Commit Graph

355 Commits (2021.1.082)

Author SHA1 Message Date
M_ars 4d46e0c54b ipv6: addrconf.c: Checkpatch cleanups
net/ipv6/addrconf.c: Checkpatch cleanups
net/ipv6/addrconf.c:340: WARNING: EXPORT_SYMBOL(foo); should immediately follow its function/variable
net/ipv6/addrconf.c:342: ERROR: "foo * bar" should be "foo *bar"
net/ipv6/addrconf.c:444: ERROR: "foo * bar" should be "foo *bar"
net/ipv6/addrconf.c:1337: WARNING: EXPORT_SYMBOL(foo); should immediately follow its function/variable
net/ipv6/addrconf.c:1526: ERROR: "(foo*)" should be "(foo *)"
net/ipv6/addrconf.c:1671: ERROR: open brace '{' following function declarations go on the next line
net/ipv6/addrconf.c:1914: ERROR: "foo * bar" should be "foo *bar"
net/ipv6/addrconf.c:2368: ERROR: "foo * bar" should be "foo *bar"
net/ipv6/addrconf.c:2370: ERROR: "foo * bar" should be "foo *bar"
net/ipv6/addrconf.c:2416: ERROR: "foo * bar" should be "foo *bar"
net/ipv6/addrconf.c:2437: ERROR: "foo    * bar" should be "foo    *bar"
net/ipv6/addrconf.c:2573: ERROR: "foo * bar" should be "foo *bar"
net/ipv6/addrconf.c:3797: ERROR: "foo* bar" should be "foo *bar"

Signed-off-by: Eldad Zack <eldad@fogrefinery.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

see https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v3.19&id=8e5e8f30d0dea1db2c8e2a78802e7e57f796f339
5 years ago
M_ars aa9928f805 ipv6: hash is calculated but not used afterwards
ipv6: hash is calculated but not used afterwards
hash is declared and assigned but not used anymore. ipv6_addr_hash()
exhibit no side-effects.

Signed-off-by: Hagen Paul Pfeifer <hagen@jauu.net>
Signed-off-by: David S. Miller <davem@davemloft.net>

see https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv6/addrconf.c?h=v3.19&id=96d796a38e9ec9a7c04a6cda3fc15d79efebb008
5 years ago
M_ars 200f7dab85 kernel: fix/addendum for commit "backport CAKE SQM scheduler and needed kernel functions" 48407b077b
see arm Issue #93
https://bitbucket.org/pedro311/freshtomato-arm/issues/93/ea6700-vpn-e-build-complete-buggy-unstable

tested with DHCPv6 PD, working again
5 years ago
notsure2 13fcaefef5 kernel: add Wireguard v1.0.20201221 5 years ago
notsure2 0985fafe51 kernel: add wireguard support
- backport get_monotonic_boottime https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=abb3a4ea2e0ea7114a4475745da2f32bd9ad5b73
- backport nf_reset_trace
- backport skb_transport_header_was_set and skb_probe_transport_header
- backport kref_get_unless_zero
- backport NAPI_POLL_WEIGHT
- backport kfree_skb_list
- backport ipv6_iface_scope_id
- backport INET_ECN_decapsulate
- backport deferrable work https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dd6414b50fa2b1cd247a8aa8f8bd42414b7453e1
- backport netlink: advertise incomplete dumps https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=670dc2833d144375eac36ad74111495a825a9288
- backport rol64 and ror64
- backport sg_nents
- backport net: Export __sock_create https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=721db93a55dad71bb89e7d11cc6be1f180ec3f2d
- backport ip6_flow_hdr
- backport ip6tunnel_xmit
- export ip6_dst_hoplimit
- fix compile warnings
5 years ago
notsure2 48407b077b kernel: backport CAKE SQM scheduler and needed kernel functions 5 years ago
notsure2 42dca15b49 kernel: ifb: dont hard code inet_net use
ifb should lookup devices in the appropriate namespace.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Acked-by: Jamal Hadi Salim <jhs@mojatatu.com>
Cc: Benjamin LaHaise <bcrl@kvack.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

Fix from upstream: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=73bf0d0eecba15e2a2f96b1092554b01fc07044b
5 years ago
notsure2 ed6758ae65 kernel: pkt_sched: namespace aware act_mirred
Eric Dumazet pointed out that act_mirred needs to find the current net_ns,
and struct net pointer is not provided in the call chain.  His original
patch made use of current->nsproxy->net_ns to find the network namespace,
but this fails to work correctly for userspace code that makes use of
netlink sockets in different network namespaces.  Instead, pass the
"struct net *" down along the call chain to where it is needed.

