21067 Commits

Author SHA1 Message Date
Koen Vandeputte
1e3487b359 kernel: bump 4.14 to 4.14.127
Refreshed all patches.

Fixes:

- CVE-2019-11479
- CVE-2019-11478
- CVE-2019-11477

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-06-18 14:47:53 +02:00
Koen Vandeputte
bcd17bdbe5 kernel: bump 4.9 to 4.9.182
Refreshed all patches.

Fixes:

- CVE-2019-11479
- CVE-2019-11478
- CVE-2019-11477

Compile-tested on: none
Runtime-tested on: none

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-06-18 14:47:53 +02:00
Koen Vandeputte
cf65262492 kernel: bump 4.19 to 4.19.51
Refreshed all patches.

Altered patches:
- 370-netfilter-nf_flow_table-fix-offloaded-connection-tim.patch
- 220-optimize_inlining.patch
- 640-netfilter-nf_flow_table-add-hardware-offload-support.patch

This patch also restores the initial implementation
of the ath79 perfcount IRQ issue. (78ee6b1a40b5)
It was wrongfully backported upstream initially and got reverted now.

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-06-18 11:38:58 +02:00
Koen Vandeputte
de5105febe kernel: bump 4.14 to 4.14.126
Refreshed all patches.

Altered patches:
- 220-optimize_inlining.patch
- 816-pcie-support-layerscape.patch

This patch also restores the initial implementation
of the ath79 perfcount IRQ issue. (78ee6b1a40b5)
It was wrongfully backported upstream initially and got reverted now.

Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-06-18 11:38:58 +02:00
Petr Štetiar
016d1eb1f9 ar71xx: make target source-only
Lets make it really explicit, that we should now focus only on ath79 in
order to make it ready for next release, where ar71xx is going to be
removed for good.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-06-17 09:42:37 +02:00
Henryk Heisig
acf2b6c888 ar71xx: base-files: fix board detect on new MikroTik devices
Move all MikroTik devices to new function to increase script execution
speed.

Machine name in new version of MikroTik RouterBOARD devices add "RB"
before model name:

 Old machine name: MikroTik RouterBOARD 951Ui-2nD
 New:              MikroTik RouterBOARD RB951Ui-2nD

So this patch should fix it for all currently supported MikroTik boards.

Signed-off-by: Henryk Heisig <hyniu@o2.pl>
[rebased,commit message facelift,script fixes]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
[spotted missing 922UAGS-5HPacD]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-06-17 09:42:37 +02:00
Petr Štetiar
eef195f57b tegra: add missing kernel symbol to 4.19 config
This patch adds missing kernel config symbol to 4.19 kernel config.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-06-17 09:42:36 +02:00
Petr Štetiar
1c63e5e869 tegra: refresh 4.19 kernel config
This patch refreshes Tegra's 4.19 kernel config.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-06-17 09:42:36 +02:00
Marko Ratkaj
98684d99b2 mvebu: add kernel 4.19 support
Signed-off-by: Marko Ratkaj <marko.ratkaj@sartura.hr>
[added sfp related patches from Russell King]
Signed-off-by: Marek Behún <marek.behun@nic.cz>
[rebase; rework patches; separate and cleanup kernel configs;
add espessobin dts; adjust venom dts]
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2019-06-17 09:36:03 +02:00
Rafał Miłecki
4d11c4c378 kernel: backport 4.18 patch adding DMI_PRODUCT_SKU
It's needed for applying some hardware quirks. This fixes:
drivers/net/wireless/broadcom/brcm80211/brcmfmac/dmi.c:60:20: error: 'DMI_PRODUCT_SKU' undeclared here (not in a function); did you mean 'DMI_PRODUCT_UUID'?
    DMI_EXACT_MATCH(DMI_PRODUCT_SKU, "T8"),

Fixes: 8888cb725d49 ("mac80211: brcm: backport remaining brcmfmac 5.2 patches")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-06-17 06:53:07 +02:00
George Amanakis
1e3800df18 mvebu: fixes commit a7e68927d0
err_free_stats has been deprecated. Replace with err_netdev.

