aboutsummaryrefslogtreecommitdiffstats
path: root/target/linux/generic
Commit message (Collapse)AuthorAgeFilesLines
* generic ar8xxx: increase VLAN table for AR83x7David Bauer2019-11-303-9/+13
| | | | | | | | | | | | | The Atheros AR8327 and AR8337 have (according to their datasheet) a VLAN table with a maximum of 4096 entries. Currently, there's a hard limit of 128 VLANs, which is the same as for most other Atheros switches. Increase this limit only for the AR83x7 series and modify some shared functions to allow them to work with a variable max VLAN count. Signed-off-by: David Bauer <mail@david-bauer.net> (cherry picked from commit 3f79aaa2979793c054eae2c8b4058c8c7fccdbe7)
* kernel: bump 4.14 to 4.14.156Koen Vandeputte2019-11-293-10/+10
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: nf_conntrack_rtcache: fix WARNING on rmmodYousong Zhou2019-11-231-3/+1
| | | | | | | | Fixes b7c58a1ee ("kernel: nf_conntrack_rtcache: fix cleanup on netns delete and rmmod") Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com> (cherry picked from commit b3779e920ebaa168eaf18ac1140774c32b6ec6b6)
* kernel: nf_conntrack_rtcache: fix WARNING on forward pathYousong Zhou2019-11-231-11/+1
| | | | | | | | | | Fixes b7c58a1ee ("kernel: nf_conntrack_rtcache: fix cleanup on netns delete and rmmod") Resolves FS#2624 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com> (cherry picked from commit 1c5df850a07690451f2878a310c0ea67d0690836)
* kernel: nf_conntrack_rtcache: fix cleanup on netns delete and rmmodYousong Zhou2019-11-231-1/+13
| | | | | | | | | Fixes FS#1472, FS#2353, FS#2426 Fixes: b3f95490 ("kernel: generic: Add kernel 4.14 support") Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com> Acked-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit b7c58a1eeba5be2e1f77ec05b417be9d87e26916)
* kernel: Add missing configuration optionHauke Mehrtens2019-11-221-0/+1
| | | | | | | | This was found by the build bot. Fixes: db345220b485 ("kernel: bump 4.14 to 4.14.155") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 103e49f62e72664ee0d5285007907a75960e8645)
* kernel: bump 4.14 to 4.14.154Koen Vandeputte2019-11-1916-36/+37
| | | | | | | | | | | | | | | | | | | | | | | | | | | Refreshed all patches. Altered patches: - 902-debloat_proc.patch - 040-dmaengine-qcom-bam-Process-multiple-pending-descript.patch - 807-usb-support-layerscape.patch - 809-flexcan-support-layerscape.patch - 816-pcie-support-layerscape.patch Remove upstreamed: - 303-spi-nor-enable-4B-opcodes-for-mx66l51235l.patch New symbols: X86_INTEL_MPX X86_INTEL_MEMORY_PROTECTION_KEYS CONFIG_X86_INTEL_TSX_MODE_OFF X86_INTEL_TSX_MODE_ON X86_INTEL_TSX_MODE_AUTO SGL_ALLOC Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.152Koen Vandeputte2019-11-121-2/+2
| | | | | | | | | | | | | | | Refreshed all patches. Altered patches: - 301-arch-support-layerscape.patch Remove upstreamed: - 950-0311-sc16is7xx-Fix-for-Unexpected-interrupt-8.patch Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: fix LED netdev trigger on interface renameMartin Schiller2019-11-091-0/+49
| | | | | | | | | | | This fixes the netdev LED trigger for interfaces, which are renamed during initialization (e.g. ppp interfaces). Fixes: FS#2193 Fixes: FS#2239 Signed-off-by: Martin Schiller <ms@dev.tdt.de> Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit edbadec843a77286d4f690a3641b7bca97f4c998)
* kernel: bump 4.14 to 4.14.151Koen Vandeputte2019-10-311-2/+2
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.150Koen Vandeputte2019-10-301-1/+1
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.149Koen Vandeputte2019-10-1517-105/+105
