diff --git a/build.sh b/build.sh index 8af2bb04..ef4000a3 100755 --- a/build.sh +++ b/build.sh @@ -437,8 +437,13 @@ fi #fi #echo "Done" +if [ -f target/linux/generic/backport-5.4/370-netfilter-nf_flow_table-fix-offloaded-connection-tim.patch ]; then + rm -f target/linux/generic/backport-5.4/370-netfilter-nf_flow_table-fix-offloaded-connection-tim.patch +fi + if [ "$OMR_KERNEL" = "5.4" ]; then echo "Set to kernel 5.4 for rpi arch" + find target/linux/bcm27xx -type f -name Makefile -exec sed -i 's%KERNEL_PATCHVER=5.10%KERNEL_PATCHVER:=5.4%g' {} \; find target/linux/bcm27xx -type f -name Makefile -exec sed -i 's%KERNEL_PATCHVER:=5.10%KERNEL_PATCHVER:=5.4%g' {} \; echo "Done" echo "Set to kernel 5.4 for x86 arch" @@ -456,13 +461,13 @@ if [ "$OMR_KERNEL" = "5.10" ]; then find target/linux/bcm27xx -type f -name Makefile -exec sed -i 's%KERNEL_PATCHVER:=5.4%KERNEL_PATCHVER:=5.10%g' {} \; find target/linux/bcm27xx -type f -name Makefile -exec sed -i 's%KERNEL_PATCHVER=5.4%KERNEL_PATCHVER:=5.10%g' {} \; echo "Done" - echo "Set to kernel 5.14 for x86 arch" + echo "Set to kernel 5.10 for x86 arch" find target/linux/x86 -type f -name Makefile -exec sed -i 's%KERNEL_PATCHVER:=5.4%KERNEL_PATCHVER:=5.10%g' {} \; echo "Done" - echo "Set to kernel 5.14 for mvebu arch (WRT)" + echo "Set to kernel 5.10 for mvebu arch (WRT)" find target/linux/mvebu -type f -name Makefile -exec sed -i 's%KERNEL_PATCHVER:=5.4%KERNEL_PATCHVER:=5.10%g' {} \; echo "Done" - echo "Set to kernel 5.14 for mediatek arch (BPI-R2)" + echo "Set to kernel 5.10 for mediatek arch (BPI-R2)" find target/linux/mediatek -type f -name Makefile -exec sed -i 's%KERNEL_PATCHVER:=5.4%KERNEL_PATCHVER:=5.10%g' {} \; echo "Done" fi @@ -533,7 +538,7 @@ if [ ! -f "../../$OMR_TARGET_CONFIG" ]; then exit 1 fi -echo "Building $OMR_DIST for the target $OMR_TARGET" +echo "Building $OMR_DIST for the target $OMR_TARGET with kernel $OMR_KERNEL" make defconfig make IGNORE_ERRORS=m "$@" echo "Done" \ No newline at end of file diff --git a/root/target/linux/generic/hack-5.4/998-ndpi-netfilter.patch b/root/target/linux/generic/hack-5.4/998-ndpi-netfilter.patch deleted file mode 100644 index cd8d61a7..00000000 --- a/root/target/linux/generic/hack-5.4/998-ndpi-netfilter.patch +++ /dev/null @@ -1,116 +0,0 @@ -diff --git a/include/net/netfilter/nf_conntrack_extend.h b/include/net/netfilter/nf_conntrack_extend.h -index 21f887c..59980ec 100644 ---- a/include/net/netfilter/nf_conntrack_extend.h -+++ b/include/net/netfilter/nf_conntrack_extend.h -@@ -28,7 +28,8 @@ enum nf_ct_ext_id { - #if IS_ENABLED(CONFIG_NETFILTER_SYNPROXY) - NF_CT_EXT_SYNPROXY, - #endif -- NF_CT_EXT_NUM, -+ NF_CT_EXT_CUSTOM, -+ NF_CT_EXT_NUM=NF_CT_EXT_CUSTOM+CONFIG_NF_CONNTRACK_CUSTOM, - }; - - #define NF_CT_EXT_HELPER_TYPE struct nf_conn_help -@@ -96,5 +97,6 @@ struct nf_ct_ext_type { - }; - - int nf_ct_extend_register(const struct nf_ct_ext_type *type); -+int nf_ct_extend_custom_register(struct nf_ct_ext_type *type,unsigned long int cid); - void nf_ct_extend_unregister(const