From 6822bdee4ec63467e82d723a3381b3116c1853d9 Mon Sep 17 00:00:00 2001 From: Alberto Leiva Popper Date: Sun, 20 Mar 2022 14:04:49 -0600 Subject: [PATCH] Protocolary updates for release 4.1.8 Includes removing support for kernels 4.4-4.8, because it looks like they've been EOL'd. Also, CNAME removed. Looks like jool.mx is going to stay a mirror for a while. --- configure.ac | 2 +- docs/CNAME | 1 - docs/_config.yml | 2 +- docs/en/download.md | 15 ++--- docs/en/index.md | 26 +++++--- docs/en/intro-jool.md | 3 +- src/common/xlat.h | 4 +- src/mod/common/db/bib/db.c | 22 ------- src/mod/common/icmp_wrapper.c | 1 - src/mod/common/joold.c | 4 -- src/mod/common/kernel_hook.h | 7 ++- src/mod/common/kernel_hook_iptables.c | 4 +- src/mod/common/kernel_hook_netfilter.c | 6 +- src/mod/common/nf_wrapper.h | 84 -------------------------- src/mod/common/nl/nl_core.c | 1 - src/mod/common/nl/nl_handler.c | 36 ++--------- src/mod/common/nl/stats.c | 4 -- src/mod/common/packet.c | 1 - src/mod/common/rfc7915/4to6.c | 2 +- src/mod/common/rfc7915/6to4.c | 4 -- src/mod/common/stats.c | 17 +----- src/mod/common/steps/send_packet.c | 4 -- src/usr/joold/joold.8 | 2 +- src/usr/nat64/jool.8 | 2 +- src/usr/siit/jool_siit.8 | 2 +- test/graybox/mod/expecter.c | 4 +- test/graybox/mod/genetlink.c | 1 - test/graybox/mod/nl_handler.c | 1 - test/graybox/mod/sender.c | 5 -- test/unit/impersonator/nf_hook.c | 8 ++- 30 files changed, 57 insertions(+), 218 deletions(-) delete mode 100644 docs/CNAME delete mode 100644 src/mod/common/nf_wrapper.h diff --git a/configure.ac b/configure.ac index 947283ca6..f6b58e893 100644 --- a/configure.ac +++ b/configure.ac @@ -2,7 +2,7 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ([2.68]) -AC_INIT([Jool], [4.1.7], [jool@nic.mx]) +AC_INIT([Jool], [4.1.8], [jool@nic.mx]) AC_CONFIG_SRCDIR([src/common/xlat.h]) AM_INIT_AUTOMAKE([subdir-objects]) LT_PREREQ([2.4.6]) diff --git a/docs/CNAME b/docs/CNAME deleted file mode 100644 index fd806268e..000000000 --- a/docs/CNAME +++ /dev/null @@ -1 +0,0 @@ -www.jool.mx \ No newline at end of file diff --git a/docs/_config.yml b/docs/_config.yml index d38fe7ff9..ed17c2048 100644 --- a/docs/_config.yml +++ b/docs/_config.yml @@ -1,7 +1,7 @@ markdown: kramdown baseurl: /Jool repository-url: https://github.com/NICMx/Jool -latest-version: 4.1.7 +latest-version: 4.1.8 rfc-siit: https://tools.ietf.org/html/rfc7915 draft-siit-eam: https://tools.ietf.org/html/rfc7757 diff --git a/docs/en/download.md b/docs/en/download.md index 26f4fbd83..84b04673c 100644 --- a/docs/en/download.md +++ b/docs/en/download.md @@ -28,20 +28,21 @@ Jool 4.2 is a compliant SIIT, Stateful NAT64 and MAP-T. Jool 4.1 is a [compliant SIIT and Stateful NAT64](intro-jool.html#compliance). -Currently, 4.1.7 is the most mature version of Jool. +Currently, 4.1.8 is the most mature version of Jool. | Release Date | Version | .tar.gz | .tar.gz Signature | Git commit | .deb | |--------------|---------|---------|-------------------|------------|------| -| 2022-01-27 | **4.1.7** | [Download]({{ page.url-dl }}/v4.1.7/jool-4.1.7.tar.gz) | [Signature]({{ page.url-dl }}/v4.1.7/jool-4.1.7.tar.gz.asc) | Link | [Kernel modules]({{ page.url-dl }}/v4.1.7/jool-dkms_4.1.7-1_all.deb)
[Userspace tools]({{ page.url-dl }}/v4.1.7/jool-tools_4.1.7-1_amd64.deb) (amd64 only) | -| 2021-12-10 | **4.1.6** | [Download]({{ page.url-dl }}/v4.1.6/jool-4.1.6.tar.gz) | [Signature]({{ page.url-dl }}/v4.1.6/jool-4.1.6.tar.gz.asc) | Link | [Kernel modules]({{ page.url-dl }}/v4.1.6/jool-dkms_4.1.6-1_all.deb)
