netfilter: add missing IS_ENABLED(CONFIG_NF_CONNTRACK) checks to some header-files.

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

struct nf_conn contains a "struct nf_conntrack ct_general" member and
struct net contains a "struct netns_ct ct" member which are both only
defined in CONFIG_NF_CONNTRACK is enabled. These members are used in a
number of inline functions defined in other header-files. Added
preprocessor checks to make sure the headers will compile if
CONFIG_NF_CONNTRACK is disabled.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

authored by

Jeremy Sowden and committed by

Pablo Neira Ayuso 6 years ago 0abc8bf4 47e640af

+31

4 changed files

expand all

include

net

netfilter

nf_conntrack.h

nf_conntrack_acct.h

nf_conntrack_l4proto.h

nf_conntrack_timestamp.h

+10

include/net/netfilter/nf_conntrack.h

··· 59 59 #include <net/netfilter/ipv6/nf_conntrack_ipv6.h> 60 60 61 61 struct nf_conn { 62 + #if IS_ENABLED(CONFIG_NF_CONNTRACK) 62 63 /* Usage count in here is 1 for hash table, 1 per skb, 63 64 * plus 1 for any connection(s) we are `master' for 64 65 * ··· 69 68 * beware nf_ct_get() is different and don't inc refcnt. 70 69 */ 71 70 struct nf_conntrack ct_general; 71 + #endif 72 72 73 73 spinlock_t lock; 74 74 /* jiffies32 when this ct is considered dead */ ··· 150 148 int nf_conntrack_tuple_taken(const struct nf_conntrack_tuple *tuple, 151 149 const struct nf_conn *ignored_conntrack); 152 150 151 + #if IS_ENABLED(CONFIG_NF_CONNTRACK) 152 + 153 153 #define NFCT_INFOMASK 7UL 154 154 #define NFCT_PTRMASK ~(NFCT_INFOMASK) 155 155 ··· 170 166 WARN_ON(!ct); 171 167 nf_conntrack_put(&ct->ct_general); 172 168 } 169 + 170 + #endif 173 171 174 172 /* Protocol module loading */ 175 173 int nf_ct_l3proto_try_module_get(unsigned short l3proto); ··· 324 318 325 319 u32 nf_ct_get_id(const struct nf_conn *ct); 326 320 321 + #if IS_ENABLED(CONFIG_NF_CONNTRACK) 322 + 327 323 static inline void 328 324 nf_ct_set(struct sk_buff *skb, struct nf_conn *ct, enum ip_conntrack_info info) 329 325 { 330 326 skb->_nfct = (unsigned long)ct | info; 331 327 } 328 + 329 + #endif 332 330 333 331 #define NF_CT_STAT_INC(net, count) __this_cpu_inc((net)->ct.stat->count) 334 332 #define NF_CT_STAT_INC_ATOMIC(net, count) this_cpu_inc((net)->ct.stat->count)

+13

include/net/netfilter/nf_conntrack_acct.h

··· 29 29 static inline 30 30 struct nf_conn_acct *nf_ct_acct_ext_add(struct nf_conn *ct, gfp_t gfp) 31 31 { 32 + #if IS_ENABLED(CONFIG_NF_CONNTRACK) 32 33 struct net *net = nf_ct_net(ct); 33 34 struct nf_conn_acct *acct; 34 35 ··· 42 41 43 42 44 43 return acct; 44 + #else 45 + return NULL; 46 + #endif 45 47 }; 46 48 47 49 /* Check if connection tracking accounting is enabled */ 48 50 static inline bool nf_ct_acct_enabled(struct net *net) 49 51 { 52 + #if IS_ENABLED(CONFIG_NF_CONNTRACK) 50 53 return net->ct.sysctl_acct != 0; 54 + #else 55 + return false; 56 + #endif 51 57 } 52 58 53 59 /* Enable/disable connection tracking accounting */ 54 60 static inline void nf_ct_set_acct(struct net *net, bool enable) 55 61 { 62 + #if IS_ENABLED(CONFIG_NF_CONNTRACK) 56 63 net->ct.sysctl_acct = enable; 64 + #endif 57 65 } 58 66 67 + #if IS_ENABLED(CONFIG_NF_CONNTRACK) 59 68 void nf_conntrack_acct_pernet_init(struct net *net); 60 69 61 70 int nf_conntrack_acct_init(void); 62 71 void nf_conntrack_acct_fini(void); 72 + #endif /* IS_ENABLED(CONFIG_NF_CONNTRACK) */ 73 + 63 74 #endif /* _NF_CONNTRACK_ACCT_H */

include/net/netfilter/nf_conntrack_l4proto.h

··· 176 176 const char *fmt, ...) { } 177 177 #endif /* CONFIG_SYSCTL */ 178 178 179 + #if IS_ENABLED(CONFIG_NF_CONNTRACK) 179 180 static inline struct nf_generic_net *nf_generic_pernet(struct net *net) 180 181 { 181 182 return &net->ct.nf_ct_proto.generic; ··· 201 200 { 202 201 return &net->ct.nf_ct_proto.icmpv6; 203 202 } 203 + #endif 204 204 205 205 #ifdef CONFIG_NF_CT_PROTO_DCCP 206 206 static inline struct nf_dccp_net *nf_dccp_pernet(struct net *net)

include/net/netfilter/nf_conntrack_timestamp.h

··· 40 40 41 41 static inline bool nf_ct_tstamp_enabled(struct net *net) 42 42 { 43 + #if IS_ENABLED(CONFIG_NF_CONNTRACK) 43 44 return net->ct.sysctl_tstamp != 0; 45 + #else 46 + return false; 47 + #endif 44 48 } 45 49 46 50 static inline void nf_ct_set_tstamp(struct net *net, bool enable) 47 51 { 52 + #if IS_ENABLED(CONFIG_NF_CONNTRACK) 48 53 net->ct.sysctl_tstamp = enable; 54 + #endif 49 55 } 50 56 51 57 #ifdef CONFIG_NF_CONNTRACK_TIMESTAMP