Merge Mainline

2020-09-12 23:35:51 +08:00
parent 876258d192 1ecb19072b
commit 7ccd66cdea
36 changed files with 218 additions and 215 deletions
--- a/include/kernel-version.mk
+++ b/include/kernel-version.mk
@@ -6,12 +6,12 @@ ifdef CONFIG_TESTING_KERNEL
  KERNEL_PATCHVER:=$(KERNEL_TESTING_PATCHVER)
 endif

-LINUX_VERSION-4.14 = .196
-LINUX_VERSION-4.19 = .143
+LINUX_VERSION-4.14 = .198
+LINUX_VERSION-4.19 = .145
 LINUX_VERSION-5.4 = .65

-LINUX_KERNEL_HASH-4.14.196 = 5e61b2f58d4c930c3567821aeeb6f688554dca61454646d54711bfc9abc7b09a
-LINUX_KERNEL_HASH-4.19.143 = 2a4335c66f0ea8cc49d89ab25e5e00d75fcb33fe638d5584855598b4b8f3038d
+LINUX_KERNEL_HASH-4.14.198 = 1efaba581860a36666c3ae5001a9f291d3d6929d9d5e78800ebd6242858cb503
+LINUX_KERNEL_HASH-4.19.145 = 17bc834ff8f15aee45b7ca7c8b9d43b6b03111a43eb7de75c808a04f4b3ff6b7
 LINUX_KERNEL_HASH-5.4.65 = f514834417d09de1667836e443e085bf37952603f23572b69ef0fcfda16cac69

 remove_uri_prefix=$(subst git://,,$(subst http://,,$(subst https://,,$(1))))
--- a/package/ctcgfw/luci-app-ssocks/root/etc/init.d/ssocks
+++ b/package/ctcgfw/luci-app-ssocks/root/etc/init.d/ssocks
@@ -25,7 +25,7 @@ start()
 		echo "${username}:${password}" > /etc/config/ssocks-authorization
 		auth_arg="--auth /etc/config/ssocks-authorization"
 	fi
-	/usr/bin/ssocks --port "${listen_port}" --bind "${bind_address}" ${auth_arg} >/dev/null 2>&1 &
+	/usr/bin/ssocksd --port "${listen_port}" --bind "${bind_address}" ${auth_arg} >/dev/null 2>&1 &
 	iptables -I INPUT -p tcp --dport "${listen_port}" -j ACCEPT
 	cat <<-EOF > "/var/etc/ssocks.include"
 iptables -I INPUT -p tcp --dport "${listen_port}" -j ACCEPT
@@ -34,7 +34,7 @@ iptables -I INPUT -p tcp --dport "${listen_port}" -j ACCEPT

 stop()
 {
-	killall -9 ssocks >/dev/null 2>&1
+	killall -9 ssocksd >/dev/null 2>&1
 	rm -f "/etc/config/ssocks-authorization"
 	rm -f "/var/etc/ssocks.include"
 }
--- a/package/lienol/luci-app-passwall/root/usr/share/passwall/app.sh
+++ b/package/lienol/luci-app-passwall/root/usr/share/passwall/app.sh
@@ -314,12 +314,12 @@ run_socks() {
 	local remarks=$(config_n_get $node remarks)
 	local server_host=$(config_n_get $node address)
 	local port=$(config_n_get $node port)
-	local msg
+	local msg tmp

-	echolog "  - 启用 ${bind}:${local_port}"
 	if [ -n "$server_host" ] && [ -n "$port" ]; then
 		server_host=$(host_from_url "$server_host")
 		[ -n "$(echo -n $server_host | awk '{print gensub(/[!-~]/,"","g",$0)}')" ] && msg="$remarks，非法的代理服务器地址，无法启动 ！"
+		tmp="（${server_host}:${port}）"
 	else
 		msg="某种原因，此 Socks 服务的相关配置已失联，启动中止！"
 	fi
@@ -329,10 +329,10 @@ run_socks() {
 	fi

 	[ -n "${msg}" ] && {
-		echolog "  - ${msg}"
+		[ "$bind" != "127.0.0.1" ] && echolog "  - 启动中止 ${bind}:${local_port} ${msg}"
 		return 1
 	}
-	echolog "  - 节点：$remarks，${server_host}:${port}"
+	[ "$bind" != "127.0.0.1" ] && echolog "  - 启动 ${bind}:${local_port}  - 节点：$remarks${tmp}"

 	case "$type" in
 	socks)
@@ -893,7 +893,7 @@ add_dnsmasq() {
 			items=$(get_enabled_anonymous_secs "@subscribe_list")
 			for item in ${items}; do
 				host_from_url "$(config_n_get ${item} url)" | gen_dnsmasq_items "blacklist" "${fwd_dns}" "${TMP_DNSMASQ_PATH}/subscribe.conf"
-				echolog "  - [$?]节点订阅用域名，$(host_from_url $(config_n_get ${item} url))：${fwd_dns:-默认}"
+				echolog "  - [$?]节点订阅域名，$(host_from_url $(config_n_get ${item} url))：${fwd_dns:-默认}"
 			done
 		}
 	fi
--- a/package/lienol/luci-app-passwall/root/usr/share/passwall/iptables.sh
+++ b/package/lienol/luci-app-passwall/root/usr/share/passwall/iptables.sh
@@ -115,6 +115,7 @@ load_acl() {
 		local item enabled remarks ip mac tcp_proxy_mode udp_proxy_mod
 		local tcp_node udp_node tcp_no_redir_ports udp_no_redir_ports tcp_redir_ports udp_redir_ports
 		local TCP_NODE UDP_NODE TCP_NODE_TYPE UDP_NODE_TYPE ipt_tmp is_tproxy tcp_port udp_port msg msg2
+		echolog "访问控制："
 		for item in $items; do
 			unset ip mac tcp_port udp_port is_tproxy msg
 			eval $(uci -q show "${CONFIG}.${item}" | cut -d'.' -sf 3-)
@@ -138,7 +139,7 @@ load_acl() {
 			eval TCP_NODE=\$TCP_NODE$tcp_node
 			eval UDP_NODE=\$UDP_NODE$udp_node

-			echolog "访问控制：${item}..."
+			#echolog "访问控制：${item}..."
 			[ -n "$ip" ] && msg="IP：$ip，"
 			[ -n "$mac" ] && msg="${msg:+${msg}和}MAC：$mac，"
 			ipt_tmp=$ipt_n
@@ -271,19 +272,19 @@ filter_node() {
 				msg2="按规则路由(${msg})"
 				[ "$_ipt" == "$ipt_m" -o "$_ipt" == "$ip6t_m" ] || {
 					dst_rule=$(REDIRECT $_port)
-					msg2="套娃使用(${msg}:${port}>>${_port})"
+					msg2="套娃使用(${msg}:${port} -> ${_port})"
 				}
 				[ -n "$_proxy" ] && [ "$_proxy" == "1" ] && [ -n "$_port" ] || {
 					ADD_INDEX=$(RULE_LAST_INDEX "$_ipt" PSW_OUT_PUT "$IPSET_VPSIPLIST" $FORCE_INDEX)
 					dst_rule=" -j RETURN"
-					msg2="直连代理(${msg})"
+					msg2="直连代理"
 				}
 				$_ipt -I PSW_OUTPUT $ADD_INDEX $(comment "${address}:${port}") -p $stream -d $address --dport $port $dst_rule 2>/dev/null
-			else
-				msg2="已配置过的节点，"
+			#else
+			#	msg2="已配置过的节点，"
 			fi
 		done
-		msg="[$?]${msg2}使用链${ADD_INDEX}，节点（${type}）：${address}:${port}"
+		msg="[$?]$(echo ${2} | tr 'a-z' 'A-Z')${msg2}使用链${ADD_INDEX}，节点（${type}）：${address}:${port}"
 		echolog "  - ${msg}"
 	}
 	
@@ -291,7 +292,7 @@ filter_node() {
 	local proxy_type=$(echo $(config_n_get $proxy_node type nil) | tr 'A-Z' 'a-z')
 	[ "$proxy_type" == "nil" ] && echolog "  - 节点配置不正常，略过！：${proxy_node}" && return 0
 	if [ "$proxy_protocol" == "_shunt" ]; then
-		echolog "  - 按请求目的地址分流（${proxy_type}）..."
+		#echolog "  - 按请求目的地址分流（${proxy_type}）..."
 		local default_node=$(config_n_get $proxy_node default_node nil)
 		filter_rules $default_node $stream
 		local default_node_address=$(get_host_ip ipv4 $(config_n_get $default_node address) 1)
@@ -301,23 +302,25 @@ filter_node() {
 		for shunt_id in $shunt_ids; do
 			local shunt_proxy=$(config_n_get $proxy_node "${shunt_id}_proxy" 0)
 			local shunt_node=$(config_n_get $proxy_node "${shunt_id}" nil)
-			[ "$shunt_proxy" == 1 ] && {
-				local shunt_node_address=$(get_host_ip ipv4 $(config_n_get $shunt_node address) 1)
-				local shunt_node_port=$(config_n_get $shunt_node port)
-				[ "$shunt_node_address" == "$default_node_address" ] && [ "$shunt_node_port" == "$default_node_port" ] && {
-					shunt_proxy=0
+			[ "$shunt_node" != "nil" ] && {
+				[ "$shunt_proxy" == 1 ] && {
+					local shunt_node_address=$(get_host_ip ipv4 $(config_n_get $shunt_node address) 1)
+					local shunt_node_port=$(config_n_get $shunt_node port)
+					[ "$shunt_node_address" == "$default_node_address" ] && [ "$shunt_node_port" == "$default_node_port" ] && {
+						shunt_proxy=0
+					}
 				}
+				filter_rules "$(config_n_get $proxy_node $shunt_id)" "$stream" "$shunt_proxy" "$proxy_port"
 			}
-			filter_rules "$(config_n_get $proxy_node $shunt_id)" "$stream" "$shunt_proxy" "$proxy_port"
 		done
 	elif [ "$proxy_protocol" == "_balancing" ]; then
-		echolog "  - 多节点负载均衡（${proxy_type}）..."
+		#echolog "  - 多节点负载均衡（${proxy_type}）..."
 		proxy_node=$(config_n_get $proxy_node balancing_node)
 		for _node in $proxy_node; do
 			filter_rules "$_node" "$stream"
 		done
 	else
-		echolog "  - 普通节点（${proxy_type}）..."
+		#echolog "  - 普通节点（${proxy_type}）..."
 		filter_rules "$proxy_node" "$stream"
 	fi
 }
@@ -488,8 +491,8 @@ add_firewall_rule() {
 			eval "node=\${TCP_NODE$num}"
 			msg="${msg} 使用与 TCP 代理自动切换${num} 相同的节点，延后处理"
 		else
-			filter_node $node tcp
-			filter_node $node udp
+			filter_node $node TCP
+			filter_node $node UDP
 		fi
 		echolog "  - ${msg}"
 	done
--- a/target/linux/bcm47xx/patches-4.14/159-cpu_fixes.patch
+++ b/target/linux/bcm47xx/patches-4.14/159-cpu_fixes.patch
@@ -406,7 +406,7 @@
 	if (!cpu_has_ic_fills_f_dc) {
 		if (dc_lsize)
 			vaddr ? flush_dcache_line(addr & ~(dc_lsize - 1))
-@@ -1880,6 +1894,17 @@ static void coherency_setup(void)
+@@ -1884,6 +1898,17 @@ static void coherency_setup(void)
 	 * silly idea of putting something else there ...
 	 */
 	switch (current_cpu_type()) {
@@ -424,7 +424,7 @@
 	case CPU_R4000PC:
 	case CPU_R4000SC:
 	case CPU_R4000MC:
-@@ -1926,6 +1951,15 @@ void r4k_cache_init(void)
+@@ -1930,6 +1955,15 @@ void r4k_cache_init(void)
 	extern void build_copy_page(void);
 	struct cpuinfo_mips *c = &current_cpu_data;
 
