aboutsummaryrefslogtreecommitdiffstats
path: root/target/linux/generic/hack-4.14
Commit message (Collapse)AuthorAgeFilesLines
* kernel: bump 4.14 to 4.14.132Koen Vandeputte2019-07-092-2/+2
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* netfilter: fix crash in flow offload by adding netns supportHsiuWen Yen2019-06-241-2/+7
| | | | | | | | | | | | | | | | | | | | Commit fcb41decf6c6 ("config: enable some useful features on !SMALL_FLASH devices") enabled netns, which in turn lead to the crash in the flow offload target. When the flow offloading framework intends to delete a flow from the hardware table, it is necessary to retrieve the namespace from nf_flowtable->ft_net. However, no one ever wrote the namespace into nf_flowtable->ft_net in advance. So the framework will mistakenly use a NULL namespace to execute dev_get_by_index_rcu(net, ifindex), leading to the kernel panic. Ref: FS#2321 Fixes: fcb41decf6c6 ("config: enable some useful features on !SMALL_FLASH devices") Tested-by: Simon Tretter <simon@mediaarchitectu.re> Signed-off-by: HsiuWen Yen <y.hsiuwen@gmail.com> [merged patch into offload patch, fix for 4.19, SOB fix, commit subj/msg touches] Signed-off-by: Petr Štetiar <ynezz@true.cz>
* kernel: bump 4.14 to 4.14.128Koen Vandeputte2019-06-201-1/+1
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.127Koen Vandeputte2019-06-181-1/+1
| | | | | | | | | | | | | | | Refreshed all patches. Fixes: - CVE-2019-11479 - CVE-2019-11478 - CVE-2019-11477 Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: mt29f_spinand: fix memory leak during page programMantas Pucka2019-06-151-0/+90
| | | | | | | | | Memory is allocated with devm_kzalloc() on every page program and leaks until device is closed (which never happens). Convert to kzalloc() and handle error paths manually. Signed-off-by: Mantas Pucka <mantas@8devices.com>
* kernel: generic: make kernel-debug.tar.bz2 usable againPetr Štetiar2019-06-051-24/+0
| | | | | | | | | | | This patch removes 202-reduce_module_size.patch which is causing missing debug symbols in kernel modules, leading to unusable kernel-debug.tar.bz2 on all platforms, making debugging of release kernel crashes difficult. Cc: Felix Fietkau <nbd@nbd.name> Acked-by: Jonas Gorski <jonas.gorski@gmail.com> Signed-off-by: Petr Štetiar <ynezz@true.cz>
* kernel: bump 4.14 to 4.14.123Koen Vandeputte2019-06-031-1/+1
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.122Koen Vandeputte2019-06-031-2/+2
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6, x86_64 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.114Koen Vandeputte2019-05-023-4/+4
| | | | | | | | | | | | | | | | Refreshed all patches. Altered patches: - 150-bridge_allow_receiption_on_disabled_port.patch - 201-extra_optimization.patch Remove upstreamed: - 022-0006-crypto-crypto4xx-properly-set-IV-after-de-and-encryp.patch Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.111Koen Vandeputte2019-04-081-1/+1
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.103Koen Vandeputte2019-02-251-1/+1
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.99Koen Vandeputte2019-02-141-8/+8
| | | | | | | | | | | | Refreshed all patches. Remove upstreamed: - 950-0434-mmc-bcm2835-Recover-from-MMC_SEND_EXT_CSD.patch Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: fold xt_FLOWOFFLOAD fixes into the main patchFelix Fietkau2019-02-093-144/+37
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* netfilter: fix checking method of conntrack helperHsiuWen Yen2019-02-091-0/+51
