[NETFILTER]: ctnetlink: use netlink policy

Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Patrick McHardy <kaber@trash.net> 2007-09-28 17:39:55 -0400
committer: David S. Miller <davem@sunset.davemloft.net> 2007-10-10 19:53:35 -0400
commit: f73e924cdd166360e8cc9a1b193008fdc9b3e3e2 (patch)
tree: 48fbf4b0f9101359e05fb53eabe194495f8214d1 /net/ipv6
parent: 5bf758539388fa9383afd539d052ae93229544b9 (diff)
2 files changed, 9 insertions, 13 deletions
diff --git a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
index 567fbe230ce6..37a3db926953 100644
--- a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
+++ b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
@@ -350,9 +350,9 @@ nla_put_failure:
        return -1;
 }
-static const size_t cta_min_ip[CTA_IP_MAX+1] = {
+static const struct nla_policy ipv6_nla_policy[CTA_IP_MAX+1] = {
-        [CTA_IP_V6_SRC] = sizeof(u_int32_t)*4,
+        [CTA_IP_V6_SRC] = { .len = sizeof(u_int32_t)*4 },
-        [CTA_IP_V6_DST] = sizeof(u_int32_t)*4,
+        [CTA_IP_V6_DST] = { .len = sizeof(u_int32_t)*4 },
 };
 static int ipv6_nlattr_to_tuple(struct nlattr *tb[],
@@ -361,9 +361,6 @@ static int ipv6_nlattr_to_tuple(struct nlattr *tb[],
        if (!tb[CTA_IP_V6_SRC] || !tb[CTA_IP_V6_DST])
                return -EINVAL;
-        if (nlattr_bad_size(tb, CTA_IP_MAX, cta_min_ip))
-                return -EINVAL;
        memcpy(&t->src.u3.ip6, nla_data(tb[CTA_IP_V6_SRC]),
               sizeof(u_int32_t) * 4);
        memcpy(&t->dst.u3.ip6, nla_data(tb[CTA_IP_V6_DST]),
@@ -384,6 +381,7 @@ struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv6 __read_mostly = {
 #if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
        .tuple_to_nlattr        = ipv6_tuple_to_nlattr,
        .nlattr_to_tuple        = ipv6_nlattr_to_tuple,
+        .nla_policy             = ipv6_nla_policy,
 #endif
 #ifdef CONFIG_SYSCTL
        .ctl_table_path         = nf_net_netfilter_sysctl_path,
diff --git a/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c b/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c
index 238ea6bc864e..fbdc66920de4 100644
--- a/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c
+++ b/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c
@@ -226,10 +226,10 @@ nla_put_failure:
        return -1;
 }
-static const size_t cta_min_proto[CTA_PROTO_MAX+1] = {
+static const struct nla_policy icmpv6_nla_policy[CTA_PROTO_MAX+1] = {
-        [CTA_PROTO_ICMPV6_TYPE] = sizeof(u_int8_t),
+        [CTA_PROTO_ICMPV6_TYPE] = { .type = NLA_U8 },
-        [CTA_PROTO_ICMPV6_CODE] = sizeof(u_int8_t),
+        [CTA_PROTO_ICMPV6_CODE] = { .type = NLA_U8 },
-        [CTA_PROTO_ICMPV6_ID]   = sizeof(u_int16_t)
+        [CTA_PROTO_ICMPV6_ID]   = { .type = NLA_U16 },
 };
 static int icmpv6_nlattr_to_tuple(struct nlattr *tb[],
@@ -240,9 +240,6 @@ static int icmpv6_nlattr_to_tuple(struct nlattr *tb[],
            || !tb[CTA_PROTO_ICMPV6_ID])
                return -EINVAL;
-        if (nlattr_bad_size(tb, CTA_PROTO_MAX, cta_min_proto))
-                return -EINVAL;
        tuple->dst.u.icmp.type =
                        *(u_int8_t *)nla_data(tb[CTA_PROTO_ICMPV6_TYPE]);
        tuple->dst.u.icmp.code =
@@ -291,6 +288,7 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_icmpv6 __read_mostly =
 #if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
        .tuple_to_nlattr        = icmpv6_tuple_to_nlattr,
        .nlattr_to_tuple        = icmpv6_nlattr_to_tuple,
+        .nla_policy             = icmpv6_nla_policy,
 #endif
 #ifdef CONFIG_SYSCTL
        .ctl_table_header       = &icmpv6_sysctl_header,
author	Patrick McHardy <kaber@trash.net>	2007-09-28 17:39:55 -0400
committer	David S. Miller <davem@sunset.davemloft.net>	2007-10-10 19:53:35 -0400
commit	f73e924cdd166360e8cc9a1b193008fdc9b3e3e2 (patch)
tree	48fbf4b0f9101359e05fb53eabe194495f8214d1 /net/ipv6
parent	5bf758539388fa9383afd539d052ae93229544b9 (diff)