cache: skip set element netlink dump for add/delete element command

author Pablo Neira Ayuso <pablo@netfilter.org>

Tue, 24 Aug 2021 09:52:36 +0000 (11:52 +0200)

committer Pablo Neira Ayuso <pablo@netfilter.org>

Thu, 26 Aug 2021 08:35:23 +0000 (10:35 +0200)
author Pablo Neira Ayuso <pablo@netfilter.org>
Tue, 24 Aug 2021 09:52:36 +0000 (11:52 +0200)
committer Pablo Neira Ayuso <pablo@netfilter.org>
Thu, 26 Aug 2021 08:35:23 +0000 (10:35 +0200)
diff --git a/include/cache.h b/include/cache.h

index ad9078432c73981b2103f15d1dff7fe59836b343..70aaf735f7d9b0910a633f42e1324dbd193ef804 100644 (file)
--- a/include/cache.h
+++ b/include/cache.h
@@ -32,6 +32,7 @@ enum cache_level_flags {
                                   NFT_CACHE_CHAIN_BIT |
                                   NFT_CACHE_RULE_BIT,
         NFT_CACHE_FULL          = __NFT_CACHE_MAX_BIT - 1,
+       NFT_CACHE_SETELEM_MAYBE = (1 << 28),
         NFT_CACHE_REFRESH       = (1 << 29),
         NFT_CACHE_UPDATE        = (1 << 30),
         NFT_CACHE_FLUSHED       = (1 << 31),
diff --git a/src/cache.c b/src/cache.c

index ff63e59eaafc84c3246907257e66791fbe6b1761..8300ce8e707a2cc3476f894cb9457150838a6a1e 100644 (file)
--- a/src/cache.c
+++ b/src/cache.c
@@ -38,7 +38,7 @@ static unsigned int evaluate_cache_add(struct cmd *cmd, unsigned int flags)
                          NFT_CACHE_CHAIN |
                          NFT_CACHE_SET |
                          NFT_CACHE_OBJECT |
-                        NFT_CACHE_SETELEM;
+                        NFT_CACHE_SETELEM_MAYBE;
                 break;
         case CMD_OBJ_RULE:
                 flags |= NFT_CACHE_TABLE |
@@ -62,7 +62,7 @@ static unsigned int evaluate_cache_del(struct cmd *cmd, unsigned int flags)
  {
         switch (cmd->obj) {
         case CMD_OBJ_ELEMENTS:
-               flags |= NFT_CACHE_SETELEM;
+               flags |= NFT_CACHE_SETELEM_MAYBE;
                 break;
         default:
                 break;
@@ -600,6 +600,18 @@ static int cache_init_objects(struct netlink_ctx *ctx, unsigned int flags)
                 }
                 if (flags & NFT_CACHE_SETELEM_BIT) {
                         list_for_each_entry(set, &table->set_cache.list, cache.list) {
+                               ret = netlink_list_setelems(ctx, &set->handle,
+                                                           set);
+                               if (ret < 0) {
+                                       ret = -1;
+                                       goto cache_fails;
+                               }
+                       }
+               } else if (flags & NFT_CACHE_SETELEM_MAYBE) {
+                       list_for_each_entry(set, &table->set_cache.list, cache.list) {
+                               if (!set_is_non_concat_range(set))
+                                       continue;
+
                                 ret = netlink_list_setelems(ctx, &set->handle,
                                                             set);
                                 if (ret < 0) {
author	Pablo Neira Ayuso <pablo@netfilter.org>
	Tue, 24 Aug 2021 09:52:36 +0000 (11:52 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Thu, 26 Aug 2021 08:35:23 +0000 (10:35 +0200)
include/cache.h		patch \| blob \| blame \| history
src/cache.c		patch \| blob \| blame \| history