From: Jeremy Sowden <jeremy@azazel.net>
Date: Wed, 7 Aug 2019 15:17:01 +0100
Subject: netfilter: add missing IS_ENABLED(CONFIG_NF_TABLES) check to
header-file.
Git-commit: 47e640af2e492cc28778dd6f894d50313f7fba75
Patch-mainline: 5.4-rc1
References: bnc#1151927 5.3.2
nf_tables.h defines an API comprising several inline functions and
macros that depend on the nft member of struct net. However, this is
only defined is CONFIG_NF_TABLES is enabled. Added preprocessor checks
to ensure that nf_tables.h will compile if CONFIG_NF_TABLES is disabled.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Jiri Slaby <jslaby@suse.cz>
---
include/net/netfilter/nf_tables.h | 4 ++++
1 file changed, 4 insertions(+)
--- a/include/net/netfilter/nf_tables.h
+++ b/include/net/netfilter/nf_tables.h
@@ -1206,6 +1206,8 @@ void nft_trace_notify(struct nft_tracein
#define MODULE_ALIAS_NFT_OBJ(type) \
MODULE_ALIAS("nft-obj-" __stringify(type))
+#if IS_ENABLED(CONFIG_NF_TABLES)
+
/*
* The gencursor defines two generations, the currently active and the
* next one. Objects contain a bitmask of 2 bits specifying the generations
@@ -1279,6 +1281,8 @@ static inline void nft_set_elem_change_a
ext->genmask ^= nft_genmask_next(net);
}
+#endif /* IS_ENABLED(CONFIG_NF_TABLES) */
+
/*
* We use a free bit in the genmask field to indicate the element
* is busy, meaning it is currently being processed either by