netfilter: nf_tables: use C99 struct initializer for nft_set_iter

Use C99 struct initializer for nft_set_iter, simplifying the code and
preventing future errors due to uninitialized fields if new fields are
added to the struct.

Signed-off-by: Fernando Fernandez Mancera <fmancera@suse.de>
Signed-off-by: Florian Westphal <fw@strlen.de>

diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index eed434e0a9702e129055ee967823c183f622de3d..f3de2f9bbebf11f0817fc21d3435953d3db51359 100644 (file)
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -5770,7 +5770,11 @@ int nf_tables_bind_set(const struct nft_ctx *ctx, struct nft_set *set,
                       struct nft_set_binding *binding)
 {
        struct nft_set_binding *i;
-       struct nft_set_iter iter;
+       struct nft_set_iter iter = {
+               .genmask        = nft_genmask_next(ctx->net),
+               .type           = NFT_ITER_UPDATE,
+               .fn             = nf_tables_bind_check_setelem,
+       };
 
        if (!list_empty(&set->bindings) && nft_set_is_anonymous(set))
                return -EBUSY;
@@ -5785,13 +5789,6 @@ int nf_tables_bind_set(const struct nft_ctx *ctx, struct nft_set *set,
                                goto bind;
                }
 
-               iter.genmask    = nft_genmask_next(ctx->net);
-               iter.type       = NFT_ITER_UPDATE;
-               iter.skip       = 0;
-               iter.count      = 0;
-               iter.err        = 0;
-               iter.fn         = nf_tables_bind_check_setelem;
-
                set->ops->walk(ctx, set, &iter);
                if (!iter.err)
                        iter.err = nft_set_catchall_bind_check(ctx, set);
@@ -6195,7 +6192,17 @@ static int nf_tables_dump_set(struct sk_buff *skb, struct netlink_callback *cb)
        struct nftables_pernet *nft_net;
        struct nft_table *table;
        struct nft_set *set;
-       struct nft_set_dump_args args;
+       struct nft_set_dump_args args = {
+               .cb = cb,
+               .skb = skb,
+               .reset = dump_ctx->reset,
+               .iter = {
+                       .genmask = nft_genmask_cur(net),
+                       .type = NFT_ITER_READ,
+                       .skip = cb->args[0],
+                       .fn = nf_tables_dump_setelem,
+               },
+       };
        bool set_found = false;
        struct nlmsghdr *nlh;
        struct nlattr *nest;
@@ -6246,15 +6253,6 @@ static int nf_tables_dump_set(struct sk_buff *skb, struct netlink_callback *cb)
        if (nest == NULL)
                goto nla_put_failure;
 
-       args.cb                 = cb;
-       args.skb                = skb;
-       args.reset              = dump_ctx->reset;
-       args.iter.genmask       = nft_genmask_cur(net);
-       args.iter.type          = NFT_ITER_READ;
-       args.iter.skip          = cb->args[0];
-       args.iter.count         = 0;
-       args.iter.err           = 0;
-       args.iter.fn            = nf_tables_dump_setelem;
        set->ops->walk(&dump_ctx->ctx, set, &args.iter);
 
        if (!args.iter.err && args.iter.count == cb->args[0])

diff --git a/net/netfilter/nft_lookup.c b/net/netfilter/nft_lookup.c
index 58c5b14889c47435223b2bb4a0bd8a991e7bdb12..fc2d7c5d83c8ecc1a9b21097d64a7dea54779aef 100644 (file)
--- a/net/netfilter/nft_lookup.c
+++ b/net/netfilter/nft_lookup.c
@@ -246,19 +246,16 @@ static int nft_lookup_validate(const struct nft_ctx *ctx,
                               const struct nft_expr *expr)
 {
        const struct nft_lookup *priv = nft_expr_priv(expr);
-       struct nft_set_iter iter;
+       struct nft_set_iter iter = {
+               .genmask        = nft_genmask_next(ctx->net),
+               .type           = NFT_ITER_UPDATE,
+               .fn             = nft_setelem_validate,
+       };
 
        if (!(priv->set->flags & NFT_SET_MAP) ||
            priv->set->dtype != NFT_DATA_VERDICT)
                return 0;
 
-       iter.genmask    = nft_genmask_next(ctx->net);
-       iter.type       = NFT_ITER_UPDATE;
-       iter.skip       = 0;
-       iter.count      = 0;
-       iter.err        = 0;
-       iter.fn         = nft_setelem_validate;
-
        priv->set->ops->walk(ctx, priv->set, &iter);
        if (!iter.err)
                iter.err = nft_set_catchall_validate(ctx, priv->set);