Compile-tested on: mvebu
Runtime-tested on: mvebu

Fixes: a7e68927d047 ("kernel: bump 4.14 to 4.14.125 (FS#2305 FS#2297)")
Signed-off-by: George Amanakis <gamanakis@gmail.com>
2019-06-16 19:03:04 +02:00
Hauke Mehrtens
6dac1c0a9b kernel: Activate CONFIG_OPTIMIZE_INLINING
This will reduce the size of the kernel if CONFIG_CC_OPTIMIZE_FOR_SIZE is
set like for all targets with small_flash feature flag.
I haven't seen any changes for an ARM64 target which optimizes the
kernel for speed instead.

On the ath79/tiny target the uncompressed kernel size was reduced by
3.2% and the compressed kernel size by 2.1%

kernel size with CONFIG_OPTIMIZE_INLINING=n
4346412 build_dir/target-mips_24kc_musl/linux-ath79_tiny/vmlinux
1391169 build_dir/target-mips_24kc_musl/linux-ath79_tiny/tplink_tl-wr941-v4-kernel.bin

Kernel size with CONFIG_OPTIMIZE_INLINING=y
4212396 build_dir/target-mips_24kc_musl/linux-ath79_tiny/vmlinux
1362051 build_dir/target-mips_24kc_musl/linux-ath79_tiny/tplink_tl-wr941-v4-kernel.bin

This change is currently pending for kernel 5.2 and already in
linux-next, this updates our patch to match the upstream version.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-06-16 18:40:02 +02:00
Adrian Schmutzler
2b3545720b ath79: Add SUPPORTED_DEVICES for Archer C7 v1/v2
The identifier for both devices is "archer-c7" on ar71xx, set here:
https://github.com/openwrt/openwrt/blob/master/target/linux/ar71xx/base-files/lib/ar71xx.sh#L348
https://github.com/openwrt/openwrt/blob/master/target/linux/ar71xx/base-files/lib/ar71xx.sh#L511

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-06-15 20:03:32 +02:00
Pavel Kubelun
e00e6fa90e ipq40xx: fix high resolution timer
Cherry-picked from CAF QSDK repo.
see 090-ipq40xx-fix-high-resolution-timer.patch

Original commit message:
The kernel is failing in switching the timer for high resolution
mode and clock source operates in 10ms resolution. The always-on
property needs to be given for timer device tree node to make
clock source working in 1ns resolution.

Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[changed authorship of main patch to pavel and cherry-picked
patch to Abhishek Sahu]
2019-06-15 19:55:32 +02:00
Pavel Kubelun
2ee98e8f6e ipq40xx: directly define voltage per opp
This should align opp table with what it was before converting to OPP v2.

Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-06-15 19:55:32 +02:00
Mantas Pucka
7193067edb kernel: mt29f_spinand: fix memory leak during page program
Memory is allocated with devm_kzalloc() on every page program
and leaks until device is closed (which never happens).

Convert to kzalloc() and handle error paths manually.

Signed-off-by: Mantas Pucka <mantas@8devices.com>
2019-06-15 19:55:32 +02:00
Adrian Schmutzler
28baaaae82 ath79: Merge cases in 11-ath10k-caldata
Cosmetical patch that just merges two cases.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-06-15 19:55:32 +02:00
Linus Walleij
502b28b4a9 gemini: Make root filesystem writeable
The squashfs+jffs2 root filesystem only came up as read-only
and the config would not take:

[   25.600237] mount_root: Could not open mtd device: /dev/mtd4
[   25.634674] mount_root: reading rootfs_data failed
[   25.665346] mount_root: Could not open mtd device: /dev/mtd3
[   25.699802] mount_root: reading rootfs failed
[   25.726426] mount_root: mounting /dev/root

Well that is not very strange since the whole firmware partition
is made read-only in the device tree. Let's fix that by augmenting
the OpenWrt patch.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2019-06-15 19:55:32 +02:00
Linus Walleij
86098ea87e gemini: Fix MAC address assignment for DIR-685
The DIR-685 has the MAC addresses in the RedBoot code just like
DNS-313. Check some magic numbers to determine that the MAC
address is where we want it and extract it from RedBoot.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[replaced ifconfig with ip, ! -z = -n, added string quotes]
2019-06-15 19:55:31 +02:00
Linus Walleij
38d85d2c9f gemini: Make a per-board case for ethernet MAC
The DNS-313 isn't the only special board so let's bite the
bullet and create a case ladder in preparation for DIR-685.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [refreshed]
2019-06-15 19:55:31 +02:00
Linus Walleij
cd6c3535cd gemini: Use library functions to assign MAC address
This simplifies the ethernet address extraction script
by using standard library functions to locate the MTD
partitions and extract ethernet address from a binary
offset location in the flash. Furthermore, the aging
ifconfig is replaced by the ip tool, which will now
assign the MAC addresses.

