him411/nss-packages-breeze303
1
0
Fork 0
mirror of https://github.com/breeze303/nss-packages.git synced 2025-12-17 17:28:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

qca-nss-ecm: bump to QSDK 12.0.5

Browse Source 
qca-nss-ecm: avoid a memcpy overflow in ecm_db

Reference:
https://github.com/robimarko/nss-packages/pull/10/files

qca-nss-ecm: fix nf_ct_net null pointer reference

Fixed by xsm1997, massive thanks!
It fixes a null pointer access which is introduced in previous qca-nss-ecm patches.

Reference:
https://github.com/bitthief/openwrt/issues/9
This commit is contained in:
Ansuel Smith 2022-05-14 19:55:48 +02:00 committed by bitthief
parent 487f8d1df0
commit 2a9e76182d
18 changed files with 1256 additions and 421 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
qca/qca-nss-ecm/Makefile
View File

@ -5,11 +5,12 @@ PKG_RELEASE:=$(AUTORELEASE)
PKG_SOURCE_URL:=https://git.codelinaro.org/clo/qsdk/oss/lklm/qca-nss-ecm.git PKG_SOURCE_URL:=https://git.codelinaro.org/clo/qsdk/oss/lklm/qca-nss-ecm.git
PKG_SOURCE_PROTO:=git PKG_SOURCE_PROTO:=git
PKG_SOURCE_DATE:=2021-06-15 PKG_SOURCE_DATE:=2022-07-09
PKG_SOURCE_VERSION:=34267065855d32f33264dc3054efb0e8103d627b PKG_SOURCE_VERSION:=83b4e6266f94e1084acc69c97706d0c86a44cfe3
PKG_MIRROR_HASH:=0917659d69c5f3e6067d6671b9393b4b2d6b6cd5a7bacf5e7d6cf842dc906eca PKG_MIRROR_HASH:=62d87358f3cbb8266ebc04000980516cc4c95025ed6d6d332e54d6c18f2e2510
PKG_BUILD_PARALLEL:=1 PKG_BUILD_PARALLEL:=1
PKG_FLAGS:=nonshared
include $(INCLUDE_DIR)/kernel.mk include $(INCLUDE_DIR)/kernel.mk
include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/package.mk
@ -19,19 +20,19 @@ define KernelPackage/qca-nss-ecm
CATEGORY:=Kernel modules CATEGORY:=Kernel modules
SUBMENU:=Network Support SUBMENU:=Network Support
DEPENDS:=@(TARGET_ipq807x||TARGET_ipq60xx) \ DEPENDS:=@(TARGET_ipq807x||TARGET_ipq60xx) \
+iptables-mod-extra \
+iptables-mod-physdev \
+kmod-qca-nss-drv \ +kmod-qca-nss-drv \
+iptables-mod-extra \
+kmod-ipt-conntrack \ +kmod-ipt-conntrack \
+kmod-ipt-physdev \ +kmod-ipt-physdev \
+iptables-mod-physdev \
+kmod-ppp \ +kmod-ppp \
+kmod-pppoe +kmod-pppoe \
+kmod-qca-mcs
TITLE:=QCA NSS Enhanced Connection Manager (ECM) TITLE:=QCA NSS Enhanced Connection Manager (ECM)
FILES:=$(PKG_BUILD_DIR)/*.ko FILES:=$(PKG_BUILD_DIR)/ecm.ko
KCONFIG:=CONFIG_BRIDGE_NETFILTER=y \ KCONFIG:=CONFIG_BRIDGE_NETFILTER=y \
CONFIG_NF_CONNTRACK_EVENTS=y \ CONFIG_NF_CONNTRACK_EVENTS=y \
CONFIG_NF_CONNTRACK_CHAIN_EVENTS=n \ CONFIG_NF_CONNTRACK_DSCPREMARK_EXT=y
CONFIG_NF_CONNTRACK_DSCPREMARK_EXT=n
endef endef
define KernelPackage/qca-nss-ecm/Description define KernelPackage/qca-nss-ecm/Description
@ -53,29 +54,53 @@ endef
EXTRA_CFLAGS+=-I$(STAGING_DIR)/usr/include/qca-nss-drv EXTRA_CFLAGS+=-I$(STAGING_DIR)/usr/include/qca-nss-drv
ifneq (, $(findstring $(CONFIG_TARGET_BOARD), "ipq807x" "ipq60xx")) ifneq (, $(findstring $(CONFIG_TARGET_BOARD), "ipq807x" "ipq60xx"))
ECM_MAKE_OPTS+= ECM_FRONT_END_NSS_ENABLE=y \ ECM_MAKE_OPTS:=ECM_IPV6_ENABLE=y
ECM_CLASSIFIER_HYFI_ENABLE=n \ ECM_MAKE_OPTS+=ECM_FRONT_END_NSS_ENABLE=y \
ECM_FRONT_END_SFE_ENABLE=n \
ECM_NON_PORTED_SUPPORT_ENABLE=y \
ECM_MULTICAST_ENABLE=n \ ECM_MULTICAST_ENABLE=n \
ECM_INTERFACE_BOND_ENABLE=n \
ECM_INTERFACE_IPSEC_ENABLE=n \ ECM_INTERFACE_IPSEC_ENABLE=n \
ECM_INTERFACE_PPTP_ENABLE=n \ ECM_INTERFACE_PPTP_ENABLE=n \
ECM_INTERFACE_PPPOE_ENABLE=y \
ECM_INTERFACE_L2TPV2_ENABLE=n \ ECM_INTERFACE_L2TPV2_ENABLE=n \
ECM_INTERFACE_GRE_TAP_ENABLE=n \ ECM_INTERFACE_GRE_TAP_ENABLE=n \
ECM_INTERFACE_GRE_TUN_ENABLE=n \ ECM_INTERFACE_GRE_TUN_ENABLE=n \
ECM_INTERFACE_SIT_ENABLE=n \ ECM_INTERFACE_SIT_ENABLE=n \
ECM_INTERFACE_TUNIPIP6_ENABLE=n \ ECM_INTERFACE_TUNIPIP6_ENABLE=n \
ECM_INTERFACE_RAWIP_ENABLE=n \ ECM_INTERFACE_RAWIP_ENABLE=n \
ECM_INTERFACE_VLAN_ENABLE=n \ ECM_INTERFACE_VLAN_ENABLE=y \
ECM_CLASSIFIER_MARK_ENABLE=n \ ECM_CLASSIFIER_MARK_ENABLE=y \
ECM_CLASSIFIER_DSCP_ENABLE=n \ ECM_CLASSIFIER_DSCP_ENABLE=y \
ECM_CLASSIFIER_PCC_ENABLE=n \ ECM_CLASSIFIER_PCC_ENABLE=n \
ECM_BAND_STEERING_ENABLE=n \ ECM_BAND_STEERING_ENABLE=n
ECM_INTERFACE_PPPOE_ENABLE=y
endif endif
ifeq ($(CONFIG_TARGET_BOARD), "ipq807x") # Variant with additional features enabled for noload profile
SOC="ipq807x_64" define KernelPackage/qca-nss-ecm-noload
else ifeq ($(CONFIG_TARGET_BOARD), "ipq60xx") $(call KernelPackage/qca-nss-ecm)
SOC="ipq60xx_64" TITLE+= (with noload features)
PROVIDES:=kmod-qca-nss-ecm
VARIANT:=noload
DEPENDS+=+kmod-bonding
endef
define KernelPackage/qca-nss-ecm-noload/Description
$(call KernelPackage/qca-nss-ecm/Description)
When selected, this package installs the driver, but does not load it at init.
endef
define KernelPackage/qca-nss-ecm-noload/install
$(call KernelPackage/qca-nss-ecm/install, $(1))
#
# Remove the START line from the init script, so that the symlink
# in the /etc/rc.d directory is not created.
#
sed -i '/START=/d' $(1)/etc/init.d/qca-nss-ecm
endef
ifneq ($(CONFIG_PACKAGE_kmod-qca-mcs),)
ECM_MAKE_OPTS+=ECM_MULTICAST_ENABLE=y
endif endif
define Build/InstallDev define Build/InstallDev
@ -88,10 +113,12 @@ define Build/Compile
CROSS_COMPILE="$(TARGET_CROSS)" \ CROSS_COMPILE="$(TARGET_CROSS)" \
ARCH="$(LINUX_KARCH)" \ ARCH="$(LINUX_KARCH)" \
M="$(PKG_BUILD_DIR)" \ M="$(PKG_BUILD_DIR)" \
EXTRA_CFLAGS="$(EXTRA_CFLAGS)" SoC=$(SOC) \ EXTRA_CFLAGS="$(EXTRA_CFLAGS) -Wno-error=unused-function " \
SoC=$(CONFIG_TARGET_BOARD) \
$(KERNEL_MAKE_FLAGS) \ $(KERNEL_MAKE_FLAGS) \
$(PKG_JOBS) \ $(PKG_JOBS) \
modules modules
endef endef
$(eval $(call KernelPackage,qca-nss-ecm)) $(eval $(call KernelPackage,qca-nss-ecm))
$(eval $(call KernelPackage,qca-nss-ecm-noload))

27
qca/qca-nss-ecm/files/qca-nss-ecm.firewall
View File

@ -1,18 +1,11 @@
#!/bin/sh #!/bin/sh
# if [ ! -r /sbin/fw4 ]; then
# Copyright (c) 2015-2016, The Linux Foundation. All rights reserved. iptables-save|grep physdev-is-bridged|while read a; do
# iptables -D FORWARD -m physdev --physdev-is-bridged -j ACCEPT
# Permission to use, copy, modify, and/or distribute this software for any done
# purpose with or without fee is hereby granted, provided that the above iptables -I FORWARD 1 -m physdev --physdev-is-bridged -j ACCEPT
# copyright notice and this permission notice appear in all copies. ip6tables-save|grep physdev-is-bridged|while read a; do
# ip6tables -D FORWARD -m physdev --physdev-is-bridged -j ACCEPT
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES done
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF ip6tables -I FORWARD 1 -m physdev --physdev-is-bridged -j ACCEPT
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR fi
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
#
iptables -A FORWARD -m physdev --physdev-is-bridged -j ACCEPT

