The openvswitch code has gained support for calling into the
nf-nat-ipv4/ipv6 modules, however those can be loadable modules
in a configuration in which openvswitch is built-in, leading
to link errors:
net/built-in.o: In function `__ovs_ct_lookup':
:(.text+0x2cc2c8): undefined reference to `nf_nat_icmp_reply_translation'
:(.text+0x2cc66c): undefined reference to `nf_nat_icmpv6_reply_translation'
The dependency on (!NF_NAT || NF_NAT) prevents similar issues,
but NF_NAT is set to 'y' if any of the symbols selecting
it are built-in, but the link error happens when any of them
are modular.
A second issue is that even if CONFIG_NF_NAT_IPV6 is built-in,
CONFIG_NF_NAT_IPV4 might be completely disabled. This is unlikely
to be useful in practice, but the driver currently only handles
IPv6 being optional.
This patch improves the Kconfig dependency so that openvswitch
cannot be built-in if either of the two other symbols are set
to 'm', and it replaces the incorrect #ifdef in ovs_ct_nat_execute()
with two "if (IS_ENABLED())" checks that should catch all corner
cases also make the code more readable.
The same #ifdef exists ovs_ct_nat_to_attr(), where it does not
cause a link error, but for consistency I'm changing it the same
way.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Fixes: 05752523e5 ("openvswitch: Interface with NAT.")
Acked-by: Joe Stringer <joe@ovn.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
		
	
			
		
			
				
	
	
		
			74 lines
		
	
	
		
			2.2 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
			
		
		
	
	
			74 lines
		
	
	
		
			2.2 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
| #
 | |
| # Open vSwitch
 | |
| #
 | |
| 
 | |
| config OPENVSWITCH
 | |
| 	tristate "Open vSwitch"
 | |
| 	depends on INET
 | |
| 	depends on !NF_CONNTRACK || \
 | |
| 		   (NF_CONNTRACK && ((!NF_DEFRAG_IPV6 || NF_DEFRAG_IPV6) && \
 | |
| 				     (!NF_NAT || NF_NAT) && \
 | |
| 				     (!NF_NAT_IPV4 || NF_NAT_IPV4) && \
 | |
| 				     (!NF_NAT_IPV6 || NF_NAT_IPV6)))
 | |
| 	select LIBCRC32C
 | |
| 	select MPLS
 | |
| 	select NET_MPLS_GSO
 | |
| 	select DST_CACHE
 | |
| 	---help---
 | |
| 	  Open vSwitch is a multilayer Ethernet switch targeted at virtualized
 | |
| 	  environments.  In addition to supporting a variety of features
 | |
| 	  expected in a traditional hardware switch, it enables fine-grained
 | |
| 	  programmatic extension and flow-based control of the network.  This
 | |
| 	  control is useful in a wide variety of applications but is
 | |
| 	  particularly important in multi-server virtualization deployments,
 | |
| 	  which are often characterized by highly dynamic endpoints and the
 | |
| 	  need to maintain logical abstractions for multiple tenants.
 | |
| 
 | |
| 	  The Open vSwitch datapath provides an in-kernel fast path for packet
 | |
| 	  forwarding.  It is complemented by a userspace daemon, ovs-vswitchd,
 | |
| 	  which is able to accept configuration from a variety of sources and
 | |
| 	  translate it into packet processing rules.
 | |
| 
 | |
| 	  See http://openvswitch.org for more information and userspace
 | |
| 	  utilities.
 | |
| 
 | |
| 	  To compile this code as a module, choose M here: the module will be
 | |
| 	  called openvswitch.
 | |
| 
 | |
| 	  If unsure, say N.
 | |
| 
 | |
| config OPENVSWITCH_GRE
 | |
| 	tristate "Open vSwitch GRE tunneling support"
 | |
| 	depends on OPENVSWITCH
 | |
| 	depends on NET_IPGRE
 | |
| 	default OPENVSWITCH
 | |
| 	---help---
 | |
| 	  If you say Y here, then the Open vSwitch will be able create GRE
 | |
| 	  vport.
 | |
| 
 | |
| 	  Say N to exclude this support and reduce the binary size.
 | |
| 
 | |
| 	  If unsure, say Y.
 | |
| 
 | |
| config OPENVSWITCH_VXLAN
 | |
| 	tristate "Open vSwitch VXLAN tunneling support"
 | |
| 	depends on OPENVSWITCH
 | |
| 	depends on VXLAN
 | |
| 	default OPENVSWITCH
 | |
| 	---help---
 | |
| 	  If you say Y here, then the Open vSwitch will be able create vxlan vport.
 | |
| 
 | |
| 	  Say N to exclude this support and reduce the binary size.
 | |
| 
 | |
| 	  If unsure, say Y.
 | |
| 
 | |
| config OPENVSWITCH_GENEVE
 | |
| 	tristate "Open vSwitch Geneve tunneling support"
 | |
| 	depends on OPENVSWITCH
 | |
| 	depends on GENEVE
 | |
| 	default OPENVSWITCH
 | |
| 	---help---
 | |
| 	  If you say Y here, then the Open vSwitch will be able create geneve vport.
 | |
| 
 | |
| 	  Say N to exclude this support and reduce the binary size.
 |