* [iptables PATCH 1/2] nft: Pass nft_handle down to mnl_batch_talk()
@ 2019-07-03 7:36 Phil Sutter
2019-07-03 7:36 ` [iptables PATCH 2/2] nft: Move send/receive buffer sizes into nft_handle Phil Sutter
2019-07-03 11:22 ` [iptables PATCH 1/2] nft: Pass nft_handle down to mnl_batch_talk() Pablo Neira Ayuso
0 siblings, 2 replies; 4+ messages in thread
From: Phil Sutter @ 2019-07-03 7:36 UTC (permalink / raw)
To: Pablo Neira Ayuso; +Cc: netfilter-devel
From there, pass it along to mnl_nft_socket_sendmsg() and further down
to mnl_set_{snd,rcv}buffer(). This prepares the code path for keeping
stored socket buffer sizes in struct nft_handle.
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
iptables/nft.c | 41 ++++++++++++++++++-----------------------
1 file changed, 18 insertions(+), 23 deletions(-)
diff --git a/iptables/nft.c b/iptables/nft.c
index 3aa2c6c6b9166..4a5280916e3b1 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -188,18 +188,15 @@ static void mnl_err_list_free(struct mnl_err *err)
static int nlbuffsiz;
-static void mnl_set_sndbuffer(const struct mnl_socket *nl,
- struct nftnl_batch *batch)
+static void mnl_set_sndbuffer(struct nft_handle *h)
{
- int newbuffsiz;
+ int newbuffsiz = nftnl_batch_iovec_len(h->batch) * BATCH_PAGE_SIZE;
- if (nftnl_batch_iovec_len(batch) * BATCH_PAGE_SIZE <= nlbuffsiz)
+ if (newbuffsiz <= nlbuffsiz)
return;
- newbuffsiz = nftnl_batch_iovec_len(batch) * BATCH_PAGE_SIZE;
-
/* Rise sender buffer length to avoid hitting -EMSGSIZE */
- if (setsockopt(mnl_socket_get_fd(nl), SOL_SOCKET, SO_SNDBUFFORCE,
+ if (setsockopt(mnl_socket_get_fd(h->nl), SOL_SOCKET, SO_SNDBUFFORCE,
&newbuffsiz, sizeof(socklen_t)) < 0)
return;
@@ -208,27 +205,26 @@ static void mnl_set_sndbuffer(const struct mnl_socket *nl,
static int nlrcvbuffsiz;
-static void mnl_set_rcvbuffer(const struct mnl_socket *nl, int numcmds)
+static void mnl_set_rcvbuffer(struct nft_handle *h, int numcmds)
{
int newbuffsiz = getpagesize() * numcmds;
if (newbuffsiz <= nlrcvbuffsiz)
return;
- if (setsockopt(mnl_socket_get_fd(nl), SOL_SOCKET, SO_RCVBUFFORCE,
+ if (setsockopt(mnl_socket_get_fd(h->nl), SOL_SOCKET, SO_RCVBUFFORCE,
&newbuffsiz, sizeof(socklen_t)) < 0)
return;
nlrcvbuffsiz = newbuffsiz;
}
-static ssize_t mnl_nft_socket_sendmsg(const struct mnl_socket *nf_sock,
- struct nftnl_batch *batch, int numcmds)
+static ssize_t mnl_nft_socket_sendmsg(struct nft_handle *h, int numcmds)
{
static const struct sockaddr_nl snl = {
.nl_family = AF_NETLINK
};
