Message ID | 20190916000517.45028-1-kilobyte@angband.pl |
---|---|
State | Not Applicable |
Delegated to: | Pablo Neira |
Headers | show |
Series | netfilter: bridge: drop a broken include | expand |
On 2019-09-16, at 02:05:16 +0200, Adam Borowski wrote: > This caused a build failure if CONFIG_NF_CONNTRACK_BRIDGE is set but > CONFIG_NF_TABLES=n -- and appears to be unused anyway. > > Signed-off-by: Adam Borowski <kilobyte@angband.pl> > --- > net/bridge/netfilter/nf_conntrack_bridge.c | 1 - > 1 file changed, 1 deletion(-) > > diff --git a/net/bridge/netfilter/nf_conntrack_bridge.c > b/net/bridge/netfilter/nf_conntrack_bridge.c > index 4f5444d2a526..844ef5a53f87 100644 > --- a/net/bridge/netfilter/nf_conntrack_bridge.c > +++ b/net/bridge/netfilter/nf_conntrack_bridge.c > @@ -18,7 +18,6 @@ > > #include <linux/netfilter/nf_tables.h> > #include <net/netfilter/ipv6/nf_defrag_ipv6.h> > -#include <net/netfilter/nf_tables.h> > > #include "../br_private.h" > > -- > 2.23.0 This is the build-failure (reproduced with v5.3): In file included from net/bridge/netfilter/nf_conntrack_bridge.c:21: ./include/net/netfilter/nf_tables.h: In function ‘nft_gencursor_next’: ./include/net/netfilter/nf_tables.h:1223:14: error: ‘const struct net’ has no member named ‘nft’; did you mean ‘nf’? 1223 | return net->nft.gencursor + 1 == 1 ? 1 : 0; | ^~~ | nf In file included from ./include/linux/export.h:45, from ./include/linux/linkage.h:7, from ./include/linux/kernel.h:8, from ./include/linux/skbuff.h:13, from ./include/linux/ip.h:16, from net/bridge/netfilter/nf_conntrack_bridge.c:3: ./include/net/netfilter/nf_tables.h: In function ‘nft_genmask_cur’: ./include/net/netfilter/nf_tables.h:1234:29: error: ‘const struct net’ has no member named ‘nft’; did you mean ‘nf’? 1234 | return 1 << READ_ONCE(net->nft.gencursor); | ^~~ ./include/linux/compiler.h:261:17: note: in definition of macro ‘__READ_ONCE’ 261 | union { typeof(x) __val; char __c[1]; } __u; \ | ^ ./include/net/netfilter/nf_tables.h:1234:14: note: in expansion of macro ‘READ_ONCE’ 1234 | return 1 << READ_ONCE(net->nft.gencursor); | ^~~~~~~~~ ./include/net/netfilter/nf_tables.h:1234:29: error: ‘const struct net’ has no member named ‘nft’; did you mean ‘nf’? 1234 | return 1 << READ_ONCE(net->nft.gencursor); | ^~~ ./include/linux/compiler.h:263:22: note: in definition of macro ‘__READ_ONCE’ 263 | __read_once_size(&(x), __u.__c, sizeof(x)); \ | ^ ./include/net/netfilter/nf_tables.h:1234:14: note: in expansion of macro ‘READ_ONCE’ 1234 | return 1 << READ_ONCE(net->nft.gencursor); | ^~~~~~~~~ ./include/net/netfilter/nf_tables.h:1234:29: error: ‘const struct net’ has no member named ‘nft’; did you mean ‘nf’? 1234 | return 1 << READ_ONCE(net->nft.gencursor); | ^~~ ./include/linux/compiler.h:263:42: note: in definition of macro ‘__READ_ONCE’ 263 | __read_once_size(&(x), __u.__c, sizeof(x)); \ | ^ ./include/net/netfilter/nf_tables.h:1234:14: note: in expansion of macro ‘READ_ONCE’ 1234 | return 1 << READ_ONCE(net->nft.gencursor); | ^~~~~~~~~ ./include/net/netfilter/nf_tables.h:1234:29: error: ‘const struct net’ has no member named ‘nft’; did you mean ‘nf’? 1234 | return 1 << READ_ONCE(net->nft.gencursor); | ^~~ ./include/linux/compiler.h:265:30: note: in definition of macro ‘__READ_ONCE’ 265 | __read_once_size_nocheck(&(x), __u.__c, sizeof(x)); \ | ^ ./include/net/netfilter/nf_tables.h:1234:14: note: in expansion of macro ‘READ_ONCE’ 1234 | return 1 << READ_ONCE(net->nft.gencursor); | ^~~~~~~~~ ./include/net/netfilter/nf_tables.h:1234:29: error: ‘const struct net’ has no member named ‘nft’; did you mean ‘nf’? 1234 | return 1 << READ_ONCE(net->nft.gencursor); | ^~~ ./include/linux/compiler.h:265:50: note: in definition of macro ‘__READ_ONCE’ 265 | __read_once_size_nocheck(&(x), __u.__c, sizeof(x)); \ | ^ ./include/net/netfilter/nf_tables.h:1234:14: note: in expansion of macro ‘READ_ONCE’ 1234 | return 1 << READ_ONCE(net->nft.gencursor); | ^~~~~~~~~ There are already changes in the net-next tree that will fix it. J.
