Fix old kernel versions builders

2026-01-30 06:00:34 +03:00 · 2025-01-10 13:43:54 +03:00
parent 351bbfb097
commit 1027240062
8 changed files with 99 additions and 137 deletions
--- a/.github/builder_containers/kernel-3.0.101.Dockerfile
+++ b/.github/builder_containers/kernel-3.0.101.Dockerfile
@@ -1,12 +0,0 @@
 FROM ubuntu:14.04
 RUN apt update && apt install -y build-essential flex bc bison libelf-dev elfutils libssl-dev wget
 RUN wget https://cdn.kernel.org/pub/linux/kernel/v3.x/linux-3.0.101.tar.xz -O kernel.tar.xz
 RUN tar -xf kernel.tar.xz
 RUN rm -f kernel.tar.xz
 RUN /bin/bash -c "mv linux-* linux"
 WORKDIR /linux
 RUN make defconfig
 RUN make -j$(nproc)
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -106,7 +106,6 @@ jobs:
          - 4.19.322
          - 4.4.302
          - 3.10.108
          - 3.0.101
    steps:
      - name: Checkout
        uses: actions/checkout@v4
--- a/2
+++ b/2
@@ -1,3 +1,3 @@
 obj-m := kyoutubeUnblock.o
-kyoutubeUnblock-objs := src/kytunblock.o src/mangle.o src/quic.o src/quic_crypto.o src/utils.o src/kargs.o src/tls.o src/getopt.o src/inet_ntop.o src/args.o deps/cyclone/aes.o deps/cyclone/cpu_endian.o deps/cyclone/ecb.o deps/cyclone/gcm.o deps/cyclone/hkdf.o deps/cyclone/hmac.o deps/cyclone/sha256.o
+kyoutubeUnblock-objs := src/kytunblock.o src/mangle.o src/quic.o src/quic_crypto.o src/utils.o src/tls.o src/getopt.o src/inet_ntop.o src/args.o deps/cyclone/aes.o deps/cyclone/cpu_endian.o deps/cyclone/ecb.o deps/cyclone/gcm.o deps/cyclone/hkdf.o deps/cyclone/hmac.o deps/cyclone/sha256.o
 ccflags-y := -std=gnu99 -DKERNEL_SPACE -Wno-error -Wno-declaration-after-statement -I$(src)/src -I$(src)/deps/cyclone/include
--- a/src/kargs.c
+++ b/src/kargs.c
@@ -1,105 +0,0 @@
 /*
  youtubeUnblock - https://github.com/Waujito/youtubeUnblock
  Copyright (C) 2024-2025 Vadim Vetrov <vetrovvd@gmail.com>
  This program is free software: you can redistribute it and/or modify
  it under the terms of the GNU General Public License as published by
  the Free Software Foundation, either version 3 of the License, or
  (at your option) any later version.
  This program is distributed in the hope that it will be useful,
  but WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more details.
  You should have received a copy of the GNU General Public License
  along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */
 #include "config.h"
 #include "types.h"
 #include <linux/moduleparam.h>
 #include "types.h"
 #include "args.h"
 #include "logging.h"
 /**
 * Defined in kyoutubeUnblock.c
 */
 extern struct spinlock hot_config_spinlock;
 extern atomic_t hot_config_counter;
 extern atomic_t hot_config_rep;
 extern struct mutex config_free_mutex;
 #define MAX_ARGC 1024
 static char *argv[MAX_ARGC];
 static int params_set(const char *cval, const struct kernel_param *kp) {
 	int ret;
 	ret = mutex_trylock(&config_free_mutex);
 	if (ret == 0) 
 		return -EBUSY;
 	int cv_len = strlen(cval);
 	if (cv_len >= 1 && cval[cv_len - 1] == '\n') {
 		cv_len--;
 	}
 	const char *ytb_prefix = "youtubeUnblock ";
 	int ytbp_len = strlen(ytb_prefix);
 	int len = cv_len + ytbp_len; 
 	char *val = kmalloc(len + 1, GFP_KERNEL); // 1 for null-terminator
 	strncpy(val, ytb_prefix, ytbp_len);
 	strncpy(val + ytbp_len, cval, cv_len);
 	val[len] = '\0';
 	int argc = 0;
 	argv[argc++] = val;
 	for (int i = 0; i < len; i++) {
 		if (val[i] == ' ') {
 			val[i] = '\0';
 			// safe because of null-terminator
 			if (val[i + 1] != ' ' && val[i + 1] != '\0') {
 				argv[argc++] = val + i + 1;
 			}
 		}
 	}
 	spin_lock(&hot_config_spinlock);
 	// lock netfilter youtubeUnblock