| | | | | | | | | | | | | | | | This patch uses nfct_help() to detect whether an established connection needs conntrack helper instead of using test_bit(IPS_HELPER_BIT, &ct->status). The reason for this modification is that IPS_HELPER_BIT is only set when the conntrack helper is attached by explicit CT target. However, in the case that a device enables conntrack helper via the other ways (e.g., command "echo 1 > /proc/sys/net/netfilter/nf_conntrack_helper") , the status of IPS_HELPER_BIT will not present any change. That means the IPS_HELPER_BIT might lose the checking ability in the context. Signed-off-by: HsiuWen Yen <y.hsiuwen@gmail.com>
* kernel: bump 4.14 to 4.14.98Koen Vandeputte2019-02-082-8/+8
| | | | | | | | | | | | | | | Refreshed all patches. Remove upstreamed: - 100-arm-cns3xxx-fix-writing-to-wrong-PCI-registers-after.patch Altered patches: - 721-phy_packets.patch Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.97Koen Vandeputte2019-02-011-2/+2
| | | | | | | | | | | | Refreshed all patches. Adapted patches: - 012-kbuild-add-macro-for-controlling-warnings-to-linux-c.patch Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.96Koen Vandeputte2019-01-283-3/+3
| | | | | | | | | | | | Refreshed all patches. Remove upstreamed patches: - 142-jffs2-Fix-use-of-uninitialized-delayed_work-lockdep-.patch Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: Build: Split kmod-regmapHauke Mehrtens2019-01-271-9/+5
| | | | | | | | | | | | | | | | | | | | | | | This reduces the needed modifications to the mainline Linux kernel and also makes the regmap package work with an out of tree kernel which does not have these modifications. The regmap-core is only added when it is really build as a module. The regmap-core is normally bool so it cannot be built as a module in an unmodified kernel. When it is selected by on other kernel module it will always be selected as build in and it also does not show up in $(LINUX_DIR)/modules.builtin as it is not supposed to be a kernel module. When it is not in $(LINUX_DIR)/modules.builtin the build system expects it to be built as a .ko file. Just check if the module is really there and only add it in that case. This splits the regmap package into multiple packages, one for each bus type. This way only the bus maps which are really needed have to be added. This also splits the I2C, SPI and MMIO regmap into separate packages to not require all these subsystems to build them, on an unmodified upstream kernel this also causes problems in some situations. Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
* kernel: bump 4.14 to 4.14.93Stijn Tintel2019-01-144-5/+5
| | | | | | | | | | | | | Refresh patches. Remove upstreamed patches: - backport/096-mips-math-emu-Write-protect-delay-slot-emulation-pages.patch - pending/510-f2fs-fix-sanity_check_raw_super-on-big-endian-machines.patch - brcm2708/950-0415-qmi_wwan-apply-SET_DTR-quirk-to-the-SIMCOM-shared-de.patch Compile-tested: ar71xx, ath79, brcm2708/bcm27{08,10}, octeon, x86/64 Runtime-tested: ar71xx, ath79, brcm2708/bcm27{08,10}, octeon, x86/64 Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: bump 4.14 to 4.14.90Kevin Darbyshire-Bryant2018-12-241-1/+1
| | | | | | | | | | | | | | Refresh all patches Remove upstream patch: backport-4.14/424-v4.20-net-dsa-fix-88e6060-roaming.patch Minor tweak to generic/hack-4.14/902-debloat_proc.patch to cleanly apply after upstream changes. Tested-on: ath79 Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* kernel: Move modifications of b53.h into patchHauke Mehrtens2018-12-151-0/+12
| | | | | | | | | | The b53 driver was added as a dsa driver into the mainline Linux kernel, but we still use the swconfig based driver. The header file b53.h is used by both drivers, but the swconfig one needs an extra member, add this one in a patch to not overwrite the version shipped with the mainline kernel. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: bump 4.14 to 4.14.87Koen Vandeputte2018-12-102-3/+3
