-LINUX_VERSION-5.10 = .156
-LINUX_KERNEL_HASH-5.10.156 = 679e9964ca720027967391b61db990ceb7868e93e203f87724f18310f4955923
+LINUX_VERSION-5.10 = .157
+LINUX_KERNEL_HASH-5.10.157 = fc4cd7c0777ed53f1350e73877e9918df3c40d8e8abe93c6e1a0eb21556d327f
#include <linux/uaccess.h>
#include <linux/ipv6.h>
#include <linux/icmpv6.h>
-@@ -924,10 +925,10 @@ static void tcp_v6_send_response(const s
+@@ -926,10 +927,10 @@ static void tcp_v6_send_response(const s
topt = (__be32 *)(t1 + 1);
if (tsecr) {
}
static int nf_flow_table_block_setup(struct nf_flowtable *flowtable,
-@@ -1013,15 +1023,33 @@ EXPORT_SYMBOL_GPL(nf_flow_table_offload_
+@@ -1017,15 +1027,33 @@ EXPORT_SYMBOL_GPL(nf_flow_table_offload_
int nf_flow_table_offload_init(void)
{
const struct net_bridge *br)
--- a/net/bridge/br_vlan.c
+++ b/net/bridge/br_vlan.c
-@@ -1327,6 +1327,59 @@ int br_vlan_get_pvid_rcu(const struct ne
+@@ -1350,6 +1350,59 @@ int br_vlan_get_pvid_rcu(const struct ne
}
EXPORT_SYMBOL_GPL(br_vlan_get_pvid_rcu);
break;
--- a/net/bridge/br_vlan.c
+++ b/net/bridge/br_vlan.c
-@@ -1374,6 +1374,8 @@ int br_vlan_fill_forward_path_mode(struc
+@@ -1397,6 +1397,8 @@ int br_vlan_fill_forward_path_mode(struc
if (path->bridge.vlan_mode == DEV_PATH_BR_VLAN_TAG)
path->bridge.vlan_mode = DEV_PATH_BR_VLAN_KEEP;
obj-$(CONFIG_NET_MEDIATEK_STAR_EMAC) += mtk_star_emac.o
--- a/drivers/net/ethernet/mediatek/mtk_eth_soc.c
+++ b/drivers/net/ethernet/mediatek/mtk_eth_soc.c
-@@ -2299,12 +2299,17 @@ static int mtk_open(struct net_device *d
+@@ -2299,7 +2299,10 @@ static int mtk_open(struct net_device *d
/* we run 2 netdevs on the same dma ring so we only bring it up once */
if (!refcount_read(ð->dma_refcnt)) {
- int err = mtk_start_dma(eth);
+ u32 gdm_config = MTK_GDMA_TO_PDMA;
+ int err;
-
++
+ err = mtk_start_dma(eth);
+
if (err)
+ if (err) {
+@@ -2307,7 +2310,10 @@ static int mtk_open(struct net_device *d
return err;
+ }
- mtk_gdm_config(eth, MTK_GDMA_TO_PDMA);
+ if (eth->soc->offload_version && mtk_ppe_start(ð->ppe) == 0)
napi_enable(ð->tx_napi);
napi_enable(ð->rx_napi);
-@@ -2371,6 +2376,9 @@ static int mtk_stop(struct net_device *d
+@@ -2374,6 +2380,9 @@ static int mtk_stop(struct net_device *d
mtk_dma_free(eth);
return 0;
}
-@@ -3099,6 +3107,13 @@ static int mtk_probe(struct platform_dev
+@@ -3102,6 +3111,13 @@ static int mtk_probe(struct platform_dev
goto err_free_dev;
}
for (i = 0; i < MTK_MAX_DEVS; i++) {
if (!eth->netdev[i])
continue;
-@@ -3173,6 +3188,7 @@ static const struct mtk_soc_data mt7621_
+@@ -3176,6 +3192,7 @@ static const struct mtk_soc_data mt7621_
.hw_features = MTK_HW_FEATURES,
.required_clks = MT7621_CLKS_BITMAP,
.required_pctl = false,
};
static const struct mtk_soc_data mt7622_data = {
-@@ -3181,6 +3197,7 @@ static const struct mtk_soc_data mt7622_
+@@ -3184,6 +3201,7 @@ static const struct mtk_soc_data mt7622_
.hw_features = MTK_HW_FEATURES,
.required_clks = MT7622_CLKS_BITMAP,
.required_pctl = false,
obj-$(CONFIG_NET_MEDIATEK_STAR_EMAC) += mtk_star_emac.o
--- a/drivers/net/ethernet/mediatek/mtk_eth_soc.c
+++ b/drivers/net/ethernet/mediatek/mtk_eth_soc.c
