| skipped 2424 lines |
2425 | 2425 | | } |
2426 | 2426 | | |
2427 | 2427 | | #if defined(CONFIG_HAS_NFTABLES_LIB_API_0) || defined(CONFIG_HAS_NFTABLES_LIB_API_1) |
2428 | | - | static inline int restore_nftables(int pid) |
| 2428 | + | static inline int do_restore_nftables(struct cr_img *img) |
2429 | 2429 | | { |
2430 | | - | int ret = -1; |
2431 | | - | struct cr_img *img; |
| 2430 | + | int exit_code = -1; |
2432 | 2431 | | struct nft_ctx *nft; |
2433 | 2432 | | off_t img_data_size; |
2434 | 2433 | | char *buf; |
2435 | 2434 | | |
2436 | | - | img = open_image(CR_FD_NFTABLES, O_RSTR, pid); |
2437 | | - | if (img == NULL) |
2438 | | - | return -1; |
2439 | | - | if (empty_image(img)) { |
2440 | | - | /* Backward compatibility */ |
2441 | | - | pr_info("Skipping nft restore, no image\n"); |
2442 | | - | ret = 0; |
2443 | | - | goto image_close_out; |
2444 | | - | } |
2445 | | - | |
2446 | 2435 | | if ((img_data_size = img_raw_size(img)) < 0) |
2447 | | - | goto image_close_out; |
| 2436 | + | goto out; |
2448 | 2437 | | |
2449 | 2438 | | if (read_img_str(img, &buf, img_data_size) < 0) |
2450 | | - | goto image_close_out; |
| 2439 | + | goto out; |
2451 | 2440 | | |
2452 | 2441 | | nft = nft_ctx_new(NFT_CTX_DEFAULT); |
2453 | 2442 | | if (!nft) |
| skipped 11 lines |
2465 | 2454 | | #endif |
2466 | 2455 | | goto nft_ctx_free_out; |
2467 | 2456 | | |
2468 | | - | ret = 0; |
| 2457 | + | exit_code = 0; |
2469 | 2458 | | |
2470 | 2459 | | nft_ctx_free_out: |
2471 | 2460 | | nft_ctx_free(nft); |
2472 | 2461 | | buf_free_out: |
2473 | 2462 | | xfree(buf); |
| 2463 | + | out: |
| 2464 | + | return exit_code; |
| 2465 | + | } |
| 2466 | + | #endif |
| 2467 | + | |
| 2468 | + | static inline int restore_nftables(int pid) |
| 2469 | + | { |
| 2470 | + | int exit_code = -1; |
| 2471 | + | struct cr_img *img; |
| 2472 | + | |
| 2473 | + | img = open_image(CR_FD_NFTABLES, O_RSTR, pid); |
| 2474 | + | if (img == NULL) |
| 2475 | + | return -1; |
| 2476 | + | if (empty_image(img)) { |
| 2477 | + | /* Backward compatibility */ |
| 2478 | + | pr_info("Skipping nft restore, no image\n"); |
| 2479 | + | exit_code = 0; |
| 2480 | + | goto image_close_out; |
| 2481 | + | } |
| 2482 | + | |
| 2483 | + | #if defined(CONFIG_HAS_NFTABLES_LIB_API_0) || defined(CONFIG_HAS_NFTABLES_LIB_API_1) |
| 2484 | + | if (!do_restore_nftables(img)) |
| 2485 | + | exit_code = 0; |
| 2486 | + | #else |
| 2487 | + | pr_err("Unable to restore nftables. CRIU was built without libnftables support\n"); |
| 2488 | + | #endif |
| 2489 | + | |
2474 | 2490 | | image_close_out: |
2475 | 2491 | | close_image(img); |
2476 | 2492 | | |
2477 | | - | return ret; |
| 2493 | + | return exit_code; |
2478 | 2494 | | } |
2479 | | - | #endif |
2480 | 2495 | | |
2481 | 2496 | | int read_net_ns_img(void) |
2482 | 2497 | | { |
| skipped 322 lines |
2805 | 2820 | | ret = restore_rule(nsid); |
2806 | 2821 | | if (!ret) |
2807 | 2822 | | ret = restore_iptables(nsid); |
2808 | | - | #if defined(CONFIG_HAS_NFTABLES_LIB_API_0) || defined(CONFIG_HAS_NFTABLES_LIB_API_1) |
2809 | 2823 | | if (!ret) |
2810 | 2824 | | ret = restore_nftables(nsid); |
2811 | | - | #endif |
2812 | 2825 | | } |
2813 | 2826 | | |
2814 | 2827 | | if (!ret) |
| skipped 995 lines |