| | | | | | | | | | | | Refreshed all patches. Remove upstreamed: - 0008-MIPS-ralink-Fix-mt7620-nd_sd-pinmux.patch Compile-tested: cns3xxx, imx6 Runtime-tested: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.86Koen Vandeputte2018-12-104-6/+6
| | | | | | | | | | | | Refreshed all patches. Altered patches: - 180-usb-xhci-add-support-for-performing-fake-doorbell.patch Compile-tested on: ar71xx, cns3xxx, imx6 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.81Koen Vandeputte2018-11-141-1/+1
| | | | | | | | | | | | | | | Refreshed all patches. Removed upstreamed patches: - 081-spi-bcm-qspi-switch-back-to-reading-flash-using-smal.patch Altered patches: - 0054-cpufreq-dt-Handle-OPP-voltage-adjust-events Compile-tested on: cns3xxx, imx6, ipq806x, x86_64 Runtime-tested on: cns3xxx, imx6, x86_64 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.79Koen Vandeputte2018-11-053-3/+3
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6, x86_64 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.77Koen Vandeputte2018-10-193-3/+3
| | | | | | | | | | | | | | | Refreshed all patches. Altered patches: - 666-Add-support-for-MAP-E-FMRs-mesh-mode.patch New symbol for arm targets: - HARDEN_BRANCH_PREDICTOR Compile-tested on: ar71xx, cns3xxx, imx6 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.76Koen Vandeputte2018-10-161-1/+1
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx, cns3xxx, imx6 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* Revert "kernel: add a RPS balancer"Stijn Tintel2018-10-081-93/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 7af1fb9faafbc842fc727c49108f5fc4edc08601. With the RPS balancer patch, both my APU2s are crashing, sometimes just after a few minutes of uptime. [ 6241.170132] BUG: unable to handle kernel paging request at ffffffffa20a75a8 [ 6241.177248] IP: get_rps_cpu+0x41c/0x440 [ 6241.181140] PGD 2012067 P4D 2012067 PUD 2013063 PMD 0 [ 6241.186370] Oops: 0000 [#1] SMP NOPTI [ 6241.190080] Modules linked in: pppoe ppp_async pptp pppox ppp_mppe ppp_generic nf_nat_pptp nf_flow_table_ipv6 nf_flow_table_ipv4 nf_flow_table_inet nf_conntrack_pptp lzo iptable_nat ipt_REJECT ipt_MASQUERADE ftdi_sio xt_time xt_tcpudp xt_tcpmss xt_string xt_statistic xt_state xt_recent xt_quota xt_policy xt_pkttype xt_owner xt_nat xt_multiport xt_mark xt_mac xt_limit xt_length xt_hl xt_helper xt_esp xt_ecn xt_dscp xt_conntrack xt_connmark xt_connlimit xt_connbytes xt_comment xt_bpf xt_addrtype xt_TCPMSS xt_REDIRECT xt_NFQUEUE xt_LOG xt_HL xt_FLOWOFFLOAD xt_DSCP xt_CT xt_CLASSIFY wireguard usbserial ts_fsm ts_bm spidev slhc rfcomm nft_set_rbtree nft_set_hash nft_reject_ipv6 nft_reject_ipv4 nft_reject_inet nft_reject nft_redir_ipv4 nft_redir nft_quota nft_numgen nft_nat nft_meta nft_masq_ipv4 nft_masq [ 6241.261735] nft_log nft_limit nft_flow_offload nft_exthdr nft_ct nft_counter nft_chain_route_ipv6 nft_chain_route_ipv4 nft_chain_nat_ipv4 nfnetlink_queue nf_tables_ipv6 nf_tables_ipv4 nf_tables_inet nf_tables nf_reject_ipv4 nf_nat_tftp nf_nat_snmp_basic nf_nat_sip nf_nat_redirect nf_nat_proto_gre nf_nat_masquerade_ipv6 nf_nat_masquerade_ipv4 nf_nat_irc nf_conntrack_ipv6 nf_nat_ipv6 nf_conntrack_ipv4 nf_nat_ipv4 nf_nat_h323 nf_nat_ftp nf_nat_amanda nf_nat nf_log_ipv4 nf_flow_table_hw nf_flow_table nf_defrag_ipv6 nf_defrag_ipv4 nf_conntrack_tftp nf_conntrack_snmp nf_conntrack_sip nf_conntrack_rtcache nf_conntrack_proto_gre nf_conntrack_netlink nf_conntrack_irc nf_conntrack_h323 nf_conntrack_ftp nf_conntrack_broadcast ts_kmp nf_conntrack_amanda macvlan lzo_decompress lzo_compress libcrc32c kvm irqbypass [ 6241.333427] iptable_raw iptable_mangle iptable_filter ipt_ah ipt_ECN