Suggested-by: Christian Lamparter <chunkeey@gmail.com>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[ifconfig replacement, use -n instead of ! -z,
-n requires string to be quoted within the test brackets,
drop prepended "x" in check, add quotes, make local
variables local, kill whitespaces]
2019-06-15 19:55:31 +02:00
Christian Lamparter
bdbb679adb gemini: enable CONFIG_PACKET
CONFIG_PACKET is a important feature to have.
The Packet protocol is used by applications which
communicate directly with network devices without
an intermediate network protocol implemented in
the kernel, e.g. tcpdump and ip.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-06-15 19:55:31 +02:00
Stijn Tintel
09c6885ce7 kernel: add missing symbol to 4.19 config
Kernel 4.19.47 added a new kernel config symbol ARM64_ERRATUM_1463225.
This causes a build failure for sunxi/cortexa53. Add the symbol to the
generic config to fix this, and avoid future build failures on other
arm64 targets that expose this symbol. As the erratum only affects
Cortex-A76 cores, we can safely disable it.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2019-06-14 01:24:56 +03:00
Koen Vandeputte
11b4d29ef5 kernel: bump 4.19 to 4.19.50
Refreshed all patches.

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-06-12 15:04:09 +02:00
Koen Vandeputte
a7e68927d0 kernel: bump 4.14 to 4.14.125 (FS#2305 FS#2297)
Refreshed all patches.

This bump contains upstream commits which seem to avoid (not properly fix)
the errors as seen in FS#2305 and FS#2297

Altered patches:
- 403-net-mvneta-convert-to-phylink.patch
- 410-sfp-hack-allow-marvell-10G-phy-support-to-use-SFP.patch

Compile-tested on: ar71xx, cns3xxx, imx6, mvebu, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-06-12 15:04:09 +02:00
Koen Vandeputte
f2f7cc67e5 kernel: bump 4.9 to 4.9.181
Refreshed all patches.

Compile-tested on: ar7
Runtime-tested on: none

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-06-12 15:04:09 +02:00
Kristian Evensen
86b6d31e6e ramips: Remove redundant LED-cases
01_leds has several redundant LED-cases. This commit cleans
up the file by merging these cases into shared cases.

Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
2019-06-10 11:25:47 +02:00
Adrian Schmutzler
fde0abf267 ath79: Add support for TP-Link Archer C25 v1
The TP-Link Archer C25 is a low-cost dual-band router.

Specification:

- CPU: Atheros QCA9561 775 MHz
- RAM: 64 MB
- Flash: 8 MB
- Wifi: 3x3 2.4 GHz (integrated), 1x1 5 GHz QCA9887
- NET: 5x 10/100 Mbps Ethernet

Some LEDs are controlled by an additional 74HC595 chip, but not
all of them as e.g. for the C59.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-06-10 11:25:47 +02:00
Adrian Schmutzler
409940cef4 ath79: Reorder some TP-Link Archer devices in 01_leds
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-06-10 11:25:47 +02:00
Deng Qingfang
b47cf6d539 ramips: mt7620: select kmod-rt2800-pci driver for RT5592
ASUS RP-N53 and Buffalo WHR-600D use RT5592 for 5GHz wireless
After commit 367813b9b17 the driver for RT5592 (rt2800pci)
is not selected by default anymore, which broke their 5GHz wireless
Add it back to device packages

Fixes: 367813b9b17 ("ramips: mt7620: fix dependencies")

Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-06-10 11:25:47 +02:00
David Santamaría Rogado
e19506f206 ath79: migrate Archer C7 5GHz radio device paths
When upgrading a TP-Link Archer C7 v2 from ar71xx to ath79,
the 5ghz radio stops working because the device path changed.

Some people subtitute the unsupported QCA9880v1 in the Archer v1
with supported QCA9880v2 radio. Since the stock radio doesn't
work, so it's safe to apply the change also for the Archer v1
images as well.

Also this patch renames the migration file and variables from
wmac to wifi.