- uint32_t iov_len = nftnl_batch_iovec_len(batch);
+ uint32_t iov_len = nftnl_batch_iovec_len(h->batch);
struct iovec iov[iov_len];
struct msghdr msg = {
.msg_name = (struct sockaddr *) &snl,
@@ -237,18 +233,16 @@ static ssize_t mnl_nft_socket_sendmsg(const struct mnl_socket *nf_sock,
.msg_iovlen = iov_len,
};
- mnl_set_sndbuffer(nf_sock, batch);
- mnl_set_rcvbuffer(nf_sock, numcmds);
- nftnl_batch_iovec(batch, iov, iov_len);
+ mnl_set_sndbuffer(h);
+ mnl_set_rcvbuffer(h, numcmds);
+ nftnl_batch_iovec(h->batch, iov, iov_len);
- return sendmsg(mnl_socket_get_fd(nf_sock), &msg, 0);
+ return sendmsg(mnl_socket_get_fd(h->nl), &msg, 0);
}
-static int mnl_batch_talk(const struct mnl_socket *nf_sock,
- struct nftnl_batch *batch, int numcmds,
- struct list_head *err_list)
+static int mnl_batch_talk(struct nft_handle *h, int numcmds)
{
- const struct mnl_socket *nl = nf_sock;
+ const struct mnl_socket *nl = h->nl;
int ret, fd = mnl_socket_get_fd(nl), portid = mnl_socket_get_portid(nl);
char rcv_buf[MNL_SOCKET_BUFFER_SIZE];
fd_set readfds;
@@ -258,7 +252,7 @@ static int mnl_batch_talk(const struct mnl_socket *nf_sock,
};
int err = 0;
- ret = mnl_nft_socket_sendmsg(nf_sock, batch, numcmds);
+ ret = mnl_nft_socket_sendmsg(h, numcmds);
if (ret == -1)
return -1;
@@ -280,7 +274,8 @@ static int mnl_batch_talk(const struct mnl_socket *nf_sock,
ret = mnl_cb_run(rcv_buf, ret, 0, portid, NULL, NULL);
/* Continue on error, make sure we get all acknowledgments */
if (ret == -1) {
- mnl_err_list_node_add(err_list, errno, nlh->nlmsg_seq);
+ mnl_err_list_node_add(&h->err_list, errno,
+ nlh->nlmsg_seq);
err = -1;
}
@@ -2936,7 +2931,7 @@ retry:
}
errno = 0;
- ret = mnl_batch_talk(h->nl, h->batch, seq, &h->err_list);
+ ret = mnl_batch_talk(h, seq);
if (ret && errno == ERESTART) {
nft_rebuild_cache(h);
--
2.21.0
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [iptables PATCH 2/2] nft: Move send/receive buffer sizes into nft_handle
2019-07-03 7:36 [iptables PATCH 1/2] nft: Pass nft_handle down to mnl_batch_talk() Phil Sutter
@ 2019-07-03 7:36 ` Phil Sutter
2019-07-03 11:22 ` Pablo Neira Ayuso
2019-07-03 11:22 ` [iptables PATCH 1/2] nft: Pass nft_handle down to mnl_batch_talk() Pablo Neira Ayuso
1 sibling, 1 reply; 4+ messages in thread
From: Phil Sutter @ 2019-07-03 7:36 UTC (permalink / raw)
To: Pablo Neira Ayuso; +Cc: netfilter-devel
Store them next to the mnl_socket pointer. While being at it, add a
comment to mnl_set_rcvbuffer() explaining why the buffer size is
changed.
