Re: [OpenWrt-Devel] [PATCH 2/2] [RFC] kernel: bump 4.14 to 4.14.54 for 18.06
Op wo, 11 jul 2018 om 10:31 , schreef Koen Vandeputte : On 2018-07-11 10:11, Kevin Darbyshire-Bryant wrote: > > Really not convinced I agree with the "patch 335 removes the whole code block where that one line changed in upstream”. Did a refresh myself, several times, and patch 335 is a right confusing pain in the backside. I think the block in question should look like: > > @@ -4619,38 +4605,37 @@ static int nf_tables_dump_obj(struct sk_ >rcu_read_lock(); >cb->seq = net->nft.base_seq; > > - list_for_each_entry_rcu(afi, >nft.af_info, list) { > - if (family != NFPROTO_UNSPEC && family != afi->family) > + list_for_each_entry_rcu(table, >nft.tables, list) { > + if (family != NFPROTO_UNSPEC && family != table->afi->family) >continue; > > - list_for_each_entry_rcu(table, >tables, list) { > - list_for_each_entry_rcu(obj, >objects, list) { > - if (!nft_is_active(net, obj)) > - goto cont; > - if (idx < s_idx) > - goto cont; > - if (idx > s_idx) > - memset(>args[1], 0, > - sizeof(cb->args) - sizeof(cb->args[0])); > - if (filter && filter->table && > - strcmp(filter->table, table->name)) > - goto cont; > - if (filter && > - filter->type != NFT_OBJECT_UNSPEC && > - obj->ops->type->type != filter->type) > - goto cont; > + list_for_each_entry_rcu(obj, >objects, list) { > + if (!nft_is_active(net, obj)) > + goto cont; > + if (idx < s_idx) > + goto cont; > + if (idx > s_idx) > + memset(>args[1], 0, > + sizeof(cb->args) - sizeof(cb->args[0])); > + if (filter && filter->table && > + strcmp(filter->table, table->name)) > + goto cont; > + if (filter && > + filter->type != NFT_OBJECT_UNSPEC && > + obj->ops->type->type != filter->type) > + goto cont; > > -if (nf_tables_fill_obj_info(skb, net, NETLINK_CB(cb->skb).portid, > - cb->nlh->nlmsg_seq, > - NFT_MSG_NEWOBJ, > - NLM_F_MULTI | NLM_F_APPEND, > - afi->family, table, obj, reset) < 0) > - goto done; > + if (nf_tables_fill_obj_info(skb, net, NETLINK_CB(cb->skb).portid, > + cb->nlh->nlmsg_seq, > + NFT_MSG_NEWOBJ, > + NLM_F_MULTI | NLM_F_APPEND, > + table->afi->family, table, > + obj, reset) < 0) > + goto done; > > - nl_dump_check_consistent(cb, nlmsg_hdr(skb)); > -cont: > - idx++; > - } > + nl_dump_check_consistent(cb, nlmsg_hdr(skb)); > + cont: > + idx++; >} >} > done: > > There are a couple of similar blocks, which have probably confused me anyway. > > Overall this one patch in the refresh makes me distinctly uncomfortable. > > +1 to get this cleaned up properly, but I would propose to do it separately and after the kernel bump patch. Koen Hi Koen, Thanks, you beat me to it - thank you. Stijn ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH 2/2] [RFC] kernel: bump 4.14 to 4.14.54 for 18.06
> On 11 Jul 2018, at 10:44, Hannu Nyman wrote: > > Kevin Darbyshire-Bryant wrote: >> Really not convinced I agree with the "patch 335 removes the whole code >> block where that one line changed in upstream”. > > You are right. > The corresponding addition needs to be done for the lines replacing the > removed lines: > 932 + if (filter && filter->table[0] && > should likely be > 932 + if (filter && filter->table && > matching the change done upstream. > > In my comment I overlooked the part where we add back similar lines :-( lol - I’m really happy….it turns out I’m not *completely* stupid :-) > > (the refresh patch only notices the need to refresh the upstream lines, but > does not know about out own additions.) Reading patches to patches is….challenging. I wonder if there’s a tool that would make it easier? Sunshine! Kevin signature.asc Description: Message signed with OpenPGP ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH 2/2] [RFC] kernel: bump 4.14 to 4.14.54 for 18.06