 	atomic_set(&hot_config_rep, 1);
 	spin_unlock(&hot_config_spinlock);
 	// lock config hot replacement process until all 
 	// netfilter callbacks keep running
 	while (atomic_read(&hot_config_counter) > 0) {}
 	ret = yparse_args(argc, argv);
 	spin_lock(&hot_config_spinlock);
 	// relaunch youtubeUnblock
 	atomic_set(&hot_config_rep, 0);
 	spin_unlock(&hot_config_spinlock);
 	kfree(val);
 	mutex_unlock(&config_free_mutex);
 	return ret;
 }
 static int params_get(char *buffer, const struct kernel_param *kp) {
 	size_t len = print_config(buffer, 4000);
 	return len;
 }
 static const struct kernel_param_ops params_ops = {
 	.set = params_set,
 	.get = params_get,
 };
 module_param_cb(parameters, &params_ops, NULL, 0664);
--- a/src/kytunblock.c
+++ b/src/kytunblock.c
@@ -63,12 +63,85 @@ MODULE_DESCRIPTION("Linux kernel module for youtubeUnblock");
 static struct socket *rawsocket;
 static struct socket *raw6socket;
-DEFINE_SPINLOCK(hot_config_spinlock);
+static DEFINE_SPINLOCK(hot_config_spinlock);
-DEFINE_MUTEX(config_free_mutex);
+static DEFINE_MUTEX(config_free_mutex);
-atomic_t hot_config_counter = ATOMIC_INIT(0);
+static atomic_t hot_config_counter = ATOMIC_INIT(0);
 // boolean flag for hot config replacement
 // if 1, youtubeUnblock should stop processing
-atomic_t hot_config_rep = ATOMIC_INIT(0);
+static atomic_t hot_config_rep = ATOMIC_INIT(0);
 #define MAX_ARGC 1024
 static char *argv[MAX_ARGC];
 static int params_set(const char *cval, const struct kernel_param *kp) {
 	int ret;
 	ret = mutex_trylock(&config_free_mutex);
 	if (ret == 0) 
 		return -EBUSY;
 	int cv_len = strlen(cval);
 	if (cv_len >= 1 && cval[cv_len - 1] == '\n') {
 		cv_len--;
 	}
 	const char *ytb_prefix = "youtubeUnblock ";
 	int ytbp_len = strlen(ytb_prefix);
 	int len = cv_len + ytbp_len; 
 	char *val = kmalloc(len + 1, GFP_KERNEL); // 1 for null-terminator
 	strncpy(val, ytb_prefix, ytbp_len);
 	strncpy(val + ytbp_len, cval, cv_len);
 	val[len] = '\0';
 	int argc = 0;
 	argv[argc++] = val;
 	for (int i = 0; i < len; i++) {
 		if (val[i] == ' ') {
 			val[i] = '\0';
 			// safe because of null-terminator
 			if (val[i + 1] != ' ' && val[i + 1] != '\0') {
 				argv[argc++] = val + i + 1;
 			}
 		}
 	}
 	spin_lock(&hot_config_spinlock);
 	// lock netfilter youtubeUnblock
 	atomic_set(&hot_config_rep, 1);
 	spin_unlock(&hot_config_spinlock);
 	// lock config hot replacement process until all 
 	// netfilter callbacks keep running
 	while (atomic_read(&hot_config_counter) > 0) {}
 	ret = yparse_args(argc, argv);
 	spin_lock(&hot_config_spinlock);
 	// relaunch youtubeUnblock
 	atomic_set(&hot_config_rep, 0);
 	spin_unlock(&hot_config_spinlock);
 	kfree(val);
 	mutex_unlock(&config_free_mutex);
 	return ret;
 }
 static int params_get(char *buffer, const struct kernel_param *kp) {
 	size_t len = print_config(buffer, 4000);
 	return len;
 }
 static const struct kernel_param_ops params_ops = {
 	.set = params_set,
 	.get = params_get,
 };
 module_param_cb(parameters, &params_ops, NULL, 0664);
 static int open_raw_socket(void) {
 	int ret = 0;
@@ -475,16 +548,22 @@ static struct nf_hook_ops ykb_hook_ops[] = {
 }
 #endif
 };
 static const size_t ykb_hooks_sz = sizeof(ykb_hook_ops) / sizeof(struct nf_hook_ops);
 #if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 3, 0)
 static int ykb_net_init(struct net *net)
 {
-	return nf_register_net_hooks(net, ykb_hook_ops, sizeof(ykb_hook_ops));
+	int ret;
 	ret = nf_register_net_hooks(net, ykb_hook_ops, ykb_hooks_sz);
 	if (ret < 0)
 		return ret;
 	return 0;
 }
 static void ykb_net_exit(struct net *net)
 {