@@ -440,7 +440,7 @@
 	probe_pcache();
 	probe_vcache();
 	setup_scache();
-@@ -2004,7 +2038,15 @@ void r4k_cache_init(void)
+@@ -2008,7 +2042,15 @@ void r4k_cache_init(void)
 	 */
 	local_r4k___flush_cache_all(NULL);
 
--- a/target/linux/bcm47xx/patches-4.14/610-pci_ide_fix.patch
+++ b/target/linux/bcm47xx/patches-4.14/610-pci_ide_fix.patch
@@ -27,7 +27,7 @@ This fixes OpenWrt ticket #7061: https://dev.openwrt.org/ticket/7061
 ---
 --- a/include/linux/ide.h
 +++ b/include/linux/ide.h
-@@ -241,7 +241,11 @@ static inline void ide_std_init_ports(st
+@@ -240,7 +240,11 @@ static inline void ide_std_init_ports(st
 	hw->io_ports.ctl_addr = ctl_addr;
 }
 
--- a/target/linux/bcm47xx/patches-4.19/159-cpu_fixes.patch
+++ b/target/linux/bcm47xx/patches-4.19/159-cpu_fixes.patch
@@ -406,7 +406,7 @@
 	if (!cpu_has_ic_fills_f_dc) {
 		if (dc_lsize)
 			vaddr ? flush_dcache_line(addr & ~(dc_lsize - 1))
-@@ -1888,6 +1902,17 @@ static void coherency_setup(void)
+@@ -1892,6 +1906,17 @@ static void coherency_setup(void)
 	 * silly idea of putting something else there ...
 	 */
 	switch (current_cpu_type()) {
@@ -424,7 +424,7 @@
 	case CPU_R4000PC:
 	case CPU_R4000SC:
 	case CPU_R4000MC:
-@@ -1934,6 +1959,15 @@ void r4k_cache_init(void)
+@@ -1938,6 +1963,15 @@ void r4k_cache_init(void)
 	extern void build_copy_page(void);
 	struct cpuinfo_mips *c = &current_cpu_data;
 
@@ -440,7 +440,7 @@
 	probe_pcache();
 	probe_vcache();
 	setup_scache();
-@@ -2012,7 +2046,15 @@ void r4k_cache_init(void)
+@@ -2016,7 +2050,15 @@ void r4k_cache_init(void)
 	 */
 	local_r4k___flush_cache_all(NULL);
 
--- a/target/linux/generic/backport-4.14/303-v4.16-netfilter-nf_tables-remove-multihook-chains-and-fami.patch
+++ b/target/linux/generic/backport-4.14/303-v4.16-netfilter-nf_tables-remove-multihook-chains-and-fami.patch
@@ -11,7 +11,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

 --- a/include/net/netfilter/nf_tables.h
 +++ b/include/net/netfilter/nf_tables.h
-@@ -898,8 +898,6 @@ struct nft_stats {
+@@ -900,8 +900,6 @@ struct nft_stats {
 	struct u64_stats_sync	syncp;
 };
 
@@ -20,7 +20,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 /**
  *	struct nft_base_chain - nf_tables base chain
  *
-@@ -911,7 +909,7 @@ struct nft_stats {
+@@ -913,7 +911,7 @@ struct nft_stats {
  *	@dev_name: device name that this base chain is attached to (if any)
  */
 struct nft_base_chain {
@@ -29,7 +29,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	const struct nf_chain_type	*type;
 	u8				policy;
 	u8				flags;
-@@ -972,8 +970,6 @@ enum nft_af_flags {
+@@ -974,8 +972,6 @@ enum nft_af_flags {
  *	@owner: module owner
  *	@tables: used internally
  *	@flags: family flags
@@ -38,7 +38,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  *	@hooks: hookfn overrides for packet validation
  */
 struct nft_af_info {
-@@ -983,9 +979,6 @@ struct nft_af_info {
+@@ -985,9 +981,6 @@ struct nft_af_info {
 	struct module			*owner;
 	struct list_head		tables;
 	u32				flags;
@@ -264,7 +264,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		}
 		nft_chain_release_hook(&hook);
 	}
-@@ -5162,10 +5150,9 @@ static int nf_tables_commit(struct net *
+@@ -5163,10 +5151,9 @@ static int nf_tables_commit(struct net *
 		case NFT_MSG_DELCHAIN:
 			list_del_rcu(&trans->ctx.chain->list);
 			nf_tables_chain_notify(&trans->ctx, NFT_MSG_DELCHAIN);
@@ -278,7 +278,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 			break;
 		case NFT_MSG_NEWRULE:
 			nft_clear(trans->ctx.net, nft_trans_rule(trans));
-@@ -5302,10 +5289,9 @@ static int nf_tables_abort(struct net *n
+@@ -5303,10 +5290,9 @@ static int nf_tables_abort(struct net *n
 			} else {
 				trans->ctx.table->use--;
 				list_del_rcu(&trans->ctx.chain->list);
@@ -292,7 +292,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 			}
 			break;
 		case NFT_MSG_DELCHAIN:
-@@ -5408,7 +5394,7 @@ int nft_chain_validate_hooks(const struc
+@@ -5409,7 +5395,7 @@ int nft_chain_validate_hooks(const struc
 	if (nft_is_base_chain(chain)) {
 		basechain = nft_base_chain(chain);
 
@@ -301,7 +301,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 			return 0;
 
 		return -EOPNOTSUPP;
-@@ -5890,8 +5876,7 @@ int __nft_release_basechain(struct nft_c
+@@ -5891,8 +5877,7 @@ int __nft_release_basechain(struct nft_c
 
 	BUG_ON(!nft_is_base_chain(ctx->chain));
 
@@ -311,7 +311,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	list_for_each_entry_safe(rule, nr, &ctx->chain->rules, list) {
 		list_del(&rule->list);
 		ctx->chain->use--;
-@@ -5920,8 +5905,7 @@ static void __nft_release_afinfo(struct
+@@ -5921,8 +5906,7 @@ static void __nft_release_afinfo(struct
 
 	list_for_each_entry_safe(table, nt, &afi->tables, list) {
 		list_for_each_entry(chain, &table->chains, list)
--- a/target/linux/generic/backport-4.14/312-v4.16-netfilter-nf_tables-remove-hooks-from-family-definit.patch
+++ b/target/linux/generic/backport-4.14/312-v4.16-netfilter-nf_tables-remove-hooks-from-family-definit.patch
@@ -10,7 +10,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

 --- a/include/net/netfilter/nf_tables.h
 +++ b/include/net/netfilter/nf_tables.h
-@@ -876,7 +876,7 @@ enum nft_chain_type {
+@@ -878,7 +878,7 @@ enum nft_chain_type {
  * 	@family: address family
  * 	@owner: module owner
  * 	@hook_mask: mask of valid hooks
@@ -19,7 +19,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  */
 struct nf_chain_type {
 	const char			*name;
-@@ -970,7 +970,6 @@ enum nft_af_flags {
+@@ -972,7 +972,6 @@ enum nft_af_flags {
  *	@owner: module owner
  *	@tables: used internally
  *	@flags: family flags
@@ -27,7 +27,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  */
 struct nft_af_info {
 	struct list_head		list;
-@@ -979,7 +978,6 @@ struct nft_af_info {
+@@ -981,7 +980,6 @@ struct nft_af_info {
 	struct module			*owner;
 	struct list_head		tables;
 	u32				flags;
--- a/target/linux/generic/backport-4.14/321-v4.16-netfilter-nf_tables-add-flow-table-netlink-frontend.patch
+++ b/target/linux/generic/backport-4.14/321-v4.16-netfilter-nf_tables-add-flow-table-netlink-frontend.patch
@@ -50,7 +50,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 #include <net/netlink.h>
 
 #define NFT_JUMP_STACK_SIZE	16
-@@ -939,6 +940,7 @@ unsigned int nft_do_chain(struct nft_pkt
+@@ -941,6 +942,7 @@ unsigned int nft_do_chain(struct nft_pkt
  *	@chains: chains in the table
  *	@sets: sets in the table
  *	@objects: stateful objects in the table
@@ -58,7 +58,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  *	@hgenerator: handle generator state
  *	@use: number of chain references to this table
  *	@flags: table flag (see enum nft_table_flags)
-@@ -950,6 +952,7 @@ struct nft_table {
+@@ -952,6 +954,7 @@ struct nft_table {
 	struct list_head		chains;
 	struct list_head		sets;
 	struct list_head		objects;
@@ -66,7 +66,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	u64				hgenerator;
 	u32				use;
 	u16				flags:14,
-@@ -1081,6 +1084,44 @@ int nft_register_obj(struct nft_object_t
+@@ -1083,6 +1086,44 @@ int nft_register_obj(struct nft_object_t
 void nft_unregister_obj(struct nft_object_type *obj_type);
 
 /**
@@ -111,7 +111,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  *	struct nft_traceinfo - nft tracing information and state
  *
  *	@pkt: pktinfo currently processed
-@@ -1316,4 +1357,11 @@ struct nft_trans_obj {
+@@ -1318,4 +1359,11 @@ struct nft_trans_obj {
 #define nft_trans_obj(trans)	\
 	(((struct nft_trans_obj *)trans->data)->obj)
 
@@ -292,7 +292,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	list_for_each_entry_safe(obj, ne, &ctx->table->objects, list) {
 		err = nft_delobj(ctx, obj);
 		if (err < 0)
-@@ -4862,6 +4906,605 @@ static void nf_tables_obj_notify(const s
+@@ -4863,6 +4907,605 @@ static void nf_tables_obj_notify(const s
 		       ctx->afi->family, ctx->report, GFP_KERNEL);
 }
 
@@ -898,7 +898,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 static int nf_tables_fill_gen_info(struct sk_buff *skb, struct net *net,
 				   u32 portid, u32 seq)
 {
-@@ -4892,6 +5535,49 @@ nla_put_failure:
+@@ -4893,6 +5536,49 @@ nla_put_failure:
 	return -EMSGSIZE;
 }
 
@@ -948,7 +948,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 static void nf_tables_gen_notify(struct net *net, struct sk_buff *skb,
 				 int event)
 {
-@@ -5044,6 +5730,21 @@ static const struct nfnl_callback nf_tab
+@@ -5045,6 +5731,21 @@ static const struct nfnl_callback nf_tab
 		.attr_count	= NFTA_OBJ_MAX,
 		.policy		= nft_obj_policy,
 	},
@@ -970,7 +970,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 };
 
 static void nft_chain_commit_update(struct nft_trans *trans)
-@@ -5092,6 +5793,9 @@ static void nf_tables_commit_release(str
+@@ -5093,6 +5794,9 @@ static void nf_tables_commit_release(str
 	case NFT_MSG_DELOBJ:
 		nft_obj_destroy(nft_trans_obj(trans));
 		break;
@@ -980,7 +980,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	}
 	kfree(trans);
 }
-@@ -5211,6 +5915,21 @@ static int nf_tables_commit(struct net *
+@@ -5212,6 +5916,21 @@ static int nf_tables_commit(struct net *
 			nf_tables_obj_notify(&trans->ctx, nft_trans_obj(trans),
 					     NFT_MSG_DELOBJ);
 			break;
@@ -1002,7 +1002,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		}
 	}
 
-@@ -5248,6 +5967,9 @@ static void nf_tables_abort_release(stru
+@@ -5249,6 +5968,9 @@ static void nf_tables_abort_release(stru
 	case NFT_MSG_NEWOBJ:
 		nft_obj_destroy(nft_trans_obj(trans));
 		break;
@@ -1012,7 +1012,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	}
 	kfree(trans);
 }
-@@ -5339,6 +6061,17 @@ static int nf_tables_abort(struct net *n
+@@ -5340,6 +6062,17 @@ static int nf_tables_abort(struct net *n
 			nft_clear(trans->ctx.net, nft_trans_obj(trans));
 			nft_trans_destroy(trans);
 			break;
@@ -1030,7 +1030,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		}
 	}
 
