Re: [PATCH] netfilter: provide udp*_lib_lookup for nf_tproxy

From: Paolo Abeni
Date: Tue Jun 05 2018 - 08:13:57 EST

Next message: Michal Hocko: "Re: [PATCH v13 0/7] cgroup-aware OOM killer"
Previous message: Dmitry Osipenko: "[PATCH v1] clk: tegra: emc: Avoid out-of-bounds bug"
In reply to: Arnd Bergmann: "[PATCH] netfilter: provide udp*_lib_lookup for nf_tproxy"
Next in thread: Eckl, MÃtÃ: "Re: [PATCH] netfilter: provide udp*_lib_lookup for nf_tproxy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 2018-06-05 at 13:40 +0200, Arnd Bergmann wrote:
> It is now possible to enable the libified nf_tproxy modules without
> also enabling NETFILTER_XT_TARGET_TPROXY, which throws off the
> ifdef logic in the udp core code:
>
> net/ipv6/netfilter/nf_tproxy_ipv6.o: In function `nf_tproxy_get_sock_v6':
> nf_tproxy_ipv6.c:(.text+0x1a8): undefined reference to `udp6_lib_lookup'
> net/ipv4/netfilter/nf_tproxy_ipv4.o: In function `nf_tproxy_get_sock_v4':
> nf_tproxy_ipv4.c:(.text+0x3d0): undefined reference to `udp4_lib_lookup'
>
> We can actually simplify the conditions now to provide the two functions
> exactly when they are needed.
>
> Fixes: 45ca4e0cf273 ("netfilter: Libify xt_TPROXY")
> Signed-off-by: Arnd Bergmann <arnd@xxxxxxxx>
> ---
> net/ipv4/udp.c | 4 +---
> net/ipv6/udp.c | 4 +---
> 2 files changed, 2 insertions(+), 6 deletions(-)
>
> diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c
> index 4f16e5d71875..3365362cac88 100644
> --- a/net/ipv4/udp.c
> +++ b/net/ipv4/udp.c
> @@ -544,9 +544,7 @@ EXPORT_SYMBOL_GPL(udp4_lib_lookup_skb);
> /* Must be called under rcu_read_lock().
> * Does increment socket refcount.
> */
> -#if IS_ENABLED(CONFIG_NETFILTER_XT_MATCH_SOCKET) || \
> - IS_ENABLED(CONFIG_NETFILTER_XT_TARGET_TPROXY) || \
> - IS_ENABLED(CONFIG_NF_SOCKET_IPV4)
> +#if IS_ENABLED(CONFIG_NF_TPROXY_IPV4) || IS_ENABLED(CONFIG_NF_SOCKET_IPV4)
> struct sock *udp4_lib_lookup(struct net *net, __be32 saddr, __be16 sport,
> __be32 daddr, __be16 dport, int dif)
> {
> diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c
> index 967acff95bbe..164afd31aebf 100644
> --- a/net/ipv6/udp.c
> +++ b/net/ipv6/udp.c
> @@ -285,9 +285,7 @@ EXPORT_SYMBOL_GPL(udp6_lib_lookup_skb);
> /* Must be called under rcu_read_lock().
> * Does increment socket refcount.
> */
> -#if IS_ENABLED(CONFIG_NETFILTER_XT_MATCH_SOCKET) || \
> - IS_ENABLED(CONFIG_NETFILTER_XT_TARGET_TPROXY) || \
> - IS_ENABLED(CONFIG_NF_SOCKET_IPV6)
> +#if IS_ENABLED(CONFIG_NF_TPROXY_IPV6) || IS_ENABLED(CONFIG_NF_SOCKET_IPV6)
> struct sock *udp6_lib_lookup(struct net *net, const struct in6_addr *saddr, __be16 sport,
> const struct in6_addr *daddr, __be16 dport, int dif)
> {

LGTM,

Acked-by: Paolo Abeni <pabeni@xxxxxxxxxx>

Thanks,

Paolo

Next message: Michal Hocko: "Re: [PATCH v13 0/7] cgroup-aware OOM killer"
Previous message: Dmitry Osipenko: "[PATCH v1] clk: tegra: emc: Avoid out-of-bounds bug"
In reply to: Arnd Bergmann: "[PATCH] netfilter: provide udp*_lib_lookup for nf_tproxy"
Next in thread: Eckl, MÃtÃ: "Re: [PATCH] netfilter: provide udp*_lib_lookup for nf_tproxy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]