Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5bf75853 authored by Patrick McHardy's avatar Patrick McHardy Committed by David S. Miller
Browse files

[NETFILTER]: nfnetlink_queue: use netlink policy 



Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent fd8281ad

net/netfilter/nfnetlink_queue.c

+11 −19
Original line number Diff line number Diff line
@@ -777,10 +777,10 @@ static struct notifier_block nfqnl_rtnl_notifier = { 
	.notifier_call	= nfqnl_rcv_nl_event,

};



static const int nfqa_verdict_min[NFQA_MAX+1] = {

	[NFQA_VERDICT_HDR]	= sizeof(struct nfqnl_msg_verdict_hdr),

	[NFQA_MARK]		= sizeof(u_int32_t),

	[NFQA_PAYLOAD]		= 0,

static const struct nla_policy nfqa_verdict_policy[NFQA_MAX+1] = {

	[NFQA_VERDICT_HDR]	= { .len = sizeof(struct nfqnl_msg_verdict_hdr) },

	[NFQA_MARK]		= { .type = NLA_U32 },

	[NFQA_PAYLOAD]		= { .type = NLA_UNSPEC },

};



static int
@@ -796,11 +796,6 @@ nfqnl_recv_verdict(struct sock *ctnl, struct sk_buff *skb, 
	struct nfqnl_queue_entry *entry;

	int err;



	if (nlattr_bad_size(nfqa, NFQA_MAX, nfqa_verdict_min)) {

		QDEBUG("bad attribute size\n");

		return -EINVAL;

	}



	queue = instance_lookup_get(queue_num);

	if (!queue)

		return -ENODEV;
@@ -855,9 +850,9 @@ nfqnl_recv_unsupp(struct sock *ctnl, struct sk_buff *skb, 
	return -ENOTSUPP;

}



static const int nfqa_cfg_min[NFQA_CFG_MAX+1] = {

	[NFQA_CFG_CMD]		= sizeof(struct nfqnl_msg_config_cmd),

	[NFQA_CFG_PARAMS]	= sizeof(struct nfqnl_msg_config_params),

static const struct nla_policy nfqa_cfg_policy[NFQA_CFG_MAX+1] = {

	[NFQA_CFG_CMD]		= { .len = sizeof(struct nfqnl_msg_config_cmd) },

	[NFQA_CFG_PARAMS]	= { .len = sizeof(struct nfqnl_msg_config_params) },

};



static struct nf_queue_handler nfqh = {
@@ -876,11 +871,6 @@ nfqnl_recv_config(struct sock *ctnl, struct sk_buff *skb, 


	QDEBUG("entering for msg %u\n", NFNL_MSG_TYPE(nlh->nlmsg_type));



	if (nlattr_bad_size(nfqa, NFQA_CFG_MAX, nfqa_cfg_min)) {

		QDEBUG("bad attribute size\n");

		return -EINVAL;

	}



	queue = instance_lookup_get(queue_num);

	if (nfqa[NFQA_CFG_CMD]) {

		struct nfqnl_msg_config_cmd *cmd;
@@ -964,9 +954,11 @@ static const struct nfnl_callback nfqnl_cb[NFQNL_MSG_MAX] = { 
	[NFQNL_MSG_PACKET]	= { .call = nfqnl_recv_unsupp,

				    .attr_count = NFQA_MAX, },

	[NFQNL_MSG_VERDICT]	= { .call = nfqnl_recv_verdict,

				    .attr_count = NFQA_MAX, },

				    .attr_count = NFQA_MAX,

				    .policy = nfqa_verdict_policy },

	[NFQNL_MSG_CONFIG]	= { .call = nfqnl_recv_config,

				    .attr_count = NFQA_CFG_MAX, },

				    .attr_count = NFQA_CFG_MAX,

				    .policy = nfqa_cfg_policy },

};



static const struct nfnetlink_subsystem nfqnl_subsys = {