[NET_SCHED]: Use nla_policy for attribute validation in classifiers
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
diff --git a/net/sched/cls_fw.c b/net/sched/cls_fw.c
index b75696d..436a6e7 100644
--- a/net/sched/cls_fw.c
+++ b/net/sched/cls_fw.c
@@ -186,6 +186,12 @@
return -EINVAL;
}
+static const struct nla_policy fw_policy[TCA_FW_MAX + 1] = {
+ [TCA_FW_CLASSID] = { .type = NLA_U32 },
+ [TCA_FW_INDEV] = { .type = NLA_STRING, .len = IFNAMSIZ },
+ [TCA_FW_MASK] = { .type = NLA_U32 },
+};
+
static int
fw_change_attrs(struct tcf_proto *tp, struct fw_filter *f,
struct nlattr **tb, struct nlattr **tca, unsigned long base)
@@ -201,8 +207,6 @@
err = -EINVAL;
if (tb[TCA_FW_CLASSID]) {
- if (nla_len(tb[TCA_FW_CLASSID]) != sizeof(u32))
- goto errout;
f->res.classid = nla_get_u32(tb[TCA_FW_CLASSID]);
tcf_bind_filter(tp, &f->res, base);
}
@@ -216,8 +220,6 @@
#endif /* CONFIG_NET_CLS_IND */
if (tb[TCA_FW_MASK]) {
- if (nla_len(tb[TCA_FW_MASK]) != sizeof(u32))
- goto errout;
mask = nla_get_u32(tb[TCA_FW_MASK]);
if (mask != head->mask)
goto errout;
@@ -246,7 +248,7 @@
if (!opt)
return handle ? -EINVAL : 0;
- err = nla_parse_nested(tb, TCA_FW_MAX, opt, NULL);
+ err = nla_parse_nested(tb, TCA_FW_MAX, opt, fw_policy);
if (err < 0)
return err;
@@ -261,11 +263,8 @@
if (head == NULL) {
u32 mask = 0xFFFFFFFF;
- if (tb[TCA_FW_MASK]) {
- if (nla_len(tb[TCA_FW_MASK]) != sizeof(u32))
- return -EINVAL;
+ if (tb[TCA_FW_MASK])
mask = nla_get_u32(tb[TCA_FW_MASK]);
- }
head = kzalloc(sizeof(struct fw_head), GFP_KERNEL);
if (head == NULL)