158803 – net-misc/l7-filter breaks with 2.6.18 based sources

Bug 158803 - net-misc/l7-filter breaks with 2.6.18 based sources

Summary: net-misc/l7-filter breaks with 2.6.18 based sources

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Hardened (show other bugs)
Hardware:	x86 Linux

Importance:	High normal (vote)
Assignee:	Daniel Black (RETIRED)

URL:	http://sourceforge.net/tracker/index....
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2006-12-21 22:56 UTC by Tomasz Bukowski
Modified:	2006-12-22 02:45 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Tomasz Bukowski 2006-12-21 22:56:02 UTC

some changes in skbbuff in kernel sources cause 
emerged l7-filter && compile sources 2.6.18-hardened 
is reporting error.

How do i get this :

1. emerged 2.6.18 hardned sources ( sys-kernel/hardened-sources-2.6.18-r1 )
2. emerged iptables ( net-firewall/iptables-1.3.5-r4 with USE="+l7filter" )
   it yelds that i  need to emerge l7-filter , and then iptables 
3. So i emerge l7-filter ( net-misc/l7-filter-2.3 ) and emerge (again) iptables
   It compile.
4. I rebuild my kernel ( cause l7-filter package do some changes in sources )
5. I get compilation error :

  CC [M]  net/ipv4/netfilter/ipt_layer7.o
net/ipv4/netfilter/ipt_layer7.c: In function 'match':
net/ipv4/netfilter/ipt_layer7.c:373: error: too many arguments to function 'skb_linearize'
net/ipv4/netfilter/ipt_layer7.c: At top level:

I think change : ( in  net/ipv4/netfilter/ipt_layer7.c , line 373 )
    ORG : if(skb_linearize(skb, GFP_ATOMIC) != 0){
  to
    FIX : if (skb_linearize(skb) !=0 ){
 should work ( cpompiled ok, now tesing )

Comment 1 Christian Heim (RETIRED) gentoo-dev

2006-12-22 02:14:11 UTC

(In reply to comment #0)
> some changes in skbbuff in kernel sources cause 
> emerged l7-filter && compile sources 2.6.18-hardened 
> is reporting error.
> 
> How do i get this :
> 
> 1. emerged 2.6.18 hardned sources ( sys-kernel/hardened-sources-2.6.18-r1 )
> 2. emerged iptables ( net-firewall/iptables-1.3.5-r4 with USE="+l7filter" )
>    it yelds that i  need to emerge l7-filter , and then iptables 
> 3. So i emerge l7-filter ( net-misc/l7-filter-2.3 ) and emerge (again) iptables
>    It compile.
> 4. I rebuild my kernel ( cause l7-filter package do some changes in sources )
> 5. I get compilation error :
> 
>   CC [M]  net/ipv4/netfilter/ipt_layer7.o
> net/ipv4/netfilter/ipt_layer7.c: In function 'match':
> net/ipv4/netfilter/ipt_layer7.c:373: error: too many arguments to function
> 'skb_linearize'
> net/ipv4/netfilter/ipt_layer7.c: At top level:
> 
> I think change : ( in  net/ipv4/netfilter/ipt_layer7.c , line 373 )
>     ORG : if(skb_linearize(skb, GFP_ATOMIC) != 0){
>   to
>     FIX : if (skb_linearize(skb) !=0 ){
>  should work ( cpompiled ok, now tesing )

This isn't restricted to the hardened-sources alone. Any 2.6.18 based sources are affected ...

net/ipv4/netfilter/ipt_layer7.c: In function &#8216;match&#8217;:
net/ipv4/netfilter/ipt_layer7.c:373: error: too many arguments to function &#8216;skb_linearize&#8217;
net/ipv4/netfilter/ipt_layer7.c: At top level:
net/ipv4/netfilter/ipt_layer7.c:465: warning: initialization from incompatible pointer type
make[3]: *** [net/ipv4/netfilter/ipt_layer7.o] Error 1
make[2]: *** [net/ipv4/netfilter] Error 2
make[1]: *** [net/ipv4] Error 2
make[1]: *** Waiting for unfinished jobs....

Comment 2 Daniel Black (RETIRED) gentoo-dev

2006-12-22 02:45:23 UTC

Fixed upstream - will  add l7-filter-2.8 very very soon.

Thanks for the bug report.