Backport upstream patch:
Commit 65cab850f0ee ("net: Allow class-e address assignment via ifconfig
ioctl") modified the IN_BADCLASS macro a bit, but unfortunatly one too
many '(' characters were added to the line, making any code that used
it, not build properly.
Also, the macro now compares an unsigned with a signed value, which
isn't ok, so fix that up by making both types match properly.
Reported-by: Christopher Ferris <cferris@google.com>
Fixes: 65cab850f0ee ("net: Allow class-e address assignment via ifconfig ioctl")
Cc: Dave Taht <dave.taht@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
upstream commit 802b7c06adc7 ("ARM: cns3xxx: Convert PCI to use generic config accessors")
reimplemented cns3xxx_pci_read_config() using pci_generic_config_read32(),
which preserved the property of only doing 32-bit reads.
It also replaced cns3xxx_pci_write_config() with pci_generic_config_write(),
so it changed writes from always being 32 bits to being the actual size,
which works just fine.
Due to:
- The documentation does not mention that only 32 bit access is allowed.
- Writes are already executed using the actual size
- Extensive testing shows that 8b, 16b and 32b reads work as intended
It makes perfectly sense to also swap 32 bit reading in favor of actual size.
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Backport https://git.kernel.org/pub/scm/linux/kernel/git/mips/linux.git/commit/?id=adcc81f148d733b7e8e641300c5590a2cdc13bf3
"Mapping the delay slot emulation page as both writeable & executable
presents a security risk, in that if an exploit can write to & jump into
the page then it can be used as an easy way to execute arbitrary code.
Prevent this by mapping the page read-only for userland, and using
access_process_vm() with the FOLL_FORCE flag to write to it from
mips_dsemul().
This will likely be less efficient due to copy_to_user_page() performing
cache maintenance on a whole page, rather than a single line as in the
previous use of flush_cache_sigtramp(). However this delay slot
emulation code ought not to be running in any performance critical paths
anyway so this isn't really a problem, and we can probably do better in
copy_to_user_page() anyway in future.
A major advantage of this approach is that the fix is small & simple to
backport to stable kernels.
Reported-by: Andy Lutomirski <luto@kernel.org>
Signed-off-by: Paul Burton <paul.burton@mips.com>
Fixes: 432c6bacbd0c ("MIPS: Use per-mm page to execute branch delay slot instructions")"
Without patch:
cat /proc/self/maps
00400000-0047a000 r-xp 00000000 1f:03 1823 /bin/busybox
00489000-0048a000 r-xp 00079000 1f:03 1823 /bin/busybox
0048a000-0048b000 rwxp 0007a000 1f:03 1823 /bin/busybox
77ec8000-77eed000 r-xp 00000000 1f:03 2296 /lib/libgcc_s.so.1
77eed000-77eee000 rwxp 00015000 1f:03 2296 /lib/libgcc_s.so.1
77eee000-77f81000 r-xp 00000000 1f:03 2470 /lib/libc.so
77f90000-77f92000 rwxp 00092000 1f:03 2470 /lib/libc.so
77f92000-77f94000 rwxp 00000000 00:00 0
7f946000-7f967000 rw-p 00000000 00:00 0 [stack]
7fefb000-7fefc000 rwxp 00000000 00:00 0
7ffac000-7ffad000 r--p 00000000 00:00 0 [vvar]
7ffad000-7ffae000 r-xp 00000000 00:00 0 [vdso]
Patch applied:
cat /proc/self/maps
00400000-0047a000 r-xp 00000000 1f:03 1825 /bin/busybox
00489000-0048a000 r-xp 00079000 1f:03 1825 /bin/busybox
0048a000-0048b000 rwxp 0007a000 1f:03 1825 /bin/busybox
77ed0000-77ef5000 r-xp 00000000 1f:03 2298 /lib/libgcc_s.so.1
77ef5000-77ef6000 rwxp 00015000 1f:03 2298 /lib/libgcc_s.so.1
77ef6000-77f89000 r-xp 00000000 1f:03 2474 /lib/libc.so
77f98000-77f9a000 rwxp 00092000 1f:03 2474 /lib/libc.so
77f9a000-77f9c000 rwxp 00000000 00:00 0
7fbed000-7fc0e000 rw-p 00000000 00:00 0 [stack]
7fefb000-7fefc000 r-xp 00000000 00:00 0
7fff6000-7fff7000 r--p 00000000 00:00 0 [vvar]
7fff7000-7fff8000 r-xp 00000000 00:00 0 [vdso]
Note lack of write permission to 7fefb000-7fefc000
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Refresh all patches
Remove upstream patch:
backport-4.14/424-v4.20-net-dsa-fix-88e6060-roaming.patch
Minor tweak to generic/hack-4.14/902-debloat_proc.patch to cleanly apply
after upstream changes.
