From ad9ad200da9c40181093368c034fed99ad883ee8 Mon Sep 17 00:00:00 2001 From: RISCi_ATOM Date: Sun, 26 Jun 2022 23:08:44 -0400 Subject: [PATCH] kernel: bump to 4.14.284 --- include/kernel-version.mk | 4 +- ...mtd_fix_cfi_cmdset_0002_status_check.patch | 62 -------------- ...mtd_fix_cfi_cmdset_0002_status_check.patch | 62 -------------- .../910-unaligned_access_hacks.patch | 12 +-- ...tcp-allow-drivers-to-tweak-TSQ-logic.patch | 4 +- ...ption-fix-dwm-158-3g-modem-interface.patch | 2 +- ...ridge-add-support-for-port-isolation.patch | 2 +- ...les-remove-multihook-chains-and-fami.patch | 10 +-- ...bles-add-flow-table-netlink-frontend.patch | 24 +++--- ...les-remove-nhooks-field-from-struct-.patch | 2 +- ...les-fix-a-typo-in-nf_tables_getflowt.patch | 2 +- ...les-no-need-for-struct-nft_af_info-t.patch | 4 +- ...les-fix-potential-NULL-ptr-deref-in-.patch | 2 +- ...les-add-single-table-list-for-all-fa.patch | 76 ++++++++--------- ...tfilter-exit_net-cleanup-check-added.patch | 4 +- ...nf_tables-get-rid-of-pernet-families.patch | 10 +-- ...les-get-rid-of-struct-nft_af_info-ab.patch | 82 +++++++++---------- ...ow_offload-wait-for-garbage-collecto.patch | 2 +- ...tfilter-nf_tables-fix-flowtable-free.patch | 2 +- ...les-allocate-handle-and-delete-objec.patch | 32 ++++---- ...w_table-move-init-code-to-nf_flow_ta.patch | 4 +- ...w_table-fix-priv-pointer-for-netdev-.patch | 2 +- ...w_table-track-flow-tables-in-nf_flow.patch | 2 +- .../generic/hack-4.14/204-module_strip.patch | 12 +-- .../640-bridge-only-accept-EAP-locally.patch | 2 +- ...ge_allow_receiption_on_disabled_port.patch | 4 +- ...mtd-cfi_cmdset_0002-no-erase_suspend.patch | 2 +- ...et_0002-add-buffer-write-cmd-timeout.patch | 2 +- ...w_table-add-hardware-offload-support.patch | 6 +- ...eeprom-ethtool-access-into-netdev-co.patch | 2 +- ...fp-use-netdev-sfp_bus-for-start-stop.patch | 4 +- 31 files changed, 159 insertions(+), 283 deletions(-) delete mode 100644 target/linux/ar71xx/patches-4.14/403-mtd_fix_cfi_cmdset_0002_status_check.patch delete mode 100644 target/linux/ath79/patches-4.14/403-mtd_fix_cfi_cmdset_0002_status_check.patch diff --git a/include/kernel-version.mk b/include/kernel-version.mk index a9d8c9f222..aafe6fbd51 100644 --- a/include/kernel-version.mk +++ b/include/kernel-version.mk @@ -6,10 +6,10 @@ ifdef CONFIG_TESTING_KERNEL KERNEL_PATCHVER:=$(KERNEL_TESTING_PATCHVER) endif -LINUX_VERSION-4.14 = .277 +LINUX_VERSION-4.14 = .284 LIBRE_REV = 1 -LINUX_KERNEL_HASH-4.14.277 = ac30da45c8d810f8f812fc8b6cdcd11042751bad91563467f3af0e114653fffa +LINUX_KERNEL_HASH-4.14.284 = a88b32c80b44d2e316061ded33154fbbfdf5a5979ae0318c08e53d352d336a03 remove_uri_prefix=$(subst git://,,$(subst http://,,$(subst https://,,$(1)))) sanitize_uri=$(call qstrip,$(subst @,_,$(subst :,_,$(subst .,_,$(subst -,_,$(subst /,_,$(1))))))) diff --git a/target/linux/ar71xx/patches-4.14/403-mtd_fix_cfi_cmdset_0002_status_check.patch b/target/linux/ar71xx/patches-4.14/403-mtd_fix_cfi_cmdset_0002_status_check.patch deleted file mode 100644 index 1a295fa11d..0000000000 --- a/target/linux/ar71xx/patches-4.14/403-mtd_fix_cfi_cmdset_0002_status_check.patch +++ /dev/null @@ -1,62 +0,0 @@ ---- a/drivers/mtd/chips/cfi_cmdset_0002.c -+++ b/drivers/mtd/chips/cfi_cmdset_0002.c -@@ -1640,7 +1640,7 @@ static int __xipram do_write_oneword(str - } - - if (chip_good(map, adr, datum)) -- break; -+ goto enable_xip; - - /* Latency issues. Drop the lock, wait a while and retry */ - UDELAY(map, chip, adr, 1); -@@ -1657,6 +1657,8 @@ static int __xipram do_write_oneword(str - goto retry; - } - } -+ -+ enable_xip: - xip_enable(map, chip, adr); - op_done: - if (mode == FL_OTP_WRITE) -@@ -2239,7 +2241,6 @@ static int cfi_amdstd_panic_write(struct - return 0; - } - -- - /* - * Handle devices with one erase region, that only implement - * the chip erase command. -@@ -2307,7 +2308,7 @@ static int __xipram do_erase_chip(struct - } - - if (chip_good(map, adr, map_word_ff(map))) -- break; -+ goto op_done; - - if (time_after(jiffies, timeo)) { - printk(KERN_WARNING "MTD %s(): software timeout\n", -@@ -2331,6 +2332,7 @@ static int __xipram do_erase_chip(struct - } - } - -+ op_done: - chip->state = FL_READY; - xip_enable(map, chip, adr); - DISABLE_VPP(map); -@@ -2404,7 +2406,7 @@ static int __xipram do_erase_oneblock(st - - if (chip_good(map, adr, map_word_ff(map))) { - xip_enable(map, chip, adr); -- break; -+ goto op_done; - } - - if (time_after(jiffies, timeo)) { -@@ -2430,6 +2432,7 @@ static int __xipram do_erase_oneblock(st - } - } - -+ op_done: - chip->state = FL_READY; - DISABLE_VPP(map); - put_chip(map, chip, adr); diff --git a/target/linux/ath79/patches-4.14/403-mtd_fix_cfi_cmdset_0002_status_check.patch b/target/linux/ath79/patches-4.14/403-mtd_fix_cfi_cmdset_0002_status_check.patch deleted file mode 100644 index 1a295fa11d..0000000000 --- a/target/linux/ath79/patches-4.14/403-mtd_fix_cfi_cmdset_0002_status_check.patch +++ /dev/null @@ -1,62 +0,0 @@ ---- a/drivers/mtd/chips/cfi_cmdset_0002.c -+++ b/drivers/mtd/chips/cfi_cmdset_0002.c -@@ -1640,7 +1640,7 @@ static int __xipram do_write_oneword(str - } - - if (chip_good(map, adr, datum)) -- break; -+ goto enable_xip; - - /* Latency issues. Drop the lock, wait a while and retry */ - UDELAY(map, chip, adr, 1); -@@ -1657,6 +1657,8 @@ static int __xipram do_write_oneword(str - goto retry; - } - } -+ -+ enable_xip: - xip_enable(map, chip, adr); - op_done: - if (mode == FL_OTP_WRITE) -@@ -2239,7 +2241,6 @@ static int cfi_amdstd_panic_write(struct - return 0; - } - -- - /* - * Handle devices with one erase region, that only implement - * the chip erase command. -@@ -2307,7 +2308,7 @@ static int __xipram do_erase_chip(struct - } - - if (chip_good(map, adr, map_word_ff(map))) -- break; -+ goto op_done; - - if (time_after(jiffies, timeo)) { - printk(KERN_WARNING "MTD %s(): software timeout\n", -@@ -2331,6 +2332,7 @@ static int __xipram do_erase_chip(struct - } - } - -+ op_done: - chip->state = FL_READY; - xip_enable(map, chip, adr); - DISABLE_VPP(map); -@@ -2404,7 +2406,7 @@ static int __xipram do_erase_oneblock(st - - if (chip_good(map, adr, map_word_ff(map))) { - xip_enable(map, chip, adr); -- break; -+ goto op_done; - } - - if (time_after(jiffies, timeo)) { -@@ -2430,6 +2432,7 @@ static int __xipram do_erase_oneblock(st - } - } - -+ op_done: - chip->state = FL_READY; - DISABLE_VPP(map); - put_chip(map, chip, adr); diff --git a/target/linux/ath79/patches-4.14/910-unaligned_access_hacks.patch b/target/linux/ath79/patches-4.14/910-unaligned_access_hacks.patch index 6bcf4af3b5..bc6d48fd89 100644 --- a/target/linux/ath79/patches-4.14/910-unaligned_access_hacks.patch +++ b/target/linux/ath79/patches-4.14/910-unaligned_access_hacks.patch @@ -327,7 +327,7 @@ return neigh_create(&arp_tbl, pkey, dev); --- a/net/ipv4/tcp_output.c +++ b/net/ipv4/tcp_output.c -@@ -454,48 +454,53 @@ static void tcp_options_write(__be32 *pt +@@ -455,48 +455,53 @@ static void tcp_options_write(__be32 *pt u16 options = opts->options; /* mungable copy */ if (unlikely(OPTION_MD5 & options)) { @@ -404,7 +404,7 @@ } if (unlikely(opts->num_sack_blocks)) { -@@ -503,16 +508,17 @@ static void tcp_options_write(__be32 *pt +@@ -504,16 +509,17 @@ static void tcp_options_write(__be32 *pt tp->duplicate_sack : tp->selective_acks; int this_sack; @@ -428,7 +428,7 @@ } tp->rx_opt.dsack = 0; -@@ -525,13 +531,14 @@ static void tcp_options_write(__be32 *pt +@@ -526,13 +532,14 @@ static void tcp_options_write(__be32 *pt if (foc->exp) { len = TCPOLEN_EXP_FASTOPEN_BASE + foc->len; @@ -687,8 +687,8 @@ #include +#include - u32 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport); - u32 secure_ipv6_port_ephemeral(const __be32 *saddr, const __be32 *daddr, + u64 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport); + u64 secure_ipv6_port_ephemeral(const __be32 *saddr, const __be32 *daddr, --- a/include/uapi/linux/in.h +++ b/include/uapi/linux/in.h @@ -84,7 +84,7 @@ enum { @@ -737,7 +737,7 @@ EXPORT_SYMBOL(xfrm_parse_spi); --- a/net/ipv4/tcp_input.c +++ b/net/ipv4/tcp_input.c -@@ -3881,14 +3881,16 @@ static bool tcp_parse_aligned_timestamp( +@@ -3884,14 +3884,16 @@ static bool tcp_parse_aligned_timestamp( { const __be32 *ptr = (const __be32 *)(th + 1); diff --git