Signed-off-by: David Santamaría Rogado <howl.nsp@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[removed comment, added return 0 (not that it matters since uci is
clever, see 00-wmac-migration thread), reworded commit message]
2019-06-10 11:25:46 +02:00
Adrian Schmutzler
fcb920ffe7 ath79: Consistently label art partition with lower case
This patch harmonizes the label and alias for art partitions
across ath79. Since lower case seems to be more frequent, use that
consistently.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-06-10 11:25:41 +02:00
Adrian Schmutzler
4d807ad2d9 ath79: Read MAC addresses from flash in 11-ath10k-caldata
In commit c3a8518 eth0 and eth1 have been swapped for some devices,
but 11-ath10k-caldata has not been updated.
Instead of fixing this by swapping eth0/eth1, this patch will read
addresses from flash (as done for several devices already) so
adjustments due to eth order become obsolete.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-06-10 11:25:41 +02:00
Adrian Schmutzler
3d153323ab ath79: Consistently label info partition
The info/product-info partition, which frequently contains MAC
adresses, is typically assigned the 'info' alias in DTS, but
then labelled with 'info', 'product-info' or 'config'.

This leads to different aliases if used for setting MAC adresses
in DTS compared to when using e.g. mtd_get_mac_binary. Occationally,
also multiple switch-case entries are used just because of different
labelling.

This patch relabels those partitions in ath79 to consistently use
'info'.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-06-10 11:25:41 +02:00
Pawel Dembicki
c4fdd4979b mpc85xx: re-enable TL-WDR4900v1 images
This reverts commit 324e94f31bfd ("mpc85xx: disable bricking TL-WDR4900v1 images")

The previous commit fixes the TL-WDR4900v1. Enable the target again.

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-06-10 11:21:35 +02:00
Christian Lamparter
1e41de2f48 mpc85xx: convert TL-WDR4900 v1 to simpleImage
Converts the TP-Link WDR4900 v1 to use the simpleImage in the
hopes of prolonging the life of the device. While at it,
the patch makes the fdt.bin an ARTIFACT and sets the KERNEL_SIZE
to 2684 KiB as a precaution since the stock u-boot is using a
fixed kernel size.

Note: Give the image some time, it will take much longer to
extract and boot.

[tested for 4.14/4.19]

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Co-authored-by: Pawel Dembicki <paweldembicki@gmail.com>
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
2019-06-10 11:21:35 +02:00
Petr Štetiar
0e1d07af1d kirkwood: image: fix unwanted 2nd inclusion of kernel
In commit d2e18dae2892 ("kirkwood: cleanup image build code") the image
build code was refactored, setting KERNEL_IN_UBI=0 which doesn't work as
the KERNEL_IN_UBI needs to be unset in order to make it working as
intended, which leads to factory images with two kernels in them:

 binwalk --keep-going openwrt-kirkwood-cisco_on100-squashfs-factory.bin
 MD5 Checksum:  c33e3d1eb0cb632bf0a4dc287592eb70
 DECIMAL   	HEX       	DESCRIPTION
 -------------------------------------------------------------------------------
 0         	0x0       	uImage header [...] "ARM OpenWrt Linux-4.14.123"
 5769216   	0x580800  	uImage header [...] "ARM OpenWrt Linux-4.14.123"

Cc: Mathias Kresin <dev@kresin.me>
Ref: https://bugs.openwrt.org/index.php?do=details&task_id=2285
Fixes: d2e18dae2892 ("kirkwood: cleanup image build code")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-06-09 14:51:47 +02:00
Chen Minqiang
de1431b589 kernel: re-add bridge allow reception on disabled port
The "bridge allow reception on disabled port" implementation
was broken after these commits:

08802d93e2c1 ("kernel: bump 4.19 to 4.19.37")
b765f4be407c ("kernel: bump 4.14 to 4.14.114")
456f486b53a7 ("kernel: bump 4.9 to 4.9.171")

This leads to issues when for example WDS is used, tied to a bridge:

