kernel: bump 4.14 to 4.14.68

author Koen Vandeputte <koen.vandeputte@ncentric.com>

Thu, 6 Sep 2018 12:18:24 +0000 (14:18 +0200)

committer Koen Vandeputte <koen.vandeputte@ncentric.com>

Fri, 7 Sep 2018 15:22:23 +0000 (17:22 +0200)
author Koen Vandeputte <koen.vandeputte@ncentric.com>
Thu, 6 Sep 2018 12:18:24 +0000 (14:18 +0200)
committer Koen Vandeputte <koen.vandeputte@ncentric.com>
Fri, 7 Sep 2018 15:22:23 +0000 (17:22 +0200)
diff --git a/include/kernel-version.mk b/include/kernel-version.mk

index 3e31f6ca7c2462c0f9f5af6504da48b0a7670739..c6108bead82e02e5fe93c202aa87e821026bf90e 100644 (file)
--- a/include/kernel-version.mk
+++ b/include/kernel-version.mk
@@ -2,11 +2,11 @@
  
  LINUX_RELEASE?=1
  
  
  LINUX_RELEASE?=1
  
-LINUX_VERSION-4.14 = .67
  LINUX_VERSION-4.9 = .125
  LINUX_VERSION-4.9 = .125
+LINUX_VERSION-4.14 = .68
  
  
-LINUX_KERNEL_HASH-4.14.67 = 3f4b056dc27233a78f7a4a35ed6fdcfd0a9680ec40b611a898bb6c8b905070ba
  LINUX_KERNEL_HASH-4.9.125 = a764deef61bebfac1d07b2ed6890f93a12a9ab6d3fc3c53e3d850ed4681111cb
  LINUX_KERNEL_HASH-4.9.125 = a764deef61bebfac1d07b2ed6890f93a12a9ab6d3fc3c53e3d850ed4681111cb
+LINUX_KERNEL_HASH-4.14.68 = 791dbf1597033bf2b61e83307d78188ffc1ad4bdd1da3234876667edfdd28690
  
  remove_uri_prefix=$(subst git://,,$(subst http://,,$(subst https://,,$(1))))
  sanitize_uri=$(call qstrip,$(subst @,_,$(subst :,_,$(subst .,_,$(subst -,_,$(subst /,_,$(1)))))))
  
  remove_uri_prefix=$(subst git://,,$(subst http://,,$(subst https://,,$(1))))
  sanitize_uri=$(call qstrip,$(subst @,_,$(subst :,_,$(subst .,_,$(subst -,_,$(subst /,_,$(1)))))))
diff --git a/target/linux/brcm47xx/patches-4.14/330-Revert-MIPS-BCM47XX-Enable-74K-Core-ExternalSync-for.patch b/target/linux/brcm47xx/patches-4.14/330-Revert-MIPS-BCM47XX-Enable-74K-Core-ExternalSync-for.patch

deleted file mode 100644 (file)

index ad30621..0000000
--- a/target/linux/brcm47xx/patches-4.14/330-Revert-MIPS-BCM47XX-Enable-74K-Core-ExternalSync-for.patch
+++ /dev/null
@@ -1,76 +0,0 @@
-From: =?UTF-8?q?Rafa=C5=82=20Mi=C5=82ecki?= <rafal@milecki.pl>
-Date: Fri, 27 Jul 2018 12:39:01 +0200
-Subject: [PATCH] Revert "MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe
- erratum"
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-This reverts commit 2a027b47dba6b77ab8c8e47b589ae9bbc5ac6175.
-
-Enabling ExternalSync caused a regression for BCM4718A1 (used e.g. in
-Netgear E3000 and ASUS RT-N16): it simply hangs during PCIe
-initialization. It's likely that BCM4717A1 is also affected.
-
-I didn't notice that earlier as the only BCM47XX devices with PCIe I
-own are:
-1) BCM4706 with 2 x 14e4:4331
-2) BCM4706 with 14e4:4360 and 14e4:4331
-it appears that BCM4706 is unaffected.
-
-While BCM5300X-ES300-RDS.pdf seems to document that erratum and its
-workarounds (according to quotes provided by Tokunori) it seems not even
-Broadcom follows them.
-
-According to the provided info Broadcom should define CONF7_ES in their
-SDK's mipsinc.h and implement workaround in the si_mips_init(). Checking
-both didn't reveal such code. It *could* mean Broadcom also had some
-problems with the given workaround.
-
-Reported-by: Michael Marley <michael@michaelmarley.com>
-Cc: Tokunori Ikegami <ikegami@allied-telesis.co.jp>
-Cc: Paul Burton <paul.burton@mips.com>
-Cc: Hauke Mehrtens <hauke@hauke-m.de>
-Cc: Chris Packham <chris.packham@alliedtelesis.co.nz>
-Cc: stable@vger.kernel.org
-Cc: James Hogan <jhogan@kernel.org>
-Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
----
- arch/mips/bcm47xx/setup.c        | 6 ------
- arch/mips/include/asm/mipsregs.h | 3 ---
- 2 files changed, 9 deletions(-)
-
---- a/arch/mips/bcm47xx/setup.c
-+++ b/arch/mips/bcm47xx/setup.c
-@@ -212,12 +212,6 @@ static int __init bcm47xx_cpu_fixes(void
-                */
-               if (bcm47xx_bus.bcma.bus.chipinfo.id == BCMA_CHIP_ID_BCM4706)
-                       cpu_wait = NULL;
--
--              /*
--               * BCM47XX Erratum "R10: PCIe Transactions Periodically Fail"
--               * Enable ExternalSync for sync instruction to take effect
--               */
--              set_c0_config7(MIPS_CONF7_ES);
-               break;
- #endif
-       }
---- a/arch/mips/include/asm/mipsregs.h
-+++ b/arch/mips/include/asm/mipsregs.h
-@@ -680,8 +680,6 @@
- #define MIPS_CONF7_WII                (_ULCAST_(1) << 31)
- 
- #define MIPS_CONF7_RPS                (_ULCAST_(1) << 2)
--/* ExternalSync */
--#define MIPS_CONF7_ES         (_ULCAST_(1) << 8)
- 
- #define MIPS_CONF7_IAR                (_ULCAST_(1) << 10)
- #define MIPS_CONF7_AR         (_ULCAST_(1) << 16)
-@@ -2747,7 +2745,6 @@ __BUILD_SET_C0(status)
- __BUILD_SET_C0(cause)
- __BUILD_SET_C0(config)
- __BUILD_SET_C0(config5)
--__BUILD_SET_C0(config7)
- __BUILD_SET_C0(intcontrol)
- __BUILD_SET_C0(intctl)
- __BUILD_SET_C0(srsmap)
diff --git a/target/linux/generic/backport-4.14/303-v4.16-netfilter-nf_tables-remove-multihook-chains-and-fami.patch b/target/linux/generic/backport-4.14/303-v4.16-netfilter-nf_tables-remove-multihook-chains-and-fami.patch

index 75e86f1b46449e74c8565b044d22a822fcebe199..b279e8c30adf69e1c6832b82517c1757a03f5c8b 100644 (file)
--- a/target/linux/generic/backport-4.14/303-v4.16-netfilter-nf_tables-remove-multihook-chains-and-fami.patch
+++ b/target/linux/generic/backport-4.14/303-v4.16-netfilter-nf_tables-remove-multihook-chains-and-fami.patch
@@ -228,7 +228,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   err1:
         nf_tables_chain_destroy(chain);
   
   err1:
         nf_tables_chain_destroy(chain);
   
-@@ -1478,14 +1469,13 @@ static int nf_tables_updchain(struct nft
+@@ -1478,13 +1469,12 @@ static int nf_tables_updchain(struct nft
         const struct nlattr * const *nla = ctx->nla;
         struct nft_table *table = ctx->table;
         struct nft_chain *chain = ctx->chain;
         const struct nlattr * const *nla = ctx->nla;
         struct nft_table *table = ctx->table;
         struct nft_chain *chain = ctx->chain;
@@ -236,7 +236,6 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         struct nft_base_chain *basechain;
         struct nft_stats *stats = NULL;
         struct nft_chain_hook hook;
         struct nft_base_chain *basechain;
         struct nft_stats *stats = NULL;
         struct nft_chain_hook hook;
-       const struct nlattr *name;
         struct nf_hook_ops *ops;
         struct nft_trans *trans;
  -      int err, i;
         struct nf_hook_ops *ops;
         struct nft_trans *trans;
  -      int err, i;
@@ -244,7 +243,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   
         if (nla[NFTA_CHAIN_HOOK]) {
                 if (!nft_is_base_chain(chain))
   
         if (nla[NFTA_CHAIN_HOOK]) {
                 if (!nft_is_base_chain(chain))
-@@ -1502,14 +1492,12 @@ static int nf_tables_updchain(struct nft
+@@ -1501,14 +1491,12 @@ static int nf_tables_updchain(struct nft
                         return -EBUSY;
                 }
   
                         return -EBUSY;
                 }
   
@@ -265,7 +264,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                 }
                 nft_chain_release_hook(&hook);
         }
                 }
                 nft_chain_release_hook(&hook);
         }
-@@ -5113,10 +5101,9 @@ static int nf_tables_commit(struct net *
+@@ -5134,10 +5122,9 @@ static int nf_tables_commit(struct net *
                 case NFT_MSG_DELCHAIN:
                         list_del_rcu(&trans->ctx.chain->list);
                         nf_tables_chain_notify(&trans->ctx, NFT_MSG_DELCHAIN);
                 case NFT_MSG_DELCHAIN:
                         list_del_rcu(&trans->ctx.chain->list);
                         nf_tables_chain_notify(&trans->ctx, NFT_MSG_DELCHAIN);
@@ -279,7 +278,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                         break;
                 case NFT_MSG_NEWRULE:
                         nft_clear(trans->ctx.net, nft_trans_rule(trans));
                         break;
                 case NFT_MSG_NEWRULE:
                         nft_clear(trans->ctx.net, nft_trans_rule(trans));
-@@ -5253,10 +5240,9 @@ static int nf_tables_abort(struct net *n
+@@ -5274,10 +5261,9 @@ static int nf_tables_abort(struct net *n
                         } else {
                                 trans->ctx.table->use--;
                                 list_del_rcu(&trans->ctx.chain->list);
                         } else {
                                 trans->ctx.table->use--;
                                 list_del_rcu(&trans->ctx.chain->list);
@@ -293,7 +292,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                         }
                         break;
                 case NFT_MSG_DELCHAIN:
                         }
                         break;
                 case NFT_MSG_DELCHAIN:
-@@ -5359,7 +5345,7 @@ int nft_chain_validate_hooks(const struc
+@@ -5380,7 +5366,7 @@ int nft_chain_validate_hooks(const struc
         if (nft_is_base_chain(chain)) {
                 basechain = nft_base_chain(chain);
   
         if (nft_is_base_chain(chain)) {
                 basechain = nft_base_chain(chain);
   
@@ -302,7 +301,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                         return 0;
   
                 return -EOPNOTSUPP;
                         return 0;
   
                 return -EOPNOTSUPP;
-@@ -5841,8 +5827,7 @@ int __nft_release_basechain(struct nft_c
+@@ -5862,8 +5848,7 @@ int __nft_release_basechain(struct nft_c
   
         BUG_ON(!nft_is_base_chain(ctx->chain));
   
   
         BUG_ON(!nft_is_base_chain(ctx->chain));
   
@@ -312,7 +311,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         list_for_each_entry_safe(rule, nr, &ctx->chain->rules, list) {
                 list_del(&rule->list);
                 ctx->chain->use--;
         list_for_each_entry_safe(rule, nr, &ctx->chain->rules, list) {
                 list_del(&rule->list);
                 ctx->chain->use--;
-@@ -5871,8 +5856,7 @@ static void __nft_release_afinfo(struct
+@@ -5892,8 +5877,7 @@ static void __nft_release_afinfo(struct
   
         list_for_each_entry_safe(table, nt, &afi->tables, list) {
                 list_for_each_entry(chain, &table->chains, list)
   
         list_for_each_entry_safe(table, nt, &afi->tables, list) {
                 list_for_each_entry(chain, &table->chains, list)
diff --git a/target/linux/generic/backport-4.14/321-v4.16-netfilter-nf_tables-add-flow-table-netlink-frontend.patch b/target/linux/generic/backport-4.14/321-v4.16-netfilter-nf_tables-add-flow-table-netlink-frontend.patch

index 625de6b348dcb81d0e52b64e98332a8a27f432f7..25b7ea224e480b4398e32fdd360c2c8a5f3c0146 100644 (file)
--- a/target/linux/generic/backport-4.14/321-v4.16-netfilter-nf_tables-add-flow-table-netlink-frontend.patch
+++ b/target/linux/generic/backport-4.14/321-v4.16-netfilter-nf_tables-add-flow-table-netlink-frontend.patch
@@ -292,7 +292,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         list_for_each_entry_safe(obj, ne, &ctx->table->objects, list) {
                 err = nft_delobj(ctx, obj);
                 if (err < 0)
         list_for_each_entry_safe(obj, ne, &ctx->table->objects, list) {
                 err = nft_delobj(ctx, obj);
                 if (err < 0)
-@@ -4818,6 +4862,605 @@ static void nf_tables_obj_notify(const s
+@@ -4834,6 +4878,605 @@ static void nf_tables_obj_notify(const s
                        ctx->afi->family, ctx->report, GFP_KERNEL);
   }
   
