提交 5bf75853 编写于 作者: P Patrick McHardy 提交者: David S. Miller

[NETFILTER]: nfnetlink_queue: use netlink policy

Signed-off-by: NPatrick McHardy <kaber@trash.net>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>
上级 fd8281ad
...@@ -777,10 +777,10 @@ static struct notifier_block nfqnl_rtnl_notifier = { ...@@ -777,10 +777,10 @@ static struct notifier_block nfqnl_rtnl_notifier = {
.notifier_call = nfqnl_rcv_nl_event, .notifier_call = nfqnl_rcv_nl_event,
}; };
static const int nfqa_verdict_min[NFQA_MAX+1] = { static const struct nla_policy nfqa_verdict_policy[NFQA_MAX+1] = {
[NFQA_VERDICT_HDR] = sizeof(struct nfqnl_msg_verdict_hdr), [NFQA_VERDICT_HDR] = { .len = sizeof(struct nfqnl_msg_verdict_hdr) },
[NFQA_MARK] = sizeof(u_int32_t), [NFQA_MARK] = { .type = NLA_U32 },
[NFQA_PAYLOAD] = 0, [NFQA_PAYLOAD] = { .type = NLA_UNSPEC },
}; };
static int static int
...@@ -796,11 +796,6 @@ nfqnl_recv_verdict(struct sock *ctnl, struct sk_buff *skb, ...@@ -796,11 +796,6 @@ nfqnl_recv_verdict(struct sock *ctnl, struct sk_buff *skb,
struct nfqnl_queue_entry *entry; struct nfqnl_queue_entry *entry;
int err; int err;
if (nlattr_bad_size(nfqa, NFQA_MAX, nfqa_verdict_min)) {
QDEBUG("bad attribute size\n");
return -EINVAL;
}
queue = instance_lookup_get(queue_num); queue = instance_lookup_get(queue_num);
if (!queue) if (!queue)
return -ENODEV; return -ENODEV;
...@@ -855,9 +850,9 @@ nfqnl_recv_unsupp(struct sock *ctnl, struct sk_buff *skb, ...@@ -855,9 +850,9 @@ nfqnl_recv_unsupp(struct sock *ctnl, struct sk_buff *skb,
return -ENOTSUPP; return -ENOTSUPP;
} }
static const int nfqa_cfg_min[NFQA_CFG_MAX+1] = { static const struct nla_policy nfqa_cfg_policy[NFQA_CFG_MAX+1] = {
[NFQA_CFG_CMD] = sizeof(struct nfqnl_msg_config_cmd), [NFQA_CFG_CMD] = { .len = sizeof(struct nfqnl_msg_config_cmd) },
[NFQA_CFG_PARAMS] = sizeof(struct nfqnl_msg_config_params), [NFQA_CFG_PARAMS] = { .len = sizeof(struct nfqnl_msg_config_params) },
}; };
static struct nf_queue_handler nfqh = { static struct nf_queue_handler nfqh = {
...@@ -876,11 +871,6 @@ nfqnl_recv_config(struct sock *ctnl, struct sk_buff *skb, ...@@ -876,11 +871,6 @@ nfqnl_recv_config(struct sock *ctnl, struct sk_buff *skb,
QDEBUG("entering for msg %u\n", NFNL_MSG_TYPE(nlh->nlmsg_type)); QDEBUG("entering for msg %u\n", NFNL_MSG_TYPE(nlh->nlmsg_type));
if (nlattr_bad_size(nfqa, NFQA_CFG_MAX, nfqa_cfg_min)) {
QDEBUG("bad attribute size\n");
return -EINVAL;
}
queue = instance_lookup_get(queue_num); queue = instance_lookup_get(queue_num);
if (nfqa[NFQA_CFG_CMD]) { if (nfqa[NFQA_CFG_CMD]) {
struct nfqnl_msg_config_cmd *cmd; struct nfqnl_msg_config_cmd *cmd;
...@@ -964,9 +954,11 @@ static const struct nfnl_callback nfqnl_cb[NFQNL_MSG_MAX] = { ...@@ -964,9 +954,11 @@ static const struct nfnl_callback nfqnl_cb[NFQNL_MSG_MAX] = {
[NFQNL_MSG_PACKET] = { .call = nfqnl_recv_unsupp, [NFQNL_MSG_PACKET] = { .call = nfqnl_recv_unsupp,
.attr_count = NFQA_MAX, }, .attr_count = NFQA_MAX, },
[NFQNL_MSG_VERDICT] = { .call = nfqnl_recv_verdict, [NFQNL_MSG_VERDICT] = { .call = nfqnl_recv_verdict,
.attr_count = NFQA_MAX, }, .attr_count = NFQA_MAX,
.policy = nfqa_verdict_policy },
[NFQNL_MSG_CONFIG] = { .call = nfqnl_recv_config, [NFQNL_MSG_CONFIG] = { .call = nfqnl_recv_config,
.attr_count = NFQA_CFG_MAX, }, .attr_count = NFQA_CFG_MAX,
.policy = nfqa_cfg_policy },
}; };
static const struct nfnetlink_subsystem nfqnl_subsys = { static const struct nfnetlink_subsystem nfqnl_subsys = {
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册