| Message ID | 1413227563-5383-1-git-send-email-matthew.weber@rockwellcollins.com |
|---|---|
| State | Rejected |
| Headers | show |
Dear Matt Weber, On Mon, 13 Oct 2014 14:12:43 -0500, Matt Weber wrote: > > Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com> > --- > ...ix-userspace-compilation-of-ip_tables_c_h.patch | 43 ++++++++++++++++++++ > 1 file changed, 43 insertions(+) > create mode 100644 package/iptables/iptables-03-fix-userspace-compilation-of-ip_tables_c_h.patch This patch apparently dates back from 2012. Why has it never been merged upstream? Also, I don't really understand the interaction between the kernel headers, and this include/linux/ header in iptables. Has the problem been reported upstream to iptables? Gustavo, an opinion? Thomas
On 10/29/2014 06:34 PM, Thomas Petazzoni wrote: > Dear Matt Weber, > > On Mon, 13 Oct 2014 14:12:43 -0500, Matt Weber wrote: >> >> Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com> >> --- >> ...ix-userspace-compilation-of-ip_tables_c_h.patch | 43 ++++++++++++++++++++ >> 1 file changed, 43 insertions(+) >> create mode 100644 package/iptables/iptables-03-fix-userspace-compilation-of-ip_tables_c_h.patch > > This patch apparently dates back from 2012. Why has it never been > merged upstream? Also, I don't really understand the interaction > between the kernel headers, and this include/linux/ header in iptables. > > Has the problem been reported upstream to iptables? > > Gustavo, an opinion? It was posted to lkml & linux-netdev at first, Davem told to post to netfilter-devel. That was done: http://marc.info/?t=134904906300003&r=1&w=1 The logic seems right, C++ is more strict and triggers the issue. It's an issue when dealing with netfilter rules from custom C++ code. But it seems to have been rejected without much explanation: http://patchwork.ozlabs.org/patch/188216/ Regards.
All, On Wed, Oct 29, 2014 at 5:24 PM, Gustavo Zacarias <gustavo@zacarias.com.ar> wrote: > > On 10/29/2014 06:34 PM, Thomas Petazzoni wrote: > > > Dear Matt Weber, > > > > On Mon, 13 Oct 2014 14:12:43 -0500, Matt Weber wrote: > >> > >> Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com> > >> --- > >> ...ix-userspace-compilation-of-ip_tables_c_h.patch | 43 ++++++++++++++++++++ > >> 1 file changed, 43 insertions(+) > >> create mode 100644 package/iptables/iptables-03-fix-userspace-compilation-of-ip_tables_c_h.patch > > > > This patch apparently dates back from 2012. Why has it never been > > merged upstream? Also, I don't really understand the interaction > > between the kernel headers, and this include/linux/ header in iptables. > > > > Has the problem been reported upstream to iptables? > > > > Gustavo, an opinion? > > It was posted to lkml & linux-netdev at first, Davem told to post to > netfilter-devel. That was done: > > http://marc.info/?t=134904906300003&r=1&w=1 > > The logic seems right, C++ is more strict and triggers the issue. > It's an issue when dealing with netfilter rules from custom C++ code. > > But it seems to have been rejected without much explanation: > http://patchwork.ozlabs.org/patch/188216/ > Should I repost it to netfilter-devel and update my patch to reference the above information plus the new submission thread?