[Userspace tools]({{ page.url-dl }}/v4.1.6/jool-tools_4.1.6-1_amd64.deb) (amd64 only) | -| 2021-02-19 | 4.1.5 | [Download]({{ page.url-dl }}/v4.1.5/jool-4.1.5.tar.gz) | [Signature]({{ page.url-dl }}/v4.1.5/jool-4.1.5.tar.gz.asc) | Link | [Kernel modules]({{ page.url-dl }}/v4.1.5/jool-dkms_4.1.5-1_all.deb)
[Userspace tools]({{ page.url-dl }}/v4.1.5/jool-tools_4.1.5-1_amd64.deb) (amd64 only) | -| 2020-10-07 | 4.1.4 | [Download]({{ page.url-dl }}/v4.1.4/jool-4.1.4.tar.gz) | [Signature]({{ page.url-dl }}/v4.1.4/jool-4.1.4.tar.gz.asc) | Link | [Kernel modules]({{ page.url-dl }}/v4.1.4/jool-dkms_4.1.4-1_all.deb)
[Userspace tools]({{ page.url-dl }}/v4.1.4/jool-tools_4.1.4-1_amd64.deb) (amd64 only) | -| 2020-09-02 | 4.1.3 | [Download]({{ page.url-dl }}/v4.1.3/jool-4.1.3.tar.gz) | [Signature]({{ page.url-dl }}/v4.1.3/jool-4.1.3.tar.gz.asc) | Link | [Kernel modules]({{ page.url-dl }}/v4.1.3/jool-dkms_4.1.3-1_all.deb)
[Userspace tools]({{ page.url-dl }}/v4.1.3/jool-tools_4.1.3-1_amd64.deb) (amd64 only) | +| 2022-03-20 | **4.1.8** | [Download]({{ page.url-dl }}/v4.1.8/jool-4.1.8.tar.gz) | [Signature]({{ page.url-dl }}/v4.1.8/jool-4.1.8.tar.gz.asc) | Link | [Kernel modules]({{ page.url-dl }}/v4.1.8/jool-dkms_4.1.8-1_all.deb)
[Userspace tools]({{ page.url-dl }}/v4.1.8/jool-tools_4.1.8-1_amd64.deb) (amd64 only) | +| 2022-01-27 | 4.1.7 | [Download]({{ page.url-dl }}/v4.1.7/jool-4.1.7.tar.gz) | [Signature]({{ page.url-dl }}/v4.1.7/jool-4.1.7.tar.gz.asc) | Link | [Kernel modules]({{ page.url-dl }}/v4.1.7/jool-dkms_4.1.7-1_all.deb)
[Userspace tools]({{ page.url-dl }}/v4.1.7/jool-tools_4.1.7-1_amd64.deb) (amd64 only) | +| 2021-12-10 | 4.1.6 | [Download]({{ page.url-dl }}/v4.1.6/jool-4.1.6.tar.gz) | [Signature]({{ page.url-dl }}/v4.1.6/jool-4.1.6.tar.gz.asc) | Link | [Kernel modules]({{ page.url-dl }}/v4.1.6/jool-dkms_4.1.6-1_all.deb)
[Userspace tools]({{ page.url-dl }}/v4.1.6/jool-tools_4.1.6-1_amd64.deb) (amd64 only) | +| 2021-02-19 | 4.1.5 | [Download]({{ page.url-dl }}/v4.1.5/jool-4.1.5.tar.gz) | [Signature]({{ page.url-dl }}/v4.1.5/jool-4.1.5.tar.gz.asc) | Link | [Kernel modules]({{ page.url-dl }}/v4.1.5/jool-dkms_4.1.5-1_all.deb)
[Userspace tools]({{ page.url-dl }}/v4.1.5/jool-tools_4.1.5-1_amd64.deb) (amd64 only) | +| 2020-10-07 | 4.1.4 | [Download]({{ page.url-dl }}/v4.1.4/jool-4.1.4.tar.gz) | [Signature]({{ page.url-dl }}/v4.1.4/jool-4.1.4.tar.gz.asc) | Link | [Kernel modules]({{ page.url-dl }}/v4.1.4/jool-dkms_4.1.4-1_all.deb)
[Userspace tools]({{ page.url-dl }}/v4.1.4/jool-tools_4.1.4-1_amd64.deb) (amd64 only) | +| 2020-09-02 | 4.1.3 | [Download]({{ page.url-dl }}/v4.1.3/jool-4.1.3.tar.gz) | [Signature]({{ page.url-dl }}/v4.1.3/jool-4.1.3.tar.gz.asc) | Link | [Kernel modules]({{ page.url-dl }}/v4.1.3/jool-dkms_4.1.3-1_all.deb)
[Userspace tools]({{ page.url-dl }}/v4.1.3/jool-tools_4.1.3-1_amd64.deb) (amd64 only) | | 2020-07-22 | 4.1.2 | [Download]({{ page.url-dl }}/v4.1.2/jool-4.1.2.tar.gz) | [Signature]({{ page.url-dl }}/v4.1.2/jool-4.1.2.tar.gz.asc) | Link | [Kernel modules]({{ page.url-dl }}/v4.1.2/jool-dkms_4.1.2-1_all.deb)
[Userspace tools]({{ page.url-dl }}/v4.1.2/jool-tools_4.1.2-1_amd64.deb) (amd64 only) | | 2020-07-01 | 4.1.1 | [Download]({{ page.url-dl }}/v4.1.1/jool-4.1.1.tar.gz) | [Signature]({{ page.url-dl }}/v4.1.1/jool-4.1.1.tar.gz.asc) | Link | [Kernel modules]({{ page.url-dl }}/v4.1.1/jool-dkms_4.1.1-1_all.deb)
[Userspace tools]({{ page.url-dl }}/v4.1.1/jool-tools_4.1.1-1_amd64.deb) (amd64 only) | | 2020-06-16 | 4.1.0 | [Download]({{ page.url-dl }}/v4.1.0/jool-4.1.0.tar.gz) | [Signature]({{ page.url-dl }}/v4.1.0/jool-4.1.0.tar.gz.asc) | Link | [Kernel modules]({{ page.url-dl }}/v4.1.0/jool-dkms_4.1.0-1_all.deb)
