From 8fc923734c2a393a377c898b3f4c6db776745838 Mon Sep 17 00:00:00 2001

From: Phil Sutter <phil@nwl.cc>

Date: Thu, 20 Dec 2018 16:09:10 +0100

Subject: [PATCH] nft: Introduce fetch_chain_cache()

Move chain cache population from nft_chain_list_get() into a dedicated

function.

Signed-off-by: Phil Sutter <phil@nwl.cc>

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

(cherry picked from commit 8bae620abf9ac81794acca43d305ca74f15a13ff)

Signed-off-by: Phil Sutter <psutter@redhat.com>

---

 iptables/nft.c | 27 +++++++++++++++++----------

 1 file changed, 17 insertions(+), 10 deletions(-)

diff --git a/iptables/nft.c b/iptables/nft.c

index 469448f42cd6d..b425577798679 100644

--- a/iptables/nft.c

+++ b/iptables/nft.c

@@ -1295,20 +1295,12 @@ err:

 	return MNL_CB_OK;

 }

-struct nftnl_chain_list *nft_chain_list_get(struct nft_handle *h,

-					    const char *table)

+static int fetch_chain_cache(struct nft_handle *h)

 {

 	char buf[16536];

 	struct nlmsghdr *nlh;

-	const struct builtin_table *t;

 	int i, ret;

-	t = nft_table_builtin_find(h, table);

-	if (!t)

-		return NULL;

-

-	if (h->table[t->type].chain_cache)

-		return h->table[t->type].chain_cache;

 retry:

 	for (i = 0; i < NFT_TABLE_MAX; i++) {

 		enum nft_table_type type = h->tables[i].type;

@@ -1318,7 +1310,7 @@ retry:

 		h->table[type].chain_cache = nftnl_chain_list_alloc();

 		if (!h->table[type].chain_cache)

-			return NULL;

+			return -1;

 	}

 	nlh = nftnl_chain_nlmsg_build_hdr(buf, NFT_MSG_GETCHAIN, h->family,

@@ -1331,6 +1323,21 @@ retry:

 		goto retry;

 	}

+	return ret;

+}

+

+struct nftnl_chain_list *nft_chain_list_get(struct nft_handle *h,

+					    const char *table)

+{

+	const struct builtin_table *t;

+

+	t = nft_table_builtin_find(h, table);

+	if (!t)

+		return NULL;

+

+	if (!h->table[t->type].chain_cache)

+		fetch_chain_cache(h);

+

 	return h->table[t->type].chain_cache;

 }

-- 

2.20.1