Nanako/openwrt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Nanako:v19.07.4
Branches Tags
Nanako:main Nanako:openwrt-24.10 Nanako:openwrt-23.05 Nanako:master Nanako:openwrt-22.03 Nanako:openwrt-21.02 Nanako:openwrt-19.07 Nanako:openwrt-18.06 Nanako:lede-17.01
Nanako:v24.10.0 Nanako:v24.10.0-rc7 Nanako:v24.10.0-rc6 Nanako:v24.10.0-rc5 Nanako:v24.10.0-rc4 Nanako:v24.10.0-rc3 Nanako:v24.10.0-rc2 Nanako:v24.10.0-rc1 Nanako:v23.05.5 Nanako:v22.03.7 Nanako:v23.05.4 Nanako:v23.05.3 Nanako:v22.03.6 Nanako:v23.05.2 Nanako:v23.05.1 Nanako:v23.05.0 Nanako:v23.05.0-rc4 Nanako:v23.05.0-rc3 Nanako:v23.05.0-rc2 Nanako:v23.05.0-rc1 Nanako:v21.02.7 Nanako:v22.03.5 Nanako:v21.02.6 Nanako:v22.03.4 Nanako:v22.03.3 Nanako:v21.02.5 Nanako:v22.03.2 Nanako:v22.03.1 Nanako:v21.02.4 Nanako:v22.03.0 Nanako:v22.03.0-rc6 Nanako:v22.03.0-rc5 Nanako:v22.03.0-rc4 Nanako:v22.03.0-rc3 Nanako:v22.03.0-rc2 Nanako:v22.03.0-rc1 Nanako:v21.02.3 Nanako:v19.07.10 Nanako:v19.07.9 Nanako:v21.02.2 Nanako:v21.02.1 Nanako:v21.02.0 Nanako:v21.02.0-rc4 Nanako:v19.07.8 Nanako:v21.02.0-rc3 Nanako:v21.02.0-rc2 Nanako:v21.02.0-rc1 Nanako:v19.07.7 Nanako:v19.07.6 Nanako:v19.07.5 Nanako:v18.06.9 Nanako:v19.07.4 Nanako:v19.07.3 Nanako:v19.07.2 Nanako:v18.06.8 Nanako:v18.06.7 Nanako:v19.07.1 Nanako:v19.07.0 Nanako:v18.06.6 Nanako:v19.07.0-rc2 Nanako:v18.06.5 Nanako:v19.07.0-rc1 Nanako:v18.06.4 Nanako:v18.06.3 Nanako:v17.01.7 Nanako:v18.06.2 Nanako:v17.01.6 Nanako:v18.06.1 Nanako:v18.06.0 Nanako:v17.01.5 Nanako:v18.06.0-rc2 Nanako:v18.06.0-rc1 Nanako:v17.01.4 Nanako:v17.01.3 Nanako:v17.01.2 Nanako:v17.01.1 Nanako:v17.01.0 Nanako:v17.01.0-rc2 Nanako:v17.01.0-rc1 Nanako:reboot
...
compare: Nanako:v19.07.5
Branches Tags
Nanako:openwrt-24.10 Nanako:openwrt-23.05 Nanako:main Nanako:master Nanako:openwrt-22.03 Nanako:openwrt-21.02 Nanako:openwrt-19.07 Nanako:openwrt-18.06 Nanako:lede-17.01
Nanako:v24.10.0 Nanako:v24.10.0-rc7 Nanako:v24.10.0-rc6 Nanako:v24.10.0-rc5 Nanako:v24.10.0-rc4 Nanako:v24.10.0-rc3 Nanako:v24.10.0-rc2 Nanako:v24.10.0-rc1 Nanako:v23.05.5 Nanako:v22.03.7 Nanako:v23.05.4 Nanako:v23.05.3 Nanako:v22.03.6 Nanako:v23.05.2 Nanako:v23.05.1 Nanako:v23.05.0 Nanako:v23.05.0-rc4 Nanako:v23.05.0-rc3 Nanako:v23.05.0-rc2 Nanako:v23.05.0-rc1 Nanako:v21.02.7 Nanako:v22.03.5 Nanako:v21.02.6 Nanako:v22.03.4 Nanako:v22.03.3 Nanako:v21.02.5 Nanako:v22.03.2 Nanako:v22.03.1 Nanako:v21.02.4 Nanako:v22.03.0 Nanako:v22.03.0-rc6 Nanako:v22.03.0-rc5 Nanako:v22.03.0-rc4 Nanako:v22.03.0-rc3 Nanako:v22.03.0-rc2 Nanako:v22.03.0-rc1 Nanako:v21.02.3 Nanako:v19.07.10 Nanako:v19.07.9 Nanako:v21.02.2 Nanako:v21.02.1 Nanako:v21.02.0 Nanako:v21.02.0-rc4 Nanako:v19.07.8 Nanako:v21.02.0-rc3 Nanako:v21.02.0-rc2 Nanako:v21.02.0-rc1 Nanako:v19.07.7 Nanako:v19.07.6 Nanako:v19.07.5 Nanako:v18.06.9 Nanako:v19.07.4 Nanako:v19.07.3 Nanako:v19.07.2 Nanako:v18.06.8 Nanako:v18.06.7 Nanako:v19.07.1 Nanako:v19.07.0 Nanako:v18.06.6 Nanako:v19.07.0-rc2 Nanako:v18.06.5 Nanako:v19.07.0-rc1 Nanako:v18.06.4 Nanako:v18.06.3 Nanako:v17.01.7 Nanako:v18.06.2 Nanako:v17.01.6 Nanako:v18.06.1 Nanako:v18.06.0 Nanako:v17.01.5 Nanako:v18.06.0-rc2 Nanako:v18.06.0-rc1 Nanako:v17.01.4 Nanako:v17.01.3 Nanako:v17.01.2 Nanako:v17.01.1 Nanako:v17.01.0 Nanako:v17.01.0-rc2 Nanako:v17.01.0-rc1 Nanako:reboot

49 Commits
v19.07.4 ... v19.07.5

Author SHA1 Message Date
Hauke Mehrtens
c37eb9a9f9 OpenWrt v19.07.5: adjust config defaults 
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
 2020-12-07 00:51:00 +01:00
Andre Heider
5090152ae3 tools: always create $STAGING_DIR/usr/{include,lib} 
rules.mk always passes these as -I/-L to the toolchain.

Fixes rare errors like:
cc1: error: staging_dir/target-aarch64_cortex-a53_musl/usr/include: No such file or directory [-Werror=missing-include-dirs]

Signed-off-by: Andre Heider <a.heider@gmail.com>
Acked-by: Paul Spooren <mail@aparcar.org>
Acked-by: Rosen Penev <rosenp@gmail.com>
[fixed merge conflict]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit b0cb305236)
 2020-12-06 08:31:03 +01:00
Petr Štetiar
d830403133 toolchain: kernel-headers: kernel Git tree mirror hash 
Allow setting of mirror hash for Git kernel tree.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 796d51834c)
 2020-12-05 20:50:19 +01:00
Petr Štetiar
8c2bb1d9b6 toolchain: kernel-headers: fix check target for kernel Git tree 
Currently the check target fails if the kernel Git tree is used:

 $ make toolchain/kernel-headers/{download,check}

  make[2]: Entering directory 'toolchain/kernel-headers'
  Makefile:105: *** ERROR: Unknown pack format for file openwrt/tmp/dl/.  Stop.
  make[2]: Leaving directory 'toolchain/kernel-headers'
  toolchain/Makefile💯 recipe for target 'toolchain/kernel-headers/check' failed

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit bb7ba6b6a8)
 2020-12-05 20:50:19 +01:00
Petr Štetiar
a47caacaf3 download.pl: properly cleanup intermediate .hash file 
It seems like after a build the /dl dir seems to now contain a .hash
file for each source file due to inproper cleanup so fix it by removing
those intermediate files before leaving the download action.

Fixes: 4e19cbc553 ("download: handle possibly invalid local tarballs")
Reported-by: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 52a5d0d27f)
 2020-12-05 20:50:19 +01:00
Petr Štetiar
605adb1023 download: handle possibly invalid local tarballs 
Currently it's assumed, that already downloaded tarballs are always
fine, so no checksum checking is performed and the tarball is used even
if it might be corrupted.

From now on, we're going to always check the downloaded tarballs before
considering them valid.

Steps to reproduce:

 1. Remove cached tarball

   rm dl/libubox-2020-08-06-9e52171d.tar.xz

 2. Download valid tarball again

   make package/libubox/download

 3. Invalidate the tarball

   sed -i 's/PKG_MIRROR_HASH:=../PKG_MIRROR_HASH:=ff/' package/libs/libubox/Makefile

 4. Now compile with corrupt tarball source

   make package/libubox/{clean,compile}

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 4e19cbc553)
 2020-12-05 20:50:19 +01:00
Petr Štetiar
5abe989475 cmake.mk,rules.mk: fix host builds using CMake and ccache 
Commit f98878e4c1 ("cmake.mk: set C/CXX compiler for host builds as
well") has introduced regression as it didn't taken usage of ccache into
the account so fix it by handling ccache use cases as well.

In order to get this working we need to export HOSTCXX_NOCACHE in
rules.mk as well.

Fixes: f98878e4c1 ("cmake.mk: set C/CXX compiler for host builds as well")
Reported-by: Ansuel Smith <ansuelsmth@gmail.com>
Tested-by: Ansuel Smith <ansuelsmth@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 524fb5646e)
 2020-12-05 20:50:19 +01:00
Rosen Penev
77734ce82a cmake.mk: set C/CXX compiler for host builds as well 
Without this, cmake will use whatever CC/CXX is set to, which could be
clang. In that case, at least libjson-c/host will fail to compile.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit f98878e4c1)
 2020-12-05 20:50:19 +01:00
Klaus Kudielka
ebe8cc2b2a mvebu: fixup Turris Omnia U-Boot environment 
Fixup dfa357a3de "mvebu: base-files: Update Turris Omnia U-Boot
environment" which should have included this file as well.

By rebasing the initial patch this file somehow disappeared.

Signed-off-by: Klaus Kudielka <klaus.kudielka@gmail.com>
Reviewed-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
Tested-by: W. Michael Petullo <mike@flyn.org> (Turris Omnia "2020")
Tested-by: Klaus Kudielka <klaus.kudielka@gmail.com> (Turris Omnia)
[explain fixup in commit message]
Signed-off-by: Paul Spooren <mail@aparcar.org>
(backported from commit 485ce5bbe5)
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
 2020-12-04 17:57:25 +01:00
Klaus Kudielka
f10332c292 mvebu: base-files: Update Turris Omnia U-Boot environment 
Move the update procedure from sysupgrade to first boot, which is much
more convenient in the sysupgrade case (otherwise the environment is
always one generation behind).

Check whether we have an old U-Boot release installed, and update the
environment only if necessary.

Some notes on the U-Boot environment:

The first 9 lines are a copy of the default environment of the old U-Boot
release - only modified, to run "distro_bootcmd", in case "mmcboot" fails
to boot the factory OS.

The remaining 16 lines are a backport of the default environment of the
new U-Boot release (shipped with CZ11NIC23). The main entry point is
"distro_bootcmd", which eventually sources boot.scr. This way, we have
a unified boot protocol for all Turris Omnia revisions so far.

This commit also fixes a shortcoming of previous Turris Omnia support:

Users may install OpenWrt with the Turris Omnia in factory state
(i.e. invalid environment store). In that case, neither fw_setenv, nor
U-Boot itself, would import the default environment from the image -
screwing up the rescue system, at least!

Signed-off-by: Klaus Kudielka <klaus.kudielka@gmail.com>
Reviewed-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
Tested-by: W. Michael Petullo <mike@flyn.org> (Turris Omnia "2020")
Tested-by: Klaus Kudielka <klaus.kudielka@gmail.com> (Turris Omnia)
(cherry picked from commit dfa357a3de)
 2020-12-04 17:57:25 +01:00
Klaus Kudielka
ca1ee39854 mvebu: Add turris-omnia.bootscript 
In contrast to the U-Boot version shipped with older versions of Turris
Omnia (CZ11NIC13, CZ11NIC20), the version shipped with Turris Omnia 2019
(CZ11NIC23) relies on the existence of /boot.scr.

Consequently, add a suitable boot script to the sysupgrade image.

Flash instructions for Turris Omnia 2019:
- Download openwrt-...-sysupgrade.img.gz, gunzip it, and copy the resulting
  .img file to the root of a USB flash drive (FAT32 or ext2/3/4).
- Enter a rescue shell: Either via 5-LED reset and ssh root@192.168.1.1
  on LAN port 4, or via 7-LED reset and the serial console.
- Insert the USB drive and mount it:
  mkdir /mnt; mount /dev/sda1 /mnt
- Flash the OpenWrt image to eMMC:
  dd if=/mnt/openwrt-...-sysupgrade.img of=/dev/mmcblk0 bs=4096 conv=fsync
- Reboot.

Flash instructions using a temporary "medkit" installation were written for
the older versions of Turris Omnia, and will *not* work on the Turris Omnia
2019.

Signed-off-by: Klaus Kudielka <klaus.kudielka@gmail.com>
Reviewed-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
Tested-by: W. Michael Petullo <mike@flyn.org> (Turris Omnia "2020")
(cherry picked from commit afd4375a33)
 2020-12-04 17:57:25 +01:00
Klaus Kudielka
f61e053e72 uboot-envtools: mvebu: update uci defaults for Turris Omnia 
On the Turris Omnia 2019, u-boot environment is located at 0xF0000, instead
of 0xC0000. The switch happened with u-boot-omnia package version 2019-04-2
(May 10, 2019).

Check the installed u-boot release, and set the default accordingly.

Signed-off-by: Klaus Kudielka <klaus.kudielka@gmail.com>
[bump PKG_RELEASE, use lower case for hex offset]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 04d3b517dc)
 2020-12-04 17:57:25 +01:00
Kuan-Yi Li
f1525e785e kernel: backport GD25Q256 support from 4.15 
Backport below changes for GigaDevice GD25Q256 support from v4.15:

  e27072851bf7 mtd: spi-nor: add a quad_enable callback in struct flash_info
  65153846b18c mtd: spi-nor: add support for GD25Q256

This chip is used on newer Quad-E4G boards.

Before:

[    2.366493] m25p80 spi0.0: unrecognized JEDEC id bytes: c8, 40, 19
[    2.372853] m25p80: probe of spi0.0 failed with error -2

After:

[    2.371722] m25p80 spi0.0: gd25q256 (32768 Kbytes)
[    2.376694] 5 fixed-partitions partitions found on MTD device spi0.0
[    2.383043] Creating 5 MTD partitions on "spi0.0":
[    2.387824] 0x000000000000-0x000000030000 : "u-boot"
[    2.394138] 0x000000030000-0x000000031000 : "u-boot-env"
[    2.400608] 0x000000031000-0x000000040000 : "config"
[    2.406830] 0x000000040000-0x000000050000 : "factory"
[    2.413169] 0x000000050000-0x000002000000 : "firmware"

Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
 2020-12-01 21:59:30 +01:00
Hauke Mehrtens
c72b7a4f0d kernel: bump 4.14 to 4.14.209 
Refreshed all patches.

Altered patches:
- 804-i2c-support-layerscape.patch

Compile-tested on: ipq40xx, ath79, layerscape/armv8_64b
Runtime-tested on: ipq40xx, ath79

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
 2020-12-01 21:57:55 +01:00
Alberto Bursi
c420f77678 wireguard-tools: fix category/description in menuconfig 
wireguard-tools is trying to import the menuconfig section
from the wireguard package, but since it's not anymore in
the same makefile this seems to fail and wireguard-tools
ends up in "extra packages" category instead with other
odds and ends.

Same for the description, it's trying to import it from the
wireguard package but it fails so it only shows the line
written in this makefile.

remove the broken imports and add manually the entries
and description they were supposed to load

Fixes: ea980fb9c6 ("wireguard: bump to 20191226")

Signed-off-by: Alberto Bursi <bobafetthotmail@gmail.com>
[fix trailing whitespaces, add Fixes]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit a4d52522c7)
 2020-12-01 13:31:18 +01:00
David Bauer
0ce0d687de ipq40xx: disable double-tagging for PSGMII devices 
This commit disables the double tagging recently backported to 19.07.

Operating the switch on the S-Tag had the advantage of being able to
have separate VLANs for the same C-VID on LAN and WAN. However, this
broke the ability to configure C-TAG modifications on the switch. Also
performance took a significant toll.

Fixes: commit 8c19171255 ("ipq40xx: fix ethernet vlan double tagging")

Signed-off-by: David Bauer <mail@david-bauer.net>
 2020-11-30 15:27:58 +01:00
Jan Pavlinec
6703abb7ca tcpdump: patch CVE-2020-8037 
This PR backports upstream fix for CVE-2020-8037.  This fix is only
relevant for tcpdump package, tcpdump-mini is not affeted by this issue.

Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
[added missing commit description]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 5bb3cc749e)
 2020-11-25 06:02:08 +01:00
Sven Eckelmann
b4698d87c8 kernel: mtd: parser: cmdline: Fix parsing of part-names with colons 
Some devices (especially QCA ones) are already using hardcoded partition
names with colons in it. The OpenMesh A62 for example provides following
mtd relevant information via cmdline:

  root=31:11 mtdparts=spi0.0:256k(0:SBL1),128k(0:MIBIB),384k(0:QSEE),64k(0:CDT),64k(0:DDRPARAMS),64k(0:APPSBLENV),512k(0:APPSBL),64k(0:ART),64k(custom),64k(0:KEYS),0x002b0000(kernel),0x00c80000(rootfs),15552k(inactive) rootfsname=rootfs rootwait

The change to split only on the last colon between mtd-id and partitions
will cause newpart to see following string for the first partition:

  KEYS),0x002b0000(kernel),0x00c80000(rootfs),15552k(inactive)

Such a partition list cannot be parsed and thus the device fails to boot.

Avoid this behavior by making sure that the start of the first part-name
("(") will also be the last byte the mtd-id split algorithm is using for
its colon search.

Fixes: 9c718b5478 ("kernel: bump 4.14 to 4.14.200")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
(backported from commit 223eec7e81)
 2020-11-24 09:48:48 +01:00
Petr Štetiar
193adc94d1 ar71xx,ath79: refresh 910-unaligned_access_hacks.patch 
Commit c9c7b4b394 ("kernel: add netfilter-actual-sk patch") has
touched net/ipv6/netfilter/ip6table_mangle.c which in turn has affected
910-unaligned_access_hacks.patch so the patch needs to be refreshed.

Fixes: c9c7b4b394 ("kernel: add netfilter-actual-sk patch")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
 2020-11-24 09:27:50 +01:00
Petr Štetiar
733a482733 musl: handle wcsnrtombs destination buffer overflow (CVE-2020-28928) 
The wcsnrtombs function in all musl libc versions up through 1.2.1 has
been found to have multiple bugs in handling of destination buffer
size when limiting the input character count, which can lead to
infinite loop with no forward progress (no overflow) or writing past
the end of the destination buffera.

This function is not used internally in musl and is not widely used,
but does appear in some applications. The non-input-limiting form
wcsrtombs is not affected.

All users of musl 1.2.1 and prior versions should apply the attached
patch, which replaces the overly complex and erroneous implementation.
The upcoming 1.2.2 release will adopt this new implementation.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 4d4ef1058c)
 2020-11-23 22:37:03 +01:00
Aaron Goodman
c9c7b4b394 kernel: add netfilter-actual-sk patch 
Backport of linux kernel commit 46d6c5a to 4.14 kernel.

netfilter: use actual socket sk rather than skb sk when routing harder

Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
 2020-11-23 22:34:37 +01:00
Jo-Philipp Wich
a448ad7490 uhttpd: update to 19.07 Git HEAD 
3abcc89 client: fix spurious keepalive connection timeouts

Fixes: FS#3443
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 2020-11-20 22:53:04 +01:00
David Bauer
39c5635714 scripts: download.pl: retry download using filename 
With this commit, the download script will try downloading source files
using the filename instead of the url-filename in case the previous
download attempt using the url-filename failed.

This is required, as the OpenWrt sources mirrors serve files using the
filename files might be renamed to after downloading. If the original
mirror for a file where url-filename and filename do not match goes
down, the download failed prior to this patch.

Further improvement can be done by performing this only for the
OpenWrt sources mirrors.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit d369993898)
 2020-11-20 11:58:01 +01:00
Hauke Mehrtens
2a8279c161 layerscape: Fix check after kernel update 
The fsl_destroy_mc_io() function was moved, add the new checks to the
moved copy and not just remove it.

Fixes: ac5297340e ("kernel: bump 4.14 to 4.14.206")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
 2020-11-16 19:31:23 +01:00
Koen Vandeputte
ac5297340e kernel: bump 4.14 to 4.14.206 
Refreshed all patches.

Altered patches:
- 210-dwc2_defaults.patch
- 708-mc-bus-support-layerscape.patch

Fixes:
- CVE-2020-25656

Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2020-11-16 09:35:05 +01:00
Roger Pueyo Centelles
589c3cf4e0 ath79: remove wmac mtd-mac-address for UniFi AC family 
The MAC address for the wmac 2.4 GHz radio of the Ubiquiti UniFi AC
family of devices is actually embedded in the mtd-cal-data, so there
is no need for mtd-mac-address (which was incorrectly forcing wmac
to have the same MAC as eth0). This makes it coherent with the stock
firmware and the ar71xx target:

 · XX:XX:XX:X0:XX:XX eth0
 · XX:XX:XX:X1:XX:XX ath0/wlan1 (2.4 GHz)
 · XX:XX:XX:X2:XX:XX ath1/wlan0 (5 GHz)

Checked on a UniFi AC Mesh, a UniFi AC LR and a UniFi Lite.

Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
(cherry picked from commit 20ace70db6)
 2020-11-12 18:04:50 +01:00
Sven Roederer
2a3dbded93 feeds: add freifunk feed 
Read the freifunk packages, that have been moved from the LuCI feed
into its own feed in January 2019.
Use openwrt-19.07 branch of that repository for openwrt-19.07.

Signed-off-by: Sven Roederer <freifunk@it-solutions.geroedel.de>
(cherry picked from commit 221f97ff47)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
 2020-11-11 16:35:50 +00:00
David Bauer
ad3c2b9736 ath79: use correct firmware name for UniFi AP 
The Ubiquiti UniFi AP does not have a AHB connected radio but a PCI one.
Also the EEPROM ist only 0x440 bytes of length.

Reported-by: Martin Weinelt <martin@darmstadt.freifunk.net>
Tested-by: Martin Weinelt <martin@darmstadt.freifunk.net>
Signed-off-by: David Bauer <mail@david-bauer.net>
(backported from commit 4c5eb1040f)
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
 2020-11-11 17:32:25 +01:00
David Bauer
84ae238324 ramips: fix logic level for DIR-645 buttons 
The D-Link DIR-645 currently uses an incorrect logic level for its
buttons.

Correct them in order to prevent unintentional activation of failsafe
mode.