61
qca/qca-nss-ecm/files/qca-nss-ecm.init
View File

@ -18,7 +18,7 @@
# openwrt build scripts automatically enable this package starting # openwrt build scripts automatically enable this package starting
# at boot. # at boot.
START=19 START=75
get_front_end_mode() { get_front_end_mode() {
config_load "ecm" config_load "ecm"
@ -31,52 +31,33 @@ get_front_end_mode() {
nss) nss)
echo '1' echo '1'
;; ;;
sfe)
echo '2'
;;
*) *)
echo 'uci_option_acceleration_engine is invalid' echo 'uci_option_acceleration_engine is invalid'
esac esac
} }
support_bridge() { support_bridge() {
#NSS support bridge acceleration # NSS support bridge acceleration
[ -d /sys/kernel/debug/ecm/ecm_nss_ipv4 ] && return 0 [ -d /sys/kernel/debug/ecm/ecm_nss_ipv4 ] && [ -d /sys/kernel/debug/ecm/ecm_nss_ipv6 ] && return 0
#SFE doesn't support bridge acceleration
[ -d /sys/kernel/debug/ecm/ecm_sfe_ipv4 ] && return 1
}
load_sfe() {
local kernel_version=$(uname -r)
[ -e "/lib/modules/$kernel_version/shortcut-fe.ko" ] && {
[ -d /sys/module/shortcut_fe ] || insmod shortcut-fe
}
[ -e "/lib/modules/$kernel_version/shortcut-fe-ipv6.ko" ] && {
[ -d /sys/module/shortcut_fe_ipv6 ] || insmod shortcut-fe-ipv6
}
[ -e "/lib/modules/$kernel_version/shortcut-fe-drv.ko" ] && {
[ -d /sys/module/shortcut_fe_drv ] || insmod shortcut-fe-drv
}
} }
load_ecm() { load_ecm() {
[ -d /sys/module/ecm ] || { [ -d /sys/module/ecm ] || {
[ ! -e /proc/device-tree/MP_256 ] && load_sfe
insmod ecm front_end_selection=$(get_front_end_mode) insmod ecm front_end_selection=$(get_front_end_mode)
echo 1 > /sys/kernel/debug/ecm/ecm_classifier_default/accel_delay_pkts
} }
support_bridge && { support_bridge && {
sysctl -w net.bridge.bridge-nf-call-ip6tables=1 sysctl -w net.bridge.bridge-nf-call-arptables=1
sysctl -w net.bridge.bridge-nf-call-iptables=1 sysctl -w net.bridge.bridge-nf-call-iptables=1
sysctl -w net.bridge.bridge-nf-call-ip6tables=1
} }
} }
unload_ecm() { unload_ecm() {
sysctl -w net.bridge.bridge-nf-call-ip6tables=0 sysctl -w net.bridge.bridge-nf-call-arptables=0
sysctl -w net.bridge.bridge-nf-call-iptables=0 sysctl -w net.bridge.bridge-nf-call-iptables=0
sysctl -w net.bridge.bridge-nf-call-ip6tables=0
if [ -d /sys/module/ecm ]; then if [ -d /sys/module/ecm ]; then
# #
@ -88,8 +69,8 @@ unload_ecm() {
# #
# Defunct the connections # Defunct the connections
# #
echo 1 > /sys/kernel/debug/ecm/ecm_db/defunct_all echo 1 > /sys/kernel/debug/ecm/ecm_db/defunct_all
sleep 5; sleep 5
rmmod ecm rmmod ecm
sleep 1 sleep 1
@ -97,42 +78,36 @@ unload_ecm() {
} }
start() { start() {
# If SFE CM is loaded, return.
if [ -d /sys/module/shortcut_fe_cm ]; then
echo "shortcut_fe CM is loaded, unload it first"
echo "cmd: /etc/init.d/shortcut_fe stop"
return
fi
load_ecm load_ecm
# If the acceleration engine is NSS, enable wifi redirect. # If the acceleration engine is NSS, enable wifi redirect
[ -d /sys/kernel/debug/ecm/ecm_nss_ipv4 ] && sysctl -w dev.nss.general.redirect=1 [ -d /sys/kernel/debug/ecm/ecm_nss_ipv4 ] && sysctl -w dev.nss.general.redirect=1
support_bridge && { support_bridge && {
if ([ -z "$(grep "net.bridge.bridge-nf-call-ip6tables=1" /etc/sysctl.d/qca-nss-ecm.conf)" ] && [ -z "$(grep "net.bridge.bridge-nf-call-iptables=1" /etc/sysctl.d/qca-nss-ecm.conf)" ]); then if ([ -z "$(grep "net.bridge.bridge-nf-call-iptables=1" /etc/sysctl.d/qca-nss-ecm.conf)" ] && [ -z "$(grep "net.bridge.bridge-nf-call-ip6tables=1" /etc/sysctl.d/qca-nss-ecm.conf)" ]); then
echo 'net.bridge.bridge-nf-call-ip6tables=1' >> /etc/sysctl.d/qca-nss-ecm.conf echo 'net.bridge.bridge-nf-call-arptables=1' >> /etc/sysctl.d/qca-nss-ecm.conf
echo 'net.bridge.bridge-nf-call-iptables=1' >> /etc/sysctl.d/qca-nss-ecm.conf echo 'net.bridge.bridge-nf-call-iptables=1' >> /etc/sysctl.d/qca-nss-ecm.conf
echo 'net.bridge.bridge-nf-call-ip6tables=1' >> /etc/sysctl.d/qca-nss-ecm.conf
fi fi
} }
if [ -d /sys/module/qca_ovsmgr ]; then if [ -d /sys/module/qca_ovsmgr ]; then
insmod ecm_ovs insmod ecm_ovs
fi fi
} }
stop() { stop() {
# If ECM is already not loaded, just return. # If ECM is already not loaded, just return
if [ ! -d /sys/module/ecm ]; then if [ ! -d /sys/module/ecm ]; then
return return
fi fi
# If the acceleration engine is NSS, disable wifi redirect. # If the acceleration engine is NSS, disable wifi redirect
[ -d /sys/kernel/debug/ecm/ecm_nss_ipv4 ] && sysctl -w dev.nss.general.redirect=0 [ -d /sys/kernel/debug/ecm/ecm_nss_ipv4 ] && sysctl -w dev.nss.general.redirect=0
sed '/net.bridge.bridge-nf-call-ip6tables=1/d' -i /etc/sysctl.d/qca-nss-ecm.conf sed '/net.bridge.bridge-nf-call-arptables=1/d' -i /etc/sysctl.d/qca-nss-ecm.conf
sed '/net.bridge.bridge-nf-call-iptables=1/d' -i /etc/sysctl.d/qca-nss-ecm.conf sed '/net.bridge.bridge-nf-call-iptables=1/d' -i /etc/sysctl.d/qca-nss-ecm.conf
sed '/net.bridge.bridge-nf-call-ip6tables=1/d' -i /etc/sysctl.d/qca-nss-ecm.conf
if [ -d /sys/module/ecm_ovs ]; then if [ -d /sys/module/ecm_ovs ]; then
rmmod ecm_ovs rmmod ecm_ovs

90
qca/qca-nss-ecm/patches/001-treewide-componentize-the-module-even-more.patch → qca/qca-nss-ecm/patches/0001-treewide-componentize-the-module-even-more.patch
View File

