nft: cache: Simplify chain list allocation

Allocate chain lists right after fetching table cache, regardless of
whether partial cache is fetched or not. Chain list pointers reside in
struct nft_cache's table array and hence are present irrespective of
actual tables in kernel. Given the small number of tables, there wasn't
much overhead avoided by the conditional in fetch_chain_cache().

Signed-off-by: Phil Sutter <phil@nwl.cc>

diff --git a/iptables/nft-cache.c b/iptables/nft-cache.c
index e1b1e89c9e0d3138e685d749d7eb7847c5eb79d0..0429fb32f2ed014c0b760ab51460acf64cb04e74 100644 (file)
--- a/iptables/nft-cache.c
+++ b/iptables/nft-cache.c
@@ -107,6 +107,23 @@ static int fetch_table_cache(struct nft_handle *h)
        return 1;
 }
 
+static int init_chain_cache(struct nft_handle *h)
+{
+       int i;
+
+       for (i = 0; i < NFT_TABLE_MAX; i++) {
+               enum nft_table_type type = h->tables[i].type;
+
+               if (!h->tables[i].name)
+                       continue;
+
+               h->cache->table[type].chains = nftnl_chain_list_alloc();
+               if (!h->cache->table[type].chains)
+                       return -1;
+       }
+       return 0;
+}
+
 struct nftnl_chain_list_cb_data {
        struct nft_handle *h;
        const struct builtin_table *t;
@@ -316,26 +333,6 @@ static int fetch_chain_cache(struct nft_handle *h,
        struct nlmsghdr *nlh;
        int i, ret;
 
-       if (!t) {
-               for (i = 0; i < NFT_TABLE_MAX; i++) {
-                       enum nft_table_type type = h->tables[i].type;
-
-                       if (!h->tables[i].name)
-                               continue;
-
-                       if (h->cache->table[type].chains)
-                               continue;
-
-                       h->cache->table[type].chains = nftnl_chain_list_alloc();
-                       if (!h->cache->table[type].chains)
-                               return -1;
-               }
-       } else if (!h->cache->table[t->type].chains) {
-               h->cache->table[t->type].chains = nftnl_chain_list_alloc();
-               if (!h->cache->table[t->type].chains)
-                       return -1;
-       }
-
        if (t && chain) {
                struct nftnl_chain *c = nftnl_chain_alloc();
 
@@ -465,6 +462,7 @@ retry:
        switch (h->cache_level) {
        case NFT_CL_NONE:
                fetch_table_cache(h);
+               init_chain_cache(h);
                if (level == NFT_CL_TABLES)
                        break;
                /* fall through */
@@ -521,14 +519,8 @@ void nft_fake_cache(struct nft_handle *h)
        int i;
 
        fetch_table_cache(h);
-       for (i = 0; i < NFT_TABLE_MAX; i++) {
-               enum nft_table_type type = h->tables[i].type;
+       init_chain_cache(h);
 
-               if (!h->tables[i].name)
-                       continue;
-
-               h->cache->table[type].chains = nftnl_chain_list_alloc();
-       }
        h->cache_level = NFT_CL_FAKE;
        mnl_genid_get(h, &h->nft_genid);
 }