-@@ -5889,6 +6622,7 @@ EXPORT_SYMBOL_GPL(__nft_release_basechai
+@@ -5890,6 +6623,7 @@ EXPORT_SYMBOL_GPL(__nft_release_basechai
 /* Called by nft_unregister_afinfo() from __net_exit path, nfnl_lock is held. */
 static void __nft_release_afinfo(struct net *net, struct nft_af_info *afi)
 {
@@ -1038,7 +1038,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	struct nft_table *table, *nt;
 	struct nft_chain *chain, *nc;
 	struct nft_object *obj, *ne;
-@@ -5902,6 +6636,9 @@ static void __nft_release_afinfo(struct
+@@ -5903,6 +6637,9 @@ static void __nft_release_afinfo(struct
 	list_for_each_entry_safe(table, nt, &afi->tables, list) {
 		list_for_each_entry(chain, &table->chains, list)
 			nf_tables_unregister_hook(net, table, chain);
@@ -1048,7 +1048,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		/* No packets are walking on these chains anymore. */
 		ctx.table = table;
 		list_for_each_entry(chain, &table->chains, list) {
-@@ -5912,6 +6649,11 @@ static void __nft_release_afinfo(struct
+@@ -5913,6 +6650,11 @@ static void __nft_release_afinfo(struct
 				nf_tables_rule_release(&ctx, rule);
 			}
 		}
@@ -1060,7 +1060,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		list_for_each_entry_safe(set, ns, &table->sets, list) {
 			list_del(&set->list);
 			table->use--;
-@@ -5955,6 +6697,8 @@ static int __init nf_tables_module_init(
+@@ -5956,6 +6698,8 @@ static int __init nf_tables_module_init(
 	if (err < 0)
 		goto err3;
 
@@ -1069,7 +1069,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	pr_info("nf_tables: (c) 2007-2009 Patrick McHardy <kaber@trash.net>\n");
 	return register_pernet_subsys(&nf_tables_net_ops);
 err3:
-@@ -5969,6 +6713,7 @@ static void __exit nf_tables_module_exit
+@@ -5970,6 +6714,7 @@ static void __exit nf_tables_module_exit
 {
 	unregister_pernet_subsys(&nf_tables_net_ops);
 	nfnetlink_subsys_unregister(&nf_tables_subsys);
--- a/target/linux/generic/backport-4.14/327-v4.16-netfilter-nf_tables-remove-nhooks-field-from-struct-.patch
+++ b/target/linux/generic/backport-4.14/327-v4.16-netfilter-nf_tables-remove-nhooks-field-from-struct-.patch
@@ -14,7 +14,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

 --- a/include/net/netfilter/nf_tables.h
 +++ b/include/net/netfilter/nf_tables.h
-@@ -969,7 +969,6 @@ enum nft_af_flags {
+@@ -971,7 +971,6 @@ enum nft_af_flags {
  *
  *	@list: used internally
  *	@family: address family
@@ -22,7 +22,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  *	@owner: module owner
  *	@tables: used internally
  *	@flags: family flags
-@@ -977,7 +976,6 @@ enum nft_af_flags {
+@@ -979,7 +978,6 @@ enum nft_af_flags {
 struct nft_af_info {
 	struct list_head		list;
 	int				family;
@@ -82,7 +82,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	hook->priority = ntohl(nla_get_be32(ha[NFTA_HOOK_PRIORITY]));
 
 	type = chain_type[afi->family][NFT_CHAIN_T_DEFAULT];
-@@ -5014,7 +5011,7 @@ static int nf_tables_flowtable_parse_hoo
+@@ -5015,7 +5012,7 @@ static int nf_tables_flowtable_parse_hoo
 		return -EINVAL;
 
 	hooknum = ntohl(nla_get_be32(tb[NFTA_FLOWTABLE_HOOK_NUM]));
--- a/target/linux/generic/backport-4.14/328-v4.16-netfilter-nf_tables-fix-a-typo-in-nf_tables_getflowt.patch
+++ b/target/linux/generic/backport-4.14/328-v4.16-netfilter-nf_tables-fix-a-typo-in-nf_tables_getflowt.patch
@@ -11,7 +11,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

 --- a/net/netfilter/nf_tables_api.c
 +++ b/net/netfilter/nf_tables_api.c
-@@ -5438,7 +5438,7 @@ static int nf_tables_getflowtable(struct
+@@ -5439,7 +5439,7 @@ static int nf_tables_getflowtable(struct
 
 	flowtable = nf_tables_flowtable_lookup(table, nla[NFTA_FLOWTABLE_NAME],
 					       genmask);
--- a/target/linux/generic/backport-4.14/330-v4.16-netfilter-nf_tables-remove-flag-field-from-struct-nf.patch
+++ b/target/linux/generic/backport-4.14/330-v4.16-netfilter-nf_tables-remove-flag-field-from-struct-nf.patch
@@ -10,7 +10,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

 --- a/include/net/netfilter/nf_tables.h
 +++ b/include/net/netfilter/nf_tables.h
-@@ -960,10 +960,6 @@ struct nft_table {
+@@ -962,10 +962,6 @@ struct nft_table {
 	char				*name;
 };
 
@@ -21,7 +21,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 /**
  *	struct nft_af_info - nf_tables address family info
  *
-@@ -971,14 +967,12 @@ enum nft_af_flags {
+@@ -973,14 +969,12 @@ enum nft_af_flags {
  *	@family: address family
  *	@owner: module owner
  *	@tables: used internally
--- a/target/linux/generic/backport-4.14/331-v4.16-netfilter-nf_tables-no-need-for-struct-nft_af_info-t.patch
+++ b/target/linux/generic/backport-4.14/331-v4.16-netfilter-nf_tables-no-need-for-struct-nft_af_info-t.patch
@@ -62,7 +62,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		if (ret >= 0) {
 			ctx->table->flags &= ~NFT_TABLE_F_DORMANT;
 			nft_trans_table_enable(trans) = true;
-@@ -5819,7 +5812,6 @@ static int nf_tables_commit(struct net *
+@@ -5820,7 +5813,6 @@ static int nf_tables_commit(struct net *
 			if (nft_trans_table_update(trans)) {
 				if (!nft_trans_table_enable(trans)) {
 					nf_tables_table_disable(net,
@@ -70,7 +70,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 								trans->ctx.table);
 					trans->ctx.table->flags |= NFT_TABLE_F_DORMANT;
 				}
-@@ -5983,7 +5975,6 @@ static int nf_tables_abort(struct net *n
+@@ -5984,7 +5976,6 @@ static int nf_tables_abort(struct net *n
 			if (nft_trans_table_update(trans)) {
 				if (nft_trans_table_enable(trans)) {
 					nf_tables_table_disable(net,
--- a/target/linux/generic/backport-4.14/334-v4.15-netfilter-nf_tables-fix-potential-NULL-ptr-deref-in-.patch
+++ b/target/linux/generic/backport-4.14/334-v4.15-netfilter-nf_tables-fix-potential-NULL-ptr-deref-in-.patch
@@ -15,7 +15,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

 --- a/net/netfilter/nf_tables_api.c
 +++ b/net/netfilter/nf_tables_api.c
-@@ -5357,8 +5357,10 @@ static int nf_tables_dump_flowtable_done
+@@ -5358,8 +5358,10 @@ static int nf_tables_dump_flowtable_done
 	if (!filter)
 		return 0;
 
--- a/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch
+++ b/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch
@@ -17,7 +17,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

 --- a/include/net/netfilter/nf_tables.h
 +++ b/include/net/netfilter/nf_tables.h
-@@ -143,22 +143,22 @@ static inline void nft_data_debug(const
+@@ -145,22 +145,22 @@ static inline void nft_data_debug(const
  *	struct nft_ctx - nf_tables rule/set context
  *
  *	@net: net namespace
@@ -42,7 +42,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	bool				report;
 };
 
-@@ -945,6 +945,7 @@ unsigned int nft_do_chain(struct nft_pkt
+@@ -947,6 +947,7 @@ unsigned int nft_do_chain(struct nft_pkt
  *	@use: number of chain references to this table
  *	@flags: table flag (see enum nft_table_flags)
  *	@genmask: generation mask
@@ -50,7 +50,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  *	@name: name of the table
  */
 struct nft_table {
-@@ -957,6 +958,7 @@ struct nft_table {
+@@ -959,6 +960,7 @@ struct nft_table {
 	u32				use;
 	u16				flags:14,
 					genmask:2;
@@ -58,7 +58,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	char				*name;
 };
 
-@@ -966,13 +968,11 @@ struct nft_table {
+@@ -968,13 +970,11 @@ struct nft_table {
  *	@list: used internally
  *	@family: address family
  *	@owner: module owner
@@ -679,7 +679,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	nfmsg->version		= NFNETLINK_V0;
 	nfmsg->res_id		= htons(ctx->net->nft.base_seq & 0xffff);
 
-@@ -2952,10 +2949,8 @@ static int nf_tables_dump_sets(struct sk
+@@ -2953,10 +2950,8 @@ static int nf_tables_dump_sets(struct sk
 {
 	const struct nft_set *set;
 	unsigned int idx, s_idx = cb->args[0];
@@ -690,7 +690,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	struct nft_ctx *ctx = cb->data, ctx_set;
 
 	if (cb->args[1])
-@@ -2964,51 +2959,44 @@ static int nf_tables_dump_sets(struct sk
+@@ -2965,51 +2960,44 @@ static int nf_tables_dump_sets(struct sk
 	rcu_read_lock();
 	cb->seq = net->nft.base_seq;
 
@@ -771,7 +771,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	}
 	cb->args[1] = 1;
 done:
-@@ -3221,11 +3209,12 @@ static int nf_tables_newset(struct net *
+@@ -3222,11 +3210,12 @@ static int nf_tables_newset(struct net *
 	if (IS_ERR(afi))
 		return PTR_ERR(afi);
 
@@ -786,7 +786,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 
 	set = nf_tables_set_lookup(table, nla[NFTA_SET_NAME], genmask);
 	if (IS_ERR(set)) {
-@@ -3494,12 +3483,12 @@ static int nft_ctx_init_from_elemattr(st
+@@ -3495,12 +3484,12 @@ static int nft_ctx_init_from_elemattr(st
 	if (IS_ERR(afi))
 		return PTR_ERR(afi);
 
@@ -802,7 +802,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	return 0;
 }
 
-@@ -3604,7 +3593,6 @@ static int nf_tables_dump_set(struct sk_
+@@ -3605,7 +3594,6 @@ static int nf_tables_dump_set(struct sk_
 {
 	struct nft_set_dump_ctx *dump_ctx = cb->data;
 	struct net *net = sock_net(skb->sk);
@@ -810,7 +810,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	struct nft_table *table;
 	struct nft_set *set;
 	struct nft_set_dump_args args;
-@@ -3616,21 +3604,19 @@ static int nf_tables_dump_set(struct sk_
+@@ -3617,21 +3605,19 @@ static int nf_tables_dump_set(struct sk_
 	int event;
 
 	rcu_read_lock();
@@ -841,7 +841,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		}
 		break;
 	}
-@@ -3650,7 +3636,7 @@ static int nf_tables_dump_set(struct sk_
+@@ -3651,7 +3637,7 @@ static int nf_tables_dump_set(struct sk_
 		goto nla_put_failure;
 
 	nfmsg = nlmsg_data(nlh);
@@ -850,7 +850,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	nfmsg->version      = NFNETLINK_V0;
 	nfmsg->res_id	    = htons(net->nft.base_seq & 0xffff);
 