@ -1,7 +1,7 @@
From 73345c87b28a473b35b57e673f8de963c3d73da1 Mon Sep 17 00:00:00 2001 From 09980e54011e2d95a9db2d6134f635bc90e5a7f2 Mon Sep 17 00:00:00 2001
From: Ansuel Smith <ansuelsmth@gmail.com> From: Ansuel Smith <ansuelsmth@gmail.com>
Date: Wed, 19 May 2021 02:38:53 +0200 Date: Wed, 19 May 2021 02:38:53 +0200
Subject: [PATCH] treewide: componentize the module even more Subject: [PATCH 01/12] treewide: componentize the module even more
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com> Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
--- ---
@ -12,9 +12,11 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
frontends/ecm_front_end_common.c | 7 ++++ frontends/ecm_front_end_common.c | 7 ++++
5 files changed, 72 insertions(+), 11 deletions(-) 5 files changed, 72 insertions(+), 11 deletions(-)
diff --git a/Makefile b/Makefile
index a59cbce..f7e40f8 100644
--- a/Makefile --- a/Makefile
+++ b/Makefile +++ b/Makefile
@@ -82,10 +82,18 @@ ccflags-$(ECM_INTERFACE_BOND_ENABLE) += @@ -113,9 +113,17 @@ ccflags-$(ECM_INTERFACE_BOND_ENABLE) += -DECM_INTERFACE_BOND_ENABLE
# Define ECM_INTERFACE_PPPOE_ENABLE=y in order # Define ECM_INTERFACE_PPPOE_ENABLE=y in order
# to enable support for PPPoE acceleration. # to enable support for PPPoE acceleration.
# ############################################################################# # #############################################################################
@ -24,30 +26,29 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
+endif +endif
ccflags-$(ECM_INTERFACE_PPPOE_ENABLE) += -DECM_INTERFACE_PPPOE_ENABLE ccflags-$(ECM_INTERFACE_PPPOE_ENABLE) += -DECM_INTERFACE_PPPOE_ENABLE
# ############################################################################# +# #############################################################################
+# Define ECM_INTERFACE_L2TPV2_PPTP_ENABLE=y in order +# Define ECM_INTERFACE_L2TPV2_PPTP_ENABLE=y in order
+# to enable support for l2tpv2 or PPTP detection. +# to enable support for l2tpv2 or PPTP detection.
+# ############################################################################# +# #############################################################################
+ccflags-$(ECM_INTERFACE_L2TPV2_PPTP_ENABLE) += -DECM_INTERFACE_L2TPV2_PPTP_ENABLE +ccflags-$(ECM_INTERFACE_L2TPV2_PPTP_ENABLE) += -DECM_INTERFACE_L2TPV2_PPTP_ENABLE
+ +
+# ############################################################################# # #############################################################################
# Define ECM_INTERFACE_L2TPV2_ENABLE=y in order # Define ECM_INTERFACE_L2TPV2_ENABLE=y in order
# to enable support for l2tpv2 acceleration. # to enable support for l2tpv2 acceleration.
# ############################################################################# @@ -142,6 +150,12 @@ endif
@@ -118,6 +126,12 @@ ccflags-$(ECM_INTERFACE_PPP_ENABLE) += - endif
ccflags-$(ECM_INTERFACE_MAP_T_ENABLE) += -DECM_INTERFACE_MAP_T_ENABLE ccflags-$(ECM_INTERFACE_PPP_ENABLE) += -DECM_INTERFACE_PPP_ENABLE
# ############################################################################# +# #############################################################################
+# Define ECM_INTERFACE_GRE_ENABLE=y in order +# Define ECM_INTERFACE_GRE_ENABLE=y in order
+# to enable support for GRE detection. +# to enable support for GRE detection.
+# ############################################################################# +# #############################################################################
+ccflags-$(ECM_INTERFACE_GRE_ENABLE) += -DECM_INTERFACE_GRE_ENABLE +ccflags-$(ECM_INTERFACE_GRE_ENABLE) += -DECM_INTERFACE_GRE_ENABLE
+ +
+# ############################################################################# # #############################################################################
# Define ECM_INTERFACE_GRE_TAP_ENABLE=y in order # Define ECM_INTERFACE_GRE_TAP_ENABLE=y in order
# to enable support for GRE TAP interface. # to enable support for GRE TAP interface.
# ############################################################################# @@ -218,7 +232,9 @@ ccflags-$(ECM_INTERFACE_OVS_BRIDGE_ENABLE) += -DECM_INTERFACE_OVS_BRIDGE_ENABLE
@@ -186,7 +200,9 @@ ccflags-$(ECM_INTERFACE_OVS_BRIDGE_ENABL
# ############################################################################# # #############################################################################
# Define ECM_INTERFACE_VLAN_ENABLE=y in order to enable support for VLAN # Define ECM_INTERFACE_VLAN_ENABLE=y in order to enable support for VLAN
# ############################################################################# # #############################################################################
@ -58,7 +59,7 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
ccflags-$(ECM_INTERFACE_VLAN_ENABLE) += -DECM_INTERFACE_VLAN_ENABLE ccflags-$(ECM_INTERFACE_VLAN_ENABLE) += -DECM_INTERFACE_VLAN_ENABLE
# ############################################################################# # #############################################################################
@@ -228,7 +244,9 @@ ccflags-$(ECM_CLASSIFIER_OVS_ENABLE) += @@ -255,7 +271,9 @@ ccflags-$(ECM_CLASSIFIER_OVS_ENABLE) += -DECM_CLASSIFIER_OVS_ENABLE
# ############################################################################# # #############################################################################
# Define ECM_CLASSIFIER_MARK_ENABLE=y in order to enable mark classifier. # Define ECM_CLASSIFIER_MARK_ENABLE=y in order to enable mark classifier.
# ############################################################################# # #############################################################################
@ -69,7 +70,7 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
ecm-$(ECM_CLASSIFIER_MARK_ENABLE) += ecm_classifier_mark.o ecm-$(ECM_CLASSIFIER_MARK_ENABLE) += ecm_classifier_mark.o
ccflags-$(ECM_CLASSIFIER_MARK_ENABLE) += -DECM_CLASSIFIER_MARK_ENABLE ccflags-$(ECM_CLASSIFIER_MARK_ENABLE) += -DECM_CLASSIFIER_MARK_ENABLE
@@ -247,7 +265,9 @@ ccflags-$(ECM_CLASSIFIER_NL_ENABLE) += - @@ -274,7 +292,9 @@ ccflags-$(ECM_CLASSIFIER_NL_ENABLE) += -DECM_CLASSIFIER_NL_ENABLE
# ############################################################################# # #############################################################################
# Define ECM_CLASSIFIER_DSCP_ENABLE=y in order to enable DSCP classifier. # Define ECM_CLASSIFIER_DSCP_ENABLE=y in order to enable DSCP classifier.
# ############################################################################# # #############################################################################
@ -80,7 +81,7 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
ecm-$(ECM_CLASSIFIER_DSCP_ENABLE) += ecm_classifier_dscp.o ecm-$(ECM_CLASSIFIER_DSCP_ENABLE) += ecm_classifier_dscp.o
ccflags-$(ECM_CLASSIFIER_DSCP_ENABLE) += -DECM_CLASSIFIER_DSCP_ENABLE ccflags-$(ECM_CLASSIFIER_DSCP_ENABLE) += -DECM_CLASSIFIER_DSCP_ENABLE
ccflags-$(ECM_CLASSIFIER_DSCP_IGS) += -DECM_CLASSIFIER_DSCP_IGS ccflags-$(ECM_CLASSIFIER_DSCP_IGS) += -DECM_CLASSIFIER_DSCP_IGS
@@ -274,7 +294,9 @@ endif @@ -293,7 +313,9 @@ ccflags-$(ECM_CLASSIFIER_HYFI_ENABLE) += -DECM_CLASSIFIER_HYFI_ENABLE
# the Parental Controls subsystem classifier in ECM. Currently disabled until # the Parental Controls subsystem classifier in ECM. Currently disabled until
# customers require it / if they need to integrate their Parental Controls with it. # customers require it / if they need to integrate their Parental Controls with it.
# ############################################################################# # #############################################################################
@ -91,7 +92,7 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
ecm-$(ECM_CLASSIFIER_PCC_ENABLE) += ecm_classifier_pcc.o ecm-$(ECM_CLASSIFIER_PCC_ENABLE) += ecm_classifier_pcc.o
ccflags-$(ECM_CLASSIFIER_PCC_ENABLE) += -DECM_CLASSIFIER_PCC_ENABLE ccflags-$(ECM_CLASSIFIER_PCC_ENABLE) += -DECM_CLASSIFIER_PCC_ENABLE
@@ -301,28 +323,36 @@ ccflags-$(ECM_NON_PORTED_SUPPORT_ENABLE) @@ -372,27 +372,36 @@ ccflags-$(ECM_NON_PORTED_SUPPORT_ENABLE)
# ############################################################################# # #############################################################################
# Define ECM_STATE_OUTPUT_ENABLE=y to support XML state output # Define ECM_STATE_OUTPUT_ENABLE=y to support XML state output
# ############################################################################# # #############################################################################
@ -125,14 +126,13 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
# Define ECM_TRACKER_DPI_SUPPORT_ENABLE=y in order to enable support for # Define ECM_TRACKER_DPI_SUPPORT_ENABLE=y in order to enable support for
# deep packet inspection and tracking of data with the trackers. # deep packet inspection and tracking of data with the trackers.
# ############################################################################# # #############################################################################
-ECM_TRACKER_DPI_SUPPORT_ENABLE=y
+ifndef $(ECM_TRACKER_DPI_SUPPORT_ENABLE) +ifndef $(ECM_TRACKER_DPI_SUPPORT_ENABLE)
+ ECM_TRACKER_DPI_SUPPORT_ENABLE=y + ECM_TRACKER_DPI_SUPPORT_ENABLE=y
+endif +endif
ccflags-$(ECM_TRACKER_DPI_SUPPORT_ENABLE) += -DECM_TRACKER_DPI_SUPPORT_ENABLE ccflags-$(ECM_TRACKER_DPI_SUPPORT_ENABLE) += -DECM_TRACKER_DPI_SUPPORT_ENABLE
# ############################################################################# # #############################################################################
@@ -330,14 +360,18 @@ ccflags-$(ECM_TRACKER_DPI_SUPPORT_ENABLE @@ -356,14 +386,18 @@ ccflags-$(ECM_TRACKER_DPI_SUPPORT_ENABLE) += -DECM_TRACKER_DPI_SUPPORT_ENABLE
# support for the database keeping lists of connections that are assigned # support for the database keeping lists of connections that are assigned
# on a per TYPE of classifier basis. # on a per TYPE of classifier basis.
# ############################################################################# # #############################################################################
@ -153,9 +153,11 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
ccflags-$(ECM_BAND_STEERING_ENABLE) += -DECM_BAND_STEERING_ENABLE ccflags-$(ECM_BAND_STEERING_ENABLE) += -DECM_BAND_STEERING_ENABLE
# ############################################################################# # #############################################################################
diff --git a/ecm_db/ecm_db_connection.c b/ecm_db/ecm_db_connection.c
index 6d0bff4..77e5f3f 100644
--- a/ecm_db/ecm_db_connection.c --- a/ecm_db/ecm_db_connection.c
+++ b/ecm_db/ecm_db_connection.c +++ b/ecm_db/ecm_db_connection.c
@@ -430,7 +430,9 @@ EXPORT_SYMBOL(ecm_db_connection_make_def @@ -454,7 +454,9 @@ EXPORT_SYMBOL(ecm_db_connection_make_defunct);
*/ */
void ecm_db_connection_data_totals_update(struct ecm_db_connection_instance *ci, bool is_from, uint64_t size, uint64_t packets) void ecm_db_connection_data_totals_update(struct ecm_db_connection_instance *ci, bool is_from, uint64_t size, uint64_t packets)
{ {
@ -165,7 +167,7 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed\n", ci); DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed\n", ci);
@@ -529,7 +531,9 @@ EXPORT_SYMBOL(ecm_db_connection_data_tot @@ -553,7 +555,9 @@ EXPORT_SYMBOL(ecm_db_connection_data_totals_update);
*/ */
void ecm_db_connection_data_totals_update_dropped(struct ecm_db_connection_instance *ci, bool is_from, uint64_t size, uint64_t packets) void ecm_db_connection_data_totals_update_dropped(struct ecm_db_connection_instance *ci, bool is_from, uint64_t size, uint64_t packets)
{ {
@ -175,7 +177,7 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed\n", ci); DEBUG_CHECK_MAGIC(ci, ECM_DB_CONNECTION_INSTANCE_MAGIC, "%px: magic failed\n", ci);
@@ -1508,6 +1512,7 @@ void ecm_db_connection_defunct_all(void) @@ -1532,6 +1536,7 @@ void ecm_db_connection_defunct_all(void)
} }
EXPORT_SYMBOL(ecm_db_connection_defunct_all); EXPORT_SYMBOL(ecm_db_connection_defunct_all);
@ -183,7 +185,7 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
/* /*
* ecm_db_connection_defunct_by_classifier() * ecm_db_connection_defunct_by_classifier()
* Make defunct based on masked fields * Make defunct based on masked fields
@@ -1667,6 +1672,7 @@ next_ci: @@ -1698,6 +1703,7 @@ next_ci:
ECM_IP_ADDR_TO_OCTAL(dest_addr_mask), dest_port_mask, proto_mask, cnt); ECM_IP_ADDR_TO_OCTAL(dest_addr_mask), dest_port_mask, proto_mask, cnt);
} }
} }
@ -191,7 +193,7 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
/* /*
* ecm_db_connection_defunct_by_port() * ecm_db_connection_defunct_by_port()
@@ -1956,6 +1962,7 @@ struct ecm_db_node_instance *ecm_db_conn @@ -1987,6 +1993,7 @@ struct ecm_db_node_instance *ecm_db_connection_node_get_and_ref(struct ecm_db_co
} }
EXPORT_SYMBOL(ecm_db_connection_node_get_and_ref); EXPORT_SYMBOL(ecm_db_connection_node_get_and_ref);
@ -199,7 +201,7 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
/* /*
* ecm_db_connection_mapping_get_and_ref_next() * ecm_db_connection_mapping_get_and_ref_next()
* Return reference to next connection in the mapping chain in the specified direction. * Return reference to next connection in the mapping chain in the specified direction.
@@ -1997,6 +2004,7 @@ struct ecm_db_connection_instance *ecm_d @@ -2028,6 +2035,7 @@ struct ecm_db_connection_instance *ecm_db_connection_iface_get_and_ref_next(stru
return nci; return nci;
} }
EXPORT_SYMBOL(ecm_db_connection_iface_get_and_ref_next); EXPORT_SYMBOL(ecm_db_connection_iface_get_and_ref_next);
@ -207,35 +209,37 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
/* /*
* ecm_db_connection_mapping_get_and_ref() * ecm_db_connection_mapping_get_and_ref()
diff --git a/ecm_db/ecm_db_node.c b/ecm_db/ecm_db_node.c
index c3d70be..89b386f 100644
--- a/ecm_db/ecm_db_node.c --- a/ecm_db/ecm_db_node.c
+++ b/ecm_db/ecm_db_node.c +++ b/ecm_db/ecm_db_node.c
@@ -224,9 +224,11 @@ EXPORT_SYMBOL(ecm_db_node_get_and_ref_ne @@ -224,8 +224,10 @@ EXPORT_SYMBOL(ecm_db_node_get_and_ref_next);
*/ */
int ecm_db_node_deref(struct ecm_db_node_instance *ni) int ecm_db_node_deref(struct ecm_db_node_instance *ni)
{ {
+#ifdef ECM_DB_XREF_ENABLE +#ifdef ECM_DB_XREF_ENABLE
#if (DEBUG_LEVEL >= 1) #if (DEBUG_LEVEL >= 1)
int dir; int dir;
#endif
+#endif +#endif
#endif
DEBUG_CHECK_MAGIC(ni, ECM_DB_NODE_INSTANCE_MAGIC, "%px: magic failed\n", ni); DEBUG_CHECK_MAGIC(ni, ECM_DB_NODE_INSTANCE_MAGIC, "%px: magic failed\n", ni);
spin_lock_bh(&ecm_db_lock); @@ -486,8 +488,10 @@ EXPORT_SYMBOL(ecm_db_node_iface_get_and_ref);
@@ -486,9 +488,11 @@ EXPORT_SYMBOL(ecm_db_node_iface_get_and_
void ecm_db_node_add(struct ecm_db_node_instance *ni, struct ecm_db_iface_instance *ii, uint8_t *address, void ecm_db_node_add(struct ecm_db_node_instance *ni, struct ecm_db_iface_instance *ii, uint8_t *address,
ecm_db_node_final_callback_t final, void *arg) ecm_db_node_final_callback_t final, void *arg)
{ {
+#ifdef ECM_DB_XREF_ENABLE +#ifdef ECM_DB_XREF_ENABLE
#if (DEBUG_LEVEL >= 1) #if (DEBUG_LEVEL >= 1)
int dir; int dir;
#endif
+#endif +#endif
#endif
ecm_db_node_hash_t hash_index; ecm_db_node_hash_t hash_index;
struct ecm_db_listener_instance *li; struct ecm_db_listener_instance *li;
diff --git a/ecm_interface.c b/ecm_interface.c
index d7ca169..2ca02bc 100644
--- a/ecm_interface.c --- a/ecm_interface.c
+++ b/ecm_interface.c +++ b/ecm_interface.c
@@ -1343,6 +1343,7 @@ struct neighbour *ecm_interface_ipv6_nei @@ -1355,6 +1355,7 @@ struct neighbour *ecm_interface_ipv6_neigh_get(struct ecm_front_end_connection_i
*/ */
bool ecm_interface_is_pptp(struct sk_buff *skb, const struct net_device *out) bool ecm_interface_is_pptp(struct sk_buff *skb, const struct net_device *out)
{ {
@ -243,7 +247,7 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
struct net_device *in; struct net_device *in;
/* /*
@@ -1367,6 +1368,7 @@ bool ecm_interface_is_pptp(struct sk_buf @@ -1379,6 +1380,7 @@ bool ecm_interface_is_pptp(struct sk_buff *skb, const struct net_device *out)
} }
dev_put(in); dev_put(in);
@ -251,7 +255,7 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
return false; return false;
} }
@@ -1379,6 +1381,7 @@ bool ecm_interface_is_pptp(struct sk_buf @@ -1391,6 +1393,7 @@ bool ecm_interface_is_pptp(struct sk_buff *skb, const struct net_device *out)
*/ */
bool ecm_interface_is_l2tp_packet_by_version(struct sk_buff *skb, const struct net_device *out, int ver) bool ecm_interface_is_l2tp_packet_by_version(struct sk_buff *skb, const struct net_device *out, int ver)
{ {
@ -259,7 +263,7 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
uint32_t flag = 0; uint32_t flag = 0;
struct net_device *in; struct net_device *in;
@@ -1411,6 +1414,7 @@ bool ecm_interface_is_l2tp_packet_by_ver @@ -1423,6 +1426,7 @@ bool ecm_interface_is_l2tp_packet_by_version(struct sk_buff *skb, const struct n
} }
dev_put(in); dev_put(in);
@ -267,7 +271,7 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
return false; return false;
} }
@@ -1423,6 +1427,7 @@ bool ecm_interface_is_l2tp_packet_by_ver @@ -1435,6 +1439,7 @@ bool ecm_interface_is_l2tp_packet_by_version(struct sk_buff *skb, const struct n
*/ */
bool ecm_interface_is_l2tp_pptp(struct sk_buff *skb, const struct net_device *out) bool ecm_interface_is_l2tp_pptp(struct sk_buff *skb, const struct net_device *out)
{ {
@ -275,7 +279,7 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
struct net_device *in; struct net_device *in;
/* /*
@@ -1445,6 +1450,7 @@ bool ecm_interface_is_l2tp_pptp(struct s @@ -1457,6 +1462,7 @@ bool ecm_interface_is_l2tp_pptp(struct sk_buff *skb, const struct net_device *ou
} }
dev_put(in); dev_put(in);
@ -283,7 +287,7 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
return false; return false;
} }
@@ -6630,6 +6636,7 @@ static void ecm_interface_regenerate_con @@ -6770,6 +6776,7 @@ static void ecm_interface_regenerate_connections(struct ecm_db_iface_instance *i
return; return;
} }
@ -291,7 +295,7 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
for (dir = 0; dir < ECM_DB_OBJ_DIR_MAX; dir++) { for (dir = 0; dir < ECM_DB_OBJ_DIR_MAX; dir++) {
/* /*
* Re-generate all connections associated with this interface * Re-generate all connections associated with this interface
@@ -6645,6 +6652,7 @@ static void ecm_interface_regenerate_con @@ -6785,6 +6792,7 @@ static void ecm_interface_regenerate_connections(struct ecm_db_iface_instance *i
ci[dir] = cin; ci[dir] = cin;
} }
} }
@ -299,9 +303,11 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
#ifdef ECM_MULTICAST_ENABLE #ifdef ECM_MULTICAST_ENABLE
/* /*
diff --git a/frontends/ecm_front_end_common.c b/frontends/ecm_front_end_common.c
index 3b33c41..e21ca24 100644
--- a/frontends/ecm_front_end_common.c --- a/frontends/ecm_front_end_common.c
+++ b/frontends/ecm_front_end_common.c +++ b/frontends/ecm_front_end_common.c
@@ -106,6 +106,7 @@ bool ecm_front_end_gre_proto_is_accel_al @@ -228,6 +228,7 @@ bool ecm_front_end_gre_proto_is_accel_allowed(struct net_device *indev,
struct nf_conntrack_tuple *tuple, struct nf_conntrack_tuple *tuple,
int ip_version) int ip_version)
{ {
@ -309,7 +315,7 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
struct net_device *dev; struct net_device *dev;
struct gre_base_hdr *greh; struct gre_base_hdr *greh;
@@ -117,10 +118,12 @@ bool ecm_front_end_gre_proto_is_accel_al @@ -239,10 +240,12 @@ bool ecm_front_end_gre_proto_is_accel_allowed(struct net_device *indev,
/* /*
* Case 1: PPTP locally terminated * Case 1: PPTP locally terminated
*/ */
@ -322,7 +328,7 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
/* /*
* Case 2: PPTP pass through * Case 2: PPTP pass through
@@ -223,6 +226,10 @@ bool ecm_front_end_gre_proto_is_accel_al @@ -350,6 +353,10 @@ bool ecm_front_end_gre_proto_is_accel_allowed(struct net_device *indev,
*/ */
DEBUG_TRACE("%px: GRE IPv%d pass through - allow acceleration\n", skb, ip_version); DEBUG_TRACE("%px: GRE IPv%d pass through - allow acceleration\n", skb, ip_version);
return true; return true;
@ -333,3 +339,5 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
} }
#ifdef ECM_CLASSIFIER_DSCP_ENABLE #ifdef ECM_CLASSIFIER_DSCP_ENABLE
--
2.34.1