a/target/linux/generic/backport-4.14/025-tcp-allow-drivers-to-tweak-TSQ-logic.patch b/target/linux/generic/backport-4.14/025-tcp-allow-drivers-to-tweak-TSQ-logic.patch index 82afb03d29..d77ce8ce60 100644 --- a/target/linux/generic/backport-4.14/025-tcp-allow-drivers-to-tweak-TSQ-logic.patch +++ b/target/linux/generic/backport-4.14/025-tcp-allow-drivers-to-tweak-TSQ-logic.patch @@ -65,7 +65,7 @@ Cc: Kir Kolyshkin * Before updating sk_refcnt, we must commit prior changes to memory --- a/net/ipv4/tcp_output.c +++ b/net/ipv4/tcp_output.c -@@ -1701,7 +1701,7 @@ u32 tcp_tso_autosize(const struct sock * +@@ -1702,7 +1702,7 @@ u32 tcp_tso_autosize(const struct sock * { u32 bytes, segs; @@ -74,7 +74,7 @@ Cc: Kir Kolyshkin sk->sk_gso_max_size - 1 - MAX_TCP_HEADER); /* Goal is to send at least one packet per ms, -@@ -2219,7 +2219,7 @@ static bool tcp_small_queue_check(struct +@@ -2220,7 +2220,7 @@ static bool tcp_small_queue_check(struct { unsigned int limit; diff --git a/target/linux/generic/backport-4.14/030-USB-serial-option-fix-dwm-158-3g-modem-interface.patch b/target/linux/generic/backport-4.14/030-USB-serial-option-fix-dwm-158-3g-modem-interface.patch index 0470f7578e..64cc75bd2c 100644 --- a/target/linux/generic/backport-4.14/030-USB-serial-option-fix-dwm-158-3g-modem-interface.patch +++ b/target/linux/generic/backport-4.14/030-USB-serial-option-fix-dwm-158-3g-modem-interface.patch @@ -30,7 +30,7 @@ Signed-off-by: Johan Hovold --- a/drivers/usb/serial/option.c +++ b/drivers/usb/serial/option.c -@@ -2072,7 +2072,8 @@ static const struct usb_device_id option +@@ -2086,7 +2086,8 @@ static const struct usb_device_id option { USB_DEVICE_INTERFACE_CLASS(0x2001, 0x7d01, 0xff) }, /* D-Link DWM-156 (variant) */ { USB_DEVICE_INTERFACE_CLASS(0x2001, 0x7d02, 0xff) }, { USB_DEVICE_INTERFACE_CLASS(0x2001, 0x7d03, 0xff) }, diff --git a/target/linux/generic/backport-4.14/090-net-bridge-add-support-for-port-isolation.patch b/target/linux/generic/backport-4.14/090-net-bridge-add-support-for-port-isolation.patch index 483881f35d..a4fbc9c547 100644 --- a/target/linux/generic/backport-4.14/090-net-bridge-add-support-for-port-isolation.patch +++ b/target/linux/generic/backport-4.14/090-net-bridge-add-support-for-port-isolation.patch @@ -42,7 +42,7 @@ Signed-off-by: David S. Miller int br_dev_queue_push_xmit(struct net *net, struct sock *sk, struct sk_buff *skb) --- a/net/bridge/br_input.c +++ b/net/bridge/br_input.c -@@ -170,6 +170,7 @@ int br_handle_frame_finish(struct net *n +@@ -177,6 +177,7 @@ int br_handle_frame_finish(struct net *n goto drop; BR_INPUT_SKB_CB(skb)->brdev = br->dev; diff --git a/target/linux/generic/backport-4.14/303-v4.16-netfilter-nf_tables-remove-multihook-chains-and-fami.patch b/target/linux/generic/backport-4.14/303-v4.16-netfilter-nf_tables-remove-multihook-chains-and-fami.patch index 3bcdc2774a..bd8a0aa6da 100644 --- a/target/linux/generic/backport-4.14/303-v4.16-netfilter-nf_tables-remove-multihook-chains-and-fami.patch +++ b/target/linux/generic/backport-4.14/303-v4.16-netfilter-nf_tables-remove-multihook-chains-and-fami.patch @@ -264,7 +264,7 @@ Signed-off-by: Pablo Neira Ayuso } nft_chain_release_hook(&hook); } -@@ -5163,10 +5151,9 @@ static int nf_tables_commit(struct net * +@@ -5167,10 +5155,9 @@ static int nf_tables_commit(struct net * case NFT_MSG_DELCHAIN: list_del_rcu(&trans->ctx.chain->list); nf_tables_chain_notify(&trans->ctx, NFT_MSG_DELCHAIN); @@ -278,7 +278,7 @@ Signed-off-by: Pablo Neira Ayuso break; case NFT_MSG_NEWRULE: nft_clear(trans->ctx.net, nft_trans_rule(trans)); -@@ -5303,10 +5290,9 @@ static int nf_tables_abort(struct net *n +@@ -5307,10 +5294,9 @@ static int nf_tables_abort(struct net *n } else { trans->ctx.table->use--; list_del_rcu(&trans->ctx.chain->list); @@ -292,7 +292,7 @@ Signed-off-by: Pablo Neira Ayuso } break; case NFT_MSG_DELCHAIN: -@@ -5409,7 +5395,7 @@ int nft_chain_validate_hooks(const struc +@@ -5413,7 +5399,7 @@ int nft_chain_validate_hooks(const struc if (nft_is_base_chain(chain)) { basechain = nft_base_chain(chain); @@ -301,7 +301,7 @@ Signed-off-by: Pablo Neira Ayuso return 0; return -EOPNOTSUPP; -@@ -5891,8 +5877,7 @@ int __nft_release_basechain(struct nft_c +@@ -5895,8 +5881,7 @@ int __nft_release_basechain(struct nft_c BUG_ON(!nft_is_base_chain(ctx->chain)); @@ -311,7 +311,7 @@ Signed-off-by: Pablo Neira Ayuso list_for_each_entry_safe(rule, nr, &ctx->chain->rules, list) { list_del(&rule->list); ctx->chain->use--; -@@ -5921,8 +5906,7 @@ static void __nft_release_afinfo(struct +@@ -5925,8 +5910,7 @@ static void __nft_release_afinfo(struct list_for_each_entry_safe(table, nt, &afi->tables, list) { list_for_each_entry(chain, &table->chains, list) diff --git a/target/linux/generic/backport-4.14/321-v4.16-netfilter-nf_tables-add-flow-table-netlink-frontend.patch b/target/linux/generic/backport-4.14/321-v4.16-netfilter-nf_tables-add-flow-table-netlink-frontend.patch index f0c17ca56e..ffbb16a2e8 100644 --- a/target/linux/generic/backport-4.14/321-v4.16-netfilter-nf_tables-add-flow-table-netlink-frontend.patch +++ b/target/linux/generic/backport-4.14/321-v4.16-netfilter-nf_tables-add-flow-table-netlink-frontend.patch @@ -292,7 +292,7 @@ Signed-off-by: Pablo Neira Ayuso list_for_each_entry_safe(obj, ne, &ctx->table->objects, list) { err = nft_delobj(ctx, obj); if (err < 0) -@@ -4863,6 +4907,605 @@ static void nf_tables_obj_notify(const s +@@ -4867,6 +4911,605 @@ static void nf_tables_obj_notify(const s ctx->afi->family, ctx->report, GFP_KERNEL); } @@ -898,7 +898,7 @@ Signed-off-by: Pablo Neira Ayuso static int nf_tables_fill_gen_info(struct sk_buff *skb, struct net *net, u32 portid, u32 seq) { -@@ -4893,6 +5536,49 @@ nla_put_failure: +@@ -4897,6 +5540,49 @@ nla_put_failure: return -EMSGSIZE; } @@ -948,7 +948,7 @@ Signed-off-by: Pablo Neira Ayuso static void nf_tables_gen_notify(struct net *net, struct sk_buff *skb, int event) { -@@ -5045,6 +5731,21 @@ static const struct nfnl_callback nf_tab +@@ -5049,6 +5735,21 @@ static const struct nfnl_callback nf_tab .attr_count = NFTA_OBJ_MAX, .policy = nft_obj_policy, }, @@ -970,7 +970,7 @@ Signed-off-by: Pablo Neira Ayuso }; static void nft_chain_commit_update(struct nft_trans *trans) -@@ -5093,6 +5794,9 @@ static void nf_tables_commit_release(str +@@ -5097,6 +5798,9 @@ static void nf_tables_commit_release(str case NFT_MSG_DELOBJ: nft_obj_destroy(nft_trans_obj(trans)); break; @@ -980,7 +980,7 @@ Signed-off-by: Pablo Neira Ayuso } kfree(trans); } -@@ -5212,6 +5916,21 @@ static int nf_tables_commit(struct net * +@@ -5216,6 +5920,21 @@ static int nf_tables_commit(struct net * nf_tables_obj_notify(&trans->ctx, nft_trans_obj(trans), NFT_MSG_DELOBJ); break; @@ -1002,7 +1002,7 @@ Signed-off-by: Pablo Neira Ayuso } } -@@ -5249,6 +5968,9 @@ static void nf_tables_abort_release(stru +@@ -5253,6 +5972,9 @@ static void nf_tables_abort_release(stru case NFT_MSG_NEWOBJ: nft_obj_destroy(nft_trans_obj(trans)); break; @@ -1012,7 +1012,7 @@ Signed-off-by: Pablo Neira Ayuso } kfree(trans); } -@@ -5340,6 +6062,17 @@ static int nf_tables_abort(struct net *n +@@ -5344,6 +6066,17 @@ static int nf_tables_abort(struct net *n nft_clear(trans->ctx.net, nft_trans_obj(trans)); nft_trans_destroy(trans); break; @@ -1030,7 +1030,7 @@ Signed-off-by: Pablo Neira Ayuso } } -@@ -5890,6 +6623,7 @@ EXPORT_SYMBOL_GPL(__nft_release_basechai +@@ -5894,6 +6627,7 @@ EXPORT_SYMBOL_GPL(__nft_release_basechai /* Called by nft_unregister_afinfo() from __net_exit path, nfnl_lock is held. */ static void __nft_release_afinfo(struct net *net, struct nft_af_info *afi) { @@ -1038,7 +1038,7 @@ Signed-off-by: Pablo Neira Ayuso struct nft_table *table, *nt; struct nft_chain *chain, *nc; struct nft_object *obj, *ne; -@@ -5903,6 +6637,9 @@ static void __nft_release_afinfo(struct +@@ -5907,6 +6641,9 @@ static void __nft_release_afinfo(struct list_for_each_entry_safe(table, nt, &afi->tables, list) { list_for_each_entry(chain, &table->chains, list) nf_tables_unregister_hook(net, table, chain); @@ -1048,7 +1048,7 @@ Signed-off-by: Pablo Neira Ayuso /* No packets are walking on these chains anymore. */ ctx.table = table; list_for_each_entry(chain, &table->chains, list) { -@@ -5913,6 +6650,11 @@ static void __nft_release_afinfo(struct +@@ -5917,6 +6654,11 @@ static void __nft_release_afinfo(struct nf_tables_rule_release(&ctx, rule); } } @@ -1060,7 +1060,7 @@ Signed-off-by: Pablo Neira Ayuso list_for_each_entry_safe(set, ns, &table->sets, list) { list_del(&set->list); table->use--; -@@ -5956,6 +6698,8 @@ static int __init nf_tables_module_init( +@@ -5960,6 +6702,8 @@ static int __init nf_tables_module_init( if (err < 0) goto err3; @@ -1069,7 +1069,7 @@ Signed-off-by: Pablo Neira Ayuso pr_info("nf_tables: (c) 2007-2009 Patrick McHardy \n"); return register_pernet_subsys(&nf_tables_net_ops); err3: -@@ -5970,6 +6714,7 @@ static void __exit nf_tables_module_exit +@@ -5974,6 +6718,7 @@ static void __exit nf_tables_module_exit { unregister_pernet_subsys(&nf_tables_net_ops); nfnetlink_subsys_unregister(&nf_tables_subsys); diff --git a/target/linux/generic/backport-4.14/327-v4.16-netfilter-nf_tables-remove-nhooks-field-from-struct-.patch b/target/linux/generic/backport-4.14/327-v4.16-netfilter-nf_tables-remove-nhooks-field-from-struct-.patch index e328e9dccd..a9a07df0bb 100644 --- a/target/linux/generic/backport-4.14/327-v4.16-netfilter-nf_tables-remove-nhooks-field-from-struct-.patch +++ b/target/linux/generic/backport-4.14/327-v4.16-netfilter-nf_tables-remove-nhooks-field-from-struct-.patch @@ -82,7 +82,7 @@ Signed-off-by: Pablo Neira Ayuso hook->priority = ntohl(nla_get_be32(ha[NFTA_HOOK_PRIORITY])); type = chain_type[afi->family][NFT_CHAIN_T_DEFAULT]; -@@ -5015,7 +5012,7 @@ static int nf_tables_flowtable_parse_hoo +@@ -5019,7 +5016,7 @@ static int nf_tables_flowtable_parse_hoo return -EINVAL; hooknum = ntohl(nla_get_be32(tb[NFTA_FLOWTABLE_HOOK_NUM])); diff --git a/target/linux/generic/backport-4.14/328-v4.16-netfilter-nf_tables-fix-a-typo-in-nf_tables_getflowt.patch b/target/linux/generic/backport-4.14/328-v4.16-netfilter-nf_tables-fix-a-typo-in-nf_tables_getflowt.patch index 32398c7d78..697ae055e1 100644 --- a/target/linux/generic/backport-4.14/328-v4.16-netfilter-nf_tables-fix-a-typo-in-nf_tables_getflowt.patch +++ b/target/linux/generic/backport-4.14/328-v4.16-netfilter-nf_tables-fix-a-typo-in-nf_tables_getflowt.patch @@ -11,7 +11,7 @@ Signed-off-by: Pablo Neira Ayuso --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c -@@ -5439,7 +5439,7 @@ static int nf_tables_getflowtable(struct +@@ -5443,7 +5443,7 @@ static int nf_tables_getflowtable(struct flowtable = nf_tables_flowtable_lookup(table, nla[NFTA_FLOWTABLE_NAME], genmask); diff --git a/target/linux/generic/backport-4.14/331-v4.16-netfilter-nf_tables-no-need-for-struct-nft_af_info-t.patch b/target/linux/generic/backport-4.14/331-v4.16-netfilter-nf_tables-no-need-for-struct-nft_af_info-t.patch index 8ff1c7476f..121f7ed910 100644 --- a/target/linux/generic/backport-4.14/331-v4.16-netfilter-nf_tables-no-need-for-struct-nft_af_info-t.patch +++ b/target/linux/generic/backport-4.14/331-v4.16-netfilter-nf_tables-no-need-for-struct-nft_af_info-t.patch @@ -62,7 +62,7 @@ Signed-off-by: Pablo Neira Ayuso if (ret >= 0) { ctx->table->flags &= ~NFT_TABLE_F_DORMANT; nft_trans_table_enable(trans) = true; -@@ -5820,7 +5813,6 @@ static int nf_tables_commit(struct net * +@@ -5824,7 +5817,6 @@ static int nf_tables_commit(struct net * if (nft_trans_table_update(trans)) { if (!nft_trans_table_enable(trans)) { nf_tables_table_disable(net, @@ -70,7 +70,7 @@ Signed-off-by: Pablo Neira Ayuso trans->ctx.table); trans->ctx.table->flags |= NFT_TABLE_F_DORMANT; } -@@ -5984,7 +5976,6 @@ static int nf_tables_abort(struct net *n +@@ -5988,7 +5980,6 @@ static int nf_tables_abort(struct net *n if (nft_trans_table_update(trans)) { if (nft_trans_table_enable(trans)) { nf_tables_table_disable(net, diff --git a/target/linux/generic/backport-4.14/334-v4.15-netfilter-nf_tables-fix-potential-NULL-ptr-deref-in-.patch b/target/linux/generic/backport-4.14/334-v4.15-netfilter-nf_tables-fix-potential-NULL-ptr-deref-in-.patch index 844df508c6..2a9e8002f2 100644 --- a/target/linux/generic/backport-4.14/334-v4.15-netfilter-nf_tables-fix-potential-NULL-ptr-deref-in-.patch +++ b/target/linux/generic/backport-4.14/334-v4.15-netfilter-nf_tables-fix-potential-NULL-ptr-deref-in-.patch @@ -15,7 +15,7 @@ Signed-off-by: Pablo Neira Ayuso --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c -@@ -5358,8 +5358,10 @@ static int nf_tables_dump_flowtable_done +@@ -5362,8 +5362,10 @@ static int nf_tables_dump_flowtable_done if (!filter) return 0; diff --git a/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch b/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch index cd1d30c6c5..7297b7ecd8 100644 --- a/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch +++ b/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch @@ -523,7 +523,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(type)) return PTR_ERR(type); -@@ -2115,7 +2112,7 @@ static void nf_tables_rule_notify(const +@@ -2119,7 +2116,7 @@ static void nf_tables_rule_notify(const goto err; err = nf_tables_fill_rule_info(skb, ctx->net, ctx->portid, ctx->seq, @@ -532,7 +532,7 @@ Signed-off-by: Pablo Neira Ayuso ctx->chain, rule); if (err < 0) { kfree_skb(skb); -@@ -2139,7 +2136,6 @@ static int nf_tables_dump_rules(struct s +@@ -2143,7 +2140,6 @@ static int nf_tables_dump_rules(struct s { const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh); const struct nft_rule_dump_ctx *ctx = cb->data; @@ -540,7 +540,7 @@ Signed-off-by: Pablo Neira Ayuso const struct nft_table *table; const struct nft_chain *chain; const struct nft_rule *rule; -@@ -2150,39 +2146,37 @@ static int nf_tables_dump_rules(struct s +@@ -2154,39 +2150,37 @@ static int nf_tables_dump_rules(struct s rcu_read_lock(); cb->seq = net->nft.base_seq; @@ -605,7 +605,7 @@ Signed-off-by: Pablo Neira Ayuso } } } -@@ -2260,7 +2254,8 @@ static int nf_tables_getrule(struct net +@@ -2264,7 +2258,8 @@ static int nf_tables_getrule(struct net if (IS_ERR(afi)) return PTR_ERR(afi); @@ -615,7 +615,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -2345,7 +2340,8 @@ static int nf_tables_newrule(struct net +@@ -2349,7 +2344,8 @@ static int nf_tables_newrule(struct net if (IS_ERR(afi)) return PTR_ERR(afi); @@ -625,7 +625,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -2384,7 +2380,7 @@ static int nf_tables_newrule(struct net +@@ -2388,7 +2384,7 @@ static int nf_tables_newrule(struct net return PTR_ERR(old_rule); } @@ -634,7 +634,7 @@ Signed-off-by: Pablo Neira Ayuso n = 0; size = 0; -@@ -2517,7 +2513,8 @@ static int nf_tables_delrule(struct net +@@ -2521,7 +2517,8 @@ static int nf_tables_delrule(struct net if (IS_ERR(afi)) return PTR_ERR(afi); @@ -644,7 +644,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -2528,7 +2525,7 @@ static int nf_tables_delrule(struct net +@@ -2532,7 +2529,7 @@ static int nf_tables_delrule(struct net return PTR_ERR(chain); } @@ -653,7 +653,7 @@ Signed-off-by: Pablo Neira Ayuso if (chain) { if (nla[NFTA_RULE_HANDLE]) { -@@ -2726,13 +2723,13 @@ static int nft_ctx_init_from_setattr(str +@@ -2730,13 +2727,13 @@ static int nft_ctx_init_from_setattr(str if (afi == NULL) return -EAFNOSUPPORT; @@ -670,7 +670,7 @@ Signed-off-by: Pablo Neira Ayuso return 0; } -@@ -2860,7 +2857,7 @@ static int nf_tables_fill_set(struct sk_ +@@ -2864,7 +2861,7 @@ static int nf_tables_fill_set(struct sk_ goto nla_put_failure; nfmsg = nlmsg_data(nlh); @@ -679,7 +679,7 @@ Signed-off-by: Pablo Neira Ayuso nfmsg->version = NFNETLINK_V0; nfmsg->res_id = htons(ctx->net->nft.base_seq & 0xffff); -@@ -2953,10 +2950,8 @@ static int nf_tables_dump_sets(struct sk +@@ -2957,10 +2954,8 @@ static int nf_tables_dump_sets(struct sk { const struct nft_set *set; unsigned int idx, s_idx = cb->args[0]; @@ -690,7 +690,7 @@ Signed-off-by: Pablo Neira Ayuso struct nft_ctx *ctx = cb->data, ctx_set; if (cb->args[1]) -@@ -2965,51 +2960,44 @@ static int nf_tables_dump_sets(struct sk +@@ -2969,51 +2964,44 @@ static int nf_tables_dump_sets(struct sk rcu_read_lock(); cb->seq = net->nft.base_seq; @@ -771,7 +771,7 @@ Signed-off-by: Pablo Neira Ayuso } cb->args[1] = 1; done: -@@ -3222,11 +3210,12 @@ static int nf_tables_newset(struct net * +@@ -3226,11 +3214,12 @@ static int nf_tables_newset(struct net * if (IS_ERR(afi)) return PTR_ERR(afi); @@ -786,7 +786,7 @@ Signed-off-by: Pablo Neira Ayuso