Tested-on: ath79
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Originally, cns3xxx used it's own functions for mapping, reading and writing registers.
Upstream commit 802b7c06adc7 ("ARM: cns3xxx: Convert PCI to use generic config accessors")
removed the internal PCI config write function in favor of the generic one:
cns3xxx_pci_write_config() --> pci_generic_config_write()
cns3xxx_pci_write_config() expected aligned addresses, being produced by cns3xxx_pci_map_bus()
while the generic one pci_generic_config_write() actually expects the real address
as both the function and hardware are capable of byte-aligned writes.
This currently leads to pci_generic_config_write() writing
to the wrong registers on some ocasions.
First issue seen due to this:
- driver ath9k gets loaded
- The driver wants to write value 0xA8 to register PCI_LATENCY_TIMER, located at 0x0D
- cns3xxx_pci_map_bus() aligns the address to 0x0C
- pci_generic_config_write() effectively writes 0xA8 into register 0x0C (CACHE_LINE_SIZE)
This seems to cause some slight instability when certain PCI devices are used.
Another issue example caused by this this is the PCI bus numbering,
where the primary bus is higher than the secondary, which is impossible.
Before:
00:00.0 PCI bridge: Cavium, Inc. Device 3400 (rev 01) (prog-if 00 [Normal decode])
Flags: bus master, fast devsel, latency 0, IRQ 255
Bus: primary=02, secondary=01, subordinate=ff, sec-latency=0
After fix:
00:00.0 PCI bridge: Cavium, Inc. Device 3400 (rev 01) (prog-if 00 [Normal decode])
Flags: bus master, fast devsel, latency 0, IRQ 255
Bus: primary=00, secondary=01, subordinate=02, sec-latency=0
And very likely some more ..
Fix all by omitting the alignment being done in the mapping function.
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Backort upstream patch which preserves oif of IPv6 link scoped packets.
The outgoing interface of IPv6 link scope packets can be changed by the
function ip6_route_me_harder. This is unwanted behavior for link local
packets and multicast packets as the outgoing interface is fixed and must
not be altered as it can break neighbor discovery and multicast listener
discovery.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Backport net: Allow class-e address assignment via ifconfig ioctl
While most distributions long ago switched to the iproute2 suite
of utilities, which allow class-e (240.0.0.0/4) address assignment,
distributions relying on busybox, toybox and other forms of
ifconfig cannot assign class-e addresses without this kernel patch.
While CIDR has been obsolete for 2 decades, and a survey of all the
open source code in the world shows the IN_whatever macros are also
obsolete... rather than obsolete CIDR from this ioctl entirely, this
patch merely enables class-e assignment, sanely.
https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=65cab850f0eeaa9180bd2e10a231964f33743edf
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Disable Marvell's hardware level MAC learning because it breaks station roaming.
When enabled it drops all frames that arrive from a MAC address
that is on a different port at learning table.
Problem description:
Multiple APs with inter-AP roaming connected to different ports,
when station moves from one AP on one port to another AP on another port,
traffic flow breaks down because the learning table is not updated.
Signed-off-by: Anderson Luiz Alves <alacn1@gmail.com>
[Replaced with upstream version, move to generic]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The ledtrig-netdev was added to upstream Linux kernel 4.16, replace our
own version with the patch based on the upstream version.
This will remove the ledtrig-netdev support from kernel 3.18, because I
not want to spend time on backporting it to 3.18. This will make it
easier to use the upstream version with kernel 4.19, by just not
applying this patch.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
There was a bug in ubifs related to the O_TMPFILE. When reapplying
changes after power cut data could be lost. This problem was exposed by
overlayfs and the upstream commit 3a1e819b4e80 ("ovl: store file handle
of lower inode on copy up").
This fixes a regression introduced when switching from 4.9 to 4.14.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Backport an additional patch from 4.16 for nftables.