52
qca/qca-nss-ecm/patches/0002-treewide-rework-ipv6_dev_find_and_hold.patch Normal file
View File

@ -0,0 +1,52 @@
--- a/ecm_interface.c
+++ b/ecm_interface.c
@@ -334,7 +334,7 @@ static struct net_device *ecm_interface_dev_find_by_local_addr_ipv6(ip_addr_t ad
struct net_device *dev;
ECM_IP_ADDR_TO_NIN6_ADDR(addr6, addr);
- dev = (struct net_device *)ipv6_dev_find(&init_net, &addr6, 1);
+ dev = (struct net_device *)ipv6_dev_find_and_hold(&init_net, &addr6, 1);
return dev;
}
#endif
@@ -736,7 +764,7 @@ static bool ecm_interface_mac_addr_get_ipv6_no_route(struct net_device *dev, ip_
* Get the MAC address that corresponds to IP address given.
*/
ECM_IP_ADDR_TO_NIN6_ADDR(daddr, addr);
- local_dev = ipv6_dev_find(&init_net, &daddr, 1);
+ local_dev = ipv6_dev_find_and_hold(&init_net, &daddr, 1);
if (local_dev) {
DEBUG_TRACE("%pi6 is a local address\n", &daddr);
memcpy(mac_addr, dev->dev_addr, ETH_ALEN);
diff --git a/frontends/ecm_front_end_common.c b/frontends/ecm_front_end_common.c
index e21ca24..6054685 100644
--- a/frontends/ecm_front_end_common.c
+++ b/frontends/ecm_front_end_common.c
@@ -56,6 +56,9 @@
#include "ecm_db.h"
#include "ecm_front_end_common.h"
#include "ecm_interface.h"
+#ifdef ECM_IPV6_ENABLE
+#include "ecm_front_end_ipv6.h"
+#endif
/*
* Sysctl table header
@@ -315,7 +318,7 @@ bool ecm_front_end_gre_proto_is_accel_allowed(struct net_device *indev,
}
} else {
#ifdef ECM_IPV6_ENABLE
- dev = ipv6_dev_find(&init_net, &(tuple->src.u3.in6), 1);
+ dev = ipv6_dev_find_and_hold(&init_net, &(tuple->src.u3.in6), 1);
if (dev) {
/*
* Source IP address is local
@@ -325,7 +328,7 @@ bool ecm_front_end_gre_proto_is_accel_allowed(struct net_device *indev,
return false;
}
- dev = ipv6_dev_find(&init_net, &(tuple->dst.u3.in6), 1);
+ dev = ipv6_dev_find_and_hold(&init_net, &(tuple->dst.u3.in6), 1);
if (dev) {
/*
* Destination IP address is local

341
qca/qca-nss-ecm/patches/100-kernel-5.10-support.patch → qca/qca-nss-ecm/patches/0003-treewide-rework-debugfs-api-to-new-implementation.patch
View File

