This allows us to use the bridge as a managed switch and gracefully
handle mixed tagged and untagged frames. Prior to this, the only
alternative was creating one bridge per vlan which quickly becomes a
nightmare and still won't let you mix both tagged and untagged frames on
the physical port without some complex ebtables magic.
This is in line with the notion that OpenWRT is the network go-to swiss
army knife when you need a nice set-and-forget, low maintenance box to
handle a specific task.
Current builds of the ip-bridge package already fully support this
feature so the only requirement is enabling the kernel config.
This is disabled by default so existing bridge configurations will not
be affected. This patch only gives the ability to turn it on with an
'ip link' command. If there is interest, I could look into making the
feature accessible via uci configuration.
It causes about 3.1% hit on raw bridging speed, which is relatively
trivial considering that I had to use 300 byte packets to strain the CPU
enough to notice a slowdown at all. The ER8 would chug along at wire
speed otherwise, and that's using only one core. Since the typical
bridge use case on OpenWRT is wireless, I doubt it would be noticeable
at all.
With BRIDGE_VLAN_FILTERING
iperf -u -c 192.168.1.105 -b 1G -l 300
------------------------------------------------------------
Client connecting to 192.168.1.105, UDP port 5001
Sending 300 byte datagrams, IPG target: 2.24 us (kalman adjust)
UDP buffer size: 208 KByte (default)
------------------------------------------------------------
[ 3] local 192.168.1.12 port 58045 connected with 192.168.1.105 port 5001
[ ID] Interval Transfer Bandwidth
[ 3] 0.0-10.0 sec 977 MBytes 820 Mbits/sec
[ 3] Sent 3414986 datagrams
[ 3] Server Report:
[ 3] 0.0-10.0 sec 811 MBytes 680 Mbits/sec 0.000 ms
581210/3414986 (0%)
Without BRIDGE_VLAN_FILTERING
iperf -u -c 192.168.1.105 -b 1G -l 300
------------------------------------------------------------
Client connecting to 192.168.1.105, UDP port 5001
Sending 300 byte datagrams, IPG target: 2.24 us (kalman adjust)
UDP buffer size: 208 KByte (default)
------------------------------------------------------------
[ 3] local 192.168.1.12 port 36645 connected with 192.168.1.105 port 5001
[ ID] Interval Transfer Bandwidth
[ 3] 0.0-10.0 sec 977 MBytes 820 Mbits/sec
[ 3] Sent 3414990 datagrams
[ 3] Server Report:
[ 3] 0.0-10.0 sec 836 MBytes 701 Mbits/sec 0.000 ms
493950/3414990 (0%)
In terms of kernel size, it uses 16KB (6753K vs 6737K on ER8) so a
0.002% hit. The exact 16KB is probably just due to how the kernel is
compressed.
Suggested-by: Jonathan Thibault <jonathan@navigue.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
No single target/arch uses it and most likely there is no need to make
such a potential code target/arch specific.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
If "compatible" is being used that should trigger a proper parser
directly. It's more reliable thanks to not trying parsers one by one. In
such case partition shouldn't be split automatically to avoid parsing it
twice.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Currently, the b53 MDIO switch driver registers the switch on
config-init and not on device probe. Because of this, the switch
gets added every time the associated interface comes up.
This commit fixes this behavior by registering the switch on device
probe.
Compile- and run-tested on OCEDO Koala.
Signed-off-by: David Bauer <mail@david-bauer.net>
It makes more sense to add run_parsers_by_type() in a patch that
introduces parser types. That makes the other one just add a code using
it.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
There was a bug in ubifs related to the O_TMPFILE. When reapplying
changes after power cut data could be lost. This problem was exposed by
overlayfs and the upstream commit 3a1e819b4e80 ("ovl: store file handle
of lower inode on copy up").
This fixes a regression introduced when switching from 4.9 to 4.14.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
It has been rejected upstream and instead a nice/more generic solution
has been implemented. It's possible now to describe partitions format
using "compatible" DT string.
No OpenWrt target uses "linux,part-probe" anymore, leave it only in case
some forks need it. It will be dropped with support for new kernels.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Newer batches of several Mikrotik boards contain this yet-unsupported
flash chip, for instance:
- rb941-2nd (hAP lite)
- rb952ui-5ac2nd (hAP ac lite)
- RBM33G
and probably other Mikrotik boards need this patch as well.