-@@ -2854,6 +2854,7 @@ static const struct net_device_ops mtk_n
+@@ -2858,6 +2858,7 @@ static const struct net_device_ops mtk_n
#ifdef CONFIG_NET_POLL_CONTROLLER
.ndo_poll_controller = mtk_poll_controller,
#endif
};
static int mtk_add_mac(struct mtk_eth *eth, struct device_node *np)
-@@ -3112,6 +3113,10 @@ static int mtk_probe(struct platform_dev
+@@ -3116,6 +3117,10 @@ static int mtk_probe(struct platform_dev
eth->base + MTK_ETH_PPE_BASE, 2);
if (err)
goto err_free_dev;
if (likely(napi_schedule_prep(ð->tx_napi))) {
__napi_schedule(ð->tx_napi);
mtk_tx_irq_disable(eth, MTK_TX_DONE_INT);
-@@ -2366,6 +2383,9 @@ static int mtk_stop(struct net_device *d
+@@ -2370,6 +2387,9 @@ static int mtk_stop(struct net_device *d
napi_disable(ð->tx_napi);
napi_disable(ð->rx_napi);
if (MTK_HAS_CAPS(eth->soc->caps, MTK_QDMA))
mtk_stop_dma(eth, MTK_QDMA_GLO_CFG);
mtk_stop_dma(eth, MTK_PDMA_GLO_CFG);
-@@ -2418,6 +2438,64 @@ err_disable_clks:
+@@ -2422,6 +2442,64 @@ err_disable_clks:
return ret;
}
static int mtk_hw_init(struct mtk_eth *eth)
{
int i, val, ret;
-@@ -2439,9 +2517,6 @@ static int mtk_hw_init(struct mtk_eth *e
+@@ -2443,9 +2521,6 @@ static int mtk_hw_init(struct mtk_eth *e
goto err_disable_pm;
}
/* disable delay and normal interrupt */
mtk_tx_irq_disable(eth, ~0);
mtk_rx_irq_disable(eth, ~0);
-@@ -2480,11 +2555,11 @@ static int mtk_hw_init(struct mtk_eth *e
+@@ -2484,11 +2559,11 @@ static int mtk_hw_init(struct mtk_eth *e
/* Enable RX VLan Offloading */
mtk_w32(eth, 1, MTK_CDMP_EG_CTRL);
mtk_tx_irq_disable(eth, ~0);
mtk_rx_irq_disable(eth, ~0);
-@@ -2989,6 +3064,13 @@ static int mtk_probe(struct platform_dev
+@@ -2993,6 +3068,13 @@ static int mtk_probe(struct platform_dev
spin_lock_init(ð->page_lock);
spin_lock_init(ð->tx_irq_lock);
spin_lock_init(ð->rx_irq_lock);
return buf_size;
}
-@@ -2626,6 +2626,35 @@ static void mtk_uninit(struct net_device
+@@ -2630,6 +2630,35 @@ static void mtk_uninit(struct net_device
mtk_rx_irq_disable(eth, ~0);
}
static int mtk_do_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
{
struct mtk_mac *mac = netdev_priv(dev);
-@@ -2922,6 +2951,7 @@ static const struct net_device_ops mtk_n
+@@ -2926,6 +2955,7 @@ static const struct net_device_ops mtk_n
.ndo_set_mac_address = mtk_set_mac_address,
.ndo_validate_addr = eth_validate_addr,
.ndo_do_ioctl = mtk_do_ioctl,
.ndo_tx_timeout = mtk_tx_timeout,
.ndo_get_stats64 = mtk_get_stats64,
.ndo_fix_features = mtk_fix_features,
-@@ -3024,7 +3054,10 @@ static int mtk_add_mac(struct mtk_eth *e
+@@ -3028,7 +3058,10 @@ static int mtk_add_mac(struct mtk_eth *e
eth->netdev[id]->irq = eth->irq[0];
eth->netdev[id]->dev.of_node = np;
p->phy_np = of_parse_phandle(pdev->dev.of_node, "phy-handle", 0);
--- a/drivers/net/ethernet/cavium/thunder/thunder_bgx.c
+++ b/drivers/net/ethernet/cavium/thunder/thunder_bgx.c
-@@ -1474,7 +1474,6 @@ static int bgx_init_of_phy(struct bgx *b
+@@ -1476,7 +1476,6 @@ static int bgx_init_of_phy(struct bgx *b
device_for_each_child_node(&bgx->pdev->dev, fwn) {
struct phy_device *pd;
struct device_node *phy_np;
/* Should always be an OF node. But if it is not, we
* cannot handle it, so exit the loop.