| | | | | | | | | | | | Refreshed all patches. Altered patches: - 820-sec-support-layerscape.patch Compile-tested on: ar71xx, brcm2708, cns3xxx, imx6, layerscape, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: Fix off-by-one error in FIT mtd partition search.Oldřich Jedlička2019-10-091-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | This fixes off-by-one error introduced in commit dc76900021b8 ("kernel: Correctly search for the FIT image in mtd partition.") Function `mtd_read` starts reading at `offset` and needs `hdr_len` number of bytes to be available. Suppose the easiest case when `offset` is `0` and `hdr_len` equals to `mtd->size` - the `for` loop will not be entered even when enough bytes are available to be read. Same happens for any non-zero `offset`, when `hdr_len` is just enough bytes to be read until `mtd->size` is reached. Imagine that for example `mtd->size=5`, `offset=4` and `hdr_len=1`. Then `offset+hdr_len=5` and the check has to be `offset+hdr_len <= mtd->size`, i.e. `5 <= 5`. The check for `offset + hdr_len` value needs to be inclusive, therefore use `<=`. Fixes: dc76900021b8 ("kernel: Correctly search for the FIT image in mtd partition.") Signed-off-by: Oldřich Jedlička <oldium.pro@gmail.com> [adjusted commit ref, fixes tag] Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit e0ce80d42ace6feba509da16795ab0eb81cf5bf4)
* kernel: Correctly search for the FIT image in mtd partition.Fredrik Olofsson2019-10-091-2/+2
| | | | | | | Previously all iterations of the loop checked offset=0 in the partition. Signed-off-by: Fredrik Olofsson <fredrik.olofsson@anyfinetworks.com> (cherry picked from commit dc76900021b880820adf981bb7b1cf5ff3ffe1fd)
* kernel: bump 4.14 to 4.14.148Koen Vandeputte2019-10-084-4/+4
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.147Koen Vandeputte2019-10-083-4/+4
| | | | | | | | | | | | | Refreshed all patches. Altered patches: - 403-mtd_fix_cfi_cmdset_0002_status_check.patch (ar71xx) - 403-mtd_fix_cfi_cmdset_0002_status_check.patch (ath79) Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Compile-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: add missing symbol when enabling PTP supportKoen Vandeputte2019-10-081-0/+1
| | | | | | | | | | | | | | | | Discovered by enabling PTP_1588_CLOCK: net/sched/Kconfig:44: warning: menuconfig statement without prompt * * Restart config... * * * PTP clock support * PTP clock support (PTP_1588_CLOCK) [Y/n/?] y Driver for the National Semiconductor DP83640 PHYTER (DP83640_PHY) [N/m/y/?] (NEW) Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: port upstream nft_flow_offload changes to xt_FLOWOFFLOAD and fix ↵Felix Fietkau2019-09-268-121/+170
| | | | | | | | | | | routing issues Replace an old cleanup patch that never made it upstream with the proper upstream fix. This patch was incompatible with the recent changes that affected the way that the flow tuple dst entry was used. Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commits 442ecce76169d and c8933ce533656)
* netfilter: fix crash in flow offload by adding netns supportHsiuWen Yen2019-09-261-2/+7
| | | | | | | | | | | | | | | | | | | | | Commit fcb41decf6c6 ("config: enable some useful features on !SMALL_FLASH devices") enabled netns, which in turn lead to the crash in the flow offload target. When the flow offloading framework intends to delete a flow from the hardware table, it is necessary to retrieve the namespace from nf_flowtable->ft_net. However, no one ever wrote the namespace into nf_flowtable->ft_net in advance. So the framework will mistakenly use a NULL namespace to execute dev_get_by_index_rcu(net, ifindex), leading to the kernel panic. Ref: FS#2321 Fixes: fcb41decf6c6 ("config: enable some useful features on !SMALL_FLASH devices") Tested-by: Simon Tretter <simon@mediaarchitectu.re> Signed-off-by: HsiuWen Yen <y.hsiuwen@gmail.com> [merged patch into offload patch, fix for 4.19, SOB fix, commit subj/msg touches] Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry-picked from commit d344591e72e5ca96a2bf70a2df38961553185ce8)
