From: Jeremy Sowden <jeremy@azazel.net>
Date: Fri, 13 Sep 2019 09:13:12 +0100
Subject: netfilter: conntrack: wrap two inline functions in config checks.
Patch-mainline: v5.4-rc1
Git-commit: 22e81d7416d04355a7dfa248f187feba641c199e
References: bsc#1176447
nf_conntrack_synproxy.h contains three inline functions. The contents
of two of them are wrapped in CONFIG_NETFILTER_SYNPROXY checks and just
return NULL if it is not enabled. The third does nothing if they return
NULL, so wrap its contents as well.
nf_ct_timeout_data is only called if CONFIG_NETFILTER_TIMEOUT is
enabled. Wrap its contents in a CONFIG_NETFILTER_TIMEOUT check like the
other inline functions in nf_conntrack_timeout.h.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Acked-by: Thomas Bogendoerfer <tbogendoerfer@suse.de>
---
include/net/netfilter/nf_conntrack_synproxy.h | 2 ++
include/net/netfilter/nf_conntrack_timeout.h | 4 ++++
2 files changed, 6 insertions(+)
--- a/include/net/netfilter/nf_conntrack_synproxy.h
+++ b/include/net/netfilter/nf_conntrack_synproxy.h
@@ -32,6 +32,7 @@ static inline struct nf_conn_synproxy *n
static inline bool nf_ct_add_synproxy(struct nf_conn *ct,
const struct nf_conn *tmpl)
{
+#if IS_ENABLED(CONFIG_NETFILTER_SYNPROXY)
if (tmpl && nfct_synproxy(tmpl)) {
if (!nfct_seqadj_ext_add(ct))
return false;
@@ -39,6 +40,7 @@ static inline bool nf_ct_add_synproxy(st
if (!nfct_synproxy_ext_add(ct))
return false;
}
+#endif
return true;
}
--- a/include/net/netfilter/nf_conntrack_timeout.h
+++ b/include/net/netfilter/nf_conntrack_timeout.h
@@ -32,6 +32,7 @@ struct nf_conn_timeout {
static inline unsigned int *
nf_ct_timeout_data(const struct nf_conn_timeout *t)
{
+#ifdef CONFIG_NF_CONNTRACK_TIMEOUT
struct nf_ct_timeout *timeout;
timeout = rcu_dereference(t->timeout);
@@ -39,6 +40,9 @@ nf_ct_timeout_data(const struct nf_conn_
return NULL;
return (unsigned int *)timeout->data;
+#else
+ return NULL;
+#endif
}
static inline