Commit Graph

161 Commits

Author SHA1 Message Date
Felix Fietkau
5fcafa319d generic: Fix per interface nf_call_iptables setting
commit r30917 ("kernel: bypass all netfilter hooks if the sysctls for that
functionality have been disabled - eliminates the overhead of enabling
CONFIG_BRIDGE_NETFILTER in the kernel config") introduced an optimization
which should reduce/eliminate the overhead for traffic send over bridges on
kernels compiled with CONFIG_BRIDGE_NETFILTER=y. But this optimization
breaks the nf_call_iptables per bridge setting which is more fine grained
than the global sysctl net.bridge.bridge-nf-call-iptables setting.

A test reflecting a real world setup was created to identify if this really
eliminates the overhead and if per-bridge nf_call_iptables could be used in
some setups to increase the throughput. A Qualcomm Atheros QCA9558 based
system with one ethernet and an ath9k wifi 3x3 in HT40 mode was used.
Cables from the AP to the wifi station were used to reduce interference
problems during the tests.

The wlan interface was put in one bridge interface called br-wlan. This
bridge usually contains some more wlan interfaces. The eth0 was put in a
second bridge called br-lan. This usually contains some other privileged
wlan or mesh interfaces. Routing was added between br-lan and br-wlan.

Three kernels were tested:

 * (default) OpenWrt kernel for this device
 * (brfilter-global) OpenWrt kernel with CONFIG_BRIDGE_NETFILTER=y
 * (brfilter-local)  OpenWrt kernel with CONFIG_BRIDGE_NETFILTER=y and
    without 644-bridge_optimize_netfilter_hooks.patch

The changes to the the netfilter settings of the bridge were done via:

 * (brfilter-global) /sbin/sysctl -w net.bridge.bridge-nf-call-iptables=1
 * (brfilter-lobal) echo 1 > /sys/class/net/br-lan/bridge/nf_call_iptables
   and/or echo 1 > /sys/class/net/br-wan/bridge/nf_call_iptables

A station connected to the wlan0 (AP) interface was used to send traffic to
a PC connected via ethernet. iperf with 3 concurrent transmissions was used
to generate the traffic.

| kernel          | br-nf-* global | nf-call* iface | download | upload   |
|-----------------|----------------|----------------|----------|----------|
| default         | 0              | -              |      209 |      268 |
| brfilter-global | 0              | -              |      185 |      243 |
| brfilter-local  | 0              | -              |      187 |      243 |
| brfilter-local  | 0              | br-lan         |      157 |      226 |
| brfilter-local  | 0              | br-lan br-wlan |      139 |      161 |
| brfilter-global | 1              | -              |      136 |      162 |

Download/upload results in Mibit/s

It can be seen that the patch doesn't eliminate the overhead. It can also
be seen that the throughput of brfilter-global and brfilter-local with
disabled filtering is the roughly the same. Also the throughput for
brfilter-global and brfilter-local for enabled filtering on all bridges is
roughly the same.

But also the brfilter-local throughput is higher when only br-lan requires
the filtering. This setting would not be possible with
644-bridge_optimize_netfilter_hooks.patch applied and thus can only be
compared with brfilter-global and filtering enabled for all interfaces.

Signed-off-by: Sven Eckelmann <sven@open-mesh.com>

SVN-Revision: 46835
2015-09-09 18:40:15 +00:00
Rafał Miłecki
f0c747dee5 kernel: describe bridge patch "multicast to unicast"
It was initially added in r41367 by nbd.

SVN-Revision: 46828
2015-09-08 16:43:32 +00:00
Rafał Miłecki
b8c9d6b296 kernel: describe bridge patch "optimize netfilter hooks"
It was initially added in r30917 by nbd.

SVN-Revision: 46827
2015-09-08 16:43:21 +00:00
Rafał Miłecki
255d7ad8ba kernel: describe bridge patch "remove IPv6 depependency of bridge in 2.6.38+"
It was initially added in r27237 by jow as patch from Jonas.

SVN-Revision: 46826
2015-09-08 16:43:10 +00:00
Rafał Miłecki
f8a689d276 kernel: describe bridge patch "port isolate"
It was initially added in r25762 by nbd.

SVN-Revision: 46825
2015-09-08 16:43:04 +00:00
Rafał Miłecki
e77fae4cba kernel: describe bridge patch "always accept EAP"
It was initially added in r26015 by nbd.

SVN-Revision: 46824
2015-09-08 16:42:58 +00:00
Rafał Miłecki
c64214d465 kernel: describe bridge patch "no EAP forward"
It was initially added in r25095 by nbd.