@ -1,13 +1,13 @@
From e8b642c23af9146c973e828a7f4e0fb56cfc8d0b Mon Sep 17 00:00:00 2001 From ff08fc9f9f2f0afca5e87601d10833cbbe6ac719 Mon Sep 17 00:00:00 2001
From: Ansuel Smith <ansuelsmth@gmail.com> From: Ansuel Smith <ansuelsmth@gmail.com>
Date: Sat, 15 May 2021 03:51:14 +0200 Date: Sat, 15 May 2021 03:51:14 +0200
Subject: [PATCH] add support for kernel 5.10 Subject: [PATCH 03/12] treewide: rework debugfs api to new implementation
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com> Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
--- ---
ecm_classifier_default.c | 24 +++--------- ecm_classifier_default.c | 24 +++---------
ecm_classifier_dscp.c | 8 +--- ecm_classifier_dscp.c | 8 +---
ecm_classifier_emesh.c | 16 ++------ ecm_classifier_emesh.c | 24 +++---------
ecm_classifier_hyfi.c | 7 +--- ecm_classifier_hyfi.c | 7 +---
ecm_classifier_mark.c | 8 +--- ecm_classifier_mark.c | 8 +---
ecm_classifier_ovs.c | 8 +--- ecm_classifier_ovs.c | 8 +---
@ -18,31 +18,31 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
ecm_db/ecm_db_iface.c | 7 +--- ecm_db/ecm_db_iface.c | 7 +---
ecm_db/ecm_db_mapping.c | 7 +--- ecm_db/ecm_db_mapping.c | 7 +---
ecm_db/ecm_db_node.c | 7 +--- ecm_db/ecm_db_node.c | 7 +---
ecm_interface.c | 4 +-
ecm_state.c | 14 ++----- ecm_state.c | 14 ++-----
frontends/ecm_front_end_common.c | 4 +- frontends/cmn/ecm_bond_notifier.c | 8 +---
frontends/ecm_front_end_ipv4.c | 7 +--- frontends/ecm_front_end_ipv4.c | 7 +---
frontends/ecm_front_end_ipv6.c | 7 +--- frontends/ecm_front_end_ipv6.c | 7 +---
frontends/nss/ecm_nss_bond_notifier.c | 8 +---
frontends/nss/ecm_nss_ipv4.c | 49 +++++++------------------ frontends/nss/ecm_nss_ipv4.c | 49 +++++++------------------
frontends/nss/ecm_nss_ipv6.c | 49 +++++++------------------ frontends/nss/ecm_nss_ipv6.c | 49 +++++++------------------
frontends/nss/ecm_nss_multicast_ipv4.c | 7 +--- frontends/nss/ecm_nss_multicast_ipv4.c | 7 +---
frontends/nss/ecm_nss_multicast_ipv6.c | 7 +--- frontends/nss/ecm_nss_multicast_ipv6.c | 7 +---
frontends/nss/ecm_nss_non_ported_ipv4.c | 7 +--- frontends/nss/ecm_nss_non_ported_ipv4.c | 7 +---
frontends/nss/ecm_nss_non_ported_ipv6.c | 7 +--- frontends/nss/ecm_nss_non_ported_ipv6.c | 7 +---
frontends/nss/ecm_nss_ported_ipv4.c | 8 +--- frontends/nss/ecm_nss_ported_ipv4.c | 16 ++------
frontends/nss/ecm_nss_ported_ipv6.c | 8 +--- frontends/nss/ecm_nss_ported_ipv6.c | 16 ++------
frontends/sfe/ecm_sfe_ipv4.c | 49 +++++++------------------ frontends/sfe/ecm_sfe_ipv4.c | 49 +++++++------------------
frontends/sfe/ecm_sfe_ipv6.c | 49 +++++++------------------ frontends/sfe/ecm_sfe_ipv6.c | 49 +++++++------------------
frontends/sfe/ecm_sfe_non_ported_ipv4.c | 7 +--- frontends/sfe/ecm_sfe_non_ported_ipv4.c | 7 +---
frontends/sfe/ecm_sfe_non_ported_ipv6.c | 7 +--- frontends/sfe/ecm_sfe_non_ported_ipv6.c | 7 +---
frontends/sfe/ecm_sfe_ported_ipv4.c | 8 +--- frontends/sfe/ecm_sfe_ported_ipv4.c | 8 +---
frontends/sfe/ecm_sfe_ported_ipv6.c | 8 +--- frontends/sfe/ecm_sfe_ported_ipv6.c | 8 +---
33 files changed, 122 insertions(+), 314 deletions(-) 31 files changed, 122 insertions(+), 330 deletions(-)
diff --git a/ecm_classifier_default.c b/ecm_classifier_default.c
index 39315a9..1dad277 100644
--- a/ecm_classifier_default.c --- a/ecm_classifier_default.c
+++ b/ecm_classifier_default.c +++ b/ecm_classifier_default.c
@@ -776,26 +776,14 @@ int ecm_classifier_default_init(struct d @@ -757,26 +757,14 @@ int ecm_classifier_default_init(struct dentry *dentry)
return -1; return -1;
} }
@ -75,9 +75,11 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
return 0; return 0;
} }
diff --git a/ecm_classifier_dscp.c b/ecm_classifier_dscp.c
index 4f0caeb..6c9401e 100644
--- a/ecm_classifier_dscp.c --- a/ecm_classifier_dscp.c
+++ b/ecm_classifier_dscp.c +++ b/ecm_classifier_dscp.c
@@ -747,12 +747,8 @@ int ecm_classifier_dscp_init(struct dent @@ -763,12 +763,8 @@ int ecm_classifier_dscp_init(struct dentry *dentry)
return -1; return -1;
} }
@ -92,32 +94,55 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
return 0; return 0;
} }
diff --git a/ecm_classifier_emesh.c b/ecm_classifier_emesh.c
index 72cf2e1..f8aecec 100644
--- a/ecm_classifier_emesh.c --- a/ecm_classifier_emesh.c
+++ b/ecm_classifier_emesh.c +++ b/ecm_classifier_emesh.c
@@ -974,19 +974,11 @@ int ecm_classifier_emesh_init(struct den @@ -1758,33 +1758,17 @@ int ecm_classifier_emesh_sawf_init(struc
return -1; return -1;
} }
- if (!debugfs_create_u32("enabled", S_IRUGO | S_IWUSR, ecm_classifier_emesh_dentry, - if (!debugfs_create_u32("enabled", S_IRUGO | S_IWUSR, ecm_classifier_emesh_sawf_dentry,
- (u32 *)&ecm_classifier_emesh_enabled)) { - (u32 *)&ecm_classifier_emesh_enabled)) {
- DEBUG_ERROR("Failed to create ecm emesh classifier enabled file in debugfs\n"); - DEBUG_ERROR("Failed to create ecm emesh classifier enabled file in debugfs\n");
- debugfs_remove_recursive(ecm_classifier_emesh_dentry); - debugfs_remove_recursive(ecm_classifier_emesh_sawf_dentry);
- return -1; - return -1;
- } - }
+ debugfs_create_u32("enabled", S_IRUGO | S_IWUSR, ecm_classifier_emesh_dentry, + debugfs_create_u32("enabled", S_IRUGO | S_IWUSR, ecm_classifier_emesh_sawf_dentry,
+ (u32 *)&ecm_classifier_emesh_enabled); + (u32 *)&ecm_classifier_emesh_enabled);
- if (!debugfs_create_u32("latency_config_enabled", S_IRUGO | S_IWUSR, ecm_classifier_emesh_dentry, - if (!debugfs_create_u32("latency_config_enabled", S_IRUGO | S_IWUSR, ecm_classifier_emesh_sawf_dentry,
- (u32 *)&ecm_classifier_emesh_latency_config_enabled)) { - (u32 *)&ecm_classifier_emesh_latency_config_enabled)) {
- DEBUG_ERROR("Failed to create ecm emesh classifier latency config enabled file in debugfs\n"); - DEBUG_ERROR("Failed to create ecm emesh classifier latency config enabled file in debugfs\n");
- debugfs_remove_recursive(ecm_classifier_emesh_dentry); - debugfs_remove_recursive(ecm_classifier_emesh_sawf_dentry);
- return -1; - return -1;
- } - }
+ debugfs_create_u32("latency_config_enabled", S_IRUGO | S_IWUSR, ecm_classifier_emesh_dentry, + debugfs_create_u32("latency_config_enabled", S_IRUGO | S_IWUSR, ecm_classifier_emesh_sawf_dentry,
+ (u32 *)&ecm_classifier_emesh_latency_config_enabled); + (u32 *)&ecm_classifier_emesh_latency_config_enabled);
- if (!debugfs_create_u32("sawf_enabled", S_IRUGO | S_IWUSR, ecm_classifier_emesh_sawf_dentry,
- (u32 *)&ecm_classifier_sawf_enabled)) {
- DEBUG_ERROR("Failed to create ecm sawf classifier enabled file in debugfs\n");
- debugfs_remove_recursive(ecm_classifier_emesh_sawf_dentry);
- return -1;
- }
-
- if (!debugfs_create_u32("cake_enabled", S_IRUGO | S_IWUSR, ecm_classifier_emesh_sawf_dentry,
- (u32 *)&ecm_classifier_sawf_cake_enabled)) {
- DEBUG_ERROR("Failed to create ecm sawf cake enabled file in debugfs\n");
- debugfs_remove_recursive(ecm_classifier_emesh_sawf_dentry);
- return -1;
- }
+ debugfs_create_u32("sawf_enabled", S_IRUGO | S_IWUSR, ecm_classifier_emesh_sawf_dentry,
+ (u32 *)&ecm_classifier_sawf_enabled);
+
+ debugfs_create_u32("cake_enabled", S_IRUGO | S_IWUSR, ecm_classifier_emesh_sawf_dentry,
+ (u32 *)&ecm_classifier_sawf_cake_enabled);
/* /*
* Register for service prioritization notification update. * Register for service prioritization notification update.
diff --git a/ecm_classifier_hyfi.c b/ecm_classifier_hyfi.c
index a57a13e..fad7209 100644
--- a/ecm_classifier_hyfi.c --- a/ecm_classifier_hyfi.c
+++ b/ecm_classifier_hyfi.c +++ b/ecm_classifier_hyfi.c
@@ -1099,11 +1099,8 @@ int ecm_classifier_hyfi_rules_init(struc @@ -1099,11 +1099,8 @@ int ecm_classifier_hyfi_rules_init(struc
@ -134,6 +159,8 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
if (!debugfs_create_file("cmd", S_IWUSR, ecm_classifier_hyfi_dentry, if (!debugfs_create_file("cmd", S_IWUSR, ecm_classifier_hyfi_dentry,
NULL, &ecm_classifier_hyfi_cmd_fops)) { NULL, &ecm_classifier_hyfi_cmd_fops)) {
diff --git a/ecm_classifier_mark.c b/ecm_classifier_mark.c
index d054d8e..65dd1e1 100644
--- a/ecm_classifier_mark.c --- a/ecm_classifier_mark.c
+++ b/ecm_classifier_mark.c +++ b/ecm_classifier_mark.c
@@ -753,12 +753,8 @@ int ecm_classifier_mark_init(struct dent @@ -753,12 +753,8 @@ int ecm_classifier_mark_init(struct dent
@ -151,9 +178,11 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
return 0; return 0;
} }
diff --git a/ecm_classifier_ovs.c b/ecm_classifier_ovs.c
index b9d98d4..16a2ea9 100644
--- a/ecm_classifier_ovs.c --- a/ecm_classifier_ovs.c
+++ b/ecm_classifier_ovs.c +++ b/ecm_classifier_ovs.c
@@ -2200,12 +2200,8 @@ int ecm_classifier_ovs_init(struct dentr @@ -2265,12 +2265,8 @@ int ecm_classifier_ovs_init(struct dentry *dentry)
return -1; return -1;
} }
@ -168,9 +197,11 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
return 0; return 0;
} }
diff --git a/ecm_classifier_pcc.c b/ecm_classifier_pcc.c
index 6c6fcd4..af13357 100644
--- a/ecm_classifier_pcc.c --- a/ecm_classifier_pcc.c
+++ b/ecm_classifier_pcc.c +++ b/ecm_classifier_pcc.c
@@ -1308,12 +1308,8 @@ int ecm_classifier_pcc_init(struct dentr @@ -1232,12 +1232,8 @@ int ecm_classifier_pcc_init(struct dentry *dentry)
return -1; return -1;
} }
@ -185,9 +216,11 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
return 0; return 0;
} }
diff --git a/ecm_conntrack_notifier.c b/ecm_conntrack_notifier.c
index f4f2c60..7b20132 100644
--- a/ecm_conntrack_notifier.c --- a/ecm_conntrack_notifier.c
+++ b/ecm_conntrack_notifier.c +++ b/ecm_conntrack_notifier.c
@@ -414,12 +414,8 @@ int ecm_conntrack_notifier_init(struct d @@ -416,12 +416,8 @@ int ecm_conntrack_notifier_init(struct dentry *dentry)
return -1; return -1;
} }
@ -202,9 +235,11 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
#ifdef CONFIG_NF_CONNTRACK_EVENTS #ifdef CONFIG_NF_CONNTRACK_EVENTS
/* /*
diff --git a/ecm_db/ecm_db_connection.c b/ecm_db/ecm_db_connection.c
index 77e5f3f..4bd47c3 100644
--- a/ecm_db/ecm_db_connection.c --- a/ecm_db/ecm_db_connection.c
+++ b/ecm_db/ecm_db_connection.c +++ b/ecm_db/ecm_db_connection.c
@@ -3642,11 +3642,8 @@ static struct file_operations ecm_db_con @@ -3784,11 +3784,8 @@ static struct file_operations ecm_db_connection_count_simple_fops = {
*/ */
bool ecm_db_connection_init(struct dentry *dentry) bool ecm_db_connection_init(struct dentry *dentry)
{ {
@ -218,9 +253,11 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
if (!debugfs_create_file("connection_count_simple", S_IRUGO, dentry, if (!debugfs_create_file("connection_count_simple", S_IRUGO, dentry,
NULL, &ecm_db_connection_count_simple_fops)) { NULL, &ecm_db_connection_count_simple_fops)) {
diff --git a/ecm_db/ecm_db_host.c b/ecm_db/ecm_db_host.c
index 8820576..38a21b4 100644
--- a/ecm_db/ecm_db_host.c --- a/ecm_db/ecm_db_host.c
+++ b/ecm_db/ecm_db_host.c +++ b/ecm_db/ecm_db_host.c
@@ -770,11 +770,8 @@ EXPORT_SYMBOL(ecm_db_host_alloc); @@ -771,11 +771,8 @@ EXPORT_SYMBOL(ecm_db_host_alloc);
bool ecm_db_host_init(struct dentry *dentry) bool ecm_db_host_init(struct dentry *dentry)
{ {
@ -234,9 +271,11 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
ecm_db_host_table = vzalloc(sizeof(struct ecm_db_host_instance *) * ECM_DB_HOST_HASH_SLOTS); ecm_db_host_table = vzalloc(sizeof(struct ecm_db_host_instance *) * ECM_DB_HOST_HASH_SLOTS);
if (!ecm_db_host_table) { if (!ecm_db_host_table) {
diff --git a/ecm_db/ecm_db_iface.c b/ecm_db/ecm_db_iface.c
index 53c254c..f9ad269 100644
--- a/ecm_db/ecm_db_iface.c --- a/ecm_db/ecm_db_iface.c
+++ b/ecm_db/ecm_db_iface.c +++ b/ecm_db/ecm_db_iface.c
@@ -3670,11 +3670,8 @@ EXPORT_SYMBOL(ecm_db_iface_alloc); @@ -3688,11 +3688,8 @@ EXPORT_SYMBOL(ecm_db_iface_alloc);
*/ */
bool ecm_db_iface_init(struct dentry *dentry) bool ecm_db_iface_init(struct dentry *dentry)
{ {
@ -250,9 +289,11 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
return true; return true;
} }
diff --git a/ecm_db/ecm_db_mapping.c b/ecm_db/ecm_db_mapping.c
index 1d06ef4..8574d20 100644
--- a/ecm_db/ecm_db_mapping.c --- a/ecm_db/ecm_db_mapping.c
+++ b/ecm_db/ecm_db_mapping.c +++ b/ecm_db/ecm_db_mapping.c
@@ -806,11 +806,8 @@ EXPORT_SYMBOL(ecm_db_mapping_alloc); @@ -807,11 +807,8 @@ EXPORT_SYMBOL(ecm_db_mapping_alloc);
*/ */
bool ecm_db_mapping_init(struct dentry *dentry) bool ecm_db_mapping_init(struct dentry *dentry)
{ {
@ -266,9 +307,11 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
ecm_db_mapping_table = vzalloc(sizeof(struct ecm_db_mapping_instance *) * ECM_DB_MAPPING_HASH_SLOTS); ecm_db_mapping_table = vzalloc(sizeof(struct ecm_db_mapping_instance *) * ECM_DB_MAPPING_HASH_SLOTS);
if (!ecm_db_mapping_table) { if (!ecm_db_mapping_table) {
diff --git a/ecm_db/ecm_db_node.c b/ecm_db/ecm_db_node.c
index 89b386f..513fb84 100644
--- a/ecm_db/ecm_db_node.c --- a/ecm_db/ecm_db_node.c
+++ b/ecm_db/ecm_db_node.c +++ b/ecm_db/ecm_db_node.c
@@ -1187,11 +1187,8 @@ keep_sni_conn: @@ -1188,11 +1188,8 @@ keep_sni_conn:
*/ */
bool ecm_db_node_init(struct dentry *dentry) bool ecm_db_node_init(struct dentry *dentry)
{ {
@ -282,29 +325,11 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
ecm_db_node_table = vzalloc(sizeof(struct ecm_db_node_instance *) * ECM_DB_NODE_HASH_SLOTS); ecm_db_node_table = vzalloc(sizeof(struct ecm_db_node_instance *) * ECM_DB_NODE_HASH_SLOTS);
if (!ecm_db_node_table) { if (!ecm_db_node_table) {
--- a/ecm_interface.c diff --git a/ecm_state.c b/ecm_state.c
+++ b/ecm_interface.c index b4348a8..2424b58 100644
@@ -332,7 +332,7 @@ static struct net_device *ecm_interface_
struct net_device *dev;
ECM_IP_ADDR_TO_NIN6_ADDR(addr6, addr);
- dev = (struct net_device *)ipv6_dev_find(&init_net, &addr6, 1);
+ dev = (struct net_device *)ipv6_dev_find_and_hold(&init_net, &addr6, 1);
return dev;
}
#endif
@@ -734,7 +734,7 @@ static bool ecm_interface_mac_addr_get_i
* Get the MAC address that corresponds to IP address given.
*/
ECM_IP_ADDR_TO_NIN6_ADDR(daddr, addr);
- local_dev = ipv6_dev_find(&init_net, &daddr, 1);
+ local_dev = ipv6_dev_find_and_hold(&init_net, &daddr, 1);
if (local_dev) {
DEBUG_TRACE("%pi6 is a local address\n", &daddr);
memcpy(mac_addr, dev->dev_addr, ETH_ALEN);
--- a/ecm_state.c --- a/ecm_state.c
+++ b/ecm_state.c +++ b/ecm_state.c
@@ -899,17 +899,11 @@ int ecm_state_init(struct dentry *dentry @@ -894,17 +894,11 @@ int ecm_state_init(struct dentry *dentry)
return -1; return -1;
} }
@ -326,29 +351,30 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
/* /*
* Register a char device that we will use to provide a dump of our state * Register a char device that we will use to provide a dump of our state
--- a/frontends/ecm_front_end_common.c diff --git a/frontends/cmn/ecm_bond_notifier.c b/frontends/cmn/ecm_bond_notifier.c
+++ b/frontends/ecm_front_end_common.c index ca7fb45..f7e75e7 100644
@@ -192,7 +192,7 @@ bool ecm_front_end_gre_proto_is_accel_al --- a/frontends/cmn/ecm_bond_notifier.c
return false; +++ b/frontends/cmn/ecm_bond_notifier.c
} @@ -241,12 +241,8 @@ int ecm_bond_notifier_init(struct dentry *dentry)
} else { return -1;
- dev = ipv6_dev_find(&init_net, &(tuple->src.u3.in6), 1); }
+ dev = ipv6_dev_find_and_hold(&init_net, &(tuple->src.u3.in6), 1);
if (dev) {
/*
* Source IP address is local
@@ -202,7 +202,7 @@ bool ecm_front_end_gre_proto_is_accel_al
return false;
}
- dev = ipv6_dev_find(&init_net, &(tuple->dst.u3.in6), 1); - if (!debugfs_create_u32("stop", S_IRUGO | S_IWUSR, ecm_bond_notifier_dentry,
+ dev = ipv6_dev_find_and_hold(&init_net, &(tuple->dst.u3.in6), 1); - (u32 *)&ecm_bond_notifier_stopped)) {
if (dev) { - DEBUG_ERROR("Failed to create ecm bond notifier stopped file in debugfs\n");
/* - debugfs_remove_recursive(ecm_bond_notifier_dentry);
* Destination IP address is local - return -1;
- }
+ debugfs_create_u32("stop", S_IRUGO | S_IWUSR, ecm_bond_notifier_dentry,
+ (u32 *)&ecm_bond_notifier_stopped);
/*
* Register Link Aggregation callbacks with the bonding driver
diff --git a/frontends/ecm_front_end_ipv4.c b/frontends/ecm_front_end_ipv4.c
index 8bf040b..3b060f1 100644
--- a/frontends/ecm_front_end_ipv4.c --- a/frontends/ecm_front_end_ipv4.c
+++ b/frontends/ecm_front_end_ipv4.c +++ b/frontends/ecm_front_end_ipv4.c
@@ -376,11 +376,8 @@ void ecm_front_end_ipv4_stop(int num) @@ -383,11 +383,8 @@ void ecm_front_end_ipv4_stop(int num)
*/ */
int ecm_front_end_ipv4_init(struct dentry *dentry) int ecm_front_end_ipv4_init(struct dentry *dentry)
{ {
@ -360,11 +386,13 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
+ debugfs_create_u32("front_end_ipv4_stop", S_IRUGO | S_IWUSR, dentry, + debugfs_create_u32("front_end_ipv4_stop", S_IRUGO | S_IWUSR, dentry,
+ (u32 *)&ecm_front_end_ipv4_stopped); + (u32 *)&ecm_front_end_ipv4_stopped);
switch (ecm_front_end_type_get()) { return ecm_ipv4_init(dentry);
case ECM_FRONT_END_TYPE_NSS: }
diff --git a/frontends/ecm_front_end_ipv6.c b/frontends/ecm_front_end_ipv6.c
index c6f09a8..2450346 100644
