git: fda7daf06301 - main - pfctl: Stop sharing pf_ruleset.c with the kernel
Hartmann, O.
o.hartmann at walstatt.org
Wed Jan 6 09:20:16 UTC 2021
On Wed, 06 Jan 2021 07:28:27 +0100
"Kristof Provost" <kp at FreeBSD.org> wrote:
> On 6 Jan 2021, at 5:50, Hartmann, O. wrote:
> > On Tue, 5 Jan 2021 22:37:54 GMT
> > Kristof Provost <kp at FreeBSD.org> wrote:
> >
> >> The branch main has been updated by kp:
> >>
> >> URL:
> >> https://cgit.FreeBSD.org/src/commit/?id=fda7daf06301beef1bdad39891232a12c6925b22
> >>
> >> commit fda7daf06301beef1bdad39891232a12c6925b22
> >> Author: Kristof Provost <kp at FreeBSD.org>
> >> AuthorDate: 2020-12-24 15:02:04 +0000
> >> Commit: Kristof Provost <kp at FreeBSD.org>
> >> CommitDate: 2021-01-05 22:35:37 +0000
> >>
> >> pfctl: Stop sharing pf_ruleset.c with the kernel
> >>
> >> Now that we've split up the datastructures used by the kernel and
> >> userspace there's essentually no more overlap between the
> >> pf_ruleset.c
> >> code used by userspace and kernelspace.
> >>
> >> Copy the userspace bits to the pfctl directory and stop using the
> >> kernel
> >> file.
> >>
> >> Reviewed by: philip
> >> MFC after: 2 weeks
> >> Sponsored by: Orange Business Services
> >> Differential Revision: https://reviews.freebsd.org/D27764
> >> ---
> >> sbin/pfctl/Makefile | 3 -
> >> sbin/pfctl/pf_ruleset.c | 343
> >> ++++++++++++++++++++++++++++++++++++++++++++
> >> sys/netpfil/pf/pf_ruleset.c | 286
> >> +-----------------------------------
> >> 3 files changed, 349 insertions(+), 283 deletions(-)
> >>
> >
> > It seems that now make buildkernel fails (at least for me):
> >
> >
> > [...]
> > ===> lib/libelftc (all)
> > --- all_subdir_sbin ---
> > /usr/src/sys/netpfil/pf/pf_ruleset.c:62:2: error: "Kernel only file.
> > Please use
> > sbin/pfctl/pf_ruleset.c instead." #error "Kernel only file. Please use
> > sbin/pfctl/pf_ruleset.c instead." ^
> > /usr/src/sys/netpfil/pf/pf_ruleset.c:71:39: warning: type specifier
> > missing, defaults to
> > 'int' [-Wimplicit-int] VNET_DEFINE(struct pf_kanchor_global,
> > pf_anchors);
> > ^
> > /usr/src/sys/netpfil/pf/pf_ruleset.c:71:1: warning: type specifier
> > missing, defaults to
> > 'int' [-Wimplicit-int] VNET_DEFINE(struct pf_kanchor_global,
> > pf_anchors);
> > ^
> > /usr/src/sys/netpfil/pf/pf_ruleset.c:72:33: warning: type specifier
> > missing, defaults to
> > 'int' [-Wimplicit-int] VNET_DEFINE(struct pf_kanchor,
> > pf_main_anchor);
> > ^
> > /usr/src/sys/netpfil/pf/pf_ruleset.c:72:1: warning: type specifier
> > missing, defaults to
> > 'int' [-Wimplicit-int] VNET_DEFINE(struct pf_kanchor,
> > pf_main_anchor);
> > ^
> > /usr/src/sys/netpfil/pf/pf_ruleset.c:72:1: error: conflicting types
> > for 'VNET_DEFINE'
> > /usr/src/sys/netpfil/pf/pf_ruleset.c:71:1: note: previous declaration
> > is here
> > VNET_DEFINE(struct pf_kanchor_global, pf_anchors);
> >
> >
> What architecture are you building for? What kernel config? Do you have
> anything in src.conf or make.conf?
>
> Regards,
> Kristof
amd64.
kernel config is custom, no debug, IPFW, MAC. pf is not used, we use IPFW. make.conf has
only port related stuff.
src.conf looks like this:
#
CPUTYPE?= native
#
CFLAGS+= -O3
# for the kernel
COPTFLAGS+= -O3
#
#CXXFLAGS+= -std=c++17
#
WITH_CLANG_EXTRAS= YES
WITH_LLDB= YES
#
#WITH_BSD_GREP= YES
#
WITH_OFED_EXTRA= YES
WITH_NAND= YES
#WITH_CTF= YES
#
WITH_NVME= YES
#
WITH_BEARSSL= YES
#Build dynamically linked binaries as Position-Independent Executable (PIE)
WITH_PIE= YES
#
WITH_SVN= YES
#
WITH_SORT_THREADS= YES
#
WITH_ZONEINFO_LEAPSECONDS_SUPPORT= YES
#
WITH_MALLOC_PRODUCTION= YES
#
WITHOUT_ASSERT_DEBUG= YES
WITHOUT_TESTS= YES
WITHOUT_DEBUG_FILES= YES
#
WITHOUT_CLEAN= YES
#
WITHOUT_REPRODUCIBLE_BUILD= YES
#
#
KERNCONF= THOR
KERNCONFDIR= /etc/config/amd64/kernel_conf/
#
PORTS_MODULES=
PORTS_MODULES+= x11/nvidia-driver
PORTS_MODULES+= emulators/virtualbox-ose-kmod
Kind regards and thanks in advance,
oh
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/dev-commits-src-all/attachments/20210106/781e0db3/attachment.sig>
More information about the dev-commits-src-all
mailing list