SVN-Revision: 46823
2015-09-08 16:42:50 +00:00
Felix Fietkau
75744d133d kernel: restore 640-bridge_no_eap_forward.patch to its original form
It was corrupted in r38528. The most obvious symptom is repeated messages like this:

Tue Sep  8 08:25:18 2015 kern.warn kernel: [77141.972226] br-lan: received packet on wlan0 with own address as source address

Signed-off-by: Dmitry Ivanov <dima@ubnt.com>

SVN-Revision: 46821
2015-09-08 14:29:55 +00:00
Jonas Gorski
7d6cff4882 kernel: update 3.18 to 3.18.21
Changelog:
 * https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.21

Signed-off-by: Jonas Gorski <jogo@openwrt.org>

SVN-Revision: 46768
2015-09-02 10:18:15 +00:00
Felix Fietkau
2416e506f5 kernel: bridge, multicast-to-unicast: fix echoes on STA
Currently, multicast packets from an STA are sent to any according
multicast listener directly through the bridge multicast-to-unicast
feature. Unfortunately, so far this includes the originating STA, too,
resulting in multicast packets being echo'ed back to the originating STA
if it itself is a multicast listener for that group.

This behaviour breaks IPv6 duplicate address detection: An IPv6 Neighbor
Solicitation for IPv6 Duplicate Address Detection is being echo'ed back,
resulting in the host falsely detecting an address collision, which
makes the node unable to claim an IPv6 address and use IPv6 in general.

Mac80211 unfortunately only prevents the echoes for us for multicast
frames. For the multicast frames cast to a unicast destination we'll
need to take care of excluding the originator ourselves.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>

SVN-Revision: 46765
2015-09-02 09:23:59 +00:00
Felix Fietkau
ddf8858cea kernel: bridge, multicast-to-unicast: assign src after pskb_may_pull()
A call to pskb_may_pull() might reallocate skb->data. Therefore we
should only assign the src-pointer after any potential reallocations.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46721
2015-08-25 07:25:20 +00:00
Felix Fietkau
ea9963bb21 Revert "kernel: disable multicast-to-unicast translation for ipv6 neighbor solicitation (#17625)"
This reverts commit a080e8e1943156168913d0353a2e99d1151102aa.

It did not fix the problem but just hid some symptom. The real issue was
that IGMP/MLD report suppression was not considered for the
multicast-to-unicast feature. A recent netifd which isolates IGMP/MLD
reports between STAs by utilizing AP-isolation and bridge-hairpinning
should have fixed this.

It is perfectly fine to apply multicast-to-unicast to IPv6 Neighbor
Solicitations, too (once that feature is configured correctly).

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46720
2015-08-25 07:25:10 +00:00
Jonas Gorski
2190f090bb mvebu: kirkwood: fix ehci-orion probe if generic-phy isn't enabled
Properly treat -ENOSYS as no PHY, else ehci-orion won't work without
generic phy support.

Signed-off-by: Jonas Gorski <jogo@openwrt.org>

SVN-Revision: 46711
2015-08-23 13:35:03 +00:00
John Crispin
6856535e29 kernel: move linux, part-probe dt parsing in generic code
The "linux,part-probe" dts parsing is a pretty neat generic feature.
It has been posted to kernel.org and could easily be reused by all
targets.

This change moves the patch to the 3.18 and 4.1 generic folders, and
makes the feature available to all platforms who may want to use it.

Signed-off-by: Mathieu Olivari <mathieu@codeaurora.org>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 46654
2015-08-17 06:17:37 +00:00
Hauke Mehrtens
b1bd85c40e kernel: yaffs2: update to version from 2015-06-02
In addition to the update this also fixes compile problems with kernel 4.1.

This closes #20323.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 46609
2015-08-15 17:16:03 +00:00
Hauke Mehrtens
0b8643af4f kernel: update 3.18 to 3.18.20
Changelog:
 * https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.20

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 46570
2015-08-09 11:09:52 +00:00
Hauke Mehrtens
3dfacccf6f kernel: cdc_ncm: Add support for moving NDP to end of NCM frame
This patch was missing for kernel 4.0 and 4.1 in r46464. I also
replaced the version in OpenWrt with the version which went upstream
into the Linux mainline kernel.

This closes #20193 and #20192

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 46493
2015-07-25 13:41:21 +00:00
Jonas Gorski
71f2d6f865 kmod-regmap: make regmap-mmio user selectable
REGMAP_MMIO is a hidden symbol, so it cannot be directly selected. If nothing
selects it, it will fail the build with:

ERROR: module '/store/buildbot/slave/slave/rb532/build/build_dir/target-mipsel_mips32_musl-1.1.10/linux-rb532/linux-3.18.19/drivers/base/regmap/regmap-mmio.ko' is missing.
make[2]: *** [/store/buildbot/slave/slave/rb532/build/bin/rb532/packages/base/kmod-regmap_3.18.19-1_rb532.ipk] Error 1

Fix this by adding a description to allow selecting it manually.

