This allows us to use the bridge as a managed switch and gracefully
handle mixed tagged and untagged frames. Prior to this, the only
alternative was creating one bridge per vlan which quickly becomes a
nightmare and still won't let you mix both tagged and untagged frames on
the physical port without some complex ebtables magic.
This is in line with the notion that OpenWRT is the network go-to swiss
army knife when you need a nice set-and-forget, low maintenance box to
handle a specific task.
Current builds of the ip-bridge package already fully support this
feature so the only requirement is enabling the kernel config.
This is disabled by default so existing bridge configurations will not
be affected. This patch only gives the ability to turn it on with an
'ip link' command. If there is interest, I could look into making the
feature accessible via uci configuration.
It causes about 3.1% hit on raw bridging speed, which is relatively
trivial considering that I had to use 300 byte packets to strain the CPU
enough to notice a slowdown at all. The ER8 would chug along at wire
speed otherwise, and that's using only one core. Since the typical
bridge use case on OpenWRT is wireless, I doubt it would be noticeable
at all.
With BRIDGE_VLAN_FILTERING
iperf -u -c 192.168.1.105 -b 1G -l 300
------------------------------------------------------------
Client connecting to 192.168.1.105, UDP port 5001
Sending 300 byte datagrams, IPG target: 2.24 us (kalman adjust)
UDP buffer size: 208 KByte (default)
------------------------------------------------------------
[ 3] local 192.168.1.12 port 58045 connected with 192.168.1.105 port 5001
[ ID] Interval Transfer Bandwidth
[ 3] 0.0-10.0 sec 977 MBytes 820 Mbits/sec
[ 3] Sent 3414986 datagrams
[ 3] Server Report:
[ 3] 0.0-10.0 sec 811 MBytes 680 Mbits/sec 0.000 ms
581210/3414986 (0%)
Without BRIDGE_VLAN_FILTERING
iperf -u -c 192.168.1.105 -b 1G -l 300
------------------------------------------------------------
Client connecting to 192.168.1.105, UDP port 5001
Sending 300 byte datagrams, IPG target: 2.24 us (kalman adjust)
UDP buffer size: 208 KByte (default)
------------------------------------------------------------
[ 3] local 192.168.1.12 port 36645 connected with 192.168.1.105 port 5001
[ ID] Interval Transfer Bandwidth
[ 3] 0.0-10.0 sec 977 MBytes 820 Mbits/sec
[ 3] Sent 3414990 datagrams
[ 3] Server Report:
[ 3] 0.0-10.0 sec 836 MBytes 701 Mbits/sec 0.000 ms
493950/3414990 (0%)
In terms of kernel size, it uses 16KB (6753K vs 6737K on ER8) so a
0.002% hit. The exact 16KB is probably just due to how the kernel is
compressed.
Suggested-by: Jonathan Thibault <jonathan@navigue.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Compaction is the only memory management component to form high order (larger
physically contiguous) memory blocks reliably. The page allocator relies on
compaction heavily and the lack of the feature can lead to unexpected OOM
killer invocations for high order memory requests. You shouldn't disable this
option unless there really is a strong reason for it.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Michal Hrusecky <michal.hrusecky@nic.cz>
Optimized inlining was disabled by default when gcc 4 was still
relatively new. By now, all gcc versions handle this well and there
seems to be no real reason to keep it x86-only.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This adds some configuration options which are selectable when the
layerscape armv7 target is compiled.
This was found by build bot.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This adds some configuration options which are selectable when the
samsung target is compiled.
This was found by build bot.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Extend the small_flash feature to disable swap, core dumps, and
kernel debug info, and change the squashfs block size to 1024KiB.
Also change squashfs fragment cache to 2 for small_flash to ease memory
usage.
Signed-off-by: Alex Maclean <monkeh@monkeh.net>
Add a new config option to allow to select the default compile
optimization level for the kernel.
Select the optimization for size by default if the small_flash feature is
set. Otherwise "Optimize for performance" is set.
Add the small_flash feature flag to all (sub)targets which had the
optimization for size in their default kernel config.
Remove CC_OPTIMIZE_FOR_* symbols from all kernel configs to apply the new
setting.
Exceptions to the above are:
- lantiq, where the optimization for size is only required for the
xway_legacy subtarget but was set for the whole target
- mediatek, ramips/mt7620 & ramips/mt76x8 where boards should have
plenty of space and an optimization for size doesn't make much sense
- rb532, which has 128MByte flash
Signed-off-by: Mathias Kresin <dev@kresin.me>
CONFIG_USB_MTU3 is not visible for the mediatek target by default, but
only when CONFIG_USB_GADGET is set. This will config option will be
remove with when running "make kernel_oldconfig", move this option to
the generic config to prevent this.