--- a/frontends/ecm_front_end_ipv6.c --- a/frontends/ecm_front_end_ipv6.c
+++ b/frontends/ecm_front_end_ipv6.c +++ b/frontends/ecm_front_end_ipv6.c
@@ -255,11 +255,8 @@ void ecm_front_end_ipv6_stop(int num) @@ -262,11 +262,8 @@ void ecm_front_end_ipv6_stop(int num)
*/ */
int ecm_front_end_ipv6_init(struct dentry *dentry) int ecm_front_end_ipv6_init(struct dentry *dentry)
{ {
@ -376,28 +404,13 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
+ debugfs_create_u32("front_end_ipv6_stop", S_IRUGO | S_IWUSR, dentry, + debugfs_create_u32("front_end_ipv6_stop", S_IRUGO | S_IWUSR, dentry,
+ (u32 *)&ecm_front_end_ipv6_stopped); + (u32 *)&ecm_front_end_ipv6_stopped);
switch (ecm_front_end_type_get()) { return ecm_ipv6_init(dentry);
case ECM_FRONT_END_TYPE_NSS: }
--- a/frontends/nss/ecm_nss_bond_notifier.c diff --git a/frontends/nss/ecm_nss_ipv4.c b/frontends/nss/ecm_nss_ipv4.c
+++ b/frontends/nss/ecm_nss_bond_notifier.c index 0fee3e8..5b0ce29 100644
@@ -240,12 +240,8 @@ int ecm_nss_bond_notifier_init(struct de
return -1;
}
- if (!debugfs_create_u32("stop", S_IRUGO | S_IWUSR, ecm_nss_bond_notifier_dentry,
- (u32 *)&ecm_nss_bond_notifier_stopped)) {
- DEBUG_ERROR("Failed to create ecm bond notifier stopped file in debugfs\n");
- debugfs_remove_recursive(ecm_nss_bond_notifier_dentry);
- return -1;
- }
+ debugfs_create_u32("stop", S_IRUGO | S_IWUSR, ecm_nss_bond_notifier_dentry,
+ (u32 *)&ecm_nss_bond_notifier_stopped);
/*
* Register Link Aggregation callbacks with the bonding driver
--- a/frontends/nss/ecm_nss_ipv4.c --- a/frontends/nss/ecm_nss_ipv4.c
+++ b/frontends/nss/ecm_nss_ipv4.c +++ b/frontends/nss/ecm_nss_ipv4.c
@@ -2802,41 +2802,23 @@ int ecm_nss_ipv4_init(struct dentry *den @@ -1006,41 +1006,23 @@ int ecm_nss_ipv4_init(struct dentry *dentry)
return result; return result;
} }
@ -451,7 +464,7 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
if (!debugfs_create_file("accel_limit_mode", S_IRUGO | S_IWUSR, ecm_nss_ipv4_dentry, if (!debugfs_create_file("accel_limit_mode", S_IRUGO | S_IWUSR, ecm_nss_ipv4_dentry,
NULL, &ecm_nss_ipv4_accel_limit_mode_fops)) { NULL, &ecm_nss_ipv4_accel_limit_mode_fops)) {
@@ -2867,11 +2849,8 @@ int ecm_nss_ipv4_init(struct dentry *den @@ -1071,11 +1053,8 @@ int ecm_nss_ipv4_init(struct dentry *dentry)
goto task_cleanup; goto task_cleanup;
} }
@ -465,9 +478,11 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
#ifdef ECM_NON_PORTED_SUPPORT_ENABLE #ifdef ECM_NON_PORTED_SUPPORT_ENABLE
if (!ecm_nss_non_ported_ipv4_debugfs_init(ecm_nss_ipv4_dentry)) { if (!ecm_nss_non_ported_ipv4_debugfs_init(ecm_nss_ipv4_dentry)) {
diff --git a/frontends/nss/ecm_nss_ipv6.c b/frontends/nss/ecm_nss_ipv6.c
index ee6b434..8d13f68 100644
--- a/frontends/nss/ecm_nss_ipv6.c --- a/frontends/nss/ecm_nss_ipv6.c
+++ b/frontends/nss/ecm_nss_ipv6.c +++ b/frontends/nss/ecm_nss_ipv6.c
@@ -2542,41 +2542,23 @@ int ecm_nss_ipv6_init(struct dentry *den @@ -985,41 +985,23 @@ int ecm_nss_ipv6_init(struct dentry *dentry)
return result; return result;
} }
@ -521,7 +536,7 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
if (!debugfs_create_file("accel_limit_mode", S_IRUGO | S_IWUSR, ecm_nss_ipv6_dentry, if (!debugfs_create_file("accel_limit_mode", S_IRUGO | S_IWUSR, ecm_nss_ipv6_dentry,
NULL, &ecm_nss_ipv6_accel_limit_mode_fops)) { NULL, &ecm_nss_ipv6_accel_limit_mode_fops)) {
@@ -2607,11 +2589,8 @@ int ecm_nss_ipv6_init(struct dentry *den @@ -1050,11 +1032,8 @@ int ecm_nss_ipv6_init(struct dentry *dentry)
goto task_cleanup; goto task_cleanup;
} }
@ -535,9 +550,27 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
#ifdef ECM_NON_PORTED_SUPPORT_ENABLE #ifdef ECM_NON_PORTED_SUPPORT_ENABLE
if (!ecm_nss_non_ported_ipv6_debugfs_init(ecm_nss_ipv6_dentry)) { if (!ecm_nss_non_ported_ipv6_debugfs_init(ecm_nss_ipv6_dentry)) {
diff --git a/frontends/nss/ecm_nss_multicast_ipv4.c b/frontends/nss/ecm_nss_multicast_ipv4.c
index a3dcb79..c9e92de 100644
--- a/frontends/nss/ecm_nss_multicast_ipv4.c --- a/frontends/nss/ecm_nss_multicast_ipv4.c
+++ b/frontends/nss/ecm_nss_multicast_ipv4.c +++ b/frontends/nss/ecm_nss_multicast_ipv4.c
@@ -4139,11 +4139,8 @@ void ecm_nss_multicast_ipv4_stop(int num @@ -2623,14 +2623,8 @@ find_next_tuple:
*/
bool ecm_nss_multicast_ipv4_debugfs_init(struct dentry *dentry)
{
- struct dentry *multicast_dentry;
-
- multicast_dentry = debugfs_create_u32("multicast_accelerated_count", S_IRUGO, dentry,
+ debugfs_create_u32("multicast_accelerated_count", S_IRUGO, dentry,
&ecm_nss_multicast_ipv4_accelerated_count);
- if (!multicast_dentry) {
- DEBUG_ERROR("Failed to create ecm nss ipv4 multicast_accelerated_count file in debugfs\n");
- return false;
- }
return true;
}
@@ -2649,11 +2643,8 @@ void ecm_nss_multicast_ipv4_stop(int num
*/ */
int ecm_nss_multicast_ipv4_init(struct dentry *dentry) int ecm_nss_multicast_ipv4_init(struct dentry *dentry)
{ {
@ -553,7 +586,23 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
* Register multicast update callback to MCS snooper * Register multicast update callback to MCS snooper
--- a/frontends/nss/ecm_nss_multicast_ipv6.c --- a/frontends/nss/ecm_nss_multicast_ipv6.c
+++ b/frontends/nss/ecm_nss_multicast_ipv6.c +++ b/frontends/nss/ecm_nss_multicast_ipv6.c
@@ -3939,11 +3939,8 @@ void ecm_nss_multicast_ipv6_stop(int num @@ -2558,14 +2558,8 @@ static void ecm_nss_multicast_ipv6_mfc_u
*/
bool ecm_nss_multicast_ipv6_debugfs_init(struct dentry *dentry)
{
- struct dentry *multicast_dentry;
-
- multicast_dentry = debugfs_create_u32("multicast_accelerated_count", S_IRUGO, dentry,
+ debugfs_create_u32("multicast_accelerated_count", S_IRUGO, dentry,
&ecm_nss_multicast_ipv6_accelerated_count);
- if (!multicast_dentry) {
- DEBUG_ERROR("Failed to create ecm nss ipv6 multicast_accelerated_count file in debugfs\n");
- return false;
- }
return true;
}
@@ -2584,11 +2578,8 @@ void ecm_nss_multicast_ipv6_stop(int num
*/ */
int ecm_nss_multicast_ipv6_init(struct dentry *dentry) int ecm_nss_multicast_ipv6_init(struct dentry *dentry)
{ {
@ -567,9 +616,11 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
/* /*
* Register multicast update callback to MCS snooper * Register multicast update callback to MCS snooper
diff --git a/frontends/nss/ecm_nss_non_ported_ipv4.c b/frontends/nss/ecm_nss_non_ported_ipv4.c
index ec4f365..77de341 100644
--- a/frontends/nss/ecm_nss_non_ported_ipv4.c --- a/frontends/nss/ecm_nss_non_ported_ipv4.c
+++ b/frontends/nss/ecm_nss_non_ported_ipv4.c +++ b/frontends/nss/ecm_nss_non_ported_ipv4.c
@@ -2615,11 +2615,8 @@ done: @@ -1940,11 +1940,8 @@ struct ecm_nss_non_ported_ipv4_connection_instance *ecm_nss_non_ported_ipv4_conn
*/ */
bool ecm_nss_non_ported_ipv4_debugfs_init(struct dentry *dentry) bool ecm_nss_non_ported_ipv4_debugfs_init(struct dentry *dentry)
{ {
@ -583,9 +634,11 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
return true; return true;
} }
diff --git a/frontends/nss/ecm_nss_non_ported_ipv6.c b/frontends/nss/ecm_nss_non_ported_ipv6.c
index 13e0cc5..91ad7aa 100644
--- a/frontends/nss/ecm_nss_non_ported_ipv6.c --- a/frontends/nss/ecm_nss_non_ported_ipv6.c
+++ b/frontends/nss/ecm_nss_non_ported_ipv6.c +++ b/frontends/nss/ecm_nss_non_ported_ipv6.c
@@ -2329,11 +2329,8 @@ done: @@ -1768,11 +1768,8 @@ struct ecm_nss_non_ported_ipv6_connection_instance *ecm_nss_non_ported_ipv6_conn
*/ */
bool ecm_nss_non_ported_ipv6_debugfs_init(struct dentry *dentry) bool ecm_nss_non_ported_ipv6_debugfs_init(struct dentry *dentry)
{ {
@ -599,43 +652,73 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
return true; return true;
} }
diff --git a/frontends/nss/ecm_nss_ported_ipv4.c b/frontends/nss/ecm_nss_ported_ipv4.c
index 6375b6b..ea997e3 100644
--- a/frontends/nss/ecm_nss_ported_ipv4.c --- a/frontends/nss/ecm_nss_ported_ipv4.c
+++ b/frontends/nss/ecm_nss_ported_ipv4.c +++ b/frontends/nss/ecm_nss_ported_ipv4.c
@@ -2944,12 +2944,8 @@ bool ecm_nss_ported_ipv4_debugfs_init(st @@ -1889,21 +1889,11 @@ struct ecm_front_end_connection_instance
return false; */
} bool ecm_nss_ported_ipv4_debugfs_init(struct dentry *dentry)
{
- struct dentry *udp_dentry;
+ debugfs_create_u32("udp_accelerated_count", S_IRUGO, dentry,
+ &ecm_nss_ported_ipv4_accelerated_count[ECM_FRONT_END_PORTED_PROTO_UDP]);
- udp_dentry = debugfs_create_u32("udp_accelerated_count", S_IRUGO, dentry,
- &ecm_nss_ported_ipv4_accelerated_count[ECM_FRONT_END_PORTED_PROTO_UDP]);
- if (!udp_dentry) {
- DEBUG_ERROR("Failed to create ecm nss ipv4 udp_accelerated_count file in debugfs\n");
- return false;
- }
-
- if (!debugfs_create_u32("tcp_accelerated_count", S_IRUGO, dentry, - if (!debugfs_create_u32("tcp_accelerated_count", S_IRUGO, dentry,
- &ecm_nss_ported_ipv4_accelerated_count[ECM_NSS_PORTED_IPV4_PROTO_TCP])) { - &ecm_nss_ported_ipv4_accelerated_count[ECM_FRONT_END_PORTED_PROTO_TCP])) {
- DEBUG_ERROR("Failed to create ecm nss ipv4 tcp_accelerated_count file in debugfs\n"); - DEBUG_ERROR("Failed to create ecm nss ipv4 tcp_accelerated_count file in debugfs\n");
- debugfs_remove(udp_dentry); - debugfs_remove(udp_dentry);
- return false; - return false;
- } - }
+ debugfs_create_u32("tcp_accelerated_count", S_IRUGO, dentry, -
+ &ecm_nss_ported_ipv4_accelerated_count[ECM_NSS_PORTED_IPV4_PROTO_TCP]); - return true;
+ debugfs_create_u32("tcp_accelerated_count", S_IRUGO, dentry,
return true; + &ecm_nss_ported_ipv4_accelerated_count[ECM_FRONT_END_PORTED_PROTO_TCP]);
+
+ return true;
} }
diff --git a/frontends/nss/ecm_nss_ported_ipv6.c b/frontends/nss/ecm_nss_ported_ipv6.c
index 1be8a58..451a557 100644
--- a/frontends/nss/ecm_nss_ported_ipv6.c --- a/frontends/nss/ecm_nss_ported_ipv6.c
+++ b/frontends/nss/ecm_nss_ported_ipv6.c +++ b/frontends/nss/ecm_nss_ported_ipv6.c
@@ -2732,12 +2732,8 @@ bool ecm_nss_ported_ipv6_debugfs_init(st @@ -1803,21 +1803,11 @@ struct ecm_front_end_connection_instance
return false; */
} bool ecm_nss_ported_ipv6_debugfs_init(struct dentry *dentry)
{
- struct dentry *udp_dentry;
+ debugfs_create_u32("udp_accelerated_count", S_IRUGO, dentry,
+ &ecm_nss_ported_ipv6_accelerated_count[ECM_FRONT_END_PORTED_PROTO_UDP]);
- udp_dentry = debugfs_create_u32("udp_accelerated_count", S_IRUGO, dentry,
- &ecm_nss_ported_ipv6_accelerated_count[ECM_FRONT_END_PORTED_PROTO_UDP]);
- if (!udp_dentry) {
- DEBUG_ERROR("Failed to create ecm nss ipv6 udp_accelerated_count file in debugfs\n");
- return false;
- }
-
- if (!debugfs_create_u32("tcp_accelerated_count", S_IRUGO, dentry, - if (!debugfs_create_u32("tcp_accelerated_count", S_IRUGO, dentry,
- &ecm_nss_ported_ipv6_accelerated_count[ECM_NSS_PORTED_IPV6_PROTO_TCP])) { - &ecm_nss_ported_ipv6_accelerated_count[ECM_FRONT_END_PORTED_PROTO_TCP])) {
- DEBUG_ERROR("Failed to create ecm nss ipv6 tcp_accelerated_count file in debugfs\n"); - DEBUG_ERROR("Failed to create ecm nss ipv6 tcp_accelerated_count file in debugfs\n");
- debugfs_remove(udp_dentry); - debugfs_remove(udp_dentry);
- return false; - return false;
- } - }
+ debugfs_create_u32("tcp_accelerated_count", S_IRUGO, dentry, + debugfs_create_u32("tcp_accelerated_count", S_IRUGO, dentry,
+ &ecm_nss_ported_ipv6_accelerated_count[ECM_NSS_PORTED_IPV6_PROTO_TCP]); + &ecm_nss_ported_ipv6_accelerated_count[ECM_FRONT_END_PORTED_PROTO_TCP]);
return true; return true;
} }
diff --git a/frontends/sfe/ecm_sfe_ipv4.c b/frontends/sfe/ecm_sfe_ipv4.c
index 2076bad..3f30821 100644
--- a/frontends/sfe/ecm_sfe_ipv4.c --- a/frontends/sfe/ecm_sfe_ipv4.c
+++ b/frontends/sfe/ecm_sfe_ipv4.c +++ b/frontends/sfe/ecm_sfe_ipv4.c
@@ -1808,48 +1808,27 @@ int ecm_sfe_ipv4_init(struct dentry *den @@ -914,48 +914,27 @@ int ecm_sfe_ipv4_init(struct dentry *dentry)
} }
#ifdef CONFIG_XFRM #ifdef CONFIG_XFRM
@ -698,9 +781,11 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
if (!debugfs_create_file("accel_limit_mode", S_IRUGO | S_IWUSR, ecm_sfe_ipv4_dentry, if (!debugfs_create_file("accel_limit_mode", S_IRUGO | S_IWUSR, ecm_sfe_ipv4_dentry,
NULL, &ecm_sfe_ipv4_accel_limit_mode_fops)) { NULL, &ecm_sfe_ipv4_accel_limit_mode_fops)) {
diff --git a/frontends/sfe/ecm_sfe_ipv6.c b/frontends/sfe/ecm_sfe_ipv6.c
index e8981ee..54fdbf3 100644
--- a/frontends/sfe/ecm_sfe_ipv6.c --- a/frontends/sfe/ecm_sfe_ipv6.c
+++ b/frontends/sfe/ecm_sfe_ipv6.c +++ b/frontends/sfe/ecm_sfe_ipv6.c
@@ -1532,48 +1532,27 @@ int ecm_sfe_ipv6_init(struct dentry *den @@ -906,48 +906,27 @@ int ecm_sfe_ipv6_init(struct dentry *dentry)
} }
#ifdef CONFIG_XFRM #ifdef CONFIG_XFRM
@ -763,9 +848,11 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
if (!debugfs_create_file("accel_limit_mode", S_IRUGO | S_IWUSR, ecm_sfe_ipv6_dentry, if (!debugfs_create_file("accel_limit_mode", S_IRUGO | S_IWUSR, ecm_sfe_ipv6_dentry,
NULL, &ecm_sfe_ipv6_accel_limit_mode_fops)) { NULL, &ecm_sfe_ipv6_accel_limit_mode_fops)) {
diff --git a/frontends/sfe/ecm_sfe_non_ported_ipv4.c b/frontends/sfe/ecm_sfe_non_ported_ipv4.c
index d7cad2a..696bd13 100644
--- a/frontends/sfe/ecm_sfe_non_ported_ipv4.c --- a/frontends/sfe/ecm_sfe_non_ported_ipv4.c
+++ b/frontends/sfe/ecm_sfe_non_ported_ipv4.c +++ b/frontends/sfe/ecm_sfe_non_ported_ipv4.c
@@ -2284,11 +2284,8 @@ done: @@ -1930,11 +1930,8 @@ struct ecm_sfe_non_ported_ipv4_connection_instance *ecm_sfe_non_ported_ipv4_conn
*/ */
bool ecm_sfe_non_ported_ipv4_debugfs_init(struct dentry *dentry) bool ecm_sfe_non_ported_ipv4_debugfs_init(struct dentry *dentry)
{ {
@ -779,9 +866,11 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
return true; return true;
} }
diff --git a/frontends/sfe/ecm_sfe_non_ported_ipv6.c b/frontends/sfe/ecm_sfe_non_ported_ipv6.c
index a9fb637..fe06de4 100644
--- a/frontends/sfe/ecm_sfe_non_ported_ipv6.c --- a/frontends/sfe/ecm_sfe_non_ported_ipv6.c
+++ b/frontends/sfe/ecm_sfe_non_ported_ipv6.c +++ b/frontends/sfe/ecm_sfe_non_ported_ipv6.c
@@ -2083,11 +2083,8 @@ done: @@ -1777,11 +1777,8 @@ struct ecm_sfe_non_ported_ipv6_connection_instance *ecm_sfe_non_ported_ipv6_conn
*/ */
bool ecm_sfe_non_ported_ipv6_debugfs_init(struct dentry *dentry) bool ecm_sfe_non_ported_ipv6_debugfs_init(struct dentry *dentry)
{ {
@ -795,37 +884,43 @@ Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
return true; return true;
} }
diff --git a/frontends/sfe/ecm_sfe_ported_ipv4.c b/frontends/sfe/ecm_sfe_ported_ipv4.c
index fc2c4ba..53f5b07 100644
--- a/frontends/sfe/ecm_sfe_ported_ipv4.c --- a/frontends/sfe/ecm_sfe_ported_ipv4.c
+++ b/frontends/sfe/ecm_sfe_ported_ipv4.c +++ b/frontends/sfe/ecm_sfe_ported_ipv4.c
@@ -2528,12 +2528,8 @@ bool ecm_sfe_ported_ipv4_debugfs_init(st @@ -2062,12 +2062,8 @@ bool ecm_sfe_ported_ipv4_debugfs_init(struct dentry *dentry)
return false; return false;
} }
- if (!debugfs_create_u32("tcp_accelerated_count", S_IRUGO, dentry, - if (!debugfs_create_u32("tcp_accelerated_count", S_IRUGO, dentry,
- &ecm_sfe_ported_ipv4_accelerated_count[ECM_SFE_PORTED_IPV4_PROTO_TCP])) { - &ecm_sfe_ported_ipv4_accelerated_count[ECM_FRONT_END_PORTED_PROTO_TCP])) {
- DEBUG_ERROR("Failed to create ecm sfe ipv4 tcp_accelerated_count file in debugfs\n"); - DEBUG_ERROR("Failed to create ecm sfe ipv4 tcp_accelerated_count file in debugfs\n");
- debugfs_remove(udp_dentry); - debugfs_remove(udp_dentry);
- return false; - return false;
- } - }
+ debugfs_create_u32("tcp_accelerated_count", S_IRUGO, dentry, + debugfs_create_u32("tcp_accelerated_count", S_IRUGO, dentry,
+ &ecm_sfe_ported_ipv4_accelerated_count[ECM_SFE_PORTED_IPV4_PROTO_TCP]); + &ecm_sfe_ported_ipv4_accelerated_count[ECM_FRONT_END_PORTED_PROTO_TCP]);
return true; return true;
} }
diff --git a/frontends/sfe/ecm_sfe_ported_ipv6.c b/frontends/sfe/ecm_sfe_ported_ipv6.c
index 90d642d..ae04cb4 100644
--- a/frontends/sfe/ecm_sfe_ported_ipv6.c --- a/frontends/sfe/ecm_sfe_ported_ipv6.c
+++ b/frontends/sfe/ecm_sfe_ported_ipv6.c +++ b/frontends/sfe/ecm_sfe_ported_ipv6.c
@@ -2374,12 +2374,8 @@ bool ecm_sfe_ported_ipv6_debugfs_init(st @@ -2007,12 +2007,8 @@ bool ecm_sfe_ported_ipv6_debugfs_init(struct dentry *dentry)
return false; return false;
} }
- if (!debugfs_create_u32("tcp_accelerated_count", S_IRUGO, dentry, - if (!debugfs_create_u32("tcp_accelerated_count", S_IRUGO, dentry,
- &ecm_sfe_ported_ipv6_accelerated_count[ECM_SFE_PORTED_IPV6_PROTO_TCP])) { - &ecm_sfe_ported_ipv6_accelerated_count[ECM_FRONT_END_PORTED_PROTO_TCP])) {
- DEBUG_ERROR("Failed to create ecm sfe ipv6 tcp_accelerated_count file in debugfs\n"); - DEBUG_ERROR("Failed to create ecm sfe ipv6 tcp_accelerated_count file in debugfs\n");
- debugfs_remove(udp_dentry); - debugfs_remove(udp_dentry);
- return false; - return false;
- } - }
+ debugfs_create_u32("tcp_accelerated_count", S_IRUGO, dentry, + debugfs_create_u32("tcp_accelerated_count", S_IRUGO, dentry,
+ &ecm_sfe_ported_ipv6_accelerated_count[ECM_SFE_PORTED_IPV6_PROTO_TCP]); + &ecm_sfe_ported_ipv6_accelerated_count[ECM_FRONT_END_PORTED_PROTO_TCP]);
return true; return true;
} }
--
2.34.1