* kernel: bump 4.14 to 4.14.146Koen Vandeputte2019-09-241-1/+1
| | | | | | | | | | | | | | | Refreshed all patches. Fixes: - CVE-2019-14814 - CVE-2019-14815 - CVE-2019-14816 - CVE-2019-14821 Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: add disable_eap_hack sysfs attributeEtienne Champetier2019-09-231-4/+55
| | | | | | | | We are not sure if 640-bridge-only-accept-EAP-locally.patch is still needed as a first step, add disable_eap_hack sysfs config to allow to disable it Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com> (cherry picked from commit 7d542dc8047d276517b296132926e722004065e0)
* kernel: bump 4.14 to 4.14.145Koen Vandeputte2019-09-204-8/+8
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.144Koen Vandeputte2019-09-201-2/+2
| | | | | | | | | | | | | | | Refreshed all patches. Altered patches: - 816-pcie-support-layerscape.patch Fixes: - CVE-2019-15030 Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* ar71xx: make IRQ fixes target specificKoen Vandeputte2019-09-141-57/+0
| | | | | | | | | | | Move the IRQ fix from generic to ar71xx specific. Other targets like ath79 have specific pathes to delete this code. This resulted in a build failure on ath79 Fixes: 00d48bcac08a ("ar71xx: Fix potentially missed IRQ handling during dispatch") Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* ar71xx: Fix potentially missed IRQ handling during dispatchKoen Vandeputte2019-09-131-0/+57
| | | | | | | | | | | If both interrupts are set in the current implementation only the 1st will be handled and the 2nd will be skipped due to the "if else" condition. Fix this by using the same approach as done for QCA955x just below it. Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.143Koen Vandeputte2019-09-132-291/+1
| | | | | | | | | | | | Refreshed all patches. Remove upstreamed: - 390-v5.3-net-sched-fix-action-ipt-crash.patch Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: net_sched: fix a NULL pointer deref in ipt actionCong Wang2019-09-082-1/+291
| | | | | | | | | | | | | | | | | | | | | The net pointer in struct xt_tgdtor_param is not explicitly initialized therefore is still NULL when dereferencing it. So we have to find a way to pass the correct net pointer to ipt_destroy_target(). The best way I find is just saving the net pointer inside the per netns struct tcf_idrinfo, which could make this patch smaller. Fixes: 0c66dc1ea3f0 ("netfilter: conntrack: register hooks in netns when needed by ruleset") Reported-and-tested-by: Tony Ambardar <itugrok@xxxxxxxxx> Cc: Jamal Hadi Salim <jhs@xxxxxxxxxxxx> Cc: Jiri Pirko <jiri@xxxxxxxxxxx> Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com> [Backport for kernel v4.19 and v4.14] [Bug Link: https://bugzilla.kernel.org/show_bug.cgi?id=204681] Signed-off-by: Tony Ambardar <itugrok@yahoo.com> (cherry picked from commit 7735cce0c5c306bd9eea20ca2805e4a492c02be9)
* kernel: bump 4.14 to 4.14.140Koen Vandeputte2019-08-282-4/+4
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.139Koen Vandeputte2019-08-271-1/+1
| | | | | | | | | | | | Refreshed all patches. Also add a missing symbol for x86 which got used now in this bump. - ISCSI_IBFT Compile-tested on: cns3xxx, x86_64 Runtime-tested on: cns3xxx, x86_64 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: Activate CONFIG_OPTIMIZE_INLININGHauke Mehrtens2019-08-172-9/+104