-@@ -3752,7 +3738,7 @@ static int nf_tables_fill_setelem_info(s
+@@ -3753,7 +3739,7 @@ static int nf_tables_fill_setelem_info(s
 		goto nla_put_failure;
 
 	nfmsg = nlmsg_data(nlh);
@@ -859,7 +859,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	nfmsg->version		= NFNETLINK_V0;
 	nfmsg->res_id		= htons(ctx->net->nft.base_seq & 0xffff);
 
-@@ -4002,7 +3988,7 @@ static int nft_add_set_elem(struct nft_c
+@@ -4003,7 +3989,7 @@ static int nft_add_set_elem(struct nft_c
 		list_for_each_entry(binding, &set->bindings, list) {
 			struct nft_ctx bind_ctx = {
 				.net	= ctx->net,
@@ -868,7 +868,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 				.table	= ctx->table,
 				.chain	= (struct nft_chain *)binding->chain,
 			};
-@@ -4554,7 +4540,8 @@ static int nf_tables_newobj(struct net *
+@@ -4555,7 +4541,8 @@ static int nf_tables_newobj(struct net *
 	if (IS_ERR(afi))
 		return PTR_ERR(afi);
 
@@ -878,7 +878,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	if (IS_ERR(table))
 		return PTR_ERR(table);
 
-@@ -4572,7 +4559,7 @@ static int nf_tables_newobj(struct net *
+@@ -4573,7 +4560,7 @@ static int nf_tables_newobj(struct net *
 		return 0;
 	}
 
@@ -887,7 +887,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 
 	type = nft_obj_type_get(objtype);
 	if (IS_ERR(type))
-@@ -4649,7 +4636,6 @@ struct nft_obj_filter {
+@@ -4650,7 +4637,6 @@ struct nft_obj_filter {
 static int nf_tables_dump_obj(struct sk_buff *skb, struct netlink_callback *cb)
 {
 	const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh);
@@ -895,7 +895,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	const struct nft_table *table;
 	unsigned int idx = 0, s_idx = cb->args[0];
 	struct nft_obj_filter *filter = cb->data;
-@@ -4664,38 +4650,37 @@ static int nf_tables_dump_obj(struct sk_
+@@ -4665,38 +4651,37 @@ static int nf_tables_dump_obj(struct sk_
 	rcu_read_lock();
 	cb->seq = net->nft.base_seq;
 
@@ -960,7 +960,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		}
 	}
 done:
-@@ -4782,7 +4767,8 @@ static int nf_tables_getobj(struct net *
+@@ -4783,7 +4768,8 @@ static int nf_tables_getobj(struct net *
 	if (IS_ERR(afi))
 		return PTR_ERR(afi);
 
@@ -970,7 +970,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	if (IS_ERR(table))
 		return PTR_ERR(table);
 
-@@ -4842,7 +4828,8 @@ static int nf_tables_delobj(struct net *
+@@ -4843,7 +4829,8 @@ static int nf_tables_delobj(struct net *
 	if (IS_ERR(afi))
 		return PTR_ERR(afi);
 
@@ -980,7 +980,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	if (IS_ERR(table))
 		return PTR_ERR(table);
 
-@@ -4853,7 +4840,7 @@ static int nf_tables_delobj(struct net *
+@@ -4854,7 +4841,7 @@ static int nf_tables_delobj(struct net *
 	if (obj->use > 0)
 		return -EBUSY;
 
@@ -989,7 +989,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 
 	return nft_delobj(&ctx, obj);
 }
-@@ -4891,7 +4878,7 @@ static void nf_tables_obj_notify(const s
+@@ -4892,7 +4879,7 @@ static void nf_tables_obj_notify(const s
 				 struct nft_object *obj, int event)
 {
 	nft_obj_notify(ctx->net, ctx->table, obj, ctx->portid, ctx->seq, event,
@@ -998,7 +998,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 }
 
 /*
-@@ -5081,7 +5068,7 @@ void nft_flow_table_iterate(struct net *
+@@ -5082,7 +5069,7 @@ void nft_flow_table_iterate(struct net *
 
 	rcu_read_lock();
 	list_for_each_entry_rcu(afi, &net->nft.af_info, list) {
@@ -1007,7 +1007,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 			list_for_each_entry_rcu(flowtable, &table->flowtables, list) {
 				iter(&flowtable->data, data);
 			}
-@@ -5129,7 +5116,8 @@ static int nf_tables_newflowtable(struct
+@@ -5130,7 +5117,8 @@ static int nf_tables_newflowtable(struct
 	if (IS_ERR(afi))
 		return PTR_ERR(afi);
 
@@ -1017,7 +1017,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	if (IS_ERR(table))
 		return PTR_ERR(table);
 
-@@ -5146,7 +5134,7 @@ static int nf_tables_newflowtable(struct
+@@ -5147,7 +5135,7 @@ static int nf_tables_newflowtable(struct
 		return 0;
 	}
 
@@ -1026,7 +1026,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 
 	flowtable = kzalloc(sizeof(*flowtable), GFP_KERNEL);
 	if (!flowtable)
-@@ -5227,7 +5215,8 @@ static int nf_tables_delflowtable(struct
+@@ -5228,7 +5216,8 @@ static int nf_tables_delflowtable(struct
 	if (IS_ERR(afi))
 		return PTR_ERR(afi);
 
@@ -1036,7 +1036,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	if (IS_ERR(table))
 		return PTR_ERR(table);
 
-@@ -5238,7 +5227,7 @@ static int nf_tables_delflowtable(struct
+@@ -5239,7 +5228,7 @@ static int nf_tables_delflowtable(struct
 	if (flowtable->use > 0)
 		return -EBUSY;
 
@@ -1045,7 +1045,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 
 	return nft_delflowtable(&ctx, flowtable);
 }
-@@ -5307,40 +5296,37 @@ static int nf_tables_dump_flowtable(stru
+@@ -5308,40 +5297,37 @@ static int nf_tables_dump_flowtable(stru
 	struct net *net = sock_net(skb->sk);
 	int family = nfmsg->nfgen_family;
 	struct nft_flowtable *flowtable;
@@ -1107,7 +1107,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		}
 	}
 done:
-@@ -5425,7 +5411,8 @@ static int nf_tables_getflowtable(struct
+@@ -5426,7 +5412,8 @@ static int nf_tables_getflowtable(struct
 	if (IS_ERR(afi))
 		return PTR_ERR(afi);
 
@@ -1117,7 +1117,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	if (IS_ERR(table))
 		return PTR_ERR(table);
 
-@@ -5468,7 +5455,7 @@ static void nf_tables_flowtable_notify(s
+@@ -5469,7 +5456,7 @@ static void nf_tables_flowtable_notify(s
 
 	err = nf_tables_fill_flowtable_info(skb, ctx->net, ctx->portid,
 					    ctx->seq, event, 0,
@@ -1126,7 +1126,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	if (err < 0) {
 		kfree_skb(skb);
 		goto err;
-@@ -5546,17 +5533,14 @@ static int nf_tables_flowtable_event(str
+@@ -5547,17 +5534,14 @@ static int nf_tables_flowtable_event(str
 	struct net_device *dev = netdev_notifier_info_to_dev(ptr);
 	struct nft_flowtable *flowtable;
 	struct nft_table *table;
@@ -1147,7 +1147,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		}
 	}
 	nfnl_unlock(NFNL_SUBSYS_NFTABLES);
-@@ -6582,6 +6566,7 @@ EXPORT_SYMBOL_GPL(nft_data_dump);
+@@ -6583,6 +6567,7 @@ EXPORT_SYMBOL_GPL(nft_data_dump);
 static int __net_init nf_tables_init_net(struct net *net)
 {
 	INIT_LIST_HEAD(&net->nft.af_info);
@@ -1155,7 +1155,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	INIT_LIST_HEAD(&net->nft.commit_list);
 	net->nft.base_seq = 1;
 	return 0;
-@@ -6618,10 +6603,10 @@ static void __nft_release_afinfo(struct
+@@ -6619,10 +6604,10 @@ static void __nft_release_afinfo(struct
 	struct nft_set *set, *ns;
 	struct nft_ctx ctx = {
 		.net	= net,
--- a/target/linux/generic/backport-4.14/336-v4.15-netfilter-exit_net-cleanup-check-added.patch
+++ b/target/linux/generic/backport-4.14/336-v4.15-netfilter-exit_net-cleanup-check-added.patch
@@ -21,7 +21,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 static struct pernet_operations clusterip_net_ops = {
 --- a/net/netfilter/nf_tables_api.c
 +++ b/net/netfilter/nf_tables_api.c
-@@ -6572,6 +6572,12 @@ static int __net_init nf_tables_init_net
+@@ -6573,6 +6573,12 @@ static int __net_init nf_tables_init_net
 	return 0;
 }
 
@@ -34,7 +34,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 int __nft_release_basechain(struct nft_ctx *ctx)
 {
 	struct nft_rule *rule, *nr;
-@@ -6649,6 +6655,7 @@ static void __nft_release_afinfo(struct
+@@ -6650,6 +6656,7 @@ static void __nft_release_afinfo(struct
 
 static struct pernet_operations nf_tables_net_ops = {
 	.init	= nf_tables_init_net,
--- a/target/linux/generic/backport-4.14/337-v4.16-netfilter-nf_tables-get-rid-of-pernet-families.patch
+++ b/target/linux/generic/backport-4.14/337-v4.16-netfilter-nf_tables-get-rid-of-pernet-families.patch
@@ -14,7 +14,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

 --- a/include/net/netfilter/nf_tables.h
 +++ b/include/net/netfilter/nf_tables.h
-@@ -975,8 +975,8 @@ struct nft_af_info {
+@@ -977,8 +977,8 @@ struct nft_af_info {
 	struct module			*owner;
 };
 
@@ -364,7 +364,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		if (afi->family == family)
 			return afi;
 	}
-@@ -5063,15 +5061,12 @@ void nft_flow_table_iterate(struct net *
+@@ -5064,15 +5062,12 @@ void nft_flow_table_iterate(struct net *
 			    void *data)
 {
 	struct nft_flowtable *flowtable;
@@ -383,7 +383,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		}
 	}
 	rcu_read_unlock();
-@@ -6563,21 +6558,6 @@ int nft_data_dump(struct sk_buff *skb, i
+@@ -6564,21 +6559,6 @@ int nft_data_dump(struct sk_buff *skb, i
 }
 EXPORT_SYMBOL_GPL(nft_data_dump);
 
@@ -405,7 +405,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 int __nft_release_basechain(struct nft_ctx *ctx)
 {
 	struct nft_rule *rule, *nr;
-@@ -6598,8 +6578,7 @@ int __nft_release_basechain(struct nft_c
+@@ -6599,8 +6579,7 @@ int __nft_release_basechain(struct nft_c
 }
 EXPORT_SYMBOL_GPL(__nft_release_basechain);
 
@@ -415,7 +415,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 {
 	struct nft_flowtable *flowtable, *nf;
 	struct nft_table *table, *nt;
-@@ -6609,10 +6588,11 @@ static void __nft_release_afinfo(struct
+@@ -6610,10 +6589,11 @@ static void __nft_release_afinfo(struct
 	struct nft_set *set, *ns;
 	struct nft_ctx ctx = {
 		.net	= net,
@@ -428,7 +428,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		list_for_each_entry(chain, &table->chains, list)
 			nf_tables_unregister_hook(net, table, chain);
 		list_for_each_entry(flowtable, &table->flowtables, list)
-@@ -6653,6 +6633,21 @@ static void __nft_release_afinfo(struct
+@@ -6654,6 +6634,21 @@ static void __nft_release_afinfo(struct
 	}
 }
 
