xtables-addons 3.0-0.1ubuntu4/3.8-2ubuntu0.1 fails to build with linux 5.4.0-57.63

The attached debdiff contains the proposed fix for xtables-addons in Focal.

A build can be found on the following PPA:
https://launchpad.net/~kleber-souza/+archive/ubuntu/ppa/+sourcepub/11809351/+listing-archive-extra

The source package can be found at:
https://kernel.ubuntu.com/~ksouza/lp1907109/focal/

The attached debdiff contains the proposed fix for xtables-addons in Bionic.

A build can be found on the following PPA:
https://launchpad.net/~kleber-souza/+archive/ubuntu/ppa/+sourcepub/11811362/+listing-archive-extra

The source package can be found at:
https://kernel.ubuntu.com/~ksouza/lp1907109/bionic/

Hello Kleber, or anyone else affected,

Accepted xtables-addons into focal-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/xtables-addons/3.8-2ubuntu0.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-focal to verification-done-focal. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-focal. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

All autopkgtests for the newly accepted xtables-addons (3.8-2ubuntu0.2) for focal have finished running.
The following regressions have been reported in tests triggered by the package:

west-chamber/20100405+svn20111107.r124-12 (s390x, armhf, ppc64el, amd64, arm64)

Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-migration/focal/update_excuses.html#xtables-addons

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

Hello Kleber, or anyone else affected,

Accepted xtables-addons into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/xtables-addons/3.0-0.1ubuntu5 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Can confirm that the xtables-addons 3.8-2ubuntu0.2 modules now compile and install cleanly on Focal (5.4.0-62, amd64). No problem loading the patched modules, either.

west-chamber/20100405+svn20111107.r124-12 has the same issue and also needs to be fixed. This was not spotted before because xtables-addons is a dependency so building west-chamber failed in an earlier stage.

I will prepare a fix for west-chamber.

I can confirm that xtables-addons 3.0-0.1ubuntu5 can be built and the modules loaded on Bionic with both generic (4.15.0-134-generic,) and hwe (5.4.0-64-generic) kernels.

I have opened another bug for the west-chamber issue: bug 1912783.

This bug was fixed in the package xtables-addons - 3.8-2ubuntu0.2

---------------
xtables-addons (3.8-2ubuntu0.2) focal; urgency=medium

  * Adjust for changed signature of ip_route_me_harder (LP: #1907109)
    - 0002-ip_route_me_hard-use-actual-socket-sk-rather-than-sk.patch

 -- Kleber Sacilotto de Souza <email address hidden> Mon, 07 Dec 2020 18:21:27 +0100

The verification of the Stable Release Update for xtables-addons has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Please be sure to fix the west-chamber issue whenever possible. I have not hinted that ADT failure as I think it's a good reminder that the package needs to be fixed sooner or later.

This bug was fixed in the package xtables-addons - 3.0-0.1ubuntu5

---------------
xtables-addons (3.0-0.1ubuntu5) bionic; urgency=medium

  * Adjust for changed signature of ip_route_me_harder (LP: #1907109)
    - 0005-ip_route_me_hard-use-actual-socket-sk-rather-than-sk.patch

 -- Kleber Sacilotto de Souza <email address hidden> Tue, 08 Dec 2020 15:05:29 +0100

Updated to 5.8.0-44-generic, and problem installing or re-installing xtables-addons-dkms reappeared.

from /var/lib/dkms/xtables-addons/3.8/build/make.log:

   70 | return ip_route_me_harder(net, skb, addr_type);
      | ^~~
      | |
      | struct sk_buff *
In file included from ./include/linux/netfilter/x_tables.h:245,
                 from /var/lib/dkms/xtables-addons/3.8/build/extensions/xt_CHAOS.c:17:
./include/linux/netfilter_ipv4.h:19:54: note: expected 'struct sock *' but argument is of type 'struct sk_buff *'
   19 | int ip_route_me_harder(struct net *net, struct sock *sk, struct sk_buff *skb, unsigned addr_type);
      | ~~~~~~~~~~~~~^~
In file included from /var/lib/dkms/xtables-addons/3.8/build/extensions/xt_CHAOS.c:24:
/var/lib/dkms/xtables-addons/3.8/build/extensions/compat_xtables.h:70:38: warning: passing argument 3 of 'ip_route_
me_harder' makes pointer from integer without a cast [-Wint-conversion]
   70 | return ip_route_me_harder(net, skb, addr_type);
      | ^~~~~~~~~
      | |
      |

Is there any workaround?

Hello MikeR,

For this new issue with the 5.8 kernels we have opened another bug report: bug 1915177.

The status is that the fix is currently in groovy-proposed. The fixed package should be available in -updates on the following days, however, if you are willing to test it from -proposed you can follow these steps: https://wiki.ubuntu.com/Testing/EnableProposed

Thanks.