| | | | | | | | | | | | | | | | | | | | | | | | This will reduce the size of the kernel if CONFIG_CC_OPTIMIZE_FOR_SIZE is set like for all targets with small_flash feature flag. I haven't seen any changes for an ARM64 target which optimizes the kernel for speed instead. On the ath79/tiny target the uncompressed kernel size was reduced by 3.2% and the compressed kernel size by 2.1% kernel size with CONFIG_OPTIMIZE_INLINING=n 4346412 build_dir/target-mips_24kc_musl/linux-ath79_tiny/vmlinux 1391169 build_dir/target-mips_24kc_musl/linux-ath79_tiny/tplink_tl-wr941-v4-kernel.bin Kernel size with CONFIG_OPTIMIZE_INLINING=y 4212396 build_dir/target-mips_24kc_musl/linux-ath79_tiny/vmlinux 1362051 build_dir/target-mips_24kc_musl/linux-ath79_tiny/tplink_tl-wr941-v4-kernel.bin This change is currently pending for kernel 5.2 and already in linux-next, this updates our patch to match the upstream version. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 6dac1c0a9b94b62b6412b74a8997f728570f36be)
* kernel: bump 4.14 to 4.14.138Koen Vandeputte2019-08-142-13/+13
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.137Koen Vandeputte2019-08-094-6/+6
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.136Koen Vandeputte2019-08-0616-26/+26
| | | | | | | | | | | | | | | | | | | | | Refreshed all patches. Altered patches: - 306-v4.16-netfilter-remove-saveroute-indirection-in-struct-nf_.patch Remove upstreamed: - 100-powerpc-4xx-uic-clear-pending-interrupt-after-irq-ty.patch - 088-0002-i2c-qup-fixed-releasing-dma-without-flush-operation.patch - 500-arm64-dts-marvell-Fix-A37xx-UART0-register-size.patch Fixes: - CVE-2019-13648 - CVE-2019-10207 Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.134Koen Vandeputte2019-07-312-48/+1
| | | | | | | | | | | | | | | | Refreshed all patches. Remove upstreamed: - 049-v4.20-mips-remove-superfluous-check-for-linux.patch Fixes: - CVE-2019-3846 - CVE-2019-3900 Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: cherry pick patch removing __linux__ checkFredrik Olofsson2019-07-101-0/+47
| | | | | | | | | | | This is already included in newer upstream. Needed to build BPF programs using the MIPS kernel include files. Without this patch, clang fails with "#error Use a Linux compiler or give up." in sgidefs.h when building BPF programs. Signed-off-by: Fredrik Olofsson <fredrik.olofsson@anyfinetworks.com> (cherry-picked from commit 7d96c301d6afc9f360c26b404e435e8e03c1e207)
* kernel: bump 4.14 to 4.14.132Koen Vandeputte2019-07-094-7/+7
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.130Koen Vandeputte2019-06-251-1/+1
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.129Koen Vandeputte2019-06-244-23/+5
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: update act_ctinfoKevin Darbyshire-Bryant2019-06-201-10/+28
| | | | | | | | Follow upstream changes - header file changes no executable difference at all Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> (cherry picked from commit 5273fb6b21b953428e2f9ea5892872db5aaf22c1)
* kernel: bump 4.14 to 4.14.128Koen Vandeputte2019-06-206-15/+15
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.127Koen Vandeputte2019-06-182-3/+3
| | | | | | | | | | | | | | | Refreshed all patches. Fixes: - CVE-2019-11479 - CVE-2019-11478 - CVE-2019-11477 Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.126Koen Vandeputte2019-06-182-1/+111
| | | | | | | | | | | | | | | | | | Refreshed all patches. Altered patches: - 816-pcie-support-layerscape.patch This patch also restores the initial implementation of the ath79 perfcount IRQ issue. (78ee6b1a40b5) It was wrongfully backported upstream initially and got reverted now. Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com> Signed-off-by: Petr Štetiar <ynezz@true.cz> Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* kernel: backport 4.18 patch adding DMI_PRODUCT_SKURafał Miłecki2019-06-171-0/+57
| | | | | | | | | | It's needed for applying some hardware quirks. This fixes: drivers/net/wireless/broadcom/brcm80211/brcmfmac/dmi.c:60:20: error: 'DMI_PRODUCT_SKU' undeclared here (not in a function); did you mean 'DMI_PRODUCT_UUID'? DMI_EXACT_MATCH(DMI_PRODUCT_SKU, "T8"), Fixes: c52054e568d1 ("mac80211: brcm: backport remaining brcmfmac 5.2 patches") Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 4d11c4c3784196ed3e5b5a1f81fa415d99ef32b0)