Reported-by: Perry Melange <isprotejesvalkata@gmail.com>
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 929e8f0f55)
 2020-11-11 17:28:30 +01:00
Adrian Schmutzler
c25e3275ac ath79: fix LED labels for PowerCloud CAP324 
The order of function and color in the labels in inverted for the
LAN LEDs. Fix it.

Fixes: 915966d861 ("ath79: Port PowerCloud Systems CAP324 support")

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 96023cd4ba)
 2020-11-11 17:26:52 +01:00
Hauke Mehrtens
78c4c04dd7 uci: Backport security fixes 
This packports two security fixes from master.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit f9005d4f80)
 2020-10-28 23:22:44 +01:00
Andre Heider
3af9c5fefd uboot-envtools: mvebu: fix config for mainline u-boot 
Mainline u-boot dynamically passes the mtd partitions via devicetree:
$ cat /proc/mtd
dev:    size   erasesize  name
mtd0: 003f0000 00001000 "firmware"
mtd1: 00010000 00001000 "u-boot-env"

Add support for this setup.

Signed-off-by: Andre Heider <a.heider@gmail.com>
(cherry picked from commit 60c9a27cbc)
 2020-10-28 23:22:44 +01:00
Andre Heider
7fbee0c7b2 mvebu: Add bootscript for espressobin to support mainline firmware 
The generic bootscript is tailored around a downstream firmware and
doesn't work on a firmware built from mainline components.

Add a bootscript which:
* sets $console since mainline u-boot doesn't do that
* uses distro boot variables, so OpenWRT can be booted off any supported
  device when using a mainline firmware
* sets missing distro boot variables for the downstream firmware

Booting with a downstream firmware is unchanged.
Booting with a mainline firmware now works.

Signed-off-by: Andre Heider <a.heider@gmail.com>
(cherry picked from commit c43b45863e)
 2020-10-28 23:22:44 +01:00
Koen Vandeputte
14903d9d8c kernel: bump 4.14 to 4.14.202 
Refreshed all patches.

Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2020-10-21 15:34:11 +02:00
Tan Zien
03a029745f firmware: intel-microcode: update to 20200616 
intel-microcode (3.20200616.1)

  * New upstream microcode datafile 20200616
    + Downgraded microcodes (to a previously shipped revision):
      sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376
      sig 0x000506e3, pf_mask 0x36, 2019-10-03, rev 0x00d6, size 101376
  * Works around hangs on boot on Skylake-U/Y and Skylake Xeon E3,
  * This update *removes* the SRBDS mitigations from the above processors
  * Note that Debian had already downgraded 0x406e3 in release 3.20200609.2

intel-microcode (3.20200609.2)

  * REGRESSION FIX: 0x406e3: rollback to rev 0xd6 and document regression
    * Microcode rollbacks (closes: LP#1883002)
      sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376
    * THIS REMOVES THE SECURITY FIXES FOR SKYLAKE-U/Y PROCESSORS
    * Avoid hangs on boot on (some?) Skylake-U/Y processors,
  * ucode-blacklist: blacklist models 0x8e and 0x9e from late-loading,
    just in case.  Note that Debian does not do late loading by itself.
    Refer to LP#1883002 for the report, 0x806ec hangs upon late load.

intel-microcode (3.20200609.1)

  * SECURITY UPDATE
    * For most processors: SRBDS and/or VRDS, L1DCES mitigations depending
      on the processor model
    * For Skylake HEDT and Skylake Xeons with signature 0x50654: VRDS and
      L1DCES mitigations, plus mitigations described in the changelog entry
      for package release 3.20191112.1.
    * Expect some performance impact, the mitigations are enabled by
      default.  A Linux kernel update will be issued that allows one to
      selectively disable the mitigations.
  * New upstream microcode datafile 20200609
    * Implements mitigation for CVE-2020-0543 Special Register Buffer Data
      Sampling (SRBDS), INTEL-SA-00320, CROSSTalk
    * Implements mitigation for CVE-2020-0548 Vector Register Data Sampling
      (VRDS), INTEL-SA-00329
    * Implements mitigation for CVE-2020-0549 L1D Cache Eviction Sampling
      (L1DCES), INTEL-SA-00329
    * Known to fix the regression introduced in release 2019-11-12 (sig
      0x50564, rev. 0x2000065), which would cause several systems with
      Skylake Xeon, Skylake HEDT processors to hang while rebooting
    * Updated Microcodes:
      sig 0x000306c3, pf_mask 0x32, 2019-11-12, rev 0x0028, size 23552
      sig 0x000306d4, pf_mask 0xc0, 2019-11-12, rev 0x002f, size 19456
      sig 0x00040651, pf_mask 0x72, 2019-11-12, rev 0x0026, size 22528
      sig 0x00040661, pf_mask 0x32, 2019-11-12, rev 0x001c, size 25600
      sig 0x00040671, pf_mask 0x22, 2019-11-12, rev 0x0022, size 14336
      sig 0x000406e3, pf_mask 0xc0, 2020-04-27, rev 0x00dc, size 104448
      sig 0x00050653, pf_mask 0x97, 2020-04-24, rev 0x1000157, size 32768
      sig 0x00050654, pf_mask 0xb7, 2020-04-24, rev 0x2006906, size 34816
      sig 0x00050656, pf_mask 0xbf, 2020-04-23, rev 0x4002f01, size 52224
      sig 0x00050657, pf_mask 0xbf, 2020-04-23, rev 0x5002f01, size 52224
      sig 0x000506e3, pf_mask 0x36, 2020-04-27, rev 0x00dc, size 104448
      sig 0x000806e9, pf_mask 0x10, 2020-04-27, rev 0x00d6, size 103424
      sig 0x000806e9, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424
      sig 0x000806ea, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424
      sig 0x000806eb, pf_mask 0xd0, 2020-04-27, rev 0x00d6, size 103424
      sig 0x000806ec, pf_mask 0x94, 2020-04-23, rev 0x00d6, size 103424
      sig 0x000906e9, pf_mask 0x2a, 2020-04-23, rev 0x00d6, size 103424
      sig 0x000906ea, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400
      sig 0x000906eb, pf_mask 0x02, 2020-04-23, rev 0x00d6, size 103424
      sig 0x000906ec, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400
      sig 0x000906ed, pf_mask 0x22, 2020-04-23, rev 0x00d6, size 103424
  * Restores the microcode-level fixes that were reverted by release
    3.20191115.2 for sig 0x50654 (Skylake Xeon, Skylake HEDT)

intel-microcode (3.20200520.1)

  * New upstream microcode datafile 20200520
    + Updated Microcodes:
      sig 0x000206d6, pf_mask 0x6d, 2020-03-04, rev 0x0621, size 18432
      sig 0x000206d7, pf_mask 0x6d, 2020-03-24, rev 0x071a, size 19456

intel-microcode (3.20200508.1)

  * New upstream microcode datafile 20200508
    + Updated Microcodes:
      sig 0x000706e5, pf_mask 0x80, 2020-03-12, rev 0x0078, size 107520
    * Likely fixes several critical errata on IceLake-U/Y causing system
      hangs

intel-microcode (3.20191115.2)

  * Microcode rollbacks (closes: #946515, LP#1854764):
    sig 0x00050654, pf_mask 0xb7, 2019-07-31, rev 0x2000064, size 33792
  * Avoids hangs on warm reboots (cold boots work fine) on HEDT and
    Xeon processors with signature 0x50654.

intel-microcode (3.20191115.1)

  * New upstream microcode datafile 20191115
    + Updated Microcodes:
      sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376
      sig 0x000506e3, pf_mask 0x36, 2019-10-03, rev 0x00d6, size 101376
      sig 0x000806e9, pf_mask 0x10, 2019-10-15, rev 0x00ca, size 100352
      sig 0x000806e9, pf_mask 0xc0, 2019-09-26, rev 0x00ca, size 100352
      sig 0x000806ea, pf_mask 0xc0, 2019-10-03, rev 0x00ca, size 100352
      sig 0x000806eb, pf_mask 0xd0, 2019-10-03, rev 0x00ca, size 100352
      sig 0x000806ec, pf_mask 0x94, 2019-10-03, rev 0x00ca, size 100352
      sig 0x000906e9, pf_mask 0x2a, 2019-10-03, rev 0x00ca, size 100352
      sig 0x000906ea, pf_mask 0x22, 2019-10-03, rev 0x00ca, size 99328
      sig 0x000906eb, pf_mask 0x02, 2019-10-03, rev 0x00ca, size 100352
      sig 0x000906ec, pf_mask 0x22, 2019-10-03, rev 0x00ca, size 99328
      sig 0x000906ed, pf_mask 0x22, 2019-10-03, rev 0x00ca, size 100352
      sig 0x000a0660, pf_mask 0x80, 2019-10-03, rev 0x00ca, size 91136

intel-microcode (3.20191113.1)

  * New upstream microcode datafile 20191113
    + SECURITY UPDATE, refer to the 3.20191112.1 changelog entry for details
      Adds microcode update for CFL-S (Coffe Lake Desktop)
      INTEL-SA-00270, CVE-2019-11135, CVE-2019-0117
    + Updated Microcodes (previously removed):
      sig 0x000906ec, pf_mask 0x22, 2019-08-14, rev 0x00c6, size 99328

intel-microcode (3.20191112.1)

  * New upstream microcode datafile 20191112
    + SECURITY UPDATE
      - Implements MDS mitigation (TSX TAA), INTEL-SA-00270, CVE-2019-11135
      - Implements TA Indirect Sharing mitigation, and improves the
        MDS mitigation (VERW)
      - Fixes FIVR (Xeon Voltage Modulation) vulnerability, INTEL-SA-00271,
        CVE-2019-11139
      - Fixes SGX vulnerabilities and errata (including CVE-2019-0117)
    + CRITICAL ERRATA FIXES
      - Fixes Jcc conditional jump macro-fusion erratum (Skylake+, except
        Ice Lake), causes a 0-3% typical perforance hit (can be as bad
        as 10%).  But ensures the processor will actually jump where it
        should, so don't even *dream* of not applying this fix.
      - Fixes AVX SHUF* instruction implementation flaw erratum
    + Removed Microcodes:
      sig 0x000906ec, pf_mask 0x22, 2019-02-14, rev 0x00ae, size 98304
    + New Microcodes:
      sig 0x000406d8, pf_mask 0x01, 2019-09-16, rev 0x012d, size 84992
      sig 0x00050656, pf_mask 0xbf, 2019-09-05, rev 0x400002c, size 51200
      sig 0x00060663, pf_mask 0x80, 2018-04-17, rev 0x002a, size 87040
      sig 0x000706a8, pf_mask 0x01, 2019-08-29, rev 0x0016, size 74752
      sig 0x000706e5, pf_mask 0x80, 2019-09-05, rev 0x0046, size 102400
      sig 0x000a0660, pf_mask 0x80, 2019-08-27, rev 0x00c6, size 91136
    + Updated Microcodes:
      sig 0x000406e3, pf_mask 0xc0, 2019-08-14, rev 0x00d4, size 101376
      sig 0x00050654, pf_mask 0xb7, 2019-09-05, rev 0x2000065, size 34816
      sig 0x00050657, pf_mask 0xbf, 2019-09-05, rev 0x500002c, size 51200
      sig 0x000506e3, pf_mask 0x36, 2019-08-14, rev 0x00d4, size 101376
      sig 0x000706a1, pf_mask 0x01, 2019-08-28, rev 0x0032, size 73728
      sig 0x000806e9, pf_mask 0x10, 2019-08-14, rev 0x00c6, size 99328
      sig 0x000806e9, pf_mask 0xc0, 2019-08-14, rev 0x00c6, size 100352
      sig 0x000806ea, pf_mask 0xc0, 2019-08-14, rev 0x00c6, size 99328
      sig 0x000806eb, pf_mask 0xd0, 2019-08-14, rev 0x00c6, size 100352
      sig 0x000806ec, pf_mask 0x94, 2019-08-14, rev 0x00c6, size 100352
      sig 0x000906e9, pf_mask 0x2a, 2019-08-14, rev 0x00c6, size 100352
      sig 0x000906ea, pf_mask 0x22, 2019-08-14, rev 0x00c6, size 99328
      sig 0x000906eb, pf_mask 0x02, 2019-08-14, rev 0x00c6, size 100352
      sig 0x000906ed, pf_mask 0x22, 2019-08-14, rev 0x00c6, size 99328
    + Updated Microcodes (previously removed):
      sig 0x00050653, pf_mask 0x97, 2019-09-09, rev 0x1000151, size 32768

Signed-off-by: Tan Zien <nabsdh9@gmail.com>
(cherry picked from commit e826e00765)
 2020-10-18 00:07:23 +02:00
Tan Zien
95d60bf881 firmware: amd64-microcode: update to 20191218 
amd64-microcode (3.20191218.1)

  * New microcode update packages from AMD upstream:
    + Removed Microcode updates (known to cause issues):
      sig 0x00830f10, patch id 0x08301025, 2019-07-11
  * README: update for new release

amd64-microcode (3.20191021.1)

  * New microcode update packages from AMD upstream:
    + New Microcodes:
      sig 0x00830f10, patch id 0x08301025, 2019-07-11
    + Updated Microcodes:
      sig 0x00800f12, patch id 0x08001250, 2019-04-16
      sig 0x00800f82, patch id 0x0800820d, 2019-04-16

amd64-microcode (3.20181128.1)

  * New microcode update packages from AMD upstream:
    + New Microcodes:
      sig 0x00800f82, patch id 0x0800820b, 2018-06-20

Signed-off-by: Tan Zien <nabsdh9@gmail.com>
(cherry picked from commit 182c7d955f)
 2020-10-18 00:07:16 +02:00
Hauke Mehrtens
dda5e3db19 firewall: options: fix parsing of boolean attributes 
Boolean attributes were parsed the same way as string attributes,
so a value of { "bool_attr": "true" } would be parsed correctly, but
{ "bool_attr": true } (without quotes) was parsed as false.

Fixes FS#3284

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 7f676b5ed6)
 2020-10-16 21:37:22 +02:00
Koen Vandeputte
7dd822983b kernel: bump 4.14 to 4.14.201 
Refreshed all patches.

Fixes:
- CVE-2020-14386

Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2020-10-14 17:18:54 +02:00
Adrian Schmutzler
aee081e62e oxnas: fix qc_prep return in sata driver after kernel 4.14.200 
This fixes a regression after a kernel change in 4.14.200 [1] that
led to build failure on oxnas/ox820:

  drivers/ata/sata_oxnas.c:2238:13: error: initialization of
  'enum ata_completion_errors (*)(struct ata_queued_cmd *)'
  from incompatible pointer type
  'void (*)(struct ata_queued_cmd *)' [-Werror=incompatible-pointer-types]
    .qc_prep = sata_oxnas_qc_prep,
               ^~~~~~~~~~~~~~~~~~
  drivers/ata/sata_oxnas.c:2238:13: note:
  (near initialization for 'sata_oxnas_ops.qc_prep')

Our local driver is changed the same way as prototyped in the
kernel patch, i.e. return type is changed and AC_ERR_OK return
value is added.

[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=306a1c5b5683c1d37565e575386139a64bdbec6f

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit f6ca57e4f4)
 2020-10-12 11:31:19 +01:00
Felix Fietkau
6696fddfd9 mac80211: do not allow bigger VHT MPDUs than the hardware supports 
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit caf727767a)
[Refreshed patch]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2020-10-12 09:45:54 +02:00
Koen Vandeputte
9c718b5478 kernel: bump 4.14 to 4.14.200 
Refreshed all patches.

Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2020-10-12 09:45:54 +02:00
Chuanhong Guo
b21bea7b1b ath79: ar8216: make switch register access atomic 
reg accesses on integrated ar8229 sometimes fails. As a result, phy read
got incorrect port status and wan link goes down and up mysteriously.
After comparing ar8216 with the old driver, these local_irq_save/restore
calls are the only meaningful differences I could find and it does fix
the issue.
The same changes were added in svn r26856 by Gabor Juhos:
ar71xx: ag71xx: make switch register access atomic

As I can't find the underlying problem either, this hack is broght
back to fix the unstable link issue.
This hack is only suitable for ath79 mdio and may easily break the
driver on other platform. Limit it to ath79-only as a target patch.

Fixes: FS#2216
Fixes: FS#3226
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
(cherry picked from commit 86fdc8abed)
 2020-10-11 11:57:55 +08:00
Baptiste Jonglez
891022918d scripts: getver.sh: fix version based on stable branch 
When building from a local branch based off the "openwrt-19.07" branch,
version computation is wrong, for instance:

    r10194+1004-c53f62b111

The number of local commits (1004 in this case) is wrong because it is
computed against master.  As a result, it wrongly counts *all* commits
since the beginning of the openwrt-19.07 branch as local commits.

The fix is to compare to the openwrt-19.07 branch instead, which gives the
expected result such as:

    r11192+6-8b0278a17e

Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
[shorten commit title]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
 2020-10-07 23:13:00 +02:00
Eneas U de Queiroz
8076fb59ab openssl: bump to 1.1.1h 
This is a bug-fix release.  Patches were refreshed.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 475838de1a)
 2020-09-28 17:14:31 +02:00
Adrian Schmutzler
f4286d7bc2 ath79: fix rssi-low LED for My Net Range Extender 
The LED color was missing in 01_leds.

Fixes: 745dee11ac ("ath79: add support for WD My Net Wi-Fi Range
Extender")

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit d232a8ac7d)
 2020-09-28 13:33:28 +02:00
Hauke Mehrtens
d82e6a2f10 kernel: Update to version 4.14.199 
Compile and runtime tested on lantiq/xrx200 + ath79/generic.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
 2020-09-28 01:04:35 +02:00
Rozhuk Ivan
86b44028e2 comgt: fix hotplug event handling 
Hotplug manager send: "remove" -> "add" -> "bind" events,
script interpret bind as "not add" = "remove" and mark device
as unavailable.

Signed-off-by: Rozhuk Ivan <rozhuk.im@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
(cherry picked from commit 4821ff064b)
Fixes: FS#3351
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 2020-09-19 19:48:27 +02:00
Jo-Philipp Wich
34a9652904 Revert "ramips: ethernet: fix to interrupt handling" 
This reverts commit 7ac454014a.

The change reportedly causes regressions in ethernet performance.

Fixes: FS#3332
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 2020-09-18 08:53:53 +02:00
Hauke Mehrtens
29b4104d69 OpenWrt v19.07.4: revert to branch defaults 
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
 2020-09-07 20:27:30 +02:00
175 changed files with 1405 additions and 594 deletions
Expand all files Collapse all files

5
config/Config-devel.in
View File

@@ -100,6 +100,11 @@ menuconfig DEVEL
It can be a git hash or a branch name.
If unused, the clone's repository HEAD will be checked-out.
config KERNEL_GIT_MIRROR_HASH
string "Enter hash of Git kernel tree source checkout tarball" if DEVEL
depends on (KERNEL_GIT_CLONE_URI != "")
default ""
config BUILD_LOG
bool "Enable log files during build process" if DEVEL
help

9
feeds.conf.default
View File

@@ -1,4 +1,5 @@
src-git packages https://git.openwrt.org/feed/packages.git^eae1bb397f064befe003b01a36ae318321e81d35
src-git luci https://git.openwrt.org/project/luci.git^0d0ab01a64f25d15325d3c98a7df252085382f1d
src-git routing https://git.openwrt.org/feed/routing.git^b77498bd56d5e45ab4577a1f4ad6ffc55b4a86b7
src-git telephony https://git.openwrt.org/feed/telephony.git^91b34e7eefa1d37a18390d0c6881978cd76804a1
src-git packages https://git.openwrt.org/feed/packages.git^2974079d3db786fe5da00c10f1d80e79b0112093
src-git luci https://git.openwrt.org/project/luci.git^51f55b58b75b189f4f8810a827ca27a959e2192d
src-git routing https://git.openwrt.org/feed/routing.git^02b4dbfcb7b8f8b566940847d22d5a6f229d2e66
src-git telephony https://git.openwrt.org/feed/telephony.git^6e019c94d0fa7162548d528bf4ba060a61f8cb59
src-git freifunk https://github.com/freifunk/openwrt-packages.git^73454e6fe1bdc902c69ca0079d979fdb94d6fb1f

16
include/cmake.mk
View File

@@ -22,12 +22,22 @@ ifeq ($(CONFIG_CCACHE),)
CMAKE_CXX_COMPILER:=$(call cmake_tool,$(TARGET_CXX))
CMAKE_C_COMPILER_ARG1:=
CMAKE_CXX_COMPILER_ARG1:=
CMAKE_HOST_C_COMPILER:=$(HOSTCC)
CMAKE_HOST_CXX_COMPILER:=$(HOSTCXX)
CMAKE_HOST_C_COMPILER_ARG1:=
CMAKE_HOST_CXX_COMPILER_ARG1:=
else
CCACHE:=$(STAGING_DIR_HOST)/bin/ccache
CMAKE_C_COMPILER:=$(CCACHE)
CMAKE_C_COMPILER_ARG1:=$(TARGET_CC_NOCACHE)
CMAKE_CXX_COMPILER:=$(CCACHE)
CMAKE_CXX_COMPILER_ARG1:=$(TARGET_CXX_NOCACHE)
CMAKE_HOST_C_COMPILER:=$(CCACHE)
CMAKE_HOST_C_COMPILER_ARG1:=$(HOSTCC_NOCACHE)
CMAKE_HOST_CXX_COMPILER:=$(CCACHE)
CMAKE_HOST_CXX_COMPILER_ARG1:=$(HOSTCXX_NOCACHE)
endif
CMAKE_AR:=$(call cmake_tool,$(TARGET_AR))
CMAKE_NM:=$(call cmake_tool,$(TARGET_NM))
@@ -90,6 +100,12 @@ define Host/Configure/Default
LDFLAGS="$(HOST_LDFLAGS)" \
cmake \
-DCMAKE_BUILD_TYPE=Release \
-DCMAKE_C_COMPILER="$(CMAKE_HOST_C_COMPILER)" \
-DCMAKE_C_COMPILER_ARG1="$(CMAKE_HOST_C_COMPILER_ARG1)" \
-DCMAKE_CXX_COMPILER="$(CMAKE_HOST_CXX_COMPILER)" \
-DCMAKE_CXX_COMPILER_ARG1="$(CMAKE_HOST_CXX_COMPILER_ARG1)" \
-DCMAKE_ASM_COMPILER="$(CMAKE_HOST_C_COMPILER)" \
-DCMAKE_ASM_COMPILER_ARG1="$(CMAKE_HOST_C_COMPILER_ARG1)" \
-DCMAKE_C_FLAGS_RELEASE="-DNDEBUG" \
-DCMAKE_CXX_FLAGS_RELEASE="-DNDEBUG" \
-DCMAKE_EXE_LINKER_FLAGS:STRING="$(HOST_LDFLAGS)" \