                        ctx->afi->family, ctx->report, GFP_KERNEL);
   }
   
@@ -898,7 +898,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   static int nf_tables_fill_gen_info(struct sk_buff *skb, struct net *net,
                                    u32 portid, u32 seq)
   {
   static int nf_tables_fill_gen_info(struct sk_buff *skb, struct net *net,
                                    u32 portid, u32 seq)
   {
-@@ -4848,6 +5491,49 @@ nla_put_failure:
+@@ -4864,6 +5507,49 @@ nla_put_failure:
         return -EMSGSIZE;
   }
   
         return -EMSGSIZE;
   }
   
@@ -948,7 +948,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   static void nf_tables_gen_notify(struct net *net, struct sk_buff *skb,
                                  int event)
   {
   static void nf_tables_gen_notify(struct net *net, struct sk_buff *skb,
                                  int event)
   {
-@@ -5000,6 +5686,21 @@ static const struct nfnl_callback nf_tab
+@@ -5016,6 +5702,21 @@ static const struct nfnl_callback nf_tab
                 .attr_count     = NFTA_OBJ_MAX,
                 .policy         = nft_obj_policy,
         },
                 .attr_count     = NFTA_OBJ_MAX,
                 .policy         = nft_obj_policy,
         },
@@ -970,7 +970,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   };
   
   static void nft_chain_commit_update(struct nft_trans *trans)
   };
   
   static void nft_chain_commit_update(struct nft_trans *trans)
-@@ -5045,6 +5746,9 @@ static void nf_tables_commit_release(str
+@@ -5064,6 +5765,9 @@ static void nf_tables_commit_release(str
         case NFT_MSG_DELOBJ:
                 nft_obj_destroy(nft_trans_obj(trans));
                 break;
         case NFT_MSG_DELOBJ:
                 nft_obj_destroy(nft_trans_obj(trans));
                 break;
@@ -980,7 +980,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         }
         kfree(trans);
   }
         }
         kfree(trans);
   }
-@@ -5162,6 +5866,21 @@ static int nf_tables_commit(struct net *
+@@ -5183,6 +5887,21 @@ static int nf_tables_commit(struct net *
                         nf_tables_obj_notify(&trans->ctx, nft_trans_obj(trans),
                                              NFT_MSG_DELOBJ);
                         break;
                         nf_tables_obj_notify(&trans->ctx, nft_trans_obj(trans),
                                              NFT_MSG_DELOBJ);
                         break;
@@ -1002,7 +1002,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                 }
         }
   
                 }
         }
   
-@@ -5199,6 +5918,9 @@ static void nf_tables_abort_release(stru
+@@ -5220,6 +5939,9 @@ static void nf_tables_abort_release(stru
         case NFT_MSG_NEWOBJ:
                 nft_obj_destroy(nft_trans_obj(trans));
                 break;
         case NFT_MSG_NEWOBJ:
                 nft_obj_destroy(nft_trans_obj(trans));
                 break;
@@ -1012,7 +1012,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         }
         kfree(trans);
   }
         }
         kfree(trans);
   }
-@@ -5290,6 +6012,17 @@ static int nf_tables_abort(struct net *n
+@@ -5311,6 +6033,17 @@ static int nf_tables_abort(struct net *n
                         nft_clear(trans->ctx.net, nft_trans_obj(trans));
                         nft_trans_destroy(trans);
                         break;
                         nft_clear(trans->ctx.net, nft_trans_obj(trans));
                         nft_trans_destroy(trans);
                         break;
@@ -1030,7 +1030,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                 }
         }
   
                 }
         }
   
-@@ -5840,6 +6573,7 @@ EXPORT_SYMBOL_GPL(__nft_release_basechai
+@@ -5861,6 +6594,7 @@ EXPORT_SYMBOL_GPL(__nft_release_basechai
   /* Called by nft_unregister_afinfo() from __net_exit path, nfnl_lock is held. */
   static void __nft_release_afinfo(struct net *net, struct nft_af_info *afi)
   {
   /* Called by nft_unregister_afinfo() from __net_exit path, nfnl_lock is held. */
   static void __nft_release_afinfo(struct net *net, struct nft_af_info *afi)
   {
@@ -1038,7 +1038,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         struct nft_table *table, *nt;
         struct nft_chain *chain, *nc;
         struct nft_object *obj, *ne;
         struct nft_table *table, *nt;
         struct nft_chain *chain, *nc;
         struct nft_object *obj, *ne;
-@@ -5853,6 +6587,9 @@ static void __nft_release_afinfo(struct
+@@ -5874,6 +6608,9 @@ static void __nft_release_afinfo(struct
         list_for_each_entry_safe(table, nt, &afi->tables, list) {
                 list_for_each_entry(chain, &table->chains, list)
                         nf_tables_unregister_hook(net, table, chain);
         list_for_each_entry_safe(table, nt, &afi->tables, list) {
                 list_for_each_entry(chain, &table->chains, list)
                         nf_tables_unregister_hook(net, table, chain);
@@ -1048,7 +1048,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                 /* No packets are walking on these chains anymore. */
                 ctx.table = table;
                 list_for_each_entry(chain, &table->chains, list) {
                 /* No packets are walking on these chains anymore. */
                 ctx.table = table;
                 list_for_each_entry(chain, &table->chains, list) {
-@@ -5863,6 +6600,11 @@ static void __nft_release_afinfo(struct
+@@ -5884,6 +6621,11 @@ static void __nft_release_afinfo(struct
                                 nf_tables_rule_release(&ctx, rule);
                         }
                 }
                                 nf_tables_rule_release(&ctx, rule);
                         }
                 }
@@ -1060,7 +1060,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                 list_for_each_entry_safe(set, ns, &table->sets, list) {
                         list_del(&set->list);
                         table->use--;
                 list_for_each_entry_safe(set, ns, &table->sets, list) {
                         list_del(&set->list);
                         table->use--;
-@@ -5906,6 +6648,8 @@ static int __init nf_tables_module_init(
+@@ -5927,6 +6669,8 @@ static int __init nf_tables_module_init(
         if (err < 0)
                 goto err3;
   
         if (err < 0)
                 goto err3;
   
@@ -1069,7 +1069,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         pr_info("nf_tables: (c) 2007-2009 Patrick McHardy <kaber@trash.net>\n");
         return register_pernet_subsys(&nf_tables_net_ops);
   err3:
         pr_info("nf_tables: (c) 2007-2009 Patrick McHardy <kaber@trash.net>\n");
         return register_pernet_subsys(&nf_tables_net_ops);
   err3:
-@@ -5920,6 +6664,7 @@ static void __exit nf_tables_module_exit
+@@ -5941,6 +6685,7 @@ static void __exit nf_tables_module_exit
   {
         unregister_pernet_subsys(&nf_tables_net_ops);
         nfnetlink_subsys_unregister(&nf_tables_subsys);
   {
         unregister_pernet_subsys(&nf_tables_net_ops);
         nfnetlink_subsys_unregister(&nf_tables_subsys);
diff --git a/target/linux/generic/backport-4.14/327-v4.16-netfilter-nf_tables-remove-nhooks-field-from-struct-.patch b/target/linux/generic/backport-4.14/327-v4.16-netfilter-nf_tables-remove-nhooks-field-from-struct-.patch

index 9c98fa73c47e6fe52fbffa66eaeef6038201c6cd..ae30a984d5b2f5d9a16400c90566245f09baf36d 100644 (file)
--- a/target/linux/generic/backport-4.14/327-v4.16-netfilter-nf_tables-remove-nhooks-field-from-struct-.patch
+++ b/target/linux/generic/backport-4.14/327-v4.16-netfilter-nf_tables-remove-nhooks-field-from-struct-.patch
@@ -82,7 +82,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         hook->priority = ntohl(nla_get_be32(ha[NFTA_HOOK_PRIORITY]));
   
         type = chain_type[afi->family][NFT_CHAIN_T_DEFAULT];
         hook->priority = ntohl(nla_get_be32(ha[NFTA_HOOK_PRIORITY]));
   
         type = chain_type[afi->family][NFT_CHAIN_T_DEFAULT];
-@@ -4970,7 +4967,7 @@ static int nf_tables_flowtable_parse_hoo
+@@ -4986,7 +4983,7 @@ static int nf_tables_flowtable_parse_hoo
                 return -EINVAL;
   
         hooknum = ntohl(nla_get_be32(tb[NFTA_FLOWTABLE_HOOK_NUM]));
                 return -EINVAL;
   
         hooknum = ntohl(nla_get_be32(tb[NFTA_FLOWTABLE_HOOK_NUM]));
diff --git a/target/linux/generic/backport-4.14/328-v4.16-netfilter-nf_tables-fix-a-typo-in-nf_tables_getflowt.patch b/target/linux/generic/backport-4.14/328-v4.16-netfilter-nf_tables-fix-a-typo-in-nf_tables_getflowt.patch

index d0863b836be7a494c8ff6dba77434e83b8f77842..493ed1d27d6ca7548204159955dd4c029601f9e7 100644 (file)
--- a/target/linux/generic/backport-4.14/328-v4.16-netfilter-nf_tables-fix-a-typo-in-nf_tables_getflowt.patch
+++ b/target/linux/generic/backport-4.14/328-v4.16-netfilter-nf_tables-fix-a-typo-in-nf_tables_getflowt.patch
@@ -11,7 +11,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  
  --- a/net/netfilter/nf_tables_api.c
  +++ b/net/netfilter/nf_tables_api.c
  
  --- a/net/netfilter/nf_tables_api.c
  +++ b/net/netfilter/nf_tables_api.c
-@@ -5394,7 +5394,7 @@ static int nf_tables_getflowtable(struct
+@@ -5410,7 +5410,7 @@ static int nf_tables_getflowtable(struct
   
         flowtable = nf_tables_flowtable_lookup(table, nla[NFTA_FLOWTABLE_NAME],
                                                genmask);
   
         flowtable = nf_tables_flowtable_lookup(table, nla[NFTA_FLOWTABLE_NAME],
                                                genmask);
diff --git a/target/linux/generic/backport-4.14/331-v4.16-netfilter-nf_tables-no-need-for-struct-nft_af_info-t.patch b/target/linux/generic/backport-4.14/331-v4.16-netfilter-nf_tables-no-need-for-struct-nft_af_info-t.patch

index aeef003303555135b979af827ee2a5baf7e19f00..ddcdb78a6ff64e40ed83a3c59d2666d23d703917 100644 (file)
--- a/target/linux/generic/backport-4.14/331-v4.16-netfilter-nf_tables-no-need-for-struct-nft_af_info-t.patch
+++ b/target/linux/generic/backport-4.14/331-v4.16-netfilter-nf_tables-no-need-for-struct-nft_af_info-t.patch
@@ -62,7 +62,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                 if (ret >= 0) {
                         ctx->table->flags &= ~NFT_TABLE_F_DORMANT;
                         nft_trans_table_enable(trans) = true;
                 if (ret >= 0) {
                         ctx->table->flags &= ~NFT_TABLE_F_DORMANT;
                         nft_trans_table_enable(trans) = true;
-@@ -5772,7 +5765,6 @@ static int nf_tables_commit(struct net *
+@@ -5791,7 +5784,6 @@ static int nf_tables_commit(struct net *
                         if (nft_trans_table_update(trans)) {
                                 if (!nft_trans_table_enable(trans)) {
                                         nf_tables_table_disable(net,
                         if (nft_trans_table_update(trans)) {
                                 if (!nft_trans_table_enable(trans)) {
                                         nf_tables_table_disable(net,
@@ -70,7 +70,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                                                                 trans->ctx.table);
                                         trans->ctx.table->flags |= NFT_TABLE_F_DORMANT;
                                 }
                                                                 trans->ctx.table);
                                         trans->ctx.table->flags |= NFT_TABLE_F_DORMANT;
                                 }
-@@ -5934,7 +5926,6 @@ static int nf_tables_abort(struct net *n
+@@ -5955,7 +5947,6 @@ static int nf_tables_abort(struct net *n
                         if (nft_trans_table_update(trans)) {
                                 if (nft_trans_table_enable(trans)) {
                                         nf_tables_table_disable(net,
                         if (nft_trans_table_update(trans)) {
                                 if (nft_trans_table_enable(trans)) {
                                         nf_tables_table_disable(net,
diff --git a/target/linux/generic/backport-4.14/334-v4.15-netfilter-nf_tables-fix-potential-NULL-ptr-deref-in-.patch b/target/linux/generic/backport-4.14/334-v4.15-netfilter-nf_tables-fix-potential-NULL-ptr-deref-in-.patch

index d7c07244fcdd05124a3ddefadff6867ef42f4b0a..719c2d9940f03f83eb463e5a1545a9559b3f5bd0 100644 (file)
--- a/target/linux/generic/backport-4.14/334-v4.15-netfilter-nf_tables-fix-potential-NULL-ptr-deref-in-.patch
+++ b/target/linux/generic/backport-4.14/334-v4.15-netfilter-nf_tables-fix-potential-NULL-ptr-deref-in-.patch
@@ -15,7 +15,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  
  --- a/net/netfilter/nf_tables_api.c
  +++ b/net/netfilter/nf_tables_api.c
  
  --- a/net/netfilter/nf_tables_api.c
  +++ b/net/netfilter/nf_tables_api.c
-@@ -5313,8 +5313,10 @@ static int nf_tables_dump_flowtable_done
+@@ -5329,8 +5329,10 @@ static int nf_tables_dump_flowtable_done
         if (!filter)
                 return 0;
   
         if (!filter)
                 return 0;
   
diff --git a/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch b/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch

index 47ba98c1910ad2a69f7c9483ab821e9d489c6901..0991f05700545307bdae55b3df889743160c9704 100644 (file)
--- a/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch
+++ b/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch
@@ -467,7 +467,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                 if (err < 0)
                         return err;
   
                 if (err < 0)
                         return err;
   
-@@ -1509,7 +1504,7 @@ static int nf_tables_updchain(struct nft
+@@ -1508,7 +1503,7 @@ static int nf_tables_updchain(struct nft
                 if (!nft_is_base_chain(chain))
                         return -EBUSY;
   
                 if (!nft_is_base_chain(chain))
                         return -EBUSY;
   
@@ -476,7 +476,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                                            create);
                 if (err < 0)
                         return err;
                                            create);
                 if (err < 0)
                         return err;
-@@ -1602,7 +1597,8 @@ static int nf_tables_newchain(struct net
+@@ -1618,7 +1613,8 @@ static int nf_tables_newchain(struct net
         if (IS_ERR(afi))
                 return PTR_ERR(afi);
   
         if (IS_ERR(afi))
                 return PTR_ERR(afi);
   
@@ -486,7 +486,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
-@@ -1642,7 +1638,7 @@ static int nf_tables_newchain(struct net
+@@ -1658,7 +1654,7 @@ static int nf_tables_newchain(struct net
                 }
         }
   
                 }
         }
   
@@ -495,7 +495,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   
         if (chain != NULL) {
                 if (nlh->nlmsg_flags & NLM_F_EXCL)
   
         if (chain != NULL) {
                 if (nlh->nlmsg_flags & NLM_F_EXCL)
-@@ -1676,7 +1672,8 @@ static int nf_tables_delchain(struct net
+@@ -1692,7 +1688,8 @@ static int nf_tables_delchain(struct net
         if (IS_ERR(afi))
                 return PTR_ERR(afi);
   
         if (IS_ERR(afi))
                 return PTR_ERR(afi);
   
