On Wed, May 21, 2025 at 01:26:00PM +0200, Florian Westphal wrote: > Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > > > + if (nla_put_be32(nlskb, NFT_CT_ID, (__force __be32)id)) > > > + goto nla_put_failure; > > > + > > > + if (status && nla_put_be32(nlskb, NFT_CT_STATUS, htonl(status))) > > > + goto nla_put_failure; > > > > NFT_CT_* is enum nft_ct_keys which is not intended to be used as > > netlink attribute. > > > > NFT_CT_STATE is 0 which is usually reserved for _UNSPEC in netlink > > attribute definitions. > > > > My suggestion is that you define new attributes for this, it is > > boilerplate code to be added to uapi. > > In that case I would prefer not to use NESTED attribute for this, i.e.: > > * @NFTA_TRACE_CT_ID: connection tracking information (NLA_U32) > * @NFTA_TRACE_CT_STATUS: connection tracking information (NLA_U32) > * @NFTA_TRACE_CT_STATE: connection tracking information (NLA_U32) > > ... and so on. I see no potential for attribute re-use. > > The only argument for NESTED is that userspace can check for presence > of NFTA_TRACE_CT/NESTED instead of checking each ct trace attr in > sequence. > > Whats you preference? Flat representation (no nesting) is fine with me in this case. Thanks.