-@@ -1483,9 +1482,7 @@ static int bgx_init_of_phy(struct bgx *b
+@@ -1485,9 +1484,7 @@ static int bgx_init_of_phy(struct bgx *b
if (!node)
break;
--- a/drivers/net/ethernet/mediatek/mtk_eth_soc.c
+++ b/drivers/net/ethernet/mediatek/mtk_eth_soc.c
-@@ -2600,14 +2600,11 @@ static int __init mtk_init(struct net_de
+@@ -2604,14 +2604,11 @@ static int __init mtk_init(struct net_de
{
struct mtk_mac *mac = netdev_priv(dev);
struct mtk_eth *eth = mac->hw;
__u8 invert;
--- a/net/netfilter/xt_connmark.c
+++ b/net/netfilter/xt_connmark.c
-@@ -24,12 +24,13 @@ MODULE_ALIAS("ipt_connmark");
+@@ -24,13 +24,13 @@ MODULE_ALIAS("ipt_connmark");
MODULE_ALIAS("ip6t_connmark");
static unsigned int
u_int32_t new_targetmark;
struct nf_conn *ct;
u_int32_t newmark;
+- u_int32_t oldmark;
+ u_int8_t dscp;
ct = nf_ct_get(skb, &ctinfo);
if (ct == NULL)
-@@ -37,12 +38,24 @@ connmark_tg_shift(struct sk_buff *skb, c
+@@ -38,13 +38,24 @@ connmark_tg_shift(struct sk_buff *skb, c
switch (info->mode) {
case XT_CONNMARK_SET:
-- newmark = (ct->mark & ~info->ctmask) ^ info->ctmark;
+- oldmark = READ_ONCE(ct->mark);
+- newmark = (oldmark & ~info->ctmask) ^ info->ctmark;
- if (info->shift_dir == D_SHIFT_RIGHT)
- newmark >>= info->shift_bits;
- else
- newmark <<= info->shift_bits;
-+ newmark = ct->mark;
++ newmark = READ_ONCE(ct->mark);
+ if (info->func & XT_CONNMARK_VALUE) {
+ newmark = (newmark & ~info->ctmask) ^ info->ctmark;
+ if (info->shift_dir == D_SHIFT_RIGHT)
+ newmark = (newmark & ~info->ctmark) |
+ (info->ctmask | (dscp << info->shift_bits));
+ }
- if (ct->mark != newmark) {
- ct->mark = newmark;
+ if (READ_ONCE(ct->mark) != newmark) {
+ WRITE_ONCE(ct->mark, newmark);
nf_conntrack_event_cache(IPCT_MARK, ct);
-@@ -81,20 +94,36 @@ static unsigned int
+@@ -83,20 +94,36 @@ static unsigned int
connmark_tg(struct sk_buff *skb, const struct xt_action_param *par)
{
const struct xt_connmark_tginfo1 *info = par->targinfo;
return connmark_tg_shift(skb, info);
}
-@@ -165,6 +194,16 @@ static struct xt_target connmark_tg_reg[
+@@ -167,6 +194,16 @@ static struct xt_target connmark_tg_reg[
.targetsize = sizeof(struct xt_connmark_tginfo2),
.destroy = connmark_tg_destroy,
.me = THIS_MODULE,
u64 res;
--- a/net/ipv4/Kconfig
+++ b/net/ipv4/Kconfig
-@@ -414,6 +414,7 @@ config INET_TUNNEL
+@@ -424,6 +424,7 @@ config INET_TUNNEL
config INET_DIAG
tristate "INET: socket monitoring interface"
--- a/net/ipv4/fib_trie.c
+++ b/net/ipv4/fib_trie.c
-@@ -2986,11 +2986,13 @@ static const struct seq_operations fib_r
+@@ -2988,11 +2988,13 @@ static const struct seq_operations fib_r
int __net_init fib_proc_init(struct net *net)
{
fib_triestat_seq_show, NULL))