2
include/host-build.mk
View File

@@ -184,6 +184,8 @@ ifndef DUMP
clean-build: host-clean-build
endif
$(DL_DIR)/$(FILE): FORCE
$(_host_target)host-prepare: $(HOST_STAMP_PREPARED)
$(_host_target)host-configure: $(HOST_STAMP_CONFIGURED)
$(_host_target)host-compile: $(HOST_STAMP_BUILT) $(HOST_STAMP_INSTALLED)

4
include/kernel-version.mk
View File

@@ -6,9 +6,9 @@ ifdef CONFIG_TESTING_KERNEL
KERNEL_PATCHVER:=$(KERNEL_TESTING_PATCHVER)
endif
LINUX_VERSION-4.14 = .195
LINUX_VERSION-4.14 = .209
LINUX_KERNEL_HASH-4.14.195 = 394f28798670240baacd9e2cce521fbd79f8da5e1fc191695b0e11381445a021
LINUX_KERNEL_HASH-4.14.209 = cb02465cc8f1972cc14707b25d779c8668d220c39e68a24bb23afd4c58182b9c
remove_uri_prefix=$(subst git://,,$(subst http://,,$(subst https://,,$(1))))
sanitize_uri=$(call qstrip,$(subst @,_,$(subst :,_,$(subst .,_,$(subst -,_,$(subst /,_,$(1)))))))

2
include/package.mk
View File

@@ -185,6 +185,8 @@ define Build/CoreTargets
$(call Build/Autoclean)
$(call DefaultTargets)
$(DL_DIR)/$(FILE): FORCE
download:
$(foreach hook,$(Hooks/Download),
$(call $(hook))$(sep)

6
include/version.mk
View File

@@ -26,13 +26,13 @@ PKG_CONFIG_DEPENDS += \
sanitize = $(call tolower,$(subst _,-,$(subst $(space),-,$(1))))
VERSION_NUMBER:=$(call qstrip,$(CONFIG_VERSION_NUMBER))
VERSION_NUMBER:=$(if $(VERSION_NUMBER),$(VERSION_NUMBER),19.07.4)
VERSION_NUMBER:=$(if $(VERSION_NUMBER),$(VERSION_NUMBER),19.07.5)
VERSION_CODE:=$(call qstrip,$(CONFIG_VERSION_CODE))
VERSION_CODE:=$(if $(VERSION_CODE),$(VERSION_CODE),r11208-ce6496d796)
VERSION_CODE:=$(if $(VERSION_CODE),$(VERSION_CODE),r11257-5090152ae3)
VERSION_REPO:=$(call qstrip,$(CONFIG_VERSION_REPO))
VERSION_REPO:=$(if $(VERSION_REPO),$(VERSION_REPO),http://downloads.openwrt.org/releases/19.07.4)
VERSION_REPO:=$(if $(VERSION_REPO),$(VERSION_REPO),http://downloads.openwrt.org/releases/19.07.5)
VERSION_DIST:=$(call qstrip,$(CONFIG_VERSION_DIST))
VERSION_DIST:=$(if $(VERSION_DIST),$(VERSION_DIST),OpenWrt)

2
package/base-files/image-config.in
View File

@@ -183,7 +183,7 @@ if VERSIONOPT
config VERSION_REPO
string
prompt "Release repository"
default "http://downloads.openwrt.org/releases/19.07.4"
default "http://downloads.openwrt.org/releases/19.07.5"
help
This is the repository address embedded in the image, it defaults
to the trunk snapshot repo; the url may contain the following placeholders:

2
package/boot/uboot-envtools/Makefile
View File

@@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=uboot-envtools
PKG_DISTNAME:=u-boot
PKG_VERSION:=2018.03
PKG_RELEASE:=3
PKG_RELEASE:=3.1
PKG_SOURCE_PROTO:=git
PKG_SOURCE:=$(PKG_DISTNAME)-$(PKG_VERSION).tar.xz

15
package/boot/uboot-envtools/files/mvebu
View File

@@ -15,12 +15,23 @@ board=$(board_name)
case "$board" in
cznic,turris-omnia)
ubootenv_add_uci_config "/dev/mtd0" "0xC0000" "0x10000" "0x40000"
if grep -q 'U-Boot 2015.10-rc2' /dev/mtd0; then
ubootenv_add_uci_config "/dev/mtd0" "0xc0000" "0x10000" "0x40000"
else
ubootenv_add_uci_config "/dev/mtd0" "0xf0000" "0x10000" "0x10000"
fi
;;
globalscale,espressobin|\
globalscale,espressobin-emmc|\
globalscale,espressobin-v7|\
globalscale,espressobin-v7-emmc|\
globalscale,espressobin-v7-emmc)
idx="$(find_mtd_index u-boot-env)"
if [ -n "$idx" ]; then
ubootenv_add_uci_config "/dev/mtd$idx" "0x0" "0x10000" "0x10000" "1"
else
ubootenv_add_uci_config "/dev/mtd0" "0x3f0000" "0x10000" "0x10000" "1"
fi
;;
marvell,armada8040-mcbin)
ubootenv_add_uci_config "/dev/mtd0" "0x3f0000" "0x10000" "0x10000" "1"
;;

4
package/firmware/amd64-microcode/Makefile
View File

@@ -8,12 +8,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=amd64-microcode
PKG_VERSION:=20180524
PKG_VERSION:=20191218
PKG_RELEASE:=1
PKG_SOURCE:=amd64-microcode_3.$(PKG_VERSION).$(PKG_RELEASE).tar.xz
PKG_SOURCE_URL:=http://ftp.debian.org/debian/pool/non-free/a/amd64-microcode/
PKG_HASH:=7c389c357c242e7161f6872bf4e12011a71e4c0683f06fb1bcfad650a78bf0a9
PKG_HASH:=f469b79348097c5f04641b67a39d0ee5a2a1916c9556281626c04f2275d4132d
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-3.$(PKG_VERSION).$(PKG_RELEASE)
PKG_LICENSE_FILE:=LICENSE.amd-ucode

4
package/firmware/intel-microcode/Makefile
View File

@@ -8,12 +8,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=intel-microcode
PKG_VERSION:=20190918
PKG_VERSION:=20200616
PKG_RELEASE:=1
PKG_SOURCE:=intel-microcode_3.$(PKG_VERSION).$(PKG_RELEASE).tar.xz
PKG_SOURCE_URL:=http://ftp.debian.org/debian/pool/non-free/i/intel-microcode/
PKG_HASH:=b7ecb5dd30d71e9b3c2ab184693a876171392e0d80d138c3560c662e5f2a2247
PKG_HASH:=bcc3b81c452fe4649a948c022475d76c1cdfbb730f36749a082f412f1406a3b9
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-3.$(PKG_VERSION).$(PKG_RELEASE)
PKG_BUILD_DEPENDS:=iucode-tool/host

34
package/kernel/mac80211/patches/subsys/331-mac80211-do-not-allow-bigger-VHT-MPDUs-than-the-hard.patch Normal file
View File

@@ -0,0 +1,34 @@
From: Felix Fietkau <nbd@nbd.name>
Date: Thu, 17 Sep 2020 12:07:19 +0200
Subject: [PATCH] mac80211: do not allow bigger VHT MPDUs than the hardware
supports
Limit maximum VHT MPDU size by local capability
Signed-off-by: Felix Fietkau <nbd@nbd.name>
---
--- a/net/mac80211/vht.c
+++ b/net/mac80211/vht.c
@@ -170,10 +170,7 @@ ieee80211_vht_cap_ie_to_sta_vht_cap(stru
/* take some capabilities as-is */
cap_info = le32_to_cpu(vht_cap_ie->vht_cap_info);
vht_cap->cap = cap_info;
- vht_cap->cap &= IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_3895 |
- IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_7991 |
- IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_11454 |
- IEEE80211_VHT_CAP_RXLDPC |
+ vht_cap->cap &= IEEE80211_VHT_CAP_RXLDPC |
IEEE80211_VHT_CAP_VHT_TXOP_PS |
IEEE80211_VHT_CAP_HTC_VHT |
IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK |
@@ -182,6 +179,9 @@ ieee80211_vht_cap_ie_to_sta_vht_cap(stru
IEEE80211_VHT_CAP_RX_ANTENNA_PATTERN |
IEEE80211_VHT_CAP_TX_ANTENNA_PATTERN;
+ vht_cap->cap |= min_t(u32, cap_info & IEEE80211_VHT_CAP_MAX_MPDU_MASK,
+ own_cap.cap & IEEE80211_VHT_CAP_MAX_MPDU_MASK);
+
/* and some based on our own capabilities */
switch (own_cap.cap & IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_MASK) {
case IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160MHZ:

4
package/libs/openssl/Makefile
View File

@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=openssl
PKG_BASE:=1.1.1
PKG_BUGFIX:=g
PKG_BUGFIX:=h
PKG_VERSION:=$(PKG_BASE)$(PKG_BUGFIX)
PKG_RELEASE:=1
PKG_USE_MIPS16:=0
@@ -24,7 +24,7 @@ PKG_SOURCE_URL:= \
ftp://ftp.pca.dfn.de/pub/tools/net/openssl/source/ \
http://www.openssl.org/source/ \
http://www.openssl.org/source/old/$(PKG_BASE)/
PKG_HASH:=ddb04774f1e32f0c49751e21b67216ac87852ceb056b75209af2443400636d46
PKG_HASH:=5c9ca8774bd7b03e5784f26ae9e9e6d749c9da2438545077e6b3d755a06595d9
PKG_LICENSE:=OpenSSL
PKG_LICENSE_FILES:=LICENSE

2
package/libs/openssl/patches/100-Configure-afalg-support.patch
View File

@@ -12,7 +12,7 @@ diff --git a/Configure b/Configure
index 5a699836f3..74d057c219 100755
--- a/Configure
+++ b/Configure
@@ -1532,7 +1532,9 @@ unless ($disabled{"crypto-mdebug-backtrace"})
@@ -1545,7 +1545,9 @@ unless ($disabled{"crypto-mdebug-backtrace"})
unless ($disabled{afalgeng}) {
$config{afalgeng}="";

4
package/libs/openssl/patches/130-dont-build-tests-fuzz.patch
View File

@@ -11,7 +11,7 @@ diff --git a/Configure b/Configure
index 74d057c219..5813e9f8fe 100755
--- a/Configure
+++ b/Configure
@@ -296,7 +296,7 @@ my $auto_threads=1; # enable threads automatically? true by default
@@ -318,7 +318,7 @@ my $auto_threads=1; # enable threads automatically? true by default
my $default_ranlib;
# Top level directories to build
@@ -20,7 +20,7 @@ index 74d057c219..5813e9f8fe 100755
# crypto/ subdirectories to build
$config{sdirs} = [
"objects",
@@ -308,7 +308,7 @@ $config{sdirs} = [
@@ -330,7 +330,7 @@ $config{sdirs} = [
"cms", "ts", "srp", "cmac", "ct", "async", "kdf", "store"
];
# test/ subdirectories to build

2
package/network/config/firewall/Makefile
View File

@@ -9,7 +9,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=firewall
PKG_RELEASE:=2
PKG_RELEASE:=3
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL=$(PROJECT_GIT)/project/firewall3.git

38
package/network/config/firewall/patches/0002-options-fix-parsing-of-boolean-attributes.patch Normal file
View File

@@ -0,0 +1,38 @@
From 78d52a28c66ad0fd2af250038fdcf4239ad37bf2 Mon Sep 17 00:00:00 2001
From: Remi NGUYEN VAN <remi.nguyenvan+openwrt@gmail.com>
Date: Sat, 15 Aug 2020 13:50:27 +0900
Subject: [PATCH] options: fix parsing of boolean attributes
Boolean attributes were parsed the same way as string attributes,
so a value of { "bool_attr": "true" } would be parsed correctly, but
{ "bool_attr": true } (without quotes) was parsed as false.
Fixes FS#3284
Signed-off-by: Remi NGUYEN VAN <remi.nguyenvan+openwrt@gmail.com>
---
options.c | 6 ++++++
1 file changed, 6 insertions(+)
--- a/options.c
+++ b/options.c
@@ -1170,6 +1170,9 @@ fw3_parse_blob_options(void *s, const st
if (blobmsg_type(e) == BLOBMSG_TYPE_INT32) {
snprintf(buf, sizeof(buf), "%d", blobmsg_get_u32(e));
v = buf;
+ } else if (blobmsg_type(o) == BLOBMSG_TYPE_BOOL) {
+ snprintf(buf, sizeof(buf), "%d", blobmsg_get_bool(o));
+ v = buf;
} else {
v = blobmsg_get_string(e);
}
@@ -1189,6 +1192,9 @@ fw3_parse_blob_options(void *s, const st
if (blobmsg_type(o) == BLOBMSG_TYPE_INT32) {
snprintf(buf, sizeof(buf), "%d", blobmsg_get_u32(o));
v = buf;
+ } else if (blobmsg_type(o) == BLOBMSG_TYPE_BOOL) {
+ snprintf(buf, sizeof(buf), "%d", blobmsg_get_bool(o));
+ v = buf;
} else {
v = blobmsg_get_string(o);
}

6
package/network/services/uhttpd/Makefile
View File

@@ -12,9 +12,9 @@ PKG_RELEASE:=1
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL=$(PROJECT_GIT)/project/uhttpd.git
PKG_SOURCE_DATE:=2020-03-13
PKG_SOURCE_VERSION:=975dce23257e713e5e52eb87b194513eb81110a5
PKG_MIRROR_HASH:=e5fba74f1519ce461a09bf7e52685d67e99c1157b050b4f91e718146e690e0c1
PKG_SOURCE_DATE:=2020-10-01
PKG_SOURCE_VERSION:=3abcc89103799aaa79870fffcd58ec4370815024
PKG_MIRROR_HASH:=755863ef113648c7f4863b5ac93593e7a8c46f1937217641d0ec4bde34e45883
PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>
PKG_LICENSE:=ISC

2
package/network/utils/comgt/Makefile
View File

@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=comgt
PKG_VERSION:=0.32
PKG_RELEASE:=32
PKG_RELEASE:=33
PKG_SOURCE:=$(PKG_NAME).$(PKG_VERSION).tgz
PKG_SOURCE_URL:=@SF/comgt

8
package/network/utils/comgt/files/3g.usb
View File

@@ -15,11 +15,11 @@ find_3g_iface() {
if [ "${dev##*/}" = "${tty##*/}" ]; then
if [ "$ACTION" = add ]; then
available=1
else
available=0
proto_set_available "$cfg" 1
fi
if [ "$ACTION" = remove ]; then
proto_set_available "$cfg" 0
fi
proto_set_available "$cfg" $available
fi
}

2
package/network/utils/tcpdump/Makefile
View File

@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=tcpdump
PKG_VERSION:=4.9.3
PKG_RELEASE:=1
PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://www.us.tcpdump.org/release/ \

47
package/network/utils/tcpdump/patches/101-CVE-2020-8037.patch Normal file
View File

@@ -0,0 +1,47 @@
--- a/print-ppp.c
+++ b/print-ppp.c
@@ -1368,19 +1368,29 @@ trunc:
}
#ifndef TCPDUMP_MINI
+/*
+ * Un-escape RFC 1662 PPP in HDLC-like framing, with octet escapes.
+ * The length argument is the on-the-wire length, not the captured
+ * length; we can only un-escape the captured part.
+ */
static void
ppp_hdlc(netdissect_options *ndo,
const u_char *p, int length)
{
+ u_int caplen = ndo->ndo_snapend - p;
u_char *b, *t, c;
const u_char *s;
- int i, proto;
+ u_int i;
+ int proto;
const void *se;
+ if (caplen == 0)
+ return;
+
if (length <= 0)
return;
- b = (u_char *)malloc(length);
+ b = (u_char *)malloc(caplen);
if (b == NULL)
return;
@@ -1389,10 +1399,10 @@ ppp_hdlc(netdissect_options *ndo,
* Do this so that we dont overwrite the original packet
* contents.
*/
- for (s = p, t = b, i = length; i > 0 && ND_TTEST(*s); i--) {
+ for (s = p, t = b, i = caplen; i != 0; i--) {
c = *s++;
if (c == 0x7d) {
- if (i <= 1 || !ND_TTEST(*s))
+ if (i <= 1)
break;
i--;
c = *s++ ^ 0x20;

13
package/network/utils/wireguard-tools/Makefile
View File

@@ -31,13 +31,22 @@ MAKE_PATH:=src
MAKE_VARS += PLATFORM=linux
define Package/wireguard-tools
$(call Package/wireguard/Default)
SECTION:=net
CATEGORY:=Network
SUBMENU:=VPN
URL:=https://www.wireguard.com
MAINTAINER:=Jason A. Donenfeld <Jason@zx2c4.com>
TITLE:=WireGuard userspace control program (wg)
DEPENDS:=+libmnl +ip
endef
define Package/wireguard-tools/description
$(call Package/wireguard/Default/description)
WireGuard is a novel VPN that runs inside the Linux Kernel and utilizes
state-of-the-art cryptography. It aims to be faster, simpler, leaner, and
more useful than IPSec, while avoiding the massive headache. It intends to
be considerably more performant than OpenVPN. WireGuard is designed as a
general purpose VPN for running on embedded interfaces and super computers
alike, fit for many different circumstances. It uses UDP.
This package provides the userspace control program for WireGuard,
`wg(8)`, a netifd protocol helper, and a re-resolve watchdog script.

2
package/system/uci/Makefile
View File

@@ -9,7 +9,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=uci
PKG_RELEASE:=3
PKG_RELEASE:=4
PKG_SOURCE_URL=$(PROJECT_GIT)/project/uci.git
PKG_SOURCE_PROTO:=git

51
package/system/uci/patches/001-file-uci_parse_package-fix-heap-use-after-free.patch Normal file
View File

@@ -0,0 +1,51 @@
From a3e650911f5e6f67dcff09974df3775dfd615da6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20=C5=A0tetiar?= <ynezz@true.cz>
Date: Sat, 3 Oct 2020 01:29:21 +0200
Subject: [PATCH] file: uci_parse_package: fix heap use after free
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Fixes following issue which is caused by usage of pointer which pointed
to a reallocated address:
ERROR: AddressSanitizer: heap-use-after-free on address 0x619000000087 at pc 0x000000509aa7 bp 0x7ffd6b9c3c40 sp 0x7ffd6b9c3400
READ of size 2 at 0x619000000087 thread T0
#0 0x509aa6 in strdup (test-fuzz+0x509aa6)
#1 0x7fc36d2a1636 in uci_strdup util.c:60:8
#2 0x7fc36d29e1ac in uci_alloc_generic list.c:55:13
#3 0x7fc36d29e241 in uci_alloc_package list.c:253:6
#4 0x7fc36d2a0ba3 in uci_switch_config file.c:375:18
#5 0x7fc36d2a09b8 in uci_parse_package file.c:397:2
#6 0x7fc36d2a09b8 in uci_parse_line file.c:513:6
#7 0x7fc36d2a09b8 in uci_import file.c:681:4
0x619000000087 is located 7 bytes inside of 1024-byte region [0x619000000080,0x619000000480)
freed by thread T0 here:
#0 0x51daa9 in realloc (test-fuzz+0x51daa9)
#1 0x7fc36d2a1612 in uci_realloc util.c:49:8
previously allocated by thread T0 here:
#0 0x51daa9 in realloc (test-fuzz+0x51daa9)
#1 0x7fc36d2a1612 in uci_realloc util.c:49:8
Reported-by: Jeremy Galindo <jgalindo@datto.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
---
file.c | 2 +-
...sig-06,src-000079,time-22005942,op-ext_AO,pos-8 | Bin 0 -> 56 bytes
2 files changed, 1 insertion(+), 1 deletion(-)
create mode 100644 tests/fuzz/corpus/id-000000,sig-06,src-000079,time-22005942,op-ext_AO,pos-8
--- a/file.c
+++ b/file.c
@@ -388,8 +388,8 @@ static void uci_parse_package(struct uci
pctx->pos += strlen(pctx_cur_str(pctx)) + 1;
ofs_name = next_arg(ctx, true, true, true);
- name = pctx_str(pctx, ofs_name);
assert_eol(ctx);
+ name = pctx_str(pctx, ofs_name);
if (single)
return;

104
package/system/uci/patches/002-file-Check-buffer-size-after-strtok.patch Normal file
View File

@@ -0,0 +1,104 @@
From eae126f66663e5c73e5d290b8e3134449489340f Mon Sep 17 00:00:00 2001
From: Hauke Mehrtens <hauke@hauke-m.de>
Date: Sun, 4 Oct 2020 17:14:49 +0200
Subject: [PATCH] file: Check buffer size after strtok()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This fixes a heap overflow in the parsing of the uci line.
The line which is parsed and put into pctx->buf is null terminated and
stored on the heap. In the uci_parse_line() function we use strtok() to
split this string in multiple parts after divided by a space or tab.
strtok() replaces these characters with a NULL byte. If the next byte is
NULL we assume that this NULL byte was added by strtok() and try to
parse the string after this NULL byte. If this NULL byte was not added
by strtok(), but by fgets() to mark the end of the string we would read
over this end of the string in uninitialized memory and later over the
allocated buffer.
Fix this problem by storing how long the line we read was and check if
we would read over the end of the string here.
This also adds the input which detected this crash to the corpus of the
fuzzer.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
[fixed merge conflict in tests]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
---
file.c | 19 ++++++++++++++++---
tests/cram/test-san_uci_import.t | 1 +
tests/cram/test_uci_import.t | 1 +
.../2e18ecc3a759dedc9357b1298e9269eccc5c5a6b | 1 +
uci_internal.h | 1 +
5 files changed, 20 insertions(+), 3 deletions(-)
create mode 100644 tests/fuzz/corpus/2e18ecc3a759dedc9357b1298e9269eccc5c5a6b
--- a/file.c
+++ b/file.c
@@ -64,6 +64,7 @@ __private void uci_getln(struct uci_cont
return;
ofs += strlen(p);
+ pctx->buf_filled = ofs;
if (pctx->buf[ofs - 1] == '\n') {
pctx->line++;
return;
@@ -121,6 +122,15 @@ static inline void addc(struct uci_conte
*pos_src += 1;
}
+static int uci_increase_pos(struct uci_parse_context *pctx, size_t add)
+{
+ if (pctx->pos + add > pctx->buf_filled)
+ return -EINVAL;
+
+ pctx->pos += add;
+ return 0;
+}
+
/*
* parse a double quoted string argument from the command line
*/
@@ -385,7 +395,8 @@ static void uci_parse_package(struct uci
char *name;
/* command string null-terminated by strtok */
- pctx->pos += strlen(pctx_cur_str(pctx)) + 1;
+ if (uci_increase_pos(pctx, strlen(pctx_cur_str(pctx)) + 1))
+ uci_parse_error(ctx, "package without name");
ofs_name = next_arg(ctx, true, true, true);
assert_eol(ctx);
@@ -417,7 +428,8 @@ static void uci_parse_config(struct uci_
}
/* command string null-terminated by strtok */
- pctx->pos += strlen(pctx_cur_str(pctx)) + 1;
+ if (uci_increase_pos(pctx, strlen(pctx_cur_str(pctx)) + 1))
+ uci_parse_error(ctx, "config without name");
ofs_type = next_arg(ctx, true, false, false);
type = pctx_str(pctx, ofs_type);
@@ -467,7 +479,8 @@ static void uci_parse_option(struct uci_
uci_parse_error(ctx, "option/list command found before the first section");
/* command string null-terminated by strtok */
- pctx->pos += strlen(pctx_cur_str(pctx)) + 1;
+ if (uci_increase_pos(pctx, strlen(pctx_cur_str(pctx)) + 1))
+ uci_parse_error(ctx, "option without name");
ofs_name = next_arg(ctx, true, true, false);
ofs_value = next_arg(ctx, false, false, false);
--- a/uci_internal.h
+++ b/uci_internal.h
@@ -33,6 +33,7 @@ struct uci_parse_context
const char *name;
char *buf;
int bufsz;
+ size_t buf_filled;
int pos;
};
#define pctx_pos(pctx) ((pctx)->pos)

