diff options
| author | Konstantin Shalygin | 2021-12-19 20:31:23 +0700 |
|---|---|---|
| committer | Konstantin Shalygin | 2021-12-19 20:31:23 +0700 |
| commit | 280848ad4576ae33c069fa5579d2bbb934491094 (patch) | |
| tree | ac04f6209890aa684f4a8efe6afe74c116896466 | |
| parent | 2d021dfca41dcf2338c0f6a2c02d958f2101871e (diff) | |
| download | aur-280848ad4576ae33c069fa5579d2bbb934491094.tar.gz | |
Added Linux 5.15 compat patch
| -rw-r--r-- | .SRCINFO | 6 | ||||
| -rw-r--r-- | PKGBUILD | 11 | ||||
| -rw-r--r-- | ipt_netflow.2.6_kernel_5.15.patch | 294 |
3 files changed, 305 insertions, 6 deletions
@@ -1,7 +1,7 @@ pkgbase = ipt_netflow - pkgdesc = Netflow as netfilter extension. + pkgdesc = Netflow as netfilter extension pkgver = 2.6 - pkgrel = 1 + pkgrel = 2 url = https://github.com/aabc/ipt-netflow arch = any license = GPL @@ -12,6 +12,8 @@ pkgbase = ipt_netflow depends = linux depends = iptables source = https://github.com/aabc/ipt-netflow/archive/v2.6.tar.gz + source = ipt_netflow.2.6_kernel_5.15.patch sha256sums = 1ae270ddd0e60449159607c2f413604e31cb446beae516777dfeeee5f9b4931d + sha256sums = b31412f7c6449700ffd499246d99b96941b72724fb444a8e102fb50e82c5ce9e pkgname = ipt_netflow @@ -4,15 +4,17 @@ _netflow='ipt-netflow' pkgname='ipt_netflow' pkgver='2.6' -pkgrel='1' -pkgdesc='Netflow as netfilter extension.' +pkgrel='2' +pkgdesc='Netflow as netfilter extension' arch=('any') url="https://github.com/aabc/${_netflow}" license=('GPL') depends=('linux' 'iptables') makedepends=('gcc' 'gzip' 'gawk' 'sed') -source=("${url}/archive/v${pkgver}.tar.gz") -sha256sums=('1ae270ddd0e60449159607c2f413604e31cb446beae516777dfeeee5f9b4931d') +source=("${url}/archive/v${pkgver}.tar.gz" + "ipt_netflow.2.6_kernel_5.15.patch") +sha256sums=('1ae270ddd0e60449159607c2f413604e31cb446beae516777dfeeee5f9b4931d' + 'b31412f7c6449700ffd499246d99b96941b72724fb444a8e102fb50e82c5ce9e') # define '-lts' for linux-lts package _linux_custom="" _kdir="`pacman -Ql linux${_linux_custom} | awk '/(\/modules\/)([0-9.-])+-(.*)'${_linux_custom}'\/$/ {print $2}' | head -n1`" @@ -20,6 +22,7 @@ _kver="`pacman -Ql linux${_linux_custom} | gawk 'match($0, /(\/usr\/lib\/modules prepare() { cd "${srcdir}/${_netflow}-${pkgver}" + patch -p1 -i "${srcdir}/ipt_netflow.2.6_kernel_5.15.patch" ./configure \ --disable-snmp-agent \ diff --git a/ipt_netflow.2.6_kernel_5.15.patch b/ipt_netflow.2.6_kernel_5.15.patch new file mode 100644 index 000000000000..087f17ac3b3c --- /dev/null +++ b/ipt_netflow.2.6_kernel_5.15.patch @@ -0,0 +1,294 @@ +diff -Naupr ipt-netflow-2.6/compat.h ipt-netflow/compat.h +--- ipt-netflow-2.6/compat.h 2021-05-15 19:32:44.000000000 +0700 ++++ ipt-netflow/compat.h 2021-12-19 20:27:16.638812198 +0700 +@@ -170,10 +170,6 @@ static int __ethtool_get_settings(struct + # define CHECK_OK 0 + #endif + +-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,35) +-# define use_module ref_module +-#endif +- + #ifndef NF_IP_LOCAL_IN /* 2.6.25 */ + # define NF_IP_PRE_ROUTING NF_INET_PRE_ROUTING + # define NF_IP_LOCAL_IN NF_INET_LOCAL_IN +@@ -207,9 +203,9 @@ err: + } + #endif + +-#if LINUX_VERSION_CODE >= KERNEL_VERSION(5,0,0) ++#ifdef HAVE_TOTALRAM_PAGES + #define num_physpages totalram_pages() +-#elif LINUX_VERSION_CODE >= KERNEL_VERSION(3,11,0) ++#elif defined HAVE_TOTALRAM_PAGES_REF + #define num_physpages totalram_pages + #endif + +@@ -775,4 +771,18 @@ struct module *find_module(const char *n + } + #endif + ++/* Copy from 294f69e662d1 ("compiler_attributes.h: Add 'fallthrough' pseudo ++ * keyword for switch/case use") */ ++#ifndef fallthrough ++# if __has_attribute(__fallthrough__) ++# define fallthrough __attribute__((__fallthrough__)) ++# else ++# define fallthrough do {} while (0) /* fallthrough */ ++# endif ++#endif ++ ++#ifndef HAVE_NF_CT_EVENT_NOTIFIER_CT_EVENT ++# define ct_event fcn ++#endif ++ + #endif /* COMPAT_NETFLOW_H */ +diff -Naupr ipt-netflow-2.6/gen_compat_def ipt-netflow/gen_compat_def +--- ipt-netflow-2.6/gen_compat_def 2021-05-15 19:32:44.000000000 +0700 ++++ ipt-netflow/gen_compat_def 2021-12-19 20:27:16.638812198 +0700 +@@ -1,8 +1,9 @@ + #!/bin/bash -efu + # SPDX-License-Identifier: GPL-2.0-only + # +-# Generate defines based on kernel having +-# some symbols declared ++# Generate defines based on kernel having some symbols declared. ++# Tests should work without linking, because kernel may not be ++# completely compiled (only prepared). + # + # Copyright (C) 2019-2021 <abc@openwall.com> + # +@@ -41,7 +42,14 @@ kbuild_test_compile() { + echo "// Output:" + sed "s/^/\/\/ /" log + echo +- if ! egrep -q 'has no member named|undeclared|storage size of .* isn.t known|No such file or directory' log; then ++ if ! egrep -q \ ++ -e 'has no member named' \ ++ -e 'undeclared' \ ++ -e 'storage size of .* isn.t known' \ ++ -e 'No such file or directory' \ ++ -e 'incompatible types when initializing' \ ++ -e 'initializer element is not constant' \ ++ log; then + echo "Error: unexpected error from compiler" >&2 + cat log >&2 + echo >&2 +@@ -50,9 +58,9 @@ kbuild_test_compile() { + fi + } + +-# Test that symbol is defined. ++# Test that symbol is defined (will catch functions mostly). + kbuild_test_symbol() { +- echo -n "Test symbol $* " >&2 ++ echo -n "Test function $* " >&2 + kbuild_test_compile ${1^^} $1 ${2-} <<-EOF + #include <linux/module.h> + ${2:+#include <$2>} +@@ -61,6 +69,16 @@ kbuild_test_symbol() { + EOF + } + ++# Test that symbol is defined (functions and globals). ++kbuild_test_ref() { ++ echo -n "Test symbol $* " >&2 ++ kbuild_test_compile ${1^^}_REF $1 ${2-} <<-EOF ++ #include <linux/module.h> ++ ${2:+#include <$2>} ++ MODULE_LICENSE("GPL"); ++ void *test = &$1; ++ EOF ++} + # Test that struct is defined. + kbuild_test_struct() { + echo -n "Test struct $* " >&2 +@@ -72,6 +90,20 @@ kbuild_test_struct() { + EOF + } + ++# Test that struct have member ++kbuild_test_member() { ++ echo -n "Test member $* " >&2 ++ structname=${1%.*} ++ member=${1#*.