ip_tables hidp hci_uart crc_ccitt cdc_acm btusb btintel br_netfilter bnep bluetooth sch_cake tcp_bbr sch_teql em_nbyte sch_codel sch_prio sch_pie act_ipt em_meta sch_gred sch_dsmark cls_basic em_cmp em_text act_police sch_sfq sch_fq sch_multiq sch_red act_connmark nf_conntrack act_skbedit act_mirred em_u32 cls_u32 cls_tcindex cls_flow cls_route cls_fw sch_tbf sch_htb sch_hfsc sch_ingress configs evdev i2c_piix4 kfifo_buf industrialio i2c_dev xt_set ip_set_list_set ip_set_hash_netiface ip_set_hash_netport ip_set_hash_netnet ip_set_hash_net ip_set_hash_netportnet ip_set_hash_mac ip_set_hash_ipportnet ip_set_hash_ipportip ip_set_hash_ipport ip_set_hash_ipmark ip_set_hash_ip ip_set_bitmap_port ip_set_bitmap_ipmac ip_set_bitmap_ip ip_set [ 6241.405252] nfnetlink ip6t_REJECT nf_reject_ipv6 nf_log_ipv6 nf_log_common ip6table_mangle ip6table_filter ip6_tables x_tables ip_gre gre igb i2c_algo_bit ifb ip6_vti ip_vti sit l2tp_netlink l2tp_core ipcomp6 xfrm6_tunnel xfrm6_mode_tunnel xfrm6_mode_transport xfrm6_mode_beet esp6 ah6 ipcomp xfrm4_tunnel xfrm4_mode_tunnel xfrm4_mode_transport xfrm4_mode_beet esp4 ah4 ip6_tunnel tunnel6 tunnel4 ip_tunnel veth snd_compress snd_pcm_oss snd_mixer_oss snd_pcm snd_timer snd_rawmidi snd_seq_device snd_hwdep snd soundcore mpls_gso mpls_iptunnel mpls_router af_key xfrm_user xfrm_ipcomp xfrm_algo br2684 atm regmap_mmio vxlan udp_tunnel ip6_udp_tunnel ecdh_generic sha512_ssse3 sha512_generic sha256_ssse3 sha1_ssse3 seqiv jitterentropy_rng drbg md5 kpp ccp_crypto rsa_generic mpi asn1_decoder akcipher ccp sha256_generic [ 6241.477726] sha1_generic hmac ghash_generic gcm echainiv des_generic deflate zlib_deflate ctr cmac ccm cbc authenc crypto_acompress sdhci_pltfm pf_ring sp5100_tco leds_apu2 gpio_nct5104d button_hotplug ptp pps_core [ 6241.497122] CPU: 3 PID: 0 Comm: swapper/3 Not tainted 4.14.73 #0 [ 6241.503198] Hardware name: PC Engines apu2/apu2, BIOS v4.8.0.2 20180705 [ 6241.509858] task: ffff88012a0d8000 task.stack: ffffc90000070000 [ 6241.515841] RIP: 0010:get_rps_cpu+0x41c/0x440 [ 6241.520246] RSP: 0018:ffff88012ed83db0 EFLAGS: 00010286 [ 6241.525511] RAX: 00000000ffffffff RBX: 0000000000011ae8 RCX: 0000000000000001 [ 6241.532737] RDX: 00000000ffffffff RSI: ffff88012a0d8788 RDI: 0000000000000282 [ 6241.539956] RBP: ffff88012ed83e00 R08: 0000000000000001 R09: 0000000000000000 [ 6241.547183] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff82dae2e0 [ 6241.554403] R13: ffff880124de4480 R14: 0000000000000000 R15: ffff880128120000 [ 6241.561625] FS: 0000000000000000(0000) GS:ffff88012ed80000(0000) knlGS:0000000000000000 [ 6241.569820] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 6241.575651] CR2: ffffffffa20a75a8 CR3: 00000001251da000 CR4: 00000000000406e0 [ 6241.582830] Call Trace: [ 6241.585322] <IRQ> [ 6241.587372] ? lock_acquire+0x59/0x80 [ 6241.591102] netif_receive_skb_internal+0x1e4/0x2d0 [ 6241.596037] napi_gro_receive+0x48/0x90 [ 6241.599948] igb_alloc_rx_buffers+0xc97/0x1b60 [igb] [ 6241.604981] ? note_gp_changes+0x76/0xc0 [ 6241.608963] net_rx_action+0x10c/0x280 [ 6241.612752] __do_softirq+0xf0/0x22d [ 6241.616375] irq_exit+0x5e/0xa0 [ 6241.619573] do_IRQ+0xee/0x110 [ 6241.622682] common_interrupt+0x8b/0x8b [ 6241.626556] </IRQ> [ 6241.628699] RIP: 0010:native_safe_halt+0x6/0x10 [ 6241.633260] RSP: 0018:ffffc90000073e10 EFLAGS: 00000202 ORIG_RAX: ffffffffffffff3d [ 6241.640910] RAX: ffff88012a0d8000 RBX: ffff88012a190c00 RCX: 0000000000000000 [ 6241.648110] RDX: ffff88012a0d8000 RSI: 0000000000000001 RDI: ffff88012a0d8000 [ 6241.655354] RBP: ffffc90000073e10 R08: 0000000000000006 R09: 0000000000000000 [ 6241.662554] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88012a190c64 [ 6241.669791] R13: 