Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1759859AbbKUREg (ORCPT <rfc822;w@1wt.eu>);
	Sat, 21 Nov 2015 12:04:36 -0500
Received: from mail-yk0-f170.google.com ([209.85.160.170]:34030 "EHLO
	mail-yk0-f170.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1751769AbbKUREd (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Sat, 21 Nov 2015 12:04:33 -0500
Date: Sat, 21 Nov 2015 12:04:25 -0500
From: Tejun Heo <tj@kernel.org>
To: Florian Westphal <fw@strlen.de>
Cc: davem@davemloft.net, pablo@netfilter.org, kaber@trash.net,
        kadlec@blackhole.kfki.hu, daniel@iogearbox.net,
        daniel.wagner@bmw-carit.de, nhorman@tuxdriver.co, lizefan@huawei.com,
        hannes@cmpxchg.org, netdev@vger.kernel.org,
        netfilter-devel@vger.kernel.org, coreteam@netfilter.org,
        cgroups@vger.kernel.org, linux-kernel@vger.kernel.org,
        kernel-team@fb.com, ninasc@fb.com, Neil Horman <nhorman@tuxdriver.com>,
        Jan Engelhardt <jengelh@inai.de>
Subject: Re: [PATCH 9/9] netfilter: implement xt_cgroup cgroup2 path match
Message-ID: <20151121170425.GD3428@htj.duckdns.org>
References: <1448122441-9335-1-git-send-email-tj@kernel.org>
 <1448122441-9335-10-git-send-email-tj@kernel.org>
 <20151121165605.GC25336@breakpoint.cc>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20151121165605.GC25336@breakpoint.cc>
User-Agent: Mutt/1.5.23 (2015-06-09)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1164
Lines: 34

Hello,

On Sat, Nov 21, 2015 at 05:56:06PM +0100, Florian Westphal wrote:
> > +struct xt_cgroup_info_v1 {
> > +	__u8		has_path;
> > +	__u8		has_classid;
> > +	__u8		invert_path;
> > +	__u8		invert_classid;
> > +	char		path[PATH_MAX];
> > +	__u32		classid;
> > +
> > +	/* kernel internal data */
> > +	void		*priv __attribute__((aligned(8)));
> > +};
> 
> Ahem.  Am I reading this right? This struct is > 4k in size?
> If so -- Ugh.  Does sizeof(path) really have to be PATH_MAX?

Hmmm... yeap but would this be an acutual problem?  We can try to make
it shorter but idk it ultimately is a path.  Another solution would be
trying to pass inode around but that is problematic with showing and
printing rules as the only way to reverse-map inode to path is walking
the tree and the cgroup may already be gone at that point.  While >4k
struct isn't pretty, this looks like the path of least resistance.

Thanks.

-- 
tejun
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/