Commit graph

2476 commits

Author SHA1 Message Date
Stijn Tintel
3072908d0d kernel: bump 4.14 to 4.14.18
Refresh patches.

Remove upstreamed patches:
- apm821xx/010-crypto-gcm-add-GCM-IV-size-constant.patch
- backport/040-crypto-fix-typo-in-KPP-dependency-of-CRYPTO_ECDH.patch
Remove pending-4.14/650-pppoe_header_pad.patch, it is superseded by
upstream commit d32e5740001972c1bb193dd60af02721d047a17e.
Update patch that no longer applies: hack/204-module_strip.patch

Compile-tested: octeon, x86/64.
Runtime-tested: octeon, x86/64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-02-08 18:43:13 +01:00
Daniel Danzberger
653af8ffd3 kernel: fix forwarding locally generated packages in bridge isolation patch
Locally generated packets weren't forwarded to the isolated interfaces in a
bridge. Isolation should only prevent the flooding of incomming packets to
other interfaces in the bridge.

Signed-off-by: Daniel Danzberger <daniel@dd-wrt.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-02-05 10:16:26 +01:00
Hans Dedecker
6f425a28a4 kernel: generic: add 4.9 config option
When CGROUPS is enabled the new option CONFIG_CGROUP_NET_CLASSID is
selectable and not handled.
Add this option to the 4.9 kernel configuration.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-01-24 17:05:15 +01:00
Hauke Mehrtens
4336efe14b kernel: use upstream patches for musl
This replaces the current patches used to make the kernel headers
compatible with musl with the version which was accepted upstream. This
is included in upstream kernel 4.15.
This was compile tested with iproute2 build on all supported kernel
versions with musl and one one with glibc.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-01-20 22:11:33 +01:00
Hauke Mehrtens
f9aca01a53 kernel: backport fix for nftables on big Endian
nftables 0.8.1 generates some new commands which will not work without
this on big endian systems. This patch is included in Linux 4.11 and
later.

My rule matching a TCP port was not working:
nft add rule ip foo bar ct state new tcp dport 22 accept

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-01-20 20:22:01 +01:00
Kevin Darbyshire-Bryant
a30370bbf1 kernel: bump 4.4 to 4.4.112
Refresh patches.
Remove upstreamed patches:

target/linux/generic/patches-4.4/030-2-smsc75xx-use-skb_cow_head-to-deal-with-cloned-skbs.patch
target/linux/generic/patches-4.4/030-3-cx82310_eth-use-skb_cow_head-to-deal-with-cloned-skb.patch
target/linux/generic/patches-4.4/030-4-sr9700-use-skb_cow_head-to-deal-with-cloned-skbs.patch
target/linux/generic/patches-4.4/030-5-lan78xx-use-skb_cow_head-to-deal-with-cloned-skbs.patch

CVEs completely or partially addressed:

CVE-2017-5715
CVE-2017-5753
CVE-2017-17741
CVE-2017-1000410

Compile-tested: ar71xx Archer C7 v2
Run-tested: ar71xx Archer C7 v2

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-01-20 20:22:01 +01:00
Kevin Darbyshire-Bryant
d8565a06dc kernel: bump 4.9 to 4.9.77
Refresh patches.
Remove upstreamed patches:

target/linux/generic/backport-4.9/023-2-smsc75xx-use-skb_cow_head-to-deal-with-cloned-skbs.patch
target/linux/generic/backport-4.9/023-3-cx82310_eth-use-skb_cow_head-to-deal-with-cloned-skb.patch
target/linux/generic/backport-4.9/023-4-sr9700-use-skb_cow_head-to-deal-with-cloned-skbs.patch
target/linux/generic/backport-4.9/023-5-lan78xx-use-skb_cow_head-to-deal-with-cloned-skbs.patch

CVEs completely or partially addressed:

CVE-2017-5715
CVE-2017-5753
CVE-2017-17741
CVE-2017-1000410

Compile-tested: ar71xx Archer C7 v2
Run-tested: ar71xx Archer C7 v2

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-01-20 20:22:01 +01:00
Kevin Darbyshire-Bryant
9ddfac8015 kernel: bump 4.14 to 4.14.14
Refresh patches.

