Commit graph

2516 commits

Author SHA1 Message Date
Hans Dedecker
664733de8c kernel: generic: add 4.14 config option
When CGROUPS is enabled the new option CONFIG_CGROUP_NET_CLASSID is
selectable and not handled.
Add this option to the 4.14 kernel configuration.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-02-26 16:34:41 +01:00
Felix Fietkau
a5aee46fb7 kernel: more fixes for flow offload
- fix TCP connection state
- fix checksum error on DNAT

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-02-25 18:32:02 +01:00
Felix Fietkau
1ac14d312f kernel: fix crash in flow offload code when cleaning up unregistered hooks
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-02-25 16:24:23 +01:00
Felix Fietkau
28a74f3076 kernel: remove nf_flow_table hardware offload patch (it is not ready yet)
It also does not have any users yet. It will be addde back when the core
API issues have been sorted out

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-02-25 16:24:02 +01:00
Felix Fietkau
a86e6b5a9f kernel: add minimal TCP state tracking to flow offload support
Fixes issues with connections hanging after >30 seconds idle time

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-02-25 16:14:23 +01:00
Felix Fietkau
bcf4a5f474 ramips: remove chunked-io patch and set spi->max_transfer_size instead
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-02-24 16:05:28 +01:00
Felix Fietkau
46c49d8381 kernel: optimize for performance by default starting with 4.14
Keep size optimizations for smaller targets that already switched

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-02-24 16:05:28 +01:00
Hauke Mehrtens
ae27cbf98b kernel: generic: Fix skip GRO for foreign MAC address patches
Somewhere in the kernel 4.9 migration process it looks like this patch
was broken. The update should be done when a device is added to the
bridge and when it gets removed, currently it is only done on the remove
path twice which does not make any sense.
I do not have a setup to test this now so this is only compile tested.

Fixes: f791fb4af4 ("kernel: add linux 4.9 support")
Fixes: b3f95490b9 ("kernel: generic: Add kernel 4.14 support")
Reported-by: Andrey Jr. Melnikov <temnota.am@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-02-24 16:05:28 +01:00
Tim Harvey
9f2c769a59 kernel: add missing symbol
Signed-off-by: Tim Harvey <tharvey@gateworks.com>
2018-02-22 13:12:06 +01:00
Koen Vandeputte
aad1f11efe kernel: refresh patches
Some fuzz was introduced due to the netfilter-offload series

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-02-22 12:46:25 +01:00
Felix Fietkau
9d2a23780e kernel: avoid stripping retpoline flag with CONFIG_MODULE_STRIPPED
Fixes kernel warning when loading modules

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-02-21 20:55:52 +01:00
Felix Fietkau
820f030998 netfilter: add a xt_FLOWOFFLOAD target for NAT/routing offload support
This makes it possible to add an iptables rule that offloads routing/NAT
packet processing to a software fast path. This fast path is much
quicker than running packets through the regular tables/chains.

Requires Linux 4.14

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-02-21 20:12:42 +01:00
Felix Fietkau
1033356442 kernel: backport netfilter NAT offload support to 4.14
This only works with nftables for now, iptables support will be added
later. Includes a number of related upstream nftables improvements to
simplify backporting follow-up changes

Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-02-21 20:12:42 +01:00
Felix Fietkau
b7265c59ab kernel: backport a series of netfilter cleanup patches to 4.14
Preparation for backporting upstream NAT offload support

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-02-21 20:12:42 +01:00
Felix Fietkau
0405205140 kernel: fix MIPS GIC clock source counter width (affects MT7621)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-02-21 14:46:45 +01:00
Felix Fietkau
9595a9e8d3 kernel: fix return value of usb_xhci_needs_pci_reset
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-02-20 22:29:32 +01:00
Felix Fietkau
c38fb58576 kernel: fix disabling common usb quirks on 4.14
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-02-20 22:19:41 +01:00
John Crispin
ba5f700d7f kernel: ar83xx: remove stray leading space
Signed-off-by: John Crispin <john@phrozen.org>
2018-02-20 10:33:47 +01:00
Tan Hong Hui
1263d07b89 kernel: ar83xx: add support to configure per port VLAN priority
Add support to allow for per switch port VLAN priority (PCP) bits
for the ar8327/8337 chip using the swconfig utility.

