[NETFILTER 07/19]: nfnetlink_queue: use netlink policy

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Patrick McHardy <kaber@trash.net>
To: davem@davemloft.net
Cc: Patrick McHardy <kaber@trash.net>, netfilter-devel@vger.kernel.org
Subject: [NETFILTER 07/19]: nfnetlink_queue: use netlink policy
Date: Fri, 28 Sep 2007 18:30:47 +0200 (MEST)	[thread overview]
Message-ID: <20070928163047.8394.96579.sendpatchset@localhost.localdomain> (raw)
In-Reply-To: <20070928163036.8394.36374.sendpatchset@localhost.localdomain>

[NETFILTER]: nfnetlink_queue: use netlink policy

Signed-off-by: Patrick McHardy <kaber@trash.net>

---
commit 697cfea5ad56bc42a46706acd713cdad23f55f27
tree 5d2a14298de067a6f480349c4f0da7a13bf21e6a
parent 66650816a6da2ae78bb68487e894922b7ba39942
author Patrick McHardy <kaber@trash.net> Fri, 28 Sep 2007 18:09:14 +0200
committer Patrick McHardy <kaber@trash.net> Fri, 28 Sep 2007 18:09:14 +0200

 net/netfilter/nfnetlink_queue.c |   30 +++++++++++-------------------
 1 files changed, 11 insertions(+), 19 deletions(-)

diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c
index 1c34668..48e095a 100644
--- a/net/netfilter/nfnetlink_queue.c
+++ b/net/netfilter/nfnetlink_queue.c
@@ -777,10 +777,10 @@ static struct notifier_block nfqnl_rtnl_notifier = {
 	.notifier_call	= nfqnl_rcv_nl_event,
 };
 
-static const int nfqa_verdict_min[NFQA_MAX+1] = {
-	[NFQA_VERDICT_HDR]	= sizeof(struct nfqnl_msg_verdict_hdr),
-	[NFQA_MARK]		= sizeof(u_int32_t),
-	[NFQA_PAYLOAD]		= 0,
+static const struct nla_policy nfqa_verdict_policy[NFQA_MAX+1] = {
+	[NFQA_VERDICT_HDR]	= { .len = sizeof(struct nfqnl_msg_verdict_hdr) },
+	[NFQA_MARK]		= { .type = NLA_U32 },
+	[NFQA_PAYLOAD]		= { .type = NLA_UNSPEC },
 };
 
 static int
@@ -796,11 +796,6 @@ nfqnl_recv_verdict(struct sock *ctnl, struct sk_buff *skb,
 	struct nfqnl_queue_entry *entry;
 	int err;
 
-	if (nlattr_bad_size(nfqa, NFQA_MAX, nfqa_verdict_min)) {
-		QDEBUG("bad attribute size\n");
-		return -EINVAL;
-	}
-
 	queue = instance_lookup_get(queue_num);
 	if (!queue)
 		return -ENODEV;
@@ -855,9 +850,9 @@ nfqnl_recv_unsupp(struct sock *ctnl, struct sk_buff *skb,
 	return -ENOTSUPP;
 }
 
-static const int nfqa_cfg_min[NFQA_CFG_MAX+1] = {
-	[NFQA_CFG_CMD]		= sizeof(struct nfqnl_msg_config_cmd),
-	[NFQA_CFG_PARAMS]	= sizeof(struct nfqnl_msg_config_params),
+static const struct nla_policy nfqa_cfg_policy[NFQA_CFG_MAX+1] = {
+	[NFQA_CFG_CMD]		= { .len = sizeof(struct nfqnl_msg_config_cmd) },
+	[NFQA_CFG_PARAMS]	= { .len = sizeof(struct nfqnl_msg_config_params) },
 };
 
 static struct nf_queue_handler nfqh = {
@@ -876,11 +871,6 @@ nfqnl_recv_config(struct sock *ctnl, struct sk_buff *skb,
 
 	QDEBUG("entering for msg %u\n", NFNL_MSG_TYPE(nlh->nlmsg_type));
 
