Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 1 Mar 2019 02:57:11 +0000
From:      Rick Macklem <rmacklem@uoguelph.ca>
To:        "Bjoern A. Zeeb" <bz@FreeBSD.org>
Cc:        FreeBSD Net <freebsd-net@freebsd.org>, "rgrimes@freebsd.org" <rgrimes@freebsd.org>
Subject:   Re: use of #ifdef INET and #ifdef INET6 in the kernel sources
Message-ID:  <QB1PR01MB3537DB5BF5EE01C6006B3090DD760@QB1PR01MB3537.CANPRD01.PROD.OUTLOOK.COM>
In-Reply-To: <8EDE90B3-0C33-47B5-88D8-964B131AEE2E@FreeBSD.org>
References:  <QB1PR01MB353721C2A0CA0E38C7A8571EDD750@QB1PR01MB3537.CANPRD01.PROD.OUTLOOK.COM>, <8EDE90B3-0C33-47B5-88D8-964B131AEE2E@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
Bjoern A. Zeeb wrote:
[stuff snipped]
I wrote:
>> So, is this still recommended for blocks of code that only execute for
>> the version
>> of IP, but will build for kernels that do not have the particular
>> "options INET{6}"
>> in the kernel config?
>
>Yes.
Ok, I'll do it.

>> If it is still recommended, I will do it, but I'll admit I don't
>> understand why it should
>> be done? (All it does is reduce the size of the executable by a small
>> amount and
>> that doesn't seem significant to me.)
>
>That small amount is still relevant on some devices where people go to
>great lengths to fit our constantly growing base into a tiny small
>thingy.
I doubt NFS gets squeezed into such devices and, yes, it is a small amount.
Using source line counts via "wc" (ir includes comments, etc):
- This will reduce the # of lines by about 6 for a module of about 7700  li=
nes
   which is loaded when either the nfscl or nfsserver modules are loaded.
   (These are both about 25000 lines and require the krpc, which is another=
 10000.
     I haven't included the Kerberos stuff, because I can't remember if tha=
t gets loaded
     unless Kerberos mounts get used.)
--> A savings of 6 lines in something like 43000.

>And it allows you to lose code from your kernel that you don=92t
>need/want, such as if you=92d want to rip out all INET sources from a
>tree.
Ok, I can buy into this argument. I doubt I'll see IPv4 removed in my lifet=
ime, but
it does document where the code is.
(In Canada, network providers only give out IPv4 addresses to end users, fr=
om
 what I've seen.)

>I know both of these groups still do exist.
>
>Also every code not compiled in is not an attack surface, where you
>think it=92s executed or not.

rick

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?QB1PR01MB3537DB5BF5EE01C6006B3090DD760>