[ 96.503771] wlan1: send auth to d4:5f:25:eb:09:82 (try 1/3)
[ 96.517956] wlan1: authenticated
[ 96.526209] wlan1: associate with d4:5f:25:eb:09:82 (try 1/3)
[ 97.086156] wlan1: associate with d4:5f:25:eb:09:82 (try 2/3)
[ 97.200919] wlan1: RX AssocResp from d4:5f:25:eb:09:82 (capab=0x11 status=0 aid=1)
[ 97.208706] wlan1: associated
[ 101.312913] wlan1: deauthenticated from d4:5f:25:eb:09:82 (Reason: 2=PREV_AUTH_NOT_VALID)

It seems upstream introduced a new patch, [1]
so we have to reimplement these patches properly:

target/linux/generic/pending-4.9/150-bridge_allow_receiption_on_disabled_port.patch
target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch
target/linux/generic/pending-4.19/150-bridge_allow_receiption_on_disabled_port.patch

[1] https://lkml.org/lkml/2019/4/24/1228

Fixes: 08802d93e2c1 ("kernel: bump 4.19 to 4.19.37")
Fixes: b765f4be407c ("kernel: bump 4.14 to 4.14.114")
Fixes: 456f486b53a7 ("kernel: bump 4.9 to 4.9.171")
Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
[updated commit message and title]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-06-07 18:22:20 +02:00
Kevin Darbyshire-Bryant
b8a72dfd28 kernel: backport act_ctinfo
ctinfo is a new tc filter action module.  It is designed to restore
information contained in firewall conntrack marks to other packet fields
and is typically used on packet ingress paths.  At present it has two
independent sub-functions or operating modes, DSCP restoration mode &
skb mark restoration mode.

The DSCP restore mode:

This mode copies DSCP values that have been placed in the firewall
conntrack mark back into the IPv4/v6 diffserv fields of relevant
packets.

The DSCP restoration is intended for use and has been found useful for
restoring ingress classifications based on egress classifications across
links that bleach or otherwise change DSCP, typically home ISP Internet
links.  Restoring DSCP on ingress on the WAN link allows qdiscs such as
but by no means limited to CAKE to shape inbound packets according to
policies that are easier to set & mark on egress.

Ingress classification is traditionally a challenging task since
iptables rules haven't yet run and tc filter/eBPF programs are pre-NAT
lookups, hence are unable to see internal IPv4 addresses as used on the
typical home masquerading gateway.  Thus marking the connection in some
manner on egress for later restoration of classification on ingress is
easier to implement.

Parameters related to DSCP restore mode:

dscpmask - a 32 bit mask of 6 contiguous bits and indicate bits of the
conntrack mark field contain the DSCP value to be restored.

statemask - a 32 bit mask of (usually) 1 bit length, outside the area
specified by dscpmask.  This represents a conditional operation flag
whereby the DSCP is only restored if the flag is set.  This is useful to
implement a 'one shot' iptables based classification where the
'complicated' iptables rules are only run once to classify the
connection on initial (egress) packet and subsequent packets are all
marked/restored with the same DSCP.  A mask of zero disables the
conditional behaviour ie. the conntrack mark DSCP bits are always
restored to the ip diffserv field (assuming the conntrack entry is found
& the skb is an ipv4/ipv6 type)

e.g. dscpmask 0xfc000000 statemask 0x01000000

|----0xFC----conntrack mark----000000---|
| Bits 31-26 | bit 25 | bit24 |~~~ Bit 0|
| DSCP       | unused | flag  |unused   |
|-----------------------0x01---000000---|
      |                   |
      |                   |
      ---|             Conditional flag
         v             only restore if set
|-ip diffserv-|
| 6 bits      |
|-------------|

The skb mark restore mode (cpmark):

This mode copies the firewall conntrack mark to the skb's mark field.
It is completely the functional equivalent of the existing act_connmark
action with the additional feature of being able to apply a mask to the
restored value.

Parameters related to skb mark restore mode:

mask - a 32 bit mask applied to the firewall conntrack mark to mask out
bits unwanted for restoration.  This can be useful where the conntrack
mark is being used for different purposes by different applications.  If
not specified and by default the whole mark field is copied (i.e.
default mask of 0xffffffff)

e.g. mask 0x00ffffff to mask out the top 8 bits being used by the
aforementioned DSCP restore mode.

|----0x00----conntrack mark----ffffff---|
| Bits 31-24 |                          |
| DSCP & flag|      some value here     |
|---------------------------------------|
			|
			|
			v
|------------skb mark-------------------|
|            |                          |
|  zeroed    |                          |
|---------------------------------------|