goto out2;
-@@ -3001,17 +3003,21 @@ int __net_init fib_proc_init(struct net
+@@ -3003,17 +3005,21 @@ int __net_init fib_proc_init(struct net
return 0;
out3:
static void rt_fibinfo_free(struct rtable __rcu **rtp)
--- a/net/ipv4/fib_trie.c
+++ b/net/ipv4/fib_trie.c
-@@ -2734,6 +2734,7 @@ static const char *const rtn_type_names[
+@@ -2736,6 +2736,7 @@ static const char *const rtn_type_names[
[RTN_THROW] = "THROW",
[RTN_NAT] = "NAT",
[RTN_XRESOLVE] = "XRESOLVE",
MTK_DMA_SIZE * sizeof(struct mtk_tx_dma),
eth->scratch_ring,
eth->phy_scratch_ring);
-@@ -2502,6 +2503,8 @@ static void mtk_dim_tx(struct work_struc
+@@ -2506,6 +2507,8 @@ static void mtk_dim_tx(struct work_struc
static int mtk_hw_init(struct mtk_eth *eth)
{
int i, val, ret;
if (test_and_set_bit(MTK_HW_INIT, ð->state))
-@@ -2514,6 +2517,10 @@ static int mtk_hw_init(struct mtk_eth *e
+@@ -2518,6 +2521,10 @@ static int mtk_hw_init(struct mtk_eth *e
if (ret)
goto err_disable_pm;
if (MTK_HAS_CAPS(eth->soc->caps, MTK_SOC_MT7628)) {
ret = device_reset(eth->dev);
if (ret) {
-@@ -3063,6 +3070,35 @@ free_netdev:
+@@ -3067,6 +3074,35 @@ free_netdev:
return err;
}
static int mtk_probe(struct platform_device *pdev)
{
struct device_node *mac_np;
-@@ -3076,6 +3112,7 @@ static int mtk_probe(struct platform_dev
+@@ -3080,6 +3116,7 @@ static int mtk_probe(struct platform_dev
eth->soc = of_device_get_match_data(&pdev->dev);
eth->dev = &pdev->dev;
eth->base = devm_platform_ioremap_resource(pdev, 0);
if (IS_ERR(eth->base))
return PTR_ERR(eth->base);
-@@ -3124,6 +3161,16 @@ static int mtk_probe(struct platform_dev
+@@ -3128,6 +3165,16 @@ static int mtk_probe(struct platform_dev
}
}
static int mtk_msg_level = -1;
module_param_named(msg_level, mtk_msg_level, int, 0);
-@@ -3193,6 +3194,22 @@ static int mtk_probe(struct platform_dev
+@@ -3197,6 +3198,22 @@ static int mtk_probe(struct platform_dev
}
}
--- a/drivers/net/ethernet/mediatek/mtk_eth_soc.c
+++ b/drivers/net/ethernet/mediatek/mtk_eth_soc.c
-@@ -2325,7 +2325,7 @@ static int mtk_open(struct net_device *d
- if (err)
+@@ -2329,7 +2329,7 @@ static int mtk_open(struct net_device *d
return err;
+ }
- if (eth->soc->offload_version && mtk_ppe_start(ð->ppe) == 0)
+ if (eth->soc->offload_version && mtk_ppe_start(eth->ppe) == 0)
gdm_config = MTK_GDMA_TO_PPE;
mtk_gdm_config(eth, gdm_config);
-@@ -2399,7 +2399,7 @@ static int mtk_stop(struct net_device *d
+@@ -2403,7 +2403,7 @@ static int mtk_stop(struct net_device *d
mtk_dma_free(eth);
if (eth->soc->offload_version)
return 0;
}
-@@ -3285,10 +3285,11 @@ static int mtk_probe(struct platform_dev
+@@ -3289,10 +3289,11 @@ static int mtk_probe(struct platform_dev