1
rules.mk
View File

@@ -291,6 +291,7 @@ HOSTCXX_NOCACHE:=$(HOSTCXX)
export TARGET_CC_NOCACHE
export TARGET_CXX_NOCACHE
export HOSTCC_NOCACHE
export HOSTCXX_NOCACHE
ifneq ($(CONFIG_CCACHE),)
TARGET_CC:= ccache_cc

26
scripts/download.pl
View File

@@ -93,6 +93,7 @@ $hash_cmd or ($file_hash eq "skip") or die "Cannot find appropriate hash command
sub download
{
my $mirror = shift;
my $download_filename = shift;
$mirror =~ s!/$!!;
@@ -139,7 +140,7 @@ sub download
}
};
} else {
my @cmd = download_cmd("$mirror/$url_filename");
my @cmd = download_cmd("$mirror/$download_filename");
print STDERR "+ ".join(" ",@cmd)."\n";
open(FETCH_FD, '-|', @cmd) or die "Cannot launch curl or wget.\n";
$hash_cmd and do {
@@ -262,11 +263,32 @@ foreach my $mirror (@ARGV) {
push @mirrors, 'https://sources.openwrt.org';
push @mirrors, 'https://mirror2.openwrt.org/sources';
if (-f "$target/$filename") {
$hash_cmd and do {
if (system("cat '$target/$filename' | $hash_cmd > '$target/$filename.hash'")) {
die "Failed to generate hash for $filename\n";
}
my $sum = `cat "$target/$filename.hash"`;
$sum =~ /^(\w+)\s*/ or die "Could not generate file hash\n";
$sum = $1;
cleanup();
exit 0 if $sum eq $file_hash;
die "Hash of the local file $filename does not match (file: $sum, requested: $file_hash) - deleting download.\n";
unlink "$target/$filename";
};
}
while (!-f "$target/$filename") {
my $mirror = shift @mirrors;
$mirror or die "No more mirrors to try - giving up.\n";
download($mirror);
download($mirror, $url_filename);
if (!-f "$target/$filename" && $url_filename ne $filename) {
download($mirror, $filename);
}
}
$SIG{INT} = \&cleanup;

2
scripts/getver.sh
View File

@@ -26,7 +26,7 @@ try_git() {
*)
BRANCH="$(git rev-parse --abbrev-ref HEAD)"
ORIGIN="$(git rev-parse --verify --symbolic-full-name ${BRANCH}@{u} 2>/dev/null)"
[ -n "$ORIGIN" ] || ORIGIN="$(git rev-parse --verify --symbolic-full-name master@{u} 2>/dev/null)"
[ -n "$ORIGIN" ] || ORIGIN="$(git rev-parse --verify --symbolic-full-name openwrt-19.07@{u} 2>/dev/null)"
REV="$(git rev-list ${REBOOT}..$GET_REV | wc -l | awk '{print $1}')"
if [ -n "$ORIGIN" ]; then

14
target/linux/ar71xx/patches-4.14/403-mtd_fix_cfi_cmdset_0002_status_check.patch
View File

@@ -1,6 +1,6 @@
--- a/drivers/mtd/chips/cfi_cmdset_0002.c
+++ b/drivers/mtd/chips/cfi_cmdset_0002.c
@@ -1641,7 +1641,7 @@ static int __xipram do_write_oneword(str
@@ -1640,7 +1640,7 @@ static int __xipram do_write_oneword(str
}
if (chip_good(map, adr, datum))
@@ -9,7 +9,7 @@
/* Latency issues. Drop the lock, wait a while and retry */
UDELAY(map, chip, adr, 1);
@@ -1658,6 +1658,8 @@ static int __xipram do_write_oneword(str
@@ -1657,6 +1657,8 @@ static int __xipram do_write_oneword(str
goto retry;
}
}
@@ -18,7 +18,7 @@
xip_enable(map, chip, adr);
op_done:
if (mode == FL_OTP_WRITE)
@@ -2240,7 +2242,6 @@ static int cfi_amdstd_panic_write(struct
@@ -2239,7 +2241,6 @@ static int cfi_amdstd_panic_write(struct
return 0;
}
@@ -26,7 +26,7 @@
/*
* Handle devices with one erase region, that only implement
* the chip erase command.
@@ -2308,7 +2309,7 @@ static int __xipram do_erase_chip(struct
@@ -2307,7 +2308,7 @@ static int __xipram do_erase_chip(struct
}
if (chip_good(map, adr, map_word_ff(map)))
@@ -35,7 +35,7 @@
if (time_after(jiffies, timeo)) {
printk(KERN_WARNING "MTD %s(): software timeout\n",
@@ -2332,6 +2333,7 @@ static int __xipram do_erase_chip(struct
@@ -2331,6 +2332,7 @@ static int __xipram do_erase_chip(struct
}
}
@@ -43,7 +43,7 @@
chip->state = FL_READY;
xip_enable(map, chip, adr);
DISABLE_VPP(map);
@@ -2405,7 +2407,7 @@ static int __xipram do_erase_oneblock(st
@@ -2404,7 +2406,7 @@ static int __xipram do_erase_oneblock(st
if (chip_good(map, adr, map_word_ff(map))) {
xip_enable(map, chip, adr);
@@ -52,7 +52,7 @@
}
if (time_after(jiffies, timeo)) {
@@ -2431,6 +2433,7 @@ static int __xipram do_erase_oneblock(st
@@ -2430,6 +2432,7 @@ static int __xipram do_erase_oneblock(st
}
}

6
target/linux/ar71xx/patches-4.14/411-mtd-cfi_cmdset_0002-force-word-write.patch
View File

@@ -35,7 +35,7 @@
/* Atmel chips don't use the same PRI format as AMD chips */
static void fixup_convert_atmel_pri(struct mtd_info *mtd)
@@ -1800,6 +1804,7 @@ static int cfi_amdstd_write_words(struct
@@ -1799,6 +1803,7 @@ static int cfi_amdstd_write_words(struct
/*
* FIXME: interleaved mode not tested, and probably not supported!
*/
@@ -43,7 +43,7 @@
static int __xipram do_write_buffer(struct map_info *map, struct flchip *chip,
unsigned long adr, const u_char *buf,
int len)
@@ -1932,7 +1937,6 @@ static int __xipram do_write_buffer(stru
@@ -1931,7 +1936,6 @@ static int __xipram do_write_buffer(stru
return ret;
}
@@ -51,7 +51,7 @@
static int cfi_amdstd_write_buffers(struct mtd_info *mtd, loff_t to, size_t len,
size_t *retlen, const u_char *buf)
{
@@ -2007,6 +2011,7 @@ static int cfi_amdstd_write_buffers(stru
@@ -2006,6 +2010,7 @@ static int cfi_amdstd_write_buffers(stru
return 0;
}

2
target/linux/ar71xx/patches-4.14/490-usb-ehci-add-quirks-for-qca-socs.patch
View File

@@ -1,6 +1,6 @@
--- a/drivers/usb/host/ehci-hcd.c
+++ b/drivers/usb/host/ehci-hcd.c
@@ -252,6 +252,37 @@ int ehci_reset(struct ehci_hcd *ehci)
@@ -253,6 +253,37 @@ int ehci_reset(struct ehci_hcd *ehci)
command |= CMD_RESET;
dbg_cmd (ehci, "reset", command);
ehci_writel(ehci, command, &ehci->regs->command);

2
target/linux/ar71xx/patches-4.14/500-MIPS-fw-myloader.patch
View File

@@ -10,7 +10,7 @@
--- a/arch/mips/Kconfig
+++ b/arch/mips/Kconfig
@@ -1153,6 +1153,9 @@ config MIPS_MSC
@@ -1154,6 +1154,9 @@ config MIPS_MSC
config MIPS_NILE4
bool

4
target/linux/ar71xx/patches-4.14/910-unaligned_access_hacks.patch
View File

@@ -325,7 +325,7 @@
for (p = *head; p; p = p->next) {
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -464,7 +464,7 @@ static struct neighbour *ipv4_neigh_look
@@ -465,7 +465,7 @@ static struct neighbour *ipv4_neigh_look
else if (skb)
pkey = &ip_hdr(skb)->daddr;
@@ -937,6 +937,6 @@
ipv6_hdr(skb)->hop_limit != hop_limit ||
- flowlabel != *((u_int32_t *)ipv6_hdr(skb)))) {
+ flowlabel != net_hdr_word(ipv6_hdr(skb)))) {
err = ip6_route_me_harder(state->net, skb);
err = ip6_route_me_harder(state->net, state->sk, skb);
if (err < 0)
ret = NF_DROP_ERR(err);

4
target/linux/ath79/base-files/etc/board.d/01_leds
View File

@@ -91,7 +91,7 @@ on,n150r)
ucidef_set_led_switch "lan2" "LAN2" "netgear:green:lan2" "switch0" "0x04" "0x0f"
;;
pcs,cap324)
ucidef_set_led_netdev "lan" "LAN" "pcs:lan:green" "eth0"
ucidef_set_led_netdev "lan" "LAN" "pcs:green:lan" "eth0"
;;
pcs,cr3000)
ucidef_set_led_netdev "wan" "WAN" "pcs:blue:wan" "eth1"
@@ -253,7 +253,7 @@ ubnt,nanostation-ac)
wd,mynet-wifi-rangeextender)
ucidef_set_led_netdev "lan" "LAN" "$boardname:green:lan" "eth0"
ucidef_set_rssimon "wlan0" "200000" "1"
ucidef_set_led_rssi "rssilow" "RSSILOW" "$boardname:rssi-low" "wlan0" "1" "100"
ucidef_set_led_rssi "rssilow" "RSSILOW" "$boardname:blue:rssi-low" "wlan0" "1" "100"
ucidef_set_led_rssi "rssimedium" "RSSIMED" "$boardname:blue:rssi-med" "wlan0" "33" "100"
ucidef_set_led_rssi "rssihigh" "RSSIMAX" "$boardname:blue:rssi-max" "wlan0" "66" "100"
;;

6
target/linux/ath79/base-files/etc/hotplug.d/firmware/10-ath9k-eeprom
View File

@@ -148,7 +148,8 @@ case "$FIRMWARE" in
tplink,tl-wr941-v4)
ath9k_eeprom_extract "art" 4096 3768
;;
buffalo,wzr-hp-g450h)
buffalo,wzr-hp-g450h|\
ubnt,unifi)
ath9k_eeprom_extract "art" 4096 1088
;;
dlink,dir-825-c1|\
@@ -189,9 +190,6 @@ case "$FIRMWARE" in
pqi,air-pen)
ath9k_eeprom_extract "art" 4096 2002
;;
ubnt,unifi)
ath9k_eeprom_extract "art" 4096 2048
;;
wd,mynet-n750)
ath9k_eeprom_extract "art" 20480 1088
ath9k_patch_fw_mac $(mtd_get_mac_ascii devdata "wlan5mac") 2

3
target/linux/ath79/base-files/etc/uci-defaults/04_led_migration
View File

@@ -10,6 +10,9 @@ case "$board" in
engenius,epg5000)
migrate_leds ":wlan-2g=:wlan2g" ":wlan-5g=:wlan5g"
;;
pcs,cap324)
migrate_leds "lan:amber=amber:lan" "lan:green=green:lan"
;;
tplink,archer-c25-v1|\
tplink,archer-c58-v1|\
tplink,archer-c59-v1|\

4
target/linux/ath79/dts/ar9344_pcs_cap324.dts
View File

@@ -60,12 +60,12 @@
};
lan_amber {
label = "pcs:lan:amber";
label = "pcs:amber:lan";
gpios = <&gpio 15 GPIO_ACTIVE_LOW>;
};
lan_green {
label = "pcs:lan:green";
label = "pcs:green:lan";
gpios = <&gpio 14 GPIO_ACTIVE_LOW>;
};
};

2
target/linux/ath79/dts/qca9563_ubnt_unifiac.dtsi
View File

@@ -112,6 +112,6 @@
&wmac {
status = "okay";
mtd-cal-data = <&eeprom 0x1000>;
mtd-mac-address = <&eeprom 0x0>;
};

2
target/linux/ath79/patches-4.14/0001-tty-serial-drop-QCA-pecific-SoC-symbols.patch
View File

@@ -10,7 +10,7 @@ Signed-off-by: John Crispin <john@phrozen.org>
--- a/drivers/tty/serial/Kconfig
+++ b/drivers/tty/serial/Kconfig
@@ -1463,7 +1463,7 @@ config SERIAL_XILINX_PS_UART_CONSOLE
@@ -1464,7 +1464,7 @@ config SERIAL_XILINX_PS_UART_CONSOLE
config SERIAL_AR933X
tristate "AR933X serial port support"

14
target/linux/ath79/patches-4.14/403-mtd_fix_cfi_cmdset_0002_status_check.patch
View File

@@ -1,6 +1,6 @@
--- a/drivers/mtd/chips/cfi_cmdset_0002.c
+++ b/drivers/mtd/chips/cfi_cmdset_0002.c
@@ -1641,7 +1641,7 @@ static int __xipram do_write_oneword(str
@@ -1640,7 +1640,7 @@ static int __xipram do_write_oneword(str
}
if (chip_good(map, adr, datum))
@@ -9,7 +9,7 @@
/* Latency issues. Drop the lock, wait a while and retry */
UDELAY(map, chip, adr, 1);
@@ -1658,6 +1658,8 @@ static int __xipram do_write_oneword(str
@@ -1657,6 +1657,8 @@ static int __xipram do_write_oneword(str
goto retry;
}
}
@@ -18,7 +18,7 @@
xip_enable(map, chip, adr);
op_done:
if (mode == FL_OTP_WRITE)
@@ -2240,7 +2242,6 @@ static int cfi_amdstd_panic_write(struct
@@ -2239,7 +2241,6 @@ static int cfi_amdstd_panic_write(struct
return 0;
}
@@ -26,7 +26,7 @@
/*
* Handle devices with one erase region, that only implement
* the chip erase command.
@@ -2308,7 +2309,7 @@ static int __xipram do_erase_chip(struct
@@ -2307,7 +2308,7 @@ static int __xipram do_erase_chip(struct
}
if (chip_good(map, adr, map_word_ff(map)))
@@ -35,7 +35,7 @@
if (time_after(jiffies, timeo)) {
printk(KERN_WARNING "MTD %s(): software timeout\n",
@@ -2332,6 +2333,7 @@ static int __xipram do_erase_chip(struct
@@ -2331,6 +2332,7 @@ static int __xipram do_erase_chip(struct
}
}
@@ -43,7 +43,7 @@
chip->state = FL_READY;
xip_enable(map, chip, adr);
DISABLE_VPP(map);
@@ -2405,7 +2407,7 @@ static int __xipram do_erase_oneblock(st
@@ -2404,7 +2406,7 @@ static int __xipram do_erase_oneblock(st
if (chip_good(map, adr, map_word_ff(map))) {
xip_enable(map, chip, adr);
@@ -52,7 +52,7 @@
}
if (time_after(jiffies, timeo)) {
@@ -2431,6 +2433,7 @@ static int __xipram do_erase_oneblock(st
@@ -2430,6 +2432,7 @@ static int __xipram do_erase_oneblock(st
}
}

2
target/linux/ath79/patches-4.14/490-usb-ehci-add-quirks-for-qca-socs.patch
View File

@@ -1,6 +1,6 @@
--- a/drivers/usb/host/ehci-hcd.c
+++ b/drivers/usb/host/ehci-hcd.c
@@ -252,6 +252,37 @@ int ehci_reset(struct ehci_hcd *ehci)
@@ -253,6 +253,37 @@ int ehci_reset(struct ehci_hcd *ehci)
command |= CMD_RESET;
dbg_cmd (ehci, "reset", command);
ehci_writel(ehci, command, &ehci->regs->command);

4
target/linux/ath79/patches-4.14/910-unaligned_access_hacks.patch
View File

@@ -316,7 +316,7 @@
for (p = *head; p; p = p->next) {
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -464,7 +464,7 @@ static struct neighbour *ipv4_neigh_look
@@ -465,7 +465,7 @@ static struct neighbour *ipv4_neigh_look
else if (skb)
pkey = &ip_hdr(skb)->daddr;
@@ -895,6 +895,6 @@
ipv6_hdr(skb)->hop_limit != hop_limit ||
- flowlabel != *((u_int32_t *)ipv6_hdr(skb)))) {
+ flowlabel != net_hdr_word(ipv6_hdr(skb)))) {
err = ip6_route_me_harder(state->net, skb);
err = ip6_route_me_harder(state->net, state->sk, skb);
if (err < 0)
ret = NF_DROP_ERR(err);

59
target/linux/ath79/patches-4.14/930-ar8216-make-reg-access-atomic.patch Normal file
View File

@@ -0,0 +1,59 @@
From b3797d1a92afe97c173b00fdb7824cedba24eef0 Mon Sep 17 00:00:00 2001
From: Chuanhong Guo <gch981213@gmail.com>
Date: Sun, 20 Sep 2020 01:00:45 +0800
Subject: [PATCH] ath79: ar8216: make switch register access atomic
due to some unknown reason these register accesses sometimes fail
on the integrated switch without this patch.
THIS ONLY WORKS ON ATH79 AND MAY BREAK THE DRIVER ON OTHER PLATFORMS!
The mdio bus on ath79 works in polling mode and doesn't rely on
any interrupt. This patch breaks the driver on any mdio master
with interrupts used.
---
--- a/drivers/net/phy/ar8216.c
+++ b/drivers/net/phy/ar8216.c
@@ -252,6 +252,7 @@ ar8xxx_mii_write32(struct ar8xxx_priv *p
u32
ar8xxx_read(struct ar8xxx_priv *priv, int reg)
{
+ unsigned long flags;
struct mii_bus *bus = priv->mii_bus;
u16 r1, r2, page;
u32 val;
@@ -259,11 +260,13 @@ ar8xxx_read(struct ar8xxx_priv *priv, in
split_addr((u32) reg, &r1, &r2, &page);
mutex_lock(&bus->mdio_lock);
+ local_irq_save(flags);
bus->write(bus, 0x18, 0, page);
wait_for_page_switch();
val = ar8xxx_mii_read32(priv, 0x10 | r2, r1);
+ local_irq_restore(flags);
mutex_unlock(&bus->mdio_lock);
return val;
@@ -272,17 +275,20 @@ ar8xxx_read(struct ar8xxx_priv *priv, in
void
ar8xxx_write(struct ar8xxx_priv *priv, int reg, u32 val)
{
+ unsigned long flags;
struct mii_bus *bus = priv->mii_bus;
u16 r1, r2, page;
split_addr((u32) reg, &r1, &r2, &page);
mutex_lock(&bus->mdio_lock);
+ local_irq_save(flags);
bus->write(bus, 0x18, 0, page);
wait_for_page_switch();
ar8xxx_mii_write32(priv, 0x10 | r2, r1, val);
+ local_irq_restore(flags);
mutex_unlock(&bus->mdio_lock);
}

2
target/linux/bcm53xx/patches-4.14/400-mtd-spi-nor-detect-JEDEC-incompatible-w25q128-using-.patch
View File

@@ -13,7 +13,7 @@ Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
--- a/drivers/mtd/spi-nor/spi-nor.c
+++ b/drivers/mtd/spi-nor/spi-nor.c
@@ -1227,6 +1227,18 @@ static const struct flash_info *spi_nor_
@@ -1237,6 +1237,18 @@ static const struct flash_info *spi_nor_
}
dev_err(nor->dev, "unrecognized JEDEC id bytes: %02x, %02x, %02x\n",
id[0], id[1], id[2]);

4
target/linux/brcm2708/patches-4.14/950-0022-Register-the-clocks-early-during-the-boot-process-so.patch
View File

@@ -13,7 +13,7 @@ Signed-off-by: Martin Sperl <kernel@martin.sperl.org>
--- a/drivers/clk/bcm/clk-bcm2835.c
+++ b/drivers/clk/bcm/clk-bcm2835.c
@@ -2220,8 +2220,15 @@ static int bcm2835_clk_probe(struct plat
@@ -2222,8 +2222,15 @@ static int bcm2835_clk_probe(struct plat
if (ret)
return ret;
@@ -30,7 +30,7 @@ Signed-off-by: Martin Sperl <kernel@martin.sperl.org>
}
static const struct of_device_id bcm2835_clk_of_match[] = {
@@ -2238,7 +2245,11 @@ static struct platform_driver bcm2835_cl
@@ -2240,7 +2247,11 @@ static struct platform_driver bcm2835_cl
.probe = bcm2835_clk_probe,
};

2
target/linux/brcm2708/patches-4.14/950-0026-clk-bcm2835-Mark-used-PLLs-and-dividers-CRITICAL.patch
View File

@@ -14,7 +14,7 @@ Signed-off-by: Phil Elwell <phil@raspberrypi.org>
--- a/drivers/clk/bcm/clk-bcm2835.c
+++ b/drivers/clk/bcm/clk-bcm2835.c
@@ -1397,6 +1397,11 @@ bcm2835_register_pll_divider(struct bcm2
@@ -1399,6 +1399,11 @@ bcm2835_register_pll_divider(struct bcm2
divider->div.hw.init = &init;
divider->div.table = NULL;

10
target/linux/brcm2708/patches-4.14/950-0027-clk-bcm2835-Add-claim-clocks-property.patch
View File