[Userspace tools]({{ page.url-dl }}/v4.1.0/jool-tools_4.1.0-1_amd64.deb) (amd64 only) | -[This](http://keys.gnupg.net/pks/lookup?op=get&search=0x72160FD57B242967) is my public key. It is not yet certified, so the Signature column is mostly just theater for now. +My public key is on [Github](https://github.com/ydahhrk.gpg). ## 4.0.x diff --git a/docs/en/index.md b/docs/en/index.md index bcedb33de..ef18ca2d9 100644 --- a/docs/en/index.md +++ b/docs/en/index.md @@ -20,10 +20,10 @@ Jool is an Open Source [SIIT and NAT64](intro-xlat.html) for Linux. ## Status -- The most mature version is [4.1.7](download.html#41x). -- The second release candidate for version [4.2.0](download.html#42x) is also available now. +> ![Warning](../images/warning.svg) The project's development has slowed down to essential maintenance. Bugfixing and support will remain active, but there will be no new features in the foreseeable future. -The project's development has slowed down to essential maintenance. Bugfixing and support will remain active, but there will be no new features in the foreseeable future. +- The most mature version is [4.1.8](download.html#41x). +- The second release candidate for version [4.2.0](download.html#42x) is also available now. ------------------- @@ -35,9 +35,19 @@ The project's development has slowed down to essential maintenance. Bugfixing an ## Latest News -### 2022-01-27 - -Version 4.1.7 has been released: - -- [#372](https://github.com/NICMx/Jool/issues/372): iptables dependency now optional. +### 2022-03-20 + +Version 4.1.8 has been released. + +- [#366](https://github.com/NICMx/Jool/issues/366), [#375](https://github.com/NICMx/Jool/issues/375): Fix checksums in Slow Path. + This is a fairly critical bug; please upgrade. It affects packets that fulfill the following conditions: + - IPv4-to-IPv6 + - Not ICMP error + - Incoming packet's DF was disabled + - Packet was large, or GRO-aggregated +- Add validation to more verbosely reject IPv6 packets that contain more than one fragment header. +- Add validation to more verbosely reject fragmented (and not reassembled by `nf_defrag_ipv*`) ICMP errors. + (Aside from being fairly illegal, these packets cannot be translated because the "ICMPv6 length" of the [ICMP pseudoheader](https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol_for_IPv6#Checksum) is unknown.) +- Bugfix: When routing TCP/UDP fragments, the code was including header ports even though nonzero fragment-offset packets lack TCP/UDP headers. + This bug probably doesn't affect you, unless your routing is somehow port-based. diff --git a/docs/en/intro-jool.md b/docs/en/intro-jool.md index 8d9c88e56..40abaf2d9 100644 --- a/docs/en/intro-jool.md +++ b/docs/en/intro-jool.md @@ -50,7 +50,8 @@ Please [let us know]({{ site.repository-url }}/issues) if you find additional co | Jool version | Supported Linux kernels (mainline) | Supported Linux kernels (RHEL) | |-------------------------------------|--------------------------------------|--------------------------------| -| [master]({{ site.repository-url }}),
[4.1.6](download.html#41x) | 4.4 - 4.20,
5.0 - 5.15 | RHEL 8.5 | +| [master]({{ site.repository-url }}),
[4.1.8](download.html#41x) | 4.9 - 4.20,
5.0 - 5.16 | RHEL 8.5 | +| [4.1.6](download.html#41x),
[4.1.7](download.html#41x) | 4.4 - 4.20,
5.0 - 5.15 | RHEL 8.5 | | [4.1.5](download.html#41x) | 3.16 - 3.19,
4.0 - 4.20,
5.0 - 5.11 | RHEL 7.6 - RHEL 7.7,
RHEL 8.0 | | [4.1.3](download.html#41x),
[4.1.4](download.html#41x) | 3.16 - 3.19,
4.0 - 4.20,