This version removes the ifb changes as Eric has submitted that patch
separately, but is otherwise identical to the previous version.

Signed-off-by: Benjamin LaHaise <bcrl@kvack.org>
Tested-by: Eric Dumazet <eric.dumazet@gmail.com>
Acked-by: Jamal Hadi Salim <jhs@mojatatu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

Fix from upstream: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c1b52739e45f5969b208ebc377f52468280af11e
5 years ago
notsure2 423a070cd1 kernel: net sched: Pass the skb into change so it can access NETLINK_CB
cls_flow.c plays with uids and gids.  Unless I misread that
code it is possible for classifiers to depend on the specific uid and
gid values.  Therefore I need to know the user namespace of the
netlink socket that is installing the packet classifiers.  Pass
in the rtnetlink skb so I can access the NETLINK_CB of the passed
packet.  In particular I want access to sk_user_ns(NETLINK_CB(in_skb).ssk).

Pass in not the user namespace but the incomming rtnetlink skb into
the the classifier change routines as that is generally the more useful
parameter.

Cc: Jamal Hadi Salim <jhs@mojatatu.com>
Acked-by: David S. Miller <davem@davemloft.net>
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>

Prerequisite patch for mirred namespace compatibility: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=af4c6641f5ad445fe6d0832da42406dbd9a37ce4
5 years ago
M_ars 94e47c8948 SDK6: update ctf (part 2) (for single and dual-core)
tested with R7000 and RT-N18U, working correct
5 years ago
pedro 2eec459d8a kernel: net_sched: fix datalen for ematch
syzbot reported an out-of-bound access in em_nbyte. As initially
analyzed by Eric, this is because em_nbyte sets its own em->datalen
in em_nbyte_change() other than the one specified by user, but this
value gets overwritten later by its caller tcf_em_validate().
We should leave em->datalen untouched to respect their choices.

I audit all the in-tree ematch users, all of those implement
->change() set em->datalen, so we can just avoid setting it twice
in this case.

Reported-and-tested-by: syzbot+5af9a90dad568aa9f611@syzkaller.appspotmail.com
Reported-by: syzbot+2f07903a5b05e7f36410@syzkaller.appspotmail.com
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Cc: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: default avatarCong Wang <xiyou.wangcong@gmail.com>
Reviewed-by: default avatarEric Dumazet <edumazet@google.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    [bwh: Backported to 3.16: adjust context]
Signed-off-by: Ben Hutchings's avatarBen Hutchings <ben@decadent.org.uk>

Fix from upstream: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=61678d28d4a45ef376f5d02a839cc37509ae9281
5 years ago
pedro 41202425e7 kernel: netfilter: ebtables: compat: reject all padding in matches/watchers
syzbot reported following splat:

BUG: KASAN: vmalloc-out-of-bounds in size_entry_mwt net/bridge/netfilter/ebtables.c:2063 [inline]
BUG: KASAN: vmalloc-out-of-bounds in compat_copy_entries+0x128b/0x1380 net/bridge/netfilter/ebtables.c:2155
Read of size 4 at addr ffffc900004461f4 by task syz-executor267/7937

Reported-by: syzbot+f68108fed972453a0ad4@syzkaller.appspotmail.com
Fixes: 81e675c227ec ("netfilter: ebtables: add CONFIG_COMPAT support")

Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Ben Hutchings's avatarBen Hutchings <ben@decadent.org.uk>

Fix from upstream: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e608f631f0ba5f1fc5ee2e260a3a35d13107cbfe
5 years ago
pedro a57380832a kernel: netfilter: ebtables: fix a memory leak bug in compat
In compat_do_replace(), a temporary buffer is allocated through vmalloc()
to hold entries copied from the user space. The buffer address is firstly
saved to 'newinfo->entries', and later on assigned to 'entries_tmp'. Then
the entries in this temporary buffer is copied to the internal kernel
structure through compat_copy_entries(). If this copy process fails,
compat_do_replace() should be terminated. However, the allocated temporary
buffer is not freed on this path, leading to a memory leak.