@@ -36,7 +36,7 @@ Signed-off-by: Phil Elwell <phil@raspberrypi.org>
pll = kzalloc(sizeof(*pll), GFP_KERNEL);
if (!pll)
return NULL;
@@ -1398,8 +1403,10 @@ bcm2835_register_pll_divider(struct bcm2
@@ -1400,8 +1405,10 @@ bcm2835_register_pll_divider(struct bcm2
divider->div.table = NULL;
if (!(cprman_read(cprman, data->cm_reg) & data->hold_mask)) {
@@ -49,7 +49,7 @@ Signed-off-by: Phil Elwell <phil@raspberrypi.org>
}
divider->cprman = cprman;
@@ -2152,6 +2159,8 @@ static const struct bcm2835_clk_desc clk
@@ -2154,6 +2161,8 @@ static const struct bcm2835_clk_desc clk
.ctl_reg = CM_PERIICTL),
};
@@ -58,7 +58,7 @@ Signed-off-by: Phil Elwell <phil@raspberrypi.org>
/*
* Permanently take a reference on the parent of the SDRAM clock.
*
@@ -2171,6 +2180,19 @@ static int bcm2835_mark_sdc_parent_criti
@@ -2173,6 +2182,19 @@ static int bcm2835_mark_sdc_parent_criti
return clk_prepare_enable(parent);
}
@@ -78,7 +78,7 @@ Signed-off-by: Phil Elwell <phil@raspberrypi.org>
static int bcm2835_clk_probe(struct platform_device *pdev)
{
struct device *dev = &pdev->dev;
@@ -2180,6 +2202,7 @@ static int bcm2835_clk_probe(struct plat
@@ -2182,6 +2204,7 @@ static int bcm2835_clk_probe(struct plat
const struct bcm2835_clk_desc *desc;
const size_t asize = ARRAY_SIZE(clk_desc_array);
size_t i;
@@ -86,7 +86,7 @@ Signed-off-by: Phil Elwell <phil@raspberrypi.org>
int ret;
cprman = devm_kzalloc(dev, sizeof(*cprman) +
@@ -2195,6 +2218,13 @@ static int bcm2835_clk_probe(struct plat
@@ -2197,6 +2220,13 @@ static int bcm2835_clk_probe(struct plat
if (IS_ERR(cprman->regs))
return PTR_ERR(cprman->regs);

4
target/linux/brcm2708/patches-4.14/950-0028-clk-bcm2835-Read-max-core-clock-from-firmware.patch
View File

@@ -90,7 +90,7 @@ Signed-off-by: Phil Elwell <phil@raspberrypi.org>
.set_rate = bcm2835_clock_set_rate,
.determine_rate = bcm2835_clock_determine_rate,
.set_parent = bcm2835_clock_set_parent,
@@ -2201,6 +2229,7 @@ static int bcm2835_clk_probe(struct plat
@@ -2203,6 +2231,7 @@ static int bcm2835_clk_probe(struct plat
struct resource *res;
const struct bcm2835_clk_desc *desc;
const size_t asize = ARRAY_SIZE(clk_desc_array);
@@ -98,7 +98,7 @@ Signed-off-by: Phil Elwell <phil@raspberrypi.org>
size_t i;
u32 clk_id;
int ret;
@@ -2218,6 +2247,14 @@ static int bcm2835_clk_probe(struct plat
@@ -2220,6 +2249,14 @@ static int bcm2835_clk_probe(struct plat
if (IS_ERR(cprman->regs))
return PTR_ERR(cprman->regs);

2
target/linux/brcm2708/patches-4.14/950-0029-clk-bcm2835-Mark-GPIO-clocks-enabled-at-boot-as-crit.patch
View File

@@ -20,7 +20,7 @@ Signed-off-by: Eric Anholt <eric@anholt.net>
--- a/drivers/clk/bcm/clk-bcm2835.c
+++ b/drivers/clk/bcm/clk-bcm2835.c
@@ -1490,6 +1490,15 @@ static struct clk_hw *bcm2835_register_c
@@ -1492,6 +1492,15 @@ static struct clk_hw *bcm2835_register_c
init.flags = data->flags | CLK_IGNORE_UNUSED;
/*

2
target/linux/brcm2708/patches-4.14/950-0034-mm-Remove-the-PFN-busy-warning.patch
View File

@@ -14,7 +14,7 @@ Signed-off-by: Eric Anholt <eric@anholt.net>
--- a/mm/page_alloc.c
+++ b/mm/page_alloc.c
@@ -7626,8 +7626,6 @@ int alloc_contig_range(unsigned long sta
@@ -7629,8 +7629,6 @@ int alloc_contig_range(unsigned long sta
/* Make sure the range is really isolated. */
if (test_pages_isolated(outer_start, end, false)) {

2
target/linux/brcm2708/patches-4.14/950-0037-Add-dwc_otg-driver.patch
View File

@@ -852,7 +852,7 @@ Signed-off-by: Malik Olivier Boussejra <malik@boussejra.com>
msleep(100); /* Cool down */
--- a/drivers/usb/core/message.c
+++ b/drivers/usb/core/message.c
@@ -1932,6 +1932,85 @@ free_interfaces:
@@ -1925,6 +1925,85 @@ free_interfaces:
if (cp->string == NULL &&
!(dev->quirks & USB_QUIRK_CONFIG_INTF_STRINGS))
cp->string = usb_cache_string(dev, cp->desc.iConfiguration);

2
target/linux/brcm2708/patches-4.14/950-0092-amba_pl011-Don-t-use-DT-aliases-for-numbering.patch
View File

@@ -14,7 +14,7 @@ use the same logic.
--- a/drivers/tty/serial/amba-pl011.c
+++ b/drivers/tty/serial/amba-pl011.c
@@ -2596,7 +2596,12 @@ static int pl011_setup_port(struct devic
@@ -2595,7 +2595,12 @@ static int pl011_setup_port(struct devic
if (IS_ERR(base))
return PTR_ERR(base);

6
target/linux/brcm2708/patches-4.14/950-0093-amba_pl011-Round-input-clock-up.patch
View File

@@ -59,7 +59,7 @@ Signed-off-by: Phil Elwell <phil@raspberrypi.org>
/* Clear pending error and receive interrupts */
pl011_write(UART011_OEIS | UART011_BEIS | UART011_PEIS |
@@ -2342,7 +2359,7 @@ static int __init pl011_console_setup(st
@@ -2341,7 +2358,7 @@ static int pl011_console_setup(struct co
plat->init();
}
@@ -68,7 +68,7 @@ Signed-off-by: Phil Elwell <phil@raspberrypi.org>
if (uap->vendor->fixed_options) {
baud = uap->fixed_baud;
@@ -2527,6 +2544,7 @@ static struct uart_driver amba_reg = {
@@ -2526,6 +2543,7 @@ static struct uart_driver amba_reg = {
.cons = AMBA_CONSOLE,
};
@@ -76,7 +76,7 @@ Signed-off-by: Phil Elwell <phil@raspberrypi.org>
static int pl011_probe_dt_alias(int index, struct device *dev)
{
struct device_node *np;
@@ -2558,6 +2576,7 @@ static int pl011_probe_dt_alias(int inde
@@ -2557,6 +2575,7 @@ static int pl011_probe_dt_alias(int inde
return ret;
}

2
target/linux/brcm2708/patches-4.14/950-0110-drm-vc4-Add-a-mode-for-using-the-closed-firmware-for.patch
View File

@@ -70,7 +70,7 @@ Signed-off-by: Eric Anholt <eric@anholt.net>
--- a/drivers/gpu/drm/vc4/vc4_drv.c
+++ b/drivers/gpu/drm/vc4/vc4_drv.c
@@ -317,6 +317,7 @@ static struct platform_driver *const com
@@ -318,6 +318,7 @@ static struct platform_driver *const com
&vc4_dsi_driver,
&vc4_hvs_driver,
&vc4_crtc_driver,

2
target/linux/brcm2708/patches-4.14/950-0122-amba_pl011-Add-cts-event-workaround-DT-property.patch
View File

@@ -33,7 +33,7 @@ Signed-off-by: Phil Elwell <phil@raspberrypi.org>
--- a/drivers/tty/serial/amba-pl011.c
+++ b/drivers/tty/serial/amba-pl011.c
@@ -2680,6 +2680,11 @@ static int pl011_probe(struct amba_devic
@@ -2682,6 +2682,11 @@ static int pl011_probe(struct amba_devic
if (IS_ERR(uap->clk))
return PTR_ERR(uap->clk);

4
target/linux/brcm2708/patches-4.14/950-0202-drm-vc4-Fix-crash-if-we-have-to-unbind-HDMI.patch
View File

@@ -13,7 +13,7 @@ Signed-off-by: Eric Anholt <eric@anholt.net>
--- a/drivers/gpu/drm/vc4/vc4_hdmi.c
+++ b/drivers/gpu/drm/vc4/vc4_hdmi.c
@@ -1130,7 +1130,7 @@ static int vc4_hdmi_audio_init(struct vc
@@ -1131,7 +1131,7 @@ static int vc4_hdmi_audio_init(struct vc
* snd_soc_card_get_drvdata() if needed.
*/
snd_soc_card_set_drvdata(card, hdmi);
@@ -22,7 +22,7 @@ Signed-off-by: Eric Anholt <eric@anholt.net>
if (ret) {
dev_err(dev, "Could not register sound card: %d\n", ret);
goto unregister_codec;
@@ -1147,13 +1147,16 @@ unregister_codec:
@@ -1148,13 +1148,16 @@ unregister_codec:
static void vc4_hdmi_audio_cleanup(struct vc4_hdmi *hdmi)
{
struct device *dev = &hdmi->pdev->dev;

6
target/linux/brcm47xx/patches-4.14/159-cpu_fixes.patch
View File

@@ -406,7 +406,7 @@
if (!cpu_has_ic_fills_f_dc) {
if (dc_lsize)
vaddr ? flush_dcache_line(addr & ~(dc_lsize - 1))
@@ -1880,6 +1894,17 @@ static void coherency_setup(void)
@@ -1884,6 +1898,17 @@ static void coherency_setup(void)
* silly idea of putting something else there ...
*/
switch (current_cpu_type()) {
@@ -424,7 +424,7 @@
case CPU_R4000PC:
case CPU_R4000SC:
case CPU_R4000MC:
@@ -1926,6 +1951,15 @@ void r4k_cache_init(void)
@@ -1930,6 +1955,15 @@ void r4k_cache_init(void)
extern void build_copy_page(void);
struct cpuinfo_mips *c = &current_cpu_data;
@@ -440,7 +440,7 @@
probe_pcache();
probe_vcache();
setup_scache();
@@ -2004,7 +2038,15 @@ void r4k_cache_init(void)
@@ -2008,7 +2042,15 @@ void r4k_cache_init(void)
*/
local_r4k___flush_cache_all(NULL);

2
target/linux/brcm47xx/patches-4.14/209-b44-register-adm-switch.patch
View File

@@ -99,7 +99,7 @@ Subject: [PATCH 210/210] b44: register adm switch
dev_info(sdev->dev,
"could not find PHY at %i, use fixed one\n",
bp->phy_addr);
@@ -2480,6 +2548,7 @@ static void b44_remove_one(struct ssb_de
@@ -2481,6 +2549,7 @@ static void b44_remove_one(struct ssb_de
unregister_netdev(dev);
if (bp->flags & B44_FLAG_EXTERNAL_PHY)
b44_unregister_phy_one(bp);

2
target/linux/brcm47xx/patches-4.14/610-pci_ide_fix.patch
View File

@@ -27,7 +27,7 @@ This fixes OpenWrt ticket #7061: https://dev.openwrt.org/ticket/7061
---
--- a/include/linux/ide.h
+++ b/include/linux/ide.h
@@ -241,7 +241,11 @@ static inline void ide_std_init_ports(st
@@ -240,7 +240,11 @@ static inline void ide_std_init_ports(st
hw->io_ports.ctl_addr = ctl_addr;
}

2
target/linux/brcm63xx/patches-4.14/206-USB-EHCI-allow-limiting-ports-for-ehci-platform.patch
View File

@@ -21,7 +21,7 @@ Signed-off-by: Jonas Gorski <jogo@openwrt.org>
--- a/drivers/usb/host/ehci-hcd.c
+++ b/drivers/usb/host/ehci-hcd.c
@@ -678,6 +678,10 @@ int ehci_setup(struct usb_hcd *hcd)
@@ -679,6 +679,10 @@ int ehci_setup(struct usb_hcd *hcd)
/* cache this readonly data; minimize chip reads */
ehci->hcs_params = ehci_readl(ehci, &ehci->caps->hcs_params);

8
target/linux/cns3xxx/patches-4.14/210-dwc2_defaults.patch
View File

@@ -37,13 +37,13 @@
const struct of_device_id dwc2_of_match_table[] = {
{ .compatible = "brcm,bcm2835-usb", .data = dwc2_set_bcm_params },
{ .compatible = "hisilicon,hi6220-usb", .data = dwc2_set_his_params },
@@ -710,17 +740,23 @@ int dwc2_get_hwparams(struct dwc2_hsotg
@@ -710,18 +740,23 @@ int dwc2_get_hwparams(struct dwc2_hsotg
int dwc2_init_params(struct dwc2_hsotg *hsotg)
{
+ /*
const struct of_device_id *match;
void (*set_params)(void *data);
void (*set_params)(struct dwc2_hsotg *data);
+ */
dwc2_set_default_params(hsotg);
@@ -56,8 +56,8 @@
set_params(hsotg);
}
+ */
+
+ dwc2_set_cns3xxx_params(hsotg);
+ dwc2_set_cns3xxx_params(hsotg);
dwc2_check_params(hsotg);
return 0;

2
target/linux/generic/backport-4.14/030-USB-serial-option-fix-dwm-158-3g-modem-interface.patch
View File

@@ -30,7 +30,7 @@ Signed-off-by: Johan Hovold <johan@kernel.org>
--- a/drivers/usb/serial/option.c
+++ b/drivers/usb/serial/option.c
@@ -1990,7 +1990,8 @@ static const struct usb_device_id option
@@ -2011,7 +2011,8 @@ static const struct usb_device_id option
{ USB_DEVICE_INTERFACE_CLASS(0x2001, 0x7d01, 0xff) }, /* D-Link DWM-156 (variant) */
{ USB_DEVICE_INTERFACE_CLASS(0x2001, 0x7d02, 0xff) },
{ USB_DEVICE_INTERFACE_CLASS(0x2001, 0x7d03, 0xff) },

4
target/linux/generic/backport-4.14/273-batman-adv-Convert-packet.h-to-uapi-header.patch
View File

@@ -97,7 +97,7 @@ Signed-off-by: David S. Miller <davem@davemloft.net>
#include "translation-table.h"
--- a/net/batman-adv/bridge_loop_avoidance.c
+++ b/net/batman-adv/bridge_loop_avoidance.c
@@ -49,6 +49,7 @@
@@ -50,6 +50,7 @@
#include <net/genetlink.h>
#include <net/netlink.h>
#include <net/sock.h>
@@ -105,7 +105,7 @@ Signed-off-by: David S. Miller <davem@davemloft.net>
#include <uapi/linux/batman_adv.h>
#include "hard-interface.h"
@@ -56,7 +57,6 @@
@@ -57,7 +58,6 @@
#include "log.h"
#include "netlink.h"
#include "originator.h"

18
target/linux/generic/backport-4.14/303-v4.16-netfilter-nf_tables-remove-multihook-chains-and-fami.patch
View File

@@ -11,7 +11,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
--- a/include/net/netfilter/nf_tables.h
+++ b/include/net/netfilter/nf_tables.h
@@ -898,8 +898,6 @@ struct nft_stats {
@@ -900,8 +900,6 @@ struct nft_stats {
struct u64_stats_sync syncp;
};
@@ -20,7 +20,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
/**
* struct nft_base_chain - nf_tables base chain
*
@@ -911,7 +909,7 @@ struct nft_stats {
@@ -913,7 +911,7 @@ struct nft_stats {
* @dev_name: device name that this base chain is attached to (if any)
*/
struct nft_base_chain {
@@ -29,7 +29,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
const struct nf_chain_type *type;
u8 policy;
u8 flags;
@@ -972,8 +970,6 @@ enum nft_af_flags {
@@ -974,8 +972,6 @@ enum nft_af_flags {
* @owner: module owner
* @tables: used internally
* @flags: family flags
@@ -38,7 +38,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* @hooks: hookfn overrides for packet validation
*/
struct nft_af_info {
@@ -983,9 +979,6 @@ struct nft_af_info {
@@ -985,9 +981,6 @@ struct nft_af_info {
struct module *owner;
struct list_head tables;
u32 flags;
@@ -264,7 +264,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
nft_chain_release_hook(&hook);
}
@@ -5162,10 +5150,9 @@ static int nf_tables_commit(struct net *
@@ -5163,10 +5151,9 @@ static int nf_tables_commit(struct net *
case NFT_MSG_DELCHAIN:
list_del_rcu(&trans->ctx.chain->list);
nf_tables_chain_notify(&trans->ctx, NFT_MSG_DELCHAIN);
@@ -278,7 +278,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
break;
case NFT_MSG_NEWRULE:
nft_clear(trans->ctx.net, nft_trans_rule(trans));
@@ -5302,10 +5289,9 @@ static int nf_tables_abort(struct net *n
@@ -5303,10 +5290,9 @@ static int nf_tables_abort(struct net *n
} else {
trans->ctx.table->use--;
list_del_rcu(&trans->ctx.chain->list);
@@ -292,7 +292,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
break;
case NFT_MSG_DELCHAIN:
@@ -5408,7 +5394,7 @@ int nft_chain_validate_hooks(const struc
@@ -5409,7 +5395,7 @@ int nft_chain_validate_hooks(const struc
if (nft_is_base_chain(chain)) {
basechain = nft_base_chain(chain);
@@ -301,7 +301,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
return 0;
return -EOPNOTSUPP;
@@ -5890,8 +5876,7 @@ int __nft_release_basechain(struct nft_c
@@ -5891,8 +5877,7 @@ int __nft_release_basechain(struct nft_c
BUG_ON(!nft_is_base_chain(ctx->chain));
@@ -311,7 +311,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
list_for_each_entry_safe(rule, nr, &ctx->chain->rules, list) {
list_del(&rule->list);
ctx->chain->use--;
@@ -5920,8 +5905,7 @@ static void __nft_release_afinfo(struct
@@ -5921,8 +5906,7 @@ static void __nft_release_afinfo(struct
list_for_each_entry_safe(table, nt, &afi->tables, list) {
list_for_each_entry(chain, &table->chains, list)

6
target/linux/generic/backport-4.14/312-v4.16-netfilter-nf_tables-remove-hooks-from-family-definit.patch
View File

@@ -10,7 +10,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
--- a/include/net/netfilter/nf_tables.h
+++ b/include/net/netfilter/nf_tables.h
@@ -876,7 +876,7 @@ enum nft_chain_type {
@@ -878,7 +878,7 @@ enum nft_chain_type {
* @family: address family
* @owner: module owner
* @hook_mask: mask of valid hooks
@@ -19,7 +19,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
*/
struct nf_chain_type {
const char *name;
@@ -970,7 +970,6 @@ enum nft_af_flags {
@@ -972,7 +972,6 @@ enum nft_af_flags {
* @owner: module owner
* @tables: used internally
* @flags: family flags
@@ -27,7 +27,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
*/
struct nft_af_info {
struct list_head list;
@@ -979,7 +978,6 @@ struct nft_af_info {
@@ -981,7 +980,6 @@ struct nft_af_info {
struct module *owner;
struct list_head tables;
u32 flags;

6
target/linux/generic/backport-4.14/320-v4.16-netfilter-nf_conntrack-add-IPS_OFFLOAD-status-bit.patch
View File

@@ -90,7 +90,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
expired_count++;
--- a/net/netfilter/nf_conntrack_netlink.c
+++ b/net/netfilter/nf_conntrack_netlink.c
@@ -1123,6 +1123,14 @@ static const struct nla_policy ct_nla_po
@@ -1125,6 +1125,14 @@ static const struct nla_policy ct_nla_po
.len = NF_CT_LABELS_MAX_SIZE },
};
@@ -105,7 +105,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
static int ctnetlink_flush_conntrack(struct net *net,
const struct nlattr * const cda[],
u32 portid, int report)
@@ -1135,7 +1143,7 @@ static int ctnetlink_flush_conntrack(str
@@ -1137,7 +1145,7 @@ static int ctnetlink_flush_conntrack(str
return PTR_ERR(filter);
}
@@ -114,7 +114,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
portid, report);
kfree(filter);
@@ -1181,6 +1189,11 @@ static int ctnetlink_del_conntrack(struc
@@ -1183,6 +1191,11 @@ static int ctnetlink_del_conntrack(struc
ct = nf_ct_tuplehash_to_ctrack(h);

32
target/linux/generic/backport-4.14/321-v4.16-netfilter-nf_tables-add-flow-table-netlink-frontend.patch
View File

