[OpenWrt-Devel] [PATCH] Partially fix xtables-addons for kernel 3.7, update from 2.0 to 2.1

Russell Senior Tue, 15 Jan 2013 00:08:05 -0800

Partially fix xtables-addons for kernel 3.7, update from 2.0 to 2.1

With kernel 3.7.x, it seems CONFIG_UIDGID_STRICT_TYPE_CHECKS is set
and xtables-addons is not compliant.  This patch fixes some of the
type errors, but comments out module_param() calls where param_ops
support is needed for kuid_t/kgid_t types (HALP!).  Also, updates to
xtables-addons-2.1 for good measure.


Signed-off-by: Russell Senior <russ...@personaltelco.net>
---
 net/xtables-addons/Makefile                        |    4 +-
 .../patches/110-dnetmap-linux-3.7.patch            |   22 -----
 net/xtables-addons/patches/310-uidgid.patch        |   84 ++++++++++++++++++++
 3 files changed, 86 insertions(+), 24 deletions(-)
 delete mode 100644 net/xtables-addons/patches/110-dnetmap-linux-3.7.patch
 create mode 100644 net/xtables-addons/patches/310-uidgid.patch

diff --git a/net/xtables-addons/Makefile b/net/xtables-addons/Makefile
index 9bf39da..c66a227 100644
--- a/net/xtables-addons/Makefile
+++ b/net/xtables-addons/Makefile
@@ -10,9 +10,9 @@ include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=xtables-addons
 ifeq ($(strip $(call CompareKernelPatchVer,$(KERNEL_PATCHVER),ge,3.7.0)),1)
-PKG_VERSION:=2.0
+PKG_VERSION:=2.1
 PKG_RELEASE:=1
-PKG_MD5SUM:=26b1b1dbb4a8faff24597723ebde04c9
+PKG_MD5SUM:=b624fc57bbda9e15c33a6471e4ec75e1
 else
 PKG_VERSION:=1.45
 PKG_RELEASE:=3
diff --git a/net/xtables-addons/patches/110-dnetmap-linux-3.7.patch 
b/net/xtables-addons/patches/110-dnetmap-linux-3.7.patch
deleted file mode 100644
index f0aa6d4..0000000
--- a/net/xtables-addons/patches/110-dnetmap-linux-3.7.patch
+++ /dev/null
@@ -1,22 +0,0 @@
---- xtables-addons-2.0/extensions/xt_DNETMAP.c~        2012-11-12 
18:03:51.000000000 +0000
-+++ xtables-addons-2.0/extensions/xt_DNETMAP.c 2012-12-20 00:06:10.656675731 
+0000
-@@ -27,7 +27,7 @@
- #include <linux/netfilter_ipv4.h>
- #include <linux/netfilter/x_tables.h>
- #include <linux/version.h>
--#include <net/netfilter/nf_nat_rule.h>
-+#include <net/netfilter/nf_nat.h>
- #include <net/net_namespace.h>
- #include <net/netns/generic.h>
- #include <linux/netfilter/nf_nat.h>
---- xtables-addons-2.0/mconfig 2012-12-20 00:55:11.445085492 +0000
-+++ xtables-addons-2.0/mconfig~        2012-12-20 00:54:29.000000000 +0000
-@@ -4,7 +4,7 @@ build_ACCOUNT=m
- build_CHAOS=m
- build_DELUDE=m
- build_DHCPMAC=m
--build_DNETMAP=
-+build_DNETMAP=m
- build_ECHO=m
- build_IPMARK=m
- build_LOGMARK=m
diff --git a/net/xtables-addons/patches/310-uidgid.patch 
b/net/xtables-addons/patches/310-uidgid.patch
new file mode 100644
index 0000000..869d109
--- /dev/null
+++ b/net/xtables-addons/patches/310-uidgid.patch
@@ -0,0 +1,84 @@
+diff -ru xtables-addons-2.1-orig/extensions/xt_DNETMAP.c 
xtables-addons-2.1/extensions/xt_DNETMAP.c
+--- xtables-addons-2.1-orig/extensions/xt_DNETMAP.c    2012-12-26 
23:01:00.000000000 -0800
++++ xtables-addons-2.1/extensions/xt_DNETMAP.c 2013-01-14 23:09:12.000000000 
-0800
+@@ -26,6 +26,7 @@
+ #include <linux/netfilter.h>
+ #include <linux/netfilter_ipv4.h>
+ #include <linux/netfilter/x_tables.h>
++#include <linux/uidgid.h>
+ #include <linux/version.h>
+ #include <net/net_namespace.h>
+ #include <net/netns/generic.h>
+@@ -41,8 +42,8 @@
+ 
+ static unsigned int default_ttl = 600;