-	if (nlattr_bad_size(nfqa, NFQA_CFG_MAX, nfqa_cfg_min)) {
-		QDEBUG("bad attribute size\n");
-		return -EINVAL;
-	}
-
 	queue = instance_lookup_get(queue_num);
 	if (nfqa[NFQA_CFG_CMD]) {
 		struct nfqnl_msg_config_cmd *cmd;
@@ -964,9 +954,11 @@ static const struct nfnl_callback nfqnl_cb[NFQNL_MSG_MAX] = {
 	[NFQNL_MSG_PACKET]	= { .call = nfqnl_recv_unsupp,
 				    .attr_count = NFQA_MAX, },
 	[NFQNL_MSG_VERDICT]	= { .call = nfqnl_recv_verdict,
-				    .attr_count = NFQA_MAX, },
+				    .attr_count = NFQA_MAX,
+				    .policy = nfqa_verdict_policy },
 	[NFQNL_MSG_CONFIG]	= { .call = nfqnl_recv_config,
-				    .attr_count = NFQA_CFG_MAX, },
+				    .attr_count = NFQA_CFG_MAX,
+				    .policy = nfqa_cfg_policy },
 };
 
 static const struct nfnetlink_subsystem nfqnl_subsys = {

next prev parent reply	other threads:[~2007-09-28 16:30 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-09-28 16:30 [NETFILTER 00/19]: Netfilter update Patrick McHardy
2007-09-28 16:30 ` [NETFILTER 01/19]: nfnetlink: make subsystem and callbacks const Patrick McHardy
2007-09-28 16:30 ` [NETFILTER 02/19]: nfnetlink: convert to generic netlink attribute functions Patrick McHardy
2007-09-28 16:30 ` [NETFILTER 03/19]: nfnetlink: rename functions containing 'nfattr' Patrick McHardy
2007-09-28 16:30 ` [NETFILTER 04/19]: nfnetlink: use nlmsg_notify() Patrick McHardy
2007-09-28 16:30 ` [NETFILTER 05/19]: nfnetlink: support attribute policies Patrick McHardy
2007-09-28 16:30 ` [NETFILTER 06/19]: nfnetlink_log: use netlink policy Patrick McHardy
2007-09-28 16:30 ` Patrick McHardy [this message]
2007-09-28 16:30 ` [NETFILTER 08/19]: ctnetlink: " Patrick McHardy
2007-09-28 16:30 ` [NETFILTER 09/19]: nfnetlink: kill nlattr_bad_size Patrick McHardy
2007-09-28 16:30 ` [NETFILTER 10/19]: nf_conntrack: kill unique ID Patrick McHardy
2007-09-28 16:30 ` [NETFILTER 11/19]: nf_conntrack_expect: " Patrick McHardy
2007-09-28 16:30 ` [NETFILTER 12/19]: nf_conntrack_netlink: add support to related connections Patrick McHardy
2007-09-28 16:30 ` [NETFILTER 13/19]: nfnetlink_log: kill duplicate code Patrick McHardy
2007-09-28 16:30 ` [NETFILTER 14/19]: nfnetlink_log: flush queue early Patrick McHardy
2007-09-28 16:30 ` [NETFILTER 15/19]: nfnetlink_log: fix style Patrick McHardy
2007-09-28 16:30 ` [NETFILTER 16/19]: nfnetlink_log: fix instance_create() failure path Patrick McHardy
2007-09-28 16:31 ` [NETFILTER 17/19]: nfnetlink_log: fix some constants Patrick McHardy
2007-09-28 16:31 ` [NETFILTER 18/19]: x_tables: add xt_time match Patrick McHardy
2007-09-28 16:31 ` [NETFILTER 19/19]: bridge: remove broken netfilter binary sysctls Patrick McHardy
2007-09-28 21:52 ` [NETFILTER 00/19]: Netfilter update David Miller

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:1c34668 dfblob:48e095a )
 OR (
bs:"[NETFILTER 07/19]: nfnetlink_queue: use netlink policy" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20070928163047.8394.96579.sendpatchset@localhost.localdomain \
    --to=kaber@trash.net \
    --cc=davem@davemloft.net \
    --cc=netfilter-devel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).