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
iptables/nft.c | 17 +++++++----------
iptables/nft.h | 2 ++
2 files changed, 9 insertions(+), 10 deletions(-)
diff --git a/iptables/nft.c b/iptables/nft.c
index 4a5280916e3b1..e927d1db2b426 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -186,13 +186,11 @@ static void mnl_err_list_free(struct mnl_err *err)
free(err);
}
-static int nlbuffsiz;
-
static void mnl_set_sndbuffer(struct nft_handle *h)
{
int newbuffsiz = nftnl_batch_iovec_len(h->batch) * BATCH_PAGE_SIZE;
- if (newbuffsiz <= nlbuffsiz)
+ if (newbuffsiz <= h->nlsndbuffsiz)
return;
/* Rise sender buffer length to avoid hitting -EMSGSIZE */
@@ -200,23 +198,22 @@ static void mnl_set_sndbuffer(struct nft_handle *h)
&newbuffsiz, sizeof(socklen_t)) < 0)
return;
- nlbuffsiz = newbuffsiz;
+ h->nlsndbuffsiz = newbuffsiz;
}
-static int nlrcvbuffsiz;
-
static void mnl_set_rcvbuffer(struct nft_handle *h, int numcmds)
{
int newbuffsiz = getpagesize() * numcmds;
- if (newbuffsiz <= nlrcvbuffsiz)
+ if (newbuffsiz <= h->nlrcvbuffsiz)
return;
+ /* Rise receiver buffer length to avoid hitting -ENOBUFS */
if (setsockopt(mnl_socket_get_fd(h->nl), SOL_SOCKET, SO_RCVBUFFORCE,
&newbuffsiz, sizeof(socklen_t)) < 0)
return;
- nlrcvbuffsiz = newbuffsiz;
+ h->nlrcvbuffsiz = newbuffsiz;
}
static ssize_t mnl_nft_socket_sendmsg(struct nft_handle *h, int numcmds)
@@ -807,8 +804,8 @@ static int nft_restart(struct nft_handle *h)
return -1;
h->portid = mnl_socket_get_portid(h->nl);
- nlbuffsiz = 0;
- nlrcvbuffsiz = 0;
+ h->nlsndbuffsiz = 0;
+ h->nlrcvbuffsiz = 0;
return 0;
}
diff --git a/iptables/nft.h b/iptables/nft.h
index 43eb8a39dd9c1..dc1161840a38c 100644
--- a/iptables/nft.h
+++ b/iptables/nft.h
@@ -38,6 +38,8 @@ struct nft_cache {
struct nft_handle {
int family;
struct mnl_socket *nl;
+ int nlsndbuffsiz;
+ int nlrcvbuffsiz;
uint32_t portid;
uint32_t seq;
uint32_t nft_genid;
--
2.21.0
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [iptables PATCH 1/2] nft: Pass nft_handle down to mnl_batch_talk()
2019-07-03 7:36 [iptables PATCH 1/2] nft: Pass nft_handle down to mnl_batch_talk() Phil Sutter
2019-07-03 7:36 ` [iptables PATCH 2/2] nft: Move send/receive buffer sizes into nft_handle Phil Sutter
@ 2019-07-03 11:22 ` Pablo Neira Ayuso
1 sibling, 0 replies; 4+ messages in thread
From: Pablo Neira Ayuso @ 2019-07-03 11:22 UTC (permalink / raw)
To: Phil Sutter; +Cc: netfilter-devel
On Wed, Jul 03, 2019 at 09:36:25AM +0200, Phil Sutter wrote:
> From there, pass it along to mnl_nft_socket_sendmsg() and further down
> to mnl_set_{snd,rcv}buffer(). This prepares the code path for keeping
> stored socket buffer sizes in struct nft_handle.
Applied, thanks.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [iptables PATCH 2/2] nft: Move send/receive buffer sizes into nft_handle
2019-07-03 7:36 ` [iptables PATCH 2/2] nft: Move send/receive buffer sizes into nft_handle Phil Sutter
@ 2019-07-03 11:22 ` Pablo Neira Ayuso
0 siblings, 0 replies; 4+ messages in thread
From: Pablo Neira Ayuso @ 2019-07-03 11:22 UTC (permalink / raw)
To: Phil Sutter; +Cc: netfilter-devel
On Wed, Jul 03, 2019 at 09:36:26AM +0200, Phil Sutter wrote:
> Store them next to the mnl_socket pointer. While being at it, add a
> comment to mnl_set_rcvbuffer() explaining why the buffer size is
> changed.
Also applied, thanks.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2019-07-03 11:22 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-07-03 7:36 [iptables PATCH 1/2] nft: Pass nft_handle down to mnl_batch_talk() Phil Sutter
2019-07-03 7:36 ` [iptables PATCH 2/2] nft: Move send/receive buffer sizes into nft_handle Phil Sutter
2019-07-03 11:22 ` Pablo Neira Ayuso
2019-07-03 11:22 ` [iptables PATCH 1/2] nft: Pass nft_handle down to mnl_batch_talk() Pablo Neira Ayuso
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).