kernel: refresh patches

Some fuzz was introduced due to the netfilter-offload series Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2025-11-04 06:54:27 -05:00 · 2018-02-22 12:21:05 +01:00 · 2018-02-22 12:21:05 +01:00 · aad1f11efe
commit aad1f11efe
parent 14a01311f5
8 changed files with 34 additions and 32 deletions
--- a/target/linux/generic/backport-4.14/302-netfilter-nf_tables_inet-don-t-use-multihook-infrast.patch
+++ b/target/linux/generic/backport-4.14/302-netfilter-nf_tables_inet-don-t-use-multihook-infrast.patch
@ -90,11 +90,12 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 -		afi = &nft_af_ipv4;
 -	else
 -		afi = &nft_af_ipv6;
-+	nft_set_pktinfo(&pkt, skb, state);
- 
+-
 -	ops->pf = afi->family;
 -	if (afi->hooks[ops->hooknum])
 -		ops->hook = afi->hooks[ops->hooknum];
+	nft_set_pktinfo(&pkt, skb, state);
+
 +	switch (state->pf) {
 +	case NFPROTO_IPV4:
 +		nft_set_pktinfo_ipv4(&pkt, skb);
--- a/target/linux/generic/backport-4.14/335-netfilter-nf_tables-add-single-table-list-for-all-fa.patch
+++ b/target/linux/generic/backport-4.14/335-netfilter-nf_tables-add-single-table-list-for-all-fa.patch
@ -548,24 +548,24 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 -		if (family != NFPROTO_UNSPEC && family != afi->family)
 +	list_for_each_entry_rcu(table, &net->nft.tables, list) {
 +		if (family != NFPROTO_UNSPEC && family != table->afi->family)
+			continue;
+
+		if (ctx && ctx->table && strcmp(ctx->table, table->name) != 0)
 			continue;
 
 -		list_for_each_entry_rcu(table, &afi->tables, list) {
 -			if (ctx && ctx->table &&
 -			    strcmp(ctx->table, table->name) != 0)
-				continue;
-+		if (ctx && ctx->table && strcmp(ctx->table, table->name) != 0)
-+			continue;
+		list_for_each_entry_rcu(chain, &table->chains, list) {
+			if (ctx && ctx->chain &&
+			    strcmp(ctx->chain, chain->name) != 0)
+ 				continue;
 
 -			list_for_each_entry_rcu(chain, &table->chains, list) {
 -				if (ctx && ctx->chain &&
 -				    strcmp(ctx->chain, chain->name) != 0)
 -					continue;
-+		list_for_each_entry_rcu(chain, &table->chains, list) {
-+			if (ctx && ctx->chain &&
-+			    strcmp(ctx->chain, chain->name) != 0)
-+				continue;
- 
+-
 -				list_for_each_entry_rcu(rule, &chain->rules, list) {
 -					if (!nft_is_active(net, rule))
 -						goto cont;
@ -703,19 +703,23 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 
 -		if (cur_family) {
 -			if (afi->family != cur_family)
+-				continue;
 +		if (ctx->table && ctx->table != table)
 +			continue;
-+
+ 
+-			cur_family = 0;
+-		}
+-		list_for_each_entry_rcu(table, &afi->tables, list) {
+-			if (ctx->table && ctx->table != table)
 +		if (cur_table) {
 +			if (cur_table != table)
 				continue;
 
-			cur_family = 0;
-+			cur_table = NULL;
- 		}
-		list_for_each_entry_rcu(table, &afi->tables, list) {
-			if (ctx->table && ctx->table != table)
+-			if (cur_table) {
+-				if (cur_table != table)
 -					continue;
+			cur_table = NULL;
+		}
 +		idx = 0;
 +		list_for_each_entry_rcu(set, &table->sets, list) {
 +			if (idx < s_idx)
@ -723,14 +727,11 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 +			if (!nft_is_active(net, set))
 +				goto cont;
 
-			if (cur_table) {
-				if (cur_table != table)
-					continue;
+-				cur_table = NULL;
 +			ctx_set = *ctx;
 +			ctx_set.table = table;
 +			ctx_set.family = table->afi->family;
- 
-				cur_table = NULL;
+
 +			if (nf_tables_fill_set(skb, &ctx_set, set,
 +					       NFT_MSG_NEWSET,
 +					       NLM_F_MULTI) < 0) {
--- a/target/linux/generic/hack-4.14/250-netfilter_depends.patch
+++ b/target/linux/generic/hack-4.14/250-netfilter_depends.patch
@ -17,7 +17,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 	depends on NETFILTER_ADVANCED
 	help
 	  H.323 is a VoIP signalling protocol from ITU-T. As one of the most
-@@ -1012,7 +1011,6 @@ config NETFILTER_XT_TARGET_SECMARK
+@@ -1046,7 +1045,6 @@ config NETFILTER_XT_TARGET_SECMARK
 
 config NETFILTER_XT_TARGET_TCPMSS
 	tristate '"TCPMSS" target support'
--- a/target/linux/generic/hack-4.14/721-phy_packets.patch
+++ b/target/linux/generic/hack-4.14/721-phy_packets.patch
@ -15,7 +15,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>

