MIRRORS/linux-imx
1
0
Fork 0
mirror of https://github.com/nxp-imx/linux-imx.git synced 2025-07-12 20:35:23 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

netfilter: nf_tables: rise cap on SELinux secmark context

Browse Source 
[ Upstream commit e29630247b ]

secmark context is artificially limited 256 bytes, rise it to 4Kbytes.

Fixes: fb96194545 ("netfilter: nf_tables: add SECMARK support")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
This commit is contained in:
Pablo Neira Ayuso 2024-06-03 20:16:59 +02:00 committed by Greg Kroah-Hartman
parent fed3317b2d
commit 802de75709
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
include/uapi/linux/netfilter/nf_tables.h
View File

@ -1372,7 +1372,7 @@ enum nft_secmark_attributes {
#define NFTA_SECMARK_MAX (__NFTA_SECMARK_MAX - 1) #define NFTA_SECMARK_MAX (__NFTA_SECMARK_MAX - 1)
/* Max security context length */ /* Max security context length */
#define NFT_SECMARK_CTX_MAXLEN 256 #define NFT_SECMARK_CTX_MAXLEN 4096
/** /**
* enum nft_reject_types - nf_tables reject expression reject types * enum nft_reject_types - nf_tables reject expression reject types