netfilter: conntrack: nf_conncount_init is failing with IPv6 disabled

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

The openvswitch module fails initialization when used in a kernel
without IPv6 enabled. nf_conncount_init() fails because the ct code
unconditionally tries to initialize the netns IPv6 related bit,
regardless of the build option. The change below ignores the IPv6
part if not enabled.

Note that the corresponding _put() function already has this IPv6
configuration check.

Fixes: 11efd5cb04a1 ("openvswitch: Support conntrack zone limit")
Signed-off-by: Eelco Chaudron <echaudro@redhat.com>
Reviewed-by: Simon Horman <simon.horman@netronome.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

authored by

Eelco Chaudron and committed by

Pablo Neira Ayuso 5 years ago 526e81b9 6c0d95d1

1 changed file

expand all

net

netfilter

nf_conntrack_proto.c

net/netfilter/nf_conntrack_proto.c

··· 565 565 int err; 566 566 567 567 err = nf_ct_netns_do_get(net, NFPROTO_IPV4); 568 + #if IS_ENABLED(CONFIG_IPV6) 568 569 if (err < 0) 569 570 goto err1; 570 571 err = nf_ct_netns_do_get(net, NFPROTO_IPV6); ··· 576 575 err2: 577 576 nf_ct_netns_put(net, NFPROTO_IPV4); 578 577 err1: 578 + #endif 579 579 return err; 580 580 } 581 581