set = nf_tables_set_lookup(table, nla[NFTA_SET_NAME], genmask); if (IS_ERR(set)) { -@@ -3495,12 +3484,12 @@ static int nft_ctx_init_from_elemattr(st +@@ -3499,12 +3488,12 @@ static int nft_ctx_init_from_elemattr(st if (IS_ERR(afi)) return PTR_ERR(afi); @@ -802,7 +802,7 @@ Signed-off-by: Pablo Neira Ayuso return 0; } -@@ -3605,7 +3594,6 @@ static int nf_tables_dump_set(struct sk_ +@@ -3609,7 +3598,6 @@ static int nf_tables_dump_set(struct sk_ { struct nft_set_dump_ctx *dump_ctx = cb->data; struct net *net = sock_net(skb->sk); @@ -810,7 +810,7 @@ Signed-off-by: Pablo Neira Ayuso struct nft_table *table; struct nft_set *set; struct nft_set_dump_args args; -@@ -3617,21 +3605,19 @@ static int nf_tables_dump_set(struct sk_ +@@ -3621,21 +3609,19 @@ static int nf_tables_dump_set(struct sk_ int event; rcu_read_lock(); @@ -841,7 +841,7 @@ Signed-off-by: Pablo Neira Ayuso } break; } -@@ -3651,7 +3637,7 @@ static int nf_tables_dump_set(struct sk_ +@@ -3655,7 +3641,7 @@ static int nf_tables_dump_set(struct sk_ goto nla_put_failure; nfmsg = nlmsg_data(nlh); @@ -850,7 +850,7 @@ Signed-off-by: Pablo Neira Ayuso nfmsg->version = NFNETLINK_V0; nfmsg->res_id = htons(net->nft.base_seq & 0xffff); -@@ -3753,7 +3739,7 @@ static int nf_tables_fill_setelem_info(s +@@ -3757,7 +3743,7 @@ static int nf_tables_fill_setelem_info(s goto nla_put_failure; nfmsg = nlmsg_data(nlh); @@ -859,7 +859,7 @@ Signed-off-by: Pablo Neira Ayuso nfmsg->version = NFNETLINK_V0; nfmsg->res_id = htons(ctx->net->nft.base_seq & 0xffff); -@@ -4003,7 +3989,7 @@ static int nft_add_set_elem(struct nft_c +@@ -4007,7 +3993,7 @@ static int nft_add_set_elem(struct nft_c list_for_each_entry(binding, &set->bindings, list) { struct nft_ctx bind_ctx = { .net = ctx->net, @@ -868,7 +868,7 @@ Signed-off-by: Pablo Neira Ayuso .table = ctx->table, .chain = (struct nft_chain *)binding->chain, }; -@@ -4555,7 +4541,8 @@ static int nf_tables_newobj(struct net * +@@ -4559,7 +4545,8 @@ static int nf_tables_newobj(struct net * if (IS_ERR(afi)) return PTR_ERR(afi); @@ -878,7 +878,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -4573,7 +4560,7 @@ static int nf_tables_newobj(struct net * +@@ -4577,7 +4564,7 @@ static int nf_tables_newobj(struct net * return 0; } @@ -887,7 +887,7 @@ Signed-off-by: Pablo Neira Ayuso type = nft_obj_type_get(objtype); if (IS_ERR(type)) -@@ -4650,7 +4637,6 @@ struct nft_obj_filter { +@@ -4654,7 +4641,6 @@ struct nft_obj_filter { static int nf_tables_dump_obj(struct sk_buff *skb, struct netlink_callback *cb) { const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh); @@ -895,7 +895,7 @@ Signed-off-by: Pablo Neira Ayuso const struct nft_table *table; unsigned int idx = 0, s_idx = cb->args[0]; struct nft_obj_filter *filter = cb->data; -@@ -4665,38 +4651,37 @@ static int nf_tables_dump_obj(struct sk_ +@@ -4669,38 +4655,37 @@ static int nf_tables_dump_obj(struct sk_ rcu_read_lock(); cb->seq = net->nft.base_seq; @@ -960,7 +960,7 @@ Signed-off-by: Pablo Neira Ayuso } } done: -@@ -4783,7 +4768,8 @@ static int nf_tables_getobj(struct net * +@@ -4787,7 +4772,8 @@ static int nf_tables_getobj(struct net * if (IS_ERR(afi)) return PTR_ERR(afi); @@ -970,7 +970,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -4843,7 +4829,8 @@ static int nf_tables_delobj(struct net * +@@ -4847,7 +4833,8 @@ static int nf_tables_delobj(struct net * if (IS_ERR(afi)) return PTR_ERR(afi); @@ -980,7 +980,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -4854,7 +4841,7 @@ static int nf_tables_delobj(struct net * +@@ -4858,7 +4845,7 @@ static int nf_tables_delobj(struct net * if (obj->use > 0) return -EBUSY; @@ -989,7 +989,7 @@ Signed-off-by: Pablo Neira Ayuso return nft_delobj(&ctx, obj); } -@@ -4892,7 +4879,7 @@ static void nf_tables_obj_notify(const s +@@ -4896,7 +4883,7 @@ static void nf_tables_obj_notify(const s struct nft_object *obj, int event) { nft_obj_notify(ctx->net, ctx->table, obj, ctx->portid, ctx->seq, event, @@ -998,7 +998,7 @@ Signed-off-by: Pablo Neira Ayuso } /* -@@ -5082,7 +5069,7 @@ void nft_flow_table_iterate(struct net * +@@ -5086,7 +5073,7 @@ void nft_flow_table_iterate(struct net * rcu_read_lock(); list_for_each_entry_rcu(afi, &net->nft.af_info, list) { @@ -1007,7 +1007,7 @@ Signed-off-by: Pablo Neira Ayuso list_for_each_entry_rcu(flowtable, &table->flowtables, list) { iter(&flowtable->data, data); } -@@ -5130,7 +5117,8 @@ static int nf_tables_newflowtable(struct +@@ -5134,7 +5121,8 @@ static int nf_tables_newflowtable(struct if (IS_ERR(afi)) return PTR_ERR(afi); @@ -1017,7 +1017,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -5147,7 +5135,7 @@ static int nf_tables_newflowtable(struct +@@ -5151,7 +5139,7 @@ static int nf_tables_newflowtable(struct return 0; } @@ -1026,7 +1026,7 @@ Signed-off-by: Pablo Neira Ayuso flowtable = kzalloc(sizeof(*flowtable), GFP_KERNEL); if (!flowtable) -@@ -5228,7 +5216,8 @@ static int nf_tables_delflowtable(struct +@@ -5232,7 +5220,8 @@ static int nf_tables_delflowtable(struct if (IS_ERR(afi)) return PTR_ERR(afi); @@ -1036,7 +1036,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -5239,7 +5228,7 @@ static int nf_tables_delflowtable(struct +@@ -5243,7 +5232,7 @@ static int nf_tables_delflowtable(struct if (flowtable->use > 0) return -EBUSY; @@ -1045,7 +1045,7 @@ Signed-off-by: Pablo Neira Ayuso return nft_delflowtable(&ctx, flowtable); } -@@ -5308,40 +5297,37 @@ static int nf_tables_dump_flowtable(stru +@@ -5312,40 +5301,37 @@ static int nf_tables_dump_flowtable(stru struct net *net = sock_net(skb->sk); int family = nfmsg->nfgen_family; struct nft_flowtable *flowtable; @@ -1107,7 +1107,7 @@ Signed-off-by: Pablo Neira Ayuso } } done: -@@ -5426,7 +5412,8 @@ static int nf_tables_getflowtable(struct +@@ -5430,7 +5416,8 @@ static int nf_tables_getflowtable(struct if (IS_ERR(afi)) return PTR_ERR(afi); @@ -1117,7 +1117,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -5469,7 +5456,7 @@ static void nf_tables_flowtable_notify(s +@@ -5473,7 +5460,7 @@ static void nf_tables_flowtable_notify(s err = nf_tables_fill_flowtable_info(skb, ctx->net, ctx->portid, ctx->seq, event, 0, @@ -1126,7 +1126,7 @@ Signed-off-by: Pablo Neira Ayuso if (err < 0) { kfree_skb(skb); goto err; -@@ -5547,17 +5534,14 @@ static int nf_tables_flowtable_event(str +@@ -5551,17 +5538,14 @@ static int nf_tables_flowtable_event(str struct net_device *dev = netdev_notifier_info_to_dev(ptr); struct nft_flowtable *flowtable; struct nft_table *table; @@ -1147,7 +1147,7 @@ Signed-off-by: Pablo Neira Ayuso } } nfnl_unlock(NFNL_SUBSYS_NFTABLES); -@@ -6583,6 +6567,7 @@ EXPORT_SYMBOL_GPL(nft_data_dump); +@@ -6587,6 +6571,7 @@ EXPORT_SYMBOL_GPL(nft_data_dump); static int __net_init nf_tables_init_net(struct net *net) { INIT_LIST_HEAD(&net->nft.af_info); @@ -1155,7 +1155,7 @@ Signed-off-by: Pablo Neira Ayuso INIT_LIST_HEAD(&net->nft.commit_list); net->nft.base_seq = 1; return 0; -@@ -6619,10 +6604,10 @@ static void __nft_release_afinfo(struct +@@ -6623,10 +6608,10 @@ static void __nft_release_afinfo(struct struct nft_set *set, *ns; struct nft_ctx ctx = { .net = net, diff --git a/target/linux/generic/backport-4.14/336-v4.15-netfilter-exit_net-cleanup-check-added.patch b/target/linux/generic/backport-4.14/336-v4.15-netfilter-exit_net-cleanup-check-added.patch index 698ddbc213..2942542257 100644 --- a/target/linux/generic/backport-4.14/336-v4.15-netfilter-exit_net-cleanup-check-added.patch +++ b/target/linux/generic/backport-4.14/336-v4.15-netfilter-exit_net-cleanup-check-added.patch @@ -21,7 +21,7 @@ Signed-off-by: Pablo Neira Ayuso static struct pernet_operations clusterip_net_ops = { --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c -@@ -6573,6 +6573,12 @@ static int __net_init nf_tables_init_net +@@ -6577,6 +6577,12 @@ static int __net_init nf_tables_init_net return 0; } @@ -34,7 +34,7 @@ Signed-off-by: Pablo Neira Ayuso int __nft_release_basechain(struct nft_ctx *ctx) { struct nft_rule *rule, *nr; -@@ -6650,6 +6656,7 @@ static void __nft_release_afinfo(struct +@@ -6654,6 +6660,7 @@ static void __nft_release_afinfo(struct static struct pernet_operations nf_tables_net_ops = { .init = nf_tables_init_net, diff --git a/target/linux/generic/backport-4.14/337-v4.16-netfilter-nf_tables-get-rid-of-pernet-families.patch