lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20151122203128.GA3029@salvia>
Date:	Sun, 22 Nov 2015 21:31:28 +0100
From:	Pablo Neira Ayuso <pablo@...filter.org>
To:	Tejun Heo <tj@...nel.org>
Cc:	davem@...emloft.net, kaber@...sh.net, kadlec@...ckhole.kfki.hu,
	daniel@...earbox.net, daniel.wagner@...-carit.de,
	nhorman@...driver.com, lizefan@...wei.com, hannes@...xchg.org,
	netdev@...r.kernel.org, netfilter-devel@...r.kernel.org,
	coreteam@...filter.org, cgroups@...r.kernel.org,
	linux-kernel@...r.kernel.org, kernel-team@...com, ninasc@...com
Subject: Re: [PATCH 1/2 iptables] libxt_cgroup: prepare for multi revisions

On Sat, Nov 21, 2015 at 11:18:46AM -0500, Tejun Heo wrote:
> libxt_cgroup will grow cgroup2 path based match.  Postfix existing
> symbols with _v0 and prepare for multi revision registration.  While
> at it, rename O_CGROUP to O_CLASSID and fwid to classid.
> 
> Signed-off-by: Tejun Heo <tj@...nel.org>
> Cc: Daniel Borkmann <dborkman@...hat.com>
> Cc: Jan Engelhardt <jengelh@...i.de>
> Cc: Pablo Neira Ayuso <pablo@...filter.org>
> ---
>  extensions/libxt_cgroup.c           |   51 +++++++++++++++++++-----------------
>  include/linux/netfilter/xt_cgroup.h |    2 -
>  2 files changed, 28 insertions(+), 25 deletions(-)
> 
> --- a/extensions/libxt_cgroup.c
> +++ b/extensions/libxt_cgroup.c
> @@ -3,30 +3,30 @@
>  #include <linux/netfilter/xt_cgroup.h>
>  
>  enum {
> -	O_CGROUP = 0,
> +	O_CLASSID = 0,
>  };
>  
> -static void cgroup_help(void)
> +static void cgroup_help_v0(void)
>  {
>  	printf(
>  "cgroup match options:\n"
> -"[!] --cgroup fwid  Match cgroup fwid\n");
> +"[!] --cgroup classid            Match cgroup classid\n");

We have to keep the old cgroup integer ID around for a while,
otherwise we'll break users with old kernels and new iptables
utilities.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