@@ -505,7 +505,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
-@@ -1688,7 +1685,7 @@ static int nf_tables_delchain(struct net
+@@ -1704,7 +1701,7 @@ static int nf_tables_delchain(struct net
             chain->use > 0)
                 return -EBUSY;
   
             chain->use > 0)
                 return -EBUSY;
   
@@ -514,7 +514,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   
         use = chain->use;
         list_for_each_entry(rule, &chain->rules, list) {
   
         use = chain->use;
         list_for_each_entry(rule, &chain->rules, list) {
-@@ -1853,7 +1850,7 @@ static int nf_tables_expr_parse(const st
+@@ -1869,7 +1866,7 @@ static int nf_tables_expr_parse(const st
         if (err < 0)
                 return err;
   
         if (err < 0)
                 return err;
   
@@ -523,7 +523,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         if (IS_ERR(type))
                 return PTR_ERR(type);
   
         if (IS_ERR(type))
                 return PTR_ERR(type);
   
-@@ -2077,7 +2074,7 @@ static void nf_tables_rule_notify(const
+@@ -2093,7 +2090,7 @@ static void nf_tables_rule_notify(const
                 goto err;
   
         err = nf_tables_fill_rule_info(skb, ctx->net, ctx->portid, ctx->seq,
                 goto err;
   
         err = nf_tables_fill_rule_info(skb, ctx->net, ctx->portid, ctx->seq,
@@ -532,7 +532,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                                        ctx->chain, rule);
         if (err < 0) {
                 kfree_skb(skb);
                                        ctx->chain, rule);
         if (err < 0) {
                 kfree_skb(skb);
-@@ -2101,7 +2098,6 @@ static int nf_tables_dump_rules(struct s
+@@ -2117,7 +2114,6 @@ static int nf_tables_dump_rules(struct s
   {
         const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh);
         const struct nft_rule_dump_ctx *ctx = cb->data;
   {
         const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh);
         const struct nft_rule_dump_ctx *ctx = cb->data;
@@ -540,7 +540,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         const struct nft_table *table;
         const struct nft_chain *chain;
         const struct nft_rule *rule;
         const struct nft_table *table;
         const struct nft_chain *chain;
         const struct nft_rule *rule;
-@@ -2112,39 +2108,37 @@ static int nf_tables_dump_rules(struct s
+@@ -2128,39 +2124,37 @@ static int nf_tables_dump_rules(struct s
         rcu_read_lock();
         cb->seq = net->nft.base_seq;
   
         rcu_read_lock();
         cb->seq = net->nft.base_seq;
   
@@ -605,7 +605,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                         }
                 }
         }
                         }
                 }
         }
-@@ -2222,7 +2216,8 @@ static int nf_tables_getrule(struct net
+@@ -2238,7 +2232,8 @@ static int nf_tables_getrule(struct net
         if (IS_ERR(afi))
                 return PTR_ERR(afi);
   
         if (IS_ERR(afi))
                 return PTR_ERR(afi);
   
@@ -615,7 +615,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
-@@ -2306,7 +2301,8 @@ static int nf_tables_newrule(struct net
+@@ -2322,7 +2317,8 @@ static int nf_tables_newrule(struct net
         if (IS_ERR(afi))
                 return PTR_ERR(afi);
   
         if (IS_ERR(afi))
                 return PTR_ERR(afi);
   
@@ -625,7 +625,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
-@@ -2345,7 +2341,7 @@ static int nf_tables_newrule(struct net
+@@ -2361,7 +2357,7 @@ static int nf_tables_newrule(struct net
                         return PTR_ERR(old_rule);
         }
   
                         return PTR_ERR(old_rule);
         }
   
@@ -634,7 +634,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   
         n = 0;
         size = 0;
   
         n = 0;
         size = 0;
-@@ -2485,7 +2481,8 @@ static int nf_tables_delrule(struct net
+@@ -2501,7 +2497,8 @@ static int nf_tables_delrule(struct net
         if (IS_ERR(afi))
                 return PTR_ERR(afi);
   
         if (IS_ERR(afi))
                 return PTR_ERR(afi);
   
@@ -644,7 +644,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
-@@ -2496,7 +2493,7 @@ static int nf_tables_delrule(struct net
+@@ -2512,7 +2509,7 @@ static int nf_tables_delrule(struct net
                         return PTR_ERR(chain);
         }
   
                         return PTR_ERR(chain);
         }
   
@@ -653,7 +653,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   
         if (chain) {
                 if (nla[NFTA_RULE_HANDLE]) {
   
         if (chain) {
                 if (nla[NFTA_RULE_HANDLE]) {
-@@ -2694,13 +2691,13 @@ static int nft_ctx_init_from_setattr(str
+@@ -2710,13 +2707,13 @@ static int nft_ctx_init_from_setattr(str
                 if (afi == NULL)
                         return -EAFNOSUPPORT;
   
                 if (afi == NULL)
                         return -EAFNOSUPPORT;
   
@@ -670,7 +670,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         return 0;
   }
   
         return 0;
   }
   
-@@ -2828,7 +2825,7 @@ static int nf_tables_fill_set(struct sk_
+@@ -2844,7 +2841,7 @@ static int nf_tables_fill_set(struct sk_
                 goto nla_put_failure;
   
         nfmsg = nlmsg_data(nlh);
                 goto nla_put_failure;
   
         nfmsg = nlmsg_data(nlh);
@@ -679,7 +679,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         nfmsg->version          = NFNETLINK_V0;
         nfmsg->res_id           = htons(ctx->net->nft.base_seq & 0xffff);
   
         nfmsg->version          = NFNETLINK_V0;
         nfmsg->res_id           = htons(ctx->net->nft.base_seq & 0xffff);
   
-@@ -2920,10 +2917,8 @@ static int nf_tables_dump_sets(struct sk
+@@ -2936,10 +2933,8 @@ static int nf_tables_dump_sets(struct sk
   {
         const struct nft_set *set;
         unsigned int idx, s_idx = cb->args[0];
   {
         const struct nft_set *set;
         unsigned int idx, s_idx = cb->args[0];
@@ -690,7 +690,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         struct nft_ctx *ctx = cb->data, ctx_set;
   
         if (cb->args[1])
         struct nft_ctx *ctx = cb->data, ctx_set;
   
         if (cb->args[1])
-@@ -2932,51 +2927,44 @@ static int nf_tables_dump_sets(struct sk
+@@ -2948,51 +2943,44 @@ static int nf_tables_dump_sets(struct sk
         rcu_read_lock();
         cb->seq = net->nft.base_seq;
   
         rcu_read_lock();
         cb->seq = net->nft.base_seq;
   
@@ -771,7 +771,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         }
         cb->args[1] = 1;
   done:
         }
         cb->args[1] = 1;
   done:
-@@ -3186,11 +3174,12 @@ static int nf_tables_newset(struct net *
+@@ -3202,11 +3190,12 @@ static int nf_tables_newset(struct net *
         if (IS_ERR(afi))
                 return PTR_ERR(afi);
   
         if (IS_ERR(afi))
                 return PTR_ERR(afi);
   
@@ -786,7 +786,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   
         set = nf_tables_set_lookup(table, nla[NFTA_SET_NAME], genmask);
         if (IS_ERR(set)) {
   
         set = nf_tables_set_lookup(table, nla[NFTA_SET_NAME], genmask);
         if (IS_ERR(set)) {
-@@ -3459,12 +3448,12 @@ static int nft_ctx_init_from_elemattr(st
+@@ -3475,12 +3464,12 @@ static int nft_ctx_init_from_elemattr(st
         if (IS_ERR(afi))
                 return PTR_ERR(afi);
   
         if (IS_ERR(afi))
                 return PTR_ERR(afi);
   
@@ -802,7 +802,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         return 0;
   }
   
         return 0;
   }
   
-@@ -3569,7 +3558,6 @@ static int nf_tables_dump_set(struct sk_
+@@ -3585,7 +3574,6 @@ static int nf_tables_dump_set(struct sk_
   {
         struct nft_set_dump_ctx *dump_ctx = cb->data;
         struct net *net = sock_net(skb->sk);
   {
         struct nft_set_dump_ctx *dump_ctx = cb->data;
         struct net *net = sock_net(skb->sk);
@@ -810,7 +810,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         struct nft_table *table;
         struct nft_set *set;
         struct nft_set_dump_args args;
         struct nft_table *table;
         struct nft_set *set;
         struct nft_set_dump_args args;
-@@ -3581,21 +3569,19 @@ static int nf_tables_dump_set(struct sk_
+@@ -3597,21 +3585,19 @@ static int nf_tables_dump_set(struct sk_
         int event;
   
         rcu_read_lock();
         int event;
   
         rcu_read_lock();
@@ -841,7 +841,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                 }
                 break;
         }
                 }
                 break;
         }
-@@ -3615,7 +3601,7 @@ static int nf_tables_dump_set(struct sk_
+@@ -3631,7 +3617,7 @@ static int nf_tables_dump_set(struct sk_
                 goto nla_put_failure;
   
         nfmsg = nlmsg_data(nlh);
                 goto nla_put_failure;
   
         nfmsg = nlmsg_data(nlh);
@@ -850,7 +850,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         nfmsg->version      = NFNETLINK_V0;
         nfmsg->res_id       = htons(net->nft.base_seq & 0xffff);
   
         nfmsg->version      = NFNETLINK_V0;
         nfmsg->res_id       = htons(net->nft.base_seq & 0xffff);
   
-@@ -3717,7 +3703,7 @@ static int nf_tables_fill_setelem_info(s
+@@ -3733,7 +3719,7 @@ static int nf_tables_fill_setelem_info(s
                 goto nla_put_failure;
   
         nfmsg = nlmsg_data(nlh);
                 goto nla_put_failure;
   
         nfmsg = nlmsg_data(nlh);
@@ -859,7 +859,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         nfmsg->version          = NFNETLINK_V0;
         nfmsg->res_id           = htons(ctx->net->nft.base_seq & 0xffff);
   
         nfmsg->version          = NFNETLINK_V0;
         nfmsg->res_id           = htons(ctx->net->nft.base_seq & 0xffff);
   
-@@ -3961,7 +3947,7 @@ static int nft_add_set_elem(struct nft_c
+@@ -3977,7 +3963,7 @@ static int nft_add_set_elem(struct nft_c
                 list_for_each_entry(binding, &set->bindings, list) {
                         struct nft_ctx bind_ctx = {
                                 .net    = ctx->net,
                 list_for_each_entry(binding, &set->bindings, list) {
                         struct nft_ctx bind_ctx = {
                                 .net    = ctx->net,
@@ -868,7 +868,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                                 .table  = ctx->table,
                                 .chain  = (struct nft_chain *)binding->chain,
                         };
                                 .table  = ctx->table,
                                 .chain  = (struct nft_chain *)binding->chain,
                         };
-@@ -4510,7 +4496,8 @@ static int nf_tables_newobj(struct net *
+@@ -4526,7 +4512,8 @@ static int nf_tables_newobj(struct net *
         if (IS_ERR(afi))
                 return PTR_ERR(afi);
   
         if (IS_ERR(afi))
                 return PTR_ERR(afi);
   
@@ -878,7 +878,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
-@@ -4528,7 +4515,7 @@ static int nf_tables_newobj(struct net *
+@@ -4544,7 +4531,7 @@ static int nf_tables_newobj(struct net *
                 return 0;
         }
   
                 return 0;
         }
   
@@ -887,7 +887,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   
         type = nft_obj_type_get(objtype);
         if (IS_ERR(type))
   
         type = nft_obj_type_get(objtype);
         if (IS_ERR(type))
-@@ -4605,7 +4592,6 @@ struct nft_obj_filter {
+@@ -4621,7 +4608,6 @@ struct nft_obj_filter {
   static int nf_tables_dump_obj(struct sk_buff *skb, struct netlink_callback *cb)
   {
         const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh);
   static int nf_tables_dump_obj(struct sk_buff *skb, struct netlink_callback *cb)
   {
         const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh);
@@ -895,7 +895,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         const struct nft_table *table;
         unsigned int idx = 0, s_idx = cb->args[0];
         struct nft_obj_filter *filter = cb->data;
         const struct nft_table *table;
         unsigned int idx = 0, s_idx = cb->args[0];
         struct nft_obj_filter *filter = cb->data;
-@@ -4620,38 +4606,37 @@ static int nf_tables_dump_obj(struct sk_
+@@ -4636,38 +4622,37 @@ static int nf_tables_dump_obj(struct sk_
         rcu_read_lock();
         cb->seq = net->nft.base_seq;
   
         rcu_read_lock();
         cb->seq = net->nft.base_seq;
   
@@ -960,7 +960,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                 }
         }
   done:
                 }
         }
   done:
-@@ -4738,7 +4723,8 @@ static int nf_tables_getobj(struct net *
+@@ -4754,7 +4739,8 @@ static int nf_tables_getobj(struct net *
         if (IS_ERR(afi))
                 return PTR_ERR(afi);
   
         if (IS_ERR(afi))
                 return PTR_ERR(afi);
   
@@ -970,7 +970,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
-@@ -4798,7 +4784,8 @@ static int nf_tables_delobj(struct net *
+@@ -4814,7 +4800,8 @@ static int nf_tables_delobj(struct net *
         if (IS_ERR(afi))
                 return PTR_ERR(afi);
   
         if (IS_ERR(afi))
                 return PTR_ERR(afi);
   
@@ -980,7 +980,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
-@@ -4809,7 +4796,7 @@ static int nf_tables_delobj(struct net *
+@@ -4825,7 +4812,7 @@ static int nf_tables_delobj(struct net *
         if (obj->use > 0)
                 return -EBUSY;
   
         if (obj->use > 0)
                 return -EBUSY;
   
@@ -989,7 +989,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   
         return nft_delobj(&ctx, obj);
   }
   
         return nft_delobj(&ctx, obj);
   }
-@@ -4847,7 +4834,7 @@ static void nf_tables_obj_notify(const s
+@@ -4863,7 +4850,7 @@ static void nf_tables_obj_notify(const s
                                  struct nft_object *obj, int event)
   {
         nft_obj_notify(ctx->net, ctx->table, obj, ctx->portid, ctx->seq, event,
                                  struct nft_object *obj, int event)
   {
         nft_obj_notify(ctx->net, ctx->table, obj, ctx->portid, ctx->seq, event,
@@ -998,7 +998,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   }
   
