On Friday 2020-10-09 17:16, Phil Sutter wrote: >> But such gritty detail is often stowed away in some nice accessor >> functions or macros. That's what's currently missing in spots >> apprently. >> >> struct ipt_entry *next = get_next_blah(replace); >> >> Then the get_next can do that arithmetic, we won't need >> ipt_replace::elements, and could do away with the flexible array >> member altogether, especially when it's not used with equal-sized >> elements, and ipt_entry is of variadic size. > >Since this is UAPI though, we can't get rid of the problematic fields, >no? The kernel proclaims a stable ABI. About the C API, I am not certain, but I presume there are no restriction -- old netfilter headers have been removed in the past (and userspace was to make a copy if it wanted to build the byte streams required by the ABI by way of a few "struct"s rather than pushing individual uint32_t fields into a buffer). A zero-size member does not impact the ABI at least.