Kevin Darbyshire-Bryant wrote: Really not convinced I agree with the "patch 335 removes the whole code block where that one line changed in upstream”. You are right. The corresponding addition needs to be done for the lines replacing the removed lines: 932 + if (filter && filter->table[0] && should likely be 932 + if (filter && filter->table && matching the change done upstream. In my comment I overlooked the part where we add back similar lines :-( (the refresh patch only notices the need to refresh the upstream lines, but does not know about out own additions.) ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH 2/2] [RFC] kernel: bump 4.14 to 4.14.54 for 18.06
On 2018-07-11 10:11, Kevin Darbyshire-Bryant wrote: Really not convinced I agree with the "patch 335 removes the whole code block where that one line changed in upstream”. Did a refresh myself, several times, and patch 335 is a right confusing pain in the backside. I think the block in question should look like: @@ -4619,38 +4605,37 @@ static int nf_tables_dump_obj(struct sk_ rcu_read_lock(); cb->seq = net->nft.base_seq; - list_for_each_entry_rcu(afi, >nft.af_info, list) { - if (family != NFPROTO_UNSPEC && family != afi->family) + list_for_each_entry_rcu(table, >nft.tables, list) { + if (family != NFPROTO_UNSPEC && family != table->afi->family) continue; - list_for_each_entry_rcu(table, >tables, list) { - list_for_each_entry_rcu(obj, >objects, list) { - if (!nft_is_active(net, obj)) - goto cont; - if (idx < s_idx) - goto cont; - if (idx > s_idx) - memset(>args[1], 0, - sizeof(cb->args) - sizeof(cb->args[0])); - if (filter && filter->table && - strcmp(filter->table, table->name)) - goto cont; - if (filter && - filter->type != NFT_OBJECT_UNSPEC && - obj->ops->type->type != filter->type) - goto cont; + list_for_each_entry_rcu(obj, >objects, list) { + if (!nft_is_active(net, obj)) + goto cont; + if (idx < s_idx) + goto cont; + if (idx > s_idx) + memset(>args[1], 0, + sizeof(cb->args) - sizeof(cb->args[0])); + if (filter && filter->table && + strcmp(filter->table, table->name)) + goto cont; + if (filter && + filter->type != NFT_OBJECT_UNSPEC && + obj->ops->type->type != filter->type) + goto cont; - if (nf_tables_fill_obj_info(skb, net, NETLINK_CB(cb->skb).portid, - cb->nlh->nlmsg_seq, - NFT_MSG_NEWOBJ, - NLM_F_MULTI | NLM_F_APPEND, - afi->family, table, obj, reset) < 0) - goto done; + if (nf_tables_fill_obj_info(skb, net, NETLINK_CB(cb->skb).portid, + cb->nlh->nlmsg_seq, + NFT_MSG_NEWOBJ, + NLM_F_MULTI | NLM_F_APPEND, + table->afi->family, table, + obj, reset) < 0) + goto done; - nl_dump_check_consistent(cb, nlmsg_hdr(skb)); -cont: - idx++; - } + nl_dump_check_consistent(cb, nlmsg_hdr(skb)); + cont: + idx++; } } done: There are a couple of similar blocks, which have probably confused me anyway. Overall this one patch in the refresh makes me distinctly uncomfortable. +1 to get this cleaned up properly, but I would propose to do it separately and after the kernel bump patch. Koen ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH 2/2] [RFC] kernel: bump 4.14 to 4.14.54 for 18.06
On 2018-07-10 22:08, Stijn Segers wrote: Refreshed patches. The bump from .53 to .54 introduced a minor change in net/netfilter/nf_tables_api.c [1] but I am unable to judge if this is a fluke or not, so I'd like a second pair of eyes on that. It's a single 'table[0]' being replaced by 'table': - if (filter && filter->table[0] && + if (filter && filter->table && I have updated the 335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch accordingly. Compile-tested on: ramips/mt7621, x86/64 Run-tested on: ramips/mt7621, x86/64 [1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/diff/net/netfilter/nf_tables_api.c?id=v4.14.54=v4.14.53 