Tested on Netgear R7800

Signed-off-by: Tan Hong Hui <hhtan72@yahoo.com>
2018-02-20 10:33:34 +01:00
Koen Vandeputte
2f85985da2 kernel: backport pcie enumeration fix to kernel 4.9
This issue is also present in kernel 4.9 starting from 4.9.71
Adapted the patch, as the fixed function is in another location here.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-02-20 08:32:33 +01:00
Rafał Miłecki
8651f1149d kernel: backport patches simplifying mtd_device_parse_register code
These 2 patches were recently queued for 4.17.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-02-19 16:01:44 +01:00
Rafał Miłecki
eefe02b23f kernel: order mtd backported patches by kernel release
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-02-19 15:28:47 +01:00
Tim Harvey
3282e7189f kernel: backport dwc pci enumeration fix
Backport of:  http://patchwork.ozlabs.org/patch/860701/

Signed-off-by: Tim Harvey <tharvey@gateworks.com>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-02-19 09:32:43 +01:00
John Crispin
cc8921162f kernel: add missing symbols for v4.14
Signed-off-by: John Crispin <john@phrozen.org>
2018-02-19 09:32:43 +01:00
Stijn Tintel
ae42e7c01b kernel: add missing config symbols
They were introduced for arm64 in 4.14.20.

Fixes: 88ba41453d ("kernel: bump 4.14 to 4.14.20")

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-02-18 14:34:00 +01:00
John Crispin
761d45eb87 kernel: add missing symbol
this caused v4.14.20 based builds so fail on aarch64

Signed-off-by: John Crispin <john@phrozen.org>
2018-02-18 09:21:12 +01:00
Stijn Tintel
f621b53951 kernel: bump 4.9 to 4.9.82
Refresh patches.
Remove upstreamed patches:
- ar7/002-MIPS-AR7-ensure-the-port-type-s-FCR-value-is-used.patch
- backport/040-crypto-fix-typo-in-KPP-dependency-of-CRYPTO_ECDH.patch
Remove layerscape/819-Revert-dmaengine-dmatest-move-callback-wait-queue-to.patch,
it is superseded by upstream commit 297c7cc4b5651b174a62925b6c961085f04979fd.
Remove pending/650-pppoe_header_pad.patch, it is superseded by
upstream commit 1bd21b158e07e0b8c5a2ce832305a0ebfe42c480.
Update patches that no longer apply:
- ar71xx/004-register_gpio_driver_earlier.patch
- hack/204-module_strip.patch
- pending/493-ubi-set-ROOT_DEV-to-ubiblock-rootfs-if-unset.patch

Fixes CVE-2017-8824.

Compile-tested: ar71xx.
Runtime-tested: ar71xx.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-02-18 02:59:57 +01:00
Stijn Tintel
88ba41453d kernel: bump 4.14 to 4.14.20
Refresh patches.
Remove upstreamed patches:
- backport/080-v4.15-0001-arch-define-weak-abort.patch
- backport/081-v4.15-0002-kernel-exit.c-export-abort-to-modules.patch
Update patch that no longer applies:
pending/493-ubi-set-ROOT_DEV-to-ubiblock-rootfs-if-unset.patch

Fixes CVE-2017-8824.

Compile-tested: octeon, x86/64.
Runtime-tested: octeon, x86/64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-02-18 02:59:48 +01:00
John Crispin
6873cf4f63 kernel: add missing symbols
These cause mediatek arm to fail full builds

Signed-off-by: John Crispin <john@phrozen.org>
2018-02-16 10:02:08 +01:00
Roman Yeryomin
f4e5880d0f ramips: preliminary support for 4.14
- removed upstreamed patches
- 0901-spansion_nand_id_fix.patch is disabled, not clear if it's needed

Signed-off-by: Roman Yeryomin <roman@advem.lv>
Signed-off-by: John Crispin <john@phrozen.org>
2018-02-15 10:46:39 +01:00
Kevin Darbyshire-Bryant
0b4e3b1bed generic: swconfig: reduce lock duration on sysfs files
sysfs attributes 'port_mask' & 'speed_mask' held locks whilst doing
mundane tasks such as sprintf.  Refactor code to reduce length of time
locks are held unnecessarily.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-02-14 07:54:24 +01:00
Kevin Darbyshire-Bryant
eb8fbc4318 generic: swconfig: add mode led attribute
Add sysfs 'mode' attribute to swconfig controlled LEDs.

swconfig 'link state' LEDs blink in the presence of port traffic.  This
behaviour becomes more obvious as switches start to support
get_port_stats() e.g. commits 0369e35891,
3056d09b40,
4ddbc43cc1,
4d8a66d934.

