From d88c5b79db7f84c6bce15b0d7cf461d725cb8824 Mon Sep 17 00:00:00 2001 From: Jozsef Kadlecsik Date: Mon, 11 Sep 2017 21:04:59 +0200 Subject: [PATCH] Backport patch: netfilter: nfnetlink: extended ACK reporting --- configure.ac | 14 ++++++- .../linux/netfilter/ipset/ip_set_compat.h.in | 14 ++++--- kernel/net/netfilter/ipset/ip_set_core.c | 39 ++++++++++++------- 3 files changed, 47 insertions(+), 20 deletions(-) diff --git a/configure.ac b/configure.ac index c818557..26883d7 100644 --- a/configure.ac +++ b/configure.ac @@ -560,8 +560,8 @@ else fi AC_MSG_CHECKING([kernel source for passing extended ACK struct to parsing functions]) -if test -f $ksourcedir/include/linux/netlink.h && \ - $AWK '/^static inline int nla_parse_nested/ {for(i=1; i<=4; i++) {getline; print}}' $ksourcedir/include/linux/netlink.h | $GREP -q 'struct netlink_ext_ack'; then +if test -f $ksourcedir/include/net/netlink.h && \ + $AWK '/^static inline int nla_parse_nested/ {for(i=1; i<=4; i++) {getline; print}}' $ksourcedir/include/net/netlink.h | $GREP -q 'struct netlink_ext_ack'; then AC_MSG_RESULT(yes) AC_SUBST(HAVE_PASSING_EXTENDED_ACK_TO_PARSERS, define) else @@ -569,6 +569,16 @@ else AC_SUBST(HAVE_PASSING_EXTENDED_ACK_TO_PARSERS, undef) fi +AC_MSG_CHECKING([kernel source for passing extended ACK struct to callback functions]) +if test -f $ksourcedir/include/linux/netfilter/nfnetlink.h && \ + $AWK '/^struct nfnl_callback / {for(i=1; i<=5; i++) {getline; print}}' $ksourcedir/include/linux/netfilter/nfnetlink.h | $GREP -q 'struct netlink_ext_ack'; then + AC_MSG_RESULT(yes) + AC_SUBST(HAVE_PASSING_EXTENDED_ACK_TO_CALLBACKS, define) +else + AC_MSG_RESULT(no) + AC_SUBST(HAVE_PASSING_EXTENDED_ACK_TO_CALLBACKS, undef) +fi + AC_MSG_CHECKING([kernel source for struct net_generic]) if test -f $ksourcedir/include/net/netns/generic.h && \ $GREP -q 'struct net_generic' $ksourcedir/include/net/netns/generic.h; then diff --git a/kernel/include/linux/netfilter/ipset/ip_set_compat.h.in b/kernel/include/linux/netfilter/ipset/ip_set_compat.h.in index 36eecee..667a6b0 100644 --- a/kernel/include/linux/netfilter/ipset/ip_set_compat.h.in +++ b/kernel/include/linux/netfilter/ipset/ip_set_compat.h.in @@ -41,6 +41,7 @@ #@HAVE_NFNL_MSG_TYPE@ HAVE_NFNL_MSG_TYPE #@HAVE_NETLINK_EXTENDED_ACK@ HAVE_NETLINK_EXTENDED_ACK #@HAVE_PASSING_EXTENDED_ACK_TO_PARSERS@ HAVE_PASSING_EXTENDED_ACK_TO_PARSERS +#@HAVE_PASSING_EXTENDED_ACK_TO_CALLBACKS@ HAVE_PASSING_EXTENDED_ACK_TO_CALLBACKS #ifdef HAVE_EXPORT_SYMBOL_GPL_IN_MODULE_H #include @@ -273,12 +274,15 @@ static inline int nla_put_in6_addr(struct sk_buff *skb, int attrtype, } #endif -#ifdef HAVE_NET_IN_NFNL_CALLBACK_FN -#define IPSET_CBFN(fn, net, nl, skb, nlh, cda) fn(net, nl, skb, nlh, cda) -#define IPSET_SOCK_NET(net, ctnl) net +#ifdef HAVE_PASSING_EXTENDED_ACK_TO_CALLBACKS +#define