summaryrefslogtreecommitdiffstats
path: root/src/obj/secmark.c
diff options
context:
space:
mode:
authorPhil Sutter <phil@nwl.cc>2024-03-07 13:46:26 +0100
committerPhil Sutter <phil@nwl.cc>2024-04-11 01:27:07 +0200
commitf8348db87791bb8061b7f9ecf856e835ab74d006 (patch)
tree8989e13704203972383da57fa3507ba865702b7b /src/obj/secmark.c
parent410c245e4811d7888daa456547af58d93d1c63b4 (diff)
obj: Introduce struct obj_ops::attr_policy
Just like with struct expr_ops::attr_policy, enable object types to inform about restrictions on attribute use. This way generic object code may perform sanity checks before dispatching to object ops. Signed-off-by: Phil Sutter <phil@nwl.cc>
Diffstat (limited to 'src/obj/secmark.c')
-rw-r--r--src/obj/secmark.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/src/obj/secmark.c b/src/obj/secmark.c
index 83cd1dc..eea9664 100644
--- a/src/obj/secmark.c
+++ b/src/obj/secmark.c
@@ -105,11 +105,16 @@ static int nftnl_obj_secmark_snprintf(char *buf, size_t len,
return snprintf(buf, len, "context %s ", secmark->ctx);
}
+static struct attr_policy obj_secmark_attr_policy[__NFTNL_OBJ_SECMARK_MAX] = {
+ [NFTNL_OBJ_SECMARK_CTX] = { .maxlen = NFT_SECMARK_CTX_MAXLEN },
+};
+
struct obj_ops obj_ops_secmark = {
.name = "secmark",
.type = NFT_OBJECT_SECMARK,
.alloc_len = sizeof(struct nftnl_obj_secmark),
.nftnl_max_attr = __NFTNL_OBJ_SECMARK_MAX - 1,
+ .attr_policy = obj_secmark_attr_policy,
.set = nftnl_obj_secmark_set,
.get = nftnl_obj_secmark_get,
.parse = nftnl_obj_secmark_parse,