[NETFILTER]: nfnetlink_queue: use netlink policy
authorPatrick McHardy <kaber@trash.net>
Fri, 28 Sep 2007 21:39:26 +0000 (14:39 -0700)
committerDavid S. Miller <davem@sunset.davemloft.net>
Wed, 10 Oct 2007 23:53:34 +0000 (16:53 -0700)
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/netfilter/nfnetlink_queue.c

index 1c34668588f172c9c1b874394cce51789e1434f8..48e095a7de2db28a566fe906845a6d1bd480a1c5 100644 (file)
@@ -777,10 +777,10 @@ static struct notifier_block nfqnl_rtnl_notifier = {
        .notifier_call  = nfqnl_rcv_nl_event,
 };
 
-static const int nfqa_verdict_min[NFQA_MAX+1] = {
-       [NFQA_VERDICT_HDR]      = sizeof(struct nfqnl_msg_verdict_hdr),
-       [NFQA_MARK]             = sizeof(u_int32_t),
-       [NFQA_PAYLOAD]          = 0,
+static const struct nla_policy nfqa_verdict_policy[NFQA_MAX+1] = {
+       [NFQA_VERDICT_HDR]      = { .len = sizeof(struct nfqnl_msg_verdict_hdr) },
+       [NFQA_MARK]             = { .type = NLA_U32 },
+       [NFQA_PAYLOAD]          = { .type = NLA_UNSPEC },
 };
 
 static int
@@ -796,11 +796,6 @@ nfqnl_recv_verdict(struct sock *ctnl, struct sk_buff *skb,
        struct nfqnl_queue_entry *entry;
        int err;
 
-       if (nlattr_bad_size(nfqa, NFQA_MAX, nfqa_verdict_min)) {
-               QDEBUG("bad attribute size\n");
-               return -EINVAL;
-       }
-
        queue = instance_lookup_get(queue_num);
        if (!queue)
                return -ENODEV;
@@ -855,9 +850,9 @@ nfqnl_recv_unsupp(struct sock *ctnl, struct sk_buff *skb,
        return -ENOTSUPP;
 }
 
-static const int nfqa_cfg_min[NFQA_CFG_MAX+1] = {
-       [NFQA_CFG_CMD]          = sizeof(struct nfqnl_msg_config_cmd),
-       [NFQA_CFG_PARAMS]       = sizeof(struct nfqnl_msg_config_params),
+static const struct nla_policy nfqa_cfg_policy[NFQA_CFG_MAX+1] = {
+       [NFQA_CFG_CMD]          = { .len = sizeof(struct nfqnl_msg_config_cmd) },
+       [NFQA_CFG_PARAMS]       = { .len = sizeof(struct nfqnl_msg_config_params) },
 };
 
 static struct nf_queue_handler nfqh = {
@@ -876,11 +871,6 @@ nfqnl_recv_config(struct sock *ctnl, struct sk_buff *skb,
 
        QDEBUG("entering for msg %u\n", NFNL_MSG_TYPE(nlh->nlmsg_type));
 
-       if (nlattr_bad_size(nfqa, NFQA_CFG_MAX, nfqa_cfg_min)) {
-               QDEBUG("bad attribute size\n");
-               return -EINVAL;
-       }
-
        queue = instance_lookup_get(queue_num);
        if (nfqa[NFQA_CFG_CMD]) {
                struct nfqnl_msg_config_cmd *cmd;
@@ -964,9 +954,11 @@ static const struct nfnl_callback nfqnl_cb[NFQNL_MSG_MAX] = {
        [NFQNL_MSG_PACKET]      = { .call = nfqnl_recv_unsupp,
                                    .attr_count = NFQA_MAX, },
        [NFQNL_MSG_VERDICT]     = { .call = nfqnl_recv_verdict,
-                                   .attr_count = NFQA_MAX, },
+                                   .attr_count = NFQA_MAX,
+                                   .policy = nfqa_verdict_policy },
        [NFQNL_MSG_CONFIG]      = { .call = nfqnl_recv_config,
-                                   .attr_count = NFQA_CFG_MAX, },
+                                   .attr_count = NFQA_CFG_MAX,
+                                   .policy = nfqa_cfg_policy },
 };
 
 static const struct nfnetlink_subsystem nfqnl_subsys = {