Re: [PATCH v2 1/2] netfilter: nf_tables: add SECMARK support

From: Florian Westphal
Date: Sun Sep 23 2018 - 11:41:42 EST

Next message: Tetsuo Handa: "Re: [PATCH v4 00/19] LSM: Module stacking for SARA and Landlock"
Previous message: Adam Ford: "[PATCH 2/3] ARM: DTS: AM3517-EVM: Add support for UI board and Audio"
In reply to: Christian GÃttsche: "Re: [PATCH v2 1/2] netfilter: nf_tables: add SECMARK support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Christian Göttsche <cgzones@xxxxxxxxxxxxxx> wrote:
> > Can you change this to:
> >
> > struct nft_secmark {
> > u32 secid;
> > char *ctx;
> > };
>
> Does the nla_policy struct needs an update too? (regarding then .len member)
>
> +static const struct nla_policy nft_secmark_policy[NFTA_SECMARK_MAX + 1] = {
> + [NFTA_SECMARK_CTX] = { .type = NLA_STRING, .len =
> NFT_SECMARK_CTX_MAXLEN },
> +}
>
> NFT_SECMARK_CTX_MAXLEN might be dropped then..

Better keep it, we can always increase this later it if needed.
Given the length matches what xtables uses it should be fine.

Next message: Tetsuo Handa: "Re: [PATCH v4 00/19] LSM: Module stacking for SARA and Landlock"
Previous message: Adam Ford: "[PATCH 2/3] ARM: DTS: AM3517-EVM: Add support for UI board and Audio"
In reply to: Christian GÃttsche: "Re: [PATCH v2 1/2] netfilter: nf_tables: add SECMARK support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]