To fix the bug, free the buffer before returning from compat_do_replace().

Signed-off-by: Wenwen Wang's avatarWenwen Wang <wenwen@cs.uga.edu>
Reviewed-by: default avatarFlorian Westphal <fw@strlen.de>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>

Fix from upstream: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=15a78ba1844a8e052c1226f930133de4cef4e7ad
5 years ago
pedro 02f7a49f72 kernel: netfilter: ebtables: convert BUG_ONs to WARN_ONs
All of these conditions are not fatal and should have
been WARN_ONs from the get-go.

Convert them to WARN_ONs and bail out.

Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Ben Hutchings's avatarBen Hutchings <ben@decadent.org.uk>

Fix from upstream: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fc6a5d0601c5ac1d02f283a46f60b87b2033e5ca
5 years ago
M_ars 7ab0dadf70 kernel SDK6: netfilter: nf_conntrack_core.c - small update and add one more check
Note: align/sync with asus src
5 years ago
M_ars e61b2d6ed7 kernel SDK6: small update for bridge (sync with asus src)
Note: small addendum for the following commit a1997cd768
5 years ago
M_ars 90cc6be26f ipv6: Make 'addrconf_rs_timer' send Router Solicitations (and re-arm itself) if Router Advertisements are accepted
see https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v3.19&id=9ba2add3cf5c103b7236f82a023c8ee05a51e4d1

As of 026359b [ipv6: Send ICMPv6 RSes only when RAs are accepted],
Router Solicitations are sent whenever kernel accepts Router
Advertisements on the interface.

However, this logic isn't reflected in 'addrconf_rs_timer'.

The timer fails to issue subsequent RS messages (and fails to re-arm
itself) if forwarding is enabled and the special hybrid mode is
enabled (accept_ra=2).

Fix the condition determining whether next RS should be sent, by using
'ipv6_accept_ra()'.

Reported-by: Ami Koren <amikoren@yahoo.com>
Signed-off-by: Shmulik Ladkani <shmulik.ladkani@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
5 years ago
M_ars 053428b332 ipv6: unify logic evaluating inet6_dev's accept_ra property
see https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v3.19&id=aeaf6e9d2f49d793d3eb8c1af4095cf25e061b94

As of 026359b [ipv6: Send ICMPv6 RSes only when RAs are accepted], the
logic determining whether to send Router Solicitations is identical
to the logic determining whether kernel accepts Router Advertisements.

However the condition itself is repeated in several code locations.

Unify it by introducing 'ipv6_accept_ra()' accessor.

Also, simplify the condition expression, making it more readable.
No semantic change.

Signed-off-by: Shmulik Ladkani <shmulik.ladkani@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
5 years ago
M_ars 6aa3080d6f ipv6: Send ICMPv6 RSes only when RAs are accepted
see https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v3.19&id=026359bc6eddfdc2d2e684bf0b51691649b90f33

This patch improves the logic determining when to send ICMPv6 Router
Solicitations, so that they are 1) always sent when the kernel is
accepting Router Advertisements, and 2) never sent when the kernel is
not accepting RAs. In other words, the operational setting of the
"accept_ra" sysctl is used.

The change also makes the special "Hybrid Router" forwarding mode
("forwarding" sysctl set to 2) operate exactly the same as the standard
Router mode (forwarding=1). The only difference between the two was
that RSes was being sent in the Hybrid Router mode only. The sysctl
documentation describing the special Hybrid Router mode has therefore
been removed.