Overall parameters:

zone - conntrack zone

control - action related control (reclassify | pipe | drop | continue |
ok | goto chain <CHAIN_INDEX>)

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Reviewed-by: Toke Høiland-Jørgensen <toke@redhat.com>
Acked-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

Make suitable adjustments for backporting to 4.14 & 4.19
and add to SCHED_MODULES_FILTER

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-06-06 15:41:07 +01:00
Biwen Li
5159d71983 layerscape: update patches-4.14 to LSDK 19.03
All patches of LSDK 19.03 were ported to Openwrt kernel.
We still used an all-in-one patch for each IP/feature for
OpenWrt.

Below are the changes this patch introduced.
- Updated original IP/feature patches to LSDK 19.03.
- Added new IP/feature patches for eTSEC/PTP/TMU.
- Squashed scattered patches into IP/feature patches.
- Updated config-4.14 correspondingly.
- Refreshed all patches.

More info about LSDK and the kernel:
- https://lsdk.github.io/components.html
- https://source.codeaurora.org/external/qoriq/qoriq-components/linux

Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
2019-06-06 15:40:09 +02:00
Biwen Li
c07d3302b3 layerscape: convert to use TF-A for firmware
This patch is to convert to use TF-A for firmware.
- Use un-swapped rcw since swapping will be done in TF-A.
- Use u-boot with TF-A defconfig.
- Rework memory map for TF-A introduction.

Signed-off-by: Biwen Li <biwen.li@nxp.com>
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
2019-06-06 15:40:09 +02:00
Yangbo Lu
b4b53cd39b layerscape: drop armv8_32b support
NXP LSDK has decided to drop armv8_32b support considering
few users are using it.

Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
2019-06-06 15:40:08 +02:00
Yangbo Lu
d32ca55492 layerscape: remove POSIX_MQUEUE configs
The POSIX_MQUEUE configs had been handled by OpenWrt
configuration.

Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
2019-06-06 15:40:08 +02:00
Yangbo Lu
65adf759b5 kernel: handle CFQ_GROUP_IOSCHED/CGROUP_HUGETLB in config-4.14
The generic config-4.14 should handle below configs.
- CONFIG_CFQ_GROUP_IOSCHED
- CONFIG_CGROUP_HUGETLB

Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
2019-06-06 15:40:08 +02:00
Daniel Gonzalez Cabanelas
d1a015f8ca brcm63xx: DVA-G3810BN/TL: Fix the WAN ethernet port
The WAN port has the wrong configuration in the kernel for the DVA-G3810BN/TL

The WAN port uses the internal phy, but it isn't enabled at the kernel board data.

Fix it.

Signed-off-by: Daniel Gonzalez Cabanelas <dgcbueu@gmail.com>
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2019-06-06 12:05:51 +02:00
Kevin Darbyshire-Bryant
24e09bac48 Revert "kernel: backport act_ctinfo"
This reverts commit 7c50182e0cdce0366715082872a2afbcf208bbf8.

Produces build error:
Package kmod-sched is missing dependencies for the following libraries:
nf_conntrack.ko

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-06-06 10:45:15 +01:00
Kevin Darbyshire-Bryant
7c50182e0c kernel: backport act_ctinfo
ctinfo is a new tc filter action module.  It is designed to restore
information contained in firewall conntrack marks to other packet fields
and is typically used on packet ingress paths.  At present it has two
independent sub-functions or operating modes, DSCP restoration mode &
skb mark restoration mode.

The DSCP restore mode:

This mode copies DSCP values that have been placed in the firewall
conntrack mark back into the IPv4/v6 diffserv fields of relevant
packets.

The DSCP restoration is intended for use and has been found useful for
restoring ingress classifications based on egress classifications across
links that bleach or otherwise change DSCP, typically home ISP Internet
links.  Restoring DSCP on ingress on the WAN link allows qdiscs such as
but by no means limited to CAKE to shape inbound packets according to
policies that are easier to set & mark on egress.

Ingress classification is traditionally a challenging task since
iptables rules haven't yet run and tc filter/eBPF programs are pre-NAT
lookups, hence are unable to see internal IPv4 addresses as used on the
typical home masquerading gateway.  Thus marking the connection in some
manner on egress for later restoration of classification on ingress is
easier to implement.

