提交 d7a5c324 编写于 作者: P Patrick McHardy 提交者: David S. Miller

[NETFILTER]: nfnetlink_log: remove useless prefix length limitation

There is no reason for limiting netlink attributes in size.
Signed-off-by: NPatrick McHardy <kaber@trash.net>
上级 829e17a1
...@@ -32,8 +32,6 @@ struct nfulnl_msg_packet_timestamp { ...@@ -32,8 +32,6 @@ struct nfulnl_msg_packet_timestamp {
aligned_be64 usec; aligned_be64 usec;
}; };
#define NFULNL_PREFIXLEN 30 /* just like old log target */
enum nfulnl_attr_type { enum nfulnl_attr_type {
NFULA_UNSPEC, NFULA_UNSPEC,
NFULA_PACKET_HDR, NFULA_PACKET_HDR,
......
...@@ -408,7 +408,7 @@ __build_packet_message(struct nfulnl_instance *inst, ...@@ -408,7 +408,7 @@ __build_packet_message(struct nfulnl_instance *inst,
const struct net_device *indev, const struct net_device *indev,
const struct net_device *outdev, const struct net_device *outdev,
const struct nf_loginfo *li, const struct nf_loginfo *li,
const char *prefix) const char *prefix, unsigned int plen)
{ {
unsigned char *old_tail; unsigned char *old_tail;
struct nfulnl_msg_packet_hdr pmsg; struct nfulnl_msg_packet_hdr pmsg;
...@@ -432,12 +432,8 @@ __build_packet_message(struct nfulnl_instance *inst, ...@@ -432,12 +432,8 @@ __build_packet_message(struct nfulnl_instance *inst,
NFA_PUT(inst->skb, NFULA_PACKET_HDR, sizeof(pmsg), &pmsg); NFA_PUT(inst->skb, NFULA_PACKET_HDR, sizeof(pmsg), &pmsg);
if (prefix) { if (prefix)
int slen = strlen(prefix); NFA_PUT(inst->skb, NFULA_PREFIX, plen, prefix);
if (slen > NFULNL_PREFIXLEN)
slen = NFULNL_PREFIXLEN;
NFA_PUT(inst->skb, NFULA_PREFIX, slen, prefix);
}
if (indev) { if (indev) {
tmp_uint = htonl(indev->ifindex); tmp_uint = htonl(indev->ifindex);
...@@ -601,6 +597,7 @@ nfulnl_log_packet(unsigned int pf, ...@@ -601,6 +597,7 @@ nfulnl_log_packet(unsigned int pf,
const struct nf_loginfo *li; const struct nf_loginfo *li;
unsigned int qthreshold; unsigned int qthreshold;
unsigned int nlbufsiz; unsigned int nlbufsiz;
unsigned int plen;
if (li_user && li_user->type == NF_LOG_TYPE_ULOG) if (li_user && li_user->type == NF_LOG_TYPE_ULOG)
li = li_user; li = li_user;
...@@ -616,6 +613,10 @@ nfulnl_log_packet(unsigned int pf, ...@@ -616,6 +613,10 @@ nfulnl_log_packet(unsigned int pf,
return; return;
} }
plen = 0;
if (prefix)
plen = strlen(prefix);
/* all macros expand to constant values at compile time */ /* all macros expand to constant values at compile time */
/* FIXME: do we want to make the size calculation conditional based on /* FIXME: do we want to make the size calculation conditional based on
* what is actually present? way more branches and checks, but more * what is actually present? way more branches and checks, but more
...@@ -630,7 +631,7 @@ nfulnl_log_packet(unsigned int pf, ...@@ -630,7 +631,7 @@ nfulnl_log_packet(unsigned int pf,
#endif #endif
+ NFA_SPACE(sizeof(u_int32_t)) /* mark */ + NFA_SPACE(sizeof(u_int32_t)) /* mark */
+ NFA_SPACE(sizeof(u_int32_t)) /* uid */ + NFA_SPACE(sizeof(u_int32_t)) /* uid */
+ NFA_SPACE(NFULNL_PREFIXLEN) /* prefix */ + NFA_SPACE(plen) /* prefix */
+ NFA_SPACE(sizeof(struct nfulnl_msg_packet_hw)) + NFA_SPACE(sizeof(struct nfulnl_msg_packet_hw))
+ NFA_SPACE(sizeof(struct nfulnl_msg_packet_timestamp)); + NFA_SPACE(sizeof(struct nfulnl_msg_packet_timestamp));
...@@ -701,7 +702,7 @@ nfulnl_log_packet(unsigned int pf, ...@@ -701,7 +702,7 @@ nfulnl_log_packet(unsigned int pf,
inst->qlen++; inst->qlen++;
__build_packet_message(inst, skb, data_len, pf, __build_packet_message(inst, skb, data_len, pf,
hooknum, in, out, li, prefix); hooknum, in, out, li, prefix, plen);
/* timer_pending always called within inst->lock, so there /* timer_pending always called within inst->lock, so there
* is no chance of a race here */ * is no chance of a race here */
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册