From: Nicolas Dichtel <nicolas.dichtel@6wind.com>
To: Florian Westphal <fw@strlen.de>,
Steffen Klassert <steffen.klassert@secunet.com>
Cc: netdev@vger.kernel.org, Jamal Hadi Salim <jhs@mojatatu.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
David Miller <davem@davemloft.net>
Subject: Re: IPsec workshop at netdev01?
Date: Mon, 12 Jan 2015 18:19:38 +0100 [thread overview]
Message-ID: <54B4022A.9080103@6wind.com> (raw)
In-Reply-To: <20150107125554.GF11324@breakpoint.cc>
Le 07/01/2015 13:55, Florian Westphal a écrit :
> Steffen Klassert <steffen.klassert@secunet.com> wrote:
>> On Tue, Jan 06, 2015 at 06:00:26PM +0100, Florian Westphal wrote:
>>> Steffen Klassert <steffen.klassert@secunet.com> wrote:
>>>> - We still lack a 32/64 bit compatibiltiy layer for IPsec, this issue
>>>> comes up from time to time. Some solutions were proposed in the past
>>>> but all had problems. The current behaviour is broken if someone tries
>>>> to configure IPsec with 32 bit tools on a 64 bit machine. Can we get
>>>> this right somehow or is it better to just return an error in this case?
>>>
>>> FWIW I think
>>> http://patchwork.ozlabs.org/patch/49465/
>>>
>>> came closest to achieving full CONFIG_COMPAT support; since netlink is
>>> no longer async now I'm not sure we'd still need additonal 32-compat syscalls
>>> to make compat work for all cases.
>>>
>>> So "its ugly as hell" is probably the only problem that is hard to avoid ;-)
>>
>> Yeah, and it will be no fun to maintain it...
>
> Not sure, you'd have to make sure that no new attributes introduce need
> to add another compat hack.
>
> The best argument against supporting it is that this problem
> has existed for so long that there arguably isn't much demand
> (else, such patch would have been merged years ago).
In fact, there is regularly some proposals to fix this, but I think that
nobody has taken the time to make a patch that satisfies everybody.
There is certainly a number of "private" patch for this problem, hence it
can be good to have a consensus on this topic.
Regards,
Nicolas
next prev parent reply other threads:[~2015-01-12 17:19 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-01-06 10:19 IPsec workshop at netdev01? Steffen Klassert
2015-01-06 11:15 ` Jamal Hadi Salim
2015-01-06 17:00 ` Florian Westphal
2015-01-07 10:31 ` Steffen Klassert
2015-01-07 12:55 ` Florian Westphal
2015-01-12 17:19 ` Nicolas Dichtel [this message]
2015-01-09 5:30 ` Fan Du
2015-01-26 9:11 ` Steffen Klassert
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=54B4022A.9080103@6wind.com \
--to=nicolas.dichtel@6wind.com \
--cc=davem@davemloft.net \
--cc=fw@strlen.de \
--cc=herbert@gondor.apana.org.au \
--cc=jhs@mojatatu.com \
--cc=netdev@vger.kernel.org \
--cc=steffen.klassert@secunet.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.