Re: [PATCH] netfilter: extend CONFIG_NF_CONNTRACK compile time checks
From: Florian Westphal
Date: Tue Jan 11 2022 - 09:29:12 EST
Tom Rix <trix@xxxxxxxxxx> wrote:
>
> On 1/11/22 1:46 AM, Pablo Neira Ayuso wrote:
> > Hi,
> >
> > On Sat, Dec 25, 2021 at 09:37:44AM -0800, trix@xxxxxxxxxx wrote:
> > > From: Tom Rix <trix@xxxxxxxxxx>
> > >
> > > Extends
> > > commit 83ace77f5117 ("netfilter: ctnetlink: remove get_ct indirection")
> > >
> > > Add some compile time checks by following the ct and ctinfo variables
> > > that are only set when CONFIG_NF_CONNTRACK is enabled.
> > >
> > > In nfulnl_log_packet(), ct is only set when CONFIG_NF_CONNTRACK
> > > is enabled. ct's later use in __build_packet_message() is only
> > > meaningful when CONFIG_NF_CONNTRACK is enabled, so add a check.
> > >
> > > In nfqnl_build_packet_message(), ct and ctinfo are only set when
> > > CONFIG_NF_CONNTRACK is enabled. Add a check for their decl and use.
> > >
> > > nfqnl_ct_parse() is a static function, move the check to the whole
> > > function.
> > >
> > > In nfqa_parse_bridge(), ct and ctinfo are only set by the only
> > > call to nfqnl_ct_parse(), so add a check for their decl and use.
> > >
> > > Consistently initialize ctinfo to 0.
> > Are compile warning being trigger without this patch, maybe with
> > CONFIG_NF_CONNTRACK=n?
>
> No compiler warnings, this was found by visual inspection.
>
> Robot says to entend more, so I want to make sure a human is also
> interested.
I hoped compiler was able to remove that without aid of preprocessor :/