The patch was submitted upstream by Robert Marko: https://patchwork.ozlabs.org/patch/934181/
Closes: FS#1715
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
Cc: Robert Marko <robimarko@gmail.com>
Refreshed all patches.
Altered patches:
- 666-Add-support-for-MAP-E-FMRs-mesh-mode.patch
New symbol for arm targets:
- HARDEN_BRANCH_PREDICTOR
Compile-tested on: ar71xx, cns3xxx, imx6
Runtime-tested on: ar71xx, cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Compaction is the only memory management component to form high order (larger
physically contiguous) memory blocks reliably. The page allocator relies on
compaction heavily and the lack of the feature can lead to unexpected OOM
killer invocations for high order memory requests. You shouldn't disable this
option unless there really is a strong reason for it.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Michal Hrusecky <michal.hrusecky@nic.cz>
Optimized inlining was disabled by default when gcc 4 was still
relatively new. By now, all gcc versions handle this well and there
seems to be no real reason to keep it x86-only.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
The cache coloring problem on MIPS CPUs was fixed with kernel 4.9.129 of
the kernel 4.9 branch. Activate VDSO support for MIPS again.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This adds some configuration options which are selectable when the
layerscape armv7 target is compiled.
This was found by build bot.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This adds some configuration options which are selectable when the
samsung target is compiled.
This was found by build bot.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Backport an additional patch from 4.16 for nftables.
This fixes a build problem recently introduced.
Fixes: f57806b56e ("kernel: generic: Fix nftables inet table breakage")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Commit b7265c59ab ("kernel: backport a series of netfilter cleanup
patches to 4.14") added patch 302-netfilter-nf_tables_inet-don-t-use-
multihook-infrast.patch. That patch switches the netfilter core in the
kernel to use the new native NFPROTO_INET support. Unfortunately, the
new native NFPROTO_INET support does not exist in 4.14 and was not
backported along with this patchset. As such, nftables inet tables never
see any traffic.
As an example the following nft counter rule should increment for every
packet coming into the box, but never will:
nft add table inet foo
nft add chain inet foo bar { type filter hook input priority 0\; }
nft add rule inet foo bar counter
This commit pulls in the required backport patches to add the new
native NFPROTO_INET support, and thus restore nftables inet table
functionality.
Tested on Turris Omnia (mvebu)
Fixes: b7265c59ab ("kernel: backport a series of netfilter cleanup ...")
Signed-off-by: Brett Mastbergen <bmastbergen@untangle.com>
kernel upstream commit 9efcaa7c4afba5628f2650a76f69c798f47eeb18 to 4.14
itself a backport of 0f02cfbc3d9e413d450d8d0fd660077c23f67eff has
resolved the cache line issues that led to us disabling VDSO by default
on MIPS.
Remove our force disable patch:
pending-4.14/206-mips-disable-vdso.patch
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
Refreshed all patches.
Added new patch:
- 192-Revert-ubifs-xattr-Don-t-operate-on-deleted-inodes.patch
This fixes a bug introduced in upstream 4.14.68 which caused targets using
ubifs to produce file-system errors on boot, rendering them useless.
Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Some systems require multiple flash chips to be concatenated and read as
a single mtd device. The ar71xx target provides custom code to create
such mtdconcat devices. When porting devices to ath79, however, there is
no way to create such devices from within the device tree.
This commit adds a driver for creating virtual mtd-concat devices to the
ath79 target. Nodes must have a compatible = "virtual,mtd-concat" line,
and define a list of devices to concat in the 'devices' property,
for example:
flash {
compatible = "virtual,mtd-concat";
devices = <&flash0 &flash1>;
};
The driver is added to the very end of the mtd Makefile to increase the
likelyhood of all child devices already being loaded at the time of
probing, preventing unnecessary deferred probes which might in turn
cause other problems (like failure to load MAC addresses from art because
the partitions are not loaded yet).
Signed-off-by: Bernhard Frauendienst <openwrt@nospam.obeliks.de>
By default the RPS delegation will happen by masking the last few bits of
skb->hash. This patch adds an inermediate hash bucket that maps the masked
hash to a RPS core. This makes RPS results much more deterministic on SMP
systems.
Signed-off-by: John Crispin <john@phrozen.org>
The intention of 967b6be118 ("ar8327: Add workarounds for AR8337
switch") was to remove the register fixups for AR8337. But instead they
were removed for AR8327.