struct nf_ct_ext_type *type); - #endif /* _NF_CONNTRACK_EXTEND_H */ -diff --git a/net/netfilter/Kconfig b/net/netfilter/Kconfig -index 7581e82..30a11eb 100644 ---- a/net/netfilter/Kconfig -+++ b/net/netfilter/Kconfig -@@ -85,6 +85,16 @@ config NF_CONNTRACK_SECMARK - - If unsure, say 'N'. - -+config NF_CONNTRACK_CUSTOM -+ int "Number of custom extend" -+ range 0 8 -+ depends on NETFILTER_ADVANCED -+ default "2" -+ help -+ This parameter specifies how many custom extensions can be registered. -+ -+ The default value is 2. -+ - config NF_CONNTRACK_ZONES - bool 'Connection tracking zones' - depends on NETFILTER_ADVANCED -diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c -index 85f643c..44e2fdd 100644 ---- a/net/netfilter/nf_conntrack_core.c -+++ b/net/netfilter/nf_conntrack_core.c -@@ -1971,7 +1971,7 @@ int nf_conntrack_set_hashsize(const char *val, const struct kernel_param *kp) - static __always_inline unsigned int total_extension_size(void) - { - /* remember to add new extensions below */ -- BUILD_BUG_ON(NF_CT_EXT_NUM > 9); -+ BUILD_BUG_ON(NF_CT_EXT_NUM > 12); - - return sizeof(struct nf_ct_ext) + - sizeof(struct nf_conn_help) -diff --git a/net/netfilter/nf_conntrack_extend.c b/net/netfilter/nf_conntrack_extend.c -index 9fe0ddc..5a9054e 100644 ---- a/net/netfilter/nf_conntrack_extend.c -+++ b/net/netfilter/nf_conntrack_extend.c -@@ -108,11 +108,56 @@ int nf_ct_extend_register(const struct nf_ct_ext_type *type) - } - EXPORT_SYMBOL_GPL(nf_ct_extend_register); - -+static unsigned long int nf_ct_ext_cust_id[CONFIG_NF_CONNTRACK_CUSTOM]; -+static enum nf_ct_ext_id -+nf_ct_extend_get_custom_id(unsigned long int ext_id); -+ -+int nf_ct_extend_custom_register(struct nf_ct_ext_type *type, -+ unsigned long int cid) -+{ -+ int ret; -+ enum nf_ct_ext_id new_id = nf_ct_extend_get_custom_id(cid); -+ if(!new_id) -+ return -EBUSY; -+ type->id = new_id; -+ ret = nf_ct_extend_register(type); -+ if(ret < 0) { -+ mutex_lock(&nf_ct_ext_type_mutex); -+ nf_ct_ext_cust_id[new_id - NF_CT_EXT_CUSTOM] = 0; -+ mutex_unlock(&nf_ct_ext_type_mutex); -+ } -+ return ret; -+} -+EXPORT_SYMBOL_GPL(nf_ct_extend_custom_register); -+ -+static enum nf_ct_ext_id -+nf_ct_extend_get_custom_id(unsigned long int ext_id) -+{ -+ enum nf_ct_ext_id ret = 0; -+ int i; -+ mutex_lock(&nf_ct_ext_type_mutex); -+ for(i = 0; i < CONFIG_NF_CONNTRACK_CUSTOM; i++) { -+ if(!nf_ct_ext_cust_id[i]) { -+ nf_ct_ext_cust_id[i] = ext_id; -+ ret = i+NF_CT_EXT_CUSTOM; -+ break; -+ } -+ if(nf_ct_ext_cust_id[i] == ext_id) { -+ ret = i+NF_CT_EXT_CUSTOM; -+ break; -+ } -+ } -+ mutex_unlock(&nf_ct_ext_type_mutex); -+ return ret; -+} -+ - /* This MUST be called in process context. */ - void nf_ct_extend_unregister(const struct nf_ct_ext_type *type) - { - mutex_lock(&nf_ct_ext_type_mutex); - RCU_INIT_POINTER(nf_ct_ext_types[type->id], NULL); -+ if(type->id >= NF_CT_EXT_CUSTOM && type->id < NF_CT_EXT_NUM) -+ nf_ct_ext_cust_id[type->id-NF_CT_EXT_CUSTOM] = 0; - mutex_unlock(&nf_ct_ext_type_mutex); - synchronize_rcu(); - }