Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ipt_NETFLOW: add compatibility with 6.8+ (include 6.11) #230

Open
wants to merge 3 commits into
base: master
Choose a base branch
from

Conversation

vvfedorenko
Copy link
Contributor

@vvfedorenko vvfedorenko commented Jun 16, 2024

Linux 6.8:

  • add strlcpy definition as it was removed in 6.8
  • replace strtoul with simple_strtoul which exists in all kernels and is proper interface to use
  • inline timeval_to_jiffies to follow new kernel build rules
  • replace check for in{4,6}_pton to remove unneeded functions
    Linux 6.11:
  • constify sysctl proc handlers

@k0ste
Copy link

k0ste commented Oct 30, 2024

@aabc

@juju4 juju4 mentioned this pull request Nov 3, 2024
@juju4
Copy link

juju4 commented Nov 3, 2024

as per #227, strlcopy can just be replaced by strscpy

@vvfedorenko
Copy link
Contributor Author

as per #227, strlcopy can just be replaced by strscpy

Except that strscpy doesn't exist till linux 4.3. but you might be right, it's better to switch to safe modern implementation. I'll make it

@vvfedorenko
Copy link
Contributor Author

@aabc could you please merge it?

@k0ste
Copy link

k0ste commented Nov 4, 2024

@juju4 this patch works for you? For me - still have issues

==> Starting build()...
./gen_compat_def > compat_def.h-
Test function xt_family linux/netfilter_ipv4/ip_tables.h  declared
Test struct timeval linux/ktime.h  undeclared
egrep: warning: egrep is obsolescent; using grep -E
Test struct proc_ops linux/proc_fs.h  declared
Test function synchronize_sched linux/rcupdate.h  undeclared
egrep: warning: egrep is obsolescent; using grep -E
Test function nf_bridge_info_get linux/netfilter_bridge.h  declared
Test struct vlan_dev_priv linux/if_vlan.h  declared
Test function put_unaligned_be24 asm/unaligned.h  declared
Test function totalram_pages linux/mm.h  declared
Test symbol totalram_pages linux/mm.h  declared
Test member nf_ct_event_notifier.ct_event net/netfilter/nf_conntrack_ecache.h  declared
Test function register_sysctl_paths linux/sysctl.h  undeclared
egrep: warning: egrep is obsolescent; using grep -E
Test function strscpy linux/string.h  undeclared
egrep: warning: egrep is obsolescent; using grep -E
Test function in6_pton linux/inet.h  declared
mv compat_def.h- compat_def.h
Compiling 2.6 for kernel 6.11.5-arch1-1-nfcustom
make -C /usr/lib/modules/6.11.5-arch1-1-nfcustom/build M=/srv/raid/filez/builder/PACKAGES/6.11.5/ipt_netflow/src/ipt-netflow-2.6 modules
make[1]: Entering directory '/usr/lib/modules/6.11.5-arch1-1-nfcustom/build'
  CC [M]  /srv/raid/filez/builder/PACKAGES/6.11.5/ipt_netflow/src/ipt-netflow-2.6/ipt_NETFLOW.o
In file included from /srv/raid/filez/builder/PACKAGES/6.11.5/ipt_netflow/src/ipt-netflow-2.6/ipt_NETFLOW.c:80:
/srv/raid/filez/builder/PACKAGES/6.11.5/ipt_netflow/src/ipt-netflow-2.6/compat.h:229:9: warning: "strscpy" redefined
  229 | #define strscpy strlcpy
      |         ^~~~~~~
In file included from ./include/linux/bitmap.h:13,
                 from ./include/linux/cpumask.h:12,
                 from ./arch/x86/include/asm/paravirt.h:21,
                 from ./arch/x86/include/asm/cpuid.h:62,
                 from ./arch/x86/include/asm/processor.h:19,
                 from ./arch/x86/include/asm/timex.h:5,
                 from ./include/linux/timex.h:67,
                 from ./include/linux/time32.h:13,
                 from ./include/linux/time.h:60,
                 from ./include/linux/stat.h:19,
                 from ./include/linux/module.h:13,
                 from /srv/raid/filez/builder/PACKAGES/6.11.5/ipt_netflow/src/ipt-netflow-2.6/ipt_NETFLOW.c:22:
./include/linux/string.h:108:9: note: this is the location of the previous definition
  108 | #define strscpy(dst, src, ...)  \
      |         ^~~~~~~
/srv/raid/filez/builder/PACKAGES/6.11.5/ipt_netflow/src/ipt-netflow-2.6/ipt_NETFLOW.c:1810:35: error: initialization ofint (*)(const struct ctl_table *, int,  void *, size_t *, loff_t *)’ {akaint (*)(const struct ctl_table *, int,  void *, long unsigned int *, long long int *)’} from incompatible pointer typeint (*)(struct ctl_table *, int,  void *, size_t *, loff_t *)’ {akaint (*)(struct ctl_table *, int,  void *, long unsigned int *, long long int *)’} [-Wincompatible-pointer-types]
 1810 |                 .proc_handler   = &hsize_procctl,
      |                                   ^
