Commit graph

100 commits

Author SHA1 Message Date
Rafał Miłecki
934edb764d kernel: don't auto-split "firmware" if it has "compatible" DT property
If "compatible" is being used that should trigger a proper parser
directly. It's more reliable thanks to not trying parsers one by one. In
such case partition shouldn't be split automatically to avoid parsing it
twice.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-11-24 08:31:55 +01:00
Koen Vandeputte
02e16e9e82 kernel: bump 4.14 to 4.14.82
Refreshed all patches.

Compile-tested: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested: ar71xx, cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Tested-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Tested-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-11-22 10:49:01 +01:00
Rafał Miłecki
4585cd3bdf kernel: move diff adding run_parsers_by_type() between mtd patches
It makes more sense to add run_parsers_by_type() in a patch that
introduces parser types. That makes the other one just add a code using
it.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-11-20 14:44:01 +01:00
Rafał Miłecki
4d0431801d kernel: don't export parse_mtd_partitions_by_type() in 4.9 and 4.14
That function isn't used anywhere out of the mtdpart.c & can be static.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-11-20 14:44:01 +01:00
Rafał Miłecki
9b8a955358 kernel: drop mtd_pad_erasesize() helper from 4.9 and 4.14
It has been last used in kernel 3.18 for uimage and squashfs splitters
embedded in the mtdpart.c.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-11-19 13:33:05 +01:00
Koen Vandeputte
e14dc93073 kernel: bump 4.14 to 4.14.81
Refreshed all patches.

Removed upstreamed patches:
- 081-spi-bcm-qspi-switch-back-to-reading-flash-using-smal.patch

Altered patches:
- 0054-cpufreq-dt-Handle-OPP-voltage-adjust-events

Compile-tested on: cns3xxx, imx6, ipq806x, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-11-14 16:27:43 +01:00
Rafał Miłecki
c7c4ae35d6 kernel: deprecate support for the generic "linux,part-probe" DT binding
It has been rejected upstream and instead a nice/more generic solution
has been implemented. It's possible now to describe partitions format
using "compatible" DT string.

No OpenWrt target uses "linux,part-probe" anymore, leave it only in case
some forks need it. It will be dropped with support for new kernels.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-11-09 14:57:45 +01:00
Koen Vandeputte
c764b2b531 kernel: bump 4.14 to 4.14.79
Refreshed all patches.

Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-11-05 16:00:00 +01:00
Baptiste Jonglez
b2c68ceea7 kernel: Add support for Winbond w25q128jv SPI NOR flash
Newer batches of several Mikrotik boards contain this yet-unsupported
flash chip, for instance:

- rb941-2nd (hAP lite)
- rb952ui-5ac2nd (hAP ac lite)
- RBM33G

and probably other Mikrotik boards need this patch as well.

The patch was submitted upstream by Robert Marko: https://patchwork.ozlabs.org/patch/934181/

Closes: FS#1715
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
Cc: Robert Marko <robimarko@gmail.com>
2018-10-20 16:13:39 +02:00
Koen Vandeputte
ca88f4153f kernel: bump 4.14 to 4.14.77
Refreshed all patches.

Altered patches:
- 666-Add-support-for-MAP-E-FMRs-mesh-mode.patch

New symbol for arm targets:
- HARDEN_BRANCH_PREDICTOR

Compile-tested on: ar71xx, cns3xxx, imx6
Runtime-tested on: ar71xx, cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-10-19 10:01:57 +02:00
Koen Vandeputte
f983956a8b kernel: bump 4.14 to 4.14.75
Refreshed all patches.

Compile-tested on: ar71xx, cns3xxx, imx6
Runtime-tested on: ar71xx, cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-10-10 14:45:11 +02:00
Felix Fietkau
1e8882585c kernel: support gcc-optimized inlining on all architectures
Optimized inlining was disabled by default when gcc 4 was still
relatively new. By now, all gcc versions handle this well and there
seems to be no real reason to keep it x86-only.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-10-09 14:15:53 +02:00
Koen Vandeputte
7bfe757bc4 kernel: bump 4.14 to 4.14.73
Refreshed all patches.

Removed upstreamed:
- 192-Revert-ubifs-xattr-Don-t-operate-on-deleted-inodes.patch

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-10-02 13:44:36 +02:00
Koen Vandeputte
e9d92bf1e1 kernel: bump 4.14 to 4.14.72
Refreshed all patches.