The RGMII RX delay is forced even if the port is used as phy instead of
mac, which results in no package flow at least for one board.
Fixes: FS#1664
Signed-off-by: Mathias Kresin <dev@kresin.me>
The following patch was integrated upstream:
* target/linux/generic/backport-4.9/500-ext4-fix-check-to-prevent-initializing-reserved-inod.patch
This fixes tries to work around the following security problems:
* CVE-2018-3620 L1 Terminal Fault OS, SMM related aspects
* CVE-2018-3646 L1 Terminal Fault Virtualization related aspects
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This commit adds the ability to configure specific functions of the
at803x series ethernet-PHYs, which were previously configured
exclusively with the help of platform-data, via device-tree.
This is needed to fully support existing boards of the ar71xx platform.
Signed-off-by: David Bauer <mail@david-bauer.net>
Backport an upstream fix for a remotely exploitable TCP denial of service
flaw in Linux 4.9+.
The fixes are included in Linux 4.14.59 and later but did not yet end up in
version 4.9.118.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Jonas Gorski commented on the previous patch:
|This is actually the wrong fix and papers over an issue in one of our
|local patches.
|
|We intentionally allow regmap to be built as a module, see
|
|/target/linux/generic/hack-4.14/259-regmap_dynamic.patch
|[...]
|[The regulator code] optionally supports regmap thanks to the stubs
|provided if regmap is disabled - which breaks if you compile regmap
|as a module.
In order to mitigate this issue, this patch reverts the previous patch
and replaces the existing IS_ENABLED(CONFIG_REGMAP) with
IS_REACHABLE(CONFIG_REGMAP). This solves this particular issue as the
regulator code will now automatically fallback to the regmap stubs in
case the kmod-regmap module is enabled, but nothing else sets
CONFIG_REGMAP=y.
Note: There's still a potential issue that this patch doesn't solve:
If someone ever wants to make a OpenWrt kernel package for a
regulator module that requires the REGMAP feature for a target that
doesn't set CONFIG_REGMAP=y but has CONFIG_REGULATOR=y, the resulting
kmod-regulator-xyz package will not work on the target.
Luckily, there aren't any in-tree OpenWrt kernel module packages for
regulators at the moment. On the bright side: regmap is a critical
part nowadays and all new and upcoming architectures require it by
default. This will likely only ever be a problem for legacy targets
and devices that cannot afford to enable REGMAP.
Cc: Jonas Gorski <jonas.gorski@gmail.com>
Cc: John Crispin <john@phrozen.org>
Fixes: d00913d121 ("kernel: modules: fix kmod-regmap")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Refreshed all patches
Remove upstreamed patches.
- 103-MIPS-ath79-fix-register-address-in-ath79_ddr_wb_flus.patch
- 403-mtd_fix_cfi_cmdset_0002_status_check.patch
- 001-4.11-01-mtd-m25p80-consider-max-message-size-in-m25p80_read.patch
- 001-4.15-08-bcm63xx_enet-correct-clock-usage.patch
- 001-4.15-09-bcm63xx_enet-do-not-write-to-random-DMA-channel-on-B.patch
- 900-gen_stats-fix-netlink-stats-padding.patch
Introduce a new backported patch to address ext4 breakage, introduced in 4.9.112
- backport-4.9/500-ext4-fix-check-to-prevent-initializing-reserved-inod.patch
This patch has been slightly altered to compensate for a new helper function
introduced in later kernels.
Also add ARM64_SSBD symbol to ARM64 targets still running kernel 4.9
Compile-tested on: ar71xx, bcm2710
Runtime-tested on: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
AT803X_REG_CHIP_CONFIG and AT803X_BT_BX_REG_SEL have been defined
upstream by commit f62265b53ef3 ("at803x: double check SGMII side autoneg")
An existing local patch then added those exact same defines again which
isn't necessary, so remove them.
Fixes: f791fb4af4 ("kernel: add linux 4.9 support")
Fixes: b3f95490b9 ("kernel: generic: Add kernel 4.14 support")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The patch was wrongly removed by a kernel version bump to 4.9.105 in
the believe that it was merged upstream thow it wasn't. This lead to
unrecoverable link losses on devices which use those PHYs such as
many ubnt single-port CPEs.
