From de1431b5898d104f185deadee82851eb912320e9 Mon Sep 17 00:00:00 2001 From: Chen Minqiang Date: Fri, 10 May 2019 19:13:07 +0800 Subject: kernel: re-add bridge allow reception on disabled port The "bridge allow reception on disabled port" implementation was broken after these commits: 08802d93e2c1 ("kernel: bump 4.19 to 4.19.37") b765f4be407c ("kernel: bump 4.14 to 4.14.114") 456f486b53a7 ("kernel: bump 4.9 to 4.9.171") This leads to issues when for example WDS is used, tied to a bridge: [ 96.503771] wlan1: send auth to d4:5f:25:eb:09:82 (try 1/3) [ 96.517956] wlan1: authenticated [ 96.526209] wlan1: associate with d4:5f:25:eb:09:82 (try 1/3) [ 97.086156] wlan1: associate with d4:5f:25:eb:09:82 (try 2/3) [ 97.200919] wlan1: RX AssocResp from d4:5f:25:eb:09:82 (capab=0x11 status=0 aid=1) [ 97.208706] wlan1: associated [ 101.312913] wlan1: deauthenticated from d4:5f:25:eb:09:82 (Reason: 2=PREV_AUTH_NOT_VALID) It seems upstream introduced a new patch, [1] so we have to reimplement these patches properly: target/linux/generic/pending-4.9/150-bridge_allow_receiption_on_disabled_port.patch target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch target/linux/generic/pending-4.19/150-bridge_allow_receiption_on_disabled_port.patch [1] https://lkml.org/lkml/2019/4/24/1228 Fixes: 08802d93e2c1 ("kernel: bump 4.19 to 4.19.37") Fixes: b765f4be407c ("kernel: bump 4.14 to 4.14.114") Fixes: 456f486b53a7 ("kernel: bump 4.9 to 4.9.171") Signed-off-by: Chen Minqiang [updated commit message and title] Signed-off-by: Koen Vandeputte --- .../150-bridge_allow_receiption_on_disabled_port.patch | 8 +++++--- .../150-bridge_allow_receiption_on_disabled_port.patch | 8 +++++--- .../150-bridge_allow_receiption_on_disabled_port.patch | 8 +++++--- 3 files changed, 15 insertions(+), 9 deletions(-) diff --git a/target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch b/target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch index 4a53161477..d50280a881 100644 --- a/target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch +++ b/target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch @@ -27,7 +27,7 @@ Signed-off-by: Felix Fietkau /* return 1 to signal the okfn() was called so it's ok to use the skb */ return 1; -@@ -332,6 +335,15 @@ rx_handler_result_t br_handle_frame(stru +@@ -332,6 +335,17 @@ rx_handler_result_t br_handle_frame(stru forward: switch (p->state) { @@ -35,9 +35,11 @@ Signed-off-by: Felix Fietkau + if (ether_addr_equal(p->br->dev->dev_addr, dest)) + skb->pkt_type = PACKET_HOST; + -+ NF_HOOK(NFPROTO_BRIDGE, NF_BR_PRE_ROUTING, ++ if (NF_HOOK(NFPROTO_BRIDGE, NF_BR_PRE_ROUTING, + dev_net(skb->dev), NULL, skb, skb->dev, NULL, -+ br_handle_local_finish); ++ br_handle_local_finish) == 1) { ++ return RX_HANDLER_PASS; ++ } + break; + case BR_STATE_FORWARDING: diff --git a/target/linux/generic/pending-4.19/150-bridge_allow_receiption_on_disabled_port.patch b/target/linux/generic/pending-4.19/150-bridge_allow_receiption_on_disabled_port.patch index 9d9e3a05c3..2afdeef41a 100644 --- a/target/linux/generic/pending-4.19/150-bridge_allow_receiption_on_disabled_port.patch +++ b/target/linux/generic/pending-4.19/150-bridge_allow_receiption_on_disabled_port.patch @@ -25,7 +25,7 @@ Signed-off-by: Felix Fietkau __br_handle_local_finish(skb); /* return 1 to signal the okfn() was called so it's ok to use the skb */ -@@ -291,6 +294,15 @@ rx_handler_result_t br_handle_frame(stru +@@ -291,6 +294,17 @@ rx_handler_result_t br_handle_frame(stru forward: switch (p->state) { @@ -33,9 +33,11 @@ Signed-off-by: Felix Fietkau + if (ether_addr_equal(p->br->dev->dev_addr, dest)) + skb->pkt_type = PACKET_HOST; + -+ NF_HOOK(NFPROTO_BRIDGE, NF_BR_PRE_ROUTING, ++ if (NF_HOOK(NFPROTO_BRIDGE, NF_BR_PRE_ROUTING, + dev_net(skb->dev), NULL, skb, skb->dev, NULL, -+ br_handle_local_finish); ++ br_handle_local_finish) == 1) { ++ return RX_HANDLER_PASS; ++ } + break; + case BR_STATE_FORWARDING: diff --git a/target/linux/generic/pending-4.9/150-bridge_allow_receiption_on_disabled_port.patch b/target/linux/generic/pending-4.9/150-bridge_allow_receiption_on_disabled_port.patch index c62eea3124..9ee93c9a1d 100644 --- a/target/linux/generic/pending-4.9/150-bridge_allow_receiption_on_disabled_port.patch +++ b/target/linux/generic/pending-4.9/150-bridge_allow_receiption_on_disabled_port.patch @@ -27,7 +27,7 @@ Signed-off-by: Felix Fietkau /* return 1 to signal the okfn() was called so it's ok to use the skb */ return 1; -@@ -321,6 +324,15 @@ rx_handler_result_t br_handle_frame(stru +@@ -321,6 +324,17 @@ rx_handler_result_t br_handle_frame(stru forward: switch (p->state) { @@ -35,9 +35,11 @@ Signed-off-by: Felix Fietkau + if (ether_addr_equal(p->br->dev->dev_addr, dest)) + skb->pkt_type = PACKET_HOST; + -+ NF_HOOK(NFPROTO_BRIDGE, NF_BR_PRE_ROUTING, ++ if (NF_HOOK(NFPROTO_BRIDGE, NF_BR_PRE_ROUTING, + dev_net(skb->dev), NULL, skb, skb->dev, NULL, -+ br_handle_local_finish); ++ br_handle_local_finish) == 1) { ++ return RX_HANDLER_PASS; ++ } + break; + case BR_STATE_FORWARDING: -- cgit v1.2.3