0000000000000001 R14: 0000000000000001 R15: 0000000000000001 [ 6241.676986] acpi_safe_halt.part.9+0xe/0x20 [ 6241.681226] acpi_idle_do_entry+0x2c/0x40 [ 6241.685325] acpi_idle_enter+0x1ee/0x2b0 [ 6241.689298] ? sched_clock+0x9/0x10 [ 6241.692839] cpuidle_enter_state+0x1f2/0x230 [ 6241.697162] cpuidle_enter+0x12/0x20 [ 6241.700803] call_cpuidle+0x38/0x40 [ 6241.704335] do_idle+0xed/0x160 [ 6241.707557] cpu_startup_entry+0x6e/0x70 [ 6241.711557] start_secondary+0x1b4/0x1d0 [ 6241.715536] secondary_startup_64+0xa5/0xb0 [ 6241.719777] Code: d4 48 8d 04 9b 48 8b 35 53 a7 ac 00 48 8d 1c 43 48 83 c6 64 48 c1 e3 03 48 8d bb e8 e2 da 82 e8 cb a9 ba ff 41 8b 14 1c 48 89 d0 <48> 0f a3 15 dc dc b6 00 0f 83 46 fc ff ff 48 83 c4 28 5b 41 5c [ 6241.739100] RIP: get_rps_cpu+0x41c/0x440 RSP: ffff88012ed83db0 [ 6241.744993] CR2: ffffffffa20a75a8 [ 6241.748373] ---[ end trace 77367d9f9830d5bc ]--- Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: bump 4.14 to 4.14.74Koen Vandeputte2018-10-041-1/+1
| | | | | | | | | | | | | Refreshed all patches. Fixes CVE: - CVE-2018-7755 Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: generic: Fix nftables inet table breakageBrett Mastbergen2018-09-223-9/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | Commit b7265c59ab7d ("kernel: backport a series of netfilter cleanup patches to 4.14") added patch 302-netfilter-nf_tables_inet-don-t-use- multihook-infrast.patch. That patch switches the netfilter core in the kernel to use the new native NFPROTO_INET support. Unfortunately, the new native NFPROTO_INET support does not exist in 4.14 and was not backported along with this patchset. As such, nftables inet tables never see any traffic. As an example the following nft counter rule should increment for every packet coming into the box, but never will: nft add table inet foo nft add chain inet foo bar { type filter hook input priority 0\; } nft add rule inet foo bar counter This commit pulls in the required backport patches to add the new native NFPROTO_INET support, and thus restore nftables inet table functionality. Tested on Turris Omnia (mvebu) Fixes: b7265c59ab7d ("kernel: backport a series of netfilter cleanup ...") Signed-off-by: Brett Mastbergen <bmastbergen@untangle.com>
* kernel: bump 4.14 to 4.14.71Koen Vandeputte2018-09-212-3/+3
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.68Koen Vandeputte2018-09-072-3/+3
| | | | | | | | | | | | | | | | Refreshed all patches. Remove upstream accepted: - 330-Revert-MIPS-BCM47XX-Enable-74K-Core-ExternalSync-for.patch Altered: - 303-v4.16-netfilter-nf_tables-remove-multihook-chains-and-fami.patch - 308-mips32r2_tune.patch Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* generic: add flow_offload accountingJohn Crispin2018-08-281-0/+70
| | | | | | | This patch makes the flow offloading layer account for the traffic inside the conntack entries. Signed-off-by: John Crispin <john@phrozen.org>
* kernel: add a RPS balancerJohn Crispin2018-08-281-0/+93
| | | | | | | | | By default the RPS delegation will happen by masking the last few bits of skb->hash. This patch adds an inermediate hash bucket that maps the masked hash to a RPS core. This makes RPS results much more deterministic on SMP systems. Signed-off-by: John Crispin <john@phrozen.org>