Removed upstreamed:
- 203-MIPS-ath79-fix-restart.patch
- 0013-MIPS-ath79-fix-system-restart.patch
- 180-earlycon-initialize-port-uartclk-based-on-clock-frequency-property.patch
- 181-earlycon-remove-hardcoded-port-uartclk-initialization-in-of_setup_earlycon. patch
- 700-1-6-e1000e-Remove-Other-from-EIAC.patch
- 700-2-6-Partial-revert-e1000e-Avoid-receiver-overrun-interrupt-bursts.patch
- 700-3-6-e1000e-Fix-queue-interrupt-re-raising-in-Other-interrupt.patch
- 700-4-6-e1000e-Avoid-missed-interrupts-following-ICR-read.patch

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-09-26 15:54:18 +02:00
Brett Mastbergen
f57806b56e kernel: generic: Fix nftables inet table breakage
Commit b7265c59ab ("kernel: backport a series of netfilter cleanup
patches to 4.14") added patch 302-netfilter-nf_tables_inet-don-t-use-
multihook-infrast.patch.  That patch switches the netfilter core in the
kernel to use the new native NFPROTO_INET support.  Unfortunately, the
new native NFPROTO_INET support does not exist in 4.14 and was not
backported along with this patchset.  As such, nftables inet tables never
see any traffic.

As an example the following nft counter rule should increment for every
packet coming into the box, but never will:

nft add table inet foo
nft add chain inet foo bar { type filter hook input priority 0\; }
nft add rule inet foo bar counter

This commit pulls in the required backport patches to add the new
native NFPROTO_INET support, and thus restore nftables inet table
functionality.

Tested on Turris Omnia (mvebu)

Fixes: b7265c59ab ("kernel: backport a series of netfilter cleanup ...")
Signed-off-by: Brett Mastbergen <bmastbergen@untangle.com>
2018-09-22 21:20:55 +02:00
Kevin Darbyshire-Bryant
8ee7a80d19 kernel: re-enable MIPS VDSO
kernel upstream commit 9efcaa7c4afba5628f2650a76f69c798f47eeb18 to 4.14
itself a backport of 0f02cfbc3d9e413d450d8d0fd660077c23f67eff has
resolved the cache line issues that led to us disabling VDSO by default
on MIPS.

Remove our force disable patch:

pending-4.14/206-mips-disable-vdso.patch

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-09-22 07:48:15 +01:00
Koen Vandeputte
0dbdb476f3 kernel: bump 4.14 to 4.14.71
Refreshed all patches.

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-09-21 13:23:16 +02:00
Koen Vandeputte
0cda4af005 kernel: bump 4.14 to 4.14.70
Refreshed all patches.

Added new patch:
- 192-Revert-ubifs-xattr-Don-t-operate-on-deleted-inodes.patch

This fixes a bug introduced in upstream 4.14.68 which caused targets using
ubifs to produce file-system errors on boot, rendering them useless.

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-09-17 15:47:44 +02:00
Bernhard Frauendienst
3370e10495 kernel: add driver for virtual mtd_concat devices
Some systems require multiple flash chips to be concatenated and read as
a single mtd device. The ar71xx target provides custom code to create
such mtdconcat devices. When porting devices to ath79, however, there is
no way to create such devices from within the device tree.

This commit adds a driver for creating virtual mtd-concat devices to the
ath79 target. Nodes must have a compatible = "virtual,mtd-concat" line,
and define a list of devices to concat in the 'devices' property,
for example:

flash {
	compatible = "virtual,mtd-concat";

	devices = <&flash0 &flash1>;
};

The driver is added to the very end of the mtd Makefile to increase the
likelyhood of all child devices already being loaded at the time of
probing, preventing unnecessary deferred probes which might in turn
cause other problems (like failure to load MAC addresses from art because
the partitions are not loaded yet).

Signed-off-by: Bernhard Frauendienst <openwrt@nospam.obeliks.de>
2018-09-10 09:35:07 +02:00
Koen Vandeputte
079871983c kernel: bump 4.14 to 4.14.68
Refreshed all patches.

