Re: [PATCH nf-next 1/1] netfilter: nf_tables: Refine the codes to eliminate useless condition checks in nf_tables_api.c

Mon, 16 Jan 2017 05:38:58 -0800 

On Thu, Jan 12, 2017 at 11:10:11PM +0800, Gao Feng wrote:
> Hi Pablo,
> 
> On Thu, Jan 12, 2017 at 7:21 PM, Pablo Neira Ayuso <[email protected]> 
> wrote:
> > On Wed, Jan 11, 2017 at 09:32:15AM +0800, [email protected] wrote:
> >> From: Gao Feng <[email protected]>
> >>
> >> The return value of nf_tables_table_lookup is valid pointer or one
> >> pointer error. There are two cases totally.
> >> case1: IS_ERR(table) is true, it would return the error or reset the
> >> table as NULL, it is unnecessary to perform the latter check
> >> "table != NULL".
> >> case2: IS_ERR(obj) is false, the table is one valid pointer. It is also
> >> unnecessary to perform that check.
> >> The nf_tables_newset and nf_tables_newobj have same logic codes.
> >>
> >> In summary, we could move the block of condition check "table != NULL"
> >> in the else block to eliminate the original condition checks.
> >>
> >> Signed-off-by: Gao Feng <[email protected]>
> >> ---
> >>  net/netfilter/nf_tables_api.c | 12 +++---------
> >>  1 file changed, 3 insertions(+), 9 deletions(-)
> >>
> >> diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
> >> index a019a87..3d7267f 100644
> >> --- a/net/netfilter/nf_tables_api.c
> >> +++ b/net/netfilter/nf_tables_api.c
> >> @@ -697,9 +697,7 @@ static int nf_tables_newtable(struct net *net, struct 
> >> sock *nlsk,
> >>               if (PTR_ERR(table) != -ENOENT)
> >>                       return PTR_ERR(table);
> >>               table = NULL;
> >
> > We follow up with table = NULL down the code, I think this breaks.
> 
> Look at the following nf_tables_table_lookup codes, it won't return NULL.
> It returns one valid table pointer or one error.
> 
> static struct nft_table *nf_tables_table_lookup(const struct nft_af_info *afi,
>                                                 const struct nlattr *nla,
>                                                 u8 genmask)
> {
>         struct nft_table *table;
> 
>         if (nla == NULL)
>                 return ERR_PTR(-EINVAL);
> 
>         table = nft_table_lookup(afi, nla, genmask);
>         if (table != NULL)
>                 return table;
> 
>         return ERR_PTR(-ENOENT);
> }
> 
> When returns one error, IS_ERR(table) is true, it then returns error
> or reset table as NULL.
> Wehn returns a valid table pointer, IS_ERR(table) is false, we could
> perform the latter codes like "if (nlh->nlmsg_flags & NLM_F_EXCL)"
> directly.

Right.

Then, I think we can remove the unneccessary table = NULL assigment:

@@ -697,9 +697,7 @@  static int nf_tables_newtable(struct net *net, struct sock 
*nlsk,
                if (PTR_ERR(table) != -ENOENT)
                        return PTR_ERR(table);
                table = NULL;                   <----- this
-       }
-
-       if (table != NULL) {
+       } else {
                if (nlh->nlmsg_flags & NLM_F_EXCL)
                        return -EEXIST;
                if (nlh->nlmsg_flags & NLM_F_REPLACE)
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to