   /*
   }
   
   /*
-@@ -5037,7 +5024,7 @@ void nft_flow_table_iterate(struct net *
+@@ -5053,7 +5040,7 @@ void nft_flow_table_iterate(struct net *
   
         rcu_read_lock();
         list_for_each_entry_rcu(afi, &net->nft.af_info, list) {
   
         rcu_read_lock();
         list_for_each_entry_rcu(afi, &net->nft.af_info, list) {
@@ -1007,7 +1007,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                         list_for_each_entry_rcu(flowtable, &table->flowtables, list) {
                                 iter(&flowtable->data, data);
                         }
                         list_for_each_entry_rcu(flowtable, &table->flowtables, list) {
                                 iter(&flowtable->data, data);
                         }
-@@ -5085,7 +5072,8 @@ static int nf_tables_newflowtable(struct
+@@ -5101,7 +5088,8 @@ static int nf_tables_newflowtable(struct
         if (IS_ERR(afi))
                 return PTR_ERR(afi);
   
         if (IS_ERR(afi))
                 return PTR_ERR(afi);
   
@@ -1017,7 +1017,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
-@@ -5102,7 +5090,7 @@ static int nf_tables_newflowtable(struct
+@@ -5118,7 +5106,7 @@ static int nf_tables_newflowtable(struct
                 return 0;
         }
   
                 return 0;
         }
   
@@ -1026,7 +1026,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   
         flowtable = kzalloc(sizeof(*flowtable), GFP_KERNEL);
         if (!flowtable)
   
         flowtable = kzalloc(sizeof(*flowtable), GFP_KERNEL);
         if (!flowtable)
-@@ -5183,7 +5171,8 @@ static int nf_tables_delflowtable(struct
+@@ -5199,7 +5187,8 @@ static int nf_tables_delflowtable(struct
         if (IS_ERR(afi))
                 return PTR_ERR(afi);
   
         if (IS_ERR(afi))
                 return PTR_ERR(afi);
   
@@ -1036,7 +1036,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
-@@ -5194,7 +5183,7 @@ static int nf_tables_delflowtable(struct
+@@ -5210,7 +5199,7 @@ static int nf_tables_delflowtable(struct
         if (flowtable->use > 0)
                 return -EBUSY;
   
         if (flowtable->use > 0)
                 return -EBUSY;
   
@@ -1045,7 +1045,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   
         return nft_delflowtable(&ctx, flowtable);
   }
   
         return nft_delflowtable(&ctx, flowtable);
   }
-@@ -5263,40 +5252,37 @@ static int nf_tables_dump_flowtable(stru
+@@ -5279,40 +5268,37 @@ static int nf_tables_dump_flowtable(stru
         struct net *net = sock_net(skb->sk);
         int family = nfmsg->nfgen_family;
         struct nft_flowtable *flowtable;
         struct net *net = sock_net(skb->sk);
         int family = nfmsg->nfgen_family;
         struct nft_flowtable *flowtable;
@@ -1107,7 +1107,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                 }
         }
   done:
                 }
         }
   done:
-@@ -5381,7 +5367,8 @@ static int nf_tables_getflowtable(struct
+@@ -5397,7 +5383,8 @@ static int nf_tables_getflowtable(struct
         if (IS_ERR(afi))
                 return PTR_ERR(afi);
   
         if (IS_ERR(afi))
                 return PTR_ERR(afi);
   
@@ -1117,7 +1117,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
-@@ -5424,7 +5411,7 @@ static void nf_tables_flowtable_notify(s
+@@ -5440,7 +5427,7 @@ static void nf_tables_flowtable_notify(s
   
         err = nf_tables_fill_flowtable_info(skb, ctx->net, ctx->portid,
                                             ctx->seq, event, 0,
   
         err = nf_tables_fill_flowtable_info(skb, ctx->net, ctx->portid,
                                             ctx->seq, event, 0,
@@ -1126,7 +1126,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         if (err < 0) {
                 kfree_skb(skb);
                 goto err;
         if (err < 0) {
                 kfree_skb(skb);
                 goto err;
-@@ -5502,17 +5489,14 @@ static int nf_tables_flowtable_event(str
+@@ -5518,17 +5505,14 @@ static int nf_tables_flowtable_event(str
         struct net_device *dev = netdev_notifier_info_to_dev(ptr);
         struct nft_flowtable *flowtable;
         struct nft_table *table;
         struct net_device *dev = netdev_notifier_info_to_dev(ptr);
         struct nft_flowtable *flowtable;
         struct nft_table *table;
@@ -1147,7 +1147,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                 }
         }
         nfnl_unlock(NFNL_SUBSYS_NFTABLES);
                 }
         }
         nfnl_unlock(NFNL_SUBSYS_NFTABLES);
-@@ -6533,6 +6517,7 @@ EXPORT_SYMBOL_GPL(nft_data_dump);
+@@ -6554,6 +6538,7 @@ EXPORT_SYMBOL_GPL(nft_data_dump);
   static int __net_init nf_tables_init_net(struct net *net)
   {
         INIT_LIST_HEAD(&net->nft.af_info);
   static int __net_init nf_tables_init_net(struct net *net)
   {
         INIT_LIST_HEAD(&net->nft.af_info);
@@ -1155,7 +1155,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         INIT_LIST_HEAD(&net->nft.commit_list);
         net->nft.base_seq = 1;
         return 0;
         INIT_LIST_HEAD(&net->nft.commit_list);
         net->nft.base_seq = 1;
         return 0;
-@@ -6569,10 +6554,10 @@ static void __nft_release_afinfo(struct
+@@ -6590,10 +6575,10 @@ static void __nft_release_afinfo(struct
         struct nft_set *set, *ns;
         struct nft_ctx ctx = {
                 .net    = net,
         struct nft_set *set, *ns;
         struct nft_ctx ctx = {
                 .net    = net,
diff --git a/target/linux/generic/backport-4.14/336-v4.15-netfilter-exit_net-cleanup-check-added.patch b/target/linux/generic/backport-4.14/336-v4.15-netfilter-exit_net-cleanup-check-added.patch

index 0d973ac028630fa5ec2cc1a5e5ddcaab746115f1..d71c8e0aba3f06e9642a7d5126cf1e4314737631 100644 (file)
--- a/target/linux/generic/backport-4.14/336-v4.15-netfilter-exit_net-cleanup-check-added.patch
+++ b/target/linux/generic/backport-4.14/336-v4.15-netfilter-exit_net-cleanup-check-added.patch
@@ -21,7 +21,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   static struct pernet_operations clusterip_net_ops = {
  --- a/net/netfilter/nf_tables_api.c
  +++ b/net/netfilter/nf_tables_api.c
   static struct pernet_operations clusterip_net_ops = {
  --- a/net/netfilter/nf_tables_api.c
  +++ b/net/netfilter/nf_tables_api.c
-@@ -6523,6 +6523,12 @@ static int __net_init nf_tables_init_net
+@@ -6544,6 +6544,12 @@ static int __net_init nf_tables_init_net
         return 0;
   }
   
         return 0;
   }
   
@@ -34,7 +34,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   int __nft_release_basechain(struct nft_ctx *ctx)
   {
         struct nft_rule *rule, *nr;
   int __nft_release_basechain(struct nft_ctx *ctx)
   {
         struct nft_rule *rule, *nr;
-@@ -6600,6 +6606,7 @@ static void __nft_release_afinfo(struct
+@@ -6621,6 +6627,7 @@ static void __nft_release_afinfo(struct
   
   static struct pernet_operations nf_tables_net_ops = {
         .init   = nf_tables_init_net,
   
   static struct pernet_operations nf_tables_net_ops = {
         .init   = nf_tables_init_net,
diff --git a/target/linux/generic/backport-4.14/337-v4.16-netfilter-nf_tables-get-rid-of-pernet-families.patch b/target/linux/generic/backport-4.14/337-v4.16-netfilter-nf_tables-get-rid-of-pernet-families.patch

index 0ea11524fc7af1db61d09ff619b0a3af72df8ec2..d1325de2d4b935c74e0e431f1d2b38d49d6b2950 100644 (file)
--- a/target/linux/generic/backport-4.14/337-v4.16-netfilter-nf_tables-get-rid-of-pernet-families.patch
+++ b/target/linux/generic/backport-4.14/337-v4.16-netfilter-nf_tables-get-rid-of-pernet-families.patch
@@ -364,7 +364,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                 if (afi->family == family)
                         return afi;
         }
                 if (afi->family == family)
                         return afi;
         }
-@@ -5019,15 +5017,12 @@ void nft_flow_table_iterate(struct net *
+@@ -5035,15 +5033,12 @@ void nft_flow_table_iterate(struct net *
                             void *data)
   {
         struct nft_flowtable *flowtable;
                             void *data)
   {
         struct nft_flowtable *flowtable;
@@ -383,7 +383,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                 }
         }
         rcu_read_unlock();
                 }
         }
         rcu_read_unlock();
-@@ -6514,21 +6509,6 @@ int nft_data_dump(struct sk_buff *skb, i
+@@ -6535,21 +6530,6 @@ int nft_data_dump(struct sk_buff *skb, i
   }
   EXPORT_SYMBOL_GPL(nft_data_dump);
   
   }
   EXPORT_SYMBOL_GPL(nft_data_dump);
   
@@ -405,7 +405,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   int __nft_release_basechain(struct nft_ctx *ctx)
   {
         struct nft_rule *rule, *nr;
   int __nft_release_basechain(struct nft_ctx *ctx)
   {
         struct nft_rule *rule, *nr;
-@@ -6549,8 +6529,7 @@ int __nft_release_basechain(struct nft_c
+@@ -6570,8 +6550,7 @@ int __nft_release_basechain(struct nft_c
   }
   EXPORT_SYMBOL_GPL(__nft_release_basechain);
   
   }
   EXPORT_SYMBOL_GPL(__nft_release_basechain);
   
@@ -415,7 +415,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   {
         struct nft_flowtable *flowtable, *nf;
         struct nft_table *table, *nt;
   {
         struct nft_flowtable *flowtable, *nf;
         struct nft_table *table, *nt;
-@@ -6560,10 +6539,11 @@ static void __nft_release_afinfo(struct
+@@ -6581,10 +6560,11 @@ static void __nft_release_afinfo(struct
         struct nft_set *set, *ns;
         struct nft_ctx ctx = {
                 .net    = net,
         struct nft_set *set, *ns;
         struct nft_ctx ctx = {
                 .net    = net,
@@ -428,7 +428,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                 list_for_each_entry(chain, &table->chains, list)
                         nf_tables_unregister_hook(net, table, chain);
                 list_for_each_entry(flowtable, &table->flowtables, list)
                 list_for_each_entry(chain, &table->chains, list)
                         nf_tables_unregister_hook(net, table, chain);
                 list_for_each_entry(flowtable, &table->flowtables, list)
-@@ -6604,6 +6584,21 @@ static void __nft_release_afinfo(struct
+@@ -6625,6 +6605,21 @@ static void __nft_release_afinfo(struct
         }
   }
   
         }
   }
   
diff --git a/target/linux/generic/backport-4.14/338-v4.16-netfilter-nf_tables-get-rid-of-struct-nft_af_info-ab.patch b/target/linux/generic/backport-4.14/338-v4.16-netfilter-nf_tables-get-rid-of-struct-nft_af_info-ab.patch

index 0752d693950b510cace551279e39255806a79d6c..868f3e68e6f88363d7ebe0c7748790790e6335e1 100644 (file)
--- a/target/linux/generic/backport-4.14/338-v4.16-netfilter-nf_tables-get-rid-of-struct-nft_af_info-ab.patch
+++ b/target/linux/generic/backport-4.14/338-v4.16-netfilter-nf_tables-get-rid-of-struct-nft_af_info-ab.patch
@@ -540,7 +540,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                                        genmask);
         if (IS_ERR(table))
                 return PTR_ERR(table);
                                        genmask);
         if (IS_ERR(table))
                 return PTR_ERR(table);
-@@ -1581,7 +1489,6 @@ static int nf_tables_newchain(struct net
+@@ -1597,7 +1505,6 @@ static int nf_tables_newchain(struct net
         const struct nlattr * uninitialized_var(name);
         u8 genmask = nft_genmask_next(net);
         int family = nfmsg->nfgen_family;
         const struct nlattr * uninitialized_var(name);
         u8 genmask = nft_genmask_next(net);
         int family = nfmsg->nfgen_family;
@@ -548,7 +548,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         struct nft_table *table;
         struct nft_chain *chain;
         u8 policy = NF_ACCEPT;
         struct nft_table *table;
         struct nft_chain *chain;
         u8 policy = NF_ACCEPT;
-@@ -1591,11 +1498,7 @@ static int nf_tables_newchain(struct net
+@@ -1607,11 +1514,7 @@ static int nf_tables_newchain(struct net
   
         create = nlh->nlmsg_flags & NLM_F_CREATE ? true : false;
   
   
         create = nlh->nlmsg_flags & NLM_F_CREATE ? true : false;
   
@@ -561,7 +561,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                                        genmask);
         if (IS_ERR(table))
                 return PTR_ERR(table);
                                        genmask);
         if (IS_ERR(table))
                 return PTR_ERR(table);
-@@ -1636,7 +1539,7 @@ static int nf_tables_newchain(struct net
+@@ -1652,7 +1555,7 @@ static int nf_tables_newchain(struct net
                 }
         }
   
                 }
         }
   
@@ -570,7 +570,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   
         if (chain != NULL) {
                 if (nlh->nlmsg_flags & NLM_F_EXCL)
   
         if (chain != NULL) {
                 if (nlh->nlmsg_flags & NLM_F_EXCL)
-@@ -1657,7 +1560,6 @@ static int nf_tables_delchain(struct net
+@@ -1673,7 +1576,6 @@ static int nf_tables_delchain(struct net
   {
         const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
         u8 genmask = nft_genmask_next(net);
   {
         const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
         u8 genmask = nft_genmask_next(net);
@@ -578,7 +578,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         struct nft_table *table;
         struct nft_chain *chain;
         struct nft_rule *rule;
         struct nft_table *table;
         struct nft_chain *chain;
         struct nft_rule *rule;
-@@ -1666,11 +1568,7 @@ static int nf_tables_delchain(struct net
+@@ -1682,11 +1584,7 @@ static int nf_tables_delchain(struct net
         u32 use;
         int err;
   
         u32 use;
         int err;
   
@@ -591,7 +591,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                                        genmask);
         if (IS_ERR(table))
                 return PTR_ERR(table);
                                        genmask);
         if (IS_ERR(table))
                 return PTR_ERR(table);
-@@ -1683,7 +1581,7 @@ static int nf_tables_delchain(struct net
+@@ -1699,7 +1597,7 @@ static int nf_tables_delchain(struct net
             chain->use > 0)
                 return -EBUSY;
   
             chain->use > 0)
                 return -EBUSY;
   