b/target/linux/generic/backport-4.14/337-v4.16-netfilter-nf_tables-get-rid-of-pernet-families.patch index a9b54ced69..01c2edfec1 100644 --- a/target/linux/generic/backport-4.14/337-v4.16-netfilter-nf_tables-get-rid-of-pernet-families.patch +++ b/target/linux/generic/backport-4.14/337-v4.16-netfilter-nf_tables-get-rid-of-pernet-families.patch @@ -364,7 +364,7 @@ Signed-off-by: Pablo Neira Ayuso if (afi->family == family) return afi; } -@@ -5064,15 +5062,12 @@ void nft_flow_table_iterate(struct net * +@@ -5068,15 +5066,12 @@ void nft_flow_table_iterate(struct net * void *data) { struct nft_flowtable *flowtable; @@ -383,7 +383,7 @@ Signed-off-by: Pablo Neira Ayuso } } rcu_read_unlock(); -@@ -6564,21 +6559,6 @@ int nft_data_dump(struct sk_buff *skb, i +@@ -6568,21 +6563,6 @@ int nft_data_dump(struct sk_buff *skb, i } EXPORT_SYMBOL_GPL(nft_data_dump); @@ -405,7 +405,7 @@ Signed-off-by: Pablo Neira Ayuso int __nft_release_basechain(struct nft_ctx *ctx) { struct nft_rule *rule, *nr; -@@ -6599,8 +6579,7 @@ int __nft_release_basechain(struct nft_c +@@ -6603,8 +6583,7 @@ int __nft_release_basechain(struct nft_c } EXPORT_SYMBOL_GPL(__nft_release_basechain); @@ -415,7 +415,7 @@ Signed-off-by: Pablo Neira Ayuso { struct nft_flowtable *flowtable, *nf; struct nft_table *table, *nt; -@@ -6610,10 +6589,11 @@ static void __nft_release_afinfo(struct +@@ -6614,10 +6593,11 @@ static void __nft_release_afinfo(struct struct nft_set *set, *ns; struct nft_ctx ctx = { .net = net, @@ -428,7 +428,7 @@ Signed-off-by: Pablo Neira Ayuso list_for_each_entry(chain, &table->chains, list) nf_tables_unregister_hook(net, table, chain); list_for_each_entry(flowtable, &table->flowtables, list) -@@ -6654,6 +6634,21 @@ static void __nft_release_afinfo(struct +@@ -6658,6 +6638,21 @@ static void __nft_release_afinfo(struct } } diff --git a/target/linux/generic/backport-4.14/338-v4.16-netfilter-nf_tables-get-rid-of-struct-nft_af_info-ab.patch b/target/linux/generic/backport-4.14/338-v4.16-netfilter-nf_tables-get-rid-of-struct-nft_af_info-ab.patch index b77b025383..017f940e01 100644 --- a/target/linux/generic/backport-4.14/338-v4.16-netfilter-nf_tables-get-rid-of-struct-nft_af_info-ab.patch +++ b/target/linux/generic/backport-4.14/338-v4.16-netfilter-nf_tables-get-rid-of-struct-nft_af_info-ab.patch @@ -600,7 +600,7 @@ Signed-off-by: Pablo Neira Ayuso use = chain->use; list_for_each_entry(rule, &chain->rules, list) { -@@ -2145,7 +2043,7 @@ static int nf_tables_dump_rules(struct s +@@ -2149,7 +2047,7 @@ static int nf_tables_dump_rules(struct s cb->seq = net->nft.base_seq; list_for_each_entry_rcu(table, &net->nft.tables, list) { @@ -609,7 +609,7 @@ Signed-off-by: Pablo Neira Ayuso continue; if (ctx && ctx->table && strcmp(ctx->table, table->name) != 0) -@@ -2168,7 +2066,7 @@ static int nf_tables_dump_rules(struct s +@@ -2172,7 +2070,7 @@ static int nf_tables_dump_rules(struct s cb->nlh->nlmsg_seq, NFT_MSG_NEWRULE, NLM_F_MULTI | NLM_F_APPEND, @@ -618,7 +618,7 @@ Signed-off-by: Pablo Neira Ayuso table, chain, rule) < 0) goto done; -@@ -2204,7 +2102,6 @@ static int nf_tables_getrule(struct net +@@ -2208,7 +2106,6 @@ static int nf_tables_getrule(struct net { const struct nfgenmsg *nfmsg = nlmsg_data(nlh); u8 genmask = nft_genmask_cur(net); @@ -626,7 +626,7 @@ Signed-off-by: Pablo Neira Ayuso const struct nft_table *table; const struct nft_chain *chain; const struct nft_rule *rule; -@@ -2248,11 +2145,7 @@ static int nf_tables_getrule(struct net +@@ -2252,11 +2149,7 @@ static int nf_tables_getrule(struct net return netlink_dump_start(nlsk, skb, nlh, &c); } @@ -639,7 +639,7 @@ Signed-off-by: Pablo Neira Ayuso genmask); if (IS_ERR(table)) return PTR_ERR(table); -@@ -2318,7 +2211,7 @@ static int nf_tables_newrule(struct net +@@ -2322,7 +2215,7 @@ static int nf_tables_newrule(struct net { const struct nfgenmsg *nfmsg = nlmsg_data(nlh); u8 genmask = nft_genmask_next(net); @@ -648,7 +648,7 @@ Signed-off-by: Pablo Neira Ayuso struct nft_table *table; struct nft_chain *chain; struct nft_rule *rule, *old_rule = NULL; -@@ -2334,11 +2227,7 @@ static int nf_tables_newrule(struct net +@@ -2338,11 +2231,7 @@ static int nf_tables_newrule(struct net create = nlh->nlmsg_flags & NLM_F_CREATE ? true : false; @@ -661,7 +661,7 @@ Signed-off-by: Pablo Neira Ayuso genmask); if (IS_ERR(table)) return PTR_ERR(table); -@@ -2378,7 +2267,7 @@ static int nf_tables_newrule(struct net +@@ -2382,7 +2271,7 @@ static int nf_tables_newrule(struct net return PTR_ERR(old_rule); } @@ -670,7 +670,7 @@ Signed-off-by: Pablo Neira Ayuso n = 0; size = 0; -@@ -2500,18 +2389,13 @@ static int nf_tables_delrule(struct net +@@ -2504,18 +2393,13 @@ static int nf_tables_delrule(struct net { const struct nfgenmsg *nfmsg = nlmsg_data(nlh); u8 genmask = nft_genmask_next(net); @@ -690,7 +690,7 @@ Signed-off-by: Pablo Neira Ayuso genmask); if (IS_ERR(table)) return PTR_ERR(table); -@@ -2523,7 +2407,7 @@ static int nf_tables_delrule(struct net +@@ -2527,7 +2411,7 @@ static int nf_tables_delrule(struct net return PTR_ERR(chain); } @@ -699,7 +699,7 @@ Signed-off-by: Pablo Neira Ayuso if (chain) { if (nla[NFTA_RULE_HANDLE]) { -@@ -2708,26 +2592,17 @@ static int nft_ctx_init_from_setattr(str +@@ -2712,26 +2596,17 @@ static int nft_ctx_init_from_setattr(str u8 genmask) { const struct nfgenmsg *nfmsg = nlmsg_data(nlh); @@ -729,7 +729,7 @@ Signed-off-by: Pablo Neira Ayuso return 0; } -@@ -2960,7 +2835,7 @@ static int nf_tables_dump_sets(struct sk +@@ -2964,7 +2839,7 @@ static int nf_tables_dump_sets(struct sk list_for_each_entry_rcu(table, &net->nft.tables, list) { if (ctx->family != NFPROTO_UNSPEC && @@ -738,7 +738,7 @@ Signed-off-by: Pablo Neira Ayuso continue; if (ctx->table && ctx->table != table) -@@ -2981,7 +2856,7 @@ static int nf_tables_dump_sets(struct sk +@@ -2985,7 +2860,7 @@ static int nf_tables_dump_sets(struct sk ctx_set = *ctx; ctx_set.table = table; @@ -747,7 +747,7 @@ Signed-off-by: Pablo Neira Ayuso if (nf_tables_fill_set(skb, &ctx_set, set, NFT_MSG_NEWSET, -@@ -3093,8 +2968,8 @@ static int nf_tables_newset(struct net * +@@ -3097,8 +2972,8 @@ static int nf_tables_newset(struct net * { const struct nfgenmsg *nfmsg = nlmsg_data(nlh); u8 genmask = nft_genmask_next(net); @@ -757,7 +757,7 @@ Signed-off-by: Pablo Neira Ayuso struct nft_table *table; struct nft_set *set; struct nft_ctx ctx; -@@ -3204,16 +3079,12 @@ static int nf_tables_newset(struct net * +@@ -3208,16 +3083,12 @@ static int nf_tables_newset(struct net * create = nlh->nlmsg_flags & NLM_F_CREATE ? true : false; @@ -776,7 +776,7 @@ Signed-off-by: Pablo Neira Ayuso set = nf_tables_set_lookup(table, nla[NFTA_SET_NAME], genmask); if (IS_ERR(set)) { -@@ -3475,19 +3346,15 @@ static int nft_ctx_init_from_elemattr(st +@@ -3479,19 +3350,15 @@ static int nft_ctx_init_from_elemattr(st u8 genmask) { const struct nfgenmsg *nfmsg = nlmsg_data(nlh); @@ -799,7 +799,7 @@ Signed-off-by: Pablo Neira Ayuso return 0; } -@@ -3605,7 +3472,7 @@ static int nf_tables_dump_set(struct sk_ +@@ -3609,7 +3476,7 @@ static int nf_tables_dump_set(struct sk_ rcu_read_lock(); list_for_each_entry_rcu(table, &net->nft.tables, list) { if (dump_ctx->ctx.family != NFPROTO_UNSPEC && @@ -808,7 +808,7 @@ Signed-off-by: Pablo Neira Ayuso continue; if (table != dump_ctx->ctx.table) -@@ -3635,7 +3502,7 @@ static int nf_tables_dump_set(struct sk_ +@@ -3639,7 +3506,7 @@ static int nf_tables_dump_set(struct sk_ goto nla_put_failure; nfmsg = nlmsg_data(nlh); @@ -817,7 +817,7 @@ Signed-off-by: Pablo Neira Ayuso nfmsg->version = NFNETLINK_V0; nfmsg->res_id = htons(net->nft.base_seq & 0xffff); -@@ -4523,7 +4390,6 @@ static int nf_tables_newobj(struct net * +@@ -4527,7 +4394,6 @@ static int nf_tables_newobj(struct net * const struct nft_object_type *type; u8 genmask = nft_genmask_next(net); int family = nfmsg->nfgen_family; @@ -825,7 +825,7 @@ Signed-off-by: Pablo Neira Ayuso struct nft_table *table; struct nft_object *obj; struct nft_ctx ctx; -@@ -4535,11 +4401,7 @@ static int nf_tables_newobj(struct net * +@@ -4539,11 +4405,7 @@ static int nf_tables_newobj(struct net * !nla[NFTA_OBJ_DATA]) return -EINVAL; @@ -838,7 +838,7 @@ Signed-off-by: Pablo Neira Ayuso genmask); if (IS_ERR(table)) return PTR_ERR(table); -@@ -4558,7 +4420,7 @@ static int nf_tables_newobj(struct net * +@@ -4562,7 +4424,7 @@ static int nf_tables_newobj(struct net * return 0; } @@ -847,7 +847,7 @@ Signed-off-by: Pablo Neira Ayuso type = nft_obj_type_get(objtype); if (IS_ERR(type)) -@@ -4650,7 +4512,7 @@ static int nf_tables_dump_obj(struct sk_ +@@ -4654,7 +4516,7 @@ static int nf_tables_dump_obj(struct sk_ cb->seq = net->nft.base_seq; list_for_each_entry_rcu(table, &net->nft.tables, list) { @@ -856,7 +856,7 @@ Signed-off-by: Pablo Neira Ayuso continue; list_for_each_entry_rcu(obj, &table->objects, list) { -@@ -4673,7 +4535,7 @@ static int nf_tables_dump_obj(struct sk_ +@@ -4677,7 +4539,7 @@ static int nf_tables_dump_obj(struct sk_ cb->nlh->nlmsg_seq, NFT_MSG_NEWOBJ, NLM_F_MULTI | NLM_F_APPEND, @@ -865,7 +865,7 @@ Signed-off-by: Pablo Neira Ayuso obj, reset) < 0) goto done; -@@ -4731,7 +4593,6 @@ static int nf_tables_getobj(struct net * +@@ -4735,7 +4597,6 @@ static int nf_tables_getobj(struct net * const struct nfgenmsg *nfmsg = nlmsg_data(nlh); u8 genmask = nft_genmask_cur(net); int family = nfmsg->nfgen_family; @@ -873,7 +873,7 @@ Signed-off-by: Pablo Neira Ayuso const struct nft_table *table; struct nft_object *obj; struct sk_buff *skb2; -@@ -4762,11 +4623,7 @@ static int nf_tables_getobj(struct net * +@@ -4766,11 +4627,7 @@ static int nf_tables_getobj(struct net * !nla[NFTA_OBJ_TYPE]) return -EINVAL; @@ -886,7 +886,7 @@ Signed-off-by: Pablo Neira Ayuso genmask); if (IS_ERR(table)) return PTR_ERR(table); -@@ -4813,7 +4670,6 @@ static int nf_tables_delobj(struct net * +@@ -4817,7 +4674,6 @@ static int nf_tables_delobj(struct net * const struct nfgenmsg *nfmsg = nlmsg_data(nlh); u8 genmask = nft_genmask_next(net); int family = nfmsg->nfgen_family; @@ -894,7 +894,7 @@ Signed-off-by: Pablo Neira Ayuso struct nft_table *table; struct nft_object *obj; struct nft_ctx ctx; -@@ -4823,11 +4679,7 @@ static int nf_tables_delobj(struct net * +@@ -4827,11 +4683,7 @@ static int nf_tables_delobj(struct net * !nla[NFTA_OBJ_NAME]) return -EINVAL; @@ -907,7 +907,7 @@ Signed-off-by: Pablo Neira Ayuso genmask); if (IS_ERR(table)) return PTR_ERR(table); -@@ -4839,7 +4691,7 @@ static int nf_tables_delobj(struct net * +@@ -4843,7 +4695,7 @@ static int nf_tables_delobj(struct net * if (obj->use > 0) return -EBUSY; @@ -916,7 +916,7 @@ Signed-off-by: Pablo Neira Ayuso return nft_delobj(&ctx, obj); } -@@ -5024,33 +4876,31 @@ err1: +@@ -5028,33 +4880,31 @@ err1: return err; } @@ -956,7 +956,7 @@ Signed-off-by: Pablo Neira Ayuso return ERR_PTR(-EAGAIN); } #endif -@@ -5098,7 +4948,6 @@ static int nf_tables_newflowtable(struct +@@ -5102,7 +4952,6 @@ static int nf_tables_newflowtable(struct u8 genmask = nft_genmask_next(net); int family = nfmsg->nfgen_family; struct nft_flowtable *flowtable; @@ -964,7 +964,7 @@ Signed-off-by: Pablo Neira Ayuso struct nft_table *table; struct nft_ctx ctx; int err, i, k; -@@ -5108,12 +4957,8 @@ static int nf_tables_newflowtable(struct +@@ -5112,12 +4961,8 @@ static int nf_tables_newflowtable(struct !nla[NFTA_FLOWTABLE_HOOK]) return -EINVAL; @@ -978,7 +978,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -5130,7 +4975,7 @@ static int nf_tables_newflowtable(struct +@@ -5134,7 +4979,7 @@ static int nf_tables_newflowtable(struct return 0; } @@ -987,7 +987,7 @@ Signed-off-by: Pablo Neira Ayuso flowtable = kzalloc(sizeof(*flowtable), GFP_KERNEL); if (!flowtable) -@@ -5143,7 +4988,7 @@ static int nf_tables_newflowtable(struct +@@ -5147,7 +4992,7 @@ static int nf_tables_newflowtable(struct goto err1; } @@ -996,7 +996,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(type)) { err = PTR_ERR(type); goto err2; -@@ -5203,16 +5048,11 @@ static int nf_tables_delflowtable(struct +@@ -5207,16 +5052,11 @@ static int nf_tables_delflowtable(struct u8 genmask = nft_genmask_next(net); int family = nfmsg->nfgen_family; struct nft_flowtable *flowtable; @@ -1014,7 +1014,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -5223,7 +5063,7 @@ static int nf_tables_delflowtable(struct +@@ -5227,7 +5067,7 @@ static int nf_tables_delflowtable(struct if (flowtable->use > 0) return -EBUSY; @@ -1023,7 +1023,7 @@ Signed-off-by: Pablo Neira Ayuso return nft_delflowtable(&ctx, flowtable); } -@@ -5298,7 +5138,7 @@ static int nf_tables_dump_flowtable(stru +@@ -5302,7 +5142,7 @@ static int nf_tables_dump_flowtable(stru cb->seq = net->nft.base_seq; list_for_each_entry_rcu(table, &net->nft.tables, list) { @@ -1032,7 +1032,7 @@ Signed-off-by: Pablo Neira Ayuso continue; list_for_each_entry_rcu(flowtable, &table->flowtables, list) { -@@ -5317,7 +5157,7 @@ static int nf_tables_dump_flowtable(stru +@@ -5321,7 +5161,7 @@ static int nf_tables_dump_flowtable(stru cb->nlh->nlmsg_seq, NFT_MSG_NEWFLOWTABLE, NLM_F_MULTI | NLM_F_APPEND, @@ -1041,7 +1041,7 @@ Signed-off-by: Pablo Neira Ayuso goto done; nl_dump_check_consistent(cb, nlmsg_hdr(skb)); -@@ -5377,7 +5217,6 @@ static int nf_tables_getflowtable(struct +@@ -5381,7 +5221,6 @@ static int nf_tables_getflowtable(struct u8 genmask = nft_genmask_cur(net); int family = nfmsg->nfgen_family; struct nft_flowtable *flowtable; @@ -1049,7 +1049,7 @@ Signed-off-by: Pablo Neira Ayuso const struct nft_table *table; struct sk_buff *skb2; int err; -@@ -5403,12 +5242,8 @@ static int nf_tables_getflowtable(struct +@@ -5407,12 +5246,8 @@ static int nf_tables_getflowtable(struct if (!nla[NFTA_FLOWTABLE_NAME]) return -EINVAL; @@ -1063,7 +1063,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -6579,7 +6414,7 @@ int __nft_release_basechain(struct nft_c +@@ -6583,7 +6418,7 @@ int __nft_release_basechain(struct nft_c } EXPORT_SYMBOL_GPL(__nft_release_basechain); @@ -1072,7 +1072,7 @@ Signed-off-by: Pablo Neira Ayuso { struct nft_flowtable *flowtable, *nf; struct nft_table *table, *nt; -@@ -6592,7 +6427,7 @@ static void __nft_release_afinfo(struct +@@ -6596,7 +6431,7 @@ static void __nft_release_afinfo(struct }; list_for_each_entry_safe(table, nt, &net->nft.tables, list) { @@ -1081,7 +1081,7 @@ Signed-off-by: Pablo Neira Ayuso list_for_each_entry(chain, &table->chains, list) nf_tables_unregister_hook(net, table, chain); -@@ -6644,7 +6479,7 @@ static int __net_init nf_tables_init_net +@@ -6648,7 +6483,7 @@ static int __net_init nf_tables_init_net static void __net_exit nf_tables_exit_net(struct net *net) { diff --git a/target/linux/generic/backport-4.14/339-v4.16-netfilter-nft_flow_offload-wait-for-garbage-collecto.patch b/target/linux/generic/backport-4.14/339-v4.16-netfilter-nft_flow_offload-wait-for-garbage-collecto.patch index 4aca79c682..6888a08f16 100644 --- a/target/linux/generic/backport-4.14/339-v4.16-netfilter-nft_flow_offload-wait-for-garbage-collecto.patch +++ b/target/linux/generic/backport-4.14/339-v4.16-netfilter-nft_flow_offload-wait-for-garbage-collecto.patch @@ -17,7 +17,7 @@ Signed-off-by: Pablo Neira Ayuso --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c -@@ -4914,13 +4914,13 @@ void nft_flow_table_iterate(struct net * +@@ -4918,13 +4918,13 @@ void nft_flow_table_iterate(struct net * struct nft_flowtable *flowtable; const struct nft_table *table; diff --git a/target/linux/generic/backport-4.14/342-v4.16-netfilter-nf_tables-fix-flowtable-free.patch b/target/linux/generic/backport-4.14/342-v4.16-netfilter-nf_tables-fix-flowtable-free.patch index efbf478ea2..b171280661 100644 --- a/target/linux/generic/backport-4.14/342-v4.16-netfilter-nf_tables-fix-flowtable-free.patch +++ b/target/linux/generic/backport-4.14/342-v4.16-netfilter-nf_tables-fix-flowtable-free.patch @@ -118,7 +118,7 @@ Signed-off-by: Pablo Neira Ayuso }; --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c -@@ -5299,17 +5299,12 @@ err: +@@ -5303,17 +5303,12 @@ err: nfnetlink_set_err(ctx->net, ctx->portid, NFNLGRP_NFTABLES, -ENOBUFS); } diff --git a/target/linux/generic/backport-4.14/344-v4.16-netfilter-nf_tables-allocate-handle-and-delete-objec.patch b/target/linux/generic/backport-4.14/344-v4.16-netfilter-nf_tables-allocate-handle-and-delete-objec.patch index ad630e9d51..545495484d 100644 --- a/target/linux/generic/backport-4.14/344-v4.16-netfilter-nf_tables-allocate-handle-and-delete-objec.patch +++ b/target/linux/generic/backport-4.14/344-v4.16-netfilter-nf_tables-allocate-handle-and-delete-objec.patch @@ -266,7 +266,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(chain)) return PTR_ERR(chain); -@@ -2579,6 +2627,7 @@ static const struct nla_policy nft_set_p +@@ -2583,6 +2631,7 @@ static const struct nla_policy nft_set_p [NFTA_SET_USERDATA] = { .type = NLA_BINARY, .len = NFT_USERDATA_MAXLEN }, [NFTA_SET_OBJ_TYPE] = { .type = NLA_U32 }, @@ -274,7 +274,7 @@ Signed-off-by: Pablo Neira Ayuso }; static const struct nla_policy nft_set_desc_policy[NFTA_SET_DESC_MAX + 1] = { -@@ -2622,6 +2671,22 @@ static struct nft_set *nf_tables_set_loo +@@ -2626,6 +2675,22 @@ static struct nft_set *nf_tables_set_loo return ERR_PTR(-ENOENT); } @@ -297,7 +297,7 @@ Signed-off-by: Pablo Neira Ayuso static struct nft_set *nf_tables_set_lookup_byid(const struct net *net, const struct nlattr *nla, u8 genmask) -@@ -2738,6 +2803,9 @@ static int nf_tables_fill_set(struct sk_ +@@ -2742,6 +2807,9 @@ static int nf_tables_fill_set(struct sk_ goto nla_put_failure; if (nla_put_string(skb, NFTA_SET_NAME, set->name)) goto nla_put_failure; @@ -307,7 +307,7 @@ Signed-off-by: Pablo Neira Ayuso if (set->flags != 0) if (nla_put_be32(skb, NFTA_SET_FLAGS, htonl(set->flags))) goto nla_put_failure; -@@ -3150,6 +3218,7 @@ static int nf_tables_newset(struct net * +@@ -3154,6 +3222,7 @@ static int nf_tables_newset(struct net * set->udata = udata; set->timeout = timeout; set->gc_int = gc_int; @@ -315,7 +315,7 @@ Signed-off-by: Pablo Neira Ayuso err = ops->init(set, &desc, nla); if (err < 0) -@@ -3209,7 +3278,10 @@ static int nf_tables_delset(struct net * +@@ -3213,7 +3282,10 @@ static int nf_tables_delset(struct net * if (err < 0) return err; @@ -327,7 +327,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(set)) return PTR_ERR(set); -@@ -4278,6 +4350,21 @@ struct nft_object *nf_tables_obj_lookup( +@@ -4282,6 +4354,21 @@ struct nft_object *nf_tables_obj_lookup( } EXPORT_SYMBOL_GPL(nf_tables_obj_lookup); @@ -349,7 +349,7 @@ Signed-off-by: Pablo Neira Ayuso static const struct nla_policy nft_obj_policy[NFTA_OBJ_MAX + 1] = { [NFTA_OBJ_TABLE] = { .type = NLA_STRING, .len = NFT_TABLE_MAXNAMELEN - 1 }, -@@ -4285,6 +4372,7 @@ static const struct nla_policy nft_obj_p +@@ -4289,6 +4376,7 @@ static const struct nla_policy nft_obj_p .len = NFT_OBJ_MAXNAMELEN - 1 }, [NFTA_OBJ_TYPE] = { .type = NLA_U32 }, [NFTA_OBJ_DATA] = { .type = NLA_NESTED }, @@ -357,7 +357,7 @@ Signed-off-by: Pablo Neira Ayuso }; static struct nft_object *nft_obj_init(const struct nft_ctx *ctx, -@@ -4432,6 +4520,8 @@ static int nf_tables_newobj(struct net * +@@ -4436,6 +4524,8 @@ static int nf_tables_newobj(struct net * goto err1; } obj->table = table; @@ -366,7 +366,7 @@ Signed-off-by: Pablo Neira Ayuso obj->name = nla_strdup(nla[NFTA_OBJ_NAME], GFP_KERNEL); if (!obj->name) { err = -ENOMEM; -@@ -4478,7 +4568,9 @@ static int nf_tables_fill_obj_info(struc +@@ -4482,7 +4572,9 @@ static int nf_tables_fill_obj_info(struc nla_put_string(skb, NFTA_OBJ_NAME, obj->name) || nla_put_be32(skb, NFTA_OBJ_TYPE, htonl(obj->ops->type->type)) || nla_put_be32(skb, NFTA_OBJ_USE, htonl(obj->use)) || @@ -377,7 +377,7 @@ Signed-off-by: Pablo Neira Ayuso goto nla_put_failure; nlmsg_end(skb, nlh); -@@ -4676,7 +4768,7 @@ static int nf_tables_delobj(struct net * +@@ -4680,7 +4772,7 @@ static int nf_tables_delobj(struct net * u32 objtype; if (!nla[NFTA_OBJ_TYPE] || @@ -386,7 +386,7 @@ Signed-off-by: Pablo Neira Ayuso return -EINVAL; table = nf_tables_table_lookup(net, nla[NFTA_OBJ_TABLE], family, -@@ -4685,7 +4777,12 @@ static int nf_tables_delobj(struct net * +@@ -4689,7 +4781,12 @@ static int nf_tables_delobj(struct net * return PTR_ERR(table); objtype = ntohl(nla_get_be32(nla[NFTA_OBJ_TYPE])); @@ -400,7 +400,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(obj)) return PTR_ERR(obj); if (obj->use > 0) -@@ -4757,6 +4854,7 @@ static const struct nla_policy nft_flowt +@@ -4761,6 +4858,7 @@ static const struct nla_policy nft_flowt [NFTA_FLOWTABLE_NAME] = { .type = NLA_STRING, .len = NFT_NAME_MAXLEN - 1 }, [NFTA_FLOWTABLE_HOOK] = { .type = NLA_NESTED }, @@ -408,7 +408,7 @@ Signed-off-by: Pablo Neira Ayuso }; struct nft_flowtable *nf_tables_flowtable_lookup(const struct nft_table *table, -@@ -4774,6 +4872,20 @@ struct nft_flowtable *nf_tables_flowtabl +@@ -4778,6 +4876,20 @@ struct nft_flowtable *nf_tables_flowtabl } EXPORT_SYMBOL_GPL(nf_tables_flowtable_lookup); @@ -429,7 +429,7 @@ Signed-off-by: Pablo Neira Ayuso #define NFT_FLOWTABLE_DEVICE_MAX 8 static int nf_tables_parse_devices(const struct nft_ctx *ctx, -@@ -4982,6 +5094,8 @@ static int nf_tables_newflowtable(struct +@@ -4986,6 +5098,8 @@ static int nf_tables_newflowtable(struct return -ENOMEM; flowtable->table = table; @@ -438,7 +438,7 @@ Signed-off-by: Pablo Neira Ayuso flowtable->name = nla_strdup(nla[NFTA_FLOWTABLE_NAME], GFP_KERNEL); if (!flowtable->name) { err = -ENOMEM; -@@ -5056,8 +5170,14 @@ static int nf_tables_delflowtable(struct +@@ -5060,8 +5174,14 @@ static int nf_tables_delflowtable(struct if (IS_ERR(table)) return PTR_ERR(table); @@ -455,7 +455,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(flowtable)) return PTR_ERR(flowtable); if (flowtable->use > 0) -@@ -5090,7 +5210,9 @@ static int nf_tables_fill_flowtable_info +@@ -5094,7 +5214,9 @@ static int nf_tables_fill_flowtable_info if (nla_put_string(skb, NFTA_FLOWTABLE_TABLE, flowtable->table->name) || nla_put_string(skb, NFTA_FLOWTABLE_NAME, flowtable->name) || diff --git a/target/linux/generic/backport-4.14/357-v4.18-netfilter-nf_flow_table-move-init-code-to-nf_flow_ta.patch b/target/linux/generic/backport-4.14/357-v4.18-netfilter-nf_flow_table-move-init-code-to-nf_flow_ta.patch index 44838837e9..6b580bc5fc 100644 --- a/target/linux/generic/backport-4.14/357-v4.18-netfilter-nf_flow_table-move-init-code-to-nf_flow_ta.patch +++ b/target/linux/generic/backport-4.14/357-v4.18-netfilter-nf_flow_table-move-init-code-to-nf_flow_ta.patch @@ -236,7 +236,7 @@ Signed-off-by: Felix Fietkau .owner = THIS_MODULE, --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c -@@ -5109,40 +5109,38 @@ static int nf_tables_newflowtable(struct +@@ -5113,40 +5113,38 @@ static int nf_tables_newflowtable(struct } flowtable->data.type = type; @@ -285,7 +285,7 @@ Signed-off-by: Felix Fietkau err3: module_put(type->owner); err2: -@@ -5423,10 +5421,8 @@ err: +@@ -5427,10 +5425,8 @@ err: static void nf_tables_flowtable_destroy(struct nft_flowtable *flowtable) { diff --git a/target/linux/generic/backport-4.14/358-v4.18-netfilter-nf_flow_table-fix-priv-pointer-for-netdev-.patch b/target/linux/generic/backport-4.14/358-v4.18-netfilter-nf_flow_table-fix-priv-pointer-for-netdev-.patch index 0fd8bb0a4f..1a50eae764 100644 --- a/target/linux/generic/backport-4.14/358-v4.18-netfilter-nf_flow_table-fix-priv-pointer-for-netdev-.patch +++ b/target/linux/generic/backport-4.14/358-v4.18-netfilter-nf_flow_table-fix-priv-pointer-for-netdev-.patch @@ -11,7 +11,7 @@ Signed-off-by: Felix Fietkau --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c -@@ -4975,7 +4975,7 @@ static int nf_tables_flowtable_parse_hoo +@@ -4979,7 +4979,7 @@ static int nf_tables_flowtable_parse_hoo flowtable->ops[i].pf = NFPROTO_NETDEV; flowtable->ops[i].hooknum = hooknum; flowtable->ops[i].priority = priority; diff --git a/target/linux/generic/backport-4.14/359-v4.18-netfilter-nf_flow_table-track-flow-tables-in-nf_flow.patch b/target/linux/generic/backport-4.14/359-v4.18-netfilter-nf_flow_table-track-flow-tables-in-nf_flow.patch index 85c97a41a0..7e81ab36eb 100644 --- a/target/linux/generic/backport-4.14/359-v4.18-netfilter-nf_flow_table-track-flow-tables-in-nf_flow.patch +++ b/target/linux/generic/backport-4.14/359-v4.18-netfilter-nf_flow_table-track-flow-tables-in-nf_flow.patch @@ -88,7 +88,7 @@ Signed-off-by: Felix Fietkau WARN_ON(!nf_flow_offload_gc_step(flow_table)); --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c -@@ -5019,23 +5019,6 @@ static const struct nf_flowtable_type *n +@@ -5023,23 +5023,6 @@ static const struct nf_flowtable_type *n return ERR_PTR(-ENOENT); } diff --git a/target/linux/generic/hack-4.14/204-module_strip.patch b/target/linux/generic/hack-4.14/204-module_strip.patch index d6f7d9fa67..812b9d7d0e 100644 --- a/target/linux/generic/hack-4.14/204-module_strip.patch +++ b/target/linux/generic/hack-4.14/204-module_strip.patch @@ -137,7 +137,7 @@ Signed-off-by: Felix Fietkau --- a/scripts/mod/modpost.c +++ b/scripts/mod/modpost.c -@@ -1996,7 +1996,9 @@ static void read_symbols(char *modname) +@@ -1997,7 +1997,9 @@ static void read_symbols(char *modname) symname = remove_dot(info.strtab + sym->st_name); handle_modversions(mod, &info, sym, symname); @@ -147,7 +147,7 @@ Signed-off-by: Felix Fietkau } if (!is_vmlinux(modname) || (is_vmlinux(modname) && vmlinux_section_warnings)) -@@ -2157,8 +2159,10 @@ static void add_header(struct buffer *b, +@@ -2158,8 +2160,10 @@ static void add_header(struct buffer *b, buf_printf(b, "#include \n"); buf_printf(b, "#include \n"); buf_printf(b, "\n"); @@ -158,7 +158,7 @@ Signed-off-by: Felix Fietkau buf_printf(b, "\n"); buf_printf(b, "__visible struct module __this_module\n"); buf_printf(b, "__attribute__((section(\".gnu.linkonce.this_module\"))) = {\n"); -@@ -2175,8 +2179,10 @@ static void add_header(struct buffer *b, +@@ -2176,8 +2180,10 @@ static void add_header(struct buffer *b, static void add_intree_flag(struct buffer *b, int is_intree) { @@ -169,7 +169,7 @@ Signed-off-by: Felix Fietkau } /* Cannot check for assembler */ -@@ -2189,10 +2195,12 @@ static void add_retpoline(struct buffer +@@ -2190,10 +2196,12 @@ static void add_retpoline(struct buffer static void add_staging_flag(struct buffer *b, const char *name) { @@ -182,7 +182,7 @@ Signed-off-by: Felix Fietkau } /** -@@ -2291,11 +2299,13 @@ static void add_depends(struct buffer *b +@@ -2292,11 +2300,13 @@ static void add_depends(struct buffer *b static void add_srcversion(struct buffer *b, struct module *mod) { @@ -196,7 +196,7 @@ Signed-off-by: Felix Fietkau } static void write_if_changed(struct buffer *b, const char *fname) -@@ -2532,7 +2542,9 @@ int main(int argc, char **argv) +@@ -2533,7 +2543,9 @@ int main(int argc, char **argv) add_staging_flag(&buf, mod->name); err |= add_versions(&buf, mod); add_depends(&buf, mod, modules); diff --git a/target/linux/generic/hack-4.14/640-bridge-only-accept-EAP-locally.patch b/target/linux/generic/hack-4.14/640-bridge-only-accept-EAP-locally.patch index fbe9ab0876..e0544807dc 100644 --- a/target/linux/generic/hack-4.14/640-bridge-only-accept-EAP-locally.patch +++ b/target/linux/generic/hack-4.14/640-bridge-only-accept-EAP-locally.patch @@ -12,7 +12,7 @@ Signed-off-by: Etienne Champetier --- a/net/bridge/br_input.c +++ b/net/bridge/br_input.c -@@ -166,10 +166,14 @@ int br_handle_frame_finish(struct net *n +@@ -173,10 +173,14 @@ int br_handle_frame_finish(struct net *n } } diff --git a/target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch b/target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch index d50280a881..90bbdabb60 100644 --- a/target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch +++ b/target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch @@ -15,7 +15,7 @@ Signed-off-by: Felix Fietkau --- a/net/bridge/br_input.c +++ b/net/bridge/br_input.c -@@ -237,7 +237,10 @@ static void __br_handle_local_finish(str +@@ -244,7 +244,10 @@ static void __br_handle_local_finish(str /* note: already called with rcu_read_lock */ static int br_handle_local_finish(struct net *net, struct sock *sk, struct sk_buff *skb) { @@ -27,7 +27,7 @@ Signed-off-by: Felix Fietkau /* return 1 to signal the okfn() was called so it's ok to use the skb */ return 1; -@@ -332,6 +335,17 @@ rx_handler_result_t br_handle_frame(stru +@@ -339,6 +342,17 @@ rx_handler_result_t br_handle_frame(stru forward: switch (p->state) { diff --git a/target/linux/generic/pending-4.14/460-mtd-cfi_cmdset_0002-no-erase_suspend.patch b/target/linux/generic/pending-4.14/460-mtd-cfi_cmdset_0002-no-erase_suspend.patch index 3d39d3731d..6a8eb195c5 100644 --- a/target/linux/generic/pending-4.14/460-mtd-cfi_cmdset_0002-no-erase_suspend.patch +++ b/target/linux/generic/pending-4.14/460-mtd-cfi_cmdset_0002-no-erase_suspend.patch @@ -14,7 +14,7 @@ Signed-off-by: Felix Fietkau --- a/drivers/mtd/chips/cfi_cmdset_0002.c +++ b/drivers/mtd/chips/cfi_cmdset_0002.c -@@ -810,7 +810,7 @@ static int get_chip(struct map_info *map +@@ -820,7 +820,7 @@ static int get_chip(struct map_info *map return 0; case FL_ERASING: diff --git a/target/linux/generic/pending-4.14/461-mtd-cfi_cmdset_0002-add-buffer-write-cmd-timeout.patch b/target/linux/generic/pending-4.14/461-mtd-cfi_cmdset_0002-add-buffer-write-cmd-timeout.patch index 1b07791eca..bb285db16b 100644 --- a/target/linux/generic/pending-4.14/461-mtd-cfi_cmdset_0002-add-buffer-write-cmd-timeout.patch +++ b/target/linux/generic/pending-4.14/461-mtd-cfi_cmdset_0002-add-buffer-write-cmd-timeout.patch @@ -7,7 +7,7 @@ Signed-off-by: George Kashperko 1 file changed, 1 insertion(+) --- a/drivers/mtd/chips/cfi_cmdset_0002.c +++ b/drivers/mtd/chips/cfi_cmdset_0002.c -@@ -1838,6 +1838,7 @@ static int __xipram do_write_buffer(stru +@@ -1849,6 +1849,7 @@ static int __xipram do_write_buffer(stru /* Write Buffer Load */ map_write(map, CMD(0x25), cmd_adr); diff --git a/target/linux/generic/pending-4.14/640-netfilter-nf_flow_table-add-hardware-offload-support.patch b/target/linux/generic/pending-4.14/640-netfilter-nf_flow_table-add-hardware-offload-support.patch index 9e505740d3..9ee881d42e 100644 --- a/target/linux/generic/pending-4.14/640-netfilter-nf_flow_table-add-hardware-offload-support.patch +++ b/target/linux/generic/pending-4.14/640-netfilter-nf_flow_table-add-hardware-offload-support.patch @@ -506,7 +506,7 @@ Signed-off-by: Pablo Neira Ayuso +MODULE_ALIAS("nf-flow-table-hw"); --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c -@@ -4962,6 +4962,14 @@ static int nf_tables_flowtable_parse_hoo +@@ -4966,6 +4966,14 @@ static int nf_tables_flowtable_parse_hoo if (err < 0) goto err1; @@ -521,7 +521,7 @@ Signed-off-by: Pablo Neira Ayuso ops = kzalloc(sizeof(struct nf_hook_ops) * n, GFP_KERNEL); if (!ops) { err = -ENOMEM; -@@ -5092,10 +5100,19 @@ static int nf_tables_newflowtable(struct +@@ -5096,10 +5104,19 @@ static int nf_tables_newflowtable(struct } flowtable->data.type = type; @@ -541,7 +541,7 @@ Signed-off-by: Pablo Neira Ayuso err = nf_tables_flowtable_parse_hook(&ctx, nla[NFTA_FLOWTABLE_HOOK], flowtable); if (err < 0) -@@ -5193,7 +5210,8 @@ static int nf_tables_fill_flowtable_info +@@ -5197,7 +5214,8 @@ static int nf_tables_fill_flowtable_info nla_put_string(skb, NFTA_FLOWTABLE_NAME, flowtable->name) || nla_put_be32(skb, NFTA_FLOWTABLE_USE, htonl(flowtable->use)) || nla_put_be64(skb, NFTA_FLOWTABLE_HANDLE, cpu_to_be64(flowtable->handle), diff --git a/target/linux/mvebu/patches-4.14/408-sfp-move-module-eeprom-ethtool-access-into-netdev-co.patch b/target/linux/mvebu/patches-4.14/408-sfp-move-module-eeprom-ethtool-access-into-netdev-co.patch index 2eb10779f7..db9997e34a 100644 --- a/target/linux/mvebu/patches-4.14/408-sfp-move-module-eeprom-ethtool-access-into-netdev-co.patch +++ b/target/linux/mvebu/patches-4.14/408-sfp-move-module-eeprom-ethtool-access-into-netdev-co.patch @@ -49,7 +49,7 @@ Signed-off-by: Russell King }; --- a/drivers/net/phy/phylink.c +++ b/drivers/net/phy/phylink.c -@@ -1060,34 +1060,6 @@ int phylink_ethtool_set_pauseparam(struc +@@ -1065,34 +1065,6 @@ int phylink_ethtool_set_pauseparam(struc } EXPORT_SYMBOL_GPL(phylink_ethtool_set_pauseparam); diff --git a/target/linux/mvebu/patches-4.14/409-sfp-use-netdev-sfp_bus-for-start-stop.patch b/target/linux/mvebu/patches-4.14/409-sfp-use-netdev-sfp_bus-for-start-stop.patch index 10bd2d0a46..f07b3922c6 100644 --- a/target/linux/mvebu/patches-4.14/409-sfp-use-netdev-sfp_bus-for-start-stop.patch +++ b/target/linux/mvebu/patches-4.14/409-sfp-use-netdev-sfp_bus-for-start-stop.patch @@ -10,7 +10,7 @@ Signed-off-by: Russell King --- a/drivers/net/phy/phylink.c +++ b/drivers/net/phy/phylink.c -@@ -777,8 +777,8 @@ void phylink_start(struct phylink *pl) +@@ -782,8 +782,8 @@ void phylink_start(struct phylink *pl) clear_bit(PHYLINK_DISABLE_STOPPED, &pl->phylink_disable_state); phylink_run_resolve(pl); @@ -21,7 +21,7 @@ Signed-off-by: Russell King if (pl->phydev) phy_start(pl->phydev); } -@@ -790,8 +790,8 @@ void phylink_stop(struct phylink *pl) +@@ -795,8 +795,8 @@ void phylink_stop(struct phylink *pl) if (pl->phydev) phy_stop(pl->phydev); -- 2.25.1