Remove upstream accepted:
- 330-Revert-MIPS-BCM47XX-Enable-74K-Core-ExternalSync-for.patch

Altered:
- 303-v4.16-netfilter-nf_tables-remove-multihook-chains-and-fami.patch
- 308-mips32r2_tune.patch

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-09-07 17:21:24 +02:00
Koen Vandeputte
01793e8752 kernel: bump 4.14 to 4.14.67
Refreshed all patches.

Removed upstreamed patches:
- 037-v4.18-0008-ARM-dts-BCM5301x-Fix-i2c-controller-interrupt-type.patch

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-08-28 23:05:39 +02:00
Felix Fietkau
a1f4ebcc87 kernel: make mtd mac address increment more flexible
Allow selecting the byte on which the increment should be added.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-08-25 19:18:08 +02:00
Koen Vandeputte
6b4ba118ac kernel: bump 4.14 to 4.14.66
Refreshed all patches

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-08-22 13:47:13 +02:00
Koen Vandeputte
0ddb34b6b5 kernel: bump 4.14 to 4.14.62
Refreshed all patches.

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-08-10 18:43:23 +02:00
Stijn Tintel
14b6c72541 kernel: move e1000e patches to backports
They're already in linux.git, so they shouldn't be in pending.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-08-09 11:46:29 +02:00
David Bauer
fbe17867da kernel: allow device-tree configuration of at803x
This commit adds the ability to configure specific functions of the
at803x series ethernet-PHYs, which were previously configured
exclusively with the help of platform-data, via device-tree.

This is needed to fully support existing boards of the ar71xx platform.

Signed-off-by: David Bauer <mail@david-bauer.net>
2018-08-08 15:44:33 +02:00
Koen Vandeputte
f960490fc8 kernel: bump 4.14 to 4.14.60
Refreshed all patches

Removed upstreamed patches:
- 500-ext4-fix-check-to-prevent-initializing-reserved-inod.patch

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-08-03 16:10:38 +02:00
Daniel Golle
7dcdf16222 kernel: remove duplicate #define's in at803x Ethernet PHY driver
AT803X_REG_CHIP_CONFIG and AT803X_BT_BX_REG_SEL have been defined
upstream by commit f62265b53ef3 ("at803x: double check SGMII side autoneg")
An existing local patch then added those exact same defines again which
isn't necessary, so remove them.

Fixes: f791fb4af4 ("kernel: add linux 4.9 support")
Fixes: b3f95490b9 ("kernel: generic: Add kernel 4.14 support")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2018-07-31 05:28:48 +02:00
Stijn Tintel
ef025e6417 kernel: add pending e1000e fixes
The previous round of fixes for the 82574 chip cause an issue with
emulated e1000e devices in VMware ESXi 6.5. It also contains changes
that are not strictly necessary. These patches fix the issues introduced
in the previous series, revert the unnecessary changes to avoid
unforeseen fallout, and avoid a case where interrupts can be missed.

The final two patches of this series are already in the kernel, so no
need to include them here.

Patchwork: https://patchwork.ozlabs.org/cover/881776/

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-07-31 05:11:34 +03:00
Stijn Tintel
22b9f99b87 kernel: bump 4.14 to 4.14.59
Drop patch that was superseded upstream:
ramips/0036-mtd-fix-cfi-cmdset-0002-erase-status-check.patch

Drop upstreamed patches:
- apm821xx/020-0001-crypto-crypto4xx-remove-bad-list_del.patch
- apm821xx/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch
- ath79/0011-MIPS-ath79-fix-register-address-in-ath79_ddr_wb_flus.patch
- brcm63xx/001-4.15-08-bcm63xx_enet-correct-clock-usage.patch
- brcm63xx/001-4.15-09-bcm63xx_enet-do-not-write-to-random-DMA-channel-on-B.patch
- generic/backport/080-net-convert-sock.sk_wmem_alloc-from-atomic_t-to-refc.patch
- generic/pending/170-usb-dwc2-Fix-DMA-alignment-to-start-at-allocated-boun.patch
- generic/pending/900-gen_stats-fix-netlink-stats-padding.patch

In 4.14.55, a patch was introduced that breaks ext4 images in some
cases. The newly introduced patch
backport-4.14/500-ext4-fix-check-to-prevent-initializing-reserved-inod.patch
addresses this breakage.