5.0 - 5.9 | RHEL 7.6 - RHEL 7.7,
RHEL 8.0 | | [4.1.2](download.html#41x) | 3.16 - 3.19,
4.0 - 4.20,
5.0 - 5.7 | RHEL 7.6 - RHEL 7.7,
RHEL 8.0 | diff --git a/src/common/xlat.h b/src/common/xlat.h index b2f64b55a..992132159 100644 --- a/src/common/xlat.h +++ b/src/common/xlat.h @@ -9,8 +9,8 @@ */ #define JOOL_VERSION_MAJOR 4 #define JOOL_VERSION_MINOR 1 -#define JOOL_VERSION_REV 7 -#define JOOL_VERSION_DEV 6 +#define JOOL_VERSION_REV 8 +#define JOOL_VERSION_DEV 0 /** See http://stackoverflow.com/questions/195975 */ #define STR_VALUE(arg) #arg diff --git a/src/mod/common/db/bib/db.c b/src/mod/common/db/bib/db.c index 0b8d9c17e..3d229c154 100644 --- a/src/mod/common/db/bib/db.c +++ b/src/mod/common/db/bib/db.c @@ -470,23 +470,14 @@ void bib_put(struct bib *db) static void log_bib(struct xlator *jool, struct tabled_bib *bib, char *action) { -#if LINUX_VERSION_AT_LEAST(4, 8, 0, 9999, 0) time64_t tsec; -#else - struct timeval tval; -#endif struct tm time; if (!jool->globals.nat64.bib.bib_logging) return; -#if LINUX_VERSION_AT_LEAST(4, 8, 0, 9999, 0) tsec = ktime_get_real_seconds(); time64_to_tm(tsec, 0, &time); -#else - do_gettimeofday(&tval); - time_to_tm(tval.tv_sec, 0, &time); -#endif log_info("%s %ld/%d/%d %d:%d:%d (GMT) - %s %pI6c#%u to %pI4#%u (%s)", jool->iname, 1900 + time.tm_year, time.tm_mon + 1, time.tm_mday, @@ -505,23 +496,14 @@ static void log_session(struct xlator *jool, struct tabled_session *session, char *action) { -#if LINUX_VERSION_AT_LEAST(4, 8, 0, 9999, 0) time64_t tsec; -#else - struct timeval tval; -#endif struct tm time; if (!jool->globals.nat64.bib.session_logging) return; -#if LINUX_VERSION_AT_LEAST(4, 8, 0, 9999, 0) tsec = ktime_get_real_seconds(); time64_to_tm(tsec, 0, &time); -#else - do_gettimeofday(&tval); - time_to_tm(tval.tv_sec, 0, &time); -#endif log_info("%s %ld/%d/%d %d:%d:%d (GMT) - %s %pI6c#%u|%pI6c#%u|" "%pI4#%u|%pI4#%u|%s", jool->iname, 1900 + time.tm_year, time.tm_mon + 1, time.tm_mday, @@ -819,11 +801,7 @@ static void send_probe_packet(struct xlator *jool, struct session_entry *session skb_dst_set(skb, dst); /* Implicit kfree_skb(skb) here. */ -#if LINUX_VERSION_AT_LEAST(4, 4, 0, 8, 0) error = dst_output(jool->ns, NULL, skb); -#else - error = dst_output(skb); -#endif if (error) { __log_debug(jool, "dst_output() returned errcode %d.", error); goto fail; diff --git a/src/mod/common/icmp_wrapper.c b/src/mod/common/icmp_wrapper.c index 1fcfad76e..f2ad71692 100644 --- a/src/mod/common/icmp_wrapper.c +++ b/src/mod/common/icmp_wrapper.c @@ -1,7 +1,6 @@ #include "mod/common/icmp_wrapper.h" #include -#include #include #include "common/types.h" #include "mod/common/log.h" diff --git a/src/mod/common/joold.c b/src/mod/common/joold.c index 0a78eb45f..d27cbd11f 100644 --- a/src/mod/common/joold.c +++ b/src/mod/common/joold.c @@ -227,9 +227,6 @@ static void send_to_userspace(struct xlator *jool, struct sk_buff *skb, return; __log_debug(jool, "Sending multicast message."); -#if LINUX_VERSION_LOWER_THAN(3, 13, 0, 7, 1) - error = genlmsg_multicast_netns(ns, skb, 0, jnl_gid(), GFP_ATOMIC); -#else /* * Note: Starting from kernel 3.13, all groups of a common family share * a group offset (from a common pool), and they are numbered @@ -241,7 +238,6 @@ static void send_to_userspace(struct xlator *jool, struct sk_buff *skb, * family. */ error = genlmsg_multicast_netns(jnl_family(), ns, skb, 0, 0, GFP_ATOMIC); -#endif if (error) { log_warn_once("Looks like nobody received my multicast message. Is the joold daemon really active? (errcode %d)", error); diff --git a/src/mod/common/kernel_hook.h