Commit Graph

139 Commits

Author SHA1 Message Date
Kevin Darbyshire-Bryant
1b973b54ea kmod-sched: add act_police
"Whoop whoop, sound of da police"

Add an ingress capable traffic policer module configurable with tc.

From the man page:

The police action allows to limit bandwidth of traffic matched by the
filter it is attached to. Basically there are two different algorithms
available to measure the packet rate: The first one uses an internal
dual token bucket and is configured using the rate, burst, mtu,
peakrate, overhead and linklayer parameters. The second one uses an
in-kernel sampling mechanism. It can be fine-tuned using the estimator
filter parameter.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-04-10 12:26:31 +01:00
Eneas U de Queiroz
2e6b6f9fca kernel: add @IPV6 dependency to ipv6 modules
IPv6 modules should all depend on @IPV6, to avoid circular dependencies
problems, especially if they select a module that depends on IPV6 as
well.  In theory, if a package A depends on IPV6, any package doing
'select A' (DEPENDS+= A) should also depend on IPV6; otherwise selecting
A will fail.  Sometimes the build system is forgiving this, but
eventually, and unexpectedly, it may blow up on some other commit.

Alternatively one can conditionally add IPv6 dependencies only if
CONFIG_IPV6 is selected: (DEPENDS+= +IPV6:package6).

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2020-04-09 12:51:10 +02:00
Rosen Penev
92792ead34 kmod: add netlink-diag package
This is used by the ss utility from iproute2.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-04-07 20:39:47 +02:00
Kevin Darbyshire-Bryant
b74386acc6 kmod-sched-cake: switch to in-tree cake for 4.19+
Use in tree version of cake for kernels 4.19+ and backport features from
later kernel versions to 4.19.

Unfortunately PROVIDES dependency handling produces bogus circular
dependency warnings so whilst this package and kmod-sched-cake-oot
should be able to PROVIDE kmod-sched-cake this doesn't work.

Instead, remove the PROVIDES option and modify package sqm-scripts to
depend on the correct module independently.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-04-01 21:59:45 +01:00
Koen Vandeputte
1556ed155a kernel: mode_beet mode_transport mode_tunnel xfram modules
This adds the new xfrm4_mode_beet, xfrm4_mode_transport,
xfrm4_mode_tunnel and their IPv6 versions on kernel 5.4. These modules
were newly added in kernel 5.2.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-02-28 17:50:46 +01:00
Adrian Schmutzler
9e0aab44b6 kernel: use older kernel for explicitly setting dependencies
It is generally more desirable to use older kernel versions for
dependencies, as this will require less changes when newer kernels
are added (they will by default select the newer packages).

Since we currently only have two kernels (4.14 and 4.19) in master,
this patch applies this logic by converting all LINUX_4_19 symbols
to their inverted LINUX_4_14 equivalents.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-01-26 22:07:48 +01:00
Adrian Schmutzler
97940f8766 kernel: remove obsolete kernel version switches
After kernel 4.9 has been removed, this removes all (now obsolete)
kernel version switches that deal with versions before 4.14.

Package kmod-crypto-iv is empty now and thus removed entirely.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-01-12 16:34:20 +01:00
Felix Fietkau
c3a78955f3 kernel: move crypto-arc4 into a module
It is no longer required by wireless drivers, so we can save some space here

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-08-26 18:21:13 +02:00
Kevin Darbyshire-Bryant
4dcef8263e Revert "kmod-sched-cake: drop out of tree package, use kernel version"
This reverts commit 5c094ff660.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-07-29 16:12:42 +01:00
Kevin Darbyshire-Bryant
5c661f5aaa Revert "netsupport: move out sch_cake from kmod-sched"
This reverts commit b31f9190c3.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-07-29 16:11:39 +01:00
Kevin Darbyshire-Bryant
b31f9190c3 netsupport: move out sch_cake from kmod-sched
Fix file installation clash between kmod-sched & kmod-sched-cake as both
try to install sch_cake.ko

Remove cake from kmod-sched package as cake is supposed to be the
optional qdisc.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-07-09 13:54:24 +01:00
Konstantin Demin
5dc7d63d0a netsupport: move out mqprio from kmod-sched
Currently, there's unable to install "kmod-sched-mqprio" after
"kmod-sched" (or vice versa), because "sch_mqprio.ko" is
shipped in both packages.

Fixes: f83522fa63 ("linux: Add kmod-sched-mqprio")
Fixes: 6af639e0bf ("linux: Add kmod-sched-act-vlan")
Fixes: 72c7e2dc46 ("linux: Add kmod-sched-flower")
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
[Add cls_flower and act_vlan]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-07-08 16:42:26 +02:00
Kevin Darbyshire-Bryant
5c094ff660 kmod-sched-cake: drop out of tree package, use kernel version
CAKE made it to kernel 4.19 and since OpenWrt now at kernel 4.19 we can
drop the out of tree cake package in base repository.

Add kmod-sched-cake to netsupport so package dependencies are still met.
Similarly CAKE is retained as an optional qdisc module to avoid base
scheduler package size implications.

Backport upstream patches from k5.1 to address some small bugs and
support fwmark usage.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-07-08 11:05:43 +01:00
Yousong Zhou
f528d771c4 netsupport: add kmod-nsh
This is required by kmod-openvswitch since linux 4.15.

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-06-20 08:24:20 +00:00
André Valentin
8f5873f6c8 netsupport: improve xfrm module support
-switch to module autoprobe
-exclude 4.9 kernel

Signed-off-by: André Valentin <avalentin@marcant.net>
2019-06-16 17:32:27 +02:00
André Valentin
ae3e232b11 netsupport: add xfrmi interface support
Add support for xfrm interfaces in kernel. XFRM interfaces are used by
the IPsec stack for tunneling.
XFRM interfaces are available since linux 4.19.

Signed-off-by: André Valentin <avalentin@marcant.net>
2019-06-09 21:48:22 +02:00
Kevin Darbyshire-Bryant
b8a72dfd28 kernel: backport act_ctinfo
ctinfo is a new tc filter action module.  It is designed to restore
information contained in firewall conntrack marks to other packet fields
and is typically used on packet ingress paths.  At present it has two
independent sub-functions or operating modes, DSCP restoration mode &
skb mark restoration mode.

The DSCP restore mode:

This mode copies DSCP values that have been placed in the firewall
conntrack mark back into the IPv4/v6 diffserv fields of relevant
packets.

The DSCP restoration is intended for use and has been found useful for
restoring ingress classifications based on egress classifications across
links that bleach or otherwise change DSCP, typically home ISP Internet
links.  Restoring DSCP on ingress on the WAN link allows qdiscs such as
but by no means limited to CAKE to shape inbound packets according to
policies that are easier to set & mark on egress.

Ingress classification is traditionally a challenging task since
iptables rules haven't yet run and tc filter/eBPF programs are pre-NAT
lookups, hence are unable to see internal IPv4 addresses as used on the
typical home masquerading gateway.  Thus marking the connection in some
manner on egress for later restoration of classification on ingress is
easier to implement.

Parameters related to DSCP restore mode:

dscpmask - a 32 bit mask of 6 contiguous bits and indicate bits of the
conntrack mark field contain the DSCP value to be restored.

statemask - a 32 bit mask of (usually) 1 bit length, outside the area
specified by dscpmask.  This represents a conditional operation flag
whereby the DSCP is only restored if the flag is set.  This is useful to
implement a 'one shot' iptables based classification where the
'complicated' iptables rules are only run once to classify the
connection on initial (egress) packet and subsequent packets are all
marked/restored with the same DSCP.  A mask of zero disables the
conditional behaviour ie. the conntrack mark DSCP bits are always
restored to the ip diffserv field (assuming the conntrack entry is found
& the skb is an ipv4/ipv6 type)

e.g. dscpmask 0xfc000000 statemask 0x01000000

|----0xFC----conntrack mark----000000---|
| Bits 31-26 | bit 25 | bit24 |~~~ Bit 0|
| DSCP       | unused | flag  |unused   |
|-----------------------0x01---000000---|
      |                   |
      |                   |
      ---|             Conditional flag
         v             only restore if set
|-ip diffserv-|
| 6 bits      |
|-------------|

The skb mark restore mode (cpmark):

This mode copies the firewall conntrack mark to the skb's mark field.
It is completely the functional equivalent of the existing act_connmark
action with the additional feature of being able to apply a mask to the
restored value.

Parameters related to skb mark restore mode:

mask - a 32 bit mask applied to the firewall conntrack mark to mask out
bits unwanted for restoration.  This can be useful where the conntrack
mark is being used for different purposes by different applications.  If
not specified and by default the whole mark field is copied (i.e.
default mask of 0xffffffff)

e.g. mask 0x00ffffff to mask out the top 8 bits being used by the
aforementioned DSCP restore mode.

|----0x00----conntrack mark----ffffff---|
| Bits 31-24 |                          |
| DSCP & flag|      some value here     |
|---------------------------------------|
			|
			|
			v
|------------skb mark-------------------|
|            |                          |
|  zeroed    |                          |
|---------------------------------------|

Overall parameters:

zone - conntrack zone

control - action related control (reclassify | pipe | drop | continue |
ok | goto chain <CHAIN_INDEX>)

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Reviewed-by: Toke Høiland-Jørgensen <toke@redhat.com>
Acked-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

Make suitable adjustments for backporting to 4.14 & 4.19
and add to SCHED_MODULES_FILTER

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-06-06 15:41:07 +01:00
Kevin Darbyshire-Bryant
24e09bac48 Revert "kernel: backport act_ctinfo"
This reverts commit 7c50182e0c.

Produces build error:
Package kmod-sched is missing dependencies for the following libraries:
nf_conntrack.ko

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-06-06 10:45:15 +01:00
Kevin Darbyshire-Bryant
7c50182e0c kernel: backport act_ctinfo
ctinfo is a new tc filter action module.  It is designed to restore
information contained in firewall conntrack marks to other packet fields
and is typically used on packet ingress paths.  At present it has two
independent sub-functions or operating modes, DSCP restoration mode &
skb mark restoration mode.

The DSCP restore mode:

This mode copies DSCP values that have been placed in the firewall
conntrack mark back into the IPv4/v6 diffserv fields of relevant
packets.

The DSCP restoration is intended for use and has been found useful for
restoring ingress classifications based on egress classifications across
links that bleach or otherwise change DSCP, typically home ISP Internet
links.  Restoring DSCP on ingress on the WAN link allows qdiscs such as
but by no means limited to CAKE to shape inbound packets according to
policies that are easier to set & mark on egress.

Ingress classification is traditionally a challenging task since
iptables rules haven't yet run and tc filter/eBPF programs are pre-NAT
lookups, hence are unable to see internal IPv4 addresses as used on the
typical home masquerading gateway.  Thus marking the connection in some
manner on egress for later restoration of classification on ingress is
easier to implement.

Parameters related to DSCP restore mode:

dscpmask - a 32 bit mask of 6 contiguous bits and indicate bits of the
conntrack mark field contain the DSCP value to be restored.

statemask - a 32 bit mask of (usually) 1 bit length, outside the area
specified by dscpmask.  This represents a conditional operation flag
whereby the DSCP is only restored if the flag is set.  This is useful to
implement a 'one shot' iptables based classification where the
'complicated' iptables rules are only run once to classify the
connection on initial (egress) packet and subsequent packets are all
marked/restored with the same DSCP.  A mask of zero disables the
conditional behaviour ie. the conntrack mark DSCP bits are always
restored to the ip diffserv field (assuming the conntrack entry is found
& the skb is an ipv4/ipv6 type)

e.g. dscpmask 0xfc000000 statemask 0x01000000

|----0xFC----conntrack mark----000000---|
| Bits 31-26 | bit 25 | bit24 |~~~ Bit 0|
| DSCP       | unused | flag  |unused   |
|-----------------------0x01---000000---|
      |                   |
      |                   |
      ---|             Conditional flag
         v             only restore if set
|-ip diffserv-|
| 6 bits      |
|-------------|

The skb mark restore mode (cpmark):

This mode copies the firewall conntrack mark to the skb's mark field.
It is completely the functional equivalent of the existing act_connmark
action with the additional feature of being able to apply a mask to the
restored value.

Parameters related to skb mark restore mode:

mask - a 32 bit mask applied to the firewall conntrack mark to mask out
bits unwanted for restoration.  This can be useful where the conntrack
mark is being used for different purposes by different applications.  If
not specified and by default the whole mark field is copied (i.e.
default mask of 0xffffffff)

e.g. mask 0x00ffffff to mask out the top 8 bits being used by the
aforementioned DSCP restore mode.

|----0x00----conntrack mark----ffffff---|
| Bits 31-24 |                          |
| DSCP & flag|      some value here     |
|---------------------------------------|
			|
			|
			v
|------------skb mark-------------------|
|            |                          |
|  zeroed    |                          |
|---------------------------------------|

Overall parameters:

zone - conntrack zone

control - action related control (reclassify | pipe | drop | continue |
ok | goto chain <CHAIN_INDEX>)

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Reviewed-by: Toke Høiland-Jørgensen <toke@redhat.com>
Acked-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

Make suitable adjustments for backporting to 4.14 & 4.19

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-06-06 09:41:26 +01:00
Hauke Mehrtens
1325e74e0c kernel: Remove support for kernel 3.18
No target is using kernel 3.18 anymore, remove all the generic
support for kernel 3.18.

The removed packages are depending on kernel 3.18 only and are not used on
any recent kernel.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-05-03 22:41:38 +02:00
Hauke Mehrtens
6af639e0bf linux: Add kmod-sched-act-vlan
This allows to configure rules to push or pop vlan headers.

Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
2019-03-25 22:50:28 +01:00
Hauke Mehrtens
72c7e2dc46 linux: Add kmod-sched-flower
This allows to classify packets based on a configurable combination
of packet keys and masks.

Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
2019-03-25 22:50:28 +01:00
Hauke Mehrtens
f83522fa63 linux: Add kmod-sched-mqprio
This adds Multi-queue priority scheduler (MQPRIO).

Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
2019-03-25 22:50:28 +01:00
Tony Ambardar
ebcd5226cc kernel/modules: add kmod-bpf-test package
Add the test_bpf module that runs various test vectors against the BPF
interpreter or BPF JIT compiler. The module must be manually loaded, as
with the kmod-crypto-test module which serves a similar purpose.

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2019-02-11 20:18:48 +00:00
Tony Ambardar
6be23e91b6 kernel/modules: add kmod-sched-bpf package
Add cls_bpf and act_bpf modules for additional tc classifier and action
support of cBPF and eBPF.

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2019-02-11 20:18:48 +00:00
Tony Ambardar
cd465e3414 kernel/modules: add kmod-sched-ipset package
Add em_ipset module to support tc filter classification by IP set. Build
as a standalone package to help avoid pulling in rest of kmod-sched and
isolate new dependency on kmod-ipt-ipset.

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2019-02-11 20:18:48 +00:00
Tony Ambardar
59b58ad4c8 kernel/modules: kmod-sched: add some common, useful actions
Add act_pedit, act_csum, act_gact and act_simple modules for additional
tc action support. Module act_simple helps with debug and logging, similar
to iptables LOG target, while act_gact provides common generic actions.
Modules act_pedit and act_csum support general packet mangling, and have
been the subject of feature requests and forum discussions (e.g. DSCP),
as well as being added to the Turris OS fork of OpenWrt ~2 years ago.

Also select dependency kmod-lib-crc32c to support act_csum.

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2019-02-11 20:18:48 +00:00
Tony Ambardar
f54e9f183e kernel/modules: kmod-sched-core: add missing dependency, useful module
All tc ematch modules, including those in kmod-sched-core and kmod-sched,
use cls_basic as a core dependency. Relocate cls_basic from kmod-sched to
kmod-sched-core to avoid requiring kmod-sched unnecessarily.

This change is also backwards compatible since any past tc ematch users
will have had to install both kmod-sched-core and kmod-sched anyway.

Add the matchall kernel module cls_matchall introduced in kernel 4.8. The
matchall classifier matches every packet and allows the user to apply
actions on it. It is a simpler, more efficient replacement for the common
but cryptic tc classifier idiom "u32 match u32 0 0".

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2019-02-11 20:18:48 +00:00
Hauke Mehrtens
c8f85a866b kernel: Make kmod-mpls depend on iptunnel in kernel 4.19
This new dependency is needed with kernel 4.19.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-12-15 14:28:49 +01:00
Rosen Penev
8fc187a76e kernel: Remove dependencies on old kernels
Kernels 4.1 and 4.4 are not part of the tree anymore.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-11-01 17:16:52 +01:00
Deng Qingfang
858a8acf3e kernel/modules: add kmod-fou6 package
IPv6 support for Foo-over-UDP tunnel

Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
2018-10-20 16:24:23 +02:00
Keith Wong
79c233daa4 kernel: add kmod-tcp-bbr
This adds support for BBR (Bottleneck Bandwidth and RTT) TCP
congestion control. Applications (e.g. webservers, VPN client/server)
which initiate connections from router side can benefit from this.

This provide an easier way for users to use BBR by selecting /
installing kmod-tcp-bbr instead of altering kernel config and
compiling firmware by themselves.

Signed-off-by: Keith Wong <keithwky@gmail.com>
2018-08-25 15:40:24 +02:00
Yousong Zhou
83d8df1ea2 kernel: kmod-geneve: kmod for Geneve tunneling
This will be required for Open vSwitch geneve tunneling support

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2018-02-28 12:56:51 +08:00
Felix Fietkau
14a01311f5 kernel: remove kmod-appletalk
This has been obsolete for many years now and has been implicated in a
recent build failure

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-02-22 12:08:38 +01:00
Philip Prindeville
78f5af626c kmod-sched: add sch_multiq to extra schedulers
For hardware that supports multiple h/w output queues, add
a compatible scheduler (NET_SCH_MULTIQ).

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2018-02-13 09:21:20 +01:00
Filip Moc
7c5960ddc4 kernel: add kmod-fou
Once installed fou kernel module allows you to use FOU (Foo over UDP)
and GUE (Generic UDP encapsulation) tunnel protocols.

To get ip fou command working you also need to install ip-full.

Signed-off-by: Filip Moc <lede@moc6.cz>
2018-02-10 20:58:18 +01:00
Hauke Mehrtens
ac27f3867a kernel: kmod-rxrpc: handle renamed kernel module
The kernel module was renamed with kernel 4.11, handle that in the
package definition.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:14:12 +01:00
Hauke Mehrtens
b0d7fcdc49 kernel: deactivate some new network features
This deactivates the following options which were introduced between
kernel 4.9 and 4.14 in some kernel packages:
CONFIG_INET_ESP_OFFLOAD
CONFIG_INET6_ESP_OFFLOAD
CONFIG_LWTUNNEL_BPF
CONFIG_NET_9P_XEN

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:14:02 +01:00
Christian Lamparter
81e28be824 kernel: kmod-macsec module for 4.9
MACsec/IEEE 802.1AE is useful to secure communication to and
from endpoints at Layer 2.

Starting with 4.6, the linux kernel provides a universal
macsec driver for authentication and encryption of traffic
in a LAN, typically with GCM-AES-128, and optional replay
protection.

http://standards.ieee.org/getieee802/download/802.1AE-2006.pdf

Note:
LEDE can utilize MACsec with a static connectivity association
key (static PSK) with the ip-full package installed.
<http://man7.org/linux/man-pages/man8/ip-macsec.8.html>

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2017-10-15 00:24:22 +02:00
Philip Prindeville
22ee675f04 kernel: kmod packaging for Intel 10G ethernet ixgbe driver
A lot of Ivybridge and Haswell servers have the 82598/82599 Ethernet
controllers.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2017-03-29 08:00:14 +02:00
Hauke Mehrtens
5c651b029e kernel: fix kmod-rxrpc with kernel 4.9
rxkad will be build into af-rxrpc now and is of type boolean.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-02-12 13:55:45 +01:00
Felix Fietkau
7096ed58fd kernel: remove kmod packages for bridge, stp, llc and 8021q
Remove CONFIG_VLAN_8021Q overrides for two targets
These features are built into the kernel image for all targets

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-02-09 14:49:34 +01:00
Felix Fietkau
9ed108e98b kernel: update kmod-* packaging and dependencies for linux 4.9
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-27 11:18:27 +01:00
Toke Høiland-Jørgensen
d45f81d7b1 kmod-sched-core: Add HTB and TBF traffic shapers
HTB and TBF are the basic traffic shapers used by sqm-scripts. Moving
these into kmod-sched-core enables sqm-scripts to downgrade its
dependency from kmod-sched to kmod-sched-core, potentially making it
useful on devices with smaller flash sizes.

This adds around 30k to the size of kmod-sched-core (20k for sch_htb.ko
and 10k for sch_tbf.ko).

Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
2017-01-27 11:18:27 +01:00
Stijn Tintel
9f109876ea kernel: have kmod-ipsec depend on kmod-crypto-echainiv
The ESP algorithms in CBC mode require echainiv, so have kmod-ipsec
depend on kmod-crypto-echainiv.

See upstream commit 32b6170ca59ccf07d0e394561e54b2cd9726038c.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2016-11-29 12:19:22 +01:00
Hauke Mehrtens
0109ed87d9 kernel: add nlmon kernel module
This driver allows to monitor netlink communication on the system.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2016-09-16 23:00:01 +02:00
Daniel Golle
d7e040f8bc kernel: add fake users for udptunnel and iptunnel modules
Without any in-tree users enabled the Kernel's build process doesn't
actually build those modules. Enable some potential in-tree users
during Kernel build, so out-of-tree modules can depend on them.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2016-08-22 17:23:05 +02:00
Matteo Croce
1645abffea kernel: add plan 9 fs package
9pfs is used by kvm to share files between host and guest,
add proper config option to enable it.

Signed-off-by: Matteo Croce <matteo.croce@canonical.com>
2016-08-11 10:45:33 +02:00
Felix Fietkau
93fb6ce05b kernel: mark kmod-udptunnel as hiddden to replace the NET_UDP_TUNNEL kconfig hack
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-04 20:53:02 +02:00
Felix Fietkau
56cf1adc50 kernel: remove esfq qdisc
It has been obsolete for years now

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-08-04 18:27:54 +02:00
Dirk Neukirchen
34a3ec9c63 modules: add missing module to ipsec description
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
2016-06-06 14:58:11 +02:00
Felix Fietkau
46c7d0d1ab kernel: remove linux 4.3 support
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48955
2016-03-07 17:56:58 +00:00
John Crispin
6b90cc0268 kernel: MPLS did not exist prior to v4.4
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 48722
2016-02-15 18:45:27 +00:00
John Crispin
22f20c4a66 linux/netsupport: Add support for MPLS protocol
This adds support for MPLS protocol including usage of lightweight tunnels.
Kernel size of vmlinuz.bin grows by ~8k.

Signed-off-by: André Valentin <avalentin@marcant.net>

SVN-Revision: 48710
2016-02-12 08:31:17 +00:00
John Crispin
d086d86e6c kernel/modules: add kmod-ip6-vti
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

SVN-Revision: 48703
2016-02-12 08:30:09 +00:00
John Crispin
7865453d22 kernel/modules: rename kmod-ipvti to kmod-ip-vti
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

SVN-Revision: 48702
2016-02-12 08:30:00 +00:00
Felix Fietkau
e34acd64f5 kernel: disable AFS support by default
This pulls in CONFIG_KEYS, which bloats up the kernel size and is thus
very undesirable. It also currently exposes the kernel to a local root
vulnerability

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48364
2016-01-19 15:14:51 +00:00
Felix Fietkau
33beafa8d8 Configure IPv6 kernel options in config/Config-kernel.in
Revision 46834 changed IPv6 support from a module to builtin. But
since the configuration of the IPv6 kernel options was left in
package/kernel/linux/modules/netsupport.mk, this means that an
empty kmod-ipv6 module was still being generated (not packaged).

This patch moves the configuration of the IPv6 kernel options to
config/Config-kernel.in to remove this last bit of the module.

Note that CONFIG_IPV6_PRIVACY was dropped (enabled by default
since Linux v3.13), so this option is no longer needed.

See 5d9efa7ee9

Signed-off-by: Arjen de Korte <arjen+openwrt@de-korte.org>

SVN-Revision: 48132
2016-01-04 23:30:36 +00:00
Felix Fietkau
7509c940e9 kernel: fix duplication of sch_netem in multiple packages (#21479)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 48018
2016-01-01 12:26:09 +00:00
Jo-Philipp Wich
d99af7f05a kernel: kmod-udptunnel6 depends on IPv6
Spotted a missing 'ip6_udp_tunnel.ko' build failure during a local
build with all kmods enabled but globally disabled IPv6 support.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 47487
2015-11-16 17:39:32 +00:00
Steven Barth
0c8f0186d5 linux: make IPv6 builtin if selected (saves >30KB)
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 46834
2015-09-09 12:20:36 +00:00
Felix Fietkau
e29efa2fb7 kernel: remove packaging of kmod-crypto-core and kmod-crypto-arc4
Everything except for blkcipher was already built-in, so make blkcipher
built-in as well.

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46820
2015-09-08 12:31:04 +00:00
Steven Barth
17c90e94cf Add sch_fq and sch_pie to the kmod-sched package.
These are two new packet schedulers introduced in Linux 3.12 and 3.14
respectively. sch_fq is a perfect fairness queueing scheduler that also
adds pacing on host TCP flows, and sch_pie is an AQM.

Having them available in kmod-sched makes it easier for people to test
these new queueing schemes.

Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>

SVN-Revision: 45885
2015-06-04 05:44:44 +00:00
Steven Barth
336fc7a702 netsupport: l2tp-ip: only depend on IPv6 if IPv6 support is enabled
Before r45593 kmod-l2tp-ip did not depend on kmod-ipv6.
With r45593 support for L2TP IPv6 encapsulation was added and
included in the kmod-l2tp-ip package. This change also
added the dependency to kmod-ipv6 to kmod-l2tp-ip, regardless
of whether the user chose to generally include IPv6 support
or not.
Change this so L2TP over IPv6 and the resulting dependency
to kmod-ipv6 is only included in kmod-l2tp-ip if IPv6 support
is enabled.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

SVN-Revision: 45612
2015-05-05 13:22:33 +00:00
Steven Barth
498e3a7fd4 netsupport: package L2TPv3 over IPv6 as well
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45593
2015-05-02 07:44:47 +00:00
Felix Fietkau
e8126cbfbd kernel: remove kernel module checks/dependencies for 3.14
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45377
2015-04-11 10:43:46 +00:00
Felix Fietkau
42e950ec75 kernel: drop obsolete linux 3.10 related dependencies/checks
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45361
2015-04-10 11:52:54 +00:00
Felix Fietkau
b2f3e852d0 kernel: remove useless AddDepends/crc16 abstraction
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45133
2015-03-29 08:12:23 +00:00
Felix Fietkau
3a4cd5cdc1 kernel: remove mp-alg
from upstream
commit title: "[IPV4]: The scheduled removal of multipath cached routing support."
removed in Kernel 2.6.23 (2007)
Reasons: very buggy, no maintainer, no fixes

Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>

SVN-Revision: 45121
2015-03-29 05:15:58 +00:00
Felix Fietkau
b3fdc3cfea kernel: remove obsolete kernel version dependencies
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 44892
2015-03-19 11:59:17 +00:00
John Crispin
fa097e5ae5 kernel: disbale HAMRADIO in generic config
HAMRADIO enabled in all generic configs, but no one platform directly
use related drivers/protocols. This symbol is only used for kmod-ax25
package modules. Furthermore, half of platforms explicitly disables
this symbol, what silently disables build of modules for kmod-ax25
package.

So disable HAMRADIO by-default in generic config, add it to kmod-ax25
package and remove it from platform specific configs.

Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>

SVN-Revision: 44613
2015-03-06 07:56:21 +00:00
John Crispin
700a53f8e2 kernel: add ip_vti tunnel module
IP VTI (Virtual Tunnel Interface) is used to create a virtual device
for IPsec VPN (similar to OpenVPN).

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>

SVN-Revision: 44606
2015-03-05 20:25:11 +00:00
Jo-Philipp Wich
50364b2d08 linux: add kmod-udptunnel4 & kmod-udptunnel6 required by kmod-vxlan and kmod-l2tp for >= 3.16
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 44210
2015-01-29 22:58:40 +00:00
Jo-Philipp Wich
fefba5d685 Revert "x86_64: enable PCIE support"
This reverts commit daadd4320c4eadce3937e8ca13ede0ce1b97e125 which erroneously
introduced unrelated changes.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 44202
2015-01-29 19:15:45 +00:00
Jo-Philipp Wich
44eecf6392 x86_64: enable PCIE support
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

SVN-Revision: 44201
2015-01-29 19:12:29 +00:00
Felix Fietkau
3120c9c9c2 build: drop obsolete kernel version dependencies
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 44110
2015-01-24 20:02:09 +00:00
John Crispin
e2d82442b7 kernel/modules/vxlan: add +kmod-iptunnel as dependency
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>

SVN-Revision: 43154
2014-11-03 08:00:39 +00:00
John Crispin
7589f4baef kernel/modules: add native vxlan package
More recent kernel versions (>= 3.12) support native VXLAN
support.

The Open VSwitch kernel module tries to build using native VXLAN
support if it detects a kernel version >=3.12.

The build works fine, but during startup the OVS kernel module
does not load.
dmesg output is something like this:
    [ 1201.262842] openvswitch: Unknown symbol vxlan_sock_release
    [ 1201.262949] openvswitch: Unknown symbol vxlan_xmit_skb
    [ 1201.263161] openvswitch: Unknown symbol vxlan_sock_add

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>

SVN-Revision: 43126
2014-10-31 11:01:28 +00:00
Zoltan Herpai
aa425b88a8 fs: add kernel modules for AFS client
- add/separate crypto modules
 - add fscache support
 - add rxrpc module which is required for AFS
 - add afs module

Signed-Off-By: Nathaniel Wesley Filardo <8S9K8UGO5JGPI3U067229BBACKMQIGVH@cmx.ietfng.org>
Acked-by: Zoltan HERPAI <wigyori@uid0.hu>

SVN-Revision: 40587
2014-04-28 19:47:38 +00:00
Felix Fietkau
9d24525b1d kernel: add AutoProbe for ppp_async and ppp_synctty (should fix #14185)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 38055
2013-09-19 06:33:53 +00:00
John Crispin
f12f4074af kernel: make most modules use AutoProbe
now that we have modprobe we can set more than half of the modules to AutoProbe

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 38021
2013-09-17 21:45:17 +00:00
Hauke Mehrtens
0d9ecfa564 kernel: kmod-appletalk: fix dependencies
When CONFIG_LLC gets build as a module, also p8022.ko and psnap.ko are
getting build as a module. kmod-appletalk depends on llc.ko and
psnap.ko, but at least psnap.ko,was not packed. On most systems
CONFIG_LLC will be build into the kernel so this problem does not show
up.

This fixes the missing dependency of kmod-appletalk on psnap.ko

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 37673
2013-08-04 09:51:07 +00:00
Felix Fietkau
9ea4b73748 kernel: split slhc into a separate package and make slip depend on it
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 37408
2013-07-18 17:26:13 +00:00
Felix Fietkau
b4a847be93 kernel: fix accidental depends line duplication
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 37407
2013-07-18 16:49:55 +00:00
Felix Fietkau
f766aa2dee kernel: sctp depends on ipv6 if ipv6 is enabled
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 37406
2013-07-18 16:46:11 +00:00
Felix Fietkau
58f50a7dbd kernel: make kmod-sched depend on kmod-ipt-core
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 37404
2013-07-18 16:32:12 +00:00
Jo-Philipp Wich
32d810e75a linux: introduce new kmod-iptunnel for Linux 3.10+, add missing dependencies to netsupport packages
SVN-Revision: 37402
2013-07-18 15:47:13 +00:00
Felix Fietkau
bec39b26ad kernel: move codel from kmod-sched-core to kmod-sched, it is rarely needed
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 37256
2013-07-11 20:56:30 +00:00
John Crispin
4ebf19b48f packages: clean up the package folder
Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 37007
2013-06-21 16:54:37 +00:00