Fixes the following CVEs:
- CVE-2018-10876
- CVE-2018-10877
- CVE-2018-10879
- CVE-2018-10880
- CVE-2018-10881
- CVE-2018-10882
- CVE-2018-10883

Compile-tested: ath79, octeon, x86/64
Runtime-tested: ath79, octeon, x86/64

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-07-31 05:11:07 +03:00
Matt Merhar
a2eaaaaf4b kernel: switch compatible property for RedBoot DT binding
This changes the DT binding's compatible property to
"ecoscentric,redboot-fis-partitions", removing the existing reference to
Red Hat.

Per the documentation hosted at eCosCentric's website, eCosCentric is
RedBoot's sole commercial maintainer since 2002, and the project has
been under the stewardship of the Free Software Foundation since 2008.

This also updates the property in the Inventel Livebox 1 .dts, the
binding's only current user.

Signed-off-by: Matt Merhar <mattmerhar@protonmail.com>
2018-07-30 23:49:49 +02:00
Pawel Dembicki
aa5838adb7 kernel: generic: fix problem with w1-gpio-custom
In boards with fdt is impossible to use kmod-w1-gpio-custom.
w1-gpio-custom create platform structure for w1-gpio module,
but if board use fdt, data is ignored in w1-gpio probe.

This workaround fix the problem.

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
2018-07-30 10:43:37 +02:00
Rafał Miłecki
5e8b4be531 kernel: add DT binding support to the mtd redboot parser
It allows using that parser with the "compatible" set in DT.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-07-30 08:39:52 +02:00
Rafał Miłecki
2a598bbaa3 kernel: backport mtd support for subpartitions in DT
This is a new & warm feature that allows nesting partiitons in DT and
mixing their types (e.g. static vs. dynamic). It's very useful for
boards that have most partitions static but some of them require extra
parsing (e.g. a "firmware" partition).

It's required to successfully backport support for new devices using
that new syntax in their DT files.

Since brcm63xx has a custom alternative patch the upstream one is being
reverted for it. The plan is to make brcm63xx use the upstream
implementation.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-07-27 22:16:24 +02:00
Mathias Kresin
3716b5e4e6 kernel: don't auto attach ubi on read error
With a10a204aab ("kernel: make ubi auto-attach check for a tar file
magic") the check for the magic was added without considering a failing
mtd_read(). If the read fails, no check is done and the mount code is
called straight away.

Failing with an error message for such cases seems to me the cleaner way,
as it would allow to spot hidden/workaround issues.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2018-07-24 22:24:21 +02:00
Mathias Kresin
0ac91d82ed kernel: handle bad blocks in ubi auto attach code
The first block(s) of the ubi mtd device might be bad. We need to take
care on our own to skip the bad block(s) and read the next one(s).

Don't treat recoverable read errors as fatal and check for the UBI magic
if the data of a block could be recovered using ECC or similar.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2018-07-24 22:24:21 +02:00
Mathias Kresin
fdf6760cda kernel: improve ubi auto attach code readability
Move the put_mtd_device() called on multiple error conditions to a goto
label to use it later for more error conditions.

The early return on failed open of the mtd device and mismatching mtd
type allows to get rid of one level of indentation. By jumping to the
cleanup code, a refcount bug is fixed for the wrong flash type condition.

While at it, make clear that we only check for the UBI magic if the read
from flash was successful.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2018-07-24 22:24:21 +02:00
Koen Vandeputte
ba2b0f0ac6 kernel: bump 4.14 to 4.14.54
Rereshed all patches

Reworked patches to match upstream:
335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-07-11 16:02:24 +02:00
Rafał Miłecki
7ddba08d87 kernel: bcm47xxpart: fix getting user-space data partition name
Partition name is picked by a parser_trx_data_part_name(). It has to
get correct partition offset (taking care of bad blocks) to work
properly.

This fixes UBI support for devices that have kernel flashed on partition
with a bad block.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-07-10 14:05:02 +02:00
Antti Seppälä
9f451ec698 kernel: usb: dwc2 DMA alignment fixes
Add two patches submitted for upstream review that significantly improve
the dwc2 driver on openwrt from kernel stability and performance
perspectives.