--- a/target/linux/generic/backport-4.14/338-v4.16-netfilter-nf_tables-get-rid-of-struct-nft_af_info-ab.patch
+++ b/target/linux/generic/backport-4.14/338-v4.16-netfilter-nf_tables-get-rid-of-struct-nft_af_info-ab.patch
@@ -11,7 +11,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

 --- a/include/net/netfilter/nf_tables.h
 +++ b/include/net/netfilter/nf_tables.h
-@@ -956,28 +956,12 @@ struct nft_table {
+@@ -958,28 +958,12 @@ struct nft_table {
 	struct list_head		flowtables;
 	u64				hgenerator;
 	u32				use;
@@ -42,7 +42,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 int nft_register_chain_type(const struct nf_chain_type *);
 void nft_unregister_chain_type(const struct nf_chain_type *);
 
-@@ -1145,9 +1129,6 @@ void nft_trace_notify(struct nft_tracein
+@@ -1147,9 +1131,6 @@ void nft_trace_notify(struct nft_tracein
 #define nft_dereference(p)					\
 	nfnl_dereference(p, NFNL_SUBSYS_NFTABLES)
 
@@ -729,7 +729,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	return 0;
 }
 
-@@ -2959,7 +2834,7 @@ static int nf_tables_dump_sets(struct sk
+@@ -2960,7 +2835,7 @@ static int nf_tables_dump_sets(struct sk
 
 	list_for_each_entry_rcu(table, &net->nft.tables, list) {
 		if (ctx->family != NFPROTO_UNSPEC &&
@@ -738,7 +738,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 			continue;
 
 		if (ctx->table && ctx->table != table)
-@@ -2980,7 +2855,7 @@ static int nf_tables_dump_sets(struct sk
+@@ -2981,7 +2856,7 @@ static int nf_tables_dump_sets(struct sk
 
 			ctx_set = *ctx;
 			ctx_set.table = table;
@@ -747,7 +747,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 
 			if (nf_tables_fill_set(skb, &ctx_set, set,
 					       NFT_MSG_NEWSET,
-@@ -3092,8 +2967,8 @@ static int nf_tables_newset(struct net *
+@@ -3093,8 +2968,8 @@ static int nf_tables_newset(struct net *
 {
 	const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
 	u8 genmask = nft_genmask_next(net);
@@ -757,7 +757,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	struct nft_table *table;
 	struct nft_set *set;
 	struct nft_ctx ctx;
-@@ -3203,16 +3078,12 @@ static int nf_tables_newset(struct net *
+@@ -3204,16 +3079,12 @@ static int nf_tables_newset(struct net *
 
 	create = nlh->nlmsg_flags & NLM_F_CREATE ? true : false;
 
@@ -776,7 +776,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 
 	set = nf_tables_set_lookup(table, nla[NFTA_SET_NAME], genmask);
 	if (IS_ERR(set)) {
-@@ -3474,19 +3345,15 @@ static int nft_ctx_init_from_elemattr(st
+@@ -3475,19 +3346,15 @@ static int nft_ctx_init_from_elemattr(st
 				      u8 genmask)
 {
 	const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
@@ -799,7 +799,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	return 0;
 }
 
-@@ -3604,7 +3471,7 @@ static int nf_tables_dump_set(struct sk_
+@@ -3605,7 +3472,7 @@ static int nf_tables_dump_set(struct sk_
 	rcu_read_lock();
 	list_for_each_entry_rcu(table, &net->nft.tables, list) {
 		if (dump_ctx->ctx.family != NFPROTO_UNSPEC &&
@@ -808,7 +808,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 			continue;
 
 		if (table != dump_ctx->ctx.table)
-@@ -3634,7 +3501,7 @@ static int nf_tables_dump_set(struct sk_
+@@ -3635,7 +3502,7 @@ static int nf_tables_dump_set(struct sk_
 		goto nla_put_failure;
 
 	nfmsg = nlmsg_data(nlh);
@@ -817,7 +817,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	nfmsg->version      = NFNETLINK_V0;
 	nfmsg->res_id	    = htons(net->nft.base_seq & 0xffff);
 
-@@ -4522,7 +4389,6 @@ static int nf_tables_newobj(struct net *
+@@ -4523,7 +4390,6 @@ static int nf_tables_newobj(struct net *
 	const struct nft_object_type *type;
 	u8 genmask = nft_genmask_next(net);
 	int family = nfmsg->nfgen_family;
@@ -825,7 +825,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	struct nft_table *table;
 	struct nft_object *obj;
 	struct nft_ctx ctx;
-@@ -4534,11 +4400,7 @@ static int nf_tables_newobj(struct net *
+@@ -4535,11 +4401,7 @@ static int nf_tables_newobj(struct net *
 	    !nla[NFTA_OBJ_DATA])
 		return -EINVAL;
 
@@ -838,7 +838,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 				       genmask);
 	if (IS_ERR(table))
 		return PTR_ERR(table);
-@@ -4557,7 +4419,7 @@ static int nf_tables_newobj(struct net *
+@@ -4558,7 +4420,7 @@ static int nf_tables_newobj(struct net *
 		return 0;
 	}
 
@@ -847,7 +847,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 
 	type = nft_obj_type_get(objtype);
 	if (IS_ERR(type))
-@@ -4649,7 +4511,7 @@ static int nf_tables_dump_obj(struct sk_
+@@ -4650,7 +4512,7 @@ static int nf_tables_dump_obj(struct sk_
 	cb->seq = net->nft.base_seq;
 
 	list_for_each_entry_rcu(table, &net->nft.tables, list) {
@@ -856,7 +856,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 			continue;
 
 		list_for_each_entry_rcu(obj, &table->objects, list) {
-@@ -4672,7 +4534,7 @@ static int nf_tables_dump_obj(struct sk_
+@@ -4673,7 +4535,7 @@ static int nf_tables_dump_obj(struct sk_
 						    cb->nlh->nlmsg_seq,
 						    NFT_MSG_NEWOBJ,
 						    NLM_F_MULTI | NLM_F_APPEND,
@@ -865,7 +865,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 						    obj, reset) < 0)
 				goto done;
 
-@@ -4730,7 +4592,6 @@ static int nf_tables_getobj(struct net *
+@@ -4731,7 +4593,6 @@ static int nf_tables_getobj(struct net *
 	const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
 	u8 genmask = nft_genmask_cur(net);
 	int family = nfmsg->nfgen_family;
@@ -873,7 +873,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	const struct nft_table *table;
 	struct nft_object *obj;
 	struct sk_buff *skb2;
-@@ -4761,11 +4622,7 @@ static int nf_tables_getobj(struct net *
+@@ -4762,11 +4623,7 @@ static int nf_tables_getobj(struct net *
 	    !nla[NFTA_OBJ_TYPE])
 		return -EINVAL;
 
@@ -886,7 +886,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 				       genmask);
 	if (IS_ERR(table))
 		return PTR_ERR(table);
-@@ -4812,7 +4669,6 @@ static int nf_tables_delobj(struct net *
+@@ -4813,7 +4670,6 @@ static int nf_tables_delobj(struct net *
 	const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
 	u8 genmask = nft_genmask_next(net);
 	int family = nfmsg->nfgen_family;
@@ -894,7 +894,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	struct nft_table *table;
 	struct nft_object *obj;
 	struct nft_ctx ctx;
-@@ -4822,11 +4678,7 @@ static int nf_tables_delobj(struct net *
+@@ -4823,11 +4679,7 @@ static int nf_tables_delobj(struct net *
 	    !nla[NFTA_OBJ_NAME])
 		return -EINVAL;
 
@@ -907,7 +907,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 				       genmask);
 	if (IS_ERR(table))
 		return PTR_ERR(table);
-@@ -4838,7 +4690,7 @@ static int nf_tables_delobj(struct net *
+@@ -4839,7 +4691,7 @@ static int nf_tables_delobj(struct net *
 	if (obj->use > 0)
 		return -EBUSY;
 
@@ -916,7 +916,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 
 	return nft_delobj(&ctx, obj);
 }
-@@ -5023,33 +4875,31 @@ err1:
+@@ -5024,33 +4876,31 @@ err1:
 	return err;
 }
 
@@ -956,7 +956,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 			return ERR_PTR(-EAGAIN);
 	}
 #endif
-@@ -5097,7 +4947,6 @@ static int nf_tables_newflowtable(struct
+@@ -5098,7 +4948,6 @@ static int nf_tables_newflowtable(struct
 	u8 genmask = nft_genmask_next(net);
 	int family = nfmsg->nfgen_family;
 	struct nft_flowtable *flowtable;
@@ -964,7 +964,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	struct nft_table *table;
 	struct nft_ctx ctx;
 	int err, i, k;
-@@ -5107,12 +4956,8 @@ static int nf_tables_newflowtable(struct
+@@ -5108,12 +4957,8 @@ static int nf_tables_newflowtable(struct
 	    !nla[NFTA_FLOWTABLE_HOOK])
 		return -EINVAL;
 
@@ -978,7 +978,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	if (IS_ERR(table))
 		return PTR_ERR(table);
 
-@@ -5129,7 +4974,7 @@ static int nf_tables_newflowtable(struct
+@@ -5130,7 +4975,7 @@ static int nf_tables_newflowtable(struct
 		return 0;
 	}
 
@@ -987,7 +987,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 
 	flowtable = kzalloc(sizeof(*flowtable), GFP_KERNEL);
 	if (!flowtable)
-@@ -5142,7 +4987,7 @@ static int nf_tables_newflowtable(struct
+@@ -5143,7 +4988,7 @@ static int nf_tables_newflowtable(struct
 		goto err1;
 	}
 
@@ -996,7 +996,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	if (IS_ERR(type)) {
 		err = PTR_ERR(type);
 		goto err2;
-@@ -5202,16 +5047,11 @@ static int nf_tables_delflowtable(struct
+@@ -5203,16 +5048,11 @@ static int nf_tables_delflowtable(struct
 	u8 genmask = nft_genmask_next(net);
 	int family = nfmsg->nfgen_family;
 	struct nft_flowtable *flowtable;
@@ -1014,7 +1014,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	if (IS_ERR(table))
 		return PTR_ERR(table);
 
-@@ -5222,7 +5062,7 @@ static int nf_tables_delflowtable(struct
+@@ -5223,7 +5063,7 @@ static int nf_tables_delflowtable(struct
 	if (flowtable->use > 0)
 		return -EBUSY;
 
@@ -1023,7 +1023,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 
 	return nft_delflowtable(&ctx, flowtable);
 }
-@@ -5297,7 +5137,7 @@ static int nf_tables_dump_flowtable(stru
+@@ -5298,7 +5138,7 @@ static int nf_tables_dump_flowtable(stru
 	cb->seq = net->nft.base_seq;
 
 	list_for_each_entry_rcu(table, &net->nft.tables, list) {
@@ -1032,7 +1032,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 			continue;
 
 		list_for_each_entry_rcu(flowtable, &table->flowtables, list) {
-@@ -5316,7 +5156,7 @@ static int nf_tables_dump_flowtable(stru
+@@ -5317,7 +5157,7 @@ static int nf_tables_dump_flowtable(stru
 							  cb->nlh->nlmsg_seq,
 							  NFT_MSG_NEWFLOWTABLE,
 							  NLM_F_MULTI | NLM_F_APPEND,
@@ -1041,7 +1041,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 				goto done;
 
 			nl_dump_check_consistent(cb, nlmsg_hdr(skb));
-@@ -5376,7 +5216,6 @@ static int nf_tables_getflowtable(struct
+@@ -5377,7 +5217,6 @@ static int nf_tables_getflowtable(struct
 	u8 genmask = nft_genmask_cur(net);
 	int family = nfmsg->nfgen_family;
 	struct nft_flowtable *flowtable;
@@ -1049,7 +1049,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	const struct nft_table *table;
 	struct sk_buff *skb2;
 	int err;
-@@ -5402,12 +5241,8 @@ static int nf_tables_getflowtable(struct
+@@ -5403,12 +5242,8 @@ static int nf_tables_getflowtable(struct
 	if (!nla[NFTA_FLOWTABLE_NAME])
 		return -EINVAL;
 