CVEs completely or partially addressed:

CVE-2017-5715
CVE-2017-5753
CVE-2017-17741
CVE-2017-1000410

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-01-20 20:22:00 +01:00
Gabor Juhos
02050f7e7d kernel/4.{4, 9}: add manufacturer ID for Winbond NANDs
Some MikroTik devices are using a Winbond NAND flash. Linux treats
it as an unknown NAND before version 4.11:

  nand: device found, Manufacturer ID: 0xef, Chip ID: 0xf1
  nand: Unknown NAND 128MiB 3,3V 8-bit
  nand: 128 MiB, SLC, erase size: 128 KiB, page size: 2048, OOB size: 64

Backport a patch from 4.11 to show the manufacturer correctly:

  nand: device found, Manufacturer ID: 0xef, Chip ID: 0xf1
  nand: Winbond NAND 128MiB 3,3V 8-bit
  nand: 128 MiB, SLC, erase size: 128 KiB, page size: 2048, OOB size: 64

Tested on a MikroTik R951Ui-2HnD board.

Signed-off-by: Gabor Juhos <juhosg@freemail.hu>
2018-01-20 20:22:00 +01:00
Stijn Tintel
d6679090b4 kernel: add missing config symbol
The KEXEC_FILE symbol exists for X86 since kernel 3.17, and since 4.10
for PPC64. Add it to x86/config-4.9 and to generic/config-4.14.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-01-14 21:27:33 +02:00
Stijn Tintel
0c12830d4a kernel: add missing DRM symbols to generic config
Several new DRM symbols that were introduced after 4.9 are missing in
the generic config for 4.14, so add them.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-01-14 21:27:26 +02:00
Stijn Tintel
6577244b6f kernel: sort generic configs
Use kconfig.pl to sort the generic kernel configs.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-01-14 20:31:02 +02:00
Stijn Tintel
34e319dd30 kernel: move DRM_DEBUG_* symbols to generic config
While working on a new target (meson), the kernel build failed due to
missing DRM_DEBUG_MM_SELFTEST symbol. This can potentially happen on all
targets that enable DRM drivers in the kernel config or via kmod
packages, so add it to the generic config and remove it from x86
subtarget configs, together with DRM_DEBUG_MM.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-01-14 20:15:01 +02:00
Florian Fainelli
d8a12a7d9f kernel: Add a bunch of missing symbols
Add a bunch of missing configuration symbols found while building
armvirt for 4.14 after re-synchronization of the configuration between
4.9 and 4.14.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2018-01-12 15:14:27 -08:00
Kevin Darbyshire-Bryant
eceff9ea8f kernel: bump 4.4 to 4.4.111
Refresh patches

Tested-on: ar71xx Archer C7 v2

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-01-11 20:33:40 +01:00
Rafał Miłecki
bde5e7a632 kernel: backport mtd implementation for "compatible" in "partitions" subnode
This backports upstream support for "compatible" DT property set for the
"partitions" subnode of flash node. It allows specifying how partitions
should be created/parsed. Right now only "fixed-partitions" is
supported.

It should eventually replace our downstream "linux,part-probe" solution.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-01-11 12:07:49 +01:00
Matthias Schiffer
ef27f15330
kernel: allow disabling multicast routing support
Multicast routing support is not needed in most setups, and increases the
size of the kernel considerably (>10K after LZMA). Add a config switch to
allow disabling it.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2018-01-11 11:51:24 +01:00
Matthias Schiffer
1abb5c6db1
generic: unlock Winbond flash on boot
The underlying issue breaking Spansion flash has been fixed with "mtd: spi-nor:
wait until lock/unlock operations are ready" and "mtd: spi-nor: wait for SR_WIP
to clear on initial unlock", so we can support unlocking for Winbond flash
again.

This is necessary to have writable flash on certain UBNT devices with some
bootloader versions.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2018-01-11 11:51:07 +01:00
Kevin Darbyshire-Bryant
efb375b579 kernel: bump 4.4 to 4.4.110
Refresh patches

Fixes:  CVE-2017-5754 aka Meltdown

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
[fix typo in commit msg, conflict after 4.14 bump]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-01-10 00:11:39 +02:00
Kevin Darbyshire-Bryant
1d2590f838 kernel: bump 4.9 to 4.9.75
Refresh patches

Fixes:  CVE-2017-5754 aka Meltdown

Tested-on: ar71xx Archer C7 v2

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
[fix conflict after 4.14 bump]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-01-10 00:11:39 +02:00
Stijn Tintel
c5ca1c9ab6 kernel: bump 4.14 to 4.14.11
Rename unwinder config symbols to match upstream changes.
Refresh patches.
Update patch that no longer applies: 202-reduce_module_size.patch

Also enable CONFIG_PAGE_TABLE_ISOLATION. This feature was backported
from 4.15 to the 4.14 stable series. It is enabled by default, so enable
it in OpenWrt as well.

