From: Kevin Cernekee > Sent: 21 January 2017 00:05 > Several of the xfrm netlink and setsockopt() interfaces are not usable > from a 32-bit binary running on a 64-bit kernel due to struct padding > differences. This has been the case for many, many years[0]. This > patch series deprecates the broken netlink messages and replaces them > with packed structs that are compatible between 64-bit and 32-bit > programs. Do you mean '__packed' or just structures with no holes? The latter is really the best. You can add a compile time assert on the structure sizes to ensure that the user API is never accidentally broken. I can't imagine any reason to change the 64bit structures except (maybe) to make any padding explicit. > It retains support for legacy user programs (i.e. anything > that is currently working today), and allows legacy support to be > compiled out via CONFIG_XFRM_USER_LEGACY if it becomes unnecessary in > the future. ... Isn't that effectively the same as doing a compat layer? Otherwise you can't build a 32bit app that will work with an 'old' 32bit kernel and a new 64bit one. Provided you've got the length of the user's buffer the compat code ought to be trivial (if tedious). David _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