@@ -50,7 +50,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
#include <net/netlink.h>
#define NFT_JUMP_STACK_SIZE 16
@@ -939,6 +940,7 @@ unsigned int nft_do_chain(struct nft_pkt
@@ -941,6 +942,7 @@ unsigned int nft_do_chain(struct nft_pkt
* @chains: chains in the table
* @sets: sets in the table
* @objects: stateful objects in the table
@@ -58,7 +58,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* @hgenerator: handle generator state
* @use: number of chain references to this table
* @flags: table flag (see enum nft_table_flags)
@@ -950,6 +952,7 @@ struct nft_table {
@@ -952,6 +954,7 @@ struct nft_table {
struct list_head chains;
struct list_head sets;
struct list_head objects;
@@ -66,7 +66,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
u64 hgenerator;
u32 use;
u16 flags:14,
@@ -1081,6 +1084,44 @@ int nft_register_obj(struct nft_object_t
@@ -1083,6 +1086,44 @@ int nft_register_obj(struct nft_object_t
void nft_unregister_obj(struct nft_object_type *obj_type);
/**
@@ -111,7 +111,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* struct nft_traceinfo - nft tracing information and state
*
* @pkt: pktinfo currently processed
@@ -1316,4 +1357,11 @@ struct nft_trans_obj {
@@ -1318,4 +1359,11 @@ struct nft_trans_obj {
#define nft_trans_obj(trans) \
(((struct nft_trans_obj *)trans->data)->obj)
@@ -292,7 +292,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
list_for_each_entry_safe(obj, ne, &ctx->table->objects, list) {
err = nft_delobj(ctx, obj);
if (err < 0)
@@ -4862,6 +4906,605 @@ static void nf_tables_obj_notify(const s
@@ -4863,6 +4907,605 @@ static void nf_tables_obj_notify(const s
ctx->afi->family, ctx->report, GFP_KERNEL);
}
@@ -898,7 +898,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
static int nf_tables_fill_gen_info(struct sk_buff *skb, struct net *net,
u32 portid, u32 seq)
{
@@ -4892,6 +5535,49 @@ nla_put_failure:
@@ -4893,6 +5536,49 @@ nla_put_failure:
return -EMSGSIZE;
}
@@ -948,7 +948,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
static void nf_tables_gen_notify(struct net *net, struct sk_buff *skb,
int event)
{
@@ -5044,6 +5730,21 @@ static const struct nfnl_callback nf_tab
@@ -5045,6 +5731,21 @@ static const struct nfnl_callback nf_tab
.attr_count = NFTA_OBJ_MAX,
.policy = nft_obj_policy,
},
@@ -970,7 +970,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
};
static void nft_chain_commit_update(struct nft_trans *trans)
@@ -5092,6 +5793,9 @@ static void nf_tables_commit_release(str
@@ -5093,6 +5794,9 @@ static void nf_tables_commit_release(str
case NFT_MSG_DELOBJ:
nft_obj_destroy(nft_trans_obj(trans));
break;
@@ -980,7 +980,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
kfree(trans);
}
@@ -5211,6 +5915,21 @@ static int nf_tables_commit(struct net *
@@ -5212,6 +5916,21 @@ static int nf_tables_commit(struct net *
nf_tables_obj_notify(&trans->ctx, nft_trans_obj(trans),
NFT_MSG_DELOBJ);
break;
@@ -1002,7 +1002,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
}
@@ -5248,6 +5967,9 @@ static void nf_tables_abort_release(stru
@@ -5249,6 +5968,9 @@ static void nf_tables_abort_release(stru
case NFT_MSG_NEWOBJ:
nft_obj_destroy(nft_trans_obj(trans));
break;
@@ -1012,7 +1012,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
kfree(trans);
}
@@ -5339,6 +6061,17 @@ static int nf_tables_abort(struct net *n
@@ -5340,6 +6062,17 @@ static int nf_tables_abort(struct net *n
nft_clear(trans->ctx.net, nft_trans_obj(trans));
nft_trans_destroy(trans);
break;
@@ -1030,7 +1030,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
}
@@ -5889,6 +6622,7 @@ EXPORT_SYMBOL_GPL(__nft_release_basechai
@@ -5890,6 +6623,7 @@ EXPORT_SYMBOL_GPL(__nft_release_basechai
/* Called by nft_unregister_afinfo() from __net_exit path, nfnl_lock is held. */
static void __nft_release_afinfo(struct net *net, struct nft_af_info *afi)
{
@@ -1038,7 +1038,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
struct nft_table *table, *nt;
struct nft_chain *chain, *nc;
struct nft_object *obj, *ne;
@@ -5902,6 +6636,9 @@ static void __nft_release_afinfo(struct
@@ -5903,6 +6637,9 @@ static void __nft_release_afinfo(struct
list_for_each_entry_safe(table, nt, &afi->tables, list) {
list_for_each_entry(chain, &table->chains, list)
nf_tables_unregister_hook(net, table, chain);
@@ -1048,7 +1048,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
/* No packets are walking on these chains anymore. */
ctx.table = table;
list_for_each_entry(chain, &table->chains, list) {
@@ -5912,6 +6649,11 @@ static void __nft_release_afinfo(struct
@@ -5913,6 +6650,11 @@ static void __nft_release_afinfo(struct
nf_tables_rule_release(&ctx, rule);
}
}
@@ -1060,7 +1060,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
list_for_each_entry_safe(set, ns, &table->sets, list) {
list_del(&set->list);
table->use--;
@@ -5955,6 +6697,8 @@ static int __init nf_tables_module_init(
@@ -5956,6 +6698,8 @@ static int __init nf_tables_module_init(
if (err < 0)
goto err3;
@@ -1069,7 +1069,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
pr_info("nf_tables: (c) 2007-2009 Patrick McHardy <kaber@trash.net>\n");
return register_pernet_subsys(&nf_tables_net_ops);
err3:
@@ -5969,6 +6713,7 @@ static void __exit nf_tables_module_exit
@@ -5970,6 +6714,7 @@ static void __exit nf_tables_module_exit
{
unregister_pernet_subsys(&nf_tables_net_ops);
nfnetlink_subsys_unregister(&nf_tables_subsys);

6
target/linux/generic/backport-4.14/327-v4.16-netfilter-nf_tables-remove-nhooks-field-from-struct-.patch
View File

@@ -14,7 +14,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
--- a/include/net/netfilter/nf_tables.h
+++ b/include/net/netfilter/nf_tables.h
@@ -969,7 +969,6 @@ enum nft_af_flags {
@@ -971,7 +971,6 @@ enum nft_af_flags {
*
* @list: used internally
* @family: address family
@@ -22,7 +22,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* @owner: module owner
* @tables: used internally
* @flags: family flags
@@ -977,7 +976,6 @@ enum nft_af_flags {
@@ -979,7 +978,6 @@ enum nft_af_flags {
struct nft_af_info {
struct list_head list;
int family;
@@ -82,7 +82,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
hook->priority = ntohl(nla_get_be32(ha[NFTA_HOOK_PRIORITY]));
type = chain_type[afi->family][NFT_CHAIN_T_DEFAULT];
@@ -5014,7 +5011,7 @@ static int nf_tables_flowtable_parse_hoo
@@ -5015,7 +5012,7 @@ static int nf_tables_flowtable_parse_hoo
return -EINVAL;
hooknum = ntohl(nla_get_be32(tb[NFTA_FLOWTABLE_HOOK_NUM]));

2
target/linux/generic/backport-4.14/328-v4.16-netfilter-nf_tables-fix-a-typo-in-nf_tables_getflowt.patch
View File

@@ -11,7 +11,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -5438,7 +5438,7 @@ static int nf_tables_getflowtable(struct
@@ -5439,7 +5439,7 @@ static int nf_tables_getflowtable(struct
flowtable = nf_tables_flowtable_lookup(table, nla[NFTA_FLOWTABLE_NAME],
genmask);

4
target/linux/generic/backport-4.14/330-v4.16-netfilter-nf_tables-remove-flag-field-from-struct-nf.patch
View File

@@ -10,7 +10,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
--- a/include/net/netfilter/nf_tables.h
+++ b/include/net/netfilter/nf_tables.h
@@ -960,10 +960,6 @@ struct nft_table {
@@ -962,10 +962,6 @@ struct nft_table {
char *name;
};
@@ -21,7 +21,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
/**
* struct nft_af_info - nf_tables address family info
*
@@ -971,14 +967,12 @@ enum nft_af_flags {
@@ -973,14 +969,12 @@ enum nft_af_flags {
* @family: address family
* @owner: module owner
* @tables: used internally

4
target/linux/generic/backport-4.14/331-v4.16-netfilter-nf_tables-no-need-for-struct-nft_af_info-t.patch
View File

@@ -62,7 +62,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (ret >= 0) {
ctx->table->flags &= ~NFT_TABLE_F_DORMANT;
nft_trans_table_enable(trans) = true;
@@ -5819,7 +5812,6 @@ static int nf_tables_commit(struct net *
@@ -5820,7 +5813,6 @@ static int nf_tables_commit(struct net *
if (nft_trans_table_update(trans)) {
if (!nft_trans_table_enable(trans)) {
nf_tables_table_disable(net,
@@ -70,7 +70,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
trans->ctx.table);
trans->ctx.table->flags |= NFT_TABLE_F_DORMANT;
}
@@ -5983,7 +5975,6 @@ static int nf_tables_abort(struct net *n
@@ -5984,7 +5976,6 @@ static int nf_tables_abort(struct net *n
if (nft_trans_table_update(trans)) {
if (nft_trans_table_enable(trans)) {
nf_tables_table_disable(net,

2
target/linux/generic/backport-4.14/334-v4.15-netfilter-nf_tables-fix-potential-NULL-ptr-deref-in-.patch
View File

@@ -15,7 +15,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -5357,8 +5357,10 @@ static int nf_tables_dump_flowtable_done
@@ -5358,8 +5358,10 @@ static int nf_tables_dump_flowtable_done
if (!filter)
return 0;

64
target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch
View File

@@ -17,7 +17,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
--- a/include/net/netfilter/nf_tables.h
+++ b/include/net/netfilter/nf_tables.h
@@ -143,22 +143,22 @@ static inline void nft_data_debug(const
@@ -145,22 +145,22 @@ static inline void nft_data_debug(const
* struct nft_ctx - nf_tables rule/set context
*
* @net: net namespace
@@ -42,7 +42,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
bool report;
};
@@ -945,6 +945,7 @@ unsigned int nft_do_chain(struct nft_pkt
@@ -947,6 +947,7 @@ unsigned int nft_do_chain(struct nft_pkt
* @use: number of chain references to this table
* @flags: table flag (see enum nft_table_flags)
* @genmask: generation mask
@@ -50,7 +50,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* @name: name of the table
*/
struct nft_table {
@@ -957,6 +958,7 @@ struct nft_table {
@@ -959,6 +960,7 @@ struct nft_table {
u32 use;
u16 flags:14,
genmask:2;
@@ -58,7 +58,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
char *name;
};
@@ -966,13 +968,11 @@ struct nft_table {
@@ -968,13 +970,11 @@ struct nft_table {
* @list: used internally
* @family: address family
* @owner: module owner
@@ -679,7 +679,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
nfmsg->version = NFNETLINK_V0;
nfmsg->res_id = htons(ctx->net->nft.base_seq & 0xffff);
@@ -2952,10 +2949,8 @@ static int nf_tables_dump_sets(struct sk
@@ -2953,10 +2950,8 @@ static int nf_tables_dump_sets(struct sk
{
const struct nft_set *set;
unsigned int idx, s_idx = cb->args[0];
@@ -690,7 +690,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
struct nft_ctx *ctx = cb->data, ctx_set;
if (cb->args[1])
@@ -2964,51 +2959,44 @@ static int nf_tables_dump_sets(struct sk
@@ -2965,51 +2960,44 @@ static int nf_tables_dump_sets(struct sk
rcu_read_lock();
cb->seq = net->nft.base_seq;
@@ -771,7 +771,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
cb->args[1] = 1;
done:
@@ -3221,11 +3209,12 @@ static int nf_tables_newset(struct net *
@@ -3222,11 +3210,12 @@ static int nf_tables_newset(struct net *
if (IS_ERR(afi))
return PTR_ERR(afi);
@@ -786,7 +786,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
set = nf_tables_set_lookup(table, nla[NFTA_SET_NAME], genmask);
if (IS_ERR(set)) {
@@ -3494,12 +3483,12 @@ static int nft_ctx_init_from_elemattr(st
@@ -3495,12 +3484,12 @@ static int nft_ctx_init_from_elemattr(st
if (IS_ERR(afi))
return PTR_ERR(afi);
@@ -802,7 +802,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
return 0;
}
@@ -3604,7 +3593,6 @@ static int nf_tables_dump_set(struct sk_
@@ -3605,7 +3594,6 @@ static int nf_tables_dump_set(struct sk_
{
struct nft_set_dump_ctx *dump_ctx = cb->data;
struct net *net = sock_net(skb->sk);
@@ -810,7 +810,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
struct nft_table *table;
struct nft_set *set;
struct nft_set_dump_args args;
@@ -3616,21 +3604,19 @@ static int nf_tables_dump_set(struct sk_
@@ -3617,21 +3605,19 @@ static int nf_tables_dump_set(struct sk_
int event;
rcu_read_lock();
@@ -841,7 +841,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
break;
}
@@ -3650,7 +3636,7 @@ static int nf_tables_dump_set(struct sk_
@@ -3651,7 +3637,7 @@ static int nf_tables_dump_set(struct sk_
goto nla_put_failure;
nfmsg = nlmsg_data(nlh);
@@ -850,7 +850,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
nfmsg->version = NFNETLINK_V0;
nfmsg->res_id = htons(net->nft.base_seq & 0xffff);
@@ -3752,7 +3738,7 @@ static int nf_tables_fill_setelem_info(s
@@ -3753,7 +3739,7 @@ static int nf_tables_fill_setelem_info(s
goto nla_put_failure;
nfmsg = nlmsg_data(nlh);
@@ -859,7 +859,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
nfmsg->version = NFNETLINK_V0;
nfmsg->res_id = htons(ctx->net->nft.base_seq & 0xffff);
@@ -4002,7 +3988,7 @@ static int nft_add_set_elem(struct nft_c
@@ -4003,7 +3989,7 @@ static int nft_add_set_elem(struct nft_c
list_for_each_entry(binding, &set->bindings, list) {
struct nft_ctx bind_ctx = {
.net = ctx->net,
@@ -868,7 +868,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
.table = ctx->table,
.chain = (struct nft_chain *)binding->chain,
};
@@ -4554,7 +4540,8 @@ static int nf_tables_newobj(struct net *
@@ -4555,7 +4541,8 @@ static int nf_tables_newobj(struct net *
if (IS_ERR(afi))
return PTR_ERR(afi);
@@ -878,7 +878,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(table))
return PTR_ERR(table);
@@ -4572,7 +4559,7 @@ static int nf_tables_newobj(struct net *
@@ -4573,7 +4560,7 @@ static int nf_tables_newobj(struct net *
return 0;
}
@@ -887,7 +887,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
type = nft_obj_type_get(objtype);
if (IS_ERR(type))
@@ -4649,7 +4636,6 @@ struct nft_obj_filter {
@@ -4650,7 +4637,6 @@ struct nft_obj_filter {
static int nf_tables_dump_obj(struct sk_buff *skb, struct netlink_callback *cb)
{
const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh);
@@ -895,7 +895,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
const struct nft_table *table;
unsigned int idx = 0, s_idx = cb->args[0];
struct nft_obj_filter *filter = cb->data;
@@ -4664,38 +4650,37 @@ static int nf_tables_dump_obj(struct sk_
@@ -4665,38 +4651,37 @@ static int nf_tables_dump_obj(struct sk_
rcu_read_lock();
cb->seq = net->nft.base_seq;
@@ -960,7 +960,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
}
done:
@@ -4782,7 +4767,8 @@ static int nf_tables_getobj(struct net *
@@ -4783,7 +4768,8 @@ static int nf_tables_getobj(struct net *
if (IS_ERR(afi))
return PTR_ERR(afi);
@@ -970,7 +970,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(table))
return PTR_ERR(table);
@@ -4842,7 +4828,8 @@ static int nf_tables_delobj(struct net *
@@ -4843,7 +4829,8 @@ static int nf_tables_delobj(struct net *
if (IS_ERR(afi))
return PTR_ERR(afi);
@@ -980,7 +980,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(table))
return PTR_ERR(table);
@@ -4853,7 +4840,7 @@ static int nf_tables_delobj(struct net *
@@ -4854,7 +4841,7 @@ static int nf_tables_delobj(struct net *
if (obj->use > 0)
return -EBUSY;
@@ -989,7 +989,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
return nft_delobj(&ctx, obj);
}
@@ -4891,7 +4878,7 @@ static void nf_tables_obj_notify(const s
@@ -4892,7 +4879,7 @@ static void nf_tables_obj_notify(const s
struct nft_object *obj, int event)
{
nft_obj_notify(ctx->net, ctx->table, obj, ctx->portid, ctx->seq, event,
@@ -998,7 +998,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
/*
@@ -5081,7 +5068,7 @@ void nft_flow_table_iterate(struct net *
@@ -5082,7 +5069,7 @@ void nft_flow_table_iterate(struct net *
rcu_read_lock();
list_for_each_entry_rcu(afi, &net->nft.af_info, list) {
@@ -1007,7 +1007,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
list_for_each_entry_rcu(flowtable, &table->flowtables, list) {
iter(&flowtable->data, data);
}
@@ -5129,7 +5116,8 @@ static int nf_tables_newflowtable(struct
@@ -5130,7 +5117,8 @@ static int nf_tables_newflowtable(struct
if (IS_ERR(afi))
return PTR_ERR(afi);
@@ -1017,7 +1017,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(table))
return PTR_ERR(table);
@@ -5146,7 +5134,7 @@ static int nf_tables_newflowtable(struct
@@ -5147,7 +5135,7 @@ static int nf_tables_newflowtable(struct
return 0;
}
@@ -1026,7 +1026,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
flowtable = kzalloc(sizeof(*flowtable), GFP_KERNEL);
if (!flowtable)
@@ -5227,7 +5215,8 @@ static int nf_tables_delflowtable(struct
@@ -5228,7 +5216,8 @@ static int nf_tables_delflowtable(struct
if (IS_ERR(afi))
return PTR_ERR(afi);
@@ -1036,7 +1036,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(table))
return PTR_ERR(table);
@@ -5238,7 +5227,7 @@ static int nf_tables_delflowtable(struct
@@ -5239,7 +5228,7 @@ static int nf_tables_delflowtable(struct
if (flowtable->use > 0)
return -EBUSY;
@@ -1045,7 +1045,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
return nft_delflowtable(&ctx, flowtable);
}
@@ -5307,40 +5296,37 @@ static int nf_tables_dump_flowtable(stru
@@ -5308,40 +5297,37 @@ static int nf_tables_dump_flowtable(stru
struct net *net = sock_net(skb->sk);
int family = nfmsg->nfgen_family;
struct nft_flowtable *flowtable;
@@ -1107,7 +1107,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
}
done:
@@ -5425,7 +5411,8 @@ static int nf_tables_getflowtable(struct
@@ -5426,7 +5412,8 @@ static int nf_tables_getflowtable(struct
if (IS_ERR(afi))
return PTR_ERR(afi);
@@ -1117,7 +1117,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(table))
return PTR_ERR(table);
@@ -5468,7 +5455,7 @@ static void nf_tables_flowtable_notify(s
@@ -5469,7 +5456,7 @@ static void nf_tables_flowtable_notify(s
err = nf_tables_fill_flowtable_info(skb, ctx->net, ctx->portid,
ctx->seq, event, 0,
@@ -1126,7 +1126,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (err < 0) {
kfree_skb(skb);
goto err;
@@ -5546,17 +5533,14 @@ static int nf_tables_flowtable_event(str
@@ -5547,17 +5534,14 @@ static int nf_tables_flowtable_event(str
struct net_device *dev = netdev_notifier_info_to_dev(ptr);
struct nft_flowtable *flowtable;
struct nft_table *table;
@@ -1147,7 +1147,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
}
nfnl_unlock(NFNL_SUBSYS_NFTABLES);
@@ -6582,6 +6566,7 @@ EXPORT_SYMBOL_GPL(nft_data_dump);
@@ -6583,6 +6567,7 @@ EXPORT_SYMBOL_GPL(nft_data_dump);
static int __net_init nf_tables_init_net(struct net *net)
{
INIT_LIST_HEAD(&net->nft.af_info);
@@ -1155,7 +1155,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
INIT_LIST_HEAD(&net->nft.commit_list);
net->nft.base_seq = 1;
return 0;
@@ -6618,10 +6603,10 @@ static void __nft_release_afinfo(struct
@@ -6619,10 +6604,10 @@ static void __nft_release_afinfo(struct
struct nft_set *set, *ns;
struct nft_ctx ctx = {
.net = net,

4
target/linux/generic/backport-4.14/336-v4.15-netfilter-exit_net-cleanup-check-added.patch
View File

@@ -21,7 +21,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
static struct pernet_operations clusterip_net_ops = {
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -6572,6 +6572,12 @@ static int __net_init nf_tables_init_net
@@ -6573,6 +6573,12 @@ static int __net_init nf_tables_init_net
return 0;
}
@@ -34,7 +34,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
int __nft_release_basechain(struct nft_ctx *ctx)
{
struct nft_rule *rule, *nr;
@@ -6649,6 +6655,7 @@ static void __nft_release_afinfo(struct
@@ -6650,6 +6656,7 @@ static void __nft_release_afinfo(struct
static struct pernet_operations nf_tables_net_ops = {
.init = nf_tables_init_net,

12
target/linux/generic/backport-4.14/337-v4.16-netfilter-nf_tables-get-rid-of-pernet-families.patch
View File

@@ -14,7 +14,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
--- a/include/net/netfilter/nf_tables.h
+++ b/include/net/netfilter/nf_tables.h
@@ -975,8 +975,8 @@ struct nft_af_info {
@@ -977,8 +977,8 @@ struct nft_af_info {
struct module *owner;
};
@@ -364,7 +364,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (afi->family == family)
return afi;
}
@@ -5063,15 +5061,12 @@ void nft_flow_table_iterate(struct net *
@@ -5064,15 +5062,12 @@ void nft_flow_table_iterate(struct net *
void *data)
{
struct nft_flowtable *flowtable;
@@ -383,7 +383,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
}
rcu_read_unlock();
@@ -6563,21 +6558,6 @@ int nft_data_dump(struct sk_buff *skb, i
@@ -6564,21 +6559,6 @@ int nft_data_dump(struct sk_buff *skb, i
}
EXPORT_SYMBOL_GPL(nft_data_dump);
@@ -405,7 +405,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
int __nft_release_basechain(struct nft_ctx *ctx)
{
struct nft_rule *rule, *nr;
@@ -6598,8 +6578,7 @@ int __nft_release_basechain(struct nft_c
@@ -6599,8 +6579,7 @@ int __nft_release_basechain(struct nft_c
}
EXPORT_SYMBOL_GPL(__nft_release_basechain);
@@ -415,7 +415,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
{
struct nft_flowtable *flowtable, *nf;
struct nft_table *table, *nt;
@@ -6609,10 +6588,11 @@ static void __nft_release_afinfo(struct
@@ -6610,10 +6589,11 @@ static void __nft_release_afinfo(struct
struct nft_set *set, *ns;
struct nft_ctx ctx = {
.net = net,
@@ -428,7 +428,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
list_for_each_entry(chain, &table->chains, list)
nf_tables_unregister_hook(net, table, chain);
list_for_each_entry(flowtable, &table->flowtables, list)
@@ -6653,6 +6633,21 @@ static void __nft_release_afinfo(struct
@@ -6654,6 +6634,21 @@ static void __nft_release_afinfo(struct
}
}

66
target/linux/generic/backport-4.14/338-v4.16-netfilter-nf_tables-get-rid-of-struct-nft_af_info-ab.patch
View File