Parameters related to DSCP restore mode:

dscpmask - a 32 bit mask of 6 contiguous bits and indicate bits of the
conntrack mark field contain the DSCP value to be restored.

statemask - a 32 bit mask of (usually) 1 bit length, outside the area
specified by dscpmask.  This represents a conditional operation flag
whereby the DSCP is only restored if the flag is set.  This is useful to
implement a 'one shot' iptables based classification where the
'complicated' iptables rules are only run once to classify the
connection on initial (egress) packet and subsequent packets are all
marked/restored with the same DSCP.  A mask of zero disables the
conditional behaviour ie. the conntrack mark DSCP bits are always
restored to the ip diffserv field (assuming the conntrack entry is found
& the skb is an ipv4/ipv6 type)

e.g. dscpmask 0xfc000000 statemask 0x01000000

|----0xFC----conntrack mark----000000---|
| Bits 31-26 | bit 25 | bit24 |~~~ Bit 0|
| DSCP       | unused | flag  |unused   |
|-----------------------0x01---000000---|
      |                   |
      |                   |
      ---|             Conditional flag
         v             only restore if set
|-ip diffserv-|
| 6 bits      |
|-------------|

The skb mark restore mode (cpmark):

This mode copies the firewall conntrack mark to the skb's mark field.
It is completely the functional equivalent of the existing act_connmark
action with the additional feature of being able to apply a mask to the
restored value.

Parameters related to skb mark restore mode:

mask - a 32 bit mask applied to the firewall conntrack mark to mask out
bits unwanted for restoration.  This can be useful where the conntrack
mark is being used for different purposes by different applications.  If
not specified and by default the whole mark field is copied (i.e.
default mask of 0xffffffff)

e.g. mask 0x00ffffff to mask out the top 8 bits being used by the
aforementioned DSCP restore mode.

|----0x00----conntrack mark----ffffff---|
| Bits 31-24 |                          |
| DSCP & flag|      some value here     |
|---------------------------------------|
			|
			|
			v
|------------skb mark-------------------|
|            |                          |
|  zeroed    |                          |
|---------------------------------------|

Overall parameters:

zone - conntrack zone

control - action related control (reclassify | pipe | drop | continue |
ok | goto chain <CHAIN_INDEX>)

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Reviewed-by: Toke Høiland-Jørgensen <toke@redhat.com>
Acked-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

Make suitable adjustments for backporting to 4.14 & 4.19

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-06-06 09:41:26 +01:00
Koen Vandeputte
66d1c29655 kernel: bump 4.19 to 4.19.48
Refreshed all patches.

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-06-05 12:12:59 +02:00
Petr Štetiar
df34f29fcc kernel: generic: make kernel-debug.tar.bz2 usable again
This patch removes 202-reduce_module_size.patch which is causing missing
debug symbols in kernel modules, leading to unusable
kernel-debug.tar.bz2 on all platforms, making debugging of release
kernel crashes difficult.

Cc: Felix Fietkau <nbd@nbd.name>
Acked-by: Jonas Gorski <jonas.gorski@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-06-05 10:26:34 +02:00
Chuanhong Guo
0ab9f283f7 ramips: add support for TOTOLINK LR1200
Specifications:
- SoC: MT7628DAN (MT7628AN with 64MB built-in RAM)
- Flash: 8M SPI NOR
- Ethernet: 5x 10/100Mbps
- WiFi: 2.4G: MT7628 built-in
        5G: MT7612E
- 1x miniPCIe slot for LTE modem (only USB pins connected)
- 1x SIM slot

Flash instruction:
U-boot has a builtin web recovery page:
1. Hold the reset button while powering it up
2. Connect to the ethernet and set an IP in 192.168.1.0/24 range
3. Open your browser and upload firmware through http://192.168.1.1

Note about the LTE modem:
If your router comes with an EC25 module and it doesn't show up
as a QMI device, you should do the following to switch it to QMI
mode:
1. Install kmod-usb-serial-option and a terminal software
   (e.g. minicom or screen). All 4 serial ports of the modem
   should be available now.
2. Open /dev/ttyUSB3 with the terminal software and type this
   AT command: AT+QCFG="usbnet",0
3. Power-cycle the router. You should now get a QMI device
   recognized.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2019-06-05 10:26:33 +02:00