b/src/mod/common/kernel_hook.h index 2c9f412e1..e26891302 100644 --- a/src/mod/common/kernel_hook.h +++ b/src/mod/common/kernel_hook.h @@ -4,14 +4,15 @@ #include #include #include "common/config.h" -#include "mod/common/nf_wrapper.h" #ifndef XTABLES_DISABLED #include #endif -NF_CALLBACK(hook_ipv6, skb); -NF_CALLBACK(hook_ipv4, skb); +unsigned int hook_ipv6(void *priv, struct sk_buff *skb, + const struct nf_hook_state *nhs); +unsigned int hook_ipv4(void *priv, struct sk_buff *skb, + const struct nf_hook_state *nhs); #ifndef XTABLES_DISABLED diff --git a/src/mod/common/kernel_hook_iptables.c b/src/mod/common/kernel_hook_iptables.c index 8df2badb0..7972740d1 100644 --- a/src/mod/common/kernel_hook_iptables.c +++ b/src/mod/common/kernel_hook_iptables.c @@ -66,10 +66,8 @@ static struct net *action_param_net(const struct xt_action_param *param) { #if LINUX_VERSION_AT_LEAST(4, 10, 0, 8, 0) return param->state->net; -#elif LINUX_VERSION_AT_LEAST(4, 4, 0, 9999, 0) - return param->net; #else - return dev_net(param->in); + return param->net; #endif } diff --git a/src/mod/common/kernel_hook_netfilter.c b/src/mod/common/kernel_hook_netfilter.c index 1b61b19ed..b582fdfeb 100644 --- a/src/mod/common/kernel_hook_netfilter.c +++ b/src/mod/common/kernel_hook_netfilter.c @@ -55,7 +55,8 @@ static unsigned int verdict2netfilter(verdict result, bool enable_debug) * This is the function that the kernel calls whenever a packet reaches Jool's * IPv6 Netfilter hook. */ -NF_CALLBACK(hook_ipv6, skb) +unsigned int hook_ipv6(void *priv, struct sk_buff *skb, + const struct nf_hook_state *nhs) { struct xlation *state; verdict result; @@ -82,7 +83,8 @@ EXPORT_SYMBOL_GPL(hook_ipv6); * This is the function that the kernel calls whenever a packet reaches Jool's * IPv4 Netfilter hook. */ -NF_CALLBACK(hook_ipv4, skb) +unsigned int hook_ipv4(void *priv, struct sk_buff *skb, + const struct nf_hook_state *nhs) { struct xlation *state; verdict result; diff --git a/src/mod/common/nf_wrapper.h b/src/mod/common/nf_wrapper.h deleted file mode 100644 index ef5ef8489..000000000 --- a/src/mod/common/nf_wrapper.h +++ /dev/null @@ -1,84 +0,0 @@ -#ifndef SRC_MOD_COMMON_NF_WRAPPER_H_ -#define SRC_MOD_COMMON_NF_WRAPPER_H_ - -/** - * @file - * The kernel API is far from static. In particular, the Netfilter packet entry - * function keeps changing. nf_hook.c, the file where we declare our packet - * entry function, has been quite difficult to read for a while now. It's pretty - * amusing, because we don't even use any of the noisy arguments. - * - * This file declares a usable function header that abstracts away all those - * useless arguments. - */ - -#include -#include - -/* If this is a Red Hat-based kernel (Red Hat, CentOS, Fedora, etc)... */ -#ifdef RHEL_RELEASE_CODE - -#if RHEL_RELEASE_CODE >= RHEL_RELEASE_VERSION(8, 0) -#define NF_CALLBACK(name, skb) unsigned int name( \ - void *priv, \ - struct sk_buff *skb, \ - const struct nf_hook_state *nhs) - -#elif RHEL_RELEASE_CODE >= RHEL_RELEASE_VERSION(7, 2) -#define NF_CALLBACK(name, skb) unsigned int name( \ - const struct nf_hook_ops *ops, \ - struct sk_buff *skb, \ - const struct net_device *in, \ - const struct net_device *out, \ - const struct nf_hook_state *nhs) \ - -#elif RHEL_RELEASE_CODE >= RHEL_RELEASE_VERSION(7, 0) -#define NF_CALLBACK(name, skb) unsigned int name( \ - const struct nf_hook_ops *ops, \ - struct sk_buff *skb, \ - const struct net_device *in, \ - const struct net_device *out, \ - int (*okfn)(struct sk_buff *)) - -#else - -/* - * Note: kernel headers per version can be found here: http://vault.centos.org/ - * (http://vault.centos.org/7.x.xxxx/updates/x86_64/Packages/) - */ -#error "Sorry; this version of RHEL is not supported because it's kind of old." - -#endif /* RHEL_RELEASE_CODE >= x */ - - -/* If this NOT a RedHat-based kernel (Ubuntu, Debian, SuSE, etc)... */ -#else - -#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 4, 0) -#define NF_CALLBACK(name, skb) unsigned int name( \ - void *priv, \ - struct sk_buff *skb, \ - const struct nf_hook_state *nhs) - -#elif LINUX_VERSION_CODE >= KERNEL_VERSION(4, 1, 0) -#define NF_CALLBACK(name, skb) unsigned int name( \ - const struct nf_hook_ops *ops, \ - struct sk_buff *skb, \ - const struct nf_hook_state *nhs) - -#elif LINUX_VERSION_CODE >= KERNEL_VERSION(3, 13, 0) -#define NF_CALLBACK(name, skb) unsigned int name( \ - const struct nf_hook_ops *ops, \ - struct sk_buff *skb, \ - const struct net_device *in, \ - const struct net_device *out, \ - int (*okfn)(struct sk_buff *)) - -#else -#error "Linux < 3.13 isn't supported at all." - -#endif /* LINUX_VERSION_CODE > n */ - -#endif /* RHEL or not RHEL */ - -#endif /* SRC_MOD_COMMON_NF_WRAPPER_H_ */ diff --git a/src/mod/common/nl/nl_core.c b/src/mod/common/nl/nl_core.c index 732847af1..6de053858 100644 --- a/src/mod/common/nl/nl_core.c +++ b/src/mod/common/nl/nl_core.c @@ -2,7 +2,6 @@ #include #include -#include #include "common/config.h" #include "common/types.h" diff --git a/src/mod/common/nl/nl_handler.c b/src/mod/common/nl/nl_handler.c index 67956d6f0..95e46f464 100644 --- a/src/mod/common/nl/nl_handler.c +++ b/src/mod/common/nl/nl_handler.c @@ -22,20 +22,14 @@ #include "mod/common/nl/session.h" #include "mod/common/nl/stats.h" -#if LINUX_VERSION_AT_LEAST(0, 0, 0, 7, 1) -#define _CONST const -#else -#define _CONST -#endif - -static int pre_handle_request(_CONST struct genl_ops *ops, struct sk_buff *skb, +static int pre_handle_request(const struct genl_ops *ops, struct sk_buff *skb, struct genl_info *info) { error_pool_activate(); return 0; } -static void post_handle_request(_CONST struct genl_ops *ops, struct sk_buff *skb, +static void post_handle_request(const struct genl_ops *ops, struct sk_buff *skb, struct genl_info *info) { error_pool_deactivate(); @@ -63,7 +57,7 @@ static struct nla_policy const jool_policy[JNLAR_COUNT] = { #define JOOL_POLICY .policy = jool_policy, #endif -static _CONST struct genl_ops ops[] = { +static const struct genl_ops ops[] = { { .cmd = JNLOP_INSTANCE_FOREACH, .doit = handle_instance_foreach, @@ -240,22 +234,7 @@ static int register_family(void) strcpy(jool_family.name, JOOLNL_FAMILY); -#if LINUX_VERSION_LOWER_THAN(3, 13, 0, 7, 1) - - error = genl_register_family_with_ops(&jool_family, ops, - ARRAY_SIZE(ops)); - if (error) { - log_err("Couldn't register family!"); - return error; - } - - error = genl_register_mc_group(&jool_family, &(mc_groups[0])); - if (error) { - log_err("Couldn't register multicast group!"); - return error; - } - -#elif LINUX_VERSION_LOWER_THAN(4, 10, 0, 7, 5) +#if LINUX_VERSION_LOWER_THAN(4, 10, 0, 7, 5) error = genl_register_family_with_ops_groups(&jool_family, ops, mc_groups); if (error) { @@ -285,13 +264,6 @@ void nlhandler_teardown(void) error_pool_teardown(); } -#if LINUX_VERSION_LOWER_THAN(3, 13, 0, 7, 1) -u32 jnl_gid(void) -{ - return mc_groups[0].id; -} -#endif - struct genl_family *jnl_family(void) { return &jool_family; diff --git a/src/mod/common/nl/stats.c b/src/mod/common/nl/stats.c index 95399048a..63fe7824d 100644 --- a/src/mod/common/nl/stats.c +++ b/src/mod/common/nl/stats.c @@ -41,11 +41,7 @@ int handle_stats_foreach(struct sk_buff *skb, struct genl_info *info) written = 0; for (id++; id <= JSTAT_UNKNOWN; id++) { -#if LINUX_VERSION_AT_LEAST(4, 7, 0, 7, 4) error = nla_put_u64_64bit(response.skb, id, stats[id], JSTAT_PADDING); -#else - error = nla_put_u64(response.skb, id, stats[id]); -#endif if (error) { if (!written) goto revert_response; diff --git a/src/mod/common/packet.c b/src/mod/common/packet.c index 0f883c6ac..1fe0f3d5f 100644 --- a/src/mod/common/packet.c +++ b/src/mod/common/packet.c @@ -1,6 +1,5 @@ #include "mod/common/packet.h" -#include #include #include #include "common/types.h" diff --git a/src/mod/common/rfc7915/4to6.c b/src/mod/common/rfc7915/4to6.c index f0b4f1010..dbdaacef2 100644 --- a/src/mod/common/rfc7915/4to6.c +++ b/src/mod/common/rfc7915/4to6.c @@ -504,7 +504,7 @@ static verdict allocate_slow(struct xlation *state, unsigned int mpl) skb_reset_mac_header(out); skb_reset_network_header(out); skb_put(out, sizeof(struct ipv6hdr)); - frag = skb_put(out, sizeof(struct frag_hdr)); + frag = (struct frag_hdr *)skb_put(out, sizeof(struct frag_hdr)); l3_payload = skb_put(out, fragment_payload_len); skb_set_transport_header(out, HDRS_LEN); diff --git a/src/mod/common/rfc7915/6to4.c b/src/mod/common/rfc7915/6to4.c index 3f0e45faa..822db8ad6 100644 --- a/src/mod/common/rfc7915/6to4.c +++ b/src/mod/common/rfc7915/6to4.c @@ -535,11 +535,7 @@ static void generate_ipv4_id(struct xlation const *state, struct iphdr *hdr4, if (hdr_frag) { hdr4->id = cpu_to_be16(be32_to_cpu(hdr_frag->identification)); } else { -#if LINUX_VERSION_AT_LEAST(4, 1, 0, 7, 3) __ip_select_ident(state->jool.ns, hdr4, 1); -#else - __ip_select_ident(hdr4, 1); -#endif } } diff --git a/src/mod/common/stats.c b/src/mod/common/stats.c index c7e66615f..c2065c581 100644 --- a/src/mod/common/stats.c +++ b/src/mod/common/stats.c @@ -23,14 +23,8 @@ struct jool_stats *jstat_alloc(void) if (!result) return NULL; -#if LINUX_VERSION_AT_LEAST(0, 0, 0, 8, 0) result->mib = alloc_percpu(struct jool_mib); if (!result->mib) { -#else - if (snmp_mib_init((void __percpu **)result->mib, - sizeof(struct jool_mib), - __alignof__(struct jool_mib)) < 0) { -#endif wkfree(struct jool_stats, result); return NULL; } @@ -49,11 +43,7 @@ static void jstat_release(struct kref *refcount) struct jool_stats *stats; stats = container_of(refcount, struct jool_stats, refcounter); -#if LINUX_VERSION_AT_LEAST(0, 0, 0, 8, 0) free_percpu(stats->mib); -#else - snmp_mib_free((void __percpu **)stats->mib); -#endif wkfree(struct jool_stats, stats); } @@ -90,13 +80,8 @@ __u64 *jstat_query(struct jool_stats *stats) if (!result) return NULL; - for (i = 0; i < JSTAT_COUNT; i++) { -#if LINUX_VERSION_AT_LEAST(0, 0, 0, 8, 0) + for (i = 0; i < JSTAT_COUNT; i++) result[i] = snmp_fold_field(stats->mib, i); -#else - result[i] = snmp_fold_field((void __percpu **)stats->mib, i); -#endif - } return result; } diff --git a/src/mod/common/steps/send_packet.c b/src/mod/common/steps/send_packet.c index f57ca9554..8d247c593 100644 --- a/src/mod/common/steps/send_packet.c +++ b/src/mod/common/steps/send_packet.c @@ -20,11 +20,7 @@ static verdict __sendpkt_send(struct xlation *state, struct sk_buff *out) /* skb_log(out, "Translated packet"); */ /* Implicit kfree_skb(out) here. */ -#if LINUX_VERSION_AT_LEAST(4, 4, 0, 8, 0) error = dst_output(state->jool.ns, NULL, out); -#else - error = dst_output(out); -#endif if (error) { log_debug(state, "dst_output() returned errcode %d.", error); return drop(state, JSTAT_DST_OUTPUT); diff --git a/src/usr/joold/joold.8 b/src/usr/joold/joold.8 index f3fba503b..6c71cfaf9 100644 --- a/src/usr/joold/joold.8 +++ b/src/usr/joold/joold.8 @@ -1,6 +1,6 @@ .