* kernel: modules: fix kmod-regmap reduxChristian Lamparter2018-08-061-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Jonas Gorski commented on the previous patch: |This is actually the wrong fix and papers over an issue in one of our |local patches. | |We intentionally allow regmap to be built as a module, see | |/target/linux/generic/hack-4.14/259-regmap_dynamic.patch |[...] |[The regulator code] optionally supports regmap thanks to the stubs |provided if regmap is disabled - which breaks if you compile regmap |as a module. In order to mitigate this issue, this patch reverts the previous patch and replaces the existing IS_ENABLED(CONFIG_REGMAP) with IS_REACHABLE(CONFIG_REGMAP). This solves this particular issue as the regulator code will now automatically fallback to the regmap stubs in case the kmod-regmap module is enabled, but nothing else sets CONFIG_REGMAP=y. Note: There's still a potential issue that this patch doesn't solve: If someone ever wants to make a OpenWrt kernel package for a regulator module that requires the REGMAP feature for a target that doesn't set CONFIG_REGMAP=y but has CONFIG_REGULATOR=y, the resulting kmod-regulator-xyz package will not work on the target. Luckily, there aren't any in-tree OpenWrt kernel module packages for regulators at the moment. On the bright side: regmap is a critical part nowadays and all new and upcoming architectures require it by default. This will likely only ever be a problem for legacy targets and devices that cannot afford to enable REGMAP. Cc: Jonas Gorski <jonas.gorski@gmail.com> Cc: John Crispin <john@phrozen.org> Fixes: d00913d1215b ("kernel: modules: fix kmod-regmap") Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* kernel: bump 4.14 to 4.14.60Koen Vandeputte2018-08-031-1/+1
| | | | | | | | | | | | Refreshed all patches Removed upstreamed patches: - 500-ext4-fix-check-to-prevent-initializing-reserved-inod.patch Compile-tested on: cns3xxx, imx6, x86_64 Runtime-tested on: cns3xxx, imx6, x86_64 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.59Stijn Tintel2018-07-314-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Drop patch that was superseded upstream: ramips/0036-mtd-fix-cfi-cmdset-0002-erase-status-check.patch Drop upstreamed patches: - apm821xx/020-0001-crypto-crypto4xx-remove-bad-list_del.patch - apm821xx/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch - ath79/0011-MIPS-ath79-fix-register-address-in-ath79_ddr_wb_flus.patch - brcm63xx/001-4.15-08-bcm63xx_enet-correct-clock-usage.patch - brcm63xx/001-4.15-09-bcm63xx_enet-do-not-write-to-random-DMA-channel-on-B.patch - generic/backport/080-net-convert-sock.sk_wmem_alloc-from-atomic_t-to-refc.patch - generic/pending/170-usb-dwc2-Fix-DMA-alignment-to-start-at-allocated-boun.patch - generic/pending/900-gen_stats-fix-netlink-stats-padding.patch In 4.14.55, a patch was introduced that breaks ext4 images in some cases. The newly introduced patch backport-4.14/500-ext4-fix-check-to-prevent-initializing-reserved-inod.patch addresses this breakage. Fixes the following CVEs: - CVE-2018-10876 - CVE-2018-10877 - CVE-2018-10879 - CVE-2018-10880 - CVE-2018-10881 - CVE-2018-10882 - CVE-2018-10883 Compile-tested: ath79, octeon, x86/64 Runtime-tested: ath79, octeon, x86/64 Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: replace bridge port isolate hack with upstream patch backport on 4.14Felix Fietkau2018-07-112-80/+3
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* kernel: adjust bridge port isolate patch to match upstream attribute namingFelix Fietkau2018-07-111-2/+2
| | | | | | | | Newer kernels have a patch that implements compatible functionality directly. Adjust the attribute of our own patch in preparation for dropping it later Signed-off-by: Felix Fietkau <nbd@nbd.name>
* kernel: bump 4.14 to 4.14.54Koen Vandeputte2018-07-111-1/+1
| | | | | | | | | | | | Rereshed all patches Reworked patches to match upstream: 335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch Compile-tested on: cns3xxx, imx6, x86_64 Runtime-tested on: cns3xxx, imx6, x86_64 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.52Koen Vandeputte2018-07-021-7/+2