Rationale for the change:

Currently, the value of forwarding sysctl is the only thing determining
whether or not to send RSes. If it has the value 0 or 2, they are sent,
otherwise they are not. This leads to inconsistent behaviour in the
following cases:

* accept_ra=0, forwarding=0
* accept_ra=0, forwarding=2
* accept_ra=1, forwarding=2
* accept_ra=2, forwarding=1

In the first three cases, the kernel will send RSes, even though it will
not accept any RAs received in reply. In the last case, it will not send
any RSes, even though it will accept and process any RAs received. (Most
routers will send unsolicited RAs periodically, so suppressing RSes in
the last case will merely delay auto-configuration, not prevent it.)

Also, it is my opinion that having the forwarding sysctl control RS
sending behaviour (completely independent of whether RAs are being
accepted or not) is simply not what most users would intuitively expect
to be the case.

Signed-off-by: Tore Anderson <tore@fud.no>
Signed-off-by: David S. Miller <davem@davemloft.net>
5 years ago
snowman58 95b3807ea1 build: add Netgear R6700v1 support 5 years ago
M_ars 0b875a684a kernel SDK6: pptp.c - small fix for SDK Update
see d27db60dba

fix the following (hidden) warning:
Oct 19 06:00:01 Tomato-Router daemon.info pptp[1807]: Using interface ppp4
Oct 19 06:00:01 Tomato-Router daemon.notice pptp[1807]: Connect: ppp4 <--> pptp (xxx.xxx.xxx.xxx)
Oct 19 06:00:01 Tomato-Router kern.warn kernel: ------------[ cut here ]------------
Oct 19 06:00:01 Tomato-Router kern.warn kernel: WARNING: at include/net/dst.h:114 pptp_xmit+0x498/0x4b4()
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  ip6table_mangle	 bf5d1000	 934
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  ip6table_filter	 bf5cb000	 750
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  ipt_account	 bf5c3000	 8376
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  xt_DSCP	 bf5b0000	 1474
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  wl	 bf170000	 4201685
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  dpsta	 bf167000	 12782
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  ehci_hcd	 bf159000	 32414
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  xhci_hcd	 bf146000	 51128
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  vfat	 bf13e000	 8509
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  fat	 bf12d000	 43022
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  ext4	 bf0ec000	 221882
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  crc16	 bf0e6000	 1007
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  jbd2	 bf0d3000	 48989
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  mbcache	 bf0cc000	 4599
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  usb_storage	 bf0bd000	 34290
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  sd_mod	 bf0b1000	 21983
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  scsi_wait_scan	 bf0ab000	 416
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  scsi_mod	 bf086000	 108730
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  usbcore	 bf062000	 103389
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  nf_nat_pptp	 bf05c000	 1602
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  nf_conntrack_pptp	 bf056000	 3355
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  nf_nat_proto_gre	 bf050000	 887
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  nf_conntrack_proto_gre	 bf04a000	 3228
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  nf_nat_ftp	 bf044000	 1144
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  nf_conntrack_ftp	 bf03d000	 4909
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  nf_nat_h323	 bf036000	 4761
Oct 19 06:00:01 Tomato-Router daemon.notice pptp[1807]: CHAP authentication succeeded
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  nf_conntrack_h323	 bf028000	 33807
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  et	 bf011000	 64894
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  igs	 bf009000	 11927
Oct 19 06:00:01 Tomato-Router kern.warn kernel: module:  emf	 bf000000	 15397
Oct 19 06:00:01 Tomato-Router kern.warn kernel: Modules linked in: ip6table_mangle ip6table_filter ipt_account xt_DSCP wl(P) dpsta(P) ehci_hcd xhci_hcd vfat fat ext4 crc16 jbd2 mbcache usb_storage sd_mod scsi_wait_scan scsi_mod usbcore nf_nat_pptp nf_conntrack_pptp nf_nat_proto_gre nf_conntrack_proto_gre nf_nat_ftp nf_conntrack_ftp nf_nat_h323 nf_conntrack_h323 et(P) igs(P) emf(P) [last unloaded: xt_length]
Oct 19 06:00:01 Tomato-Router kern.warn kernel: [<c0045000>] (unwind_backtrace+0x0/0xf8) from [<c00632a0>] (warn_slowpath_common+0x4c/0x64)
Oct 19 06:00:01 Tomato-Router kern.warn kernel: [<c00632a0>] (warn_slowpath_common+0x4c/0x64) from [<c00632d4>] (warn_slowpath_null+0x1c/0x24)
Oct 19 06:00:01 Tomato-Router kern.warn kernel: [<c00632d4>] (warn_slowpath_null+0x1c/0x24) from [<c01c2810>] (pptp_xmit+0x498/0x4b4)
Oct 19 06:00:01 Tomato-Router kern.warn kernel: [<c01c2810>] (pptp_xmit+0x498/0x4b4) from [<c01bba28>] (ppp_channel_push+0x50/0xb0)
Oct 19 06:00:01 Tomato-Router kern.warn kernel: [<c01bba28>] (ppp_channel_push+0x50/0xb0) from [<c01bbb3c>] (ppp_write+0xb4/0x10c)
Oct 19 06:00:01 Tomato-Router kern.warn kernel: [<c01bbb3c>] (ppp_write+0xb4/0x10c) from [<c00cb3b0>] (vfs_write+0xb4/0x148)
Oct 19 06:00:01 Tomato-Router daemon.notice pptp[1807]: MPPE 128-bit stateless compression enabled

