1 files changed, 0 insertions, 106 deletions

diff --git a/target/linux/generic/pending-5.10/640-18-netfilter-flowtable-handle-bridge-vlan-filter-offloa.patch b/target/linux/generic/pending-5.10/640-18-netfilter-flowtable-handle-bridge-vlan-filter-offloa.patch
deleted file mode 100644
index ba480f3520..0000000000
--- a/target/linux/generic/pending-5.10/640-18-netfilter-flowtable-handle-bridge-vlan-filter-offloa.patch
+++ /dev/null
@@ -1,106 +0,0 @@
-From: Felix Fietkau <nbd@nbd.name>
-Date: Wed, 10 Feb 2021 19:44:33 +0100
-Subject: [PATCH] netfilter: flowtable: handle bridge vlan filter offload
- tags from DSA/switchdev
-
-When a switchdev/DSA port is an untagged member of a bridge vlan, ingress
-packets could potentially be tagged with the id of the VLAN.
-When the VLAN port group has been uploaded to switchdev, report the bridge
-tag mode as DEV_PATH_BR_VLAN_UNTAG_HW instead of DEV_PATH_BR_VLAN_UNTAG
-and handle it in netfilter flow offloading by storing the tag in the tuple
-in_pvid field.
-This allows the ingress hook to detect the optional tag and remove it for
-software offload. This tag processing is for ingress only, egress needs to be
-fully untagged
-
-Signed-off-by: Felix Fietkau <nbd@nbd.name>
----
-
---- a/include/linux/netdevice.h
-+++ b/include/linux/netdevice.h
-@@ -853,6 +853,7 @@ struct net_device_path {
- 				DEV_PATH_BR_VLAN_KEEP,
- 				DEV_PATH_BR_VLAN_TAG,
- 				DEV_PATH_BR_VLAN_UNTAG,
-+				DEV_PATH_BR_VLAN_UNTAG_HW,
- 			}		vlan_mode;
- 			u16		vlan_id;
- 			__be16		vlan_proto;
---- a/include/net/netfilter/nf_flow_table.h
-+++ b/include/net/netfilter/nf_flow_table.h
-@@ -183,6 +183,10 @@ struct nf_flow_route {
- 			u32			ifindex;
- 			u16			vid[NF_FLOW_TABLE_VLAN_MAX];
- 			__be16			vproto[NF_FLOW_TABLE_VLAN_MAX];
-+			struct {
-+				u16		id;
-+				__be16		proto;
-+			} pvid;
- 			u8			num_vlans;
- 		} in;
- 		struct {
---- a/net/bridge/br_device.c
-+++ b/net/bridge/br_device.c
-@@ -435,6 +435,7 @@ static int br_fill_forward_path(struct n
- 		ctx->vlan[ctx->num_vlans].proto = path->bridge.vlan_proto;
- 		ctx->num_vlans++;
- 		break;
-+	case DEV_PATH_BR_VLAN_UNTAG_HW:
- 	case DEV_PATH_BR_VLAN_UNTAG:
- 		ctx->num_vlans--;
- 		break;
---- a/net/bridge/br_vlan.c
-+++ b/net/bridge/br_vlan.c
-@@ -1374,6 +1374,8 @@ int br_vlan_fill_forward_path_mode(struc
- 
- 	if (path->bridge.vlan_mode == DEV_PATH_BR_VLAN_TAG)
- 		path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP;
-+	else if (v->priv_flags & BR_VLFLAG_ADDED_BY_SWITCHDEV)
-+		path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG_HW;
- 	else
- 		path->bridge.vlan_mode = DEV_PATH_BR_VLAN_UNTAG;
- 
---- a/net/netfilter/nf_flow_table_core.c
-+++ b/net/netfilter/nf_flow_table_core.c
-@@ -98,6 +98,8 @@ static int flow_offload_fill_route(struc
- 		j++;
- 	}
- 	flow_tuple->in_vlan_num = route->tuple[dir].in.num_vlans;
-+	flow_tuple->in_pvid.id = route->tuple[dir].in.pvid.id;
-+	flow_tuple->in_pvid.proto = route->tuple[dir].in.pvid.proto;
- 
- 	switch (route->tuple[dir].xmit_type) {
- 	case FLOW_OFFLOAD_XMIT_DIRECT:
---- a/net/netfilter/nft_flow_offload.c
-+++ b/net/netfilter/nft_flow_offload.c
-@@ -67,6 +67,10 @@ struct nft_forward_info {
- 	const struct net_device *dev;
- 	__u16 vid[NF_FLOW_TABLE_VLAN_MAX];
- 	__be16 vproto[NF_FLOW_TABLE_VLAN_MAX];
-+	struct {
-+		__u16 id;
-+		__be16 proto;
-+	} pvid;
- 	u8 num_vlans;
- 	u8 h_source[ETH_ALEN];
- 	u8 h_dest[ETH_ALEN];
-@@ -127,6 +131,10 @@ static void nft_dev_path_info(const stru
- 				info->vproto[info->num_vlans] = path->bridge.vlan_proto;
- 				info->num_vlans++;
- 				break;
-+			case DEV_PATH_BR_VLAN_UNTAG_HW:
-+				info->pvid.id = info->vid[info->num_vlans - 1];
-+				info->pvid.proto = info->vproto[info->num_vlans - 1];
-+				fallthrough;
- 			case DEV_PATH_BR_VLAN_UNTAG:
- 				info->num_vlans--;
- 				break;
-@@ -185,6 +193,8 @@ static void nft_dev_forward_path(struct
- 		route->tuple[!dir].in.vid[i] = info.vid[i];
- 		route->tuple[!dir].in.vproto[i] = info.vproto[i];
- 	}
-+	route->tuple[!dir].in.pvid.id = info.pvid.id;
-+	route->tuple[!dir].in.pvid.proto = info.pvid.proto;
- 	route->tuple[!dir].in.num_vlans = info.num_vlans;
- 
- 	if (info.xmit_type == FLOW_OFFLOAD_XMIT_DIRECT) {