pf: fix build on kernels without "options INET" #1511
Conversation
- IN_LOOPBACK() cannot be used without INET, because it references a VNET symbol vnet_entry_in_loopback_mask. - ip_fillid() is not available without INET. since this codepath is only entered in the AF_INET case, guard it with #ifnet INET. Fixes: 27f54be ("pf: merge pf_test() and pf_test6()") Fixes: 4f9e688 ("pf: merge pf_scrub_ip() and pf_scrub_ip6()")
| case AF_INET: | ||
| return IN_LOOPBACK(ntohl(addr->v4.s_addr)); | ||
| #endif | ||
| case AF_INET6: |
There was a problem hiding this comment.
Wouldn't this case also need an #ifdef INET6?
There was a problem hiding this comment.
no, because IN6_IS_ADDR_LOOPBACK() doesn't depend on any symbols.
IN_LOOPBACK() is strange because of the sysctl net.inet.ip.loopback_prefixlen which is why it references a VNET symbol.
this is not the first time i've fixed this exact same bug -- i'm wondering if we should just remove this 'feature' entirely.
There was a problem hiding this comment.
I see, in efe5885, implementing draft-schoen-intarea-unicast-127-06. Thank you for the info.
There was a problem hiding this comment.
i wasn't aware of that I-D, but i accept this as a reason not to remove the feature :-)
|
What kernel config fails to build? As far as I know make universe passes and LINT-NOINET builds, so I’m a little confused about this. |
|
kernel config: the build is fine actually, but the module cannot load: |
|
Landed as 9ca3286. |
IN_LOOPBACK() cannot be used without INET, because it references a VNET symbol vnet_entry_in_loopback_mask.
ip_fillid() is not available without INET. since this codepath is only entered in the AF_INET case, guard it with #ifnet INET.
Fixes: 27f54be ("pf: merge pf_test() and pf_test6()")
Fixes: 4f9e688 ("pf: merge pf_scrub_ip() and pf_scrub_ip6()")
cc @kprovost