 --- a/include/linux/netdevice.h
 +++ b/include/linux/netdevice.h
-@@ -1386,6 +1386,7 @@ enum netdev_priv_flags {
+@@ -1399,6 +1399,7 @@ enum netdev_priv_flags {
 	IFF_RXFH_CONFIGURED		= 1<<25,
 	IFF_PHONY_HEADROOM		= 1<<26,
 	IFF_MACSEC			= 1<<27,
@ -23,7 +23,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 };
 
 #define IFF_802_1Q_VLAN			IFF_802_1Q_VLAN
-@@ -1415,6 +1416,7 @@ enum netdev_priv_flags {
+@@ -1428,6 +1429,7 @@ enum netdev_priv_flags {
 #define IFF_TEAM			IFF_TEAM
 #define IFF_RXFH_CONFIGURED		IFF_RXFH_CONFIGURED
 #define IFF_MACSEC			IFF_MACSEC
@ -31,7 +31,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 
 /**
  *	struct net_device - The DEVICE structure.
-@@ -1701,6 +1703,11 @@ struct net_device {
+@@ -1714,6 +1716,11 @@ struct net_device {
 	const struct xfrmdev_ops *xfrmdev_ops;
 #endif
 
@ -43,7 +43,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 	const struct header_ops *header_ops;
 
 	unsigned int		flags;
-@@ -1770,6 +1777,10 @@ struct net_device {
+@@ -1783,6 +1790,10 @@ struct net_device {
 	struct mpls_dev __rcu	*mpls_ptr;
 #endif
 
--- a/target/linux/generic/pending-4.14/600-netfilter_conntrack_flush.patch
+++ b/target/linux/generic/pending-4.14/600-netfilter_conntrack_flush.patch
@ -17,7 +17,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 #include <net/net_namespace.h>
 #ifdef CONFIG_SYSCTL
 #include <linux/sysctl.h>
-@@ -377,10 +378,66 @@ static int ct_open(struct inode *inode,
+@@ -381,10 +382,66 @@ static int ct_open(struct inode *inode,
 			sizeof(struct ct_iter_state));
 }
 
@ -84,7 +84,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 	.llseek  = seq_lseek,
 	.release = seq_release_net,
 };
-@@ -484,7 +541,7 @@ static int nf_conntrack_standalone_init_
+@@ -488,7 +545,7 @@ static int nf_conntrack_standalone_init_
 	kuid_t root_uid;
 	kgid_t root_gid;
 
--- a/target/linux/generic/pending-4.14/613-netfilter_optional_tcp_window_check.patch
+++ b/target/linux/generic/pending-4.14/613-netfilter_optional_tcp_window_check.patch
@ -18,7 +18,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 /* "Be conservative in what you do,
     be liberal in what you accept from others."
     If it's non-zero, we mark only out of window RST segments as INVALID. */
-@@ -505,6 +508,9 @@ static bool tcp_in_window(const struct n
+@@ -508,6 +511,9 @@ static bool tcp_in_window(const struct n
 	s32 receiver_offset;
 	bool res, in_recv_win;
 
@ -28,7 +28,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 	/*
 	 * Get the required data from the packet.
 	 */
-@@ -1486,6 +1492,13 @@ static struct ctl_table tcp_sysctl_table
+@@ -1489,6 +1495,13 @@ static struct ctl_table tcp_sysctl_table
 		.mode		= 0644,
 		.proc_handler	= proc_dointvec,
 	},
--- a/target/linux/generic/pending-4.14/680-NET-skip-GRO-for-foreign-MAC-addresses.patch
+++ b/target/linux/generic/pending-4.14/680-NET-skip-GRO-for-foreign-MAC-addresses.patch
@ -11,7 +11,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>

 --- a/include/linux/netdevice.h
 +++ b/include/linux/netdevice.h
-@@ -1739,6 +1739,8 @@ struct net_device {
+@@ -1752,6 +1752,8 @@ struct net_device {
 	struct netdev_hw_addr_list	mc;
 	struct netdev_hw_addr_list	dev_addrs;
 
--- a/target/linux/mvebu/patches-4.14/408-sfp-move-module-eeprom-ethtool-access-into-netdev-co.patch
+++ b/target/linux/mvebu/patches-4.14/408-sfp-move-module-eeprom-ethtool-access-into-netdev-co.patch
@ -129,7 +129,7 @@ Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
 /* 802.11 specific */
 struct wireless_dev;
 /* 802.15.4 specific */
-@@ -1908,6 +1909,7 @@ struct net_device {
+@@ -1921,6 +1922,7 @@ struct net_device {
 	struct netprio_map __rcu *priomap;
 #endif
 	struct phy_device	*phydev;