IPSET_CBFN(fn, net, nl, skb, nlh, cda, e) fn(net, nl, skb, nlh, cda, e) +#define IPSET_SOCK_NET(net, ctnl) net +#elif defined(HAVE_NET_IN_NFNL_CALLBACK_FN) +#define IPSET_CBFN(fn, net, nl, skb, nlh, cda, e) fn(net, nl, skb, nlh, cda) +#define IPSET_SOCK_NET(net, ctnl) net #else -#define IPSET_CBFN(fn, net, nl, skb, nlh, cda) fn(nl, skb, nlh, cda) -#define IPSET_SOCK_NET(net, ctnl) sock_net(ctnl) +#define IPSET_CBFN(fn, net, nl, skb, nlh, cda,e) fn(nl, skb, nlh, cda) +#define IPSET_SOCK_NET(net, ctnl) sock_net(ctnl) #endif #ifndef HAVE_TC_SKB_PROTOCOL diff --git a/kernel/net/netfilter/ipset/ip_set_core.c b/kernel/net/netfilter/ipset/ip_set_core.c index 583d43c..4bea0b3 100644 --- a/kernel/net/netfilter/ipset/ip_set_core.c +++ b/kernel/net/netfilter/ipset/ip_set_core.c @@ -847,7 +847,8 @@ find_free_id(struct ip_set_net *inst, const char *name, ip_set_id_t *index, static int IPSET_CBFN(ip_set_none, struct net *net, struct sock *ctnl, struct sk_buff *skb, const struct nlmsghdr *nlh, - const struct nlattr * const attr[]) + const struct nlattr * const attr[], + struct netlink_ext_ack *extack) { return -EOPNOTSUPP; } @@ -855,7 +856,8 @@ IPSET_CBFN(ip_set_none, struct net *net, struct sock *ctnl, static int IPSET_CBFN(ip_set_create, struct net *n, struct sock *ctnl, struct sk_buff *skb, const struct nlmsghdr *nlh, - const struct nlattr * const attr[]) + const struct nlattr * const attr[], + struct netlink_ext_ack *extack) { struct net *net = IPSET_SOCK_NET(n, ctnl); struct ip_set_net *inst = ip_set_pernet(net); @@ -998,7 +1000,8 @@ ip_set_destroy_set(struct ip_set *set) static int IPSET_CBFN(ip_set_destroy, struct net *net, struct sock *ctnl, struct sk_buff *skb, const struct nlmsghdr *nlh, - const struct nlattr * const attr[]) + const struct nlattr * const attr[], + struct netlink_ext_ack *extack) { struct ip_set_net *inst = ip_set_pernet(IPSET_SOCK_NET(net, ctnl)); struct ip_set *s; @@ -1077,7 +1080,8 @@ ip_set_flush_set(struct ip_set *set) static int IPSET_CBFN(ip_set_flush, struct net *net, struct sock *ctnl, struct sk_buff *skb, const struct nlmsghdr *nlh, - const struct nlattr * const attr[]) + const struct nlattr * const attr[], + struct netlink_ext_ack *extack) { struct ip_set_net *inst = ip_set_pernet(IPSET_SOCK_NET(net, ctnl)); struct ip_set *s; @@ -1117,7 +1121,8 @@ ip_set_setname2_policy[IPSET_ATTR_CMD_MAX + 1] = { static int IPSET_CBFN(ip_set_rename, struct net *net, struct sock *ctnl, struct sk_buff *skb, const struct nlmsghdr *nlh, - const struct nlattr * const attr[]) + const struct nlattr * const attr[], + struct netlink_ext_ack *extack) { struct ip_set_net *inst = ip_set_pernet(IPSET_SOCK_NET(net, ctnl)); struct ip_set *set, *s; @@ -1167,7 +1172,8 @@ out: static int IPSET_CBFN(ip_set_swap, struct net *net, struct sock *ctnl, struct sk_buff *skb, const struct nlmsghdr *nlh, - const