LGTM, thanks. Reviewed-by: Yifeng Sun <[email protected]>
On Mon, Oct 14, 2019 at 10:52 AM Yi-Hung Wei <[email protected]> wrote: > > Starting from the following upstream commit, NF_NAT_NEEDED is replaced > by IS_ENABLED(CONFIG_NF_NAT) in the upstream kernel. This patch makes > some changes so that our in tree ovs kernel module is compatible to > both old and new kernels. > > Upstream commit: > commit 4806e975729f99c7908d1688a143f1e16d464e6c > Author: Florian Westphal <[email protected]> > Date: Wed Mar 27 09:22:26 2019 +0100 > > netfilter: replace NF_NAT_NEEDED with IS_ENABLED(CONFIG_NF_NAT) > > NF_NAT_NEEDED is true whenever nat support for either ipv4 or ipv6 is > enabled. Now that the af-specific nat configuration switches have been > removed, IS_ENABLED(CONFIG_NF_NAT) has the same effect. > > Signed-off-by: Florian Westphal <[email protected]> > Signed-off-by: Pablo Neira Ayuso <[email protected]> > > Signed-off-by: Yi-Hung Wei <[email protected]> > --- > acinclude.m4 | 1 + > datapath/conntrack.c | 25 +++++++++++++++++-------- > 2 files changed, 18 insertions(+), 8 deletions(-) > > diff --git a/acinclude.m4 b/acinclude.m4 > index cc80026f2127..dca09abefa96 100644 > --- a/acinclude.m4 > +++ b/acinclude.m4 > @@ -676,6 +676,7 @@ AC_DEFUN([OVS_CHECK_LINUX_COMPAT], [ > OVS_FIND_FIELD_IFELSE([$KSRC/include/linux/netfilter.h], [nf_hook_ops], > [owner], [OVS_DEFINE([HAVE_NF_HOOKS_OPS_OWNER])]) > OVS_GREP_IFELSE([$KSRC/include/linux/netfilter.h], [NFPROTO_INET]) > + OVS_GREP_IFELSE([$KSRC/include/linux/netfilter.h], [CONFIG_NF_NAT_NEEDED]) > > > OVS_FIND_FIELD_IFELSE([$KSRC/include/linux/netfilter_ipv6.h], > [nf_ipv6_ops], > diff --git a/datapath/conntrack.c b/datapath/conntrack.c > index 1b345a03e704..010f9af5ffd2 100644 > --- a/datapath/conntrack.c > +++ b/datapath/conntrack.c > @@ -34,7 +34,16 @@ > #include <net/netfilter/ipv6/nf_defrag_ipv6.h> > #include <net/ipv6_frag.h> > > -#ifdef CONFIG_NF_NAT_NEEDED > +/* Upstream commit 4806e975729f ("netfilter: replace NF_NAT_NEEDED with > + * IS_ENABLED(CONFIG_NF_NAT)") replaces the config checking on NF_NAT_NEEDED > + * with CONFIG_NF_NAT. We will replace the checking on NF_NAT_NEEDED for the > + * newer kernel with the marco in order to keep backward compatiblity. > + */ > +#ifndef HAVE_CONFIG_NF_NAT_NEEDED > +#define CONFIG_NF_NAT_NEEDED CONFIG_NF_NAT > +#endif > + > +#if IS_ENABLED(CONFIG_NF_NAT_NEEDED) > /* Starting from upstream commit 3bf195ae6037 ("netfilter: nat: merge > * nf_nat_ipv4,6 into nat core") in kernel 5.1. nf_nat_ipv4,6 are merged > * into nf_nat. In order to keep backward compatibility, we keep the config > @@ -100,7 +109,7 @@ struct ovs_conntrack_info { > struct md_labels labels; > char timeout[CTNL_TIMEOUT_NAME_MAX]; > struct nf_ct_timeout *nf_ct_timeout; > -#ifdef CONFIG_NF_NAT_NEEDED > +#if IS_ENABLED(CONFIG_NF_NAT_NEEDED) > struct nf_nat_range2 range; /* Only present for SRC NAT and DST NAT. > */ > #endif > }; > @@ -786,7 +795,7 @@ static bool skb_nfct_cached(struct net *net, > return ct_executed; > } > > -#ifdef CONFIG_NF_NAT_NEEDED > +#if IS_ENABLED(CONFIG_NF_NAT_NEEDED) > /* Modelled after nf_nat_ipv[46]_fn(). > * range is only used for new, uninitialized NAT state. > * Returns either NF_ACCEPT or NF_DROP. > @@ -1405,7 +1414,7 @@ static int ovs_ct_add_helper(struct ovs_conntrack_info > *info, const char *name, > return 0; > } > > -#ifdef CONFIG_NF_NAT_NEEDED > +#if IS_ENABLED(CONFIG_NF_NAT_NEEDED) > static int parse_nat(const struct nlattr *attr, > struct ovs_conntrack_info *info, bool log) > { > @@ -1547,7 +1556,7 @@ static const struct ovs_ct_len_tbl > ovs_ct_attr_lens[OVS_CT_ATTR_MAX + 1] = { > .maxlen = sizeof(struct md_labels) }, > [OVS_CT_ATTR_HELPER] = { .minlen = 1, > .maxlen = NF_CT_HELPER_NAME_LEN }, > -#ifdef CONFIG_NF_NAT_NEEDED > +#if IS_ENABLED(CONFIG_NF_NAT_NEEDED) > /* NAT length is checked when parsing the nested attributes. */ > [OVS_CT_ATTR_NAT] = { .minlen = 0, .maxlen = INT_MAX }, > #endif > @@ -1627,7 +1636,7 @@ static int parse_ct(const struct nlattr *attr, struct > ovs_conntrack_info *info, > return -EINVAL; > } > break; > -#ifdef CONFIG_NF_NAT_NEEDED > +#if IS_ENABLED(CONFIG_NF_NAT_NEEDED) > case OVS_CT_ATTR_NAT: { > int err = parse_nat(a, info, log); > > @@ -1761,7 +1770,7 @@ err_free_ct: > return err; > } > > -#ifdef CONFIG_NF_NAT_NEEDED > +#if IS_ENABLED(CONFIG_NF_NAT_NEEDED) > static bool ovs_ct_nat_to_attr(const struct ovs_conntrack_info *info, > struct sk_buff *skb) > { > @@ -1871,7 +1880,7 @@ int ovs_ct_action_to_attr(const struct > ovs_conntrack_info *ct_info, > return -EMSGSIZE; > } > > -#ifdef CONFIG_NF_NAT_NEEDED > +#if IS_ENABLED(CONFIG_NF_NAT_NEEDED) > if (ct_info->nat && !ovs_ct_nat_to_attr(ct_info, skb)) > return -EMSGSIZE; > #endif > -- > 2.7.4 > > _______________________________________________ > dev mailing list > [email protected] > https://mail.openvswitch.org/mailman/listinfo/ovs-dev _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