\" Manpage for jool's session synchronization daemon. -.TH joold 8 2022-01-27 v4.1.7 "NAT64 Jool's Session Synchronization Daemon" +.TH joold 8 2022-03-20 v4.1.8 "NAT64 Jool's Session Synchronization Daemon" .SH NAME joold - Userspace Session Synchronization (SS) daemon for NAT64 Jool. diff --git a/src/usr/nat64/jool.8 b/src/usr/nat64/jool.8 index 128978768..cf395caf2 100644 --- a/src/usr/nat64/jool.8 +++ b/src/usr/nat64/jool.8 @@ -1,7 +1,7 @@ .\" Manpage for jool's userspace app. .\" Report bugs to jool@nic.mx. -.TH jool 8 2022-01-27 v4.1.7 "NAT64 Jool's Userspace Client" +.TH jool 8 2022-03-20 v4.1.8 "NAT64 Jool's Userspace Client" .SH NAME jool - Interact with NAT64 Jool (the kernel module). diff --git a/src/usr/siit/jool_siit.8 b/src/usr/siit/jool_siit.8 index 36944b0d3..2f5cbb6c7 100644 --- a/src/usr/siit/jool_siit.8 +++ b/src/usr/siit/jool_siit.8 @@ -1,7 +1,7 @@ .\" Manpage for jool's userspace app. .\" Report bugs to jool@nic.mx. -.TH jool_siit 8 2022-01-27 v4.1.7 "SIIT Jool's Userspace Client" +.TH jool_siit 8 2022-03-20 v4.1.8 "SIIT Jool's Userspace Client" .SH NAME jool_siit - Interact with SIIT Jool (the kernel module). diff --git a/test/graybox/mod/expecter.c b/test/graybox/mod/expecter.c index ba7415e3f..e04719eff 100644 --- a/test/graybox/mod/expecter.c +++ b/test/graybox/mod/expecter.c @@ -8,7 +8,6 @@ #include "common/types.h" #include "mod/common/address.h" #include "mod/common/linux_version.h" -#include "mod/common/nf_wrapper.h" #include "diff.h" #include "log.h" #include "util.h" @@ -29,7 +28,8 @@ static struct graybox_stats stats; static int expecter_handle_pkt(struct sk_buff *actual); -static NF_CALLBACK(hook_cb, skb) +unsigned int hook_cb(void *priv, struct sk_buff *skb, + const struct nf_hook_state *nhs) { log_debug("========= Graybox: Received packet ========="); return expecter_handle_pkt(skb); diff --git a/test/graybox/mod/genetlink.c b/test/graybox/mod/genetlink.c index 9bcad4d02..97eeafa5d 100644 --- a/test/graybox/mod/genetlink.c +++ b/test/graybox/mod/genetlink.c @@ -1,6 +1,5 @@ #include "genetlink.h" -#include #include "common/graybox-types.h" #include "mod/common/linux_version.h" #include "mod/common/error_pool.h" diff --git a/test/graybox/mod/nl_handler.c b/test/graybox/mod/nl_handler.c index cda5a2648..2b712814d 100644 --- a/test/graybox/mod/nl_handler.c +++ b/test/graybox/mod/nl_handler.c @@ -1,6 +1,5 @@ #include "nl_handler.h" -#include #include "expecter.h" #include "genetlink.h" #include "log.h" diff --git a/test/graybox/mod/sender.c b/test/graybox/mod/sender.c index a9aa7d07c..20a5e10bf 100644 --- a/test/graybox/mod/sender.c +++ b/test/graybox/mod/sender.c @@ -3,7 +3,6 @@ #include #include #include -#include #include #include @@ -219,11 +218,7 @@ int sender_send(char *pkt_name, void *pkt, size_t pkt_len) } if (dst) { -#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 4, 0) error = dst_output(ns, NULL, skb); -#else - error = dst_output(skb); -#endif if (error) log_err("dst_output() returned %d.", error); } else { diff --git a/test/unit/impersonator/nf_hook.c b/test/unit/impersonator/nf_hook.c index 111f5cfd9..d398950b8 100644 --- a/test/unit/impersonator/nf_hook.c +++ b/test/unit/impersonator/nf_hook.c @@ -1,11 +1,13 @@ -#include "mod/common/nf_wrapper.h" +#include -NF_CALLBACK(hook_ipv6, skb) +unsigned int hook_ipv6(void *priv, struct sk_buff *skb, + const struct nf_hook_state *nhs) { return NF_ACCEPT; } -NF_CALLBACK(hook_ipv4, skb) +unsigned int hook_ipv4(void *priv, struct sk_buff *skb, + const struct nf_hook_state *nhs) { return NF_ACCEPT; }