kernel: fix build of nftables
authorHauke Mehrtens <hauke@hauke-m.de>
Sat, 22 Sep 2018 21:59:10 +0000 (23:59 +0200)
committerJo-Philipp Wich <jo@mein.io>
Tue, 18 Dec 2018 10:28:13 +0000 (11:28 +0100)
Backport an additional patch from 4.16 for nftables.
This fixes a build problem recently introduced.

Fixes: f57806b56e5 ("kernel: generic: Fix nftables inet table breakage")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(backported from efffba34097ff75d12365fb863621d893f974623)

target/linux/generic/backport-4.14/289-v4.16-netfilter-add-defines-for-arp-decnet-max-hooks.patch [new file with mode: 0644]

diff --git a/target/linux/generic/backport-4.14/289-v4.16-netfilter-add-defines-for-arp-decnet-max-hooks.patch b/target/linux/generic/backport-4.14/289-v4.16-netfilter-add-defines-for-arp-decnet-max-hooks.patch
new file mode 100644 (file)
index 0000000..f7898d4
--- /dev/null
@@ -0,0 +1,67 @@
+From e58f33cc84bc089c430ac955f3cad6380ae98591 Mon Sep 17 00:00:00 2001
+From: Florian Westphal <fw@strlen.de>
+Date: Thu, 7 Dec 2017 16:28:23 +0100
+Subject: [PATCH] netfilter: add defines for arp/decnet max hooks
+
+The kernel already has defines for this, but they are in uapi exposed
+headers.
+
+Including these from netns.h causes build errors and also adds unneeded
+dependencies on heads that we don't need.
+
+So move these defines to netfilter_defs.h and place the uapi ones
+in ifndef __KERNEL__ to keep them for userspace.
+
+Signed-off-by: Florian Westphal <fw@strlen.de>
+Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+---
+ include/linux/netfilter_defs.h        | 6 ++++++
+ include/uapi/linux/netfilter_arp.h    | 3 +++
+ include/uapi/linux/netfilter_decnet.h | 4 +++-
+ 3 files changed, 12 insertions(+), 1 deletion(-)
+
+--- a/include/linux/netfilter_defs.h
++++ b/include/linux/netfilter_defs.h
+@@ -7,4 +7,10 @@
+ /* Largest hook number + 1, see uapi/linux/netfilter_decnet.h */
+ #define NF_MAX_HOOKS 8
++/* in/out/forward only */
++#define NF_ARP_NUMHOOKS 3
++
++/* max hook is NF_DN_ROUTE (6), also see uapi/linux/netfilter_decnet.h */
++#define NF_DN_NUMHOOKS 7
++
+ #endif
+--- a/include/uapi/linux/netfilter_arp.h
++++ b/include/uapi/linux/netfilter_arp.h
+@@ -15,6 +15,9 @@
+ #define NF_ARP_IN     0
+ #define NF_ARP_OUT    1
+ #define NF_ARP_FORWARD        2
++
++#ifndef __KERNEL__
+ #define NF_ARP_NUMHOOKS       3
++#endif
+ #endif /* __LINUX_ARP_NETFILTER_H */
+--- a/include/uapi/linux/netfilter_decnet.h
++++ b/include/uapi/linux/netfilter_decnet.h
+@@ -24,6 +24,9 @@
+ #define NFC_DN_IF_IN          0x0004
+ /* Output device. */
+ #define NFC_DN_IF_OUT         0x0008
++
++/* kernel define is in netfilter_defs.h */
++#define NF_DN_NUMHOOKS                7
+ #endif /* ! __KERNEL__ */
+ /* DECnet Hooks */
+@@ -41,7 +44,6 @@
+ #define NF_DN_HELLO           5
+ /* Input Routing Packets */
+ #define NF_DN_ROUTE           6
+-#define NF_DN_NUMHOOKS                7
+ enum nf_dn_hook_priorities {
+       NF_DN_PRI_FIRST = INT_MIN,