tested with Tomato MIPS RT-N server and windows 10 server, working correct
5 years ago
pedro 75c39001ab Revert "kernel sdk6: include: dst.h: disable WARN_ON_ONCE()"
This reverts commit 5d4dbba460.
5 years ago
snowman58 f2383e2780 build: correct R6400, R6400v2 and R6700v3 board_data partition offset and size to fix board data from being overwritten by jffs. 5 years ago
pedro 668555de9a kernel sdk6: drivers: usb: host: xhci-hub.c: fix compiler warnings 5 years ago
pedro 4085e1df8f kernel sdk6: drivers: usb: class: usblp.c: fix compiler warnings 5 years ago
pedro e3adb7856a kernel sdk6: include: linux: rndis.h: fix compiler warnings 5 years ago
pedro a11192fda9 kernel sdk6: drivers: net: ppp_generic.c: fix compiler warnings 5 years ago
pedro ae1dda5bfd kernel sdk6: net: core: dev.c: updates from upstream; fix compiler warnings
- fix rollback handler in register_netdevice_notifier
8f89148986

- in unregister_netdevice_notifier unregister the netdevices
7d3d43dab4
5 years ago
pedro dab7acc7d0 kernel sdk6: drivers: net: usb: updates from upstream
- usbnet: export usbnet_set_rx_mode()
1ea2b748b5

- cdc_ether: add new products ids

- cdc_ether: use dev->intf to get interface information
0226009ce0

- cdc_ether: export usbnet_cdc_update_filter
e506addeff

- cdc_ncm: add .ndo_set_rx_mode to cdc_ncm_netdev_ops
37a2ebdd9e

- cdc_ncm: hook into set_rx_mode to admit multicast traffic
e10dcb1b6b
5 years ago
M_ars 5d4dbba460 kernel sdk6: include: dst.h: disable WARN_ON_ONCE()
Note: follow/sync with sdk7 (only cosmetic for sdk6)
see b3999570b3
5 years ago
M_ars a093ff70e9 SDK6: merge (missing) CTF fixes/changes (part 1) 5 years ago
M_ars c7a8f9e6b9 kernel SDK6: net: bridge: br_multicast.c - Disable bridge multicast_snooping by default because it can interfere with EMF and other multicast things.
Note: make it possible for the tomato user to enable bridge multicast_snooping by setting nvram variable "br_mcast_snooping" to "1" (for ex.)
5 years ago
pedro ad0966dc44 kernel: usb: remove unused bitmap #define from hcd.h 5 years ago
pedro cd8938cf32 kernel: drivers: net: pppoe.c: apply patch from SDK7 branch 5 years ago
pedro 5499bcc78c kernel: commit 12ad696 reverts some fixes in MIPS files, so here we revert them again (only cosmetics) 5 years ago
pedro 3f84abd6ca kernel: make xt_recent built-in instead of module 5 years ago
pedro 861981f98d kernel: drivers: net: usbnet: Fix -Wcast-function-type
correct usage prototype of callback in tasklet_init().
Report by KSPP#20