Compile-tested on x86/64.
Runtime-tested on x86/64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-01-03 00:07:10 +02:00
Stijn Tintel
8b35da1552 kernel: move CONFIG_KASAN to generic config
While bumping 4.14, the kernel build failed due to missing CONFIG_KASAN
symbol. Move it to generic config instead of defining it for all arm64
and x86/64 targets.

It was only added in 4.0, so not needed in config-3.18.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-01-02 21:55:46 +02:00
Kevin Darbyshire-Bryant
4b275baf91 kernel: bump 4.9 to 4.9.73
Refresh patches.

Runtime tested: ar71xx - Archer C7 v2

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-01-02 07:14:09 +01:00
Kevin Darbyshire-Bryant
e547f1692a kernel: bump 4.4 to 4.4.108
Refresh patches.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2017-12-26 23:31:00 +01:00
Kevin Darbyshire-Bryant
7b6e01d389 kernel: bump 4.9 to 4.9.72
Refresh patches.

Runtime tested: ar71xx - Archer C7 v2

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2017-12-26 23:31:00 +01:00
Jonas Gorski
1064e76e4e linux: unbreak host tools build for 4.14
Remove a stray -Wp left in host_c_flags causing build failures for newer
4.14 versions.

Reported-by: Michael Marley <michael@michaelmarley.com>
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2017-12-25 19:06:53 +01:00
Gabor Juhos
df68e63a4f kernel/4.14: add missing newline character to UBI messages
A few UBI messages lacks the trailing newline character which
leads to ugly lines in the bootlog like this:

  [    6.649159] UBI error: no valid UBI magic found inside mtd6[    6.667751] Freeing unused kernel memory: 2196K

Add a newline character to the end of the messages to fix it.
After the fix the line from above looks better in the log:

  [    6.609182] UBI error: no valid UBI magic found inside mtd6
  [    6.627599] Freeing unused kernel memory: 2132K

Signed-off-by: Gabor Juhos <juhosg@freemail.hu>
2017-12-24 09:03:01 +01:00
Gabor Juhos
975e9cd866 kernel/4.9: add missing newline character to UBI messages
A few UBI messages lacks the trailing newline character which
leads to ugly lines in the bootlog like this:

  [    6.649159] UBI error: no valid UBI magic found inside mtd6[    6.667751] Freeing unused kernel memory: 2196K

Add a newline character to the end of the messages to fix it.
After the fix the line from above looks better in the log:

  [    6.609182] UBI error: no valid UBI magic found inside mtd6
  [    6.627599] Freeing unused kernel memory: 2132K

Signed-off-by: Gabor Juhos <juhosg@freemail.hu>
2017-12-24 09:03:01 +01:00
Gabor Juhos
bb51193acd kernel/4.4: add missing newline character to UBI messages
A few UBI messages lacks the trailing newline character which
leads to ugly lines in the bootlog like this:

  [    6.649159] UBI error: no valid UBI magic found inside mtd6[    6.667751] Freeing unused kernel memory: 2196K

Add a newline character to the end of the messages to fix it.
After the fix the line from above looks better in the log:

  [    6.609182] UBI error: no valid UBI magic found inside mtd6
  [    6.627599] Freeing unused kernel memory: 2132K

Signed-off-by: Gabor Juhos <juhosg@freemail.hu>
2017-12-24 09:03:00 +01:00
Kevin Darbyshire-Bryant
b0d99b77e5 kernel: bump 4.4 to 4.4.107
Refresh patches.

Update patch that no longer applied:
oxnas/0072-mtd-backport-v4.7-0day-patches-from-Boris.patch

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Tested-by: Rosen Penev <rosenp@gmail.com>
2017-12-23 15:36:01 +01:00
Tomasz Maciej Nowak
cb2c0649ee kernel: move console loglevel to generic
Move CONFIG_CONSOLE_LOGLEVEL_DEFAULT=7 to generic, to make it consistent
across all targets.

Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2017-12-23 14:24:40 +01:00
Stijn Tintel
efa22b1116 kernel: add missing config symbols for 4.14
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-12-21 23:54:41 +01:00
Hauke Mehrtens
f704b643b9 kernel: Update kernel 4.9 to 4.9.70
Runtime tested on lantiq.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-19 22:45:27 +01:00
Hauke Mehrtens
199273324e kernel: add kmod-crypto-ecdh
In kernel 4.14 kmod-bluetooth depends on kmod-crypto-ecdh, add
kmod-crypto-ecdh to LEDE.
Both packages also depend on the kmod-crypto-kpp package. To build this
we have to fix the dependency of CRYPTO_ECDH which has a typo.
This patch is already accepted upstream.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:13:04 +01:00
Hauke Mehrtens
b3f95490b9 kernel: generic: Add kernel 4.14 support
This adds initial support for kernel 4.14 based on the patches for
kernel 4.9.

In the configuration I deactivated some of the new possible security
features like:
CONFIG_REFCOUNT_FULL
CONFIG_SLAB_FREELIST_HARDENED
CONFIG_SOFTLOCKUP_DETECTOR
CONFIG_WARN_ALL_UNSEEDED_RANDOM

And these overlay FS options are also deactivated:
CONFIG_OVERLAY_FS_INDEX
CONFIG_OVERLAY_FS_REDIRECT_DIR

I activated this:
CONFIG_FORTIFY_SOURCE
CONFIG_POSIX_TIMERS
CONFIG_SLAB_MERGE_DEFAULT
CONFIG_WATCHDOG_HANDLE_BOOT_ENABLED

I am not sure if I did the porting correct for the following patches:
target/linux/generic/backport-4.14/020-backport_netfilter_rtcache.patch
target/linux/generic/hack-4.14/220-gc_sections.patch
target/linux/generic/hack-4.14/321-powerpc_crtsavres_prereq.patch
target/linux/generic/pending-4.14/305-mips_module_reloc.patch
target/linux/generic/pending-4.14/611-netfilter_match_bypass_default_table.patch
target/linux/generic/pending-4.14/680-NET-skip-GRO-for-foreign-MAC-addresses.patch

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:11:19 +01:00
Hauke Mehrtens
0402c48cba kernel: generic: add some more 4.9 configure options
These are taken from the x86 target and should make support kernel 4.9
and 4.14 in the x86 target easier.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:10:48 +01:00
Gabor Juhos
c13b4ef2c8 kernel: fix compiler warning in mtdsplit_minor.c under 4.4
When mtdsplit_minor.c is compiled under Linux 4.4, the compiler
drops the following warning:

    CC      drivers/mtd/mtdsplit/mtdsplit_minor.o
  drivers/mtd/mtdsplit/mtdsplit_minor.c:106:14: warning: initialization from incompatible pointer type [-Wincompatible-pointer-types]
    .parse_fn = mtdsplit_parse_minor,
                ^
  drivers/mtd/mtdsplit/mtdsplit_minor.c:106:14: note: (near initialization for 'mtdsplit_minor_parser.parse_fn')

The second parameter of the parser function must not have a 'const'
qualifier in 4.4. The 001-mtdsplit_backport.patch removes the qualifier
from other partition parsers. Update it to handle mtdsplit_minor.c as
well.

Signed-off-by: Gabor Juhos <juhosg@freemail.hu>
2017-12-15 23:57:09 +01:00
Felix Fietkau
668eb70157 kernel: MIPS compile out no-op DMA mapping ops where possible
Slightly improves networking throughput on some devices

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-12-08 19:55:17 +01:00
Stijn Tintel
f997478655 kernel: bump 4.9 to 4.9.67
Refresh patches.
Remove upstreamed patches:
- generic/190-1-5-e1000e-Fix-error-path-in-link-detection.patch
- generic/190-3-5-e1000e-Fix-return-value-test.patch
- generic/190-4-5-e1000e-Separate-signaling-for-link-check-link-up.patch
- generic/190-5-5-e1000e-Avoid-receiver-overrun-interrupt-bursts.patch
- ramips/0102-MIPS-ralink-Fix-MT7628-pinmux.patch
- ramips/0103-MIPS-ralink-Fix-typo-in-mt7628-pinmux-function
Update patches that no longer apply:
- layerscape/815-spi-support-layerscape.patch
- ramips/0099-pci-mt7620.patch

Compile-tested on ar71xx, brcm2708/bcm2708, octeon and x86/64.
Runtime-tested on ar71xx, brcm2708/bcm2708, octeon and x86/64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-12-07 01:41:09 +02:00
Rosen Penev
7a318bc1a1 kernel: Update kernel 4.4 to 4.4.100
Run-tested on ramips

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2017-11-25 19:48:39 +01:00
Stijn Tintel
9fe59abef8 kernel: bump 4.9 to 4.9.65
Refresh patches.
Compile-tested: ar71xx, octeon, x86/64.
Runtime-tested: ar71xx, octeon, x86/64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-11-24 14:09:11 +02:00
Koen Vandeputte
62ede4f783 kernel: bump 4.9 to 4.9.63
Refreshed all patches.