struct nlattr * const attr[]) + const struct nlattr * const attr[], + struct netlink_ext_ack *extack) { struct ip_set_net *inst = ip_set_pernet(IPSET_SOCK_NET(net, ctnl)); struct ip_set *from, *to; @@ -1441,7 +1447,8 @@ out: static int IPSET_CBFN(ip_set_dump, struct net *net, struct sock *ctnl, struct sk_buff *skb, const struct nlmsghdr *nlh, - const struct nlattr * const attr[]) + const struct nlattr * const attr[], + struct netlink_ext_ack *extack) { if (unlikely(protocol_failed(attr))) return -IPSET_ERR_PROTOCOL; @@ -1537,7 +1544,8 @@ call_ad(struct sock *ctnl, struct sk_buff *skb, struct ip_set *set, static int IPSET_CBFN(ip_set_uadd, struct net *net, struct sock *ctnl, struct sk_buff *skb, const struct nlmsghdr *nlh, - const struct nlattr * const attr[]) + const struct nlattr * const attr[], + struct netlink_ext_ack *extack) { struct ip_set_net *inst = ip_set_pernet(IPSET_SOCK_NET(net, ctnl)); struct ip_set *set; @@ -1592,7 +1600,8 @@ IPSET_CBFN(ip_set_uadd, struct net *net, struct sock *ctnl, static int IPSET_CBFN(ip_set_udel, struct net *net, struct sock *ctnl, struct sk_buff *skb, const struct nlmsghdr *nlh, - const struct nlattr * const attr[]) + const struct nlattr * const attr[], + struct netlink_ext_ack *extack) { struct ip_set_net *inst = ip_set_pernet(IPSET_SOCK_NET(net, ctnl)); struct ip_set *set; @@ -1648,7 +1657,8 @@ static int IPSET_CBFN(ip_set_utest, struct net *net, struct sock *ctnl, struct sk_buff *skb, const struct nlmsghdr *nlh, - const struct nlattr * const attr[]) + const struct nlattr * const attr[], + struct netlink_ext_ack *extack) { struct ip_set_net *inst = ip_set_pernet(IPSET_SOCK_NET(net, ctnl)); struct ip_set *set; @@ -1684,7 +1694,8 @@ IPSET_CBFN(ip_set_utest, struct net *net, struct sock *ctnl, static int IPSET_CBFN(ip_set_header, struct net *net, struct sock *ctnl, struct sk_buff *skb, const struct nlmsghdr *nlh, - const struct nlattr * const attr[]) + const struct nlattr * const attr[], + struct netlink_ext_ack *extack) { struct ip_set_net *inst = ip_set_pernet(IPSET_SOCK_NET(net, ctnl)); const struct ip_set *set; @@ -1741,7 +1752,8 @@ static const struct nla_policy ip_set_type_policy[IPSET_ATTR_CMD_MAX + 1] = { static int IPSET_CBFN(ip_set_type, struct net *net, struct sock *ctnl, struct sk_buff *skb, const struct nlmsghdr *nlh, - const struct nlattr * const attr[]) + const struct nlattr * const attr[], + struct netlink_ext_ack *extack) { struct sk_buff *skb2; struct nlmsghdr *nlh2; @@ -1800,7 +1812,8 @@ ip_set_protocol_policy[IPSET_ATTR_CMD_MAX + 1] = { static int IPSET_CBFN(ip_set_protocol, struct net *net, struct sock *ctnl, struct sk_buff *skb, const struct nlmsghdr *nlh, - const struct nlattr * const attr[]) + const struct nlattr * const attr[], + struct netlink_ext_ack *extack) { struct sk_buff *skb2; struct nlmsghdr *nlh2; -- 2.40.0