@@ -600,7 +600,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   
         use = chain->use;
         list_for_each_entry(rule, &chain->rules, list) {
   
         use = chain->use;
         list_for_each_entry(rule, &chain->rules, list) {
-@@ -2107,7 +2005,7 @@ static int nf_tables_dump_rules(struct s
+@@ -2123,7 +2021,7 @@ static int nf_tables_dump_rules(struct s
         cb->seq = net->nft.base_seq;
   
         list_for_each_entry_rcu(table, &net->nft.tables, list) {
         cb->seq = net->nft.base_seq;
   
         list_for_each_entry_rcu(table, &net->nft.tables, list) {
@@ -609,7 +609,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                         continue;
   
                 if (ctx && ctx->table && strcmp(ctx->table, table->name) != 0)
                         continue;
   
                 if (ctx && ctx->table && strcmp(ctx->table, table->name) != 0)
-@@ -2130,7 +2028,7 @@ static int nf_tables_dump_rules(struct s
+@@ -2146,7 +2044,7 @@ static int nf_tables_dump_rules(struct s
                                                               cb->nlh->nlmsg_seq,
                                                               NFT_MSG_NEWRULE,
                                                               NLM_F_MULTI | NLM_F_APPEND,
                                                               cb->nlh->nlmsg_seq,
                                                               NFT_MSG_NEWRULE,
                                                               NLM_F_MULTI | NLM_F_APPEND,
@@ -618,7 +618,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                                                               table, chain, rule) < 0)
                                         goto done;
   
                                                               table, chain, rule) < 0)
                                         goto done;
   
-@@ -2166,7 +2064,6 @@ static int nf_tables_getrule(struct net
+@@ -2182,7 +2080,6 @@ static int nf_tables_getrule(struct net
   {
         const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
         u8 genmask = nft_genmask_cur(net);
   {
         const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
         u8 genmask = nft_genmask_cur(net);
@@ -626,7 +626,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         const struct nft_table *table;
         const struct nft_chain *chain;
         const struct nft_rule *rule;
         const struct nft_table *table;
         const struct nft_chain *chain;
         const struct nft_rule *rule;
-@@ -2210,11 +2107,7 @@ static int nf_tables_getrule(struct net
+@@ -2226,11 +2123,7 @@ static int nf_tables_getrule(struct net
                 return netlink_dump_start(nlsk, skb, nlh, &c);
         }
   
                 return netlink_dump_start(nlsk, skb, nlh, &c);
         }
   
@@ -639,7 +639,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                                        genmask);
         if (IS_ERR(table))
                 return PTR_ERR(table);
                                        genmask);
         if (IS_ERR(table))
                 return PTR_ERR(table);
-@@ -2279,7 +2172,7 @@ static int nf_tables_newrule(struct net
+@@ -2295,7 +2188,7 @@ static int nf_tables_newrule(struct net
   {
         const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
         u8 genmask = nft_genmask_next(net);
   {
         const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
         u8 genmask = nft_genmask_next(net);
@@ -648,7 +648,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         struct nft_table *table;
         struct nft_chain *chain;
         struct nft_rule *rule, *old_rule = NULL;
         struct nft_table *table;
         struct nft_chain *chain;
         struct nft_rule *rule, *old_rule = NULL;
-@@ -2295,11 +2188,7 @@ static int nf_tables_newrule(struct net
+@@ -2311,11 +2204,7 @@ static int nf_tables_newrule(struct net
   
         create = nlh->nlmsg_flags & NLM_F_CREATE ? true : false;
   
   
         create = nlh->nlmsg_flags & NLM_F_CREATE ? true : false;
   
@@ -661,7 +661,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                                        genmask);
         if (IS_ERR(table))
                 return PTR_ERR(table);
                                        genmask);
         if (IS_ERR(table))
                 return PTR_ERR(table);
-@@ -2339,7 +2228,7 @@ static int nf_tables_newrule(struct net
+@@ -2355,7 +2244,7 @@ static int nf_tables_newrule(struct net
                         return PTR_ERR(old_rule);
         }
   
                         return PTR_ERR(old_rule);
         }
   
@@ -670,7 +670,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   
         n = 0;
         size = 0;
   
         n = 0;
         size = 0;
-@@ -2468,18 +2357,13 @@ static int nf_tables_delrule(struct net
+@@ -2484,18 +2373,13 @@ static int nf_tables_delrule(struct net
   {
         const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
         u8 genmask = nft_genmask_next(net);
   {
         const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
         u8 genmask = nft_genmask_next(net);
@@ -690,7 +690,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                                        genmask);
         if (IS_ERR(table))
                 return PTR_ERR(table);
                                        genmask);
         if (IS_ERR(table))
                 return PTR_ERR(table);
-@@ -2491,7 +2375,7 @@ static int nf_tables_delrule(struct net
+@@ -2507,7 +2391,7 @@ static int nf_tables_delrule(struct net
                         return PTR_ERR(chain);
         }
   
                         return PTR_ERR(chain);
         }
   
@@ -699,7 +699,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   
         if (chain) {
                 if (nla[NFTA_RULE_HANDLE]) {
   
         if (chain) {
                 if (nla[NFTA_RULE_HANDLE]) {
-@@ -2676,26 +2560,17 @@ static int nft_ctx_init_from_setattr(str
+@@ -2692,26 +2576,17 @@ static int nft_ctx_init_from_setattr(str
                                      u8 genmask)
   {
         const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
                                      u8 genmask)
   {
         const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
@@ -729,7 +729,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         return 0;
   }
   
         return 0;
   }
   
-@@ -2927,7 +2802,7 @@ static int nf_tables_dump_sets(struct sk
+@@ -2943,7 +2818,7 @@ static int nf_tables_dump_sets(struct sk
   
         list_for_each_entry_rcu(table, &net->nft.tables, list) {
                 if (ctx->family != NFPROTO_UNSPEC &&
   
         list_for_each_entry_rcu(table, &net->nft.tables, list) {
                 if (ctx->family != NFPROTO_UNSPEC &&
@@ -738,7 +738,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                         continue;
   
                 if (ctx->table && ctx->table != table)
                         continue;
   
                 if (ctx->table && ctx->table != table)
-@@ -2948,7 +2823,7 @@ static int nf_tables_dump_sets(struct sk
+@@ -2964,7 +2839,7 @@ static int nf_tables_dump_sets(struct sk
   
                         ctx_set = *ctx;
                         ctx_set.table = table;
   
                         ctx_set = *ctx;
                         ctx_set.table = table;
@@ -747,7 +747,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   
                         if (nf_tables_fill_set(skb, &ctx_set, set,
                                                NFT_MSG_NEWSET,
   
                         if (nf_tables_fill_set(skb, &ctx_set, set,
                                                NFT_MSG_NEWSET,
-@@ -3060,8 +2935,8 @@ static int nf_tables_newset(struct net *
+@@ -3076,8 +2951,8 @@ static int nf_tables_newset(struct net *
   {
         const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
         u8 genmask = nft_genmask_next(net);
   {
         const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
         u8 genmask = nft_genmask_next(net);
@@ -757,7 +757,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         struct nft_table *table;
         struct nft_set *set;
         struct nft_ctx ctx;
         struct nft_table *table;
         struct nft_set *set;
         struct nft_ctx ctx;
-@@ -3168,16 +3043,12 @@ static int nf_tables_newset(struct net *
+@@ -3184,16 +3059,12 @@ static int nf_tables_newset(struct net *
   
         create = nlh->nlmsg_flags & NLM_F_CREATE ? true : false;
   
   
         create = nlh->nlmsg_flags & NLM_F_CREATE ? true : false;
   
@@ -776,7 +776,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   
         set = nf_tables_set_lookup(table, nla[NFTA_SET_NAME], genmask);
         if (IS_ERR(set)) {
   
         set = nf_tables_set_lookup(table, nla[NFTA_SET_NAME], genmask);
         if (IS_ERR(set)) {
-@@ -3439,19 +3310,15 @@ static int nft_ctx_init_from_elemattr(st
+@@ -3455,19 +3326,15 @@ static int nft_ctx_init_from_elemattr(st
                                       u8 genmask)
   {
         const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
                                       u8 genmask)
   {
         const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
@@ -799,7 +799,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         return 0;
   }
   
         return 0;
   }
   
-@@ -3569,7 +3436,7 @@ static int nf_tables_dump_set(struct sk_
+@@ -3585,7 +3452,7 @@ static int nf_tables_dump_set(struct sk_
         rcu_read_lock();
         list_for_each_entry_rcu(table, &net->nft.tables, list) {
                 if (dump_ctx->ctx.family != NFPROTO_UNSPEC &&
         rcu_read_lock();
         list_for_each_entry_rcu(table, &net->nft.tables, list) {
                 if (dump_ctx->ctx.family != NFPROTO_UNSPEC &&
@@ -808,7 +808,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                         continue;
   
                 if (table != dump_ctx->ctx.table)
                         continue;
   
                 if (table != dump_ctx->ctx.table)
-@@ -3599,7 +3466,7 @@ static int nf_tables_dump_set(struct sk_
+@@ -3615,7 +3482,7 @@ static int nf_tables_dump_set(struct sk_
                 goto nla_put_failure;
   
         nfmsg = nlmsg_data(nlh);
                 goto nla_put_failure;
   
         nfmsg = nlmsg_data(nlh);
@@ -817,7 +817,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         nfmsg->version      = NFNETLINK_V0;
         nfmsg->res_id       = htons(net->nft.base_seq & 0xffff);
   
         nfmsg->version      = NFNETLINK_V0;
         nfmsg->res_id       = htons(net->nft.base_seq & 0xffff);
   
-@@ -4478,7 +4345,6 @@ static int nf_tables_newobj(struct net *
+@@ -4494,7 +4361,6 @@ static int nf_tables_newobj(struct net *
         const struct nft_object_type *type;
         u8 genmask = nft_genmask_next(net);
         int family = nfmsg->nfgen_family;
         const struct nft_object_type *type;
         u8 genmask = nft_genmask_next(net);
         int family = nfmsg->nfgen_family;
@@ -825,7 +825,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         struct nft_table *table;
         struct nft_object *obj;
         struct nft_ctx ctx;
         struct nft_table *table;
         struct nft_object *obj;
         struct nft_ctx ctx;
-@@ -4490,11 +4356,7 @@ static int nf_tables_newobj(struct net *
+@@ -4506,11 +4372,7 @@ static int nf_tables_newobj(struct net *
             !nla[NFTA_OBJ_DATA])
                 return -EINVAL;
   
             !nla[NFTA_OBJ_DATA])
                 return -EINVAL;
   
@@ -838,7 +838,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                                        genmask);
         if (IS_ERR(table))
                 return PTR_ERR(table);
                                        genmask);
         if (IS_ERR(table))
                 return PTR_ERR(table);
-@@ -4513,7 +4375,7 @@ static int nf_tables_newobj(struct net *
+@@ -4529,7 +4391,7 @@ static int nf_tables_newobj(struct net *
                 return 0;
         }
   
                 return 0;
         }
   
@@ -847,7 +847,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   
         type = nft_obj_type_get(objtype);
         if (IS_ERR(type))
   
         type = nft_obj_type_get(objtype);
         if (IS_ERR(type))
-@@ -4605,7 +4467,7 @@ static int nf_tables_dump_obj(struct sk_
+@@ -4621,7 +4483,7 @@ static int nf_tables_dump_obj(struct sk_
         cb->seq = net->nft.base_seq;
   
         list_for_each_entry_rcu(table, &net->nft.tables, list) {
         cb->seq = net->nft.base_seq;
   
         list_for_each_entry_rcu(table, &net->nft.tables, list) {
@@ -856,7 +856,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                         continue;
   
                 list_for_each_entry_rcu(obj, &table->objects, list) {
                         continue;
   
                 list_for_each_entry_rcu(obj, &table->objects, list) {
-@@ -4628,7 +4490,7 @@ static int nf_tables_dump_obj(struct sk_
+@@ -4644,7 +4506,7 @@ static int nf_tables_dump_obj(struct sk_
                                                     cb->nlh->nlmsg_seq,
                                                     NFT_MSG_NEWOBJ,
                                                     NLM_F_MULTI | NLM_F_APPEND,
                                                     cb->nlh->nlmsg_seq,
                                                     NFT_MSG_NEWOBJ,
                                                     NLM_F_MULTI | NLM_F_APPEND,
@@ -865,7 +865,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                                                     obj, reset) < 0)
                                 goto done;
   
                                                     obj, reset) < 0)
                                 goto done;
   
-@@ -4686,7 +4548,6 @@ static int nf_tables_getobj(struct net *
+@@ -4702,7 +4564,6 @@ static int nf_tables_getobj(struct net *
         const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
         u8 genmask = nft_genmask_cur(net);
         int family = nfmsg->nfgen_family;
         const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
         u8 genmask = nft_genmask_cur(net);
         int family = nfmsg->nfgen_family;
@@ -873,7 +873,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         const struct nft_table *table;
         struct nft_object *obj;
         struct sk_buff *skb2;
         const struct nft_table *table;
         struct nft_object *obj;
         struct sk_buff *skb2;
-@@ -4717,11 +4578,7 @@ static int nf_tables_getobj(struct net *
+@@ -4733,11 +4594,7 @@ static int nf_tables_getobj(struct net *
             !nla[NFTA_OBJ_TYPE])
                 return -EINVAL;
   
             !nla[NFTA_OBJ_TYPE])
                 return -EINVAL;
   
@@ -886,7 +886,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                                        genmask);
         if (IS_ERR(table))
                 return PTR_ERR(table);
                                        genmask);
         if (IS_ERR(table))
                 return PTR_ERR(table);
-@@ -4768,7 +4625,6 @@ static int nf_tables_delobj(struct net *
+@@ -4784,7 +4641,6 @@ static int nf_tables_delobj(struct net *
         const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
         u8 genmask = nft_genmask_next(net);
         int family = nfmsg->nfgen_family;
         const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
         u8 genmask = nft_genmask_next(net);
         int family = nfmsg->nfgen_family;
@@ -894,7 +894,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         struct nft_table *table;
         struct nft_object *obj;
         struct nft_ctx ctx;
         struct nft_table *table;
         struct nft_object *obj;
         struct nft_ctx ctx;
-@@ -4778,11 +4634,7 @@ static int nf_tables_delobj(struct net *
+@@ -4794,11 +4650,7 @@ static int nf_tables_delobj(struct net *
             !nla[NFTA_OBJ_NAME])
                 return -EINVAL;
   