@@ -11,7 +11,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
--- a/include/net/netfilter/nf_tables.h
+++ b/include/net/netfilter/nf_tables.h
@@ -956,28 +956,12 @@ struct nft_table {
@@ -958,28 +958,12 @@ struct nft_table {
struct list_head flowtables;
u64 hgenerator;
u32 use;
@@ -42,7 +42,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
int nft_register_chain_type(const struct nf_chain_type *);
void nft_unregister_chain_type(const struct nf_chain_type *);
@@ -1145,9 +1129,6 @@ void nft_trace_notify(struct nft_tracein
@@ -1147,9 +1131,6 @@ void nft_trace_notify(struct nft_tracein
#define nft_dereference(p) \
nfnl_dereference(p, NFNL_SUBSYS_NFTABLES)
@@ -729,7 +729,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
return 0;
}
@@ -2959,7 +2834,7 @@ static int nf_tables_dump_sets(struct sk
@@ -2960,7 +2835,7 @@ static int nf_tables_dump_sets(struct sk
list_for_each_entry_rcu(table, &net->nft.tables, list) {
if (ctx->family != NFPROTO_UNSPEC &&
@@ -738,7 +738,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
continue;
if (ctx->table && ctx->table != table)
@@ -2980,7 +2855,7 @@ static int nf_tables_dump_sets(struct sk
@@ -2981,7 +2856,7 @@ static int nf_tables_dump_sets(struct sk
ctx_set = *ctx;
ctx_set.table = table;
@@ -747,7 +747,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (nf_tables_fill_set(skb, &ctx_set, set,
NFT_MSG_NEWSET,
@@ -3092,8 +2967,8 @@ static int nf_tables_newset(struct net *
@@ -3093,8 +2968,8 @@ static int nf_tables_newset(struct net *
{
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
u8 genmask = nft_genmask_next(net);
@@ -757,7 +757,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
struct nft_table *table;
struct nft_set *set;
struct nft_ctx ctx;
@@ -3203,16 +3078,12 @@ static int nf_tables_newset(struct net *
@@ -3204,16 +3079,12 @@ static int nf_tables_newset(struct net *
create = nlh->nlmsg_flags & NLM_F_CREATE ? true : false;
@@ -776,7 +776,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
set = nf_tables_set_lookup(table, nla[NFTA_SET_NAME], genmask);
if (IS_ERR(set)) {
@@ -3474,19 +3345,15 @@ static int nft_ctx_init_from_elemattr(st
@@ -3475,19 +3346,15 @@ static int nft_ctx_init_from_elemattr(st
u8 genmask)
{
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
@@ -799,7 +799,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
return 0;
}
@@ -3604,7 +3471,7 @@ static int nf_tables_dump_set(struct sk_
@@ -3605,7 +3472,7 @@ static int nf_tables_dump_set(struct sk_
rcu_read_lock();
list_for_each_entry_rcu(table, &net->nft.tables, list) {
if (dump_ctx->ctx.family != NFPROTO_UNSPEC &&
@@ -808,7 +808,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
continue;
if (table != dump_ctx->ctx.table)
@@ -3634,7 +3501,7 @@ static int nf_tables_dump_set(struct sk_
@@ -3635,7 +3502,7 @@ static int nf_tables_dump_set(struct sk_
goto nla_put_failure;
nfmsg = nlmsg_data(nlh);
@@ -817,7 +817,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
nfmsg->version = NFNETLINK_V0;
nfmsg->res_id = htons(net->nft.base_seq & 0xffff);
@@ -4522,7 +4389,6 @@ static int nf_tables_newobj(struct net *
@@ -4523,7 +4390,6 @@ static int nf_tables_newobj(struct net *
const struct nft_object_type *type;
u8 genmask = nft_genmask_next(net);
int family = nfmsg->nfgen_family;
@@ -825,7 +825,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
struct nft_table *table;
struct nft_object *obj;
struct nft_ctx ctx;
@@ -4534,11 +4400,7 @@ static int nf_tables_newobj(struct net *
@@ -4535,11 +4401,7 @@ static int nf_tables_newobj(struct net *
!nla[NFTA_OBJ_DATA])
return -EINVAL;
@@ -838,7 +838,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
genmask);
if (IS_ERR(table))
return PTR_ERR(table);
@@ -4557,7 +4419,7 @@ static int nf_tables_newobj(struct net *
@@ -4558,7 +4420,7 @@ static int nf_tables_newobj(struct net *
return 0;
}
@@ -847,7 +847,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
type = nft_obj_type_get(objtype);
if (IS_ERR(type))
@@ -4649,7 +4511,7 @@ static int nf_tables_dump_obj(struct sk_
@@ -4650,7 +4512,7 @@ static int nf_tables_dump_obj(struct sk_
cb->seq = net->nft.base_seq;
list_for_each_entry_rcu(table, &net->nft.tables, list) {
@@ -856,7 +856,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
continue;
list_for_each_entry_rcu(obj, &table->objects, list) {
@@ -4672,7 +4534,7 @@ static int nf_tables_dump_obj(struct sk_
@@ -4673,7 +4535,7 @@ static int nf_tables_dump_obj(struct sk_
cb->nlh->nlmsg_seq,
NFT_MSG_NEWOBJ,
NLM_F_MULTI | NLM_F_APPEND,
@@ -865,7 +865,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
obj, reset) < 0)
goto done;
@@ -4730,7 +4592,6 @@ static int nf_tables_getobj(struct net *
@@ -4731,7 +4593,6 @@ static int nf_tables_getobj(struct net *
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
u8 genmask = nft_genmask_cur(net);
int family = nfmsg->nfgen_family;
@@ -873,7 +873,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
const struct nft_table *table;
struct nft_object *obj;
struct sk_buff *skb2;
@@ -4761,11 +4622,7 @@ static int nf_tables_getobj(struct net *
@@ -4762,11 +4623,7 @@ static int nf_tables_getobj(struct net *
!nla[NFTA_OBJ_TYPE])
return -EINVAL;
@@ -886,7 +886,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
genmask);
if (IS_ERR(table))
return PTR_ERR(table);
@@ -4812,7 +4669,6 @@ static int nf_tables_delobj(struct net *
@@ -4813,7 +4670,6 @@ static int nf_tables_delobj(struct net *
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
u8 genmask = nft_genmask_next(net);
int family = nfmsg->nfgen_family;
@@ -894,7 +894,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
struct nft_table *table;
struct nft_object *obj;
struct nft_ctx ctx;
@@ -4822,11 +4678,7 @@ static int nf_tables_delobj(struct net *
@@ -4823,11 +4679,7 @@ static int nf_tables_delobj(struct net *
!nla[NFTA_OBJ_NAME])
return -EINVAL;
@@ -907,7 +907,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
genmask);
if (IS_ERR(table))
return PTR_ERR(table);
@@ -4838,7 +4690,7 @@ static int nf_tables_delobj(struct net *
@@ -4839,7 +4691,7 @@ static int nf_tables_delobj(struct net *
if (obj->use > 0)
return -EBUSY;
@@ -916,7 +916,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
return nft_delobj(&ctx, obj);
}
@@ -5023,33 +4875,31 @@ err1:
@@ -5024,33 +4876,31 @@ err1:
return err;
}
@@ -956,7 +956,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
return ERR_PTR(-EAGAIN);
}
#endif
@@ -5097,7 +4947,6 @@ static int nf_tables_newflowtable(struct
@@ -5098,7 +4948,6 @@ static int nf_tables_newflowtable(struct
u8 genmask = nft_genmask_next(net);
int family = nfmsg->nfgen_family;
struct nft_flowtable *flowtable;
@@ -964,7 +964,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
struct nft_table *table;
struct nft_ctx ctx;
int err, i, k;
@@ -5107,12 +4956,8 @@ static int nf_tables_newflowtable(struct
@@ -5108,12 +4957,8 @@ static int nf_tables_newflowtable(struct
!nla[NFTA_FLOWTABLE_HOOK])
return -EINVAL;
@@ -978,7 +978,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(table))
return PTR_ERR(table);
@@ -5129,7 +4974,7 @@ static int nf_tables_newflowtable(struct
@@ -5130,7 +4975,7 @@ static int nf_tables_newflowtable(struct
return 0;
}
@@ -987,7 +987,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
flowtable = kzalloc(sizeof(*flowtable), GFP_KERNEL);
if (!flowtable)
@@ -5142,7 +4987,7 @@ static int nf_tables_newflowtable(struct
@@ -5143,7 +4988,7 @@ static int nf_tables_newflowtable(struct
goto err1;
}
@@ -996,7 +996,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(type)) {
err = PTR_ERR(type);
goto err2;
@@ -5202,16 +5047,11 @@ static int nf_tables_delflowtable(struct
@@ -5203,16 +5048,11 @@ static int nf_tables_delflowtable(struct
u8 genmask = nft_genmask_next(net);
int family = nfmsg->nfgen_family;
struct nft_flowtable *flowtable;
@@ -1014,7 +1014,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(table))
return PTR_ERR(table);
@@ -5222,7 +5062,7 @@ static int nf_tables_delflowtable(struct
@@ -5223,7 +5063,7 @@ static int nf_tables_delflowtable(struct
if (flowtable->use > 0)
return -EBUSY;
@@ -1023,7 +1023,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
return nft_delflowtable(&ctx, flowtable);
}
@@ -5297,7 +5137,7 @@ static int nf_tables_dump_flowtable(stru
@@ -5298,7 +5138,7 @@ static int nf_tables_dump_flowtable(stru
cb->seq = net->nft.base_seq;
list_for_each_entry_rcu(table, &net->nft.tables, list) {
@@ -1032,7 +1032,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
continue;
list_for_each_entry_rcu(flowtable, &table->flowtables, list) {
@@ -5316,7 +5156,7 @@ static int nf_tables_dump_flowtable(stru
@@ -5317,7 +5157,7 @@ static int nf_tables_dump_flowtable(stru
cb->nlh->nlmsg_seq,
NFT_MSG_NEWFLOWTABLE,
NLM_F_MULTI | NLM_F_APPEND,
@@ -1041,7 +1041,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
goto done;
nl_dump_check_consistent(cb, nlmsg_hdr(skb));
@@ -5376,7 +5216,6 @@ static int nf_tables_getflowtable(struct
@@ -5377,7 +5217,6 @@ static int nf_tables_getflowtable(struct
u8 genmask = nft_genmask_cur(net);
int family = nfmsg->nfgen_family;
struct nft_flowtable *flowtable;
@@ -1049,7 +1049,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
const struct nft_table *table;
struct sk_buff *skb2;
int err;
@@ -5402,12 +5241,8 @@ static int nf_tables_getflowtable(struct
@@ -5403,12 +5242,8 @@ static int nf_tables_getflowtable(struct
if (!nla[NFTA_FLOWTABLE_NAME])
return -EINVAL;
@@ -1063,7 +1063,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(table))
return PTR_ERR(table);
@@ -6578,7 +6413,7 @@ int __nft_release_basechain(struct nft_c
@@ -6579,7 +6414,7 @@ int __nft_release_basechain(struct nft_c
}
EXPORT_SYMBOL_GPL(__nft_release_basechain);
@@ -1072,7 +1072,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
{
struct nft_flowtable *flowtable, *nf;
struct nft_table *table, *nt;
@@ -6591,7 +6426,7 @@ static void __nft_release_afinfo(struct
@@ -6592,7 +6427,7 @@ static void __nft_release_afinfo(struct
};
list_for_each_entry_safe(table, nt, &net->nft.tables, list) {
@@ -1081,7 +1081,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
list_for_each_entry(chain, &table->chains, list)
nf_tables_unregister_hook(net, table, chain);
@@ -6643,7 +6478,7 @@ static int __net_init nf_tables_init_net
@@ -6644,7 +6479,7 @@ static int __net_init nf_tables_init_net
static void __net_exit nf_tables_exit_net(struct net *net)
{

2
target/linux/generic/backport-4.14/339-v4.16-netfilter-nft_flow_offload-wait-for-garbage-collecto.patch
View File

@@ -17,7 +17,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -4913,13 +4913,13 @@ void nft_flow_table_iterate(struct net *
@@ -4914,13 +4914,13 @@ void nft_flow_table_iterate(struct net *
struct nft_flowtable *flowtable;
const struct nft_table *table;

2
target/linux/generic/backport-4.14/342-v4.16-netfilter-nf_tables-fix-flowtable-free.patch
View File

@@ -118,7 +118,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
};
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -5298,17 +5298,12 @@ err:
@@ -5299,17 +5299,12 @@ err:
nfnetlink_set_err(ctx->net, ctx->portid, NFNLGRP_NFTABLES, -ENOBUFS);
}

42
target/linux/generic/backport-4.14/344-v4.16-netfilter-nf_tables-allocate-handle-and-delete-objec.patch
View File

@@ -12,7 +12,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
--- a/include/net/netfilter/nf_tables.h
+++ b/include/net/netfilter/nf_tables.h
@@ -370,6 +370,7 @@ void nft_unregister_set(struct nft_set_t
@@ -372,6 +372,7 @@ void nft_unregister_set(struct nft_set_t
* @list: table set list node
* @bindings: list of set bindings
* @name: name of the set
@@ -20,7 +20,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* @ktype: key type (numeric type defined by userspace, not used in the kernel)
* @dtype: data type (verdict or numeric type defined by userspace)
* @objtype: object type (see NFT_OBJECT_* definitions)
@@ -392,6 +393,7 @@ struct nft_set {
@@ -394,6 +395,7 @@ struct nft_set {
struct list_head list;
struct list_head bindings;
char *name;
@@ -28,7 +28,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
u32 ktype;
u32 dtype;
u32 objtype;
@@ -942,6 +944,7 @@ unsigned int nft_do_chain(struct nft_pkt
@@ -944,6 +946,7 @@ unsigned int nft_do_chain(struct nft_pkt
* @objects: stateful objects in the table
* @flowtables: flow tables in the table
* @hgenerator: handle generator state
@@ -36,7 +36,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* @use: number of chain references to this table
* @flags: table flag (see enum nft_table_flags)
* @genmask: generation mask
@@ -955,6 +958,7 @@ struct nft_table {
@@ -957,6 +960,7 @@ struct nft_table {
struct list_head objects;
struct list_head flowtables;
u64 hgenerator;
@@ -44,7 +44,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
u32 use;
u16 family:6,
flags:8,
@@ -979,9 +983,9 @@ int nft_verdict_dump(struct sk_buff *skb
@@ -981,9 +985,9 @@ int nft_verdict_dump(struct sk_buff *skb
* @name: name of this stateful object
* @genmask: generation mask
* @use: number of references to this stateful object
@@ -56,7 +56,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
*/
struct nft_object {
struct list_head list;
@@ -989,6 +993,7 @@ struct nft_object {
@@ -991,6 +995,7 @@ struct nft_object {
struct nft_table *table;
u32 genmask:2,
use:30;
@@ -64,7 +64,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
/* runtime data below here */
const struct nft_object_ops *ops ____cacheline_aligned;
unsigned char data[]
@@ -1070,6 +1075,7 @@ void nft_unregister_obj(struct nft_objec
@@ -1072,6 +1077,7 @@ void nft_unregister_obj(struct nft_objec
* @ops_len: number of hooks in array
* @genmask: generation mask
* @use: number of references to this flow table
@@ -72,7 +72,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* @data: rhashtable and garbage collector
* @ops: array of hooks
*/
@@ -1082,6 +1088,7 @@ struct nft_flowtable {
@@ -1084,6 +1090,7 @@ struct nft_flowtable {
int ops_len;
u32 genmask:2,
use:30;
@@ -307,7 +307,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (set->flags != 0)
if (nla_put_be32(skb, NFTA_SET_FLAGS, htonl(set->flags)))
goto nla_put_failure;
@@ -3149,6 +3217,7 @@ static int nf_tables_newset(struct net *
@@ -3150,6 +3218,7 @@ static int nf_tables_newset(struct net *
set->udata = udata;
set->timeout = timeout;
set->gc_int = gc_int;
@@ -315,7 +315,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
err = ops->init(set, &desc, nla);
if (err < 0)
@@ -3208,7 +3277,10 @@ static int nf_tables_delset(struct net *
@@ -3209,7 +3278,10 @@ static int nf_tables_delset(struct net *
if (err < 0)
return err;
@@ -327,7 +327,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(set))
return PTR_ERR(set);
@@ -4277,6 +4349,21 @@ struct nft_object *nf_tables_obj_lookup(
@@ -4278,6 +4350,21 @@ struct nft_object *nf_tables_obj_lookup(
}
EXPORT_SYMBOL_GPL(nf_tables_obj_lookup);
@@ -349,7 +349,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
static const struct nla_policy nft_obj_policy[NFTA_OBJ_MAX + 1] = {
[NFTA_OBJ_TABLE] = { .type = NLA_STRING,
.len = NFT_TABLE_MAXNAMELEN - 1 },
@@ -4284,6 +4371,7 @@ static const struct nla_policy nft_obj_p
@@ -4285,6 +4372,7 @@ static const struct nla_policy nft_obj_p
.len = NFT_OBJ_MAXNAMELEN - 1 },
[NFTA_OBJ_TYPE] = { .type = NLA_U32 },
[NFTA_OBJ_DATA] = { .type = NLA_NESTED },
@@ -357,7 +357,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
};
static struct nft_object *nft_obj_init(const struct nft_ctx *ctx,
@@ -4431,6 +4519,8 @@ static int nf_tables_newobj(struct net *
@@ -4432,6 +4520,8 @@ static int nf_tables_newobj(struct net *
goto err1;
}
obj->table = table;
@@ -366,7 +366,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
obj->name = nla_strdup(nla[NFTA_OBJ_NAME], GFP_KERNEL);
if (!obj->name) {
err = -ENOMEM;
@@ -4477,7 +4567,9 @@ static int nf_tables_fill_obj_info(struc
@@ -4478,7 +4568,9 @@ static int nf_tables_fill_obj_info(struc
nla_put_string(skb, NFTA_OBJ_NAME, obj->name) ||
nla_put_be32(skb, NFTA_OBJ_TYPE, htonl(obj->ops->type->type)) ||
nla_put_be32(skb, NFTA_OBJ_USE, htonl(obj->use)) ||
@@ -377,7 +377,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
goto nla_put_failure;
nlmsg_end(skb, nlh);
@@ -4675,7 +4767,7 @@ static int nf_tables_delobj(struct net *
@@ -4676,7 +4768,7 @@ static int nf_tables_delobj(struct net *
u32 objtype;
if (!nla[NFTA_OBJ_TYPE] ||
@@ -386,7 +386,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
return -EINVAL;
table = nf_tables_table_lookup(net, nla[NFTA_OBJ_TABLE], family,
@@ -4684,7 +4776,12 @@ static int nf_tables_delobj(struct net *
@@ -4685,7 +4777,12 @@ static int nf_tables_delobj(struct net *
return PTR_ERR(table);
objtype = ntohl(nla_get_be32(nla[NFTA_OBJ_TYPE]));
@@ -400,7 +400,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(obj))
return PTR_ERR(obj);
if (obj->use > 0)
@@ -4756,6 +4853,7 @@ static const struct nla_policy nft_flowt
@@ -4757,6 +4854,7 @@ static const struct nla_policy nft_flowt
[NFTA_FLOWTABLE_NAME] = { .type = NLA_STRING,
.len = NFT_NAME_MAXLEN - 1 },
[NFTA_FLOWTABLE_HOOK] = { .type = NLA_NESTED },
@@ -408,7 +408,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
};
struct nft_flowtable *nf_tables_flowtable_lookup(const struct nft_table *table,
@@ -4773,6 +4871,20 @@ struct nft_flowtable *nf_tables_flowtabl
@@ -4774,6 +4872,20 @@ struct nft_flowtable *nf_tables_flowtabl
}
EXPORT_SYMBOL_GPL(nf_tables_flowtable_lookup);
@@ -429,7 +429,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
#define NFT_FLOWTABLE_DEVICE_MAX 8
static int nf_tables_parse_devices(const struct nft_ctx *ctx,
@@ -4981,6 +5093,8 @@ static int nf_tables_newflowtable(struct
@@ -4982,6 +5094,8 @@ static int nf_tables_newflowtable(struct
return -ENOMEM;
flowtable->table = table;
@@ -438,7 +438,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
flowtable->name = nla_strdup(nla[NFTA_FLOWTABLE_NAME], GFP_KERNEL);
if (!flowtable->name) {
err = -ENOMEM;
@@ -5055,8 +5169,14 @@ static int nf_tables_delflowtable(struct
@@ -5056,8 +5170,14 @@ static int nf_tables_delflowtable(struct
if (IS_ERR(table))
return PTR_ERR(table);
@@ -455,7 +455,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(flowtable))
return PTR_ERR(flowtable);
if (flowtable->use > 0)
@@ -5089,7 +5209,9 @@ static int nf_tables_fill_flowtable_info
@@ -5090,7 +5210,9 @@ static int nf_tables_fill_flowtable_info
if (nla_put_string(skb, NFTA_FLOWTABLE_TABLE, flowtable->table->name) ||
nla_put_string(skb, NFTA_FLOWTABLE_NAME, flowtable->name) ||

4
target/linux/generic/backport-4.14/357-v4.18-netfilter-nf_flow_table-move-init-code-to-nf_flow_ta.patch
View File

@@ -236,7 +236,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
.owner = THIS_MODULE,
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -5108,40 +5108,38 @@ static int nf_tables_newflowtable(struct
@@ -5109,40 +5109,38 @@ static int nf_tables_newflowtable(struct
}
flowtable->data.type = type;
@@ -285,7 +285,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
err3:
module_put(type->owner);
err2:
@@ -5422,10 +5420,8 @@ err:
@@ -5423,10 +5421,8 @@ err:
static void nf_tables_flowtable_destroy(struct nft_flowtable *flowtable)
{

2
target/linux/generic/backport-4.14/358-v4.18-netfilter-nf_flow_table-fix-priv-pointer-for-netdev-.patch
View File

@@ -11,7 +11,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -4974,7 +4974,7 @@ static int nf_tables_flowtable_parse_hoo
@@ -4975,7 +4975,7 @@ static int nf_tables_flowtable_parse_hoo
flowtable->ops[i].pf = NFPROTO_NETDEV;
flowtable->ops[i].hooknum = hooknum;
flowtable->ops[i].priority = priority;

4
target/linux/generic/backport-4.14/359-v4.18-netfilter-nf_flow_table-track-flow-tables-in-nf_flow.patch
View File

@@ -21,7 +21,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
struct delayed_work gc_work;
--- a/include/net/netfilter/nf_tables.h
+++ b/include/net/netfilter/nf_tables.h
@@ -1097,9 +1097,6 @@ struct nft_flowtable {
@@ -1099,9 +1099,6 @@ struct nft_flowtable {
struct nft_flowtable *nf_tables_flowtable_lookup(const struct nft_table *table,
const struct nlattr *nla,
u8 genmask);
@@ -88,7 +88,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
WARN_ON(!nf_flow_offload_gc_step(flow_table));
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -5018,23 +5018,6 @@ static const struct nf_flowtable_type *n
@@ -5019,23 +5019,6 @@ static const struct nf_flowtable_type *n
return ERR_PTR(-ENOENT);
}

234
target/linux/generic/backport-4.14/373-netfilter_actual_sk.patch Normal file
View File