Hi Jeremy, On Mon, Sep 16, 2019 at 02:08:12PM +0100, Jeremy Sowden wrote: > On 2019-09-16, at 02:05:16 +0200, Adam Borowski wrote: > > This caused a build failure if CONFIG_NF_CONNTRACK_BRIDGE is set but > > CONFIG_NF_TABLES=n -- and appears to be unused anyway. [...] > There are already changes in the net-next tree that will fix it. If the fix needs to go to -stable 5.3 kernel release, then you have to point to the particular commit ID of this patch to fix this one. net-next contains 5.4-rc material. I'd appreciate also if you can help identify the patch with a Fixes: tag. Thanks.
On 2019-09-17, at 07:09:46 +0200, Pablo Neira Ayuso wrote: > On Mon, Sep 16, 2019 at 02:08:12PM +0100, Jeremy Sowden wrote: > > On 2019-09-16, at 02:05:16 +0200, Adam Borowski wrote: > > > This caused a build failure if CONFIG_NF_CONNTRACK_BRIDGE is set but > > > CONFIG_NF_TABLES=n -- and appears to be unused anyway. > [...] > > There are already changes in the net-next tree that will fix it. > > If the fix needs to go to -stable 5.3 kernel release, then you have to > point to the particular commit ID of this patch to fix this one. > net-next contains 5.4-rc material. I'd appreciate also if you can help > identify the patch with a Fixes: tag. Yup, will do. J.
On 2019-09-17, at 07:09:46 +0200, Pablo Neira Ayuso wrote: > On Mon, Sep 16, 2019 at 02:08:12PM +0100, Jeremy Sowden wrote: > > On 2019-09-16, at 02:05:16 +0200, Adam Borowski wrote: > > > This caused a build failure if CONFIG_NF_CONNTRACK_BRIDGE is set > > > but CONFIG_NF_TABLES=n -- and appears to be unused anyway. > [...] > > There are already changes in the net-next tree that will fix it. > > If the fix needs to go to -stable 5.3 kernel release, then you have to > point to the particular commit ID of this patch to fix this one. > net-next contains 5.4-rc material. I'd appreciate also if you can help > identify the patch with a Fixes: tag. The commit in the mainline that needs fixing is: 3c171f496ef5 ("netfilter: bridge: add connection tracking system") The commit in net-next that fixes it is: 47e640af2e49 ("netfilter: add missing IS_ENABLED(CONFIG_NF_TABLES) check to header-file.") I applied it to the mainline and compile-tested it to verify that it does indeed fix the build failure. From my reading of stable-kernel-rules.rst and netdev-FAQ.rst, it appears that the fix should come from the mainline, so I will wait for it to get there. J.
On Tue, Sep 17, 2019 at 03:59:08PM +0100, Jeremy Sowden wrote: [...] > The commit in net-next that fixes it is: > > 47e640af2e49 ("netfilter: add missing IS_ENABLED(CONFIG_NF_TABLES) check to header-file.") > > I applied it to the mainline and compile-tested it to verify that it > does indeed fix the build failure. > > From my reading of stable-kernel-rules.rst and netdev-FAQ.rst, it > appears that the fix should come from the mainline, so I will wait for > it to get there. Thanks, just send this to stable@vger.kernel.org and Cc netfilter-devel@vger.kernel.org and me when requesting this.
diff --git a/net/bridge/netfilter/nf_conntrack_bridge.c b/net/bridge/netfilter/nf_conntrack_bridge.c index 4f5444d2a526..844ef5a53f87 100644 --- a/net/bridge/netfilter/nf_conntrack_bridge.c +++ b/net/bridge/netfilter/nf_conntrack_bridge.c @@ -18,7 +18,6 @@ #include <linux/netfilter/nf_tables.h> #include <net/netfilter/ipv6/nf_defrag_ipv6.h> -#include <net/netfilter/nf_tables.h> #include "../br_private.h"
This caused a build failure if CONFIG_NF_CONNTRACK_BRIDGE is set but CONFIG_NF_TABLES=n -- and appears to be unused anyway. Signed-off-by: Adam Borowski <kilobyte@angband.pl> --- net/bridge/netfilter/nf_conntrack_bridge.c | 1 - 1 file changed, 1 deletion(-)