Gustavo A. R. Silva <[email protected]> wrote: > diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c > index b39017c80548..9dd5957d9ed4 100644 > --- a/net/netfilter/x_tables.c > +++ b/net/netfilter/x_tables.c > @@ -819,13 +819,15 @@ EXPORT_SYMBOL_GPL(xt_compat_match_to_user); > > /* non-compat version may have padding after verdict */ > struct compat_xt_standard_target { > - struct compat_xt_entry_target t; > - compat_uint_t verdict; > + TRAILING_OVERLAP(struct compat_xt_entry_target, t, data, > + compat_uint_t verdict; > + ); > }; > > struct compat_xt_error_target { > - struct compat_xt_entry_target t; > - char errorname[XT_FUNCTION_MAXNAMELEN]; > + TRAILING_OVERLAP(struct compat_xt_entry_target, t, data, > + char errorname[XT_FUNCTION_MAXNAMELEN]; > + ); > }; > > You tell me what you prefer.
I have no strong opinion. This compat code is needed to run 32bit iptables binaries on a 64 bit host, not many users these days I think. I still hope we can remove this eventually. But as the above diff is smaller I would prefer it.