             !nla[NFTA_OBJ_NAME])
                 return -EINVAL;
   
@@ -907,7 +907,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                                        genmask);
         if (IS_ERR(table))
                 return PTR_ERR(table);
                                        genmask);
         if (IS_ERR(table))
                 return PTR_ERR(table);
-@@ -4794,7 +4646,7 @@ static int nf_tables_delobj(struct net *
+@@ -4810,7 +4662,7 @@ static int nf_tables_delobj(struct net *
         if (obj->use > 0)
                 return -EBUSY;
   
         if (obj->use > 0)
                 return -EBUSY;
   
@@ -916,7 +916,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   
         return nft_delobj(&ctx, obj);
   }
   
         return nft_delobj(&ctx, obj);
   }
-@@ -4979,33 +4831,31 @@ err1:
+@@ -4995,33 +4847,31 @@ err1:
         return err;
   }
   
         return err;
   }
   
@@ -956,7 +956,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                         return ERR_PTR(-EAGAIN);
         }
   #endif
                         return ERR_PTR(-EAGAIN);
         }
   #endif
-@@ -5053,7 +4903,6 @@ static int nf_tables_newflowtable(struct
+@@ -5069,7 +4919,6 @@ static int nf_tables_newflowtable(struct
         u8 genmask = nft_genmask_next(net);
         int family = nfmsg->nfgen_family;
         struct nft_flowtable *flowtable;
         u8 genmask = nft_genmask_next(net);
         int family = nfmsg->nfgen_family;
         struct nft_flowtable *flowtable;
@@ -964,7 +964,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         struct nft_table *table;
         struct nft_ctx ctx;
         int err, i, k;
         struct nft_table *table;
         struct nft_ctx ctx;
         int err, i, k;
-@@ -5063,12 +4912,8 @@ static int nf_tables_newflowtable(struct
+@@ -5079,12 +4928,8 @@ static int nf_tables_newflowtable(struct
             !nla[NFTA_FLOWTABLE_HOOK])
                 return -EINVAL;
   
             !nla[NFTA_FLOWTABLE_HOOK])
                 return -EINVAL;
   
@@ -978,7 +978,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
-@@ -5085,7 +4930,7 @@ static int nf_tables_newflowtable(struct
+@@ -5101,7 +4946,7 @@ static int nf_tables_newflowtable(struct
                 return 0;
         }
   
                 return 0;
         }
   
@@ -987,7 +987,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   
         flowtable = kzalloc(sizeof(*flowtable), GFP_KERNEL);
         if (!flowtable)
   
         flowtable = kzalloc(sizeof(*flowtable), GFP_KERNEL);
         if (!flowtable)
-@@ -5098,7 +4943,7 @@ static int nf_tables_newflowtable(struct
+@@ -5114,7 +4959,7 @@ static int nf_tables_newflowtable(struct
                 goto err1;
         }
   
                 goto err1;
         }
   
@@ -996,7 +996,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         if (IS_ERR(type)) {
                 err = PTR_ERR(type);
                 goto err2;
         if (IS_ERR(type)) {
                 err = PTR_ERR(type);
                 goto err2;
-@@ -5158,16 +5003,11 @@ static int nf_tables_delflowtable(struct
+@@ -5174,16 +5019,11 @@ static int nf_tables_delflowtable(struct
         u8 genmask = nft_genmask_next(net);
         int family = nfmsg->nfgen_family;
         struct nft_flowtable *flowtable;
         u8 genmask = nft_genmask_next(net);
         int family = nfmsg->nfgen_family;
         struct nft_flowtable *flowtable;
@@ -1014,7 +1014,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
-@@ -5178,7 +5018,7 @@ static int nf_tables_delflowtable(struct
+@@ -5194,7 +5034,7 @@ static int nf_tables_delflowtable(struct
         if (flowtable->use > 0)
                 return -EBUSY;
   
         if (flowtable->use > 0)
                 return -EBUSY;
   
@@ -1023,7 +1023,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   
         return nft_delflowtable(&ctx, flowtable);
   }
   
         return nft_delflowtable(&ctx, flowtable);
   }
-@@ -5253,7 +5093,7 @@ static int nf_tables_dump_flowtable(stru
+@@ -5269,7 +5109,7 @@ static int nf_tables_dump_flowtable(stru
         cb->seq = net->nft.base_seq;
   
         list_for_each_entry_rcu(table, &net->nft.tables, list) {
         cb->seq = net->nft.base_seq;
   
         list_for_each_entry_rcu(table, &net->nft.tables, list) {
@@ -1032,7 +1032,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                         continue;
   
                 list_for_each_entry_rcu(flowtable, &table->flowtables, list) {
                         continue;
   
                 list_for_each_entry_rcu(flowtable, &table->flowtables, list) {
-@@ -5272,7 +5112,7 @@ static int nf_tables_dump_flowtable(stru
+@@ -5288,7 +5128,7 @@ static int nf_tables_dump_flowtable(stru
                                                           cb->nlh->nlmsg_seq,
                                                           NFT_MSG_NEWFLOWTABLE,
                                                           NLM_F_MULTI | NLM_F_APPEND,
                                                           cb->nlh->nlmsg_seq,
                                                           NFT_MSG_NEWFLOWTABLE,
                                                           NLM_F_MULTI | NLM_F_APPEND,
@@ -1041,7 +1041,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                                 goto done;
   
                         nl_dump_check_consistent(cb, nlmsg_hdr(skb));
                                 goto done;
   
                         nl_dump_check_consistent(cb, nlmsg_hdr(skb));
-@@ -5332,7 +5172,6 @@ static int nf_tables_getflowtable(struct
+@@ -5348,7 +5188,6 @@ static int nf_tables_getflowtable(struct
         u8 genmask = nft_genmask_cur(net);
         int family = nfmsg->nfgen_family;
         struct nft_flowtable *flowtable;
         u8 genmask = nft_genmask_cur(net);
         int family = nfmsg->nfgen_family;
         struct nft_flowtable *flowtable;
@@ -1049,7 +1049,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         const struct nft_table *table;
         struct sk_buff *skb2;
         int err;
         const struct nft_table *table;
         struct sk_buff *skb2;
         int err;
-@@ -5358,12 +5197,8 @@ static int nf_tables_getflowtable(struct
+@@ -5374,12 +5213,8 @@ static int nf_tables_getflowtable(struct
         if (!nla[NFTA_FLOWTABLE_NAME])
                 return -EINVAL;
   
         if (!nla[NFTA_FLOWTABLE_NAME])
                 return -EINVAL;
   
@@ -1063,7 +1063,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
-@@ -6529,7 +6364,7 @@ int __nft_release_basechain(struct nft_c
+@@ -6550,7 +6385,7 @@ int __nft_release_basechain(struct nft_c
   }
   EXPORT_SYMBOL_GPL(__nft_release_basechain);
   
   }
   EXPORT_SYMBOL_GPL(__nft_release_basechain);
   
@@ -1072,7 +1072,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   {
         struct nft_flowtable *flowtable, *nf;
         struct nft_table *table, *nt;
   {
         struct nft_flowtable *flowtable, *nf;
         struct nft_table *table, *nt;
-@@ -6542,7 +6377,7 @@ static void __nft_release_afinfo(struct
+@@ -6563,7 +6398,7 @@ static void __nft_release_afinfo(struct
         };
   
         list_for_each_entry_safe(table, nt, &net->nft.tables, list) {
         };
   
         list_for_each_entry_safe(table, nt, &net->nft.tables, list) {
@@ -1081,7 +1081,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   
                 list_for_each_entry(chain, &table->chains, list)
                         nf_tables_unregister_hook(net, table, chain);
   
                 list_for_each_entry(chain, &table->chains, list)
                         nf_tables_unregister_hook(net, table, chain);
-@@ -6594,7 +6429,7 @@ static int __net_init nf_tables_init_net
+@@ -6615,7 +6450,7 @@ static int __net_init nf_tables_init_net
   
   static void __net_exit nf_tables_exit_net(struct net *net)
   {
   
   static void __net_exit nf_tables_exit_net(struct net *net)
   {
diff --git a/target/linux/generic/backport-4.14/339-v4.16-netfilter-nft_flow_offload-wait-for-garbage-collecto.patch b/target/linux/generic/backport-4.14/339-v4.16-netfilter-nft_flow_offload-wait-for-garbage-collecto.patch

index d6736d652f9c6b00ee2b73d1babbfdac19a60612..037759bdb736f3e0719a5f31bc2976352dd26659 100644 (file)
--- a/target/linux/generic/backport-4.14/339-v4.16-netfilter-nft_flow_offload-wait-for-garbage-collecto.patch
+++ b/target/linux/generic/backport-4.14/339-v4.16-netfilter-nft_flow_offload-wait-for-garbage-collecto.patch
@@ -17,7 +17,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  
  --- a/net/netfilter/nf_tables_api.c
  +++ b/net/netfilter/nf_tables_api.c
  
  --- a/net/netfilter/nf_tables_api.c
  +++ b/net/netfilter/nf_tables_api.c
-@@ -4869,13 +4869,13 @@ void nft_flow_table_iterate(struct net *
+@@ -4885,13 +4885,13 @@ void nft_flow_table_iterate(struct net *
         struct nft_flowtable *flowtable;
         const struct nft_table *table;
   
         struct nft_flowtable *flowtable;
         const struct nft_table *table;
   
diff --git a/target/linux/generic/backport-4.14/342-v4.16-netfilter-nf_tables-fix-flowtable-free.patch b/target/linux/generic/backport-4.14/342-v4.16-netfilter-nf_tables-fix-flowtable-free.patch

index d0c6e46c9f414a61edd7c611ea4404b0b3b785de..232f4b67a0d30b820418969b8e3eba307157b6f9 100644 (file)
--- a/target/linux/generic/backport-4.14/342-v4.16-netfilter-nf_tables-fix-flowtable-free.patch
+++ b/target/linux/generic/backport-4.14/342-v4.16-netfilter-nf_tables-fix-flowtable-free.patch
@@ -118,7 +118,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   };
  --- a/net/netfilter/nf_tables_api.c
  +++ b/net/netfilter/nf_tables_api.c
   };
  --- a/net/netfilter/nf_tables_api.c
  +++ b/net/netfilter/nf_tables_api.c
-@@ -5254,17 +5254,12 @@ err:
+@@ -5270,17 +5270,12 @@ err:
         nfnetlink_set_err(ctx->net, ctx->portid, NFNLGRP_NFTABLES, -ENOBUFS);
   }
   
         nfnetlink_set_err(ctx->net, ctx->portid, NFNLGRP_NFTABLES, -ENOBUFS);
   }
   
diff --git a/target/linux/generic/backport-4.14/344-v4.16-netfilter-nf_tables-allocate-handle-and-delete-objec.patch b/target/linux/generic/backport-4.14/344-v4.16-netfilter-nf_tables-allocate-handle-and-delete-objec.patch

index 89e12a5f47e7b4385110bf8e99474202f2dd5b0a..f4d5237ded517fa2c809726cb152c3de2918d083 100644 (file)
--- a/target/linux/generic/backport-4.14/344-v4.16-netfilter-nf_tables-allocate-handle-and-delete-objec.patch
+++ b/target/linux/generic/backport-4.14/344-v4.16-netfilter-nf_tables-allocate-handle-and-delete-objec.patch
@@ -244,7 +244,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
-@@ -1565,6 +1607,7 @@ static int nf_tables_delchain(struct net
+@@ -1581,6 +1623,7 @@ static int nf_tables_delchain(struct net
         struct nft_rule *rule;
         int family = nfmsg->nfgen_family;
         struct nft_ctx ctx;
         struct nft_rule *rule;
         int family = nfmsg->nfgen_family;
         struct nft_ctx ctx;
@@ -252,7 +252,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         u32 use;
         int err;
   
         u32 use;
         int err;
   
-@@ -1573,7 +1616,12 @@ static int nf_tables_delchain(struct net
+@@ -1589,7 +1632,12 @@ static int nf_tables_delchain(struct net
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
@@ -266,7 +266,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         if (IS_ERR(chain))
                 return PTR_ERR(chain);
   
         if (IS_ERR(chain))
                 return PTR_ERR(chain);
   
-@@ -2547,6 +2595,7 @@ static const struct nla_policy nft_set_p
+@@ -2563,6 +2611,7 @@ static const struct nla_policy nft_set_p
         [NFTA_SET_USERDATA]             = { .type = NLA_BINARY,
                                             .len  = NFT_USERDATA_MAXLEN },
         [NFTA_SET_OBJ_TYPE]             = { .type = NLA_U32 },
         [NFTA_SET_USERDATA]             = { .type = NLA_BINARY,
                                             .len  = NFT_USERDATA_MAXLEN },
         [NFTA_SET_OBJ_TYPE]             = { .type = NLA_U32 },
@@ -274,7 +274,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   };
   
   static const struct nla_policy nft_set_desc_policy[NFTA_SET_DESC_MAX + 1] = {
   };
   
   static const struct nla_policy nft_set_desc_policy[NFTA_SET_DESC_MAX + 1] = {
-@@ -2590,6 +2639,22 @@ static struct nft_set *nf_tables_set_loo
+@@ -2606,6 +2655,22 @@ static struct nft_set *nf_tables_set_loo
         return ERR_PTR(-ENOENT);
   }
   
         return ERR_PTR(-ENOENT);
   }
   
@@ -297,7 +297,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   static struct nft_set *nf_tables_set_lookup_byid(const struct net *net,
                                                  const struct nlattr *nla,
                                                  u8 genmask)
   static struct nft_set *nf_tables_set_lookup_byid(const struct net *net,
                                                  const struct nlattr *nla,
                                                  u8 genmask)
-@@ -2706,6 +2771,9 @@ static int nf_tables_fill_set(struct sk_
+@@ -2722,6 +2787,9 @@ static int nf_tables_fill_set(struct sk_
                 goto nla_put_failure;
         if (nla_put_string(skb, NFTA_SET_NAME, set->name))
                 goto nla_put_failure;
                 goto nla_put_failure;
         if (nla_put_string(skb, NFTA_SET_NAME, set->name))
                 goto nla_put_failure;
@@ -307,7 +307,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         if (set->flags != 0)
                 if (nla_put_be32(skb, NFTA_SET_FLAGS, htonl(set->flags)))
                         goto nla_put_failure;
         if (set->flags != 0)
                 if (nla_put_be32(skb, NFTA_SET_FLAGS, htonl(set->flags)))
                         goto nla_put_failure;
-@@ -3114,6 +3182,7 @@ static int nf_tables_newset(struct net *
+@@ -3130,6 +3198,7 @@ static int nf_tables_newset(struct net *
         set->udata  = udata;
         set->timeout = timeout;
         set->gc_int = gc_int;
         set->udata  = udata;
         set->timeout = timeout;
         set->gc_int = gc_int;
@@ -315,7 +315,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   
         err = ops->init(set, &desc, nla);
         if (err < 0)
   
         err = ops->init(set, &desc, nla);
         if (err < 0)
-@@ -3173,7 +3242,10 @@ static int nf_tables_delset(struct net *
+@@ -3189,7 +3258,10 @@ static int nf_tables_delset(struct net *
         if (err < 0)
                 return err;
   
         if (err < 0)
                 return err;
   