}
if (eth->soc->offload_version) {
if (netdev->features & NETIF_F_HW_VLAN_CTAG_RX &&
(trxd.rxd2 & RX_DMA_VTAG))
__vlan_hwaccel_put_tag(skb, htons(ETH_P_8021Q),
-@@ -3285,7 +3291,7 @@ static int mtk_probe(struct platform_dev
+@@ -3289,7 +3295,7 @@ static int mtk_probe(struct platform_dev
}
if (eth->soc->offload_version) {
}
return IRQ_HANDLED;
-@@ -3320,6 +3320,8 @@ static int mtk_probe(struct platform_dev
+@@ -3324,6 +3324,8 @@ static int mtk_probe(struct platform_dev
* for NAPI to work
*/
init_dummy_netdev(ð->dummy_dev);
+++ /dev/null
-From: Felix Fietkau <nbd@nbd.name>
-Date: Sat, 19 Nov 2022 18:48:42 +0100
-Subject: [PATCH] netfilter: nf_flow_table: add missing locking
-
-nf_flow_table_block_setup and the driver TC_SETUP_FT call can modify the flow
-block cb list while they are being traversed elsewhere, causing a crash.
-Add a write lock around the calls to protect readers
-
-Signed-off-by: Felix Fietkau <nbd@nbd.name>
----
-
---- a/net/netfilter/nf_flow_table_offload.c
-+++ b/net/netfilter/nf_flow_table_offload.c
-@@ -1015,6 +1015,7 @@ static int nf_flow_table_block_setup(str
- struct flow_block_cb *block_cb, *next;
- int err = 0;
-
-+ down_write(&flowtable->flow_block_lock);
- switch (cmd) {
- case FLOW_BLOCK_BIND:
- list_splice(&bo->cb_list, &flowtable->flow_block.cb_list);
-@@ -1029,6 +1030,7 @@ static int nf_flow_table_block_setup(str
- WARN_ON_ONCE(1);
- err = -EOPNOTSUPP;
- }
-+ up_write(&flowtable->flow_block_lock);
-
- return err;
- }
-@@ -1085,7 +1087,9 @@ static int nf_flow_table_offload_cmd(str
-
- nf_flow_table_block_offload_init(bo, dev_net(dev), cmd, flowtable,
- extack);
-+ down_write(&flowtable->flow_block_lock);
- err = dev->netdev_ops->ndo_setup_tc(dev, TC_SETUP_FT, bo);
-+ up_write(&flowtable->flow_block_lock);
- if (err < 0)
- return err;
-
--- a/include/net/switchdev.h
+++ b/include/net/switchdev.h
-@@ -224,6 +224,7 @@ struct switchdev_notifier_fdb_info {
+@@ -226,6 +226,7 @@ struct switchdev_notifier_fdb_info {
const unsigned char *addr;
u16 vid;
u8 added_by_user:1,
--- a/drivers/net/ethernet/mediatek/mtk_eth_soc.c
+++ b/drivers/net/ethernet/mediatek/mtk_eth_soc.c
-@@ -2975,6 +2975,7 @@ static const struct net_device_ops mtk_n
+@@ -2979,6 +2979,7 @@ static const struct net_device_ops mtk_n
static int mtk_add_mac(struct mtk_eth *eth, struct device_node *np)
{
const __be32 *_id = of_get_property(np, "reg", NULL);
phy_interface_t phy_mode;
struct phylink *phylink;
-@@ -3070,6 +3071,9 @@ static int mtk_add_mac(struct mtk_eth *e
+@@ -3074,6 +3075,9 @@ static int mtk_add_mac(struct mtk_eth *e
else
eth->netdev[id]->max_mtu = MTK_MAX_RX_LENGTH_2K - MTK_RX_ETH_HLEN;