Patchwork iptables: Turn ipv6 and libnfnetlink support into PACKAGECONFIG

login
register
mail settings
Submitter Khem Raj
Date March 17, 2013, 10:56 p.m.
Message ID <1363560984-11493-1-git-send-email-raj.khem@gmail.com>
Download mbox | patch
Permalink /patch/46297/
State Accepted
Commit 04cd51c8ac2b33476ca1b0c6467bceea76ceb636
Headers show

Comments

Khem Raj - March 17, 2013, 10:56 p.m.
Detection of libnfnetlink is automatic in configure which means
that when you have meta-networking in your cosmos, it would create
a race condition where if libnfnetlink is already staged then it
will be enabled otherwise disabled. The issue happens quite often
with sstate and high parallelism. Since the dependency libnfnetlink
is not part of OE-Core, this patch turns it into a PACKAGECONFIG
which is diabled by default and iptables is patched to provide
the knob.

If you want to enable libnfnetlink support then it can be done
in a bbappend where you are sure that you are also including
meta-networking in your distro.

While at it also turned ipv6 support into packageconfig

Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 ...Add-option-to-enable-disable-libnfnetlink.patch |   47 ++++++++++++++++++++
 meta/recipes-extended/iptables/iptables_1.4.17.bb  |   15 +++++--
 2 files changed, 59 insertions(+), 3 deletions(-)
 create mode 100644 meta/recipes-extended/iptables/iptables/0001-configure-Add-option-to-enable-disable-libnfnetlink.patch

Patch

diff --git a/meta/recipes-extended/iptables/iptables/0001-configure-Add-option-to-enable-disable-libnfnetlink.patch b/meta/recipes-extended/iptables/iptables/0001-configure-Add-option-to-enable-disable-libnfnetlink.patch
new file mode 100644
index 0000000..ab609e2
--- /dev/null
+++ b/meta/recipes-extended/iptables/iptables/0001-configure-Add-option-to-enable-disable-libnfnetlink.patch
@@ -0,0 +1,47 @@ 
+From 5c47cf5061b852c02178f01e23690bfe38a99d93 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Sun, 17 Mar 2013 11:21:35 -0700
+Subject: [PATCH] configure: Add option to enable/disable libnfnetlink
+
+This changes the configure behaviour from autodetecting
+for libnfnetlink to having an option to disable it explicitly
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+
+Upstream-Status: Pending
+---
+ configure.ac |   11 ++++++++---
+ 1 file changed, 8 insertions(+), 3 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index ba616ab..ce2d315 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -53,6 +53,9 @@ AC_ARG_ENABLE([libipq],
+ AC_ARG_WITH([pkgconfigdir], AS_HELP_STRING([--with-pkgconfigdir=PATH],
+ 	[Path to the pkgconfig directory [[LIBDIR/pkgconfig]]]),
+ 	[pkgconfigdir="$withval"], [pkgconfigdir='${libdir}/pkgconfig'])
++AC_ARG_ENABLE([libnfnetlink],
++	AS_HELP_STRING([--disable-libnfnetlink], [Do not use netfilter netlink library]),
++	[enable_libnfnetlink="$enableval"], [enable_libnfnetlink="yes"])
+ 
+ libiptc_LDFLAGS2="";
+ AX_CHECK_LINKER_FLAGS([-Wl,--no-as-needed],
+@@ -89,9 +92,11 @@ AM_CONDITIONAL([ENABLE_LARGEFILE], [test "$enable_largefile" = "yes"])
+ AM_CONDITIONAL([ENABLE_DEVEL], [test "$enable_devel" = "yes"])
+ AM_CONDITIONAL([ENABLE_LIBIPQ], [test "$enable_libipq" = "yes"])
+ 
+-PKG_CHECK_MODULES([libnfnetlink], [libnfnetlink >= 1.0],
+-	[nfnetlink=1], [nfnetlink=0])
+-AM_CONDITIONAL([HAVE_LIBNFNETLINK], [test "$nfnetlink" = 1])
++AS_IF([test "x$enable_libnfnetlink" = "xyes"], [
++  PKG_CHECK_MODULES([libnfnetlink], [libnfnetlink >= 1.0])
++  ])
++
++AM_CONDITIONAL([HAVE_LIBNFNETLINK], [test "x$enable_libnfnetlink" = "xyes"])
+ 
+ regular_CFLAGS="-Wall -Waggregate-return -Wmissing-declarations \
+ 	-Wmissing-prototypes -Wredundant-decls -Wshadow -Wstrict-prototypes \
+-- 
+1.7.9.5
+
diff --git a/meta/recipes-extended/iptables/iptables_1.4.17.bb b/meta/recipes-extended/iptables/iptables_1.4.17.bb
index f8ef7b6..aa932ce 100644
--- a/meta/recipes-extended/iptables/iptables_1.4.17.bb
+++ b/meta/recipes-extended/iptables/iptables_1.4.17.bb
@@ -7,7 +7,7 @@  LICENSE = "GPLv2+"
 LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263\
                     file://iptables/iptables.c;beginline=13;endline=25;md5=c5cffd09974558cf27d0f763df2a12dc"
 
-PR = "r0"
+PR = "r1"
 
 RRECOMMENDS_${PN} = "kernel-module-x-tables \
                      kernel-module-ip-tables \
@@ -24,14 +24,23 @@  FILES_${PN}-dbg =+ "${libdir}/xtables/.debug"
 SRC_URI = "http://netfilter.org/projects/iptables/files/iptables-${PV}.tar.bz2 \
            file://types.h-add-defines-that-are-required-for-if_packet.patch \
            file://fix-link-failure-ip6t-NETMAP.patch \
-           file://fix-iptables-extensions-build-error.patch"
+           file://fix-iptables-extensions-build-error.patch \
+           file://0001-configure-Add-option-to-enable-disable-libnfnetlink.patch \
+          "
 SRC_URI[md5sum] = "c3fb2ffd5b39d0d54b06ccc4c8660116"
 SRC_URI[sha256sum] = "51e7a769469383b6ad308a6a19cdd2bd813cf4593e21a156a543a1cd70554925"
 
 inherit autotools
 
 EXTRA_OECONF = "--with-kernel=${STAGING_INCDIR} \
-                ${@base_contains('DISTRO_FEATURES', 'ipv6', '', '--disable-ipv6', d)}"
+               "
+PACKAGECONFIG ?= "${@base_contains('DISTRO_FEATURES', 'ipv6', 'ipv6', '', d)} \
+                 "
+
+PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6,"
+
+# libnfnetlink recipe is in meta-networking layer
+PACKAGECONFIG[libnfnetlink] = "--enable-libnfnetlink,--disable-libnfnetlink,libnfnetlink"
 
 do_configure_prepend() {
 	# Remove some libtool m4 files