This fixes the build of the mt7623 subtarget of the mediatek target.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
THIN_ARCHIVES option is enabled by default in the kernel configuration
and no one target config disables it. So enable it by default and remove
this symbol from target specific configs to keep them light.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
New FUTEX_PI configuration symbol enabled if FUTEX and RT_MUTEX symbols
are enabled. Both of these symbols are enabled by default in the
generic config, so enable FUTEX_PI by default too to keep platform
specific configs minimal.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
OVERLAY_FS config symbol selects EXPORTFS since 4.12 kernel, we have
OVERLAY_FS enabled by default, so enable EXPORTFS in the generic config
of 4.14 and remove this option from platform specific configs.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
DRM_LIB_RANDOM config symbol selected only by DRM_DEBUG_MM_SELFTEST
which is disable by default, so disable DRM_LIB_RANDOM by default too.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
These options do not used by any supported arch, so disable them by
default to make arch configs a bit more clean.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
Only one arch (x86_64) enables this option. So disable
ARCH_WANTS_THP_SWAP by default and remove referencies to it from all
configs (except x86_64) to make them clean.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
In typical OpenWrt setups, there are no other users that have a shell spawned for them by default.
This can be overriden by the kernel.dmesg_output syssctl.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
CONFIG_NVMEM_BCM_OCOTP was added in kernel 4.10 and it is possible to
activate it on the bcm53xx target. Deactivate it by default to fix the
build of the bcm53xx target.
This was found by build bot.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
When CGROUPS is enabled the new option CONFIG_CGROUP_NET_CLASSID is
selectable and not handled.
Add this option to the 4.14 kernel configuration.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
This only works with nftables for now, iptables support will be added
later. Includes a number of related upstream nftables improvements to
simplify backporting follow-up changes
Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Instead of creating an ubifs file system with format version 5 by
default on empty UBI volumes use the older format 4 by default. This
will make it possible to mount these file systems also on older kernel
versions.
When a user wants to do a sysupgrade from kernel 4.14 to kernel 4.9 the
old kernel has to read the file system created by the more recent kernel
which currently does not work for ubifs.
This fixes the problem by creating file systems which are compatible
with older kernel versions by default.
Kernel 4.14 will still be able to read and write UBI FS file system
version 5, it will just not be used when a ubifs partition is created
implicitly on an empty UBI volume.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The D-Link devices with JBOOT bootloader use their own kernel
image header (stag + sch2 headers).
This driver find jImage header and set rootfs start after kernel file.
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
This config option was renamed in upstream Linux commit 681bec0367
("tracing: Rename update the enum_map file")
Reported-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The KEXEC_FILE symbol exists for X86 since kernel 3.17, and since 4.10
for PPC64. Add it to x86/config-4.9 and to generic/config-4.14.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Several new DRM symbols that were introduced after 4.9 are missing in
the generic config for 4.14, so add them.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
While working on a new target (meson), the kernel build failed due to
missing DRM_DEBUG_MM_SELFTEST symbol. This can potentially happen on all
targets that enable DRM drivers in the kernel config or via kmod
packages, so add it to the generic config and remove it from x86
subtarget configs, together with DRM_DEBUG_MM.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Add a bunch of missing configuration symbols found while building
armvirt for 4.14 after re-synchronization of the configuration between
4.9 and 4.14.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Multicast routing support is not needed in most setups, and increases the
size of the kernel considerably (>10K after LZMA). Add a config switch to
allow disabling it.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
While bumping 4.14, the kernel build failed due to missing CONFIG_KASAN
symbol. Move it to generic config instead of defining it for all arm64
and x86/64 targets.
It was only added in 4.0, so not needed in config-3.18.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
This adds initial support for kernel 4.14 based on the patches for
kernel 4.9.
In the configuration I deactivated some of the new possible security
features like:
CONFIG_REFCOUNT_FULL
CONFIG_SLAB_FREELIST_HARDENED
CONFIG_SOFTLOCKUP_DETECTOR
CONFIG_WARN_ALL_UNSEEDED_RANDOM
And these overlay FS options are also deactivated:
CONFIG_OVERLAY_FS_INDEX
CONFIG_OVERLAY_FS_REDIRECT_DIR
I activated this:
CONFIG_FORTIFY_SOURCE
CONFIG_POSIX_TIMERS
CONFIG_SLAB_MERGE_DEFAULT
CONFIG_WATCHDOG_HANDLE_BOOT_ENABLED
I am not sure if I did the porting correct for the following patches:
target/linux/generic/backport-4.14/020-backport_netfilter_rtcache.patch
target/linux/generic/hack-4.14/220-gc_sections.patch
target/linux/generic/hack-4.14/321-powerpc_crtsavres_prereq.patch
target/linux/generic/pending-4.14/305-mips_module_reloc.patch
target/linux/generic/pending-4.14/611-netfilter_match_bypass_default_table.patch
target/linux/generic/pending-4.14/680-NET-skip-GRO-for-foreign-MAC-addresses.patch
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