This fixes a build problem recently introduced.
Fixes: f57806b56e ("kernel: generic: Fix nftables inet table breakage")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Commit b7265c59ab ("kernel: backport a series of netfilter cleanup
patches to 4.14") added patch 302-netfilter-nf_tables_inet-don-t-use-
multihook-infrast.patch. That patch switches the netfilter core in the
kernel to use the new native NFPROTO_INET support. Unfortunately, the
new native NFPROTO_INET support does not exist in 4.14 and was not
backported along with this patchset. As such, nftables inet tables never
see any traffic.
As an example the following nft counter rule should increment for every
packet coming into the box, but never will:
nft add table inet foo
nft add chain inet foo bar { type filter hook input priority 0\; }
nft add rule inet foo bar counter
This commit pulls in the required backport patches to add the new
native NFPROTO_INET support, and thus restore nftables inet table
functionality.
Tested on Turris Omnia (mvebu)
Fixes: b7265c59ab ("kernel: backport a series of netfilter cleanup ...")
Signed-off-by: Brett Mastbergen <bmastbergen@untangle.com>
Refreshed all patches.
Added new patch:
- 192-Revert-ubifs-xattr-Don-t-operate-on-deleted-inodes.patch
This fixes a bug introduced in upstream 4.14.68 which caused targets using
ubifs to produce file-system errors on boot, rendering them useless.
Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
This is a new & warm feature that allows nesting partiitons in DT and
mixing their types (e.g. static vs. dynamic). It's very useful for
boards that have most partitions static but some of them require extra
parsing (e.g. a "firmware" partition).
It's required to successfully backport support for new devices using
that new syntax in their DT files.
Since brcm63xx has a custom alternative patch the upstream one is being
reverted for it. The plan is to make brcm63xx use the upstream
implementation.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rereshed all patches
Reworked patches to match upstream:
335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch
Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.
To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
Refresh patches.
Remove patch that can be reverse applied:
mvebu/patches-4.14/530-ATA-ahci_mvebu-enable-stop_engine-override.patch
mvebu/patches-4.14/531-ATA-ahci_mvebu-pmp-stop-errata-226.patch
Update patch that no longer applied:
ipq806x/patches-4.14/0035-clk-mux-Split-out-register-accessors-for-reuse.patch
Compiled-tested-for: lantiq, ramips
Run-tested-on: lantiq BT hh5a, ramips MIR3g
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Tested-by: Michael Yartys <michael.yartys@protonmail.com>
Tested-by: Rosen Penev <rosenp@gmail.com>
Backport a hot off the press upstream kernel ATM fix:
Preserve value of skb->truesize when accounting to vcc
"There's a hack in pskb_expand_head() to avoid adjusting skb->truesize
for certain skbs. Ideally it would cover ATM too. It doesn't. Just
stashing the accounted value and using it in atm_raw_pop() is probably
the easiest way to cope."
The issue was exposed by upstream with:
commit 14afee4b6092fde451ee17604e5f5c89da33e71e
Author: Reshetova, Elena <elena.reshetova@intel.com>
Date: Fri Jun 30 13:08:00 2017 +0300
net: convert sock.sk_wmem_alloc from atomic_t to refcount_t
But an earlier commit left the ticking timebomb:
158f323b9868 ("net: adjust skb->truesize in pskb_expand_head()
Sincerest thanks to Mathias Kresin <dev@kresin.me> for debugging
assistance and to David Woodhouse <dwmw2@infradead.org> for further
guidance, cajoling & patience in interpreting the debug I was giving him
and producing a fix!
Fixes FS#1567
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
This was caused by a race condition between offload teardown and
conntrack gc bumping the timeout of offloaded connections
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Backport patch adding support for the vbus-supply devicetree property,
which allows to specific GPIOs (via fixed regulators) to enable
vbus/usb power.
Signed-off-by: Mathias Kresin <dev@kresin.me>
The current option driver binds to the usb interface 2,3,4,5.
But the interface 4 and 5 doesn't answer to the AT commands.
On the new openwrt configuration the wwan script select the 5th
interface as control interface, failing to establish the
3G connection.
Backport the fix for the problem.
Signed-off-by: Giuseppe Lippolis <giu.lippolis@gmail.com>
These patches were finally accepted and are already present in the
Linus's tree. This should be good enough to make is "backport" material.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Right patch version this time, sorry!