@@ -1063,7 +1063,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	if (IS_ERR(table))
 		return PTR_ERR(table);
 
-@@ -6578,7 +6413,7 @@ int __nft_release_basechain(struct nft_c
+@@ -6579,7 +6414,7 @@ int __nft_release_basechain(struct nft_c
 }
 EXPORT_SYMBOL_GPL(__nft_release_basechain);
 
@@ -1072,7 +1072,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 {
 	struct nft_flowtable *flowtable, *nf;
 	struct nft_table *table, *nt;
-@@ -6591,7 +6426,7 @@ static void __nft_release_afinfo(struct
+@@ -6592,7 +6427,7 @@ static void __nft_release_afinfo(struct
 	};
 
 	list_for_each_entry_safe(table, nt, &net->nft.tables, list) {
@@ -1081,7 +1081,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 
 		list_for_each_entry(chain, &table->chains, list)
 			nf_tables_unregister_hook(net, table, chain);
-@@ -6643,7 +6478,7 @@ static int __net_init nf_tables_init_net
+@@ -6644,7 +6479,7 @@ static int __net_init nf_tables_init_net
 
 static void __net_exit nf_tables_exit_net(struct net *net)
 {
--- a/target/linux/generic/backport-4.14/339-v4.16-netfilter-nft_flow_offload-wait-for-garbage-collecto.patch
+++ b/target/linux/generic/backport-4.14/339-v4.16-netfilter-nft_flow_offload-wait-for-garbage-collecto.patch
@@ -17,7 +17,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

 --- a/net/netfilter/nf_tables_api.c
 +++ b/net/netfilter/nf_tables_api.c
-@@ -4913,13 +4913,13 @@ void nft_flow_table_iterate(struct net *
+@@ -4914,13 +4914,13 @@ void nft_flow_table_iterate(struct net *
 	struct nft_flowtable *flowtable;
 	const struct nft_table *table;
 
--- a/target/linux/generic/backport-4.14/342-v4.16-netfilter-nf_tables-fix-flowtable-free.patch
+++ b/target/linux/generic/backport-4.14/342-v4.16-netfilter-nf_tables-fix-flowtable-free.patch
@@ -118,7 +118,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 };
 --- a/net/netfilter/nf_tables_api.c
 +++ b/net/netfilter/nf_tables_api.c
-@@ -5298,17 +5298,12 @@ err:
+@@ -5299,17 +5299,12 @@ err:
 	nfnetlink_set_err(ctx->net, ctx->portid, NFNLGRP_NFTABLES, -ENOBUFS);
 }
 
--- a/target/linux/generic/backport-4.14/344-v4.16-netfilter-nf_tables-allocate-handle-and-delete-objec.patch
+++ b/target/linux/generic/backport-4.14/344-v4.16-netfilter-nf_tables-allocate-handle-and-delete-objec.patch
@@ -12,7 +12,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

 --- a/include/net/netfilter/nf_tables.h
 +++ b/include/net/netfilter/nf_tables.h
-@@ -370,6 +370,7 @@ void nft_unregister_set(struct nft_set_t
+@@ -372,6 +372,7 @@ void nft_unregister_set(struct nft_set_t
  *	@list: table set list node
  *	@bindings: list of set bindings
  * 	@name: name of the set
@@ -20,7 +20,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  * 	@ktype: key type (numeric type defined by userspace, not used in the kernel)
  * 	@dtype: data type (verdict or numeric type defined by userspace)
  * 	@objtype: object type (see NFT_OBJECT_* definitions)
-@@ -392,6 +393,7 @@ struct nft_set {
+@@ -394,6 +395,7 @@ struct nft_set {
 	struct list_head		list;
 	struct list_head		bindings;
 	char				*name;
@@ -28,7 +28,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	u32				ktype;
 	u32				dtype;
 	u32				objtype;
-@@ -942,6 +944,7 @@ unsigned int nft_do_chain(struct nft_pkt
+@@ -944,6 +946,7 @@ unsigned int nft_do_chain(struct nft_pkt
  *	@objects: stateful objects in the table
  *	@flowtables: flow tables in the table
  *	@hgenerator: handle generator state
@@ -36,7 +36,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  *	@use: number of chain references to this table
  *	@flags: table flag (see enum nft_table_flags)
  *	@genmask: generation mask
-@@ -955,6 +958,7 @@ struct nft_table {
+@@ -957,6 +960,7 @@ struct nft_table {
 	struct list_head		objects;
 	struct list_head		flowtables;
 	u64				hgenerator;
@@ -44,7 +44,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	u32				use;
 	u16				family:6,
 					flags:8,
-@@ -979,9 +983,9 @@ int nft_verdict_dump(struct sk_buff *skb
+@@ -981,9 +985,9 @@ int nft_verdict_dump(struct sk_buff *skb
  *	@name: name of this stateful object
  *	@genmask: generation mask
  *	@use: number of references to this stateful object
@@ -56,7 +56,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  */
 struct nft_object {
 	struct list_head		list;
-@@ -989,6 +993,7 @@ struct nft_object {
+@@ -991,6 +995,7 @@ struct nft_object {
 	struct nft_table		*table;
 	u32				genmask:2,
 					use:30;
@@ -64,7 +64,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	/* runtime data below here */
 	const struct nft_object_ops	*ops ____cacheline_aligned;
 	unsigned char			data[]
-@@ -1070,6 +1075,7 @@ void nft_unregister_obj(struct nft_objec
+@@ -1072,6 +1077,7 @@ void nft_unregister_obj(struct nft_objec
  *	@ops_len: number of hooks in array
  *	@genmask: generation mask
  *	@use: number of references to this flow table
@@ -72,7 +72,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  *	@data: rhashtable and garbage collector
  * 	@ops: array of hooks
  */
-@@ -1082,6 +1088,7 @@ struct nft_flowtable {
+@@ -1084,6 +1090,7 @@ struct nft_flowtable {
 	int				ops_len;
 	u32				genmask:2,
 					use:30;
@@ -307,7 +307,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	if (set->flags != 0)
 		if (nla_put_be32(skb, NFTA_SET_FLAGS, htonl(set->flags)))
 			goto nla_put_failure;
-@@ -3149,6 +3217,7 @@ static int nf_tables_newset(struct net *
+@@ -3150,6 +3218,7 @@ static int nf_tables_newset(struct net *
 	set->udata  = udata;
 	set->timeout = timeout;
 	set->gc_int = gc_int;
@@ -315,7 +315,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 
 	err = ops->init(set, &desc, nla);
 	if (err < 0)
-@@ -3208,7 +3277,10 @@ static int nf_tables_delset(struct net *
+@@ -3209,7 +3278,10 @@ static int nf_tables_delset(struct net *
 	if (err < 0)
 		return err;
 
@@ -327,7 +327,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	if (IS_ERR(set))
 		return PTR_ERR(set);
 
-@@ -4277,6 +4349,21 @@ struct nft_object *nf_tables_obj_lookup(
+@@ -4278,6 +4350,21 @@ struct nft_object *nf_tables_obj_lookup(
 }
 EXPORT_SYMBOL_GPL(nf_tables_obj_lookup);
 
@@ -349,7 +349,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 static const struct nla_policy nft_obj_policy[NFTA_OBJ_MAX + 1] = {
 	[NFTA_OBJ_TABLE]	= { .type = NLA_STRING,
 				    .len = NFT_TABLE_MAXNAMELEN - 1 },
-@@ -4284,6 +4371,7 @@ static const struct nla_policy nft_obj_p
+@@ -4285,6 +4372,7 @@ static const struct nla_policy nft_obj_p
 				    .len = NFT_OBJ_MAXNAMELEN - 1 },
 	[NFTA_OBJ_TYPE]		= { .type = NLA_U32 },
 	[NFTA_OBJ_DATA]		= { .type = NLA_NESTED },
@@ -357,7 +357,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 };
 
 static struct nft_object *nft_obj_init(const struct nft_ctx *ctx,
-@@ -4431,6 +4519,8 @@ static int nf_tables_newobj(struct net *
+@@ -4432,6 +4520,8 @@ static int nf_tables_newobj(struct net *
 		goto err1;
 	}
 	obj->table = table;
@@ -366,7 +366,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	obj->name = nla_strdup(nla[NFTA_OBJ_NAME], GFP_KERNEL);
 	if (!obj->name) {
 		err = -ENOMEM;
-@@ -4477,7 +4567,9 @@ static int nf_tables_fill_obj_info(struc
+@@ -4478,7 +4568,9 @@ static int nf_tables_fill_obj_info(struc
 	    nla_put_string(skb, NFTA_OBJ_NAME, obj->name) ||
 	    nla_put_be32(skb, NFTA_OBJ_TYPE, htonl(obj->ops->type->type)) ||
 	    nla_put_be32(skb, NFTA_OBJ_USE, htonl(obj->use)) ||
@@ -377,7 +377,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		goto nla_put_failure;
 
 	nlmsg_end(skb, nlh);
-@@ -4675,7 +4767,7 @@ static int nf_tables_delobj(struct net *
+@@ -4676,7 +4768,7 @@ static int nf_tables_delobj(struct net *
 	u32 objtype;
 
 	if (!nla[NFTA_OBJ_TYPE] ||
@@ -386,7 +386,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		return -EINVAL;
 
 	table = nf_tables_table_lookup(net, nla[NFTA_OBJ_TABLE], family,
-@@ -4684,7 +4776,12 @@ static int nf_tables_delobj(struct net *
+@@ -4685,7 +4777,12 @@ static int nf_tables_delobj(struct net *
 		return PTR_ERR(table);
 
 	objtype = ntohl(nla_get_be32(nla[NFTA_OBJ_TYPE]));
@@ -400,7 +400,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	if (IS_ERR(obj))
 		return PTR_ERR(obj);
 	if (obj->use > 0)
-@@ -4756,6 +4853,7 @@ static const struct nla_policy nft_flowt
+@@ -4757,6 +4854,7 @@ static const struct nla_policy nft_flowt
 	[NFTA_FLOWTABLE_NAME]		= { .type = NLA_STRING,
 					    .len = NFT_NAME_MAXLEN - 1 },
 	[NFTA_FLOWTABLE_HOOK]		= { .type = NLA_NESTED },
@@ -408,7 +408,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 };
 
 struct nft_flowtable *nf_tables_flowtable_lookup(const struct nft_table *table,
-@@ -4773,6 +4871,20 @@ struct nft_flowtable *nf_tables_flowtabl
+@@ -4774,6 +4872,20 @@ struct nft_flowtable *nf_tables_flowtabl
 }
 EXPORT_SYMBOL_GPL(nf_tables_flowtable_lookup);
 
@@ -429,7 +429,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 #define NFT_FLOWTABLE_DEVICE_MAX	8
 
 static int nf_tables_parse_devices(const struct nft_ctx *ctx,
-@@ -4981,6 +5093,8 @@ static int nf_tables_newflowtable(struct
+@@ -4982,6 +5094,8 @@ static int nf_tables_newflowtable(struct
 		return -ENOMEM;
 
 	flowtable->table = table;
@@ -438,7 +438,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	flowtable->name = nla_strdup(nla[NFTA_FLOWTABLE_NAME], GFP_KERNEL);
 	if (!flowtable->name) {
 		err = -ENOMEM;
-@@ -5055,8 +5169,14 @@ static int nf_tables_delflowtable(struct
+@@ -5056,8 +5170,14 @@ static int nf_tables_delflowtable(struct
 	if (IS_ERR(table))
 		return PTR_ERR(table);
 
