diff options
author | Patrick McHardy <kaber@trash.net> | 2008-01-23 20:36:12 -0800 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2008-01-28 15:11:23 -0800 |
commit | 6fa8c0144b770dac941cf2c15053b6e24f046c8a (patch) | |
tree | 7c91cd0e9a98f0532df30a9d8549e2c76a3ce716 /net/sched/cls_basic.c | |
parent | 27a3421e4821734bc19496faa77b380605dc3b23 (diff) | |
download | linux-6fa8c0144b770dac941cf2c15053b6e24f046c8a.tar.gz linux-6fa8c0144b770dac941cf2c15053b6e24f046c8a.tar.bz2 linux-6fa8c0144b770dac941cf2c15053b6e24f046c8a.zip |
[NET_SCHED]: Use nla_policy for attribute validation in classifiers
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/sched/cls_basic.c')
-rw-r--r-- | net/sched/cls_basic.c | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/net/sched/cls_basic.c b/net/sched/cls_basic.c index 0c872a76c4b0..bfb4342ea88c 100644 --- a/net/sched/cls_basic.c +++ b/net/sched/cls_basic.c @@ -129,6 +129,11 @@ static int basic_delete(struct tcf_proto *tp, unsigned long arg) return -ENOENT; } +static const struct nla_policy basic_policy[TCA_BASIC_MAX + 1] = { + [TCA_BASIC_CLASSID] = { .type = NLA_U32 }, + [TCA_BASIC_EMATCHES] = { .type = NLA_NESTED }, +}; + static inline int basic_set_parms(struct tcf_proto *tp, struct basic_filter *f, unsigned long base, struct nlattr **tb, struct nlattr *est) @@ -137,10 +142,6 @@ static inline int basic_set_parms(struct tcf_proto *tp, struct basic_filter *f, struct tcf_exts e; struct tcf_ematch_tree t; - if (tb[TCA_BASIC_CLASSID]) - if (nla_len(tb[TCA_BASIC_CLASSID]) < sizeof(u32)) - return err; - err = tcf_exts_validate(tp, tb, est, &e, &basic_ext_map); if (err < 0) return err; @@ -174,7 +175,8 @@ static int basic_change(struct tcf_proto *tp, unsigned long base, u32 handle, if (tca[TCA_OPTIONS] == NULL) return -EINVAL; - err = nla_parse_nested(tb, TCA_BASIC_MAX, tca[TCA_OPTIONS], NULL); + err = nla_parse_nested(tb, TCA_BASIC_MAX, tca[TCA_OPTIONS], + basic_policy); if (err < 0) return err; |