nft: cache: Introduce nft_cache_add_chain()

This is a convenience function for adding a chain to cache, for now just
a simple wrapper around nftnl_chain_list_add_tail().

Signed-off-by: Phil Sutter <phil@nwl.cc>

diff --git a/iptables/nft-cache.c b/iptables/nft-cache.c
index 32cfd6cf0989a458b6c9fe19f1223cfa5162e4e1..afa655d73bc6354c924d743b22af9bc1d0c5877c 100644 (file)
--- a/iptables/nft-cache.c
+++ b/iptables/nft-cache.c
@@ -165,6 +165,13 @@ static int fetch_table_cache(struct nft_handle *h)
        return 1;
 }
 
+int nft_cache_add_chain(struct nft_handle *h, const struct builtin_table *t,
+                       struct nftnl_chain *c)
+{
+       nftnl_chain_list_add_tail(c, h->cache->table[t->type].chains);
+       return 0;
+}
+
 struct nftnl_chain_list_cb_data {
        struct nft_handle *h;
        const struct builtin_table *t;
@@ -174,7 +181,6 @@ static int nftnl_chain_list_cb(const struct nlmsghdr *nlh, void *data)
 {
        struct nftnl_chain_list_cb_data *d = data;
        const struct builtin_table *t = d->t;
-       struct nftnl_chain_list *list;
        struct nft_handle *h = d->h;
        struct nftnl_chain *c;
        const char *tname;
@@ -196,8 +202,8 @@ static int nftnl_chain_list_cb(const struct nlmsghdr *nlh, void *data)
                goto out;
        }
 
-       list = h->cache->table[t->type].chains;
-       nftnl_chain_list_add_tail(c, list);
+       if (nft_cache_add_chain(h, t, c))
+               goto out;
 
        return MNL_CB_OK;
 out:

diff --git a/iptables/nft-cache.h b/iptables/nft-cache.h
index 76f9fbb6c8cccdc3e9f23533461b3e3df8334bb5..d97f8de255f02848f18ff0cb4a4403261ec0b1e9 100644 (file)
--- a/iptables/nft-cache.h
+++ b/iptables/nft-cache.h
@@ -3,6 +3,7 @@
 
 struct nft_handle;
 struct nft_cmd;
+struct builtin_table;
 
 void nft_cache_level_set(struct nft_handle *h, int level,
                         const struct nft_cmd *cmd);
@@ -12,6 +13,8 @@ void flush_chain_cache(struct nft_handle *h, const char *tablename);
 int flush_rule_cache(struct nft_handle *h, const char *table,
                     struct nftnl_chain *c);
 void nft_cache_build(struct nft_handle *h);
+int nft_cache_add_chain(struct nft_handle *h, const struct builtin_table *t,
+                       struct nftnl_chain *c);
 
 struct nftnl_chain_list *
 nft_chain_list_get(struct nft_handle *h, const char *table, const char *chain);

diff --git a/iptables/nft.c b/iptables/nft.c
index 24e49db4ab919f87082d802f6cd056ebe18a15a6..d1f6d417785b64c5dcd63fe7c855d69f732a84aa 100644 (file)
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -697,7 +697,7 @@ static void nft_chain_builtin_add(struct nft_handle *h,
                return;
 
        batch_chain_add(h, NFT_COMPAT_CHAIN_ADD, c);
-       nftnl_chain_list_add_tail(c, h->cache->table[table->type].chains);
+       nft_cache_add_chain(h, table, c);
 }
 
 /* find if built-in table already exists */
@@ -1712,7 +1712,7 @@ err:
 
 int nft_chain_user_add(struct nft_handle *h, const char *chain, const char *table)
 {
-       struct nftnl_chain_list *list;
+       const struct builtin_table *t;
        struct nftnl_chain *c;
 
        nft_fn = nft_chain_user_add;
@@ -1736,9 +1736,8 @@ int nft_chain_user_add(struct nft_handle *h, const char *chain, const char *tabl
        if (!batch_chain_add(h, NFT_COMPAT_CHAIN_USER_ADD, c))
                return 0;
 
-       list = nft_chain_list_get(h, table, chain);
-       if (list)
-               nftnl_chain_list_add(c, list);
+       t = nft_table_builtin_find(h, table);
+       nft_cache_add_chain(h, t, c);
 
        /* the core expects 1 for success and 0 for error */
        return 1;
@@ -1746,7 +1745,7 @@ int nft_chain_user_add(struct nft_handle *h, const char *chain, const char *tabl
 
 int nft_chain_restore(struct nft_handle *h, const char *chain, const char *table)
 {
-       struct nftnl_chain_list *list;
+       const struct builtin_table *t;
        struct obj_update *obj;
        struct nftnl_chain *c;
        bool created = false;
@@ -1763,9 +1762,8 @@ int nft_chain_restore(struct nft_handle *h, const char *chain, const char *table
                nftnl_chain_set_str(c, NFTNL_CHAIN_NAME, chain);
                created = true;
 
-               list = nft_chain_list_get(h, table, chain);
-               if (list)
-                       nftnl_chain_list_add(c, list);
+               t = nft_table_builtin_find(h, table);
+               nft_cache_add_chain(h, t, c);
        } else {
                /* If the chain should vanish meanwhile, kernel genid changes
                 * and the transaction is refreshed enabling the chain add