Patchwork Increasing XT_EXTENSION_MAXNAMELEN to 32

login
register
mail settings
Submitter Amerigo Wang
Date Sept. 29, 2012, 3:53 p.m.
Message ID <1348934029.10238.15.camel@cr0>
Download mbox | patch
Permalink /patch/188034/
State Rejected
Headers show

Comments

Amerigo Wang - Sept. 29, 2012, 3:53 p.m.
Hi, netfilter experts,

A customer wants to increase XT_EXTENSION_MAXNAMELEN to at least 31 (1
for '\0'), so I just increase it to 32. Do you have any comments or
objections for the following patch?

The vmlinux size increases by 768 bytes with my allyesconfig:

% size vmlinux
   text	   data	    bss	    dec	    hex	filename
15158877	3942208	11812864	30913949	1d7b59d	vmlinux
% size vmlinux.AFTER 
   text	   data	    bss	    dec	    hex	filename
15158877	3942976	11812864	30914717	1d7b89d	vmlinux.AFTER


I know probably the user-space part needs to update too, here is just
the kernel part patch for you to review. And I only did compile test.

Thanks!

---


--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Jan Engelhardt - Sept. 29, 2012, 4:46 p.m.
On Saturday 2012-09-29 17:53, Cong Wang wrote:

>Hi, netfilter experts,
>
>A customer wants to increase XT_EXTENSION_MAXNAMELEN to at least 31 (1
>for '\0'), so I just increase it to 32. Do you have any comments or
>objections for the following patch?

This is a no-no. You are breaking the ABI.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Pablo Neira - Sept. 29, 2012, 6:47 p.m.
On Sat, Sep 29, 2012 at 06:46:22PM +0200, Jan Engelhardt wrote:
> On Saturday 2012-09-29 17:53, Cong Wang wrote:
> 
> >Hi, netfilter experts,
> >
> >A customer wants to increase XT_EXTENSION_MAXNAMELEN to at least 31 (1
> >for '\0'), so I just increase it to 32. Do you have any comments or
> >objections for the following patch?
> 
> This is a no-no. You are breaking the ABI.

Agreed. Sorry Cong, you cannot do that.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Amerigo Wang - Oct. 2, 2012, 4:21 a.m.
On Sat, 2012-09-29 at 20:47 +0200, Pablo Neira Ayuso wrote:
> On Sat, Sep 29, 2012 at 06:46:22PM +0200, Jan Engelhardt wrote:
> > On Saturday 2012-09-29 17:53, Cong Wang wrote:
> > 
> > >Hi, netfilter experts,
> > >
> > >A customer wants to increase XT_EXTENSION_MAXNAMELEN to at least 31 (1
> > >for '\0'), so I just increase it to 32. Do you have any comments or
> > >objections for the following patch?
> > 
> > This is a no-no. You are breaking the ABI.
> 
> Agreed. Sorry Cong, you cannot do that.

Ok, no problem.

I knew this could break user-space iptables, so there must be some other
applications relying on this ABI too, hmm... I will tell the customer
this is not possible to change.

Thanks!

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Patch

diff --git a/include/linux/netfilter/x_tables.h
b/include/linux/netfilter/x_tables.h
index 8d674a7..24b4dd4 100644
--- a/include/linux/netfilter/x_tables.h
+++ b/include/linux/netfilter/x_tables.h
@@ -4,7 +4,7 @@ 
 #include <linux/types.h>
 
 #define XT_FUNCTION_MAXNAMELEN 30
-#define XT_EXTENSION_MAXNAMELEN 29
+#define XT_EXTENSION_MAXNAMELEN 32
 #define XT_TABLE_MAXNAMELEN 32
 
 struct xt_entry_match {