cache: populate objects on demand from error path

author Pablo Neira Ayuso <pablo@netfilter.org>

Thu, 15 Aug 2024 10:34:13 +0000 (12:34 +0200)

committer Pablo Neira Ayuso <pablo@netfilter.org>

Thu, 23 Jan 2025 00:35:36 +0000 (01:35 +0100)
author Pablo Neira Ayuso <pablo@netfilter.org>
Thu, 15 Aug 2024 10:34:13 +0000 (12:34 +0200)
committer Pablo Neira Ayuso <pablo@netfilter.org>
Thu, 23 Jan 2025 00:35:36 +0000 (01:35 +0100)
diff --git a/src/cache.c b/src/cache.c

index 733d333dedc5774210360e1daa92e4eedf1b27d3..6694a77ec5e05ce0c30a934f0059f6990e6bb95f 100644 (file)
--- a/src/cache.c
+++ b/src/cache.c
@@ -29,7 +29,6 @@ static unsigned int evaluate_cache_add(struct cmd *cmd, unsigned int flags)
  
                 flags |= NFT_CACHE_TABLE |
                          NFT_CACHE_SET |
-                        NFT_CACHE_OBJECT |
                          NFT_CACHE_FLOWTABLE;
                 list_for_each_entry(set, &cmd->table->sets, list) {
                         if (set->automerge)
@@ -52,13 +51,11 @@ static unsigned int evaluate_cache_add(struct cmd *cmd, unsigned int flags)
         case CMD_OBJ_ELEMENTS:
                 flags |= NFT_CACHE_TABLE |
                          NFT_CACHE_SET |
-                        NFT_CACHE_OBJECT |
                          NFT_CACHE_SETELEM_MAYBE;
                 break;
         case CMD_OBJ_RULE:
                 flags |= NFT_CACHE_TABLE |
                          NFT_CACHE_SET |
-                        NFT_CACHE_OBJECT |
                          NFT_CACHE_FLOWTABLE;
  
                 if (cmd->handle.index.id ||
@@ -392,8 +389,7 @@ int nft_cache_evaluate(struct nft_ctx *nft, struct list_head *cmds,
                 case CMD_DELETE:
                         flags |= NFT_CACHE_TABLE |
                                  NFT_CACHE_SET |
-                                NFT_CACHE_FLOWTABLE |
-                                NFT_CACHE_OBJECT;
+                                NFT_CACHE_FLOWTABLE;
  
                         flags = evaluate_cache_del(cmd, flags);
                         break;
diff --git a/src/cmd.c b/src/cmd.c

index f315780f3d98208da25de34eca075b9259c37e4e..22c9dbf7f5d8e942bb09a256484275f74555b1dd 100644 (file)
--- a/src/cmd.c
+++ b/src/cmd.c
@@ -149,6 +149,10 @@ static int nft_cmd_enoent_obj(struct netlink_ctx *ctx, const struct cmd *cmd,
         if (!cmd->handle.obj.name)
                 return 0;
  
+       if (nft_cache_update(ctx->nft, NFT_CACHE_TABLE | NFT_CACHE_OBJECT,
+                            ctx->msgs, NULL) < 0)
+               return 0;
+
         obj = obj_lookup_fuzzy(cmd->handle.obj.name, &ctx->nft->cache, &table);
         /* check table first. */
         if (!table)
author	Pablo Neira Ayuso <pablo@netfilter.org>
	Thu, 15 Aug 2024 10:34:13 +0000 (12:34 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Thu, 23 Jan 2025 00:35:36 +0000 (01:35 +0100)
src/cache.c		patch \| blob \| blame \| history
src/cmd.c		patch \| blob \| blame \| history