19
qca/qca-nss-ecm/patches/203-rework-nfct-notification.patch → qca/qca-nss-ecm/patches/0004-treewide-fix-wrong-chain-events-flag.patch
View File

@ -1,6 +1,18 @@
From 33a2f57d6852035730b353a14912ce2c588f3017 Mon Sep 17 00:00:00 2001
From: Ansuel Smith <ansuelsmth@gmail.com>
Date: Sat, 15 May 2021 03:51:14 +0200
Subject: [PATCH 04/12] treewide: fix wrong chain events flag
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
---
ecm_conntrack_notifier.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/ecm_conntrack_notifier.c b/ecm_conntrack_notifier.c
index 7b20132..9c8a45e 100644
--- a/ecm_conntrack_notifier.c --- a/ecm_conntrack_notifier.c
+++ b/ecm_conntrack_notifier.c +++ b/ecm_conntrack_notifier.c
@@ -421,7 +421,11 @@ int ecm_conntrack_notifier_init(struct d @@ -423,7 +423,11 @@ int ecm_conntrack_notifier_init(struct dentry *dentry)
/* /*
* Eventing subsystem is available so we register a notifier hook to get fast notifications of expired connections * Eventing subsystem is available so we register a notifier hook to get fast notifications of expired connections
*/ */
@ -12,7 +24,7 @@
if (result < 0) { if (result < 0) {
DEBUG_ERROR("Can't register nf notifier hook.\n"); DEBUG_ERROR("Can't register nf notifier hook.\n");
debugfs_remove_recursive(ecm_conntrack_notifier_dentry); debugfs_remove_recursive(ecm_conntrack_notifier_dentry);
@@ -439,7 +443,9 @@ EXPORT_SYMBOL(ecm_conntrack_notifier_ini @@ -441,7 +445,9 @@ EXPORT_SYMBOL(ecm_conntrack_notifier_init);
void ecm_conntrack_notifier_exit(void) void ecm_conntrack_notifier_exit(void)
{ {
DEBUG_INFO("ECM Conntrack Notifier exit\n"); DEBUG_INFO("ECM Conntrack Notifier exit\n");
@ -23,3 +35,6 @@
nf_conntrack_unregister_notifier(&init_net, &ecm_conntrack_notifier); nf_conntrack_unregister_notifier(&init_net, &ecm_conntrack_notifier);
#endif #endif
/* /*
--
2.34.1