-	nf_unregister_net_hooks(net, ykb_hook_ops, sizeof(ykb_hook_ops));
+	nf_unregister_net_hooks(net, ykb_hook_ops, ykb_hooks_sz);
 }
 static struct pernet_operations ykb_pernet_ops = {
@@ -504,12 +583,14 @@ static int __init ykb_init(void) {
 #endif
 	ret = init_config(&config);
-	if (ret < 0) goto err;
+	if (ret < 0) {
 		goto err;
 	}
 	ret = open_raw_socket();
 	if (ret < 0) {
 		lgerror(ret, "ipv4 rawsocket initialization failed!");
-		goto err;
+		goto err_config;
 	}
 #ifndef NO_IPV6
@@ -523,7 +604,7 @@ static int __init ykb_init(void) {
 #if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 3, 0)
 	ret = register_pernet_subsys(&ykb_pernet_ops);
 #else
-	ret = nf_register_hooks(ykb_hook_ops, sizeof(ykb_hook_ops));
+	ret = nf_register_hooks(ykb_hook_ops, ykb_hooks_sz);
 #endif
 	if (ret < 0)
@@ -539,6 +620,8 @@ err_close_sock:
 #endif
 err_close4_sock:
 	close_raw_socket();
 err_config:
 	free_config(config);
 err:
 	return ret;
 }
@@ -558,7 +641,7 @@ static void __exit ykb_destroy(void) {
 #if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 3, 0)
 	unregister_pernet_subsys(&ykb_pernet_ops);
 #else
-	nf_unregister_hooks(ykb_hook_ops, sizeof(ykb_hook_ops));
+	nf_unregister_hooks(ykb_hook_ops, ykb_hooks_sz);
 #endif
--- a/src/mangle.c
+++ b/src/mangle.c
@@ -142,7 +142,7 @@ int process_packet(const struct packet_data *pd) {
 		lgtrace_write();
 		lgtrace_wr("Transport payload: [ ");
-		for (int i = 0; i < min(16, transport_payload_len); i++) {
+		for (int i = 0; i < min((int)16, (int)transport_payload_len); i++) {
 			lgtrace_wr("%02x ", transport_payload[i]);
 		}
 		lgtrace_wr("]");
@@ -224,7 +224,7 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra
 		size_t fake_len = section->fake_sni_pkt_sz;
 		if (section->synfake_len) 
-			fake_len = min(section->synfake_len, fake_len);
+			fake_len = min((int)section->synfake_len, (int)fake_len);
 		size_t payload_len = iph_len + tcph_len + fake_len;
@@ -279,7 +279,6 @@ int process_tcp_packet(const struct section_config_t *section, const uint8_t *ra
 	if (vrd.target_sni) {
 		lgdebug("Target SNI detected: %.*s", vrd.sni_len, vrd.sni_ptr);
 		size_t sni_offset = vrd.sni_ptr - data;
 		size_t target_sni_offset = vrd.target_sni_ptr - data;
 		size_t payload_len = raw_payload_len;
--- a/src/quic.c
+++ b/src/quic.c
@@ -366,8 +366,6 @@ int parse_quic_decrypted(
 	const uint8_t *curptr = decrypted_message;
 	ssize_t curptr_len = decrypted_message_len;
 	ssize_t fret;
 	int ret;
 	struct tls_verdict tlsv = {0};
 	struct quic_frame_crypto fr_cr;
 	uint8_t *crypto_message = calloc(AVAILABLE_MTU, 1);
--- a/src/tls.c
+++ b/src/tls.c
@@ -45,7 +45,7 @@ int bruteforce_analyze_sni_str(
 	for (struct domains_list *sne = section->sni_domains; sne != NULL; 
 	sne = sne->next) {
-		max_domain_len = max(sne->domain_len, max_domain_len);
+		max_domain_len = max((int)sne->domain_len, max_domain_len);
 	}
 	size_t buf_size = max_domain_len + dlen + 1;
@@ -274,7 +274,7 @@ struct tls_verdict analyze_tls_data(
 		if (tls_vmajor != 0x03) break;
 		message_ptr++;
-		uint8_t tls_vminor = *message_ptr;
+		// uint8_t tls_vminor = *message_ptr;
 		message_ptr++;
 		uint16_t message_length = ntohs(*(const uint16_t *)message_ptr);
@@ -283,7 +283,7 @@ struct tls_verdict analyze_tls_data(
 		const uint8_t *tls_message_data = message_ptr;
 		// Since real length may be truncated use minimum of two
-		size_t tls_message_length = min(message_length, data_end - message_ptr);
+		size_t tls_message_length = min((int)message_length, (int)(data_end - message_ptr));
 		if (tls_content_type != TLS_CONTENT_TYPE_HANDSHAKE) 
 			goto nextMessage;