iproute2: Remove libxtables from some tc variants
authorHauke Mehrtens <hauke@hauke-m.de>
Thu, 27 Jan 2022 12:30:38 +0000 (12:30 +0000)
committerHauke Mehrtens <hauke@hauke-m.de>
Sat, 5 Mar 2022 20:06:35 +0000 (21:06 +0100)
This adds the new tc-bpf variant and removes libxtables dependency from
the tc-tiny variant. The tc-full variant stays like before and contains
everything.

This allows to use tc without libxtables.

The variants have the following sizes:
root@OpenWrt:/# ls -al /usr/libexec/tc-*
-rwxr-xr-x    1 root     root        282453 Mar  1 21:55 /usr/libexec/tc-bpf
-rwxr-xr-x    1 root     root        282533 Mar  1 21:55 /usr/libexec/tc-full
-rwxr-xr-x    1 root     root        266037 Mar  1 21:55 /usr/libexec/tc-tiny

They are linking the following shared libraries:
root@OpenWrt:/# ldd /usr/libexec/tc-tiny
        /lib/ld-musl-mips-sf.so.1 (0x77d6e000)
        libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x77d4a000)
        libc.so => /lib/ld-musl-mips-sf.so.1 (0x77d6e000)
root@OpenWrt:/# ldd /usr/libexec/tc-bpf
        /lib/ld-musl-mips-sf.so.1 (0x77da6000)
        libbpf.so.0 => /usr/lib/libbpf.so.0 (0x77d60000)
        libelf.so.1 => /usr/lib/libelf.so.1 (0x77d3e000)
        libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x77d1a000)
        libc.so => /lib/ld-musl-mips-sf.so.1 (0x77da6000)
        libz.so.1 => /usr/lib/libz.so.1 (0x77cf6000)
root@OpenWrt:/# ldd /usr/libexec/tc-full
        /lib/ld-musl-mips-sf.so.1 (0x77de8000)
        libbpf.so.0 => /usr/lib/libbpf.so.0 (0x77da2000)
        libelf.so.1 => /usr/lib/libelf.so.1 (0x77d80000)
        libxtables.so.12 => /usr/lib/libxtables.so.12 (0x77d66000)
        libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x77d42000)
        libc.so => /lib/ld-musl-mips-sf.so.1 (0x77de8000)
        libz.so.1 => /usr/lib/libz.so.1 (0x77d1e000)

This is based on a patch from Tiago Gaspar.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
package/network/utils/iproute2/Makefile

index 928f44e797863672768921c9722b2f7c69c6b82f..55c00a0d6d941abb614dd4e69adf8a7802f05589 100644 (file)
@@ -57,7 +57,16 @@ $(call Package/iproute2/Default)
   DEFAULT_VARIANT:=1
   PROVIDES:=tc
   ALTERNATIVES:=200:/sbin/tc:/usr/libexec/tc-tiny
-  DEPENDS:=+kmod-sched-core +libxtables +tc-mod-iptables +(PACKAGE_devlink||PACKAGE_rdma):libmnl
+  DEPENDS:=+kmod-sched-core +(PACKAGE_devlink||PACKAGE_rdma):libmnl
+endef
+
+define Package/tc-bpf
+$(call Package/iproute2/Default)
+  TITLE:=Traffic control utility (bpf)
+  VARIANT:=tcbpf
+  PROVIDES:=tc
+  ALTERNATIVES:=300:/sbin/tc:/usr/libexec/tc-bpf
+  DEPENDS:=+kmod-sched-core +(PACKAGE_devlink||PACKAGE_rdma):libmnl +libbpf
 endef
 
 define Package/tc-full
@@ -65,13 +74,14 @@ $(call Package/iproute2/Default)
   TITLE:=Traffic control utility (full)
   VARIANT:=tcfull
   PROVIDES:=tc
-  ALTERNATIVES:=300:/sbin/tc:/usr/libexec/tc-full
-  DEPENDS:=+kmod-sched-core +libxtables +tc-mod-iptables +libbpf +(PACKAGE_devlink||PACKAGE_rdma):libmnl
+  ALTERNATIVES:=400:/sbin/tc:/usr/libexec/tc-full
+  DEPENDS:=+kmod-sched-core +(PACKAGE_devlink||PACKAGE_rdma):libmnl +libbpf +libxtables +tc-mod-iptables
 endef
 
 define Package/tc-mod-iptables
 $(call Package/iproute2/Default)
   TITLE:=Traffic control module - iptables action
+  VARIANT:=tcfull
   DEPENDS:=+libxtables
 endef
 
@@ -123,13 +133,29 @@ endif
 
 ifeq ($(BUILD_VARIANT),tctiny)
   LIBBPF_FORCE:=off
+endif
+
+ifeq ($(BUILD_VARIANT),tcbpf)
+  HAVE_ELF:=y
+  LIBBPF_FORCE:=on
   SHARED_LIBS:=y
 endif
 
 ifeq ($(BUILD_VARIANT),tcfull)
+  #enable iptables/xtables requirement only if tciptables variant is selected
+  TC_CONFIG_XT:=y
+  TC_CONFIG_XT_OLD:=y
+  TC_CONFIG_XT_OLD_H:=y
+  TC_CONFIG_IPSET:=y
   HAVE_ELF:=y
   LIBBPF_FORCE:=on
   SHARED_LIBS:=y
+else
+  #disable iptables requirement by default
+  TC_CONFIG_XT:=n
+  TC_CONFIG_XT_OLD:=n
+  TC_CONFIG_XT_OLD_H:=n
+  TC_CONFIG_IPSET:=n
 endif
 
 ifdef CONFIG_PACKAGE_devlink
@@ -160,6 +186,10 @@ MAKE_FLAGS += \
        HAVE_CAP=$(HAVE_CAP) \
        IPT_LIB_DIR=/usr/lib/iptables \
        XT_LIB_DIR=/usr/lib/iptables \
+       TC_CONFIG_XT=$(TC_CONFIG_XT) \
+       TC_CONFIG_XT_OLD=$(TC_CONFIG_XT_OLD) \
+       TC_CONFIG_XT_OLD_H=$(TC_CONFIG_XT_OLD_H) \
+       TC_CONFIG_IPSET=$(TC_CONFIG_IPSET) \
        FPIC="$(FPIC)" \
        $(if $(findstring c,$(OPENWRT_VERBOSE)),V=1,V='')
 
@@ -190,6 +220,11 @@ define Package/tc-tiny/install
        $(INSTALL_BIN) $(PKG_BUILD_DIR)/tc/tc $(1)/usr/libexec/tc-tiny
 endef
 
+define Package/tc-bpf/install
+       $(INSTALL_DIR) $(1)/usr/libexec
+       $(INSTALL_BIN) $(PKG_BUILD_DIR)/tc/tc $(1)/usr/libexec/tc-bpf
+endef
+
 define Package/tc-full/install
        $(INSTALL_DIR) $(1)/usr/libexec
        $(INSTALL_BIN) $(PKG_BUILD_DIR)/tc/tc $(1)/usr/libexec/tc-full
@@ -236,6 +271,7 @@ $(eval $(call BuildPackage,ip-full))
 # spurious rebuilds when building multiple variants.
 $(eval $(call BuildPackage,tc-mod-iptables))
 $(eval $(call BuildPackage,tc-tiny))
+$(eval $(call BuildPackage,tc-bpf))
 $(eval $(call BuildPackage,tc-full))
 $(eval $(call BuildPackage,genl))
 $(eval $(call BuildPackage,ip-bridge))