Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp1646887imm; Sun, 23 Sep 2018 08:32:03 -0700 (PDT) X-Google-Smtp-Source: ACcGV62VYBVbfrhz+XHCyBbDdFu/gciyFbv/l5dwQ8jHeXUSlnSn/5jC4y9kMR9x8jfyq3r+R6bT X-Received: by 2002:a17:902:4324:: with SMTP id i33-v6mr6895264pld.43.1537716723217; Sun, 23 Sep 2018 08:32:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1537716723; cv=none; d=google.com; s=arc-20160816; b=Kdl+7rA8DbBJAHPouFouO0L6vNrortw6nQTAnRmgvstBs53ibnNBbpdag6xfE6mo2k +QsFUMcfUP99BDKb+IB0pqkoT2nVN3bJjtbQpYT++1Jpgz93ZCeel4uiUvibMhWRFJXI BUXHK2yvMv3iHs3feOyUp9u3Skumam5SkIqWQFWG+o5UDEoSYduchJZhDYl7gDxJRpge KwxpwhfKzZBtFmeYXzU1z2FEs6CtUWljMi2bfGZ/WzlcVeZeGIcPGzbe+ZLX92829tgI FF5q625p+od62HluhKwx2pq2rh/pvC/6E56VVTc6QiMOUYuqAesWFELoNQ0TrlrAM+yC cmGA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=drY0lrlt2nW9zRWED7ynXdM4iWAIMoLYUEXJokh3iiA=; b=Li+XVmHuVrw2AtBKiCJr1pkVcb7NBCHmj1AYQvDV98jGh6tLXq41grhl7fezHTyng7 RdUiIxz1UU/TomLD2OeRFAYNYeunjTN2AlSWayv8dV/TazPwOAl8MMAYR3QOdGlsBC1V YDNZ4lVQmQtj5IT62xSdhy951zEewRkJzb1GprS1vZ9Hh8Pd7cTeDnMSzOHOSCDImtpd D/BndDZEQoE1/G6aC1iongB97wMLVeihWq5aLWi+F1n0+lBfvC2CWUAxg74jsW+o2+w/ eaUb9Qk3BH8nLDpANYKOdAesz+W0YBnbDFp/6rkcsfYTc10zpT8GJTlyaVAlWlzkNpX6 yABQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@googlemail.com header.s=20161025 header.b=RwFLh3eP; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=googlemail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 127-v6si13567272pgj.25.2018.09.23.08.31.34; Sun, 23 Sep 2018 08:32:03 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@googlemail.com header.s=20161025 header.b=RwFLh3eP; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=googlemail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726312AbeIWV3T (ORCPT + 99 others); Sun, 23 Sep 2018 17:29:19 -0400 Received: from mail-ua1-f49.google.com ([209.85.222.49]:37795 "EHLO mail-ua1-f49.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726094AbeIWV3T (ORCPT ); Sun, 23 Sep 2018 17:29:19 -0400 Received: by mail-ua1-f49.google.com with SMTP id q23-v6so1106677uap.4; Sun, 23 Sep 2018 08:31:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=drY0lrlt2nW9zRWED7ynXdM4iWAIMoLYUEXJokh3iiA=; b=RwFLh3ePPBlWKhu6PCLKvFZbVHbEiKIFFJulbCwmVUkFFNAicsu2T3zxBLEBQWlxEi n1iccATWxWmsOxF4uAFlgsoeWfaUCj4874ziwc0fjJMlfq7y+texclyHi+38m4VXAF8i 8d+IINOh9jPDxEb5sefg9rTZNwUXKfDtmpKUcR+c1zoN9n4YlhjQqZHnmBBBTvEaqgnm Wu4ugU4fjjih7w2FByy3gdTmppAoa9eIIChktNdw5Fne3iS3IQLF/9Eo8bwmSoEXmide +UxKAME6YPlvboeW4FxDhXJlfKor+cMW0vAjQSUZ3ph9/scehUTtm7g5Fqys9szL43+9 ur1A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=drY0lrlt2nW9zRWED7ynXdM4iWAIMoLYUEXJokh3iiA=; b=HgnVWNm4l2rYifXnGUUKJQIaV+HO2XXKBJWdtGDlGyt4d2WWmYMQjZ5zs/VPDR/Oet 3Fc6bv7InG7lxAdcyqNjcNDMtWZeYaSnTrKzoxNr/ShppM3C7dFYdUDe/7itpWfNpD3e I+8IROUjcYBkqPFSQph0mnJNjaihGmbOmO32t1kQWxWfzu5iJ5awGXetMM1CLJTHJK9u SxvaM1lh3sevPqsuNy6WdxxZudPMKU+7u0W/MxgANkT6EKs/0FoRN3eF4jd7KYvYkRlA 20qeIsgtxrFsf1I0jc0AzsjrIyVFJzeB7UybSjlpHA7CyORgde4I+GMuAtfGIfLq/L/j cOvw== X-Gm-Message-State: ABuFfohcVnKY9eC9OD2fcFoTNziBS8r4b3cKwEn0cYYafAbm9oT2wHy+ osW9Cv3Mg2VEMePL0foaO32ixjHGHwEbnjhmcRmfrGDhB12qDg== X-Received: by 2002:a9f:2c87:: with SMTP id w7-v6mr1601710uaj.21.1537716687989; Sun, 23 Sep 2018 08:31:27 -0700 (PDT) MIME-Version: 1.0 References: <20180923091611.19815-1-cgzones@googlemail.com> <20180923135555.7kwa3kyachwcfy24@breakpoint.cc> In-Reply-To: <20180923135555.7kwa3kyachwcfy24@breakpoint.cc> From: =?UTF-8?Q?Christian_G=C3=B6ttsche?= Date: Sun, 23 Sep 2018 17:31:16 +0200 Message-ID: Subject: Re: [PATCH v2 1/2] netfilter: nf_tables: add SECMARK support To: fw@strlen.de Cc: pablo@netfilter.org, kadlec@blackhole.kfki.hu, davem@davemloft.net, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Paul Moore , Stephen Smalley , Eric Paris , jmorris@namei.org, serge@hallyn.com, selinux , linux-security-module@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > > +struct nft_secmark { > > + char ctx[NFT_SECMARK_CTX_MAXLEN]; > > + int len; > > + u32 secid; > > +}; > > Can you change this to: > > struct nft_secmark { > u32 secid; > char *ctx; > }; Does the nla_policy struct needs an update too? (regarding then .len member) +static const struct nla_policy nft_secmark_policy[NFTA_SECMARK_MAX + 1] = { + [NFTA_SECMARK_CTX] = { .type = NLA_STRING, .len = NFT_SECMARK_CTX_MAXLEN }, +} NFT_SECMARK_CTX_MAXLEN might be dropped then..