+ static unsigned int proc_perms = S_IRUGO | S_IWUSR;
+-static unsigned int proc_uid;
+-static unsigned int proc_gid;
++static kuid_t proc_uid;
++static kgid_t proc_gid;
+ static unsigned int default_hash_size = 256;
+ static unsigned int hash_size = 256;
+ static unsigned int disable_log;
+diff -ru xtables-addons-2.1-orig/extensions/xt_condition.c 
xtables-addons-2.1/extensions/xt_condition.c
+--- xtables-addons-2.1-orig/extensions/xt_condition.c  2012-12-26 
23:01:00.000000000 -0800
++++ xtables-addons-2.1/extensions/xt_condition.c       2013-01-14 
23:09:12.000000000 -0800
+@@ -20,6 +20,7 @@
+ #include <linux/string.h>
+ #include <linux/version.h>
+ #include <linux/netfilter/x_tables.h>
++#include <linux/uidgid.h>
+ #include <asm/uaccess.h>
+ #include "xt_condition.h"
+ #include "compat_xtables.h"
+@@ -30,8 +31,8 @@
+ 
+ /* Defaults, these can be overridden on the module command-line. */
+ static unsigned int condition_list_perms = S_IRUGO | S_IWUSR;
+-static unsigned int condition_uid_perms = 0;
+-static unsigned int condition_gid_perms = 0;
++static kuid_t condition_uid_perms = KUIDT_INIT(0);
++static kgid_t condition_gid_perms = KGIDT_INIT(0);
+ 
+ MODULE_AUTHOR("Stephane Ouellette <ouellet...@videotron.ca>");
+ MODULE_AUTHOR("Massimiliano Hofer <m...@nucleus.it>");
+@@ -40,10 +41,12 @@
+ MODULE_LICENSE("GPL");
+ module_param(condition_list_perms, uint, S_IRUSR | S_IWUSR);
+ MODULE_PARM_DESC(condition_list_perms, "permissions on 
/proc/net/nf_condition/* files");
++#ifndef CONFIG_UIDGID_STRICT_TYPE_CHECKS
+ module_param(condition_uid_perms, uint, S_IRUSR | S_IWUSR);
+ MODULE_PARM_DESC(condition_uid_perms, "user owner of /proc/net/nf_condition/* 
files");
+ module_param(condition_gid_perms, uint, S_IRUSR | S_IWUSR);
+ MODULE_PARM_DESC(condition_gid_perms, "group owner of 
/proc/net/nf_condition/* files");
++#endif
+ MODULE_ALIAS("ipt_condition");
+ MODULE_ALIAS("ip6t_condition");
+ 
+diff -ru xtables-addons-2.1-orig/extensions/xt_quota2.c 
xtables-addons-2.1/extensions/xt_quota2.c
+--- xtables-addons-2.1-orig/extensions/xt_quota2.c     2012-12-26 
23:01:00.000000000 -0800
++++ xtables-addons-2.1/extensions/xt_quota2.c  2013-01-14 23:11:58.000000000 
-0800
+@@ -17,6 +17,7 @@
+ #include <linux/skbuff.h>
+ #include <linux/spinlock.h>
+ #include <linux/version.h>
++#include <linux/uidgid.h>
+ #include <asm/atomic.h>
+ 
+ #include <linux/netfilter/x_tables.h>
+@@ -40,11 +41,13 @@
+ 
+ static struct proc_dir_entry *proc_xt_quota;
+ static unsigned int quota_list_perms = S_IRUGO | S_IWUSR;
+-static unsigned int quota_list_uid   = 0;
+-static unsigned int quota_list_gid   = 0;
++static kuid_t quota_list_uid = KUIDT_INIT(0);
++static kgid_t quota_list_gid = KGIDT_INIT(0);
+ module_param_named(perms, quota_list_perms, uint, S_IRUGO | S_IWUSR);
++#ifndef CONFIG_UIDGID_STRICT_TYPE_CHECKS
+ module_param_named(uid, quota_list_uid, uint, S_IRUGO | S_IWUSR);
+ module_param_named(gid, quota_list_gid, uint, S_IRUGO | S_IWUSR);
++#endif
+ 
+ static int quota_proc_read(char *page, char **start, off_t offset,
+                            int count, int *eof, void *data)
-- 
1.7.2.2



-- 
Russell Senior, President
russ...@personaltelco.net
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel

[OpenWrt-Devel] [PATCH] Partially fix xtables-addons for kernel 3.7, update from 2.0 to 2.1

Reply via email to