* kernel: mt29f_spinand: fix memory leak during page programMantas Pucka2019-06-151-0/+90
| | | | | | | | | Memory is allocated with devm_kzalloc() on every page program and leaks until device is closed (which never happens). Convert to kzalloc() and handle error paths manually. Signed-off-by: Mantas Pucka <mantas@8devices.com>
* kernel: bump 4.14 to 4.14.125 (FS#2305 FS#2297)Koen Vandeputte2019-06-124-25/+3
| | | | | | | | | | | | | | | | Refreshed all patches. This bump contains upstream commits which seem to avoid (not properly fix) the errors as seen in FS#2305 and FS#2297 Altered patches: - 403-net-mvneta-convert-to-phylink.patch - 410-sfp-hack-allow-marvell-10G-phy-support-to-use-SFP.patch Compile-tested on: ar71xx, cns3xxx, imx6, mvebu, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6, x86_64 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: drop everything not on kernel version 4.14Daniel Golle2019-06-12380-66506/+0
| | | | | | | | | | * Remove testing patches for kernel version 4.19 * remove targets ar7, ixp4xx, orion Those targets are still on kernel 4.9, patches for 4.14 were not ready in time. They may be readded once people prepare and test patches for kernel 4.14. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* mpc85xx: convert TL-WDR4900 v1 to simpleImageChristian Lamparter2019-06-102-0/+59
| | | | | | | | | | | | | | | | | Converts the TP-Link WDR4900 v1 to use the simpleImage in the hopes of prolonging the life of the device. While at it, the patch makes the fdt.bin an ARTIFACT and sets the KERNEL_SIZE to 2684 KiB as a precaution since the stock u-boot is using a fixed kernel size. Note: Give the image some time, it will take much longer to extract and boot. [tested for 4.14/4.19] Signed-off-by: Christian Lamparter <chunkeey@gmail.com> Co-authored-by: Pawel Dembicki <paweldembicki@gmail.com> Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
* kernel: re-add bridge allow reception on disabled portChen Minqiang2019-06-073-9/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The "bridge allow reception on disabled port" implementation was broken after these commits: 08802d93e2c1 ("kernel: bump 4.19 to 4.19.37") b765f4be407c ("kernel: bump 4.14 to 4.14.114") 456f486b53a7 ("kernel: bump 4.9 to 4.9.171") This leads to issues when for example WDS is used, tied to a bridge: [ 96.503771] wlan1: send auth to d4:5f:25:eb:09:82 (try 1/3) [ 96.517956] wlan1: authenticated [ 96.526209] wlan1: associate with d4:5f:25:eb:09:82 (try 1/3) [ 97.086156] wlan1: associate with d4:5f:25:eb:09:82 (try 2/3) [ 97.200919] wlan1: RX AssocResp from d4:5f:25:eb:09:82 (capab=0x11 status=0 aid=1) [ 97.208706] wlan1: associated [ 101.312913] wlan1: deauthenticated from d4:5f:25:eb:09:82 (Reason: 2=PREV_AUTH_NOT_VALID) It seems upstream introduced a new patch, [1] so we have to reimplement these patches properly: target/linux/generic/pending-4.9/150-bridge_allow_receiption_on_disabled_port.patch target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch target/linux/generic/pending-4.19/150-bridge_allow_receiption_on_disabled_port.patch [1] https://lkml.org/lkml/2019/4/24/1228 Fixes: 08802d93e2c1 ("kernel: bump 4.19 to 4.19.37") Fixes: b765f4be407c ("kernel: bump 4.14 to 4.14.114") Fixes: 456f486b53a7 ("kernel: bump 4.9 to 4.9.171") Signed-off-by: Chen Minqiang <ptpt52@gmail.com> [updated commit message and title] Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: backport act_ctinfoKevin Darbyshire-Bryant2019-06-062-0/+1201
