Christian Göttsche <cgzones@xxxxxxxxxxxxxx> wrote:
> > Can you change this to:
> >
> > struct nft_secmark {
> > u32 secid;
> > char *ctx;
> > };
>
> Does the nla_policy struct needs an update too? (regarding then .len member)
>
> +static const struct nla_policy nft_secmark_policy[NFTA_SECMARK_MAX + 1] = {
> + [NFTA_SECMARK_CTX] = { .type = NLA_STRING, .len =
> NFT_SECMARK_CTX_MAXLEN },
> +}
>
> NFT_SECMARK_CTX_MAXLEN might be dropped then..
Better keep it, we can always increase this later it if needed.
Given the length matches what xtables uses it should be fine.
