Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 158803

Summary: net-misc/l7-filter breaks with 2.6.18 based sources
Product: Gentoo Linux Reporter: Tomasz Bukowski <keidii>
Component: HardenedAssignee: Daniel Black (RETIRED) <dragonheart>
Status: RESOLVED FIXED    
Severity: normal CC: hardened
Priority: High    
Version: 2006.1   
Hardware: x86   
OS: Linux   
URL: http://sourceforge.net/tracker/index.php?func=detail&aid=1562707&group_id=80085&atid=558668
Whiteboard:
Package list:
Runtime testing required: ---

Description Tomasz Bukowski 2006-12-21 22:56:02 UTC 
some changes in skbbuff in kernel sources cause 
emerged l7-filter && compile sources 2.6.18-hardened 
is reporting error.

How do i get this :

1. emerged 2.6.18 hardned sources ( sys-kernel/hardened-sources-2.6.18-r1 )
2. emerged iptables ( net-firewall/iptables-1.3.5-r4 with USE="+l7filter" )
   it yelds that i  need to emerge l7-filter , and then iptables 
3. So i emerge l7-filter ( net-misc/l7-filter-2.3 ) and emerge (again) iptables
   It compile.
4. I rebuild my kernel ( cause l7-filter package do some changes in sources )
5. I get compilation error :

  CC [M]  net/ipv4/netfilter/ipt_layer7.o
net/ipv4/netfilter/ipt_layer7.c: In function 'match':
net/ipv4/netfilter/ipt_layer7.c:373: error: too many arguments to function 'skb_linearize'
net/ipv4/netfilter/ipt_layer7.c: At top level:

I think change : ( in  net/ipv4/netfilter/ipt_layer7.c , line 373 )
    ORG : if(skb_linearize(skb, GFP_ATOMIC) != 0){
  to
    FIX : if (skb_linearize(skb) !=0 ){
 should work ( cpompiled ok, now tesing )
Comment 1 Christian Heim (RETIRED) gentoo-dev 2006-12-22 02:14:11 UTC 
(In reply to comment #0)
> some changes in skbbuff in kernel sources cause 
> emerged l7-filter && compile sources 2.6.18-hardened 
> is reporting error.
> 
> How do i get this :
> 
> 1. emerged 2.6.18 hardned sources ( sys-kernel/hardened-sources-2.6.18-r1 )
> 2. emerged iptables ( net-firewall/iptables-1.3.5-r4 with USE="+l7filter" )
>    it yelds that i  need to emerge l7-filter , and then iptables 
> 3. So i emerge l7-filter ( net-misc/l7-filter-2.3 ) and emerge (again) iptables
>    It compile.
> 4. I rebuild my kernel ( cause l7-filter package do some changes in sources )
> 5. I get compilation error :
> 
>   CC [M]  net/ipv4/netfilter/ipt_layer7.o
> net/ipv4/netfilter/ipt_layer7.c: In function 'match':
> net/ipv4/netfilter/ipt_layer7.c:373: error: too many arguments to function
> 'skb_linearize'
> net/ipv4/netfilter/ipt_layer7.c: At top level:
> 
> I think change : ( in  net/ipv4/netfilter/ipt_layer7.c , line 373 )
>     ORG : if(skb_linearize(skb, GFP_ATOMIC) != 0){
>   to
>     FIX : if (skb_linearize(skb) !=0 ){
>  should work ( cpompiled ok, now tesing )

This isn't restricted to the hardened-sources alone. Any 2.6.18 based sources are affected ...

net/ipv4/netfilter/ipt_layer7.c: In function &#8216;match&#8217;:
net/ipv4/netfilter/ipt_layer7.c:373: error: too many arguments to function &#8216;skb_linearize&#8217;
net/ipv4/netfilter/ipt_layer7.c: At top level:
net/ipv4/netfilter/ipt_layer7.c:465: warning: initialization from incompatible pointer type
make[3]: *** [net/ipv4/netfilter/ipt_layer7.o] Error 1
make[2]: *** [net/ipv4/netfilter] Error 2
make[1]: *** [net/ipv4] Error 2
make[1]: *** Waiting for unfinished jobs....
Comment 2 Daniel Black (RETIRED) gentoo-dev 2006-12-22 02:45:23 UTC 
Fixed upstream - will  add l7-filter-2.8 very very soon.

Thanks for the bug report.