@@ -327,7 +327,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         if (IS_ERR(set))
                 return PTR_ERR(set);
   
         if (IS_ERR(set))
                 return PTR_ERR(set);
   
-@@ -4233,6 +4305,21 @@ struct nft_object *nf_tables_obj_lookup(
+@@ -4249,6 +4321,21 @@ struct nft_object *nf_tables_obj_lookup(
   }
   EXPORT_SYMBOL_GPL(nf_tables_obj_lookup);
   
   }
   EXPORT_SYMBOL_GPL(nf_tables_obj_lookup);
   
@@ -349,7 +349,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   static const struct nla_policy nft_obj_policy[NFTA_OBJ_MAX + 1] = {
         [NFTA_OBJ_TABLE]        = { .type = NLA_STRING,
                                     .len = NFT_TABLE_MAXNAMELEN - 1 },
   static const struct nla_policy nft_obj_policy[NFTA_OBJ_MAX + 1] = {
         [NFTA_OBJ_TABLE]        = { .type = NLA_STRING,
                                     .len = NFT_TABLE_MAXNAMELEN - 1 },
-@@ -4240,6 +4327,7 @@ static const struct nla_policy nft_obj_p
+@@ -4256,6 +4343,7 @@ static const struct nla_policy nft_obj_p
                                     .len = NFT_OBJ_MAXNAMELEN - 1 },
         [NFTA_OBJ_TYPE]         = { .type = NLA_U32 },
         [NFTA_OBJ_DATA]         = { .type = NLA_NESTED },
                                     .len = NFT_OBJ_MAXNAMELEN - 1 },
         [NFTA_OBJ_TYPE]         = { .type = NLA_U32 },
         [NFTA_OBJ_DATA]         = { .type = NLA_NESTED },
@@ -357,7 +357,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   };
   
   static struct nft_object *nft_obj_init(const struct nft_ctx *ctx,
   };
   
   static struct nft_object *nft_obj_init(const struct nft_ctx *ctx,
-@@ -4387,6 +4475,8 @@ static int nf_tables_newobj(struct net *
+@@ -4403,6 +4491,8 @@ static int nf_tables_newobj(struct net *
                 goto err1;
         }
         obj->table = table;
                 goto err1;
         }
         obj->table = table;
@@ -366,7 +366,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         obj->name = nla_strdup(nla[NFTA_OBJ_NAME], GFP_KERNEL);
         if (!obj->name) {
                 err = -ENOMEM;
         obj->name = nla_strdup(nla[NFTA_OBJ_NAME], GFP_KERNEL);
         if (!obj->name) {
                 err = -ENOMEM;
-@@ -4433,7 +4523,9 @@ static int nf_tables_fill_obj_info(struc
+@@ -4449,7 +4539,9 @@ static int nf_tables_fill_obj_info(struc
             nla_put_string(skb, NFTA_OBJ_NAME, obj->name) ||
             nla_put_be32(skb, NFTA_OBJ_TYPE, htonl(obj->ops->type->type)) ||
             nla_put_be32(skb, NFTA_OBJ_USE, htonl(obj->use)) ||
             nla_put_string(skb, NFTA_OBJ_NAME, obj->name) ||
             nla_put_be32(skb, NFTA_OBJ_TYPE, htonl(obj->ops->type->type)) ||
             nla_put_be32(skb, NFTA_OBJ_USE, htonl(obj->use)) ||
@@ -377,7 +377,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                 goto nla_put_failure;
   
         nlmsg_end(skb, nlh);
                 goto nla_put_failure;
   
         nlmsg_end(skb, nlh);
-@@ -4631,7 +4723,7 @@ static int nf_tables_delobj(struct net *
+@@ -4647,7 +4739,7 @@ static int nf_tables_delobj(struct net *
         u32 objtype;
   
         if (!nla[NFTA_OBJ_TYPE] ||
         u32 objtype;
   
         if (!nla[NFTA_OBJ_TYPE] ||
@@ -386,7 +386,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
                 return -EINVAL;
   
         table = nf_tables_table_lookup(net, nla[NFTA_OBJ_TABLE], family,
                 return -EINVAL;
   
         table = nf_tables_table_lookup(net, nla[NFTA_OBJ_TABLE], family,
-@@ -4640,7 +4732,12 @@ static int nf_tables_delobj(struct net *
+@@ -4656,7 +4748,12 @@ static int nf_tables_delobj(struct net *
                 return PTR_ERR(table);
   
         objtype = ntohl(nla_get_be32(nla[NFTA_OBJ_TYPE]));
                 return PTR_ERR(table);
   
         objtype = ntohl(nla_get_be32(nla[NFTA_OBJ_TYPE]));
@@ -400,7 +400,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         if (IS_ERR(obj))
                 return PTR_ERR(obj);
         if (obj->use > 0)
         if (IS_ERR(obj))
                 return PTR_ERR(obj);
         if (obj->use > 0)
-@@ -4712,6 +4809,7 @@ static const struct nla_policy nft_flowt
+@@ -4728,6 +4825,7 @@ static const struct nla_policy nft_flowt
         [NFTA_FLOWTABLE_NAME]           = { .type = NLA_STRING,
                                             .len = NFT_NAME_MAXLEN - 1 },
         [NFTA_FLOWTABLE_HOOK]           = { .type = NLA_NESTED },
         [NFTA_FLOWTABLE_NAME]           = { .type = NLA_STRING,
                                             .len = NFT_NAME_MAXLEN - 1 },
         [NFTA_FLOWTABLE_HOOK]           = { .type = NLA_NESTED },
@@ -408,7 +408,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   };
   
   struct nft_flowtable *nf_tables_flowtable_lookup(const struct nft_table *table,
   };
   
   struct nft_flowtable *nf_tables_flowtable_lookup(const struct nft_table *table,
-@@ -4729,6 +4827,20 @@ struct nft_flowtable *nf_tables_flowtabl
+@@ -4745,6 +4843,20 @@ struct nft_flowtable *nf_tables_flowtabl
   }
   EXPORT_SYMBOL_GPL(nf_tables_flowtable_lookup);
   
   }
   EXPORT_SYMBOL_GPL(nf_tables_flowtable_lookup);
   
@@ -429,7 +429,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
   #define NFT_FLOWTABLE_DEVICE_MAX      8
   
   static int nf_tables_parse_devices(const struct nft_ctx *ctx,
   #define NFT_FLOWTABLE_DEVICE_MAX      8
   
   static int nf_tables_parse_devices(const struct nft_ctx *ctx,
-@@ -4937,6 +5049,8 @@ static int nf_tables_newflowtable(struct
+@@ -4953,6 +5065,8 @@ static int nf_tables_newflowtable(struct
                 return -ENOMEM;
   
         flowtable->table = table;
                 return -ENOMEM;
   
         flowtable->table = table;
@@ -438,7 +438,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         flowtable->name = nla_strdup(nla[NFTA_FLOWTABLE_NAME], GFP_KERNEL);
         if (!flowtable->name) {
                 err = -ENOMEM;
         flowtable->name = nla_strdup(nla[NFTA_FLOWTABLE_NAME], GFP_KERNEL);
         if (!flowtable->name) {
                 err = -ENOMEM;
-@@ -5011,8 +5125,14 @@ static int nf_tables_delflowtable(struct
+@@ -5027,8 +5141,14 @@ static int nf_tables_delflowtable(struct
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
         if (IS_ERR(table))
                 return PTR_ERR(table);
   
@@ -455,7 +455,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         if (IS_ERR(flowtable))
                   return PTR_ERR(flowtable);
         if (flowtable->use > 0)
         if (IS_ERR(flowtable))
                   return PTR_ERR(flowtable);
         if (flowtable->use > 0)
-@@ -5045,7 +5165,9 @@ static int nf_tables_fill_flowtable_info
+@@ -5061,7 +5181,9 @@ static int nf_tables_fill_flowtable_info
   
         if (nla_put_string(skb, NFTA_FLOWTABLE_TABLE, flowtable->table->name) ||
             nla_put_string(skb, NFTA_FLOWTABLE_NAME, flowtable->name) ||
   
         if (nla_put_string(skb, NFTA_FLOWTABLE_TABLE, flowtable->table->name) ||
             nla_put_string(skb, NFTA_FLOWTABLE_NAME, flowtable->name) ||
diff --git a/target/linux/generic/backport-4.14/357-v4.18-netfilter-nf_flow_table-move-init-code-to-nf_flow_ta.patch b/target/linux/generic/backport-4.14/357-v4.18-netfilter-nf_flow_table-move-init-code-to-nf_flow_ta.patch

index 77e4db3ed75c61ed21e3be8b3cdf2e9e629ecb92..601df0cf951bf5092742ed0bc3f79959d621a53a 100644 (file)
--- a/target/linux/generic/backport-4.14/357-v4.18-netfilter-nf_flow_table-move-init-code-to-nf_flow_ta.patch
+++ b/target/linux/generic/backport-4.14/357-v4.18-netfilter-nf_flow_table-move-init-code-to-nf_flow_ta.patch
@@ -236,7 +236,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
         .owner          = THIS_MODULE,
  --- a/net/netfilter/nf_tables_api.c
  +++ b/net/netfilter/nf_tables_api.c
         .owner          = THIS_MODULE,
  --- a/net/netfilter/nf_tables_api.c
  +++ b/net/netfilter/nf_tables_api.c
-@@ -5064,40 +5064,38 @@ static int nf_tables_newflowtable(struct
+@@ -5080,40 +5080,38 @@ static int nf_tables_newflowtable(struct
         }
   
         flowtable->data.type = type;
         }
   
         flowtable->data.type = type;
@@ -285,7 +285,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
   err3:
         module_put(type->owner);
   err2:
   err3:
         module_put(type->owner);
   err2:
-@@ -5378,10 +5376,8 @@ err:
+@@ -5394,10 +5392,8 @@ err:
   
   static void nf_tables_flowtable_destroy(struct nft_flowtable *flowtable)
   {
   
   static void nf_tables_flowtable_destroy(struct nft_flowtable *flowtable)
   {
diff --git a/target/linux/generic/backport-4.14/358-v4.18-netfilter-nf_flow_table-fix-priv-pointer-for-netdev-.patch b/target/linux/generic/backport-4.14/358-v4.18-netfilter-nf_flow_table-fix-priv-pointer-for-netdev-.patch

index e38f22635dba83490cd2298b54492706ad8a1508..f173b1c4f15cecd4aa2d36c12f94cce66fcc6ff4 100644 (file)
--- a/target/linux/generic/backport-4.14/358-v4.18-netfilter-nf_flow_table-fix-priv-pointer-for-netdev-.patch
+++ b/target/linux/generic/backport-4.14/358-v4.18-netfilter-nf_flow_table-fix-priv-pointer-for-netdev-.patch
@@ -11,7 +11,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  
  --- a/net/netfilter/nf_tables_api.c
  +++ b/net/netfilter/nf_tables_api.c
  
  --- a/net/netfilter/nf_tables_api.c
  +++ b/net/netfilter/nf_tables_api.c
-@@ -4930,7 +4930,7 @@ static int nf_tables_flowtable_parse_hoo
+@@ -4946,7 +4946,7 @@ static int nf_tables_flowtable_parse_hoo
                 flowtable->ops[i].pf            = NFPROTO_NETDEV;
                 flowtable->ops[i].hooknum       = hooknum;
                 flowtable->ops[i].priority      = priority;
                 flowtable->ops[i].pf            = NFPROTO_NETDEV;
                 flowtable->ops[i].hooknum       = hooknum;
                 flowtable->ops[i].priority      = priority;
diff --git a/target/linux/generic/backport-4.14/359-v4.18-netfilter-nf_flow_table-track-flow-tables-in-nf_flow.patch b/target/linux/generic/backport-4.14/359-v4.18-netfilter-nf_flow_table-track-flow-tables-in-nf_flow.patch

index 2fcd6633074f6fca341e62f8a098e888e0d43ecd..784368520dbde10abed1742555876d0bed5ff804 100644 (file)
--- a/target/linux/generic/backport-4.14/359-v4.18-netfilter-nf_flow_table-track-flow-tables-in-nf_flow.patch
+++ b/target/linux/generic/backport-4.14/359-v4.18-netfilter-nf_flow_table-track-flow-tables-in-nf_flow.patch
@@ -88,7 +88,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
         WARN_ON(!nf_flow_offload_gc_step(flow_table));
  --- a/net/netfilter/nf_tables_api.c
  +++ b/net/netfilter/nf_tables_api.c
         WARN_ON(!nf_flow_offload_gc_step(flow_table));
  --- a/net/netfilter/nf_tables_api.c
  +++ b/net/netfilter/nf_tables_api.c
-@@ -4974,23 +4974,6 @@ static const struct nf_flowtable_type *n
+@@ -4990,23 +4990,6 @@ static const struct nf_flowtable_type *n
         return ERR_PTR(-ENOENT);
   }
   
         return ERR_PTR(-ENOENT);
   }
   
diff --git a/target/linux/generic/hack-4.14/207-disable-modorder.patch b/target/linux/generic/hack-4.14/207-disable-modorder.patch

index 8e920d1c519b891ea5dc05cd9373facc6c0f1a19..fcc1580defa93327aa36cf5ef1cbf6d95237d071 100644 (file)
--- a/target/linux/generic/hack-4.14/207-disable-modorder.patch
+++ b/target/linux/generic/hack-4.14/207-disable-modorder.patch
@@ -15,7 +15,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  
  --- a/Makefile
  +++ b/Makefile
  
  --- a/Makefile
  +++ b/Makefile
-@@ -1228,7 +1228,6 @@ all: modules
+@@ -1232,7 +1232,6 @@ all: modules
   