All, On Wed, Oct 29, 2014 at 7:48 PM, Matthew Weber <matthew.weber@rockwellcollins.com> wrote: > All, > > On Wed, Oct 29, 2014 at 5:24 PM, Gustavo Zacarias > <gustavo@zacarias.com.ar> wrote: >> >> On 10/29/2014 06:34 PM, Thomas Petazzoni wrote: >> >> > Dear Matt Weber, >> > >> > On Mon, 13 Oct 2014 14:12:43 -0500, Matt Weber wrote: >> >> >> >> Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com> >> >> --- >> >> ...ix-userspace-compilation-of-ip_tables_c_h.patch | 43 ++++++++++++++++++++ >> >> 1 file changed, 43 insertions(+) >> >> create mode 100644 package/iptables/iptables-03-fix-userspace-compilation-of-ip_tables_c_h.patch >> > >> > This patch apparently dates back from 2012. Why has it never been >> > merged upstream? Also, I don't really understand the interaction >> > between the kernel headers, and this include/linux/ header in iptables. >> > >> > Has the problem been reported upstream to iptables? >> > >> > Gustavo, an opinion? >> >> It was posted to lkml & linux-netdev at first, Davem told to post to >> netfilter-devel. That was done: >> >> http://marc.info/?t=134904906300003&r=1&w=1 >> >> The logic seems right, C++ is more strict and triggers the issue. >> It's an issue when dealing with netfilter rules from custom C++ code. >> >> But it seems to have been rejected without much explanation: >> http://patchwork.ozlabs.org/patch/188216/ >> > > Should I repost it to netfilter-devel and update my patch to reference > the above information plus the new submission thread? I reposted on netfilter-devel and got clarification that the patch should probably have been a kernel patch, but the binary interface to iptables in the kernel has actually been replaced so this issue is deprecated. I'll carry the patch in my build locally until we update our use of the API. http://www.spinics.net/lists/netfilter-devel/msg33996.html
Matthew, All, On 2014-11-18 07:48 -0600, Matthew Weber spake thusly: [--SNIP--] > I reposted on netfilter-devel and got clarification that the patch > should probably have been a kernel patch, but the binary interface to > iptables in the kernel has actually been replaced so this issue is > deprecated. I'll carry the patch in my build locally until we update > our use of the API. Well, the patch seems sensible. So maybe we could carry it in Buildroot? > http://www.spinics.net/lists/netfilter-devel/msg33996.html Still, there is a valid point in this reply: do we know of a FLOSS C++ package that uses the iptables binary interface? If so, that would be interesting to see how they handle that situation. And it would be a nice shoe to stick in the door so that patch can enter the kernel. Regards, Yann E. MORIN.
diff --git a/package/iptables/iptables-03-fix-userspace-compilation-of-ip_tables_c_h.patch b/package/iptables/iptables-03-fix-userspace-compilation-of-ip_tables_c_h.patch new file mode 100644 index 0000000..5b769b1 --- /dev/null +++ b/package/iptables/iptables-03-fix-userspace-compilation-of-ip_tables_c_h.patch @@ -0,0 +1,43 @@ +From: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> +Date: Sun, 30 Sep 2012 22:49:11 -0600 +Subject: [PATCH] Fix userspace compilation of ip_tables.h/ip6_tables.h in + C++ mode + +The implicit cast from void * is not allowed for C++ compilers, and the +arithmetic on void * generates warnings in C++ mode. + +$ g++ -c t.cc +ip_tables.h:221:24: warning: pointer of type 'void *' used in arithmetic +ip_tables.h:221:24: error: invalid conversion from 'void*' to 'xt_entry_target*' + +Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> +--- + include/linux/netfilter_ipv4/ip_tables.h | 2 +- + include/linux/netfilter_ipv6/ip6_tables.h | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) +diff --git a/include/linux/netfilter_ipv4/ip_tables.h b/include/linux/netfilter_ipv4/ip_tables.h +index db79231..050ad8a 100644 +--- a/include/linux/netfilter_ipv4/ip_tables.h ++++ b/include/linux/netfilter_ipv4/ip_tables.h +@@ -226,7 +226,7 @@ struct ipt_get_entries { + static __inline__ struct xt_entry_target * + ipt_get_target(struct ipt_entry *e) + { +- return (void *)e + e->target_offset; ++ return (struct xt_entry_target *)((__u8 *)e + e->target_offset); + } + + /* +diff --git a/include/linux/netfilter_ipv6/ip6_tables.h b/include/linux/netfilter_ipv6/ip6_tables.h +index 08c2cbb..3349bf1 100644 +--- a/include/linux/netfilter_ipv6/ip6_tables.h ++++ b/include/linux/netfilter_ipv6/ip6_tables.h +@@ -263,7 +263,7 @@ struct ip6t_get_entries { + static __inline__ struct xt_entry_target * + ip6t_get_target(struct ip6t_entry *e) + { +- return (void *)e + e->target_offset; ++ return (struct xt_entry_target *)((__u8 *)e + e->target_offset); + } + + /*
Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com> --- ...ix-userspace-compilation-of-ip_tables_c_h.patch | 43 ++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 package/iptables/iptables-03-fix-userspace-compilation-of-ip_tables_c_h.patch