* Patch 180-usb-xhci-add-support-for-performing-fake-doorbell.patch had to be adjusted slightly because of upstream adapted code.
* Refreshed patches.
Compile-tested: ramips/mt7621, x86/64
Run-tested: ramips/mt7621, x86/64
Signed-off-by: Stijn Segers <foss@volatilesystems.org>
Tested-by: Rosen Penev <rosenp@gmail.com>
In the commit bde5e7a632 ("kernel: backport mtd implementation for
"compatible" in "partitions" subnode") patches that got accepted into
l2-mtd.git were backported to the kernels 4.9 and 4.14. Unfortunately
there was a regression report, patches were dropped and never reached
4.16.
This commit replaces these pseudo-backports with the latest version
that includes regression fix and futher changes that were requested.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
This patch bumps the 4.14 kernel to .23.
- Refreshed patches.
- Deleted bcm53xx/patches-4.14/089-PCI-iproc-Fix-NULL-pointer-dereference-for-BCMA.patch. Has been accepted upstream.
- Deleted generic/pending-4.14/821-usb-Remove-annoying-warning-about-bogus-URB.patch. The upstream URB code was changed,
the patch no longer applies. I discussed this with the patch author and removed it for now, we'll see how it goes.
Compile-tested on: ramips/mt7621, x86/64
Run-tested on: ramips/mt7621, x86/64
Signed-off-by: Stijn Segers <foss@volatilesystems.org>
This only works with nftables for now, iptables support will be added
later. Includes a number of related upstream nftables improvements to
simplify backporting follow-up changes
Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
- removed upstreamed patches
- 0901-spansion_nand_id_fix.patch is disabled, not clear if it's needed
Signed-off-by: Roman Yeryomin <roman@advem.lv>
Signed-off-by: John Crispin <john@phrozen.org>
This replaces the current patches used to make the kernel headers
compatible with musl with the version which was accepted upstream. This
is included in upstream kernel 4.15.
This was compile tested with iproute2 build on all supported kernel
versions with musl and one one with glibc.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This backports upstream support for "compatible" DT property set for the
"partitions" subnode of flash node. It allows specifying how partitions
should be created/parsed. Right now only "fixed-partitions" is
supported.
It should eventually replace our downstream "linux,part-probe" solution.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rename unwinder config symbols to match upstream changes.
Refresh patches.
Update patch that no longer applies: 202-reduce_module_size.patch
Also enable CONFIG_PAGE_TABLE_ISOLATION. This feature was backported
from 4.15 to the 4.14 stable series. It is enabled by default, so enable
it in OpenWrt as well.
Compile-tested on x86/64.
Runtime-tested on x86/64.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
In kernel 4.14 kmod-bluetooth depends on kmod-crypto-ecdh, add
kmod-crypto-ecdh to LEDE.
Both packages also depend on the kmod-crypto-kpp package. To build this
we have to fix the dependency of CRYPTO_ECDH which has a typo.
This patch is already accepted upstream.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This adds initial support for kernel 4.14 based on the patches for
kernel 4.9.
In the configuration I deactivated some of the new possible security
features like:
CONFIG_REFCOUNT_FULL
CONFIG_SLAB_FREELIST_HARDENED
CONFIG_SOFTLOCKUP_DETECTOR
CONFIG_WARN_ALL_UNSEEDED_RANDOM
And these overlay FS options are also deactivated:
CONFIG_OVERLAY_FS_INDEX
CONFIG_OVERLAY_FS_REDIRECT_DIR
I activated this:
CONFIG_FORTIFY_SOURCE
CONFIG_POSIX_TIMERS
CONFIG_SLAB_MERGE_DEFAULT
CONFIG_WATCHDOG_HANDLE_BOOT_ENABLED
I am not sure if I did the porting correct for the following patches:
target/linux/generic/backport-4.14/020-backport_netfilter_rtcache.patch
target/linux/generic/hack-4.14/220-gc_sections.patch
target/linux/generic/hack-4.14/321-powerpc_crtsavres_prereq.patch
target/linux/generic/pending-4.14/305-mips_module_reloc.patch
target/linux/generic/pending-4.14/611-netfilter_match_bypass_default_table.patch
target/linux/generic/pending-4.14/680-NET-skip-GRO-for-foreign-MAC-addresses.patch
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>