Sorry, but...

started Synaptic, and checked proposed, and reloaded.
Searched for xtables-addons and found latest version was still 3.8-2ubuntu0.2

Tried installing xtables-addons-dkms and xtables-addons-common, and saw the following:
<text>
Loading new xtables-addons-3.8 DKMS files...
Building for 5.8.0-44-generic
Building initial module for 5.8.0-44-generic
ERROR: Cannot create report: [Errno 17] File exists: '/var/crash/xtables-addons-dkms.0.crash'
Error! Build of xt_ACCOUNT.ko failed for: 5.8.0-44-generic (x86_64)
Consult the make.log in the build directory
/var/lib/dkms/xtables-addons/3.8/build/ for more information.
dpkg: error processing package xtables-addons-dkms (--configure):
 installed xtables-addons-dkms package post-installation script subprocess returned error exit status 7
Processing triggers for man-db (2.9.1-1) ...
Processing triggers for libc-bin (2.31-0ubuntu9.2) ...
Errors were encountered while processing:
 xtables-addons-dkms
E: Sub-process /usr/bin/dpkg returned an error code (1)
A package failed to install. Trying to recover:
Setting up xtables-addons-dkms (3.8-2ubuntu0.2) ...
Removing old xtables-addons-3.8 DKMS files...
</text>

I'll wait a day or two and try again...
Here's hoping.

Also there is no option
Software & Updates --> Pre-release updates (focal-proposed)
either via Software & Updates or via Synaptic.

Is there a chance of getting the update in vanilla focal? (hwe: 5.8.0-45-generic)

Hi kleber,

xtables-addons-common is already the newest version (3.8-2ubuntu0.2) | and facing the below error

make all-recursive
make[1]: Entering directory '/usr/share/xt_geoip/xtables-addons-3.9'
Making all in extensions
make[2]: Entering directory '/usr/share/xt_geoip/xtables-addons-3.9/extensions'
Xtables-addons 3.9 - Linux 5.4.86
if [ -n "/lib/modules/5.4.0-66-generic/build" ]; then make -C /lib/modules/5.4.0-66-generic/build M=/usr/share/xt_geoip/xtables-addons-3.9/extensions modules; fi;
make[3]: Entering directory '/usr/src/linux-headers-5.4.0-66-generic'
  CC [M] /usr/share/xt_geoip/xtables-addons-3.9/extensions/xt_DELUDE.o
/usr/share/xt_geoip/xtables-addons-3.9/extensions/xt_DELUDE.c: In function ‘delude_send_reset’:
/usr/share/xt_geoip/xtables-addons-3.9/extensions/xt_DELUDE.c:125:30: error: passing argument 2 of ‘ip_route_me_harder’ from incompatible pointer type [-Werror=incompatible-pointer-types]
  125 | if (ip_route_me_harder(net, nskb, addr_type))
      | ^~~~
      | |
      | struct sk_buff *
In file included from ./include/linux/netfilter/x_tables.h:245,
                 from /usr/share/xt_geoip/xtables-addons-3.9/extensions/xt_DELUDE.c:20:
./include/linux/netfilter_ipv4.h:19:54: note: expected ‘struct sock *’ but argument is of type ‘struct sk_buff *’
   19 | int ip_route_me_harder(struct net *net, struct sock *sk, struct sk_buff *skb, unsigned addr_type);
      | ~~~~~~~~~~~~~^~
/usr/share/xt_geoip/xtables-addons-3.9/extensions/xt_DELUDE.c:125:36: warning: passing argument 3 of ‘ip_route_me_harder’ makes pointer from integer without a cast [-Wint-conversion]
  125 | if (ip_route_me_harder(net, nskb, addr_type))
      | ^~~~~~~~~
      | |
      | unsigned int
In file included from ./include/linux/netfilter/x_tables.h:245,
                 from /usr/share/xt_geoip/xtables-addons-3.9/extensions/xt_DELUDE.c:20:
./include/linux/netfilter_ipv4.h:19:74: note: expected ‘struct sk_buff *’ but argument is of type ‘unsigned int’
   19 | int ip_route_me_harder(struct net *net, struct sock *sk, struct sk_buff *skb, unsigned addr_type);
      | ~~~~~~~~~~~~~~~~^~~
/usr/share/xt_geoip/xtables-addons-3.9/extensions/xt_DELUDE.c:125:6: error: too few arguments to function ‘ip_route_me_harder’
  125 | if (ip_route_me_harder(net, nskb, addr_type))
      | ^~~~~~~~~~~~~~~~~~
In file included from ./include/linux/netfilter/x_tables.h:245,
                 from /usr/share/xt_geoip/xtables-addons-3.9/extensions/xt_DELUDE.c:20:
./include/linux/netfilter_ipv4.h:19:5: note: declared here
   19 | int ip_route_me_harder(struct net *net, struct sock *sk, struct sk_buff *skb, unsigned addr_type);
      | ^~~~~~~~~~~~~~~~~~
cc1: some warnings being treated as errors
make[4]: *** [scripts/Makefile.build:271: /usr/share/xt_geoip/xtables-addons-3.9/extensions/xt_DELUDE.o] Error 1
make[3]: *** [Makefile:1760: /usr/share/xt_geoip/xtables-addons-3.9/extension...

Hello Ahmed,

By the logs I'm assuming you are running 20.04 (Focal Fossa). For this series there is an update to xtables-addons-dkms currently in -proposed (this fix is being tracked via bug 1915177). To get this update you can either enable the -proposed pocket or wait for a few more days until the fix is available in -updates.

Regards.