From f368b1e13efd18fdbf8d11ab59dd01a065202678 Mon Sep 17 00:00:00 2001
From: Ksawlii <ksawery.blaszczak@proton.me>
Date: Sun, 24 Nov 2024 00:23:56 +0100
Subject: [PATCH] Revert "netfilter: nf_tables: rise cap on SELinux secmark
 context"

This reverts commit 1673b96b70a82f663484bb9553d76583cf7d57ef.
---
 include/uapi/linux/netfilter/nf_tables.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/uapi/linux/netfilter/nf_tables.h b/include/uapi/linux/netfilter/nf_tables.h
index 40d900537..f93ffb1b6 100755
--- a/include/uapi/linux/netfilter/nf_tables.h
+++ b/include/uapi/linux/netfilter/nf_tables.h
@@ -1284,7 +1284,7 @@ enum nft_secmark_attributes {
 #define NFTA_SECMARK_MAX	(__NFTA_SECMARK_MAX - 1)
 
 /* Max security context length */
-#define NFT_SECMARK_CTX_MAXLEN		4096
+#define NFT_SECMARK_CTX_MAXLEN		256
 
 /**
  * enum nft_reject_types - nf_tables reject expression reject types