/srv/raid/filez/builder/PACKAGES/6.11.5/ipt_netflow/src/ipt-netflow-2.6/ipt_NETFLOW.c:1810:35: note: (near initialization fornetflow_sysctl_table[3].proc_handler’)
/srv/raid/filez/builder/PACKAGES/6.11.5/ipt_netflow/src/ipt-netflow-2.6/ipt_NETFLOW.c:1816:35: error: initialization ofint (*)(const struct ctl_table *, int,  void *, size_t *, loff_t *)’ {akaint (*)(const struct ctl_table *, int,  void *, long unsigned int *, long long int *)’} from incompatible pointer typeint (*)(struct ctl_table *, int,  void *, size_t *, loff_t *)’ {akaint (*)(struct ctl_table *, int,  void *, long unsigned int *, long long int *)’} [-Wincompatible-pointer-types]
 1816 |                 .proc_handler   = &sndbuf_procctl,
      |                                   ^
/srv/raid/filez/builder/PACKAGES/6.11.5/ipt_netflow/src/ipt-netflow-2.6/ipt_NETFLOW.c:1816:35: note: (near initialization fornetflow_sysctl_table[4].proc_handler’)
/srv/raid/filez/builder/PACKAGES/6.11.5/ipt_netflow/src/ipt-netflow-2.6/ipt_NETFLOW.c:1823:35: error: initialization ofint (*)(const struct ctl_table *, int,  void *, size_t *, loff_t *)’ {akaint (*)(const struct ctl_table *, int,  void *, long unsigned int *, long long int *)’} from incompatible pointer typeint (*)(struct ctl_table *, int,  void *, size_t *, loff_t *)’ {akaint (*)(struct ctl_table *, int,  void *, long unsigned int *, long long int *)’} [-Wincompatible-pointer-types]
 1823 |                 .proc_handler   = &destination_procctl,
      |                                   ^
/srv/raid/filez/builder/PACKAGES/6.11.5/ipt_netflow/src/ipt-netflow-2.6/ipt_NETFLOW.c:1823:35: note: (near initialization fornetflow_sysctl_table[5].proc_handler’)
/srv/raid/filez/builder/PACKAGES/6.11.5/ipt_netflow/src/ipt-netflow-2.6/ipt_NETFLOW.c:1845:35: error: initialization ofint (*)(const struct ctl_table *, int,  void *, size_t *, loff_t *)’ {akaint (*)(const struct ctl_table *, int,  void *, long unsigned int *, long long int *)’} from incompatible pointer typeint (*)(struct ctl_table *, int,  void *, size_t *, loff_t *)’ {akaint (*)(struct ctl_table *, int,  void *, long unsigned int *, long long int *)’} [-Wincompatible-pointer-types]
 1845 |                 .proc_handler   = &flush_procctl,
      |                                   ^
/srv/raid/filez/builder/PACKAGES/6.11.5/ipt_netflow/src/ipt-netflow-2.6/ipt_NETFLOW.c:1845:35: note: (near initialization fornetflow_sysctl_table[7].proc_handler’)
/srv/raid/filez/builder/PACKAGES/6.11.5/ipt_netflow/src/ipt-netflow-2.6/ipt_NETFLOW.c:1851:35: error: initialization ofint (*)(const struct ctl_table *, int,  void *, size_t *, loff_t *)’ {akaint (*)(const struct ctl_table *, int,  void *, long unsigned int *, long long int *)’} from incompatible pointer typeint (*)(struct ctl_table *, int,  void *, size_t *, loff_t *)’ {akaint (*)(struct ctl_table *, int,  void *, long unsigned int *, long long int *)’} [-Wincompatible-pointer-types]
 1851 |                 .proc_handler   = &protocol_procctl,
      |                                   ^
/srv/raid/filez/builder/PACKAGES/6.11.5/ipt_netflow/src/ipt-netflow-2.6/ipt_NETFLOW.c:1851:35: note: (near initialization fornetflow_sysctl_table[8].proc_handler’)
/srv/raid/filez/builder/PACKAGES/6.11.5/ipt_netflow/src/ipt-netflow-2.6/ipt_NETFLOW.c: In functionethtool_drvinfo’:
/srv/raid/filez/builder/PACKAGES/6.11.5/ipt_netflow/src/ipt-netflow-2.6/compat.h:229:17: error: implicit declaration of functionstrlcpy’; did you meanstrncpy’? [-Wimplicit-function-declaration]
  229 | #define strscpy strlcpy
      |                 ^~~~~~~
/srv/raid/filez/builder/PACKAGES/6.11.5/ipt_netflow/src/ipt-netflow-2.6/ipt_NETFLOW.c:4093:17: note: in expansion of macrostrscpy4093 |                 strscpy(info.driver, dev->dev.parent->driver->name, sizeof(info.driver));
      |                 ^~~~~~~
make[3]: *** [scripts/Makefile.build:244: /srv/raid/filez/builder/PACKAGES/6.11.5/ipt_netflow/src/ipt-netflow-2.6/ipt_NETFLOW.o] Error 1
make[2]: *** [/usr/lib/modules/6.11.5-arch1-1-nfcustom/build/Makefile:1926: /srv/raid/filez/builder/PACKAGES/6.11.5/ipt_netflow/src/ipt-netflow-2.6] Error 2
make[1]: *** [Makefile:224: __sub-make] Error 2
make[1]: Leaving directory '/usr/lib/modules/6.11.5-arch1-1-nfcustom/build'
make: *** [Makefile:27: ipt_NETFLOW.ko] Error 2
==> ERROR: A failure occurred in build().
    Aborting...