Fixes: FS#1367

Signed-off-by: Antti Seppälä <a.seppala@gmail.com>
2018-07-07 18:19:39 +02:00
Koen Vandeputte
d0839e020d kernel: bump 4.14 to 4.14.53
Refreshed all patches

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-07-04 14:16:37 +02:00
Mathias Kresin
eccde89aa4 kernel: fix AT8032 PHY phy id mask
Don't mask bit 4 of the AT8022 phy id. If bit 4 of the AT8022 phy id
(0x004dd023) is masked, it will match the phy id of the AR8327 switch
(0x004dd033) as well.

It results in applied at803x driver settings/callbacks, which will at
least limit the AR8327 phys to 100MBit operation instead of the possible
1000MBit.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2018-07-04 01:19:05 +02:00
Kevin Darbyshire-Bryant
3698b34a00 kernel: gen_stats: Fix netlink stats dumping in the presence of padding
Backport hot off the press upstream netlink patch.  Fixes stats display
from CAKE qdisc on MIPS allowing us to bump CAKE to latest version.

The gen_stats facility will add a header for the toplevel nlattr of type
TCA_STATS2 that contains all stats added by qdisc callbacks. A reference
to this header is stored in the gnet_dump struct, and when all the
per-qdisc callbacks have finished adding their stats, the length of the
containing header will be adjusted to the right value.

However, on architectures that need padding (i.e., that don't set
CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS), the padding nlattr is added
before the stats, which means that the stored pointer will point to the
padding, and so when the header is fixed up, the result is just a very
big padding nlattr. Because most qdiscs also supply the legacy TCA_STATS
struct, this problem has been mostly invisible, but we exposed it with
the netlink attribute-based statistics in CAKE.

Fix the issue by fixing up the stored pointer if it points to a padding
nlattr.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-07-03 11:40:18 +01:00
Koen Vandeputte
f4ac88b509 kernel: bump 4.14 to 4.14.52
Refreshed all patches

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-07-02 07:04:48 +02:00
Axel Neumann
65c05301c2 Re-enable arbitrary IPv6 addresses as outer ip4-in-ip6 tunnel source address
The 666-Add-support-for-MAP-E-FMRs-mesh-mode.patch kernel patches
break the possibility for using an ip4ip6 tunnel interface as a fall
back interface accepting ip4-in-ip6 tunneled packets from any remote
address. This works out of the box with any normal (non-666-patched)
kernel and can be configured by setting up an 'ip -6 tunnel' with type
'any' or 'ip4ip6' and a remote address of '::'.

The misbehavior comes with line 290 the patch which discards all packets
that do not show the expected saddr, even if no single fmr rule was
defined and despite the validity of the saddr was already approved earlier.

Signed-off-by: Axel Neumann <neumann@cgws.de>
Acked-by: Hans Dedecker <dedeckeh@gmail.com>
2018-06-23 09:47:05 +02:00
Koen Vandeputte
2b9885571b kernel: bump 4.14 to 4.14.49
Refreshed all patches

Compile-tested on: cns3xxx, imx6, x86-64
Runtime-tested on: cns3xxx, imx6, x86-64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-06-18 07:10:19 +02:00
Felix Fietkau
5101515375 kernel: fix conntrack fixup of offloaded flows on timeout
Fixes excessively long conntrack timeout of short lived connections

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-06-14 11:25:24 +02:00
Felix Fietkau
68ab89854f kernel: fix conntrack leak for flow_offload connections
This was caused by a race condition between offload teardown and
conntrack gc bumping the timeout of offloaded connections

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-06-13 12:54:45 +02:00
Felix Fietkau
e820734f79 kernel: allow hardware NAT offload drivers to keep a priv pointer
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-06-13 12:54:25 +02:00
Stijn Tintel
e52f3e9b13 kernel: bump 4.14 to 4.14.48
Remove upstreamed patches:
generic/pending/101-clocksource-mips-gic-timer-fix-clocksource-counter-w.patch
generic/pending/103-MIPS-c-r4k-fix-data-corruption-related-to-cache-coherence.patch
generic/pending/182-net-qmi_wwan-add-BroadMobi-BM806U-2020-2033.patch
lantiq/0025-MIPS-lantiq-gphy-Remove-reboot-remove-reset-asserts.patch
Update patches that no longer apply:
generic/pending/811-pci_disable_usb_common_quirks.patch
ath79/0009-MIPS-ath79-add-lots-of-missing-registers.patch

Fixes CVE-2018-6412.

Compile-tested: octeon, x86/64.
Runtime-tested: octeon, x86/64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-06-05 22:54:00 +03:00