From: Pablo Neira Ayuso Date: Mon, 14 Mar 2016 18:40:29 +0000 (+0100) Subject: evaluate: use table_lookup_global() from expr_evaluate_symbol() X-Git-Tag: v0.6~87 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cb98800c49eb3e79674778f87694bd5f5d00dd4d;p=thirdparty%2Fnftables.git evaluate: use table_lookup_global() from expr_evaluate_symbol() If there's already a table 'test' defined in the kernel and you load another table 'test' via `nft -f', table_lookup() returns the table that already exists in the kernel, so if you look up for objects that are defined in the file, nft bails out with 'Set does not exist'. Use table_lookup_global() function returns the existing table that is defined in the file and that it is set as context via ctx->handle->table. This is not a complete fix, we should splice the existing kernel objects into the userspace declaration. We just need some way to identify what objects are already in the kernel so we don't send them again (otherwise we will hit EEXIST errors). I'll follow up with this full fix asap. Anyway, this patch fixes this shell test: I: [OK] ./testcases/sets/cache_handling_0 So at least by now we have all shell test returning OK. I'll add more tests to catch the case I describe above once it is fixed too. Cc: Arturo Borrero Gonzalez Signed-off-by: Pablo Neira Ayuso --- diff --git a/src/evaluate.c b/src/evaluate.c index be6ae593..473f014d 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -155,6 +155,20 @@ static int byteorder_conversion(struct eval_ctx *ctx, struct expr **expr, return 0; } +static struct table *table_lookup_global(struct eval_ctx *ctx) +{ + struct table *table; + + if (ctx->table != NULL) + return ctx->cmd->table; + + table = table_lookup(&ctx->cmd->handle); + if (table == NULL) + return NULL; + + return table; +} + /* * Symbol expression: parse symbol and evaluate resulting expression. */ @@ -189,7 +203,7 @@ static int expr_evaluate_symbol(struct eval_ctx *ctx, struct expr **expr) if (ret < 0) return ret; - table = table_lookup(&ctx->cmd->handle); + table = table_lookup_global(ctx); if (table == NULL) return cmd_error(ctx, "Could not process rule: Table '%s' does not exist", ctx->cmd->handle.table); @@ -2073,20 +2087,6 @@ int stmt_evaluate(struct eval_ctx *ctx, struct stmt *stmt) } } -static struct table *table_lookup_global(struct eval_ctx *ctx) -{ - struct table *table; - - if (ctx->table != NULL) - return ctx->cmd->table; - - table = table_lookup(&ctx->cmd->handle); - if (table == NULL) - return NULL; - - return table; -} - static int setelem_evaluate(struct eval_ctx *ctx, struct expr **expr) { struct table *table;