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ctinfo is a new tc filter action module. It is designed to restore information contained in firewall conntrack marks to other packet fields and is typically used on packet ingress paths. At present it has two independent sub-functions or operating modes, DSCP restoration mode & skb mark restoration mode. The DSCP restore mode: This mode copies DSCP values that have been placed in the firewall conntrack mark back into the IPv4/v6 diffserv fields of relevant packets. The DSCP restoration is intended for use and has been found useful for restoring ingress classifications based on egress classifications across links that bleach or otherwise change DSCP, typically home ISP Internet links. Restoring DSCP on ingress on the WAN link allows qdiscs such as but by no means limited to CAKE to shape inbound packets according to policies that are easier to set & mark on egress. Ingress classification is traditionally a challenging task since iptables rules haven't yet run and tc filter/eBPF programs are pre-NAT lookups, hence are unable to see internal IPv4 addresses as used on the typical home masquerading gateway. Thus marking the connection in some manner on egress for later restoration of classification on ingress is easier to implement. Parameters related to DSCP restore mode: dscpmask - a 32 bit mask of 6 contiguous bits and indicate bits of the conntrack mark field contain the DSCP value to be restored. statemask - a 32 bit mask of (usually) 1 bit length, outside the area specified by dscpmask. This represents a conditional operation flag whereby the DSCP is only restored if the flag is set. This is useful to implement a 'one shot' iptables based classification where the 'complicated' iptables rules are only run once to classify the connection on initial (egress) packet and subsequent packets are all marked/restored with the same DSCP. A mask of zero disables the conditional behaviour ie. the conntrack mark DSCP bits are always restored to the ip diffserv field (assuming the conntrack entry is found & the skb is an ipv4/ipv6 type) e.g. dscpmask 0xfc000000 statemask 0x01000000 |----0xFC----conntrack mark----000000---| | Bits 31-26 | bit 25 | bit24 |~~~ Bit 0| | DSCP | unused | flag |unused | |-----------------------0x01---000000---| | | | | ---| Conditional flag v only restore if set |-ip diffserv-| | 6 bits | |-------------| The skb mark restore mode (cpmark): This mode copies the firewall conntrack mark to the skb's mark field. It is completely the functional equivalent of the existing act_connmark action with the additional feature of being able to apply a mask to the restored value. Parameters related to skb mark restore mode: mask - a 32 bit mask applied to the firewall conntrack mark to mask out bits unwanted for restoration. This can be useful where the conntrack mark is being used for different purposes by different applications. If not specified and by default the whole mark field is copied (i.e. default mask of 0xffffffff) e.g. mask 0x00ffffff to mask out the top 8 bits being used by the aforementioned DSCP restore mode. |----0x00----conntrack mark----ffffff---| | Bits 31-24 | | | DSCP & flag| some value here | |---------------------------------------| | | v |------------skb mark-------------------| | | | | zeroed | | |---------------------------------------| Overall parameters: zone - conntrack zone control - action related control (reclassify | pipe | drop | continue | ok | goto chain <CHAIN_INDEX>) Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> Reviewed-by: Toke Høiland-Jørgensen <toke@redhat.com> Acked-by: Cong Wang <xiyou.wangcong@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net> Make suitable adjustments for backporting to 4.14 & 4.19 and add to SCHED_MODULES_FILTER Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* kernel: handle CFQ_GROUP_IOSCHED/CGROUP_HUGETLB in config-4.14Yangbo Lu2019-06-061-0/+2
| | | | | | | | The generic config-4.14 should handle below configs. - CONFIG_CFQ_GROUP_IOSCHED - CONFIG_CGROUP_HUGETLB Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-06 22:06:41 +0000