@juju4
Copy link

juju4 commented Nov 4, 2024

@juju4 this patch works for you? For me - still have issues

I did not use the patch. only replaced strlcpy by strscpy which seems to work for ubuntu-24.04. no change needed for 22.04

@vvfedorenko
Copy link
Contributor Author

vvfedorenko commented Nov 9, 2024

Oops, strscpy is not a function, it's a MACRO starting from 6.9 while in 6.8 it was a function. Have to check it differently.

* replace strlcpy with strscpy as strlcpy was removed in 6.8
* replace strtoul with simple_strtoul which exists in all kernels and is
  proper interface to use
* inline timeval_to_jiffies to follow new kernel build rules
* replace check for in{4,6}_pton to remove unneeded functions

Signed-off-by: Vadim Fedorenko <[email protected]>
@k0ste
Copy link

k0ste commented Nov 10, 2024

Oops, strscpy is not a function, it's a MACRO starting from 6.9 while in 6.8 it was a function. Have to check it differently.

Added to Arch 🤳🏿

There are several changes in linux kernel 6.11+ which are
incompatible with the module. Improve compatibility.

Signed-off-by: Vadim Fedorenko <[email protected]>
@vvfedorenko vvfedorenko changed the title ipt_NETFLOW: add compatibility with 6.8+ ipt_NETFLOW: add compatibility with 6.8+ (include 6.11) Dec 6, 2024
put_unaligned_u32 was moved to linux/unaligned.h and now
arch independent. Update include and gef_compat_def.

Signed-off-by: Vadim Fedorenko <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants