The "bridge allow reception on disabled port" implementation
was broken after these commits:
b765f4be407c ("kernel: bump 4.14 to 4.14.114")
456f486b53a7 ("kernel: bump 4.9 to 4.9.171")
This leads to issues when for example WDS is used, tied to a bridge:
[ 96.503771] wlan1: send auth to d4:5f:25:eb:09:82 (try 1/3)
[ 96.517956] wlan1: authenticated
[ 96.526209] wlan1: associate with d4:5f:25:eb:09:82 (try 1/3)
[ 97.086156] wlan1: associate with d4:5f:25:eb:09:82 (try 2/3)
[ 97.200919] wlan1: RX AssocResp from d4:5f:25:eb:09:82 (capab=0x11 status=0 aid=1)
[ 97.208706] wlan1: associated
[ 101.312913] wlan1: deauthenticated from d4:5f:25:eb:09:82 (Reason: 2=PREV_AUTH_NOT_VALID)
It seems upstream introduced a new patch, [1]
so we have to reimplement these patches properly:
target/linux/generic/pending-4.9/150-bridge_allow_receiption_on_disabled_port.patch
target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch
[1] https://lkml.org/lkml/2019/4/24/1228
Fixes: b765f4be407c ("kernel: bump 4.14 to 4.14.114")
Fixes: 456f486b53a7 ("kernel: bump 4.9 to 4.9.171")
Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
[updated commit message and title]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
This fixes a patch for the ARC architecture.
This was found by the build bot.
Fixes: 810ee3b84a2b ("kernel: bump 4.14 to 4.14.104")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Refreshed all patches.
New symbol added:
- CONFIG_CIFS_ALLOW_INSECURE_LEGACY
Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
The WD MyBook Live SquashFS images didn't work anymore due to
a upstream regression in f2fs commit: 0cfe75c5b01199
("f2fs: enhance sanity_check_raw_super() to avoid potential overflows")
that got backported to 4.14.86 and 4.9.144.
by Martin Blumenstingl:
|Treat "block_count" from struct f2fs_super_block as 64-bit little endian
|value in sanity_check_raw_super() because struct f2fs_super_block
|declares "block_count" as "__le64".
|
|This fixes a bug where the superblock validation fails on big endian
|devices with the following error:
| F2FS-fs (sda1): Wrong segment_count / block_count (61439 > 0)
| F2FS-fs (sda1): Can't find valid F2FS filesystem in 1th superblock
| F2FS-fs (sda1): Wrong segment_count / block_count (61439 > 0)
| F2FS-fs (sda1): Can't find valid F2FS filesystem in 2th superblock
|As result of this the partition cannot be mounted.
|
|With this patch applied the superblock validation works fine and the
|partition can be mounted again:
| F2FS-fs (sda1): Mounted with checkpoint version = 7c84
|
|My little endian x86-64 hardware was able to mount the partition without
|this fix.
|To confirm that mounting f2fs filesystems works on big endian machines
|again I tested this on a 32-bit MIPS big endian (lantiq) device.
Hopefully, this will do until Martin's patch moved through upstream
to -stable.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Optimized inlining was disabled by default when gcc 4 was still
relatively new. By now, all gcc versions handle this well and there
seems to be no real reason to keep it x86-only.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(backported from 1e8882585c6f4a5e7f5e2b4f18cd550aafa6f81d)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
kernel upstream commit 9efcaa7c4afba5628f2650a76f69c798f47eeb18 to 4.14
itself a backport of 0f02cfbc3d9e413d450d8d0fd660077c23f67eff has
resolved the cache line issues that led to us disabling VDSO by default
on MIPS.
Remove our force disable patch:
pending-4.14/206-mips-disable-vdso.patch
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
(backported from 8ee7a80d190b291e828cace3cac8c485f3b8667d)
Commit b7265c59ab7d ("kernel: backport a series of netfilter cleanup
patches to 4.14") added patch 302-netfilter-nf_tables_inet-don-t-use-
multihook-infrast.patch. That patch switches the netfilter core in the
kernel to use the new native NFPROTO_INET support. Unfortunately, the
new native NFPROTO_INET support does not exist in 4.14 and was not
backported along with this patchset. As such, nftables inet tables never
see any traffic.
As an example the following nft counter rule should increment for every
packet coming into the box, but never will:
nft add table inet foo
nft add chain inet foo bar { type filter hook input priority 0\; }
nft add rule inet foo bar counter
This commit pulls in the required backport patches to add the new
native NFPROTO_INET support, and thus restore nftables inet table
functionality.
Tested on Turris Omnia (mvebu)
Fixes: b7265c59ab7d ("kernel: backport a series of netfilter cleanup ...")
Signed-off-by: Brett Mastbergen <bmastbergen@untangle.com>
(backported from f57806b56e5f6ca7bb9fb66d5b175b5f98ece93c)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