   PHONY += modules
   modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux) modules.builtin
   
   PHONY += modules
   modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux) modules.builtin
@@ -23,7 +23,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
         @$(kecho) '  Building modules, stage 2.';
         $(Q)$(MAKE) -f $(srctree)/scripts/Makefile.modpost
   
         @$(kecho) '  Building modules, stage 2.';
         $(Q)$(MAKE) -f $(srctree)/scripts/Makefile.modpost
   
-@@ -1257,7 +1256,6 @@ _modinst_:
+@@ -1261,7 +1260,6 @@ _modinst_:
                 rm -f $(MODLIB)/build ; \
                 ln -s $(CURDIR) $(MODLIB)/build ; \
         fi
                 rm -f $(MODLIB)/build ; \
                 ln -s $(CURDIR) $(MODLIB)/build ; \
         fi
diff --git a/target/linux/generic/hack-4.14/220-gc_sections.patch b/target/linux/generic/hack-4.14/220-gc_sections.patch

index cdca0bdb5f29270e4e8a621d349cfa1e19bed2df..79fdb6e8014fa0a8cbe6d6411eac26d4648411ff 100644 (file)
--- a/target/linux/generic/hack-4.14/220-gc_sections.patch
+++ b/target/linux/generic/hack-4.14/220-gc_sections.patch
@@ -33,7 +33,7 @@ Signed-off-by: Gabor Juhos <juhosg@openwrt.org>
   # Read KERNELRELEASE from include/config/kernel.release (if it exists)
   KERNELRELEASE = $(shell cat include/config/kernel.release 2> /dev/null)
   KERNELVERSION = $(VERSION)$(if $(PATCHLEVEL),.$(PATCHLEVEL)$(if $(SUBLEVEL),.$(SUBLEVEL)))$(EXTRAVERSION)
   # Read KERNELRELEASE from include/config/kernel.release (if it exists)
   KERNELRELEASE = $(shell cat include/config/kernel.release 2> /dev/null)
   KERNELVERSION = $(VERSION)$(if $(PATCHLEVEL),.$(PATCHLEVEL)$(if $(SUBLEVEL),.$(SUBLEVEL)))$(EXTRAVERSION)
-@@ -782,11 +787,6 @@ ifdef CONFIG_DEBUG_SECTION_MISMATCH
+@@ -786,11 +791,6 @@ ifdef CONFIG_DEBUG_SECTION_MISMATCH
   KBUILD_CFLAGS += $(call cc-option, -fno-inline-functions-called-once)
   endif
   
   KBUILD_CFLAGS += $(call cc-option, -fno-inline-functions-called-once)
   endif
   
diff --git a/target/linux/generic/pending-4.14/201-extra_optimization.patch b/target/linux/generic/pending-4.14/201-extra_optimization.patch

index b40f01d41ff369dd6c04c9bd661f7499e482755f..3c3353c7d16e147a462eed0194e3fac031f99fd7 100644 (file)
--- a/target/linux/generic/pending-4.14/201-extra_optimization.patch
+++ b/target/linux/generic/pending-4.14/201-extra_optimization.patch
@@ -14,7 +14,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  
  --- a/Makefile
  +++ b/Makefile
  
  --- a/Makefile
  +++ b/Makefile
-@@ -646,12 +646,12 @@ KBUILD_CFLAGS    += $(call cc-disable-warni
+@@ -650,12 +650,12 @@ KBUILD_CFLAGS    += $(call cc-disable-warni
   
   ifdef CONFIG_CC_OPTIMIZE_FOR_SIZE
   KBUILD_CFLAGS += $(call cc-option,-Oz,-Os)
   
   ifdef CONFIG_CC_OPTIMIZE_FOR_SIZE
   KBUILD_CFLAGS += $(call cc-option,-Oz,-Os)
diff --git a/target/linux/generic/pending-4.14/304-mips_disable_fpu.patch b/target/linux/generic/pending-4.14/304-mips_disable_fpu.patch

index bee62b266415feb45a4e6255d45eb8f98fcbbec2..1cfd3d7d7a9b0ef330d5f9bd0167fb578dbbf714 100644 (file)
--- a/target/linux/generic/pending-4.14/304-mips_disable_fpu.patch
+++ b/target/linux/generic/pending-4.14/304-mips_disable_fpu.patch
@@ -47,7 +47,7 @@ v2: incorporated changes suggested by Jonas Gorski
         select OF
  --- a/arch/mips/Makefile
  +++ b/arch/mips/Makefile
         select OF
  --- a/arch/mips/Makefile
  +++ b/arch/mips/Makefile
-@@ -319,7 +319,7 @@ OBJCOPYFLAGS               += --remove-section=.regin
+@@ -315,7 +315,7 @@ OBJCOPYFLAGS               += --remove-section=.regin
   head-y := arch/mips/kernel/head.o
   
   libs-y                        += arch/mips/lib/
   head-y := arch/mips/kernel/head.o
   
   libs-y                        += arch/mips/lib/
diff --git a/target/linux/generic/pending-4.14/308-mips32r2_tune.patch b/target/linux/generic/pending-4.14/308-mips32r2_tune.patch

index 7f98616d7a5f389d18a4e7bd806121e60a54f901..39167bf4ae27048a7ee07b22e6b9b0b0436c052c 100644 (file)
--- a/target/linux/generic/pending-4.14/308-mips32r2_tune.patch
+++ b/target/linux/generic/pending-4.14/308-mips32r2_tune.patch
@@ -11,12 +11,12 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  
  --- a/arch/mips/Makefile
  +++ b/arch/mips/Makefile
  
  --- a/arch/mips/Makefile
  +++ b/arch/mips/Makefile
-@@ -162,7 +162,7 @@ cflags-$(CONFIG_CPU_R4X00) += -march=r46
+@@ -161,7 +161,7 @@ cflags-$(CONFIG_CPU_VR41XX)        += -march=r4
+ cflags-$(CONFIG_CPU_R4X00)    += -march=r4600 -Wa,--trap
   cflags-$(CONFIG_CPU_TX49XX)   += -march=r4600 -Wa,--trap
   cflags-$(CONFIG_CPU_TX49XX)   += -march=r4600 -Wa,--trap
- cflags-$(CONFIG_CPU_MIPS32_R1)        += $(call cc-option,-march=mips32,-mips32 -U_MIPS_ISA -D_MIPS_ISA=_MIPS_ISA_MIPS32) \
-                       -Wa,-mips32 -Wa,--trap
--cflags-$(CONFIG_CPU_MIPS32_R2)        += $(call cc-option,-march=mips32r2,-mips32r2 -U_MIPS_ISA -D_MIPS_ISA=_MIPS_ISA_MIPS32) \
-+cflags-$(CONFIG_CPU_MIPS32_R2)        += $(call cc-option,-march=mips32r2 -mtune=34kc,-mips32r2 -U_MIPS_ISA -D_MIPS_ISA=_MIPS_ISA_MIPS32) \
-                       -Wa,-mips32r2 -Wa,--trap
+ cflags-$(CONFIG_CPU_MIPS32_R1)        += -march=mips32 -Wa,--trap
+-cflags-$(CONFIG_CPU_MIPS32_R2)        += -march=mips32r2 -Wa,--trap
++cflags-$(CONFIG_CPU_MIPS32_R2)        += -march=mips32r2 -mtune=34kc -Wa,--trap
   cflags-$(CONFIG_CPU_MIPS32_R6)        += -march=mips32r6 -Wa,--trap -modd-spreg
   cflags-$(CONFIG_CPU_MIPS32_R6)        += -march=mips32r6 -Wa,--trap -modd-spreg
- cflags-$(CONFIG_CPU_MIPS64_R1)        += $(call cc-option,-march=mips64,-mips64 -U_MIPS_ISA -D_MIPS_ISA=_MIPS_ISA_MIPS64) \
+ cflags-$(CONFIG_CPU_MIPS64_R1)        += -march=mips64 -Wa,--trap
+ cflags-$(CONFIG_CPU_MIPS64_R2)        += -march=mips64r2 -Wa,--trap
diff --git a/target/linux/generic/pending-4.14/640-netfilter-nf_flow_table-add-hardware-offload-support.patch b/target/linux/generic/pending-4.14/640-netfilter-nf_flow_table-add-hardware-offload-support.patch

index bf902875d077b5c488739ed4cafabfebc82f3a9e..e6d33928384d48416796e120df61c7b8a43e0731 100644 (file)
--- a/target/linux/generic/pending-4.14/640-netfilter-nf_flow_table-add-hardware-offload-support.patch
+++ b/target/linux/generic/pending-4.14/640-netfilter-nf_flow_table-add-hardware-offload-support.patch
@@ -506,7 +506,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  +MODULE_ALIAS("nf-flow-table-hw");
  --- a/net/netfilter/nf_tables_api.c
  +++ b/net/netfilter/nf_tables_api.c
  +MODULE_ALIAS("nf-flow-table-hw");
  --- a/net/netfilter/nf_tables_api.c
  +++ b/net/netfilter/nf_tables_api.c
-@@ -4917,6 +4917,14 @@ static int nf_tables_flowtable_parse_hoo
+@@ -4933,6 +4933,14 @@ static int nf_tables_flowtable_parse_hoo
         if (err < 0)
                 goto err1;
   
         if (err < 0)
                 goto err1;
   
@@ -521,7 +521,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         ops = kzalloc(sizeof(struct nf_hook_ops) * n, GFP_KERNEL);
         if (!ops) {
                 err = -ENOMEM;
         ops = kzalloc(sizeof(struct nf_hook_ops) * n, GFP_KERNEL);
         if (!ops) {
                 err = -ENOMEM;
-@@ -5047,10 +5055,19 @@ static int nf_tables_newflowtable(struct
+@@ -5063,10 +5071,19 @@ static int nf_tables_newflowtable(struct
         }
   
         flowtable->data.type = type;
         }
   
         flowtable->data.type = type;
@@ -541,7 +541,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
         err = nf_tables_flowtable_parse_hook(&ctx, nla[NFTA_FLOWTABLE_HOOK],
                                              flowtable);
         if (err < 0)
         err = nf_tables_flowtable_parse_hook(&ctx, nla[NFTA_FLOWTABLE_HOOK],
                                              flowtable);
         if (err < 0)
-@@ -5148,7 +5165,8 @@ static int nf_tables_fill_flowtable_info
+@@ -5164,7 +5181,8 @@ static int nf_tables_fill_flowtable_info
             nla_put_string(skb, NFTA_FLOWTABLE_NAME, flowtable->name) ||
             nla_put_be32(skb, NFTA_FLOWTABLE_USE, htonl(flowtable->use)) ||
             nla_put_be64(skb, NFTA_FLOWTABLE_HANDLE, cpu_to_be64(flowtable->handle),
             nla_put_string(skb, NFTA_FLOWTABLE_NAME, flowtable->name) ||
             nla_put_be32(skb, NFTA_FLOWTABLE_USE, htonl(flowtable->use)) ||
             nla_put_be64(skb, NFTA_FLOWTABLE_HANDLE, cpu_to_be64(flowtable->handle),
author	Koen Vandeputte <koen.vandeputte@ncentric.com>
	Thu, 6 Sep 2018 12:18:24 +0000 (14:18 +0200)
committer	Koen Vandeputte <koen.vandeputte@ncentric.com>
	Fri, 7 Sep 2018 15:22:23 +0000 (17:22 +0200)
include/kernel-version.mk		patch \| blob \| history
target/linux/brcm47xx/patches-4.14/330-Revert-MIPS-BCM47XX-Enable-74K-Core-ExternalSync-for.patch	[deleted file]	patch \| blob \| history
target/linux/generic/backport-4.14/303-v4.16-netfilter-nf_tables-remove-multihook-chains-and-fami.patch		patch \| blob \| history
target/linux/generic/backport-4.14/321-v4.16-netfilter-nf_tables-add-flow-table-netlink-frontend.patch		patch \| blob \| history
target/linux/generic/backport-4.14/327-v4.16-netfilter-nf_tables-remove-nhooks-field-from-struct-.patch		patch \| blob \| history
target/linux/generic/backport-4.14/328-v4.16-netfilter-nf_tables-fix-a-typo-in-nf_tables_getflowt.patch		patch \| blob \| history
target/linux/generic/backport-4.14/331-v4.16-netfilter-nf_tables-no-need-for-struct-nft_af_info-t.patch		patch \| blob \| history
target/linux/generic/backport-4.14/334-v4.15-netfilter-nf_tables-fix-potential-NULL-ptr-deref-in-.patch		patch \| blob \| history
target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch		patch \| blob \| history
target/linux/generic/backport-4.14/336-v4.15-netfilter-exit_net-cleanup-check-added.patch		patch \| blob \| history
target/linux/generic/backport-4.14/337-v4.16-netfilter-nf_tables-get-rid-of-pernet-families.patch		patch \| blob \| history
target/linux/generic/backport-4.14/338-v4.16-netfilter-nf_tables-get-rid-of-struct-nft_af_info-ab.patch		patch \| blob \| history
target/linux/generic/backport-4.14/339-v4.16-netfilter-nft_flow_offload-wait-for-garbage-collecto.patch		patch \| blob \| history
target/linux/generic/backport-4.14/342-v4.16-netfilter-nf_tables-fix-flowtable-free.patch		patch \| blob \| history
target/linux/generic/backport-4.14/344-v4.16-netfilter-nf_tables-allocate-handle-and-delete-objec.patch		patch \| blob \| history
target/linux/generic/backport-4.14/357-v4.18-netfilter-nf_flow_table-move-init-code-to-nf_flow_ta.patch		patch \| blob \| history
target/linux/generic/backport-4.14/358-v4.18-netfilter-nf_flow_table-fix-priv-pointer-for-netdev-.patch		patch \| blob \| history
target/linux/generic/backport-4.14/359-v4.18-netfilter-nf_flow_table-track-flow-tables-in-nf_flow.patch		patch \| blob \| history
target/linux/generic/hack-4.14/207-disable-modorder.patch		patch \| blob \| history
target/linux/generic/hack-4.14/220-gc_sections.patch		patch \| blob \| history
target/linux/generic/pending-4.14/201-extra_optimization.patch		patch \| blob \| history
target/linux/generic/pending-4.14/304-mips_disable_fpu.patch		patch \| blob \| history
target/linux/generic/pending-4.14/308-mips32r2_tune.patch		patch \| blob \| history
target/linux/generic/pending-4.14/640-netfilter-nf_flow_table-add-hardware-offload-support.patch		patch \| blob \| history