Hi Stijn, I ran into the same yesterday when creating the bump to 4.14.54 for master. The upstream patch in 4.14 is altering this check in 1 location only: nf_tables_dump_obj() [1] Within OpenWrt, this functionality was backported from 4.16 and 4.18 Within the "335-.." patch, there is another function doing the exact same check on the exact same data: nf_tables_dump_flowtable() [2] Your kernel bump patch should also fix it over there. (line 1084) [1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?h=v4.14.54=b8d8cde449fd51db0bb407dece03d36ced1acb83 [2] https://git.openwrt.org/?p=openwrt/staging/xback.git;a=blob;f=target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch;h=787f62ef8f0b2a0d9ca8e1fb360a6c06115b40fc;hb=b84a07b3803bd39d0a1eb1b040718a023b8f7971#l1048 Koen ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH 2/2] [RFC] kernel: bump 4.14 to 4.14.54 for 18.06
> On 11 Jul 2018, at 05:45, Hannu Nyman wrote: > > Stijn Segers kirjoitti 10.7.2018 klo 23:08: >> Refreshed patches. The bump from .53 to .54 introduced a minor change in >> net/netfilter/nf_tables_api.c [1] but I am unable to >> judge if this is a fluke or not, so I'd like a second pair of eyes on that. >> It's a single 'table[0]' being replaced by 'table': >> >> - if (filter && filter->table[0] && >> + if (filter && filter->table && >> >> I have updated the >> 335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch >> accordingly. >> > > Seems like a legitimate change due to upstream changes that are clearly > visible in your upstream diff link. > > Clicking your link and then looking at the file's commit log, I luckily > stumbled directly to the responsible commit (fix NULL pointer): > > https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/net/netfilter/nf_tables_api.c?id=360cc79d9d299ce297b205508276285ceffc5fa8 > > Note also that our patch 335 removes the whole code block where that one line > changed in upstream. So, the change inside the removed code block would be > rather safe in any case. > > >> >> [1] >> https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/diff/net/netfilter/nf_tables_api.c?id=v4.14.54=v4.14.53 >> > >> @@ -895,7 +895,7 @@ Signed-off-by: Pablo Neira Ayuso >> const struct nft_table *table; >> unsigned int idx = 0, s_idx = cb->args[0]; >> struct nft_obj_filter *filter = cb->data; >> -@@ -4576,38 +4562,37 @@ static int nf_tables_dump_obj(struct sk_ >> +@@ -4619,38 +4605,37 @@ static int nf_tables_dump_obj(struct sk_ >> rcu_read_lock(); >> cb->seq = net->nft.base_seq; >> @@ -914,7 +914,7 @@ Signed-off-by: Pablo Neira Ayuso >> - if (idx > s_idx) >> - memset(>args[1], 0, >> - sizeof(cb->args) - >> sizeof(cb->args[0])); >> -- if (filter && filter->table[0] && >> +- if (filter && filter->table && >> - strcmp(filter->table, table->name)) >> - goto cont; >> - if (filter && >> @@ -960,7 +960,7 @@ Signed-off-by: Pablo Neira Ayuso >> } >> } > Really not convinced I agree with the "patch 335 removes the whole code block where that one line changed in upstream”. Did a refresh myself, several times, and patch 335 is a right confusing pain in the backside. I think the block in question should look like: @@ -4619,38 +4605,37 @@ static int nf_tables_dump_obj(struct sk_ rcu_read_lock(); cb->seq = net->nft.base_seq; - list_for_each_entry_rcu(afi, >nft.af_info, list) { - if (family != NFPROTO_UNSPEC && family != afi->family) + list_for_each_entry_rcu(table, >nft.tables, list) { + if (family != NFPROTO_UNSPEC && family != table->afi->family) continue; - list_for_each_entry_rcu(table, >tables, list) { - list_for_each_entry_rcu(obj, >objects, list) { - if (!nft_is_active(net, obj)) - goto cont; - if (idx < s_idx) - goto cont; - if (idx > s_idx) - memset(>args[1], 0, - sizeof(cb->args) - sizeof(cb->args[0])); - if (filter && filter->table && - strcmp(filter->table, table->name)) - goto cont; - if (filter && - filter->type != NFT_OBJECT_UNSPEC && - obj->ops->type->type != filter->type) - goto cont; + list_for_each_entry_rcu(obj, >objects, list) { + if (!nft_is_active(net, obj)) + goto cont; + if (idx < s_idx) + goto cont; + if (idx > s_idx) + memset(>args[1], 0, + sizeof(cb->args) - sizeof(cb->args[0])); + if (filter && filter->table && + strcmp(filter->table, table->name)) + goto cont; + if (filter && + filter->type != NFT_OBJECT_UNSPEC && + obj->ops->type->type != filter->type) + goto cont; - if (nf_tables_fill_obj_info(skb, net, NETLINK_CB(cb->skb).portid, -
Re: [OpenWrt-Devel] [PATCH 2/2] [RFC] kernel: bump 4.14 to 4.14.54 for 18.06
Stijn Segers kirjoitti 10.7.2018 klo 23:08: Refreshed patches. The bump from .53 to .54 introduced a minor change in net/netfilter/nf_tables_api.c [1] but I am unable to judge if this is a fluke or not, so I'd like a second pair of eyes on that. It's a single 'table[0]' being replaced by 'table': - if (filter && filter->table[0] && + if (filter && filter->table && I have updated the 335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch accordingly. Seems like a legitimate change due to upstream changes that are clearly visible in your upstream diff link. Clicking your link and then looking at the file's commit log, I luckily stumbled directly to the responsible commit (fix NULL pointer): https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/net/netfilter/nf_tables_api.c?id=360cc79d9d299ce297b205508276285ceffc5fa8 Note also that our patch 335 removes the whole code block where that one line changed in upstream. So, the change inside the removed code block would be rather safe in any case. [1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/diff/net/netfilter/nf_tables_api.c?id=v4.14.54=v4.14.53 @@ -895,7 +895,7 @@ Signed-off-by: Pablo Neira Ayuso const struct nft_table *table; unsigned int idx = 0, s_idx = cb->args[0]; struct nft_obj_filter *filter = cb->data; -@@ -4576,38 +4562,37 @@ static int nf_tables_dump_obj(struct sk_ +@@ -4619,38 +4605,37 @@ static int nf_tables_dump_obj(struct sk_ rcu_read_lock(); cb->seq = net->nft.base_seq; @@ -914,7 +914,7 @@ Signed-off-by: Pablo Neira Ayuso - if (idx > s_idx) - memset(>args[1], 0, -sizeof(cb->args) - sizeof(cb->args[0])); -- if (filter && filter->table[0] && +- if (filter && filter->table && - strcmp(filter->table, table->name)) - goto cont; - if (filter && @@ -960,7 +960,7 @@ Signed-off-by: Pablo Neira Ayuso } } ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH 2/2] [RFC] kernel: bump 4.14 to 4.14.54 for 18.06
Refreshed patches. The bump from .53 to .54 introduced a minor change in net/netfilter/nf_tables_api.c [1] but I am unable to judge if this is a fluke or not, so I'd like a second pair of eyes on that. It's a single 'table[0]' being replaced by 'table': - if (filter && filter->table[0] && + if (filter && filter->table && I have updated the 335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch accordingly. Compile-tested on: ramips/mt7621, x86/64 Run-tested on: ramips/mt7621, x86/64 [1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/diff/net/netfilter/nf_tables_api.c?id=v4.14.54=v4.14.53 Signed-off-by: Stijn Segers --- include/kernel-version.mk | 4 +- .../patches-4.14/830-huawei_e970_support.patch | 4 +- ...ore-only-allow-one-nat-hook-per-hook-poin.patch | 2 +- ...f_tables-remove-multihook-chains-and-fami.patch | 46 +++--- ...f_tables-remove-hooks-from-family-definit.patch | 12 +- .../314-v4.16-netfilter-meta-secpath-support.patch | 6 +- ...nf_tables-add-flow-table-netlink-frontend.patch | 42 +++--- ...f_tables-remove-nhooks-field-from-struct-.patch | 8 +- ...f_tables-fix-a-typo-in-nf_tables_getflowt.patch | 2 +- ...f_tables-remove-flag-field-from-struct-nf.patch | 6 +- ...f_tables-no-need-for-struct-nft_af_info-t.patch | 12 +- ...f_tables-remove-struct-nft_af_info-parame.patch | 6 +- ...f_tables-fix-potential-NULL-ptr-deref-in-.patch | 2 +- ...f_tables-add-single-table-list-for-all-fa.patch | 160 ++--- ...15-netfilter-exit_net-cleanup-check-added.patch | 4 +- ...lter-nf_tables-get-rid-of-pernet-families.patch | 12 +- ...f_tables-get-rid-of-struct-nft_af_info-ab.patch | 132 - ...ft_flow_offload-wait-for-garbage-collecto.patch | 2 +- ...16-netfilter-nf_tables-fix-flowtable-free.patch | 2 +- ...f_tables-allocate-handle-and-delete-objec.patch | 64 - ...f_flow_table-move-init-code-to-nf_flow_ta.patch | 4 +- ...f_flow_table-fix-priv-pointer-for-netdev-.patch | 2 +- ...f_flow_table-track-flow-tables-in-nf_flow.patch | 4 +- .../generic/hack-4.14/904-debloat_dma_buf.patch| 2 +- ...tach-mtd-device-named-ubi-or-data-on-boot.patch | 4 +- ...f_flow_table-add-hardware-offload-support.patch | 6 +- ...ubi-add-quirk-to-autoload-ubi-on-rt-ac58u.patch | 2 +- target/linux/mediatek/patches-4.14/0064-dts.patch | 14 +- 28 files changed, 283 insertions(+), 283 deletions(-) diff --git a/include/kernel-version.mk b/include/kernel-version.mk index 250ac0f15e..f0d8160e34 100644 --- a/include/kernel-version.mk +++ b/include/kernel-version.mk @@ -5,12 +5,12 @@ LINUX_RELEASE?=1 LINUX_VERSION-3.18 = .71 LINUX_VERSION-4.4 = .121 LINUX_VERSION-4.9 = .111 -LINUX_VERSION-4.14 = .52 +LINUX_VERSION-4.14 = .54 LINUX_KERNEL_HASH-3.18.71 = 5abc9778ad44ce02ed6c8ab52ece8a21c6d20d21f6ed8a19287b4a38a50c1240 LINUX_KERNEL_HASH-4.4.121 = 44a88268b5088dc326b30c9b9133ac35a9a200b636b7268d08f32abeae6ca729 LINUX_KERNEL_HASH-4.9.111 = 5966558959dc580f163766f3fdefd7e57c01b2b45d51202d00b3807c253759dd -LINUX_KERNEL_HASH-4.14.52 = a5d226c7b2fd1eb0f01d56e4e2c6a0100784b68df907cc7317f32bde34f88810 +LINUX_KERNEL_HASH-4.14.54 = 451642ac28c539a91072f1fb83b1c061d6d44df870ddf5562400ade5e1c4b6c6 remove_uri_prefix=$(subst git://,,$(subst http://,,$(subst https://,,$(1 sanitize_uri=$(call qstrip,$(subst @,_,$(subst :,_,$(subst .,_,$(subst -,_,$(subst /,_,$(1))) diff --git a/target/linux/brcm47xx/patches-4.14/830-huawei_e970_support.patch b/target/linux/brcm47xx/patches-4.14/830-huawei_e970_support.patch index b6150ed8fd..5d40fe6541 100644 --- a/target/linux/brcm47xx/patches-4.14/830-huawei_e970_support.patch +++ b/target/linux/brcm47xx/patches-4.14/830-huawei_e970_support.patch @@ -8,7 +8,7 @@ #include #include #include -@@ -225,6 +226,33 @@ static struct fixed_phy_status bcm47xx_f +@@ -231,6 +232,33 @@ static struct fixed_phy_status bcm47xx_f .duplex = DUPLEX_FULL, }; @@ -42,7 +42,7 @@ static int __init bcm47xx_register_bus_complete(void) { switch (bcm47xx_bus_type) { -@@ -244,6 +272,7 @@ static int __init bcm47xx_register_bus_c +@@ -250,6 +278,7 @@ static int __init bcm47xx_register_bus_c bcm47xx_workarounds(); fixed_phy_add(PHY_POLL, 0, _fixed_phy_status, -1); diff --git a/target/linux/generic/backport-4.14/301-v4.16-netfilter-core-only-allow-one-nat-hook-per-hook-poin.patch b/target/linux/generic/backport-4.14/301-v4.16-netfilter-core-only-allow-one-nat-hook-per-hook-poin.patch index 711eca0352..5ae8f8f1ed 100644 --- a/target/linux/generic/backport-4.14/301-v4.16-netfilter-core-only-allow-one-nat-hook-per-hook-poin.patch +++ b/target/linux/generic/backport-4.14/301-v4.16-netfilter-core-only-allow-one-nat-hook-per-hook-poin.patch @@ -135,7 +135,7 @@ Signed-off-by: Pablo Neira Ayuso new->hooks[nhooks] = old->hooks[i]; --- a/net/netfilter/nf_tables_api.c +++