@@ -455,7 +455,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	if (IS_ERR(flowtable))
                 return PTR_ERR(flowtable);
 	if (flowtable->use > 0)
-@@ -5089,7 +5209,9 @@ static int nf_tables_fill_flowtable_info
+@@ -5090,7 +5210,9 @@ static int nf_tables_fill_flowtable_info
 
 	if (nla_put_string(skb, NFTA_FLOWTABLE_TABLE, flowtable->table->name) ||
 	    nla_put_string(skb, NFTA_FLOWTABLE_NAME, flowtable->name) ||
--- a/target/linux/generic/backport-4.14/357-v4.18-netfilter-nf_flow_table-move-init-code-to-nf_flow_ta.patch
+++ b/target/linux/generic/backport-4.14/357-v4.18-netfilter-nf_flow_table-move-init-code-to-nf_flow_ta.patch
@@ -236,7 +236,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 	.owner		= THIS_MODULE,
 --- a/net/netfilter/nf_tables_api.c
 +++ b/net/netfilter/nf_tables_api.c
-@@ -5108,40 +5108,38 @@ static int nf_tables_newflowtable(struct
+@@ -5109,40 +5109,38 @@ static int nf_tables_newflowtable(struct
 	}
 
 	flowtable->data.type = type;
@@ -285,7 +285,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 err3:
 	module_put(type->owner);
 err2:
-@@ -5422,10 +5420,8 @@ err:
+@@ -5423,10 +5421,8 @@ err:
 
 static void nf_tables_flowtable_destroy(struct nft_flowtable *flowtable)
 {
--- a/target/linux/generic/backport-4.14/358-v4.18-netfilter-nf_flow_table-fix-priv-pointer-for-netdev-.patch
+++ b/target/linux/generic/backport-4.14/358-v4.18-netfilter-nf_flow_table-fix-priv-pointer-for-netdev-.patch
@@ -11,7 +11,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>

 --- a/net/netfilter/nf_tables_api.c
 +++ b/net/netfilter/nf_tables_api.c
-@@ -4974,7 +4974,7 @@ static int nf_tables_flowtable_parse_hoo
+@@ -4975,7 +4975,7 @@ static int nf_tables_flowtable_parse_hoo
 		flowtable->ops[i].pf		= NFPROTO_NETDEV;
 		flowtable->ops[i].hooknum	= hooknum;
 		flowtable->ops[i].priority	= priority;
--- a/target/linux/generic/backport-4.14/359-v4.18-netfilter-nf_flow_table-track-flow-tables-in-nf_flow.patch
+++ b/target/linux/generic/backport-4.14/359-v4.18-netfilter-nf_flow_table-track-flow-tables-in-nf_flow.patch
@@ -21,7 +21,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 	struct delayed_work		gc_work;
 --- a/include/net/netfilter/nf_tables.h
 +++ b/include/net/netfilter/nf_tables.h
-@@ -1097,9 +1097,6 @@ struct nft_flowtable {
+@@ -1099,9 +1099,6 @@ struct nft_flowtable {
 struct nft_flowtable *nf_tables_flowtable_lookup(const struct nft_table *table,
 						 const struct nlattr *nla,
 						 u8 genmask);
@@ -88,7 +88,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 	WARN_ON(!nf_flow_offload_gc_step(flow_table));
 --- a/net/netfilter/nf_tables_api.c
 +++ b/net/netfilter/nf_tables_api.c
-@@ -5018,23 +5018,6 @@ static const struct nf_flowtable_type *n
+@@ -5019,23 +5019,6 @@ static const struct nf_flowtable_type *n
 	return ERR_PTR(-ENOENT);
 }
 
--- a/target/linux/generic/hack-4.14/998-usb-serial-option-add-u9300.patch
+++ b/target/linux/generic/hack-4.14/998-usb-serial-option-add-u9300.patch
@@ -1,6 +1,6 @@
 --- a/drivers/net/usb/qmi_wwan.c
 +++ b/drivers/net/usb/qmi_wwan.c
-@@ -1292,6 +1292,7 @@ static const struct usb_device_id produc
+@@ -1294,6 +1294,7 @@ static const struct usb_device_id produc
 	{QMI_FIXED_INTF(0x03f0, 0x9d1d, 1)},	/* HP lt4120 Snapdragon X5 LTE */
 	{QMI_FIXED_INTF(0x22de, 0x9061, 3)},	/* WeTelecom WPD-600N */
 	{QMI_QUIRK_SET_DTR(0x1e0e, 0x9001, 5)},	/* SIMCom 7100E, 7230E, 7600E ++ */
--- a/target/linux/generic/hack-4.19/998-usb-serial-option-add-u9300.patch
+++ b/target/linux/generic/hack-4.19/998-usb-serial-option-add-u9300.patch
@@ -1,6 +1,6 @@
 --- a/drivers/net/usb/qmi_wwan.c
 +++ b/drivers/net/usb/qmi_wwan.c
-@@ -1303,6 +1303,7 @@ static const struct usb_device_id produc
+@@ -1305,6 +1305,7 @@ static const struct usb_device_id produc
 	{QMI_FIXED_INTF(0x03f0, 0x9d1d, 1)},	/* HP lt4120 Snapdragon X5 LTE */
 	{QMI_FIXED_INTF(0x22de, 0x9061, 3)},	/* WeTelecom WPD-600N */
 	{QMI_QUIRK_SET_DTR(0x1e0e, 0x9001, 5)},	/* SIMCom 7100E, 7230E, 7600E ++ */
--- a/target/linux/generic/pending-4.14/640-netfilter-nf_flow_table-add-hardware-offload-support.patch
+++ b/target/linux/generic/pending-4.14/640-netfilter-nf_flow_table-add-hardware-offload-support.patch
@@ -506,7 +506,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 +MODULE_ALIAS("nf-flow-table-hw");
 --- a/net/netfilter/nf_tables_api.c
 +++ b/net/netfilter/nf_tables_api.c
-@@ -4961,6 +4961,14 @@ static int nf_tables_flowtable_parse_hoo
+@@ -4962,6 +4962,14 @@ static int nf_tables_flowtable_parse_hoo
 	if (err < 0)
 		goto err1;
 
@@ -521,7 +521,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	ops = kzalloc(sizeof(struct nf_hook_ops) * n, GFP_KERNEL);
 	if (!ops) {
 		err = -ENOMEM;
-@@ -5091,10 +5099,19 @@ static int nf_tables_newflowtable(struct
+@@ -5092,10 +5100,19 @@ static int nf_tables_newflowtable(struct
 	}
 
 	flowtable->data.type = type;
@@ -541,7 +541,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	err = nf_tables_flowtable_parse_hook(&ctx, nla[NFTA_FLOWTABLE_HOOK],
 					     flowtable);
 	if (err < 0)
-@@ -5192,7 +5209,8 @@ static int nf_tables_fill_flowtable_info
+@@ -5193,7 +5210,8 @@ static int nf_tables_fill_flowtable_info
 	    nla_put_string(skb, NFTA_FLOWTABLE_NAME, flowtable->name) ||
 	    nla_put_be32(skb, NFTA_FLOWTABLE_USE, htonl(flowtable->use)) ||
 	    nla_put_be64(skb, NFTA_FLOWTABLE_HANDLE, cpu_to_be64(flowtable->handle),
--- a/target/linux/generic/pending-4.14/680-NET-skip-GRO-for-foreign-MAC-addresses.patch
+++ b/target/linux/generic/pending-4.14/680-NET-skip-GRO-for-foreign-MAC-addresses.patch
@@ -42,7 +42,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 	if (netif_elide_gro(skb->dev))
 		goto normal;
 
-@@ -6289,6 +6292,48 @@ static void __netdev_adjacent_dev_unlink
+@@ -6290,6 +6293,48 @@ static void __netdev_adjacent_dev_unlink
 					   &upper_dev->adj_list.lower);
 }
 
@@ -91,7 +91,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 static int __netdev_upper_dev_link(struct net_device *dev,
 				   struct net_device *upper_dev, bool master,
 				   void *upper_priv, void *upper_info)
-@@ -6327,6 +6372,7 @@ static int __netdev_upper_dev_link(struc
+@@ -6328,6 +6373,7 @@ static int __netdev_upper_dev_link(struc
 	if (ret)
 		return ret;
 
@@ -99,7 +99,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 	ret = call_netdevice_notifiers_info(NETDEV_CHANGEUPPER, dev,
 					    &changeupper_info.info);
 	ret = notifier_to_errno(ret);
-@@ -6404,6 +6450,7 @@ void netdev_upper_dev_unlink(struct net_
+@@ -6405,6 +6451,7 @@ void netdev_upper_dev_unlink(struct net_
 
 	__netdev_adjacent_dev_unlink_neighbour(dev, upper_dev);
 
@@ -107,7 +107,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 	call_netdevice_notifiers_info(NETDEV_CHANGEUPPER, dev,
 				      &changeupper_info.info);
 }
-@@ -6968,6 +7015,7 @@ int dev_set_mac_address(struct net_devic
+@@ -6969,6 +7016,7 @@ int dev_set_mac_address(struct net_devic
 	if (err)
 		return err;
 	dev->addr_assign_type = NET_ADDR_SET;
--- a/target/linux/generic/pending-4.14/690-net-add-support-for-threaded-NAPI-polling.patch
+++ b/target/linux/generic/pending-4.14/690-net-add-support-for-threaded-NAPI-polling.patch
@@ -194,15 +194,15 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 void netif_napi_add(struct net_device *dev, struct napi_struct *napi,
 		    int (*poll)(struct napi_struct *, int), int weight)
 {
-@@ -5550,6 +5637,7 @@ void netif_napi_add(struct net_device *d
+@@ -5549,6 +5636,7 @@ void netif_napi_add(struct net_device *d
 #ifdef CONFIG_NETPOLL
 	napi->poll_owner = -1;
 #endif
 +	INIT_WORK(&napi->work, napi_workfn);
 	set_bit(NAPI_STATE_SCHED, &napi->state);
- 	napi_hash_add(napi);
- }
-@@ -5575,6 +5663,7 @@ EXPORT_SYMBOL(napi_disable);
+ 	set_bit(NAPI_STATE_NPSVC, &napi->state);
+ 	list_add_rcu(&napi->dev_list, &dev->napi_list);
+@@ -5576,6 +5664,7 @@ EXPORT_SYMBOL(napi_disable);
 void netif_napi_del(struct napi_struct *napi)
 {
 	might_sleep();
@@ -210,7 +210,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 	if (napi_hash_del(napi))
 		synchronize_net();
 	list_del_init(&napi->dev_list);
-@@ -5588,49 +5677,19 @@ EXPORT_SYMBOL(netif_napi_del);
+@@ -5589,49 +5678,19 @@ EXPORT_SYMBOL(netif_napi_del);
 
 static int napi_poll(struct napi_struct *n, struct list_head *repoll)
 {
@@ -264,7 +264,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 	/* Some drivers may have called napi_schedule
 	 * prior to exhausting their budget.
 	 */
-@@ -8865,6 +8924,10 @@ static int __init net_dev_init(void)
+@@ -8866,6 +8925,10 @@ static int __init net_dev_init(void)
 		sd->backlog.weight = weight_p;
 	}
 