This blinking can be confusing/distracting if the switch has other LEDs
used to indicate traffic.  Provide a 'mode' sysfs attribute that
controls the blink on traffic behaviour.

mode - either "none" (LED is off) or a space separated list of one or more:

link: LED's normal state reflects whether the link is up (has carrier) or not
tx:   LED blinks on transmitted data
rx:   LED blinks on receive data

Note that 'link' considers any port speed mask that may be applicable.
e.g. if an LED is configured to indicate 1Gbit link speed and mode is
set to 'link rx tx' but the port is connected at 100Mbit then the LED
will not light or blink. A mode of 'tx rx' will blink in the presence of
traffic only if the port matches the rate (if configured)
This maintains compatibility with existing behaviour.

Attribute is 'link tx rx' by default for backwards compatible behaviour.

Many thanks to Thibaut Varene for providing a more sensible led_event
routine after I had mangled the original, and other coding style hints.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Acked-by: Thibaut VARENE <hacks@slashdirt.org>
2018-02-14 07:54:24 +01:00
Hauke Mehrtens
87b35c16ad kernel: ubifs: create use file system format 4 by default
Instead of creating an ubifs file system with format version 5 by
default on empty UBI volumes use the older format 4 by default. This
will make it possible to mount these file systems also on older kernel
versions.

When a user wants to do a sysupgrade from kernel 4.14 to kernel 4.9 the
old kernel has to read the file system created by the more recent kernel
which currently does not work for ubifs.

This fixes the problem by creating file systems which are compatible
with older kernel versions by default.
Kernel 4.14 will still be able to read and write UBI FS file system
version 5, it will just not be used when a ubifs partition is created
implicitly on an empty UBI volume.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-02-13 22:24:56 +01:00
Hauke Mehrtens
970cbfc307 kernel: Add missing config options
These were found when compiling the new octeontx target.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-02-13 22:24:02 +01:00
George Hopkins
5c7a58764e kernel: mtdsplit: split by WRG header
Support splitting WRG images, which can be found in older
D-Link devices.

Signed-off-by: George Hopkins <george-hopkins@null.net>
2018-02-13 11:16:49 +01:00
John Crispin
6e7357097f kernel: add missing symbol
Signed-off-by: John Crispin <john@phrozen.org>
2018-02-13 10:55:46 +01:00
John Crispin
1fe888554c kernel: add missing symbol for v4.14
Signed-off-by: John Crispin <john@phrozen.org>
2018-02-13 10:01:52 +01:00
Pawel Dembicki
680e867d7f kernel: mtdsplit: Add support for D-link JBOOT
The D-Link devices with JBOOT bootloader use their own kernel
image header (stag + sch2 headers).

This driver find jImage header and set rootfs start after kernel file.

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
2018-02-11 16:02:52 +01:00
Evgeniy Didin
b38758d4d4 kernel: backport fix undefined abort
While building mpi.ko module with stable Linux v4.14.14 an error occured:
>ERROR: "abort" [lib/mpi/mpi.ko] undefined!
In upstream Linux 4.15 this issue is fixed:
Commit 7c2c11b208be ("arch: define weak abort()")
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c2c11b208be09c156573fc0076b7b3646e05219

Commit dc8635b78cd8 ("kernel/exit.c: export abort() to modules")
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dc8635b78cd8669c37e230058d18c33af7451ab1

So lets add backport patches until these fixes
are not applied in stable version.

Signed-off-by: Evgeniy Didin <Evgeniy.Didin@synopsys.com>
Cc: Alexey Brodkin <abrodkin@synopsys.com>
CC: John Crispin <john@phrozen.org>
CC: Hauke Mehrtens <hauke@hauke-m.de>
2018-02-10 20:58:39 +01:00
Hauke Mehrtens
3a2a54c055 kernel: rename CONFIG_TRACE_ENUM_MAP_FILE to CONFIG_TRACE_EVAL_MAP_FILE
This config option was renamed in upstream Linux commit 681bec0367
("tracing: Rename update the enum_map file")

Reported-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-02-10 15:39:00 +01:00
Stijn Tintel
3072908d0d kernel: bump 4.14 to 4.14.18
Refresh patches.

Remove upstreamed patches:
- apm821xx/010-crypto-gcm-add-GCM-IV-size-constant.patch
- backport/040-crypto-fix-typo-in-KPP-dependency-of-CRYPTO_ECDH.patch
Remove pending-4.14/650-pppoe_header_pad.patch, it is superseded by
upstream commit d32e5740001972c1bb193dd60af02721d047a17e.
Update patch that no longer applies: hack/204-module_strip.patch

Compile-tested: octeon, x86/64.
Runtime-tested: octeon, x86/64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-02-08 18:43:13 +01:00
Daniel Danzberger
653af8ffd3 kernel: fix forwarding locally generated packages in bridge isolation patch
Locally generated packets weren't forwarded to the isolated interfaces in a
bridge. Isolation should only prevent the flooding of incomming packets to
other interfaces in the bridge.

Signed-off-by: Daniel Danzberger <daniel@dd-wrt.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-02-05 10:16:26 +01:00
Hans Dedecker
6f425a28a4 kernel: generic: add 4.9 config option
When CGROUPS is enabled the new option CONFIG_CGROUP_NET_CLASSID is
selectable and not handled.
Add this option to the 4.9 kernel configuration.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-01-24 17:05:15 +01:00
Hauke Mehrtens
4336efe14b kernel: use upstream patches for musl
This replaces the current patches used to make the kernel headers
compatible with musl with the version which was accepted upstream. This
is included in upstream kernel 4.15.
This was compile tested with iproute2 build on all supported kernel
versions with musl and one one with glibc.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-01-20 22:11:33 +01:00
Hauke Mehrtens
f9aca01a53 kernel: backport fix for nftables on big Endian
nftables 0.8.1 generates some new commands which will not work without
this on big endian systems. This patch is included in Linux 4.11 and
later.

My rule matching a TCP port was not working:
nft add rule ip foo bar ct state new tcp dport 22 accept

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-01-20 20:22:01 +01:00
Kevin Darbyshire-Bryant
a30370bbf1 kernel: bump 4.4 to 4.4.112
Refresh patches.
Remove upstreamed patches:

target/linux/generic/patches-4.4/030-2-smsc75xx-use-skb_cow_head-to-deal-with-cloned-skbs.patch
target/linux/generic/patches-4.4/030-3-cx82310_eth-use-skb_cow_head-to-deal-with-cloned-skb.patch
target/linux/generic/patches-4.4/030-4-sr9700-use-skb_cow_head-to-deal-with-cloned-skbs.patch
target/linux/generic/patches-4.4/030-5-lan78xx-use-skb_cow_head-to-deal-with-cloned-skbs.patch

CVEs completely or partially addressed:

CVE-2017-5715
CVE-2017-5753
CVE-2017-17741
CVE-2017-1000410

Compile-tested: ar71xx Archer C7 v2
Run-tested: ar71xx Archer C7 v2

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-01-20 20:22:01 +01:00
Kevin Darbyshire-Bryant
d8565a06dc kernel: bump 4.9 to 4.9.77
Refresh patches.
Remove upstreamed patches:

target/linux/generic/backport-4.9/023-2-smsc75xx-use-skb_cow_head-to-deal-with-cloned-skbs.patch
target/linux/generic/backport-4.9/023-3-cx82310_eth-use-skb_cow_head-to-deal-with-cloned-skb.patch
target/linux/generic/backport-4.9/023-4-sr9700-use-skb_cow_head-to-deal-with-cloned-skbs.patch
target/linux/generic/backport-4.9/023-5-lan78xx-use-skb_cow_head-to-deal-with-cloned-skbs.patch

CVEs completely or partially addressed:

CVE-2017-5715
CVE-2017-5753
CVE-2017-17741
CVE-2017-1000410

Compile-tested: ar71xx Archer C7 v2
Run-tested: ar71xx Archer C7 v2

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-01-20 20:22:01 +01:00
Kevin Darbyshire-Bryant
9ddfac8015 kernel: bump 4.14 to 4.14.14
Refresh patches.

CVEs completely or partially addressed:

CVE-2017-5715
CVE-2017-5753
CVE-2017-17741
CVE-2017-1000410

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-01-20 20:22:00 +01:00
Gabor Juhos
02050f7e7d kernel/4.{4, 9}: add manufacturer ID for Winbond NANDs
Some MikroTik devices are using a Winbond NAND flash. Linux treats
it as an unknown NAND before version 4.11:

  nand: device found, Manufacturer ID: 0xef, Chip ID: 0xf1
  nand: Unknown NAND 128MiB 3,3V 8-bit
  nand: 128 MiB, SLC, erase size: 128 KiB, page size: 2048, OOB size: 64

Backport a patch from 4.11 to show the manufacturer correctly:

  nand: device found, Manufacturer ID: 0xef, Chip ID: 0xf1
  nand: Winbond NAND 128MiB 3,3V 8-bit
  nand: 128 MiB, SLC, erase size: 128 KiB, page size: 2048, OOB size: 64

Tested on a MikroTik R951Ui-2HnD board.

Signed-off-by: Gabor Juhos <juhosg@freemail.hu>
2018-01-20 20:22:00 +01:00
Stijn Tintel
d6679090b4 kernel: add missing config symbol
The KEXEC_FILE symbol exists for X86 since kernel 3.17, and since 4.10
for PPC64. Add it to x86/config-4.9 and to generic/config-4.14.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-01-14 21:27:33 +02:00