Signed-off-by: Phong Tran <tranmanphong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

Fix from upstream: 2eb1d3f4bc
5 years ago
pedro 67c2d03752 kernel: drivers: net: usb: qmi_wwan: fixes/updates from upstream
- add support for Quectel RM500Q
a9ff44f0e6

- re-add DW5821e pre-production variant
88bf54603f

- unconditionally reject 2 ep interfaces
00516d13d4

- add support for ASKEY WWHC050
12a5ba5a19

- add support for DW5816e
57c7f2bd75

- add Telit LE910C1-EUX composition
591612aa57

- add support for Quectel EG95 LTE modem
f815dd5cf4
5 years ago
pedro c876456a46 kernel: config_base: fix typo 5 years ago
pedro fd6875bd5a kernel: update ipt_webmon module, so it works also for https connections 5 years ago
pedro 88f0009c9d kernel: netfilter: xt_recent: avoid high order page allocations
xt_recent can try high order page allocations and this can fail.

iptables: page allocation failure: order:9, mode:0xc0d0

It also wastes about half the allocated space because of kmalloc()
power-of-two roundups and struct recent_table layout.

Use vmalloc() instead to save space and be less prone to allocation
errors when memory is fragmented.

Reported-by: Miroslav Kratochvil <exa.exa@gmail.com>
Reported-by: Dave Jones <davej@redhat.com>
Reported-by: Harald Reindl <h.reindl@thelounge.net>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

Ported from upstream: 2727de7604
5 years ago
pedro 09ac7fb24a kernel: netfilter: xt_recent: fix namespace destroy path
recent_net_exit() is called before recent_mt_destroy() in the
destroy path of network namespaces. Make sure there are no entries
in the parent proc entry xt_recent before removing it.

Signed-off-by: Vitaly E. Lavrov <lve@guap.ru>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

Ported from upstream: 665e205c16
5 years ago
pedro c5e2d60f27 iptables: fix handling ICMPv6 reject --with-tcp-reset 5 years ago
pedro 604dca76aa kernel: netfilter: xt_recent: add address masking option (ported from upstream)
The mask option allows you put all address belonging that mask into
the same recent slot. This can be useful in case that recent is used
to detect attacks from the same network segment.

Tested for backward compatibility.

Signed-off-by: Denys Fedoryshchenko <denys@visp.net.lb>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

efdedd5426
5 years ago
pedro f3c8387e34 kernel: r2q change message from priority WARNING to priority DEBUG 5 years ago
pedro ee6a0ad283 kernel: net: usb: qmi_wwan: remove redundant assignment to variable status
The variable status is being initializeed with a value that is never read
and it is being updated later with a new value. The initialization
is redundant and can be removed.

Addresses-Coverity: ("Unused value")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Acked-by: Bjørn Mork <bjorn@mork.no>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

Fix from upstream
5 years ago
pedro 38486d0740 kernel: net: huawei_cdc_ncm: remove redundant assignment to variable ret
The variable ret is being initializeed with a value that is never read
and it is being updated later with a new value. The initialization
is redundant and can be removed.

Addresses-Coverity: ("Unused value")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

Fix from upstream
5 years ago
M_ars 6085f0f543 kernel: netns: Deduplicate and fix copy_net_ns when !CONFIG_NET_NS
The copy of copy_net_ns used when the network stack is not
built is broken as it does not return -EINVAL when attempting
to create a new network namespace.  We don't even have
a previous network namespace.

Since we need a copy of copy_net_ns in net/net_namespace.h that is
available when the networking stack is not built at all move the
correct version of copy_net_ns from net_namespace.c into net_namespace.h
Leaving us with just 2 versions of copy_net_ns.  One version for when
we compile in network namespace suport and another stub for all other
occasions.

Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.7&id=d727abcb2355566a3372ee1810f156fba75112b7
5 years ago
notsure2 fedcc8ecc2 Fix panic due to incorrect check of error pointer when proc_ns_fget fails. 5 years ago
pedro aace623627 build: kernel: make kernel network namespaces and veth optional and disable it for now for every target
- there are problems (bootloop) for some routers
5 years ago