diff options
| author | Hauke Mehrtens <hauke@hauke-m.de> | 2017-10-29 19:32:10 +0100 |
|---|---|---|
| committer | Hauke Mehrtens <hauke@hauke-m.de> | 2017-12-16 22:11:19 +0100 |
| commit | b3f95490b9bec020314eb32016988ee262d52884 (patch) | |
| tree | f8289c19587108bb3b687575776f559eee6f01fd /target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch | |
| parent | a362df6f253e4460504fd870d6a7af40ef86ad70 (diff) | |
| download | upstream-b3f95490b9bec020314eb32016988ee262d52884.tar.gz upstream-b3f95490b9bec020314eb32016988ee262d52884.tar.bz2 upstream-b3f95490b9bec020314eb32016988ee262d52884.zip | |
kernel: generic: Add kernel 4.14 support
This adds initial support for kernel 4.14 based on the patches for
kernel 4.9.
In the configuration I deactivated some of the new possible security
features like:
CONFIG_REFCOUNT_FULL
CONFIG_SLAB_FREELIST_HARDENED
CONFIG_SOFTLOCKUP_DETECTOR
CONFIG_WARN_ALL_UNSEEDED_RANDOM
And these overlay FS options are also deactivated:
CONFIG_OVERLAY_FS_INDEX
CONFIG_OVERLAY_FS_REDIRECT_DIR
I activated this:
CONFIG_FORTIFY_SOURCE
CONFIG_POSIX_TIMERS
CONFIG_SLAB_MERGE_DEFAULT
CONFIG_WATCHDOG_HANDLE_BOOT_ENABLED
I am not sure if I did the porting correct for the following patches:
target/linux/generic/backport-4.14/020-backport_netfilter_rtcache.patch
target/linux/generic/hack-4.14/220-gc_sections.patch
target/linux/generic/hack-4.14/321-powerpc_crtsavres_prereq.patch
target/linux/generic/pending-4.14/305-mips_module_reloc.patch
target/linux/generic/pending-4.14/611-netfilter_match_bypass_default_table.patch
target/linux/generic/pending-4.14/680-NET-skip-GRO-for-foreign-MAC-addresses.patch
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Diffstat (limited to 'target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch')
| -rw-r--r-- | target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch b/target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch new file mode 100644 index 0000000000..03267310a0 --- /dev/null +++ b/target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch @@ -0,0 +1,43 @@ +From: Stephen Hemminger <stephen@networkplumber.org> +Subject: bridge: allow receiption on disabled port + +When an ethernet device is enslaved to a bridge, and the bridge STP +detects loss of carrier (or operational state down), then normally +packet receiption is blocked. + +This breaks control applications like WPA which maybe expecting to +receive packets to negotiate to bring link up. The bridge needs to +block forwarding packets from these disabled ports, but there is no +hard requirement to not allow local packet delivery. + +Signed-off-by: Stephen Hemminger <stephen@networkplumber.org> +Signed-off-by: Felix Fietkau <nbd@nbd.name> + +--- a/net/bridge/br_input.c ++++ b/net/bridge/br_input.c +@@ -238,7 +238,8 @@ static int br_handle_local_finish(struct + { + struct net_bridge_port *p = br_port_get_rcu(skb->dev); + +- __br_handle_local_finish(skb); ++ if (p->state != BR_STATE_DISABLED) ++ __br_handle_local_finish(skb); + + BR_INPUT_SKB_CB(skb)->brdev = p->br->dev; + br_pass_frame_up(skb); +@@ -326,6 +327,15 @@ rx_handler_result_t br_handle_frame(stru + + forward: + switch (p->state) { ++ case BR_STATE_DISABLED: ++ if (ether_addr_equal(p->br->dev->dev_addr, dest)) ++ skb->pkt_type = PACKET_HOST; ++ ++ NF_HOOK(NFPROTO_BRIDGE, NF_BR_PRE_ROUTING, ++ dev_net(skb->dev), NULL, skb, skb->dev, NULL, ++ br_handle_local_finish); ++ break; ++ + case BR_STATE_FORWARDING: + rhook = rcu_dereference(br_should_route_hook); + if (rhook) { |