From 596472c4fa050105dfe1dd68b565e16ba5a7909f Mon Sep 17 00:00:00 2001 From: =?utf8?q?Jan=20R=C4=99korajski?= Date: Sat, 16 Sep 2017 09:55:09 +0200 Subject: [PATCH] - up to 6.33 --- ipset.spec | 10 +--- linux-4.10.patch | 139 ----------------------------------------------- linux-4.12.patch | 134 --------------------------------------------- 3 files changed, 3 insertions(+), 280 deletions(-) delete mode 100644 linux-4.10.patch delete mode 100644 linux-4.12.patch diff --git a/ipset.spec b/ipset.spec index 0e841c5..082e1a7 100644 --- a/ipset.spec +++ b/ipset.spec @@ -22,21 +22,19 @@ exit 1 %define _enable_debug_packages 0 %endif -%define rel 2 +%define rel 1 %define pname ipset Summary: IP sets utility Summary(pl.UTF-8): Narzędzie do zarządzania zbiorami IP Name: %{pname}%{?_pld_builder:%{?with_kernel:-kernel}}%{_alt_kernel} -Version: 6.32 +Version: 6.33 Release: %{rel}%{?_pld_builder:%{?with_kernel:@%{_kernel_ver_str}}} License: GPL v2 Group: Networking/Admin #Source0Download: http://ipset.netfilter.org/install.html Source0: http://ipset.netfilter.org/%{pname}-%{version}.tar.bz2 -# Source0-md5: 857a5c6a6d645196865a82bf6fd7f567 +# Source0-md5: 852d05822b2124d9240f4cdb34c0a36e Source1: %{pname}.init -Patch0: linux-4.10.patch -Patch1: linux-4.12.patch URL: http://ipset.netfilter.org/ BuildRequires: autoconf >= 2.50 BuildRequires: automake @@ -187,8 +185,6 @@ done\ %prep %setup -q -n %{pname}-%{version} -%patch0 -p1 -%patch1 -p1 %build %{__aclocal} diff --git a/linux-4.10.patch b/linux-4.10.patch deleted file mode 100644 index 25a1a8d..0000000 --- a/linux-4.10.patch +++ /dev/null @@ -1,139 +0,0 @@ ---- ipset-6.32/kernel/net/netfilter/xt_set.c.orig 2017-03-12 18:41:03.000000000 +0100 -+++ ipset-6.32/kernel/net/netfilter/xt_set.c 2017-03-25 20:09:19.407499549 +0100 -@@ -72,7 +72,7 @@ - { - const struct xt_set_info_match_v0 *info = par->matchinfo; - -- ADT_OPT(opt, par->family, info->match_set.u.compat.dim, -+ ADT_OPT(opt, xt_family(par), info->match_set.u.compat.dim, - info->match_set.u.compat.flags, 0, UINT_MAX); - - return match_set(info->match_set.index, skb, par, &opt, -@@ -135,7 +135,7 @@ - { - const struct xt_set_info_match_v1 *info = par->matchinfo; - -- ADT_OPT(opt, par->family, info->match_set.dim, -+ ADT_OPT(opt, xt_family(par), info->match_set.dim, - info->match_set.flags, 0, UINT_MAX); - - if (opt.flags & IPSET_RETURN_NOMATCH) -@@ -201,7 +201,7 @@ - const struct xt_set_info_match_v3 *info = par->matchinfo; - int ret; - -- ADT_OPT(opt, par->family, info->match_set.dim, -+ ADT_OPT(opt, xt_family(par), info->match_set.dim, - info->match_set.flags, info->flags, UINT_MAX); - - if (info->packets.op != IPSET_COUNTER_NONE || -@@ -248,7 +248,7 @@ - const struct xt_set_info_match_v4 *info = par->matchinfo; - int ret; - -- ADT_OPT(opt, par->family, info->match_set.dim, -+ ADT_OPT(opt, xt_family(par), info->match_set.dim, - info->match_set.flags, info->flags, UINT_MAX); - - if (info->packets.op != IPSET_COUNTER_NONE || -@@ -284,9 +284,9 @@ - { - const struct xt_set_info_target_v0 *info = par->targinfo; - -- ADT_OPT(add_opt, par->family, info->add_set.u.compat.dim, -+ ADT_OPT(add_opt, xt_family(par), info->add_set.u.compat.dim, - info->add_set.u.compat.flags, 0, UINT_MAX); -- ADT_OPT(del_opt, par->family, info->del_set.u.compat.dim, -+ ADT_OPT(del_opt, xt_family(par), info->del_set.u.compat.dim, - info->del_set.u.compat.flags, 0, UINT_MAX); - - if (info->add_set.index != IPSET_INVALID_ID) -@@ -362,9 +362,9 @@ - { - const struct xt_set_info_target_v1 *info = par->targinfo; - -- ADT_OPT(add_opt, par->family, info->add_set.dim, -+ ADT_OPT(add_opt, xt_family(par), info->add_set.dim, - info->add_set.flags, 0, UINT_MAX); -- ADT_OPT(del_opt, par->family, info->del_set.dim, -+ ADT_OPT(del_opt, xt_family(par), info->del_set.dim, - info->del_set.flags, 0, UINT_MAX); - - if (info->add_set.index != IPSET_INVALID_ID) -@@ -436,9 +436,9 @@ - { - const struct xt_set_info_target_v2 *info = par->targinfo; - -- ADT_OPT(add_opt, par->family, info->add_set.dim, -+ ADT_OPT(add_opt, xt_family(par), info->add_set.dim, - info->add_set.flags, info->flags, info->timeout); -- ADT_OPT(del_opt, par->family, info->del_set.dim, -+ ADT_OPT(del_opt, xt_family(par), info->del_set.dim, - info->del_set.flags, 0, UINT_MAX); - - /* Normalize to fit into jiffies */ -@@ -468,11 +468,11 @@ - const struct xt_set_info_target_v3 *info = par->targinfo; - int ret; - -- ADT_OPT(add_opt, par->family, info->add_set.dim, -+ ADT_OPT(add_opt, xt_family(par), info->add_set.dim, - info->add_set.flags, info->flags, info->timeout); -- ADT_OPT(del_opt, par->family, info->del_set.dim, -+ ADT_OPT(del_opt, xt_family(par), info->del_set.dim, - info->del_set.flags, 0, UINT_MAX); -- ADT_OPT(map_opt, par->family, info->map_set.dim, -+ ADT_OPT(map_opt, xt_family(par), info->map_set.dim, - info->map_set.flags, 0, UINT_MAX); - - /* Normalize to fit into jiffies */ ---- ipset-6.32/kernel/net/netfilter/ipset/ip_set_hash_netiface.c.orig 2017-03-12 18:41:03.000000000 +0100 -+++ ipset-6.32/kernel/net/netfilter/ipset/ip_set_hash_netiface.c 2017-03-25 20:21:11.890900536 +0100 -@@ -170,7 +170,8 @@ - ip4addrptr(skb, opt->flags & IPSET_DIM_ONE_SRC, &e.ip); - e.ip &= ip_set_netmask(e.cidr); - --#define IFACE(dir) (par->dir ? par->dir->name : "") -+#define IFACEIN (xt_in(par) ? xt_in(par)->name : "") -+#define IFACEOUT (xt_out(par) ? xt_out(par)->name : "") - #define SRCDIR (opt->flags & IPSET_DIM_TWO_SRC) - - if (opt->cmdflags & IPSET_FLAG_PHYSDEV) { -@@ -184,7 +185,7 @@ - e.physdev = 1; - #endif - } else { -- STRLCPY(e.iface, SRCDIR ? IFACE(in) : IFACE(out)); -+ STRLCPY(e.iface, SRCDIR ? IFACEIN : IFACEOUT); - } - - if (strlen(e.iface) == 0) -@@ -392,7 +393,7 @@ - e.physdev = 1; - #endif - } else { -- STRLCPY(e.iface, SRCDIR ? IFACE(in) : IFACE(out)); -+ STRLCPY(e.iface, SRCDIR ? IFACEIN : IFACEOUT); - } - - if (strlen(e.iface) == 0) ---- ipset-6.32/kernel/include/linux/netfilter/ipset/ip_set_compat.h.in.orig 2017-03-25 20:11:14.791803460 +0100 -+++ ipset-6.32/kernel/include/linux/netfilter/ipset/ip_set_compat.h.in 2017-03-25 20:27:17.970438585 +0100 -@@ -285,10 +285,16 @@ - } - #endif - -+#if LINUX_VERSION_CODE < KERNEL_VERSION(4,10,0) -+#define xt_in(par) par->in -+#define xt_out(par) par->out -+#define xt_family(par) par->family -+#endif -+ - #ifdef HAVE_NET_IN_XT_ACTION_PARAM - #define IPSET_DEV_NET(par) (par)->net - #else --#define IPSET_DEV_NET(par) dev_net((par)->in ? (par)->in : (par)->out) -+#define IPSET_DEV_NET(par) dev_net(xt_in(par) ? xt_in(par) : xt_out(par)) - #endif - - #ifndef smp_mb__before_atomic diff --git a/linux-4.12.patch b/linux-4.12.patch deleted file mode 100644 index cf6b9f0..0000000 --- a/linux-4.12.patch +++ /dev/null @@ -1,134 +0,0 @@ ---- ipset-6.32/kernel/net/netfilter/ipset/ip_set_core.c.orig 2017-08-01 15:16:35.420874095 +0200 -+++ ipset-6.32/kernel/net/netfilter/ipset/ip_set_core.c 2017-08-01 15:20:22.597111757 +0200 -@@ -300,7 +300,11 @@ - - if (unlikely(!flag_nested(nla))) - return -IPSET_ERR_PROTOCOL; -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,12,0) -+ if (nla_parse_nested(tb, IPSET_ATTR_IPADDR_MAX, nla, ipaddr_policy, NULL)) -+#else - if (nla_parse_nested(tb, IPSET_ATTR_IPADDR_MAX, nla, ipaddr_policy)) -+#endif - return -IPSET_ERR_PROTOCOL; - if (unlikely(!ip_set_attr_netorder(tb, IPSET_ATTR_IPADDR_IPV4))) - return -IPSET_ERR_PROTOCOL; -@@ -318,7 +322,11 @@ - if (unlikely(!flag_nested(nla))) - return -IPSET_ERR_PROTOCOL; - -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,12,0) -+ if (nla_parse_nested(tb, IPSET_ATTR_IPADDR_MAX, nla, ipaddr_policy, NULL)) -+#else - if (nla_parse_nested(tb, IPSET_ATTR_IPADDR_MAX, nla, ipaddr_policy)) -+#endif - return -IPSET_ERR_PROTOCOL; - if (unlikely(!ip_set_attr_netorder(tb, IPSET_ATTR_IPADDR_IPV6))) - return -IPSET_ERR_PROTOCOL; -@@ -914,7 +922,11 @@ - /* Without holding any locks, create private part. */ - if (attr[IPSET_ATTR_DATA] && - nla_parse_nested(tb, IPSET_ATTR_CREATE_MAX, attr[IPSET_ATTR_DATA], -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,12,0) -+ set->type->create_policy, NULL)) { -+#else - set->type->create_policy)) { -+#endif - ret = -IPSET_ERR_PROTOCOL; - goto put_out; - } -@@ -1270,7 +1282,11 @@ - - /* Second pass, so parser can't fail */ - nla_parse(cda, IPSET_ATTR_CMD_MAX, -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,12,0) -+ attr, nlh->nlmsg_len - min_len, ip_set_setname_policy, NULL); -+#else - attr, nlh->nlmsg_len - min_len, ip_set_setname_policy); -+#endif - - if (cda[IPSET_ATTR_SETNAME]) { - struct ip_set *set; -@@ -1333,7 +1333,11 @@ - * manually :-( - */ - if (nlh->nlmsg_flags & NLM_F_ACK) -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,12,0) -+ netlink_ack(cb->skb, nlh, ret, NULL); -+#else - netlink_ack(cb->skb, nlh, ret); -+#endif - return ret; - } - } -@@ -1526,7 +1542,11 @@ - - nla_parse(cda, IPSET_ATTR_CMD_MAX, - cmdattr, nlh->nlmsg_len - min_len, -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,12,0) -+ ip_set_adt_policy, NULL); -+#else - ip_set_adt_policy); -+#endif - - errline = nla_data(cda[IPSET_ATTR_LINENO]); - -@@ -1573,7 +1593,11 @@ - if (attr[IPSET_ATTR_DATA]) { - if (nla_parse_nested(tb, IPSET_ATTR_ADT_MAX, - attr[IPSET_ATTR_DATA], -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,12,0) -+ set->type->adt_policy, NULL)) -+#else - set->type->adt_policy)) -+#endif - return -IPSET_ERR_PROTOCOL; - ret = call_ad(ctnl, skb, set, tb, IPSET_ADD, flags, - use_lineno); -@@ -1585,7 +1609,11 @@ - if (nla_type(nla) != IPSET_ATTR_DATA || - !flag_nested(nla) || - nla_parse_nested(tb, IPSET_ATTR_ADT_MAX, nla, -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,12,0) -+ set->type->adt_policy, NULL)) -+#else - set->type->adt_policy)) -+#endif - return -IPSET_ERR_PROTOCOL; - ret = call_ad(ctnl, skb, set, tb, IPSET_ADD, - flags, use_lineno); -@@ -1628,7 +1656,11 @@ - if (attr[IPSET_ATTR_DATA]) { - if (nla_parse_nested(tb, IPSET_ATTR_ADT_MAX, - attr[IPSET_ATTR_DATA], -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,12,0) -+ set->type->adt_policy, NULL)) -+#else - set->type->adt_policy)) -+#endif - return -IPSET_ERR_PROTOCOL; - ret = call_ad(ctnl, skb, set, tb, IPSET_DEL, flags, - use_lineno); -@@ -1640,7 +1672,11 @@ - if (nla_type(nla) != IPSET_ATTR_DATA || - !flag_nested(nla) || - nla_parse_nested(tb, IPSET_ATTR_ADT_MAX, nla, -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,12,0) -+ set->type->adt_policy, NULL)) -+#else - set->type->adt_policy)) -+#endif - return -IPSET_ERR_PROTOCOL; - ret = call_ad(ctnl, skb, set, tb, IPSET_DEL, - flags, use_lineno); -@@ -1673,7 +1709,11 @@ - return -ENOENT; - - if (nla_parse_nested(tb, IPSET_ATTR_ADT_MAX, attr[IPSET_ATTR_DATA], -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,12,0) -+ set->type->adt_policy, NULL)) -+#else - set->type->adt_policy)) -+#endif - return -IPSET_ERR_PROTOCOL; - - rcu_read_lock_bh(); -- 2.43.0