On Wed, May 27, 2015 at 01:12:42PM +0200, Roman Kubiak wrote: > I think i forgot to mention one important thing the function: > security_sk_getsecid is not in the kernel yet, i posted a patch to > add it on the linux-security-module mailing list: > http://marc.info/?t=143254934900006&r=1&w=2 You shouldn't split the patches between several lists, they are interdependent and without that context it is normal that people don't understand your intentions. So please send the full patchset, Cc'ing the relevant lists so we can get feedback from both the netfilter and the linux-security communities. BTW, another minor nitpick below: > > diff --git a/net/netfilter/nfnetlink_queue_core.c b/net/netfilter/nfnetlink_queue_core.c > > index 0b98c74..ae4f520 100644 > > --- a/net/netfilter/nfnetlink_queue_core.c > > +++ b/net/netfilter/nfnetlink_queue_core.c > > @@ -278,6 +278,24 @@ nla_put_failure: > > return -1; > > } > > > > +static u32 nfqnl_get_sk_secctx(struct sock *sk, char **secdata) > > +{ > > + u32 secid = 0; > > + u32 seclen = 0; Merge these two variable declarations in one line. Thanks. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