@@ -0,0 +1,234 @@
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
To: Pablo Neira Ayuso <pablo@netfilter.org>,
netfilter-devel@vger.kernel.org, netdev@vger.kernel.org
Cc: "Jason A. Donenfeld" <Jason@zx2c4.com>
Subject: [PATCH nf 2/2] netfilter: use actual socket sk rather than skb sk when routing harder
Date: Thu, 29 Oct 2020 03:56:06 +0100
Message-ID: <20201029025606.3523771-3-Jason@zx2c4.com> (raw)
In-Reply-To: <20201029025606.3523771-1-Jason@zx2c4.com>
If netfilter changes the packet mark when mangling, the packet is
rerouted using the route_me_harder set of functions. Prior to this
commit, there's one big difference between route_me_harder and the
ordinary initial routing functions, described in the comment above
__ip_queue_xmit():
/* Note: skb->sk can be different from sk, in case of tunnels */
int __ip_queue_xmit(struct sock *sk, struct sk_buff *skb, struct flowi *fl,
That function goes on to correctly make use of sk->sk_bound_dev_if,
rather than skb->sk->sk_bound_dev_if. And indeed the comment is true: a
tunnel will receive a packet in ndo_start_xmit with an initial skb->sk.
It will make some transformations to that packet, and then it will send
the encapsulated packet out of a *new* socket. That new socket will
basically always have a different sk_bound_dev_if (otherwise there'd be
a routing loop). So for the purposes of routing the encapsulated packet,
the routing information as it pertains to the socket should come from
that socket's sk, rather than the packet's original skb->sk. For that
reason __ip_queue_xmit() and related functions all do the right thing.
One might argue that all tunnels should just call skb_orphan(skb) before
transmitting the encapsulated packet into the new socket. But tunnels do
*not* do this -- and this is wisely avoided in skb_scrub_packet() too --
because features like TSQ rely on skb->destructor() being called when
that buffer space is truely available again. Calling skb_orphan(skb) too
early would result in buffers filling up unnecessarily and accounting
info being all wrong. Instead, additional routing must take into account
the new sk, just as __ip_queue_xmit() notes.
So, this commit addresses the problem by fishing the correct sk out of
state->sk -- it's already set properly in the call to nf_hook() in
__ip_local_out(), which receives the sk as part of its normal
functionality. So we make sure to plumb state->sk through the various
route_me_harder functions, and then make correct use of it following the
example of __ip_queue_xmit().
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
[aaronjg@stanford.edu: backported to 4.14]
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
--- a/include/linux/netfilter_ipv4.h
+++ b/include/linux/netfilter_ipv4.h
@@ -16,7 +16,7 @@ struct ip_rt_info {
u_int32_t mark;
};
-int ip_route_me_harder(struct net *net, struct sk_buff *skb, unsigned addr_type);
+int ip_route_me_harder(struct net *net, struct sock *sk, struct sk_buff *skb, unsigned addr_type);
struct nf_queue_entry;
--- a/include/linux/netfilter_ipv6.h
+++ b/include/linux/netfilter_ipv6.h
@@ -41,7 +41,7 @@ struct nf_ipv6_ops {
};
#ifdef CONFIG_NETFILTER
-int ip6_route_me_harder(struct net *net, struct sk_buff *skb);
+int ip6_route_me_harder(struct net *net, struct sock *sk, struct sk_buff *skb);
__sum16 nf_ip6_checksum(struct sk_buff *skb, unsigned int hook,
unsigned int dataoff, u_int8_t protocol);
--- a/net/ipv4/netfilter.c
+++ b/net/ipv4/netfilter.c
@@ -17,17 +17,19 @@
#include <net/netfilter/nf_queue.h>
/* route_me_harder function, used by iptable_nat, iptable_mangle + ip_queue */
-int ip_route_me_harder(struct net *net, struct sk_buff *skb, unsigned int addr_type)
+int ip_route_me_harder(struct net *net, struct sock *sk, struct sk_buff *skb, unsigned int addr_type)
{
const struct iphdr *iph = ip_hdr(skb);
struct rtable *rt;
struct flowi4 fl4 = {};
__be32 saddr = iph->saddr;
- const struct sock *sk = skb_to_full_sk(skb);
- __u8 flags = sk ? inet_sk_flowi_flags(sk) : 0;
+ __u8 flags;
struct net_device *dev = skb_dst(skb)->dev;
unsigned int hh_len;
+ sk = sk_to_full_sk(sk);
+ flags = sk ? inet_sk_flowi_flags(sk) : 0;
+
if (addr_type == RTN_UNSPEC)
addr_type = inet_addr_type_dev_table(net, dev, saddr);
if (addr_type == RTN_LOCAL || addr_type == RTN_UNICAST)
@@ -91,7 +93,7 @@ int nf_ip_reroute(struct sk_buff *skb, c
skb->mark == rt_info->mark &&
iph->daddr == rt_info->daddr &&
iph->saddr == rt_info->saddr))
- return ip_route_me_harder(entry->state.net, skb,
+ return ip_route_me_harder(entry->state.net, entry->state.sk, skb,
RTN_UNSPEC);
}
return 0;
--- a/net/ipv4/netfilter/ipt_SYNPROXY.c
+++ b/net/ipv4/netfilter/ipt_SYNPROXY.c
@@ -53,7 +53,7 @@ synproxy_send_tcp(struct net *net,
skb_dst_set_noref(nskb, skb_dst(skb));
nskb->protocol = htons(ETH_P_IP);
- if (ip_route_me_harder(net, nskb, RTN_UNSPEC))
+ if (ip_route_me_harder(net, nskb->sk, nskb, RTN_UNSPEC))
goto free_nskb;
if (nfct) {
--- a/net/ipv4/netfilter/iptable_mangle.c
+++ b/net/ipv4/netfilter/iptable_mangle.c
@@ -65,7 +65,7 @@ ipt_mangle_out(struct sk_buff *skb, cons
iph->daddr != daddr ||
skb->mark != mark ||
iph->tos != tos) {
- err = ip_route_me_harder(state->net, skb, RTN_UNSPEC);
+ err = ip_route_me_harder(state->net, state->sk, skb, RTN_UNSPEC);
if (err < 0)
ret = NF_DROP_ERR(err);
}
--- a/net/ipv4/netfilter/nf_nat_l3proto_ipv4.c
+++ b/net/ipv4/netfilter/nf_nat_l3proto_ipv4.c
@@ -397,7 +397,7 @@ nf_nat_ipv4_local_fn(void *priv, struct
if (ct->tuplehash[dir].tuple.dst.u3.ip !=
ct->tuplehash[!dir].tuple.src.u3.ip) {
- err = ip_route_me_harder(state->net, skb, RTN_UNSPEC);
+ err = ip_route_me_harder(state->net, state->sk, skb, RTN_UNSPEC);
if (err < 0)
ret = NF_DROP_ERR(err);
}
--- a/net/ipv4/netfilter/nf_reject_ipv4.c
+++ b/net/ipv4/netfilter/nf_reject_ipv4.c
@@ -129,7 +129,7 @@ void nf_send_reset(struct net *net, stru
ip4_dst_hoplimit(skb_dst(nskb)));
nf_reject_ip_tcphdr_put(nskb, oldskb, oth);
- if (ip_route_me_harder(net, nskb, RTN_UNSPEC))
+ if (ip_route_me_harder(net, nskb->sk, nskb, RTN_UNSPEC))
goto free_nskb;
niph = ip_hdr(nskb);
--- a/net/ipv4/netfilter/nft_chain_route_ipv4.c
+++ b/net/ipv4/netfilter/nft_chain_route_ipv4.c
@@ -50,7 +50,7 @@ static unsigned int nf_route_table_hook(
iph->daddr != daddr ||
skb->mark != mark ||
iph->tos != tos) {
- err = ip_route_me_harder(state->net, skb, RTN_UNSPEC);
+ err = ip_route_me_harder(state->net, state->sk, skb, RTN_UNSPEC);
if (err < 0)
ret = NF_DROP_ERR(err);
}
--- a/net/ipv6/netfilter.c
+++ b/net/ipv6/netfilter.c
@@ -18,10 +18,10 @@
#include <net/ip6_checksum.h>
#include <net/netfilter/nf_queue.h>
-int ip6_route_me_harder(struct net *net, struct sk_buff *skb)
+int ip6_route_me_harder(struct net *net, struct sock *sk_partial, struct sk_buff *skb)
{
const struct ipv6hdr *iph = ipv6_hdr(skb);
- struct sock *sk = sk_to_full_sk(skb->sk);
+ struct sock *sk = sk_to_full_sk(sk_partial);
unsigned int hh_len;
struct dst_entry *dst;
int strict = (ipv6_addr_type(&iph->daddr) &
@@ -82,7 +82,7 @@ static int nf_ip6_reroute(struct sk_buff
if (!ipv6_addr_equal(&iph->daddr, &rt_info->daddr) ||
!ipv6_addr_equal(&iph->saddr, &rt_info->saddr) ||
skb->mark != rt_info->mark)
- return ip6_route_me_harder(entry->state.net, skb);
+ return ip6_route_me_harder(entry->state.net, entry->state.sk, skb);
}
return 0;
}
--- a/net/ipv6/netfilter/ip6table_mangle.c
+++ b/net/ipv6/netfilter/ip6table_mangle.c
@@ -60,7 +60,7 @@ ip6t_mangle_out(struct sk_buff *skb, con
skb->mark != mark ||
ipv6_hdr(skb)->hop_limit != hop_limit ||
flowlabel != *((u_int32_t *)ipv6_hdr(skb)))) {
- err = ip6_route_me_harder(state->net, skb);
+ err = ip6_route_me_harder(state->net, state->sk, skb);
if (err < 0)
ret = NF_DROP_ERR(err);
}
--- a/net/ipv6/netfilter/nf_nat_l3proto_ipv6.c
+++ b/net/ipv6/netfilter/nf_nat_l3proto_ipv6.c
@@ -414,7 +414,7 @@ nf_nat_ipv6_local_fn(void *priv, struct
if (!nf_inet_addr_cmp(&ct->tuplehash[dir].tuple.dst.u3,
&ct->tuplehash[!dir].tuple.src.u3)) {
- err = ip6_route_me_harder(state->net, skb);
+ err = ip6_route_me_harder(state->net, state->sk, skb);
if (err < 0)
ret = NF_DROP_ERR(err);
}
--- a/net/ipv6/netfilter/nft_chain_route_ipv6.c
+++ b/net/ipv6/netfilter/nft_chain_route_ipv6.c
@@ -52,7 +52,7 @@ static unsigned int nf_route_table_hook(
skb->mark != mark ||
ipv6_hdr(skb)->hop_limit != hop_limit ||
flowlabel != *((u_int32_t *)ipv6_hdr(skb)))) {
- err = ip6_route_me_harder(state->net, skb);
+ err = ip6_route_me_harder(state->net, state->sk, skb);
if (err < 0)
ret = NF_DROP_ERR(err);
}
--- a/net/netfilter/ipvs/ip_vs_core.c
+++ b/net/netfilter/ipvs/ip_vs_core.c
@@ -713,12 +713,12 @@ static int ip_vs_route_me_harder(struct
struct dst_entry *dst = skb_dst(skb);
if (dst->dev && !(dst->dev->flags & IFF_LOOPBACK) &&
- ip6_route_me_harder(ipvs->net, skb) != 0)
+ ip6_route_me_harder(ipvs->net, skb->sk, skb) != 0)
return 1;
} else
#endif
if (!(skb_rtable(skb)->rt_flags & RTCF_LOCAL) &&
- ip_route_me_harder(ipvs->net, skb, RTN_LOCAL) != 0)
+ ip_route_me_harder(ipvs->net, skb->sk, skb, RTN_LOCAL) != 0)
return 1;
return 0;

47
target/linux/generic/backport-4.14/403-v4.15-0001-mtd-spi-nor-add-a-quad_enable-callback-in-struct-fla.patch Normal file
View File

@@ -0,0 +1,47 @@
From e27072851bf7d706c592fc528549b52023b17a09 Mon Sep 17 00:00:00 2001
From: Andy Yan <andy.yan@rock-chips.com>
Date: Mon, 28 Aug 2017 09:58:29 +0800
Subject: [PATCH 1/2] mtd: spi-nor: add a quad_enable callback in struct
flash_info
Some manufacturers may use different bit to set QE on different
memories.
The GD25Q256 from GigaDevice is an example, which uses S6(bit 6
of the Status Register-1) to set QE, which is different with
other supported memories from GigaDevice that use S9(bit 1 of
the Status Register-2). This makes it is impossible to select
the quad enable method by distinguishing the MFR. This patch
introduce a quad_enable function which can be set per memory
in the flash_info list table.
Signed-off-by: Andy Yan <andy.yan@rock-chips.com>
Signed-off-by: Cyrille Pitchen <cyrille.pitchen@wedev4u.fr>
--- a/drivers/mtd/spi-nor/spi-nor.c
+++ b/drivers/mtd/spi-nor/spi-nor.c
@@ -89,6 +89,8 @@ struct flash_info {
#define NO_CHIP_ERASE BIT(12) /* Chip does not support chip erase */
#define SPI_NOR_SKIP_SFDP BIT(13) /* Skip parsing of SFDP tables */
#define USE_CLSR BIT(14) /* use CLSR command */
+
+ int (*quad_enable)(struct spi_nor *nor);
};
#define JEDEC_MFR(info) ((info)->id[0])
@@ -2433,6 +2435,15 @@ static int spi_nor_init_params(struct sp
params->quad_enable = spansion_quad_enable;
break;
}
+
+ /*
+ * Some manufacturer like GigaDevice may use different
+ * bit to set QE on different memories, so the MFR can't
+ * indicate the quad_enable method for this case, we need
+ * set it in flash info list.
+ */
+ if (info->quad_enable)
+ params->quad_enable = info->quad_enable;
}
/* Override the parameters with data read from SFDP tables. */

35
target/linux/generic/backport-4.14/403-v4.15-0002-mtd-spi-nor-add-support-for-GD25Q256.patch Normal file
View File

@@ -0,0 +1,35 @@
From 65153846b18c486ce3c90477c467d53915114e3f Mon Sep 17 00:00:00 2001
From: Andy Yan <andy.yan@rock-chips.com>
Date: Mon, 28 Aug 2017 10:00:46 +0800
Subject: [PATCH 2/2] mtd: spi-nor: add support for GD25Q256
Add support for GD25Q256, a 32MiB SPI Nor flash
from GigaDevice.
Signed-off-by: Andy Yan <andy.yan@rock-chips.com>
Signed-off-by: Cyrille Pitchen <cyrille.pitchen@wedev4u.fr>
--- a/drivers/mtd/spi-nor/spi-nor.c
+++ b/drivers/mtd/spi-nor/spi-nor.c
@@ -872,6 +872,8 @@ static int spi_nor_is_locked(struct mtd_
return ret;
}
+static int macronix_quad_enable(struct spi_nor *nor);
+
/* Used when the "_ext_id" is two bytes at most */
#define INFO(_jedec_id, _ext_id, _sector_size, _n_sectors, _flags) \
.id = { \
@@ -999,6 +1001,12 @@ static const struct flash_info spi_nor_i
SECT_4K | SPI_NOR_DUAL_READ | SPI_NOR_QUAD_READ |
SPI_NOR_HAS_LOCK | SPI_NOR_HAS_TB)
},
+ {
+ "gd25q256", INFO(0xc84019, 0, 64 * 1024, 512,
+ SECT_4K | SPI_NOR_DUAL_READ | SPI_NOR_QUAD_READ |
+ SPI_NOR_4B_OPCODES | SPI_NOR_HAS_LOCK | SPI_NOR_HAS_TB)
+ .quad_enable = macronix_quad_enable,
+ },
/* Intel/Numonyx -- xxxs33b */
{ "160s33b", INFO(0x898911, 0, 64 * 1024, 32, 0) },

2
target/linux/generic/hack-4.14/204-module_strip.patch
View File

@@ -98,7 +98,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -1903,6 +1903,13 @@ config TRIM_UNUSED_KSYMS
@@ -1904,6 +1904,13 @@ config TRIM_UNUSED_KSYMS
If unsure, or if you need to build out-of-tree modules, say N.

2
target/linux/generic/hack-4.14/301-mips_image_cmdline_hack.patch
View File

@@ -10,7 +10,7 @@ Signed-off-by: Gabor Juhos <juhosg@openwrt.org>
--- a/arch/mips/Kconfig
+++ b/arch/mips/Kconfig
@@ -1159,6 +1159,10 @@ config SYNC_R4K
@@ -1160,6 +1160,10 @@ config SYNC_R4K
config MIPS_MACHINE
def_bool n

2
target/linux/generic/hack-4.14/700-swconfig_switch_drivers.patch
View File

@@ -12,7 +12,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
--- a/drivers/net/phy/Kconfig
+++ b/drivers/net/phy/Kconfig
@@ -198,6 +198,89 @@ config LED_TRIGGER_PHY
@@ -199,6 +199,89 @@ config LED_TRIGGER_PHY
<Speed in megabits>Mbps or <Speed in gigabits>Gbps

2
target/linux/generic/hack-4.14/702-phy_add_aneg_done_function.patch
View File

@@ -15,7 +15,7 @@
--- a/drivers/net/phy/phy_device.c
+++ b/drivers/net/phy/phy_device.c
@@ -1466,6 +1466,9 @@ int genphy_update_link(struct phy_device
@@ -1467,6 +1467,9 @@ int genphy_update_link(struct phy_device
{
int status;

4
target/linux/generic/hack-4.14/721-phy_packets.patch
View File

@@ -56,7 +56,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
*/
--- a/include/linux/skbuff.h
+++ b/include/linux/skbuff.h
@@ -2532,6 +2532,10 @@ static inline int pskb_trim(struct sk_bu
@@ -2544,6 +2544,10 @@ static inline int pskb_trim(struct sk_bu
return (len < skb->len) ? __pskb_trim(skb, len) : 0;
}
@@ -67,7 +67,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
/**
* pskb_trim_unique - remove end from a paged unique (not cloned) buffer
* @skb: buffer to alter
@@ -2663,16 +2667,6 @@ static inline struct sk_buff *dev_alloc_
@@ -2675,16 +2679,6 @@ static inline struct sk_buff *dev_alloc_
}

2
target/linux/generic/hack-4.14/902-debloat_proc.patch
View File

@@ -393,7 +393,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -426,6 +426,9 @@ static struct pernet_operations ip_rt_pr
@@ -427,6 +427,9 @@ static struct pernet_operations ip_rt_pr
static int __init ip_rt_proc_init(void)
{

2
target/linux/generic/hack-4.14/930-crashlog.patch
View File

@@ -41,7 +41,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
+#endif
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -1009,6 +1009,10 @@ config RELAY
@@ -1010,6 +1010,10 @@ config RELAY
If unsure, say N.

6
target/linux/generic/pending-4.14/110-ehci_hcd_ignore_oc.patch
View File

@@ -17,7 +17,7 @@ Signed-off-by: Florian Fainelli <florian@openwrt.org>
--- a/drivers/usb/host/ehci-hcd.c
+++ b/drivers/usb/host/ehci-hcd.c
@@ -651,7 +651,7 @@ static int ehci_run (struct usb_hcd *hcd
@@ -652,7 +652,7 @@ static int ehci_run (struct usb_hcd *hcd
"USB %x.%x started, EHCI %x.%02x%s\n",
((ehci->sbrn & 0xf0)>>4), (ehci->sbrn & 0x0f),
temp >> 8, temp & 0xff,
@@ -28,7 +28,7 @@ Signed-off-by: Florian Fainelli <florian@openwrt.org>
&ehci->regs->intr_enable); /* Turn On Interrupts */
--- a/drivers/usb/host/ehci-hub.c
+++ b/drivers/usb/host/ehci-hub.c
@@ -646,7 +646,7 @@ ehci_hub_status_data (struct usb_hcd *hc
@@ -645,7 +645,7 @@ ehci_hub_status_data (struct usb_hcd *hc
* always set, seem to clear PORT_OCC and PORT_CSC when writing to
* PORT_POWER; that's surprising, but maybe within-spec.
*/
@@ -37,7 +37,7 @@ Signed-off-by: Florian Fainelli <florian@openwrt.org>
mask = PORT_CSC | PORT_PEC | PORT_OCC;
else
mask = PORT_CSC | PORT_PEC;
@@ -1016,7 +1016,7 @@ int ehci_hub_control(
@@ -1015,7 +1015,7 @@ int ehci_hub_control(
if (temp & PORT_PEC)
status |= USB_PORT_STAT_C_ENABLE << 16;

2
target/linux/generic/pending-4.14/120-Fix-alloc_node_mem_map-with-ARCH_PFN_OFFSET-calcu.patch
View File

@@ -71,7 +71,7 @@ Signed-off-by: Tobias Wolf <dev-NTEO@vplace.de>
--- a/mm/page_alloc.c
+++ b/mm/page_alloc.c
@@ -6151,7 +6151,7 @@ static void __ref alloc_node_mem_map(str
@@ -6152,7 +6152,7 @@ static void __ref alloc_node_mem_map(str
mem_map = NODE_DATA(0)->node_mem_map;
#if defined(CONFIG_HAVE_MEMBLOCK_NODE_MAP) || defined(CONFIG_FLATMEM)
if (page_to_pfn(mem_map) != pgdat->node_start_pfn)

2
target/linux/generic/pending-4.14/203-kallsyms_uncompressed.patch
View File

@@ -13,7 +13,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -1081,6 +1081,17 @@ config SYSCTL_ARCH_UNALIGN_ALLOW
@@ -1082,6 +1082,17 @@ config SYSCTL_ARCH_UNALIGN_ALLOW
the unaligned access emulation.
see arch/parisc/kernel/unaligned.c for reference

4
target/linux/generic/pending-4.14/300-mips_expose_boot_raw.patch
View File

@@ -9,7 +9,7 @@ Acked-by: Rob Landley <rob@landley.net>
---
--- a/arch/mips/Kconfig
+++ b/arch/mips/Kconfig
@@ -1068,9 +1068,6 @@ config FW_ARC
@@ -1069,9 +1069,6 @@ config FW_ARC
config ARCH_MAY_HAVE_PC_FDC
bool
@@ -19,7 +19,7 @@ Acked-by: Rob Landley <rob@landley.net>
config CEVT_BCM1480
bool
@@ -2968,6 +2965,18 @@ choice
@@ -2969,6 +2966,18 @@ choice
bool "Extend builtin kernel arguments with bootloader arguments"
endchoice

2
target/linux/generic/pending-4.14/304-mips_disable_fpu.patch
View File

@@ -24,7 +24,7 @@ v2: incorporated changes suggested by Jonas Gorski
--- a/arch/mips/Kconfig
+++ b/arch/mips/Kconfig
@@ -2892,6 +2892,20 @@ config MIPS_O32_FP64_SUPPORT
@@ -2893,6 +2893,20 @@ config MIPS_O32_FP64_SUPPORT
If unsure, say N.

8
target/linux/generic/pending-4.14/341-MIPS-mm-remove-no-op-dma_map_ops-where-possible.patch
View File

@@ -30,7 +30,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
select HAVE_PCSPKR_PLATFORM
select IRQ_MIPS_CPU
select I8253
@@ -1129,6 +1131,9 @@ config DMA_NONCOHERENT
@@ -1130,6 +1132,9 @@ config DMA_NONCOHERENT
bool
select NEED_DMA_MAP_STATE
@@ -40,7 +40,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
config NEED_DMA_MAP_STATE
bool
@@ -1653,6 +1658,7 @@ config CPU_R10000
@@ -1654,6 +1659,7 @@ config CPU_R10000
select CPU_SUPPORTS_64BIT_KERNEL
select CPU_SUPPORTS_HIGHMEM
select CPU_SUPPORTS_HUGEPAGES
@@ -48,7 +48,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
help
MIPS Technologies R10000-series processors.
@@ -1901,9 +1907,11 @@ config SYS_HAS_CPU_MIPS32_R3_5
@@ -1902,9 +1908,11 @@ config SYS_HAS_CPU_MIPS32_R3_5
bool
config SYS_HAS_CPU_MIPS32_R5
@@ -60,7 +60,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
bool
config SYS_HAS_CPU_MIPS64_R1
@@ -1913,6 +1921,7 @@ config SYS_HAS_CPU_MIPS64_R2
@@ -1914,6 +1922,7 @@ config SYS_HAS_CPU_MIPS64_R2
bool
config SYS_HAS_CPU_MIPS64_R6

Some files were not shown because too many files have changed in this diff Show More