Adam Borowski reported a build-failure in 5.3 when CONFIG_NF_CONNTRACK_BRIDGE is set but CONFIG_NF_TABLES is not. It was introduced into the mainline by:
3c171f496ef5 ("netfilter: bridge: add connection tracking system")
There is also a fix in the mainline:
47e640af2e49 ("netfilter: add missing IS_ENABLED(CONFIG_NF_TABLES) check to header-file.")
I've cherry-picked it, and added the "Fixes:", "Reported-by:", "Link:" and "Cc:" tags.
Please consider applying it to 5-3-y.
Jeremy Sowden (1): netfilter: add missing IS_ENABLED(CONFIG_NF_TABLES) check to header-file.
include/net/netfilter/nf_tables.h | 4 ++++ 1 file changed, 4 insertions(+)
nf_tables.h defines an API comprising several inline functions and macros that depend on the nft member of struct net. However, this is only defined is CONFIG_NF_TABLES is enabled. Added preprocessor checks to ensure that nf_tables.h will compile if CONFIG_NF_TABLES is disabled.
(cherry picked from commit 47e640af2e492cc28778dd6f894d50313f7fba75)
Signed-off-by: Jeremy Sowden jeremy@azazel.net Signed-off-by: Pablo Neira Ayuso pablo@netfilter.org Fixes: 3c171f496ef5 ("netfilter: bridge: add connection tracking system") Reported-by: Adam Borowski kilobyte@angband.pl Link: https://lore.kernel.org/netfilter-devel/20190920094925.aw7actk4tdnk3rke@salv... Cc: stable@vger.kernel.org --- include/net/netfilter/nf_tables.h | 4 ++++ 1 file changed, 4 insertions(+)
diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h index 475d6f28ca67..7f7a4d9137e5 100644 --- a/include/net/netfilter/nf_tables.h +++ b/include/net/netfilter/nf_tables.h @@ -1206,6 +1206,8 @@ void nft_trace_notify(struct nft_traceinfo *info); #define MODULE_ALIAS_NFT_OBJ(type) \ MODULE_ALIAS("nft-obj-" __stringify(type))
+#if IS_ENABLED(CONFIG_NF_TABLES) + /* * The gencursor defines two generations, the currently active and the * next one. Objects contain a bitmask of 2 bits specifying the generations @@ -1279,6 +1281,8 @@ static inline void nft_set_elem_change_active(const struct net *net, ext->genmask ^= nft_genmask_next(net); }
+#endif /* IS_ENABLED(CONFIG_NF_TABLES) */ + /* * We use a free bit in the genmask field to indicate the element * is busy, meaning it is currently being processed either by
On Sat, Sep 21, 2019 at 12:05:22PM +0100, Jeremy Sowden wrote:
Adam Borowski reported a build-failure in 5.3 when CONFIG_NF_CONNTRACK_BRIDGE is set but CONFIG_NF_TABLES is not. It was introduced into the mainline by:
3c171f496ef5 ("netfilter: bridge: add connection tracking system")
There is also a fix in the mainline:
47e640af2e49 ("netfilter: add missing IS_ENABLED(CONFIG_NF_TABLES) check to header-file.")
I've cherry-picked it, and added the "Fixes:", "Reported-by:", "Link:" and "Cc:" tags.
Please consider applying it to 5-3-y.
Now queued up, thanks!
greg k-h
linux-stable-mirror@lists.linaro.org