Fixes: r46451 ("kmod-regmap: enable MMIO support")
Signed-off-by: Jonas Gorski <jogo@openwrt.org>

SVN-Revision: 46485
2015-07-25 09:55:32 +00:00
John Crispin
f1712c606c generic: cdc_ncm: Add support for moving NDP to end of NCM frame
NCM specs are not actually mandating a specific position in the frame for
the NDP (Network Datagram Pointer). However, some Huawei devices will
ignore our aggregates if it is not placed after the datagrams it points
to. Add support for doing just this, in a per-device configurable way.
While at it, update NCM subdrivers, disabling this functionality in all of
them, except in huawei_cdc_ncm where it is enabled instead.
We aren't making any distinction between different Huawei NCM devices,
based on what the vendor driver does. Standard NCM devices are left
unaffected: if they are compliant, they should be always usable, still
stay on the safe side.

This change has been tested and working with a Huawei E3131 device (which
works regardless of NDP position) and an E3372 device (which mandates NDP
to be after indexed datagrams).

Signed-off-by: Enrico Mioso <mrkiko.rs@gmail.com>
Signed-off-by: Matti Laakso <malaakso@elisanet.fi>

SVN-Revision: 46464
2015-07-24 09:10:47 +00:00
Felix Fietkau
473ddd592c kernel: fix sched_getaffinity on MIPS SMP systems (fixes enabling RPS/XPS in netifd with musl)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 46420
2015-07-18 22:49:39 +00:00
John Crispin
1b73796895 kernel: fix build with CONFIG_MTD unset
Fixed typo in the patch provided by Hauke:
https://lists.openwrt.org/pipermail/openwrt-devel/2015-July/034274.html

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>

SVN-Revision: 46346
2015-07-14 07:38:47 +00:00
Hauke Mehrtens
58b66cdd75 kernel: update 3.18 to 3.18.18
Changelog:
 * https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.18

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 46299
2015-07-11 19:58:44 +00:00
John Crispin
8f0e96ee11 mips: Free memory when load_module fails (#14453)
The mips reloc patch introduced new allocations which were done before
add_unformed_module but never freed them in case of an error. A new hook in
Linux 3.19 called module_arch_freeing_init can be used for freeing memory
which were allocated during this init phase.

The problem can be seen when trying to load a module (via busybox insmod)
when it was already loaded.

    free -m
    for i in `seq 1 100`; do
        /sbin/insmod /lib/modules/*/ath9k.ko >& /dev/null
    done
    free -m

This simple loop would leak ~3.2 MB.

Signed-off-by: Sven Eckelmann <sven@open-mesh.com>

SVN-Revision: 46247
2015-07-07 13:48:27 +00:00
John Crispin
8fa677d7b0 generic: mtd backport for Spansion S25FL164K
Backport for the Spansion S25FL164K
It's a 8 MiB flash chip with 4 KiB erase sectors.

Signed-off-by: L. D. Pinney <ldpinney@gmail.com>

SVN-Revision: 46237
2015-07-07 13:47:08 +00:00
John Crispin
b9463ce786 generic: Allow configuring an increment with mtd-mac-address
This is useful if the device also has an ethernet WAN interface with a
separate mac address (that is derived from the LAN mac address).

Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>

SVN-Revision: 46220
2015-07-07 13:44:27 +00:00
Jonas Gorski
fa401693d9 kernel: improve uapi headers coexistence with musl
Make some network uapi headers detect if they are included after
not only glibc but also musl headers.

Signed-off-by: Jonas Gorski <jogo@openwrt.org>

SVN-Revision: 46161
2015-07-03 11:48:45 +00:00
Jonas Gorski
901a7fa067 kernel: update 3.18 to 3.18.17
Changelog:
* https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.17

Signed-off-by: Jonas Gorski <jogo@openwrt.org>

SVN-Revision: 46150
2015-06-30 23:26:09 +00:00
Rafał Miłecki
51042bc517 kernel: make USB_XHCI_PLATFORM selectable
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 46079
2015-06-21 10:18:24 +00:00
Jonas Gorski
9a59b350b7 kernel: update 3.18 to 3.18.16
Changelogs:

* https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.15
* https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.16

Signed-off-by: Jonas Gorski <jogo@openwrt.org>

SVN-Revision: 46011
2015-06-17 09:54:55 +00:00
Rafał Miłecki
a1340b5cce kernel: backport config-related bcma patches from 4.2
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 45927
2015-06-08 12:49:54 +00:00
Felix Fietkau
5a64d5337b kernel: adjust mips highmem offset to avoid the need for -mlong-calls on systems with >256M RAM
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45891
2015-06-05 08:07:35 +00:00
Rafał Miłecki
6bc9e00e94 kernel: backport ssb fix for WRT350N v1 (BCM4705) reboots
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 45865
2015-06-01 06:11:26 +00:00
John Crispin
50da78705a kernel: upstream fix: mount overlayfs r/o if workdir cannot be created
move the patch to the proper folder