Removed upstreamed parts.

Compile-tested: cns3xxx, imx6, mvebu, layerscape
Run-tested: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2017-11-22 20:45:52 +01:00
Rosen Penev
146326c454 kernel: Enable fadvise on older kernels.
Backport of 56342ee2bc for older kernels.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2017-11-17 09:29:45 +01:00
Felix Fietkau
00a8f349f7 kernel: backport a patch that allows drivers to tweak the TSQ logic
Currently local TCP performance on wifi devices can be limited because
the TSQ (TCP Small Queues) code is tuned for wired ethernet latencies.

With this patch drivers can increase the amount of local buffering to
allow TCP to trigger larger aggregation sizes

This commit is modified from the upstream version to allow #ifdef based
backport feature detection

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-11-16 15:23:51 +01:00
Thibaut VARÈNE
74f891752b generic: make mtdsplit-tplink.c honor rootfs offset
The splitter ignored the rootfs offset from the header, probably
because until c1e6e61 it was invalid.

This patch fixes the splitter to use the now correct header data.

Regarding target/linux/ar71xx/files/drivers/mtd/tplinkpart.c,
this particular splitter "falls back" to the correct rootfs offset
reading and as such it doesn't need to be updated, although it will
report a kernel partition length that can be larger than the actual
length as it assumes that partition fills the entire segment up to
the rootfs partition.

Tested-by: Mathias Kresin <dev@kresin.me>
Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
Tested-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Tested-by: Henryk Heisig <hyniu@o2.pl>
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
2017-11-08 23:18:22 +01:00
Felix Fietkau
c08293893a kernel: add support for limiting 4K erase sector support based on flash chip size
Some targets need 4K sectors for small flash chips (e.g. some
routerboards, where the entire chip is just one "erase block"), whereas
on other devices 4K sectors lead to horrible flash erase/write
performance.

Set the default limit in the generic kernel configuration to 4 MiB to
ensure that all new platforms don't use 4K sectors for bigger flash
chips. On all existing targets use 16 MiB for now to avoid regressions.
They will be changed individually in follow-up commits.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-11-06 16:38:25 +01:00
Rosen Penev
56342ee2bc kernel: enable CONFIG_ADVISE_SYSCALLS
Without this, posix_[fm]advise does not work. This causes issues with
btrfs-progs, which uses fadvise to drop caches.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2017-10-27 00:45:32 +02:00
Hans Dedecker
5e425ad424 pending-4.9: 610-netfilter_match_bypass_default_check: fix 32bit compat layer
Patch 610-netfilter_match_bypass_default_check added an extra flag IPT_F_NO_DEF_MATCH
which is copied to user space in function copy_entries_to_user. The 32bit compat
layer function was missing the same logic to copy the flag IPT_F_NO_DEF_MATCH to
user space for a 64bit kernel and 32 bit user space.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Thierry Dutre <thierry.dutre@dtsystems.be>
2017-10-24 22:15:57 +02:00
Hans Dedecker
856c53f175 pending-4.4: 610-netfilter_match_bypass_default_check: fix 32bit compat layer
Patch 610-netfilter_match_bypass_default_check added an extra flag IPT_F_NO_DEF_MATCH
which is copied to user space in function copy_entries_to_user. The 32bit compat
layer function was missing the same logic to copy the flag IPT_F_NO_DEF_MATCH to
user space for a 64bit kernel and 32 bit user space.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Thierry Dutre <thierry.dutre@dtsystems.be>
2017-10-24 22:15:47 +02:00
Hans Dedecker
02ccffff3e pending-3.18: 610-netfilter_match_bypass_default_check: fix 32bit compat layer
Patch 610-netfilter_match_bypass_default_check added an extra flag IPT_F_NO_DEF_MATCH
which is copied to user space in function copy_entries_to_user. The 32bit compat
layer function was missing the same logic to copy the flag IPT_F_NO_DEF_MATCH to
user space for a 64bit kernel and 32 bit user space.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Thierry Dutre <thierry.dutre@dtsystems.be>
2017-10-24 22:15:37 +02:00