--- a/target/linux/generic/pending-4.14/834-ledtrig-libata.patch
+++ b/target/linux/generic/pending-4.14/834-ledtrig-libata.patch
@@ -65,7 +65,7 @@ Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 /**
  *	ata_build_rw_tf - Build ATA taskfile for given read/write request
  *	@tf: Target ATA taskfile
-@@ -5123,6 +5136,9 @@ struct ata_queued_cmd *ata_qc_new_init(s
+@@ -5122,6 +5135,9 @@ struct ata_queued_cmd *ata_qc_new_init(s
 		if (tag < 0)
 			return NULL;
 	}
@@ -75,7 +75,7 @@ Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 
 	qc = __ata_qc_from_tag(ap, tag);
 	qc->tag = tag;
-@@ -6024,6 +6040,9 @@ struct ata_port *ata_port_alloc(struct a
+@@ -6023,6 +6039,9 @@ struct ata_port *ata_port_alloc(struct a
 	ap->stats.unhandled_irq = 1;
 	ap->stats.idle_irq = 1;
 #endif
@@ -85,7 +85,7 @@ Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 	ata_sff_port_init(ap);
 
 	return ap;
-@@ -6045,6 +6064,12 @@ static void ata_host_release(struct devi
+@@ -6044,6 +6063,12 @@ static void ata_host_release(struct devi
 
 		kfree(ap->pmp_link);
 		kfree(ap->slave_link);
@@ -98,7 +98,7 @@ Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 		kfree(ap);
 		host->ports[i] = NULL;
 	}
-@@ -6491,7 +6516,23 @@ int ata_host_register(struct ata_host *h
+@@ -6490,7 +6515,23 @@ int ata_host_register(struct ata_host *h
 		host->ports[i]->print_id = atomic_inc_return(&ata_print_id);
 		host->ports[i]->local_port_no = i + 1;
 	}
@@ -134,7 +134,7 @@ Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 
 /*
  * Define if arch has non-standard setup.  This is a _PCI_ standard
-@@ -893,6 +896,12 @@ struct ata_port {
+@@ -894,6 +897,12 @@ struct ata_port {
 #ifdef CONFIG_ATA_ACPI
 	struct ata_acpi_gtm	__acpi_init_gtm; /* use ata_acpi_init_gtm() */
 #endif
--- a/target/linux/generic/pending-4.19/640-netfilter-nf_flow_table-add-hardware-offload-support.patch
+++ b/target/linux/generic/pending-4.19/640-netfilter-nf_flow_table-add-hardware-offload-support.patch
@@ -506,7 +506,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 +MODULE_ALIAS("nf-flow-table-hw");
 --- a/net/netfilter/nf_tables_api.c
 +++ b/net/netfilter/nf_tables_api.c
-@@ -5503,6 +5503,13 @@ static int nf_tables_flowtable_parse_hoo
+@@ -5499,6 +5499,13 @@ static int nf_tables_flowtable_parse_hoo
 	if (err < 0)
 		return err;
 
@@ -520,7 +520,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	ops = kcalloc(n, sizeof(struct nf_hook_ops), GFP_KERNEL);
 	if (!ops)
 		return -ENOMEM;
-@@ -5634,10 +5641,19 @@ static int nf_tables_newflowtable(struct
+@@ -5630,10 +5637,19 @@ static int nf_tables_newflowtable(struct
 	}
 
 	flowtable->data.type = type;
@@ -540,7 +540,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 	err = nf_tables_flowtable_parse_hook(&ctx, nla[NFTA_FLOWTABLE_HOOK],
 					     flowtable);
 	if (err < 0)
-@@ -5763,7 +5779,8 @@ static int nf_tables_fill_flowtable_info
+@@ -5759,7 +5775,8 @@ static int nf_tables_fill_flowtable_info
 	    nla_put_string(skb, NFTA_FLOWTABLE_NAME, flowtable->name) ||
 	    nla_put_be32(skb, NFTA_FLOWTABLE_USE, htonl(flowtable->use)) ||
 	    nla_put_be64(skb, NFTA_FLOWTABLE_HANDLE, cpu_to_be64(flowtable->handle),
--- a/target/linux/generic/pending-4.19/680-NET-skip-GRO-for-foreign-MAC-addresses.patch
+++ b/target/linux/generic/pending-4.19/680-NET-skip-GRO-for-foreign-MAC-addresses.patch
@@ -42,7 +42,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 	if (netif_elide_gro(skb->dev))
 		goto normal;
 
-@@ -7129,6 +7132,48 @@ static void __netdev_adjacent_dev_unlink
+@@ -7130,6 +7133,48 @@ static void __netdev_adjacent_dev_unlink
 					   &upper_dev->adj_list.lower);
 }
 
@@ -91,7 +91,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 static int __netdev_upper_dev_link(struct net_device *dev,
 				   struct net_device *upper_dev, bool master,
 				   void *upper_priv, void *upper_info,
-@@ -7179,6 +7224,7 @@ static int __netdev_upper_dev_link(struc
+@@ -7180,6 +7225,7 @@ static int __netdev_upper_dev_link(struc
 	if (ret)
 		return ret;
 
@@ -99,7 +99,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 	ret = call_netdevice_notifiers_info(NETDEV_CHANGEUPPER,
 					    &changeupper_info.info);
 	ret = notifier_to_errno(ret);
-@@ -7271,6 +7317,7 @@ void netdev_upper_dev_unlink(struct net_
+@@ -7272,6 +7318,7 @@ void netdev_upper_dev_unlink(struct net_
 
 	__netdev_adjacent_dev_unlink_neighbour(dev, upper_dev);
 
@@ -107,7 +107,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 	call_netdevice_notifiers_info(NETDEV_CHANGEUPPER,
 				      &changeupper_info.info);
 
-@@ -7910,6 +7957,7 @@ int dev_set_mac_address(struct net_devic
+@@ -7911,6 +7958,7 @@ int dev_set_mac_address(struct net_devic
 	if (err)
 		return err;
 	dev->addr_assign_type = NET_ADDR_SET;
--- a/target/linux/generic/pending-4.19/690-net-add-support-for-threaded-NAPI-polling.patch
+++ b/target/linux/generic/pending-4.19/690-net-add-support-for-threaded-NAPI-polling.patch
@@ -194,15 +194,15 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 void netif_napi_add(struct net_device *dev, struct napi_struct *napi,
 		    int (*poll)(struct napi_struct *, int), int weight)
 {
-@@ -6214,6 +6301,7 @@ void netif_napi_add(struct net_device *d
+@@ -6213,6 +6300,7 @@ void netif_napi_add(struct net_device *d
 #ifdef CONFIG_NETPOLL
 	napi->poll_owner = -1;
 #endif
 +	INIT_WORK(&napi->work, napi_workfn);
 	set_bit(NAPI_STATE_SCHED, &napi->state);
- 	napi_hash_add(napi);
- }
-@@ -6252,6 +6340,7 @@ static void flush_gro_hash(struct napi_s
+ 	set_bit(NAPI_STATE_NPSVC, &napi->state);
+ 	list_add_rcu(&napi->dev_list, &dev->napi_list);
+@@ -6253,6 +6341,7 @@ static void flush_gro_hash(struct napi_s
 void netif_napi_del(struct napi_struct *napi)
 {
 	might_sleep();
@@ -210,7 +210,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 	if (napi_hash_del(napi))
 		synchronize_net();
 	list_del_init(&napi->dev_list);
-@@ -6264,49 +6353,19 @@ EXPORT_SYMBOL(netif_napi_del);
+@@ -6265,49 +6354,19 @@ EXPORT_SYMBOL(netif_napi_del);
 
 static int napi_poll(struct napi_struct *n, struct list_head *repoll)
 {
@@ -264,7 +264,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 	/* Some drivers may have called napi_schedule
 	 * prior to exhausting their budget.
 	 */
-@@ -9905,6 +9964,10 @@ static int __init net_dev_init(void)
+@@ -9906,6 +9965,10 @@ static int __init net_dev_init(void)
 		sd->backlog.weight = weight_p;
 	}
 
--- a/target/linux/generic/pending-4.19/834-ledtrig-libata.patch
+++ b/target/linux/generic/pending-4.19/834-ledtrig-libata.patch
@@ -65,7 +65,7 @@ Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 /**
  *	ata_build_rw_tf - Build ATA taskfile for given read/write request
  *	@tf: Target ATA taskfile
-@@ -5133,6 +5146,9 @@ struct ata_queued_cmd *ata_qc_new_init(s
+@@ -5132,6 +5145,9 @@ struct ata_queued_cmd *ata_qc_new_init(s
 		if (tag < 0)
 			return NULL;
 	}
@@ -75,7 +75,7 @@ Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 
 	qc = __ata_qc_from_tag(ap, tag);
 	qc->tag = qc->hw_tag = tag;
-@@ -6067,6 +6083,9 @@ struct ata_port *ata_port_alloc(struct a
+@@ -6066,6 +6082,9 @@ struct ata_port *ata_port_alloc(struct a
 	ap->stats.unhandled_irq = 1;
 	ap->stats.idle_irq = 1;
 #endif
@@ -85,7 +85,7 @@ Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 	ata_sff_port_init(ap);
 
 	return ap;
-@@ -6102,6 +6121,12 @@ static void ata_host_release(struct kref
+@@ -6101,6 +6120,12 @@ static void ata_host_release(struct kref
 
 		kfree(ap->pmp_link);
 		kfree(ap->slave_link);
@@ -98,7 +98,7 @@ Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 		kfree(ap);
 		host->ports[i] = NULL;
 	}
-@@ -6565,7 +6590,23 @@ int ata_host_register(struct ata_host *h
+@@ -6564,7 +6589,23 @@ int ata_host_register(struct ata_host *h
 		host->ports[i]->print_id = atomic_inc_return(&ata_print_id);
 		host->ports[i]->local_port_no = i + 1;
 	}
@@ -134,7 +134,7 @@ Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 
 /*
  * Define if arch has non-standard setup.  This is a _PCI_ standard
-@@ -896,6 +899,12 @@ struct ata_port {
+@@ -897,6 +900,12 @@ struct ata_port {
 #ifdef CONFIG_ATA_ACPI
 	struct ata_acpi_gtm	__acpi_init_gtm; /* use ata_acpi_init_gtm() */
 #endif
--- a/target/linux/oxnas/patches-4.14/999-libata-hacks.patch
+++ b/target/linux/oxnas/patches-4.14/999-libata-hacks.patch
@@ -15,7 +15,7 @@
 	/* initialize internal qc */
 
 	/* XXX: Tag 0 is used for drivers with legacy EH as some
-@@ -5130,6 +5138,9 @@ struct ata_queued_cmd *ata_qc_new_init(s
+@@ -5129,6 +5137,9 @@ struct ata_queued_cmd *ata_qc_new_init(s
 	if (unlikely(ap->pflags & ATA_PFLAG_FROZEN))
 		return NULL;
 
@@ -25,7 +25,7 @@
 	/* libsas case */
 	if (ap->flags & ATA_FLAG_SAS_HOST) {
 		tag = ata_sas_allocate_tag(ap);
-@@ -5175,6 +5186,8 @@ void ata_qc_free(struct ata_queued_cmd *
+@@ -5174,6 +5185,8 @@ void ata_qc_free(struct ata_queued_cmd *
 		qc->tag = ATA_TAG_POISON;
 		if (ap->flags & ATA_FLAG_SAS_HOST)
 			ata_sas_free_tag(tag, ap);
@@ -36,7 +36,7 @@
 
 --- a/include/linux/libata.h
 +++ b/include/linux/libata.h
-@@ -922,6 +922,8 @@ struct ata_port_operations {
+@@ -923,6 +923,8 @@ struct ata_port_operations {
 	void (*qc_prep)(struct ata_queued_cmd *qc);
 	unsigned int (*qc_issue)(struct ata_queued_cmd *qc);
 	bool (*qc_fill_rtf)(struct ata_queued_cmd *qc);
@@ -45,7 +45,7 @@
 
 	/*
 	 * Configuration and exception handling
-@@ -1012,6 +1014,9 @@ struct ata_port_operations {
+@@ -1013,6 +1015,9 @@ struct ata_port_operations {
 	void (*phy_reset)(struct ata_port *ap);
 	void (*eng_timeout)(struct ata_port *ap);