} ++ def=${1^^} ++ def=${def//./_} ++ kbuild_test_compile $def "struct $1" ${2-} <<-EOF ++ #include <linux/module.h> ++ ${2:+#include <$2>} ++ MODULE_LICENSE("GPL"); ++ typeof(((struct $structname*)0)->$member) test; ++ EOF ++} + echo "// Autogenerated for $KDIR" + echo + +@@ -87,6 +119,13 @@ kbuild_test_symbol synchronize_sched lin + kbuild_test_symbol nf_bridge_info_get linux/netfilter_bridge.h + # Stumbled on 5.9 + kbuild_test_struct vlan_dev_priv linux/if_vlan.h ++# Kernel version check broken by centos8 ++kbuild_test_symbol put_unaligned_be24 asm/unaligned.h ++# totalram_pages changed from atomic to inline function. ++kbuild_test_symbol totalram_pages linux/mm.h ++kbuild_test_ref totalram_pages linux/mm.h ++# b86c0e6429da ("netfilter: ecache: prepare for event notifier merge") ++kbuild_test_member nf_ct_event_notifier.ct_event net/netfilter/nf_conntrack_ecache.h + + echo "// End of compat_def.h" + +diff -Naupr ipt-netflow-2.6/ipt_NETFLOW.c ipt-netflow/ipt_NETFLOW.c +--- ipt-netflow-2.6/ipt_NETFLOW.c 2021-05-15 19:32:44.000000000 +0700 ++++ ipt-netflow/ipt_NETFLOW.c 2021-12-19 20:27:16.638812198 +0700 +@@ -87,7 +87,7 @@ + #if defined(CONFIG_NF_NAT_NEEDED) && LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,39) + # include <net/netfilter/nf_conntrack_timestamp.h> + #endif +-#ifndef CONFIG_BRIDGE_NETFILTER ++#if !IS_ENABLED(CONFIG_BRIDGE_NETFILTER) + # ifdef ENABLE_PHYSDEV_OVER + # warning "Requested physdev override is not compiled." + # undef ENABLE_PHYSDEV_OVER +@@ -1943,7 +1943,7 @@ static struct ctl_path netflow_sysctl_pa + #endif /* CONFIG_SYSCTL */ + + /* socket code */ +-static void sk_error_report(struct sock *sk) ++static void netflow_sk_error_report(struct sock *sk) + { + struct ipt_netflow_sock *usock; + +@@ -1974,7 +1974,7 @@ static struct socket *usock_open_sock(st + } + sock->sk->sk_allocation = GFP_ATOMIC; + sock->sk->sk_prot->unhash(sock->sk); /* hidden from input */ +- sock->sk->sk_error_report = &sk_error_report; /* clear ECONNREFUSED */ ++ sock->sk->sk_error_report = &netflow_sk_error_report; /* clear ECONNREFUSED */ + sock->sk->sk_user_data = usock; + sock->sk->sk_reuse = SK_CAN_REUSE; + +@@ -2226,7 +2226,7 @@ static int parse_sampler(char *ptr) + printk(KERN_ERR "ipt_NETFLOW: sampler parse error (%s '%s').\n", + "unknown mode", ptr); + ret = -EINVAL; +- /* FALLTHROUGH */ ++ fallthrough; + case '\0': /* empty */ + case 'n': /* none */ + case 'o': /* off */ +@@ -3532,7 +3532,7 @@ static inline __u8 hook2dir(const __u8 h + } + #endif + +-#if LINUX_VERSION_CODE < KERNEL_VERSION(5,7,0) ++#ifndef HAVE_PUT_UNALIGNED_BE24 + static inline void put_unaligned_be24(u32 val, unsigned char *p) + { + *p++ = val >> 16; +@@ -3654,7 +3654,7 @@ static inline void add_tpl_field(__u8 *p + put_unaligned_be16(nf->options, ptr); break; + case SRC_MASK: *ptr = nf->s_mask; break; + case DST_MASK: *ptr = nf->d_mask; break; +- case icmpTypeCodeIPv4: /*FALLTHROUGH*/ ++ case icmpTypeCodeIPv4: fallthrough; + case icmpTypeCodeIPv6: put_unaligned(nf->tuple.d_port, (__be16 *)ptr); break; + case MUL_IGMP_TYPE: *ptr = nf->tuple.d_port; break; + case flowEndReason: *ptr = nf->flowEndReason; break; +@@ -4597,7 +4597,7 @@ static void rate_timer_calc( + #ifdef CONFIG_NF_NAT_NEEDED + #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,31) + static struct nf_ct_event_notifier *saved_event_cb __read_mostly = NULL; +-static int netflow_conntrack_event(const unsigned int events, struct nf_ct_event *item) ++static int netflow_conntrack_event(const unsigned int events, const struct nf_ct_event *item) + #else + static int netflow_conntrack_event(struct notifier_block *this, unsigned long events, void *ptr) + #endif +@@ -4619,7 +4619,7 @@ static int netflow_conntrack_event(struc + /* Call netlink first. */ + notifier = rcu_dereference(saved_event_cb); + if (likely(notifier)) +- ret = notifier->fcn(events, item); ++ ret = notifier->ct_event(events, item); + #endif + if (unlikely(!natevents)) + return ret; +@@ -4684,7 +4684,7 @@ static struct notifier_block ctnl_notifi + }; + #else + static struct nf_ct_event_notifier ctnl_notifier = { +- .fcn = netflow_conntrack_event ++ .ct_event = netflow_conntrack_event + }; + #endif /* since 2.6.31 */ + #endif /* CONFIG_NF_NAT_NEEDED */ +@@ -5451,9 +5451,15 @@ static void unset_notifier_cb(NET_STRUCT + + notifier = rcu_dereference(nf_conntrack_event_cb); + if (notifier == &ctnl_notifier) { +- if (saved_event_cb == NULL) ++ if (saved_event_cb == NULL) { ++#ifdef HAVE_NF_CT_EVENT_NOTIFIER_CT_EVENT ++ /* b86c0e6429da ("netfilter: ecache: prepare for event ++ * notifier merge") */ ++ nf_conntrack_unregister_notifier(net); ++#else + nf_conntrack_unregister_notifier(NET_ARG &ctnl_notifier); +- else ++#endif ++ } else + rcu_assign_pointer(nf_conntrack_event_cb, saved_event_cb); + } else + printk(KERN_ERR "ipt_NETFLOW: natevents already disabled.\n"); +@@ -5494,12 +5500,8 @@ static void register_ct_events(void) + } + /* Reference netlink module to prevent it's unsafe unload before us. */ + if (!netlink_m && (netlink_m = find_module(NETLINK_M))) { +-#if LINUX_VERSION_CODE < KERNEL_VERSION(5,9,0) +- use_module(THIS_MODULE, netlink_m); +-#else + if (!try_module_get(netlink_m)) + netlink_m = NULL; +-#endif + } + + /* Register ct events callback. */ +@@ -5527,10 +5529,9 @@ static void unregister_ct_events(void) + #else /* < v3.2 */ + unset_notifier_cb(); + #endif /* v3.2 */ +-#if LINUX_VERSION_CODE >= KERNEL_VERSION(5,9,0) + module_put(netlink_m); + netlink_m = NULL; +-#endif ++ + rcu_assign_pointer(saved_event_cb, NULL); + #else /* < v2.6.31 */ + nf_conntrack_unregister_notifier(&ctnl_notifier); +diff -Naupr ipt-netflow-2.6/Makefile.in ipt-netflow/Makefile.in +--- ipt-netflow-2.6/Makefile.in 2021-05-15 19:32:44.000000000 +0700 ++++ ipt-netflow/Makefile.in 2021-12-19 20:27:16.638812198 +0700 +@@ -27,7 +27,8 @@ ipt_NETFLOW.ko: version.h ipt_NETFLOW.c + make -C $(KDIR) M=$(CURDIR) modules + @touch $@ + compat_def.h: gen_compat_def +- ./gen_compat_def > $@ ++ ./gen_compat_def > $@- ++ mv $@- $@ + sparse: | version.h ipt_NETFLOW.c ipt_NETFLOW.h compat.h Makefile + @rm -f ipt_NETFLOW.ko ipt_NETFLOW.o + @echo Compiling for kernel $(KVERSION) +diff -Naupr ipt-netflow-2.6/murmur3.h ipt-netflow/murmur3.h +--- ipt-netflow-2.6/murmur3.h 2021-05-15 19:32:44.000000000 +0700 ++++ ipt-netflow/murmur3.h 2021-12-19 20:27:16.638812198 +0700 +@@ -32,8 +32,8 @@ static inline uint32_t murmur3(const voi + } + tail = (const uint8_t*)blocks; + switch (len & 3) { +- case 3: k1 ^= tail[2] << 16; /* FALLTHROUGH */ +- case 2: k1 ^= tail[1] << 8; /* FALLTHROUGH */ ++ case 3: k1 ^= tail[2] << 16; fallthrough; ++ case 2: k1 ^= tail[1] << 8; fallthrough; + case 1: k1 ^= tail[0]; + h1 ^= rotl32(k1 * c1, 15) * c2; + } |