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 45848
2015-05-30 13:16:23 +00:00
Felix Fietkau
388404764d kernel: bridge: backport two snooping related patches
With this patch the following two patches are backported:

* bridge: fix parsing of MLDv2 reports
* bridge: allow setting hash_max + multicast_router if interface is down

The former one is an important fix which got just applied to the net-tree
and is queued for stable. The latter is a patch which is needed to make
the hash_max and multicast_router attributes configurable through
netifd.

Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>

SVN-Revision: 45783
2015-05-27 15:20:04 +00:00
Jonas Gorski
76d079204d kernel: update 3.18 to 3.18.14
Changelogs:

* https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.12
* https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.13
* https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.14

Build tested on brcm63xx and ipq806x, runtested on brcm63xx.

Signed-off-by: Jonas Gorski <jogo@openwrt.org>

SVN-Revision: 45711
2015-05-21 19:32:46 +00:00
Steven Barth
1296956908 linux: backport IPv6 SAS fixes for source-specific routes
Signed-off-by: Steven Barth <steven@midlink.org>

SVN-Revision: 45699
2015-05-19 07:43:59 +00:00
Rafał Miłecki
260383aeb1 kernel: backport struct ssb_sprom changes submitted by MIPS tree
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 45677
2015-05-13 07:52:43 +00:00
Felix Fietkau
ac0e2479dc mtd: remove the warning about read-only caused by size vs. block boundary mismatch
Since the kernel/rootfs split handling was modified 2 years ago by r37283 (
https://dev.openwrt.org/changeset/37283 ) and by the subsequent checkins,
users have seen rather scary mtd errors in the log at every boot. The message
ends "-- forcing read-only", which looks a bit error-like. That error has
been mentioned in some forum threads, when users have noticed this message
instead of some actual error.

[    2.940000] 0x000000070000-0x000000ff0000 : "firmware"
[    2.970000] 2 netgear-fw partitions found on MTD device firmware
[    2.970000] 0x000000070000-0x000000188440 : "kernel"
[    2.980000] mtd: partition "kernel" must either start or end on erase
block boundary or be smaller than an erase block -- forcing read-only
[    2.990000] 0x000000188440-0x000000ff0000 : "rootfs"

The patch removes the rather useless warning message.

signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>

SVN-Revision: 45669
2015-05-10 16:09:58 +00:00
Felix Fietkau
9ebb99cb98 kernel: fix regression in backtrace module info change (#19631)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45665
2015-05-10 13:16:40 +00:00
Felix Fietkau
53827cdc82 kernel: when KALLSYMS is disabled, print module address + size for matching backtrace entries
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45655
2015-05-10 00:02:18 +00:00
Felix Fietkau
a13783f8c3 kernel: fix pppoe disconnect issues
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45653
2015-05-09 21:14:41 +00:00
Rafał Miłecki
3a6cdac37c kernel: backport first bcma patches from 4.2
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>

SVN-Revision: 45652
2015-05-09 17:38:48 +00:00
Felix Fietkau
dbb99e937a kernel: add accidentally left out fib trie backport patch
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45650
2015-05-08 21:46:51 +00:00
Luka Perkov
3209b13b3f generic: refresh patches
Signed-off-by: Luka Perkov <luka@openwrt.org>

SVN-Revision: 45648
2015-05-08 20:12:42 +00:00
Felix Fietkau
333579e527 kernel: backport upstream usbnet fix (fixes #19455)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45621
2015-05-06 10:19:22 +00:00
Imre Kaloz
f86c07d8d4 The ability to read MAC addresses from MTD is useful for other targets besides ramips and lantiq as well.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>

SVN-Revision: 45596
2015-05-03 17:56:32 +00:00
Felix Fietkau
51d0476ab0 kernel: implement RENAME_EXCHANGE support for jffs2 - overlayfs requires it
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45580
2015-04-25 10:47:18 +00:00
Felix Fietkau
23f9c83594 kernel: backport an upstream PPPoE shutdown fix
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45548
2015-04-21 11:24:46 +00:00
Jonas Gorski
0dfba24e9a kernel: refresh generic patches
Refresh patches to remove the trailing whitespaces caused by an old
diffutils version on osx.

Signed-off-by: Jonas Gorski <jogo@openwrt.org>

SVN-Revision: 45506
2015-04-19 11:38:46 +00:00
Felix Fietkau
582b20c4e2 kernel: accidentally committed a few patches in the wrong place, move them
Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45468
2015-04-16 20:43:11 +00:00