Fixes: 7dca1bae82 (kernel: bump to 4.9.105)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The previous round of fixes for the 82574 chip cause an issue with
emulated e1000e devices in VMware ESXi 6.5. It also contains changes
that are not strictly necessary. These patches fix the issues introduced
in the previous series, revert the unnecessary changes to avoid
unforeseen fallout, and avoid a case where interrupts can be missed.
The final two patches of this series are already in the kernel, so no
need to include them here.
Patchwork: https://patchwork.ozlabs.org/cover/881776/
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
This changes the DT binding's compatible property to
"ecoscentric,redboot-fis-partitions", removing the existing reference to
Red Hat.
Per the documentation hosted at eCosCentric's website, eCosCentric is
RedBoot's sole commercial maintainer since 2002, and the project has
been under the stewardship of the Free Software Foundation since 2008.
This also updates the property in the Inventel Livebox 1 .dts, the
binding's only current user.
Signed-off-by: Matt Merhar <mattmerhar@protonmail.com>
This fixes:
drivers/mtd/redboot.c:299:34: error: array type has incomplete element type 'struct of_device_id'
Fixes: 5e8b4be531 ("kernel: add DT binding support to the mtd redboot parser")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
In boards with fdt is impossible to use kmod-w1-gpio-custom.
w1-gpio-custom create platform structure for w1-gpio module,
but if board use fdt, data is ignored in w1-gpio probe.
This workaround fix the problem.
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
This is a new & warm feature that allows nesting partiitons in DT and
mixing their types (e.g. static vs. dynamic). It's very useful for
boards that have most partitions static but some of them require extra
parsing (e.g. a "firmware" partition).
It's required to successfully backport support for new devices using
that new syntax in their DT files.
Since brcm63xx has a custom alternative patch the upstream one is being
reverted for it. The plan is to make brcm63xx use the upstream
implementation.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
With a10a204aab ("kernel: make ubi auto-attach check for a tar file
magic") the check for the magic was added without considering a failing
mtd_read(). If the read fails, no check is done and the mount code is
called straight away.
Failing with an error message for such cases seems to me the cleaner way,
as it would allow to spot hidden/workaround issues.
Signed-off-by: Mathias Kresin <dev@kresin.me>
The first block(s) of the ubi mtd device might be bad. We need to take
care on our own to skip the bad block(s) and read the next one(s).
Don't treat recoverable read errors as fatal and check for the UBI magic
if the data of a block could be recovered using ECC or similar.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Move the put_mtd_device() called on multiple error conditions to a goto
label to use it later for more error conditions.
The early return on failed open of the mtd device and mismatching mtd
type allows to get rid of one level of indentation. By jumping to the
cleanup code, a refcount bug is fixed for the wrong flash type condition.
While at it, make clear that we only check for the UBI magic if the read
from flash was successful.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Extend the small_flash feature to disable swap, core dumps, and
kernel debug info, and change the squashfs block size to 1024KiB.
Also change squashfs fragment cache to 2 for small_flash to ease memory
usage.
Signed-off-by: Alex Maclean <monkeh@monkeh.net>
Add a new config option to allow to select the default compile
optimization level for the kernel.
Select the optimization for size by default if the small_flash feature is
set. Otherwise "Optimize for performance" is set.
Add the small_flash feature flag to all (sub)targets which had the
optimization for size in their default kernel config.
Remove CC_OPTIMIZE_FOR_* symbols from all kernel configs to apply the new
setting.
Exceptions to the above are:
- lantiq, where the optimization for size is only required for the
xway_legacy subtarget but was set for the whole target
- mediatek, ramips/mt7620 & ramips/mt76x8 where boards should have
plenty of space and an optimization for size doesn't make much sense
- rb532, which has 128MByte flash
Signed-off-by: Mathias Kresin <dev@kresin.me>
Newer kernels have a patch that implements compatible functionality
directly. Adjust the attribute of our own patch in preparation for
dropping it later
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Rereshed all patches
Reworked patches to match upstream:
335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch
Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Partition name is picked by a parser_trx_data_part_name(). It has to
get correct partition offset (taking care of bad blocks) to work
properly.
This fixes UBI support for devices that have kernel flashed on partition
with a bad block.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
CONFIG_USB_MTU3 is not visible for the mediatek target by default, but
only when CONFIG_USB_GADGET is set. This will config option will be
remove with when running "make kernel_oldconfig", move this option to
the generic config to prevent this.
This fixes the build of the mt7623 subtarget of the mediatek target.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