| | | | | | | | | Refreshed all patches Compile-tested on: cns3xxx, imx6, x86_64 Runtime-tested on: cns3xxx, imx6, x86_64 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.51Kevin Darbyshire-Bryant2018-06-261-2/+2
| | | | | | | | | | | | | | | | | | | | | | | The sender domain has a DMARC Reject/Quarantine policy which disallows sending mailing list messages using the original "From" header. To mitigate this problem, the original message has been wrapped automatically by the mailing list software. Refresh patches. Remove patch that can be reverse applied: mvebu/patches-4.14/530-ATA-ahci_mvebu-enable-stop_engine-override.patch mvebu/patches-4.14/531-ATA-ahci_mvebu-pmp-stop-errata-226.patch Update patch that no longer applied: ipq806x/patches-4.14/0035-clk-mux-Split-out-register-accessors-for-reuse.patch Compiled-tested-for: lantiq, ramips Run-tested-on: lantiq BT hh5a, ramips MIR3g Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> Tested-by: Michael Yartys <michael.yartys@protonmail.com> Tested-by: Rosen Penev <rosenp@gmail.com>
* kernel: cleanup offload hooks on netdev unregisterChen Minqiang2018-06-221-0/+96
| | | | Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
* kernel: avoid flow offload for connections with xfrm on the dst entry ↵Felix Fietkau2018-06-131-1/+4
| | | | | | (should fix IPSec) Signed-off-by: Felix Fietkau <nbd@nbd.name>
* kernel: bump 4.14 to 4.14.48Stijn Tintel2018-06-055-8/+8
| | | | | | | | | | | | | | | | | | Remove upstreamed patches: generic/pending/101-clocksource-mips-gic-timer-fix-clocksource-counter-w.patch generic/pending/103-MIPS-c-r4k-fix-data-corruption-related-to-cache-coherence.patch generic/pending/182-net-qmi_wwan-add-BroadMobi-BM806U-2020-2033.patch lantiq/0025-MIPS-lantiq-gphy-Remove-reboot-remove-reset-asserts.patch Update patches that no longer apply: generic/pending/811-pci_disable_usb_common_quirks.patch ath79/0009-MIPS-ath79-add-lots-of-missing-registers.patch Fixes CVE-2018-6412. Compile-tested: octeon, x86/64. Runtime-tested: octeon, x86/64. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: bump 4.14 to 4.14.44Stijn Tintel2018-05-291-1/+1
| | | | | | | | | | | | | | Refresh patches. Remove upstreamed patch: generic/pending/181-net-usb-add-lte-modem-wistron-neweb-d18q1.patch Update patches that no longer applies: generic/hack/901-debloat_sock_diag.patch Compile-tested on: x86/64. Runtime-tested on: x86/64. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: bump 4.14 to 4.14.34Stijn Tintel2018-04-162-5/+5
| | | | | | | | | | | | | Refresh patches. Update patches that no longer apply: - backport/313-netfilter-remove-defensive-check-on-malformed-packet.patch - pending/642-net-8021q-support-hardware-flow-table-offload.patch Compile-tested: x86/64. Runtime-tested: x86/64. Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de> Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: fix xtables flow offload issuesFelix Fietkau2018-04-051-4/+5
| | | | | | | - avoid using garbage stack values as dst pointer if lookup fails - provide the source address for ipv6 dst lookup Signed-off-by: Felix Fietkau <nbd@nbd.name>
* kernel: add support for enabling hardware flow offload via iptablesFelix Fietkau2018-04-051-1/+34
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* kernel: update kernel 4.14 to 4.14.32Hauke Mehrtens2018-04-032-3/+3
| | | | | | | | | | | | | The following patches are now included upstream: * 0052-MIPS-lantiq-fix-usb-clocks.patch * 0053-MIPS-lantiq-enable-AHB-Bus-for-USB.patch * 0060-lantiq-ase-enable-MFD-SYSCON.patch Closes: FS#1466 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> Tested-by: Stijn Segers <foss@volatilesystems.org> Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>