From owner-freebsd-net@freebsd.org  Thu Feb 28 01:39:56 2019
Return-Path: <owner-freebsd-net@freebsd.org>
Delivered-To: freebsd-net@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 37624150E306
 for <freebsd-net@mailman.ysv.freebsd.org>;
 Thu, 28 Feb 2019 01:39:56 +0000 (UTC) (envelope-from bz@FreeBSD.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "smtp.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id CE2D06DAC7;
 Thu, 28 Feb 2019 01:39:55 +0000 (UTC) (envelope-from bz@FreeBSD.org)
Received: from mx1.sbone.de (cross.sbone.de [195.201.62.131])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mx1.sbone.de", Issuer "SBone.DE" (not verified))
 (Authenticated sender: bz/mail)
 by smtp.freebsd.org (Postfix) with ESMTPSA id 896F6B16F;
 Thu, 28 Feb 2019 01:39:55 +0000 (UTC) (envelope-from bz@FreeBSD.org)
Received: from mail.sbone.de (mail.sbone.de [IPv6:fde9:577b:c1a9:31::2013:587])
 (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.sbone.de (Postfix) with ESMTPS id 401C08D4A16E;
 Thu, 28 Feb 2019 01:39:54 +0000 (UTC)
Received: from content-filter.sbone.de (content-filter.sbone.de
 [IPv6:fde9:577b:c1a9:31::2013:2742])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mail.sbone.de (Postfix) with ESMTPS id 2AEF4D248E2;
 Thu, 28 Feb 2019 01:39:53 +0000 (UTC)
X-Virus-Scanned: amavisd-new at sbone.de
Received: from mail.sbone.de ([IPv6:fde9:577b:c1a9:31::2013:587])
 by content-filter.sbone.de (content-filter.sbone.de
 [fde9:577b:c1a9:31::2013:2742]) (amavisd-new, port 10024)
 with ESMTP id dSlKoyQcfCHp; Thu, 28 Feb 2019 01:39:51 +0000 (UTC)
Received: from [192.168.2.110] (unknown
 [IPv6:fde9:577b:c1a9:31:2ef0:eeff:fe03:ee34])
 (using TLSv1 with cipher AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mail.sbone.de (Postfix) with ESMTPSA id 729ABD2334D;
 Thu, 28 Feb 2019 01:39:51 +0000 (UTC)
From: "Bjoern A. Zeeb" <bz@FreeBSD.org>
To: "Rick Macklem" <rmacklem@uoguelph.ca>
Cc: "FreeBSD Net" <freebsd-net@freebsd.org>, rgrimes@freebsd.org
Subject: Re: use of #ifdef INET and #ifdef INET6 in the kernel sources
Date: Thu, 28 Feb 2019 01:39:51 +0000
X-Mailer: MailMate (2.0BETAr6135)
Message-ID: <8EDE90B3-0C33-47B5-88D8-964B131AEE2E@FreeBSD.org>
In-Reply-To: <QB1PR01MB353721C2A0CA0E38C7A8571EDD750@QB1PR01MB3537.CANPRD01.PROD.OUTLOOK.COM>
References: <QB1PR01MB353721C2A0CA0E38C7A8571EDD750@QB1PR01MB3537.CANPRD01.PROD.OUTLOOK.COM>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: CE2D06DAC7
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-2.96 / 15.00];
 local_wl_from(0.00)[FreeBSD.org];
 NEURAL_HAM_MEDIUM(-1.00)[-0.999,0];
 NEURAL_HAM_SHORT(-0.96)[-0.963,0];
 ASN(0.00)[asn:11403, ipnet:96.47.64.0/20, country:US];
 NEURAL_HAM_LONG(-1.00)[-1.000,0]
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Feb 2019 01:39:56 -0000

On 28 Feb 2019, at 1:11, Rick Macklem wrote:

> I thought (can't remember when/how I was told) that it was no longer
> recommended to add
> #ifdef INET
> or
> #ifdef INET6
> to the kernel sources.

Not sure who said this.

> I'll admit I think #ifdef'ng code when it isn't necessary to get it to 
> build makes the
> code less readable and, as such, I prefer not to do this.

We all agree on this.


> So, is this still recommended for blocks of code that only execute for 
> the version
> of IP, but will build for kernels that do not have the particular 
> "options INET{6}"
> in the kernel config?

Yes.


> If it is still recommended, I will do it, but I'll admit I don't 
> understand why it should
> be done? (All it does is reduce the size of the executable by a small 
> amount and
> that doesn't seem significant to me.)

That small amount is still relevant on some devices where people go to 
great lengths to fit our constantly growing base into a tiny small 
thingy.

And it allows you to lose code from your kernel that you don’t 
need/want, such as if you’d want to rip out all INET sources from a 
tree.

I know both of these groups still do exist.

Also every code not compiled in is not an attack surface, where you 
think it’s executed or not.

/bz