On Mon, Aug 15, 2022 at 2:12 AM He Zhe <[email protected]> wrote: > > Hi Bruce, > > This patch happened to be merged onto two branches in linux-yocto. > https://git.yoctoproject.org/linux-yocto/commit/?h=v5.15/standard/nxp-sdk-5.10/nxp-s32g&id=a920167f0254ced8e1672e8b0c63fb49f6c3069b > https://git.yoctoproject.org/linux-yocto/commit/?h=v5.15/standard/preempt-rt/nxp-sdk-5.10/nxp-s32g&id=ee7baf33b698e9ef1900ad275c352f55cdbd8d26 > > Which would cause the following build failure. > | ERROR: could not process input files: ... features/netfilter/netfilter.scc > features/nf_tables/nft_test.scc ... > | See /tmp/tmp.ownpBEhuml for details > | ERROR: Could not generate configuration queue for aptiv_cvc_sousa. > > It should be reverted, or removed to not pollute commit log.
Wow. It looks like my scripts went a bit crazy during htat merge. I'll fix it shortly. Bruce > > > Regards, > Zhe > > On 8/12/22 11:05, Bruce Ashfield wrote: > > merged. > > > > Bruce > > > > In message: [linux-yocto] [kernel-cache][yocto-5.15][PATCH v3] nft: add > > configs for greater nftables coverage > > on 08/08/2022 Randy MacLeod wrote: > > > >> From: Randy MacLeod <[email protected]> > >> > >> Add an nft_test.scc file, which includes both nf_tables.cfg and a newly > >> added nft_test.cfg file. > >> > >> The nft_test.scc file include nftables.scc and also enables more nftables > >> features. > >> > >> Previously some of the nftables ptests failed, due to missing kernel > >> modules. > >> It's impossible to know which nftables features will be used so add more > >> configs > >> in a new scc file to ensure that most nftables features used by nft work. > >> > >> The added features are: > >> > >> NF_CONNTRACK_TIMEOUT > >> enables support for connection tracking timeout extension. > >> This allows you to attach timeout policies to flow via the CT target. > >> > >> NFT_FLOW_OFFLOAD > >> adds the "flow_offload" expression that you can use to choose what flows > >> are placed into the hardware. > >> > >> NF_FLOW_TABLE > >> adds the flow table core infrastructure. > >> > >> NF_FLOW_TABLE_INET > >> adds the flow table mixed IPv4/IPv6 support. > >> > >> NF_FLOW_TABLE_IPV4 > >> adds the flow table IPv4 support. > >> > >> NFT_NUMGEN > >> adds the number generator expression used to perform incremental > >> counting and random numbers bound to a upper limit. > >> > >> NFT_OSF > >> allows matching packets from an specific OS. > >> > >> NFT_QUOTA > >> adds the "quota" expression that you can use to match enforce bytes > >> quotas. > >> > >> NFT_SYNPROXY > >> The SYNPROXY expression allows you to intercept TCP connections and > >> establish them using syncookies before they are passed on to the > >> server. This allows to avoid conntrack and server resource usage > >> during SYN-flood attacks. > >> > >> NFT_XFRM > >> adds an expression that you can use to extract properties of a packets > >> security association. > >> > >> These additions enable the nftables-1.0.2 ptest to all pass. > >> > >> Signed-off-by: Aryaman Gupta <[email protected]> > >> Signed-off-by: Randy MacLeod <[email protected]> > >> --- > >> features/nf_tables/nft_test.cfg | 11 +++++++++++ > >> features/nf_tables/nft_test.scc | 5 +++++ > >> 2 files changed, 16 insertions(+) > >> create mode 100644 features/nf_tables/nft_test.cfg > >> create mode 100644 features/nf_tables/nft_test.scc > >> > >> diff --git a/features/nf_tables/nft_test.cfg > >> b/features/nf_tables/nft_test.cfg > >> new file mode 100644 > >> index 00000000..5c5629c8 > >> --- /dev/null > >> +++ b/features/nf_tables/nft_test.cfg > >> @@ -0,0 +1,11 @@ > >> +CONFIG_NF_CONNTRACK_TIMEOUT=y > >> +CONFIG_NF_FLOW_TABLE_INET=m > >> +CONFIG_NF_FLOW_TABLE_IPV4=m > >> +CONFIG_NF_FLOW_TABLE=m > >> +CONFIG_NFT_FLOW_OFFLOAD=m > >> +CONFIG_NFT_NUMGEN=m > >> +CONFIG_NFT_OSF=m > >> +CONFIG_NFT_QUOTA=m > >> +CONFIG_NFT_SYNPROXY=m > >> +CONFIG_NFT_XFRM=m > >> + > >> diff --git a/features/nf_tables/nft_test.scc > >> b/features/nf_tables/nft_test.scc > >> new file mode 100644 > >> index 00000000..8181c215 > >> --- /dev/null > >> +++ b/features/nf_tables/nft_test.scc > >> @@ -0,0 +1,5 @@ > >> +define KFEATURE_DESCRIPTION "Add extra nftables modules" > >> +define KFEATURE_COMPATIBILITY all > >> + > >> +include nf_tables.cfg > >> +include nft_test.cfg > >> -- > >> 2.32.0 > >> > >> > >> > > > > > > > -- - Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end - "Use the force Harry" - Gandalf, Star Trek II
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#11560): https://lists.yoctoproject.org/g/linux-yocto/message/11560 Mute This Topic: https://lists.yoctoproject.org/mt/92901623/21656 Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/linux-yocto/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
