Patchwork [nftables,v2] nftables: fix compilation when nf-netlink is a module

login
register
mail settings
Submitter Nicolas Dichtel
Date March 6, 2013, 1:42 p.m.
Message ID <1362577327-16634-1-git-send-email-nicolas.dichtel@6wind.com>
Download mbox | patch
Permalink /patch/225492/
State Accepted
Headers show

Comments

Nicolas Dichtel - March 6, 2013, 1:42 p.m.
nftables uses nfnl_[un]lock() and thus depends on CONFIG_NETFILTER_NETLINK.
It's not possible to have nftables built-in when CONFIG_NETFILTER_NETLINK is set
to m.

I also add a dependancy between NETFILTER_XTABLES and NFT_COMPAT instead of
automatically set NETFILTER_XTABLES when NFT_COMPAT is set. This is to avoid a
circular dependency:

net/netfilter/Kconfig:432:error: recursive dependency detected!
net/netfilter/Kconfig:432:	symbol NF_TABLES depends on NETFILTER_NETLINK
net/netfilter/Kconfig:4:	symbol NETFILTER_NETLINK is selected by NETFILTER_NETLINK_ACCT
net/netfilter/Kconfig:7:	symbol NETFILTER_NETLINK_ACCT is selected by NETFILTER_XT_MATCH_NFACCT
net/netfilter/Kconfig:1087:	symbol NETFILTER_XT_MATCH_NFACCT depends on NETFILTER_XTABLES
net/netfilter/Kconfig:425:	symbol NETFILTER_XTABLES is selected by NFT_COMPAT
net/netfilter/Kconfig:478:	symbol NFT_COMPAT depends on NF_TABLES

Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
---
v2: fix circular dependency

 net/netfilter/Kconfig | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)
Pablo Neira - March 14, 2013, 3:43 p.m.
On Wed, Mar 06, 2013 at 02:42:07PM +0100, Nicolas Dichtel wrote:
> nftables uses nfnl_[un]lock() and thus depends on
> CONFIG_NETFILTER_NETLINK.  It's not possible to have nftables
> built-in when CONFIG_NETFILTER_NETLINK is set to m.
> 
> I also add a dependancy between NETFILTER_XTABLES and NFT_COMPAT
> instead of automatically set NETFILTER_XTABLES when NFT_COMPAT is
> set. This is to avoid a circular dependency:
> 
> net/netfilter/Kconfig:432:error: recursive dependency detected!
> net/netfilter/Kconfig:432:	symbol NF_TABLES depends on NETFILTER_NETLINK
> net/netfilter/Kconfig:4:	symbol NETFILTER_NETLINK is selected by NETFILTER_NETLINK_ACCT
> net/netfilter/Kconfig:7:	symbol NETFILTER_NETLINK_ACCT is selected by NETFILTER_XT_MATCH_NFACCT
> net/netfilter/Kconfig:1087:	symbol NETFILTER_XT_MATCH_NFACCT depends on NETFILTER_XTABLES
> net/netfilter/Kconfig:425:	symbol NETFILTER_XTABLES is selected by NFT_COMPAT
> net/netfilter/Kconfig:478:	symbol NFT_COMPAT depends on NF_TABLES

Applied, thanks Nicolas.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Patch

diff --git a/net/netfilter/Kconfig b/net/netfilter/Kconfig
index 7d1c3c0..903275e 100644
--- a/net/netfilter/Kconfig
+++ b/net/netfilter/Kconfig
@@ -430,6 +430,7 @@  config NETFILTER_XTABLES
 	  ip6_tables or arp_tables.
 
 config NF_TABLES
+       depends on NETFILTER_NETLINK
        tristate "Netfilter nf_tables support"
 
 config NFT_PAYLOAD
@@ -476,7 +477,7 @@  config NFT_NAT
 
 config NFT_COMPAT
        depends on NF_TABLES
-       select NETFILTER_XTABLES
+       depends on NETFILTER_XTABLES
        tristate "Netfilter x_tables over nf_tables module"
        help
 	 This is required if you intend to use any of existing