| Message ID | 159897212470.60236.5737844268627410321.stgit@ebuild |
|---|---|
| State | New |
| Headers | show |
| Series | [net-net] netfilter: conntrack: nf_conncount_init is failing with IPv6 disabled | expand |
On Tue, Sep 01, 2020 at 04:56:02PM +0200, Eelco Chaudron wrote: > The openvswitch module fails initialization when used in a kernel > without IPv6 enabled. nf_conncount_init() fails because the ct code > unconditionally tries to initialize the netns IPv6 related bit, > regardless of the build option. The change below ignores the IPv6 > part if not enabled. > > Note that the corresponding _put() function already has this IPv6 > configuration check. Applied to nf.git Please, Cc: netfilter-devel@vger.kernel.org next time. Thanks.
diff --git a/net/netfilter/nf_conntrack_proto.c b/net/netfilter/nf_conntrack_proto.c index 95f79980348c..47e9319d2cf3 100644 --- a/net/netfilter/nf_conntrack_proto.c +++ b/net/netfilter/nf_conntrack_proto.c @@ -565,6 +565,7 @@ static int nf_ct_netns_inet_get(struct net *net) int err; err = nf_ct_netns_do_get(net, NFPROTO_IPV4); +#if IS_ENABLED(CONFIG_IPV6) if (err < 0) goto err1; err = nf_ct_netns_do_get(net, NFPROTO_IPV6); @@ -575,6 +576,7 @@ static int nf_ct_netns_inet_get(struct net *net) err2: nf_ct_netns_put(net, NFPROTO_IPV4); err1: +#endif return err; }
The openvswitch module fails initialization when used in a kernel without IPv6 enabled. nf_conncount_init() fails because the ct code unconditionally tries to initialize the netns IPv6 related bit, regardless of the build option. The change below ignores the IPv6 part if not enabled. Note that the corresponding _put() function already has this IPv6 configuration check. Fixes: 11efd5cb04a1 ("openvswitch: Support conntrack zone limit") Signed-off-by: Eelco Chaudron <echaudro@redhat.com> --- net/netfilter/nf_conntrack_proto.c | 2 ++ 1 file changed, 2 insertions(+)