Add FreeBSD PF Firewall to libbsd

Christian Mauderer christian.mauderer at embedded-brains.de
Wed Aug 3 07:00:19 UTC 2016


Am 03.08.2016 um 08:46 schrieb Chris Johns:
> On 03/08/2016 16:15, Christian Mauderer wrote:
>> Basically it boils down to the following: Currently I use an
>> __attribute__ on every variable that has to be initialized. That makes
>> updates a little more difficult because we would have to look out for
>> changed variables. In addition it is difficult for function static
>> variables.
> 
> Ok, this makes sense.
> 
>> A solution that would be simpler to maintain would be to manipulate the
>> object file. I would use objcopy to rename all sections with initialized
>> variables to put them into the linker set. This would be a little less
>> obvious if you read only the c code but it would solve both problems
>> mentioned above.
> 
> Having transparent source is more important.

If you mean by "transparent" that it is less changed from FreeBSD then I
agree.

If you mean it should be more obvious where the section comes from
(simpler to read - more transparent to the reader) I would not. The
method with adding an attribute to every variable involves a lot of
manual work and therefore is more likely to introduce bugs.

> 
>> But it makes it necessary that the build system adds
>> the object file manipulation step before it links the application. That
>> is the point where I'm currently stuck.
> 
> Should I wait for this to happen before adding any new control logic to
> the build system?

I think that my main problem is to understand enough of waf so I can add
the object file manipulation. As soon as I managed that I should be able
to adapt it to a new control logic too without too much effort. So feel
free to make the changes whenever you can fit them into your schedule.

-- 
--------------------------------------------
embedded brains GmbH
Christian Mauderer
Dornierstr. 4
D-82178 Puchheim
Germany
email: christian.mauderer at embedded-brains.de
Phone: +49-89-18 94 741 - 18
Fax:   +49-89-18 94 741 - 08
PGP: Public key available on request.

Diese Nachricht ist keine geschäftliche Mitteilung im Sinne des EHUG.


More information about the devel mailing list