Skip to content

Commit

Permalink
net: add restore nftables error messages
Browse files Browse the repository at this point in the history
Show appropriate error messages when restore of nftables fails.

Signed-off-by: Radostin Stoyanov <[email protected]>
  • Loading branch information
rst0git committed Jan 7, 2024
1 parent a7828d3 commit 0ac0e13
Showing 1 changed file with 24 additions and 6 deletions.
30 changes: 24 additions & 6 deletions criu/net.c
Original file line number Diff line number Diff line change
Expand Up @@ -2437,28 +2437,46 @@ static inline int do_restore_nftables(struct cr_img *img)
struct nft_ctx *nft;
off_t img_data_size;
char *buf;
const char *output;

if ((img_data_size = img_raw_size(img)) < 0)
if ((img_data_size = img_raw_size(img)) < 0) {
pr_err("image size mismatch\n");
goto out;
}

if (read_img_str(img, &buf, img_data_size) < 0)
if (read_img_str(img, &buf, img_data_size) < 0) {
pr_err("Failed to read nftables data\n");
goto out;
}

nft = nft_ctx_new(NFT_CTX_DEFAULT);
if (!nft)
if (!nft) {
pr_err("Failed to create nft context object\n");
goto buf_free_out;
}

if (nft_ctx_buffer_output(nft) || nft_ctx_buffer_error(nft)) {
pr_err("Failed to enable std/err output buffering\n");
goto nft_ctx_free_out;
}

if (nft_ctx_buffer_output(nft) || nft_ctx_buffer_error(nft) ||
#if defined(CONFIG_HAS_NFTABLES_LIB_API_0)
nft_run_cmd_from_buffer(nft, buf, strlen(buf)))
if (nft_run_cmd_from_buffer(nft, buf, strlen(buf)))
#elif defined(CONFIG_HAS_NFTABLES_LIB_API_1)
nft_run_cmd_from_buffer(nft, buf))
if (nft_run_cmd_from_buffer(nft, buf))
#else
{
BUILD_BUG_ON(1);
}
#endif
{
pr_err("Failed to restore nft ruleset:\n%s\n", buf);
output = nft_ctx_get_error_buffer(nft);
if (strlen(output)) {
pr_err("nft error:\n%s\n", output);
}
goto nft_ctx_free_out;
}

exit_code = 0;

Expand Down

0 comments on commit 0ac0e13

Please sign in to comment.