Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx> wrote:
> Add basic module functions into nft_osf.[ch] in order to start the
> implementation of OSF module in nf_tables.
>
> +struct nft_osf {
> + char genre[OSF_GENRE_SIZE];
> + __u32 flags;
> + __u32 loglevel;
> + __u32 ttl;
> + __u32 len;
> +};
48 bytes is quite a lot. Can this be compressed further?
e.g. len appears to be useless, and flags/loglevel/ttl
can probably be u8 or u16.
> +static const struct nla_policy nft_osf_policy[NFTA_OSF_MAX + 1] = {
> + [NFTA_OSF_GENRE] = { .type = NLA_STRING, .len = OSF_GENRE_SIZE },
This allows strlen() of OSF_GENRE_SIZE.
> + [NFTA_OSF_FLAGS] = { .type = NLA_U32 },
> + [NFTA_OSF_LOGLEVEL] = { .type = NLA_U32 },
> + [NFTA_OSF_TTL] = { .type = NLA_U32 },
> +};
This looks ok.
> +static int nft_osf_init(const struct nft_ctx *ctx,
> + const struct nft_expr *expr,
> + const struct nlattr * const tb[])
> +{
> + struct nft_osf *priv = nft_expr_priv(expr);
> +
> + if (tb[NFTA_OSF_GENRE] == NULL)
> + return -EINVAL;
> + nla_strlcpy(priv->genre, tb[NFTA_OSF_GENRE], OSF_GENRE_SIZE);
This then copies OSF_GENRE_SIZE - 1 (for \0).
So its either .len = OSF_GENRE_SIZE - 1,
or genre[OSF_GENRE_SIZE+1], or char *genre + nla_strdup().
> + priv->len = strlen(priv->genre);
I don't understand need for this.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
