From: John Thomson Date: Mon, 24 Oct 2022 09:58:02 +0000 (+0200) Subject: build: support for Linux 6.1 X-Git-Tag: v3.22~1 X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=71396f941d7e4d772fc5d7f0b0b7cc309766903d;p=thirdparty%2Fxtables-addons.git build: support for Linux 6.1 6.1 commit de492c83cae0 ("prandom: remove unused functions") removed prandom_u32, which was replaced and deprecated for get_random_u32 in 5.19 d4150779e60f ("random32: use real rng for non-deterministic randomness"). get_random_u32 was introduced in 4.11 c440408cf690 ("random: convert get_random_int/long into get_random_u32/u64") Use the cocci script from 81895a65ec63 ("treewide: use prandom_u32_max() when possible, part 1"), along with a best guess for _max changes, introduced: 3.14 f337db64af05 ("random32: add prandom_u32_max and convert open coded users") --- diff --git a/configure.ac b/configure.ac index 727c45f..0b84540 100644 --- a/configure.ac +++ b/configure.ac @@ -59,10 +59,12 @@ AS_IF([test -n "$kbuilddir"], [ yoff ], [ echo "$kmajor.$kminor.$kmicro.$kstable in $kbuilddir"; - if test "$kmajor" -gt 5 -o "$kmajor" -eq 5 -a "$kminor" -gt 19; then + if test "$kmajor" -gt 6 -o "$kmajor" -eq 6 -a "$kminor" -gt 1; then yon echo "WARNING: That kernel version is not officially supported yet. Continue at own luck."; yoff + elif test "$kmajor" -eq 6; then + : elif test "$kmajor" -eq 5 -a "$kminor" -ge 0; then : elif test "$kmajor" -eq 4 -a "$kminor" -ge 16; then diff --git a/extensions/xt_CHAOS.c b/extensions/xt_CHAOS.c index 69d2082..2b0d09f 100644 --- a/extensions/xt_CHAOS.c +++ b/extensions/xt_CHAOS.c @@ -67,7 +67,7 @@ xt_chaos_total(struct sk_buff *skb, const struct xt_action_param *par) ret = xm_tcp->match(skb, &local_par); hotdrop = local_par.hotdrop; } - if (!ret || hotdrop || (unsigned int)prandom_u32() > delude_percentage) + if (!ret || hotdrop || (unsigned int)get_random_u32() > delude_percentage) return; destiny = (info->variant == XTCHAOS_TARPIT) ? xt_tarpit : xt_delude; @@ -94,7 +94,7 @@ chaos_tg(struct sk_buff *skb, const struct xt_action_param *par) const struct xt_chaos_tginfo *info = par->targinfo; const struct iphdr *iph = ip_hdr(skb); - if ((unsigned int)prandom_u32() <= reject_percentage) { + if ((unsigned int)get_random_u32() <= reject_percentage) { struct xt_action_param local_par; local_par.state = par->state; local_par.target = xt_reject; diff --git a/extensions/xt_TARPIT.c b/extensions/xt_TARPIT.c index 9a7ae5c..22e6125 100644 --- a/extensions/xt_TARPIT.c +++ b/extensions/xt_TARPIT.c @@ -107,8 +107,8 @@ static bool xttarpit_honeypot(struct tcphdr *tcph, const struct tcphdr *oth, tcph->syn = true; tcph->ack = true; tcph->window = oth->window & - ((prandom_u32() & 0x1f) - 0xf); - tcph->seq = htonl(prandom_u32() & ~oth->seq); + (prandom_u32_max(0x20) - 0xf); + tcph->seq = htonl(prandom_u32_max(~oth->seq + 1)); tcph->ack_seq = htonl(ntohl(oth->seq) + oth->syn); } @@ -117,7 +117,7 @@ static bool xttarpit_honeypot(struct tcphdr *tcph, const struct tcphdr *oth, tcph->syn = false; tcph->ack = true; tcph->window = oth->window & - ((prandom_u32() & 0x1f) - 0xf); + (prandom_u32_max(0x20) - 0xf); tcph->ack_seq = payload > 100 ? htonl(ntohl(oth->seq) + payload) : oth->seq;