_rule_set_str(nlr, NFTNL_RULE_CHAIN, h->chain.name);
+	if (h->handle.id)
+		nftnl_rule_set_u64(nlr, NFTNL_RULE_HANDLE, h->handle.id);
+
+	nlh = nftnl_nlmsg_build_hdr(nftnl_batch_buffer(ctx->batch),
 				    NFT_MSG_DELRULE,
 				    nftnl_rule_get_u32(nlr, NFTNL_RULE_FAMILY),
-				    0, seqnum);
+				    0, ctx->seqnum);
 	nftnl_rule_nlmsg_build_payload(nlh, nlr);
-	mnl_nft_batch_continue(batch);
+	nftnl_rule_free(nlr);
+
+	mnl_nft_batch_continue(ctx->batch);
 
 	return 0;
 }
diff --git a/src/netlink.c b/src/netlink.c
index d7b8da6b..5e205aa1 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -111,26 +111,6 @@ void __noreturn __netlink_init_error(const char *filename, int line,
 	exit(NFT_EXIT_NONL);
 }
 
-struct nftnl_rule *alloc_nftnl_rule(const struct handle *h)
-{
-	struct nftnl_rule *nlr;
-
-	nlr = nftnl_rule_alloc();
-	if (nlr == NULL)
-		memory_allocation_error();
-
-	nftnl_rule_set_u32(nlr, NFTNL_RULE_FAMILY, h->family);
-	nftnl_rule_set_str(nlr, NFTNL_RULE_TABLE, h->table.name);
-	if (h->chain.name != NULL)
-		nftnl_rule_set_str(nlr, NFTNL_RULE_CHAIN, h->chain.name);
-	if (h->handle.id)
-		nftnl_rule_set_u64(nlr, NFTNL_RULE_HANDLE, h->handle.id);
-	if (h->position.id)
-		nftnl_rule_set_u64(nlr, NFTNL_RULE_POSITION, h->position.id);
-
-	return nlr;
-}
-
 struct nftnl_expr *alloc_nft_expr(const char *name)
 {
 	struct nftnl_expr *nle;
@@ -421,58 +401,6 @@ struct expr *netlink_alloc_data(const struct location *loc,
 	}
 }
 
-int netlink_add_rule_batch(struct netlink_ctx *ctx, const struct cmd *cmd,
-		           uint32_t flags)
-{
-	struct rule *rule = cmd->rule;
-	struct nftnl_rule *nlr;
-	int err;
-
-	nlr = alloc_nftnl_rule(&rule->handle);
-	netlink_linearize_rule(ctx, nlr, rule);
-	err = mnl_nft_rule_batch_add(nlr, ctx->batch, flags | NLM_F_EXCL,
-				     ctx->seqnum);
-	nftnl_rule_free(nlr);
-
-	return err;
-}
-
-int netlink_replace_rule_batch(struct netlink_ctx *ctx, const struct cmd *cmd)
-{
-	struct rule *rule = cmd->rule;
-	struct nftnl_rule *nlr;
-	int err, flags = 0;
-
-	if (ctx->octx->echo) {
-		err = cache_update(ctx->nf_sock, ctx->cache,
-				   CMD_INVALID, ctx->msgs,
-				   ctx->debug_mask, ctx->octx);
-		if (err < 0)
-			return err;
-
-		flags |= NLM_F_ECHO;
-	}
-
-	nlr = alloc_nftnl_rule(&rule->handle);
-	netlink_linearize_rule(ctx, nlr, rule);
-	err = mnl_nft_rule_batch_replace(nlr, ctx->batch, flags, ctx->seqnum);
-	nftnl_rule_free(nlr);
-
-	return err;
-}
-
-int netlink_del_rule_batch(struct netlink_ctx *ctx, const struct cmd *cmd)
-{
-	struct nftnl_rule *nlr;
-	int err;
-
-	nlr = alloc_nftnl_rule(&cmd->handle);
-	err = mnl_nft_rule_batch_del(nlr, ctx->batch, 0, ctx->seqnum);
-	nftnl_rule_free(nlr);
-
-	return err;
-}
-
 void netlink_dump_rule(const struct nftnl_rule *nlr, struct netlink_ctx *ctx)
 {
 	FILE *fp = ctx->octx->output_fp;
@@ -538,7 +466,7 @@ static int netlink_list_rules(struct netlink_ctx *ctx, const struct handle *h)
 
 static int netlink_flush_rules(struct netlink_ctx *ctx, const struct cmd *cmd)
 {
-	return netlink_del_rule_batch(ctx, cmd);
+	return mnl_nft_rule_del(ctx, cmd);
 }
 
 void netlink_dump_chain(const struct nftnl_chain *nlc, struct netlink_ctx *ctx)
@@ -634,7 +562,7 @@ int netlink_list_chains(struct netlink_ctx *ctx, const struct handle *h)
 
 int netlink_flush_chain(struct netlink_ctx *ctx, const struct cmd *cmd)
 {
-	return netlink_del_rule_batch(ctx, cmd);
+	return mnl_nft_rule_del(ctx, cmd);
 }
 
 struct table *netlink_delinearize_table(struct netlink_ctx *ctx,
diff --git a/src/rule.c b/src/rule.c
index b00a17d6..b5014788 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -1414,7 +1414,7 @@ static int do_command_add(struct netlink_ctx *ctx, struct cmd *cmd, bool excl)
 	case CMD_OBJ_CHAIN:
 		return mnl_nft_chain_add(ctx, cmd, flags);
 	case CMD_OBJ_RULE:
-		return netlink_add_rule_batch(ctx, cmd, flags | NLM_F_APPEND);
+		return mnl_nft_rule_add(ctx, cmd, flags | NLM_F_APPEND);
 	case CMD_OBJ_SET:
 		return do_add_set(ctx, cmd, flags);
 	case CMD_OBJ_SETELEM:
@@ -1437,7 +1437,7 @@ static int do_command_replace(struct netlink_ctx *ctx, struct cmd *cmd)
 {
 	switch (cmd->obj) {
 	case CMD_OBJ_RULE:
-		return netlink_replace_rule_batch(ctx, cmd);
+		return mnl_nft_rule_replace(ctx, cmd);
 	default:
 		BUG("invalid command object type %u\n", cmd->obj);
 	}
@@ -1461,7 +1461,7 @@ static int do_command_insert(struct netlink_ctx *ctx, struct cmd *cmd)
 
 	switch (cmd->obj) {
 	case CMD_OBJ_RULE:
-		return netlink_add_rule_batch(ctx, cmd, flags);
+		return mnl_nft_rule_add(ctx, cmd, flags);
 	default:
 		BUG("invalid command object type %u\n", cmd->obj);
 	}
@@ -1497,7 +1497,7 @@ static int do_command_delete(struct netlink_ctx *ctx, struct cmd *cmd)
 	case CMD_OBJ_CHAIN:
 		return mnl_nft_chain_del(ctx, cmd);
 	case CMD_OBJ_RULE:
-		return netlink_del_rule_batch(ctx, cmd);
+		return mnl_nft_rule_del(ctx, cmd);
 	case CMD_OBJ_SET:
 		return netlink_delete_set_batch(ctx, cmd);
 	case CMD_OBJ_SETELEM:
author	Pablo Neira Ayuso <pablo@netfilter.org>	2018-10-10 13:30:12 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2018-10-10 13:58:09 +0200
commit	f354d6d24809f2ef520f6566b8f0e7095e76995d (patch)
tree	a65a4e52a5a8f3b9879763ab1c5c6d30bbca0069 /src
parent	1494cc26fe524f25d3984b20938b51ce681cb44d (diff)