18
qca/qca-nss-ecm/patches/205-resolve-high-load.patch → qca/qca-nss-ecm/patches/0005-qca-nss-ecm-resolve-the-cpu-high-load-regarding-ecm.patch
View File

@ -1,7 +1,7 @@
From 6924b71ed809b37fffd74d6428a8ca83e5919746 Mon Sep 17 00:00:00 2001 From 65aa71f33891bcf0b75995219e31abaf674c6199 Mon Sep 17 00:00:00 2001
From: Dirk Buchwalder <buchwalder@posteo.de> From: Dirk Buchwalder <buchwalder@posteo.de>
Date: Sun, 27 Jun 2021 16:52:39 +0200 Date: Sun, 27 Jun 2021 16:52:39 +0200
Subject: [PATCH] qca-nss-ecm: resolve the cpu high load regarding ecm Subject: [PATCH 05/12] qca-nss-ecm: resolve the cpu high load regarding ecm
If using ECM, cpu load goes up (around 1.0) and stucks there. If using ECM, cpu load goes up (around 1.0) and stucks there.
This is due to using uninterruptible sleep function, This is due to using uninterruptible sleep function,
@ -13,9 +13,11 @@ Signed-off-by: Dirk Buchwalder buchwalder@posteo.de
frontends/nss/ecm_nss_ipv6.c | 4 ++-- frontends/nss/ecm_nss_ipv6.c | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-) 2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/frontends/nss/ecm_nss_ipv4.c b/frontends/nss/ecm_nss_ipv4.c
index 5b0ce29..719a747 100644
--- a/frontends/nss/ecm_nss_ipv4.c --- a/frontends/nss/ecm_nss_ipv4.c
+++ b/frontends/nss/ecm_nss_ipv4.c +++ b/frontends/nss/ecm_nss_ipv4.c
@@ -2471,7 +2471,7 @@ static void ecm_nss_ipv4_stats_sync_req_ @@ -697,7 +697,7 @@ static void ecm_nss_ipv4_stats_sync_req_work(struct work_struct *work)
} }
spin_unlock_bh(&ecm_nss_ipv4_lock); spin_unlock_bh(&ecm_nss_ipv4_lock);
@ -24,7 +26,7 @@ Signed-off-by: Dirk Buchwalder buchwalder@posteo.de
/* /*
* If index is 0, we are starting a new round, but if we still have time remain * If index is 0, we are starting a new round, but if we still have time remain
@@ -2485,7 +2485,7 @@ static void ecm_nss_ipv4_stats_sync_req_ @@ -711,7 +711,7 @@ static void ecm_nss_ipv4_stats_sync_req_work(struct work_struct *work)
} }
if (time_after(ecm_nss_ipv4_next_req_time, current_jiffies)) { if (time_after(ecm_nss_ipv4_next_req_time, current_jiffies)) {
@ -33,9 +35,11 @@ Signed-off-by: Dirk Buchwalder buchwalder@posteo.de
} }
ecm_nss_ipv4_roll_check_jiffies = jiffies; ecm_nss_ipv4_roll_check_jiffies = jiffies;
ecm_nss_ipv4_next_req_time = ecm_nss_ipv4_roll_check_jiffies + ECM_NSS_IPV4_STATS_SYNC_PERIOD; ecm_nss_ipv4_next_req_time = ecm_nss_ipv4_roll_check_jiffies + ECM_NSS_IPV4_STATS_SYNC_PERIOD;
diff --git a/frontends/nss/ecm_nss_ipv6.c b/frontends/nss/ecm_nss_ipv6.c
index 8d13f68..67ee364 100644
--- a/frontends/nss/ecm_nss_ipv6.c --- a/frontends/nss/ecm_nss_ipv6.c
+++ b/frontends/nss/ecm_nss_ipv6.c +++ b/frontends/nss/ecm_nss_ipv6.c
@@ -2210,7 +2210,7 @@ static void ecm_nss_ipv6_stats_sync_req_ @@ -675,7 +675,7 @@ static void ecm_nss_ipv6_stats_sync_req_work(struct work_struct *work)
} }
spin_unlock_bh(&ecm_nss_ipv6_lock); spin_unlock_bh(&ecm_nss_ipv6_lock);
@ -44,7 +48,7 @@ Signed-off-by: Dirk Buchwalder buchwalder@posteo.de
/* /*
* If index is 0, we are starting a new round, but if we still have time remain * If index is 0, we are starting a new round, but if we still have time remain
@@ -2224,7 +2224,7 @@ static void ecm_nss_ipv6_stats_sync_req_ @@ -689,7 +689,7 @@ static void ecm_nss_ipv6_stats_sync_req_work(struct work_struct *work)
} }
if (time_after(ecm_nss_ipv6_next_req_time, current_jiffies)) { if (time_after(ecm_nss_ipv6_next_req_time, current_jiffies)) {
@ -53,3 +57,5 @@ Signed-off-by: Dirk Buchwalder buchwalder@posteo.de
} }
ecm_nss_ipv6_roll_check_jiffies = jiffies; ecm_nss_ipv6_roll_check_jiffies = jiffies;
ecm_nss_ipv6_next_req_time = ecm_nss_ipv6_roll_check_jiffies + ECM_NSS_IPV6_STATS_SYNC_PERIOD; ecm_nss_ipv6_next_req_time = ecm_nss_ipv6_roll_check_jiffies + ECM_NSS_IPV6_STATS_SYNC_PERIOD;
--
2.34.1

54
qca/qca-nss-ecm/patches/0006-ecm_interface-switch-to-kernel_recvmsg-api.patch Normal file
View File

@ -0,0 +1,54 @@
From 5a91820d390b36dafd29075b55504827b0123e62 Mon Sep 17 00:00:00 2001
From: Ansuel Smith <ansuelsmth@gmail.com>
Date: Sun, 8 May 2022 17:51:16 +0200
Subject: [PATCH 06/12] ecm_interface: switch to kernel_recvmsg api
set/get_fs() got dropped in 5.11+ kernel. Convert it to kernel_recvmsg
while fixing this deprecation.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
---
ecm_interface.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/ecm_interface.c b/ecm_interface.c
index b461456..6be872a 100644
--- a/ecm_interface.c
+++ b/ecm_interface.c
@@ -7617,9 +7617,13 @@ static int ecm_interface_wifi_event_hand
static int ecm_interface_wifi_event_rx(struct socket *sock, struct sockaddr_nl *addr, unsigned char *buf, int len)
{
struct msghdr msg;
- struct iovec iov;
+#if (LINUX_VERSION_CODE < KERNEL_VERSION(5, 15, 0))
+ struct iovec iov;
mm_segment_t oldfs;
int size;
+#else
+ struct kvec iov;
+#endif
iov.iov_base = buf;
iov.iov_len = len;
@@ -7629,7 +7633,8 @@ static int ecm_interface_wifi_event_rx(s
msg.msg_namelen = sizeof(struct sockaddr_nl);
msg.msg_control = NULL;
msg.msg_controllen = 0;
- oldfs = get_fs();
+#if (LINUX_VERSION_CODE < KERNEL_VERSION(5, 15, 0))
+ oldfs = get_fs();
set_fs(KERNEL_DS);
iov_iter_init(&msg.msg_iter, READ, &iov, 1, len);
#if (LINUX_VERSION_CODE < KERNEL_VERSION(4, 7, 0))
@@ -7640,6 +7645,9 @@ static int ecm_interface_wifi_event_rx(s
set_fs(oldfs);
return size;
+#else
+ return kernel_recvmsg(sock, &msg, &iov, 1, iov.iov_len, 0);
+#endif
}
/*
--
2.34.1

72
qca/qca-nss-ecm/patches/0007-treewide-rework-notifier-changes-for-5.15.patch Normal file
View File

@ -0,0 +1,72 @@
From e9073363a50a25bddd96e808f04bcf56c45da4ac Mon Sep 17 00:00:00 2001
From: Ansuel Smith <ansuelsmth@gmail.com>
Date: Sun, 8 May 2022 18:19:47 +0200
Subject: [PATCH 07/12] treewide: rework notifier changes for 5.15
Rework notifier changes for 5.15 conntrack new implementation.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
---
ecm_conntrack_notifier.c | 16 +++++++++++++++-
1 file changed, 15 insertions(+), 1 deletion(-)
diff --git a/ecm_conntrack_notifier.c b/ecm_conntrack_notifier.c
index 9c8a45e..9f2cdae 100644
--- a/ecm_conntrack_notifier.c
+++ b/ecm_conntrack_notifier.c
@@ -322,7 +322,7 @@ EXPORT_SYMBOL(ecm_conntrack_ipv4_event);
#ifdef CONFIG_NF_CONNTRACK_CHAIN_EVENTS
static int ecm_conntrack_event(struct notifier_block *this, unsigned long events, void *ptr)
#else
-static int ecm_conntrack_event(unsigned int events, struct nf_ct_event *item)
+static int ecm_conntrack_event(unsigned int events, const struct nf_ct_event *item)
#endif
{
#ifdef CONFIG_NF_CONNTRACK_CHAIN_EVENTS
@@ -388,7 +388,11 @@ static struct notifier_block ecm_conntrack_notifier = {
* Netfilter conntrack event system to monitor connection tracking changes
*/
static struct nf_ct_event_notifier ecm_conntrack_notifier = {
+#if (LINUX_VERSION_CODE < KERNEL_VERSION(5, 15, 0))
.fcn = ecm_conntrack_event,
+#else
+ .ct_event = ecm_conntrack_event,
+#endif
};
#endif
#endif
@@ -426,13 +430,19 @@ int ecm_conntrack_notifier_init(struct dentry *dentry)
#ifdef CONFIG_NF_CONNTRACK_CHAIN_EVENTS
result = nf_conntrack_register_chain_notifier(&init_net, &ecm_conntrack_notifier);
#else
+#if (LINUX_VERSION_CODE < KERNEL_VERSION(5, 15, 0))
result = nf_conntrack_register_notifier(&init_net, &ecm_conntrack_notifier);
+#else
+ nf_conntrack_register_notifier(&init_net, &ecm_conntrack_notifier);
+#endif
#endif
+#if (LINUX_VERSION_CODE < KERNEL_VERSION(5, 15, 0))
if (result < 0) {
DEBUG_ERROR("Can't register nf notifier hook.\n");
debugfs_remove_recursive(ecm_conntrack_notifier_dentry);
return result;
}
+#endif
#endif
return 0;
@@ -448,7 +458,11 @@ void ecm_conntrack_notifier_exit(void)
#ifdef CONFIG_NF_CONNTRACK_CHAIN_EVENTS
nf_conntrack_unregister_chain_notifier(&init_net, &ecm_conntrack_notifier);
#else
+#if (LINUX_VERSION_CODE < KERNEL_VERSION(5, 15, 0))
nf_conntrack_unregister_notifier(&init_net, &ecm_conntrack_notifier);
+#else
+ nf_conntrack_unregister_notifier(&init_net);
+#endif
#endif
/*
* Remove the debugfs files recursively.
--
2.34.1

151
qca/qca-nss-ecm/patches/0008-frontends-drop-use-of-static-be_liberal-and-no_windo.patch Normal file
View File

@ -0,0 +1,151 @@
From 15530431f3ce3273b3cfc2da356d7fb71ed48020 Mon Sep 17 00:00:00 2001
From: Ansuel Smith <ansuelsmth@gmail.com>
Date: Sun, 8 May 2022 16:16:34 +0200
Subject: [PATCH 08/12] frontends: drop use of static be_liberal and
no_window_check
Implementation changed, check these values indirectly instead of relying
on an extern EXPORT_SYMBOL.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
---
frontends/nss/ecm_nss_ported_ipv4.c | 14 ++++----------
frontends/nss/ecm_nss_ported_ipv6.c | 14 ++++----------
frontends/sfe/ecm_sfe_ported_ipv4.c | 6 ++++--
frontends/sfe/ecm_sfe_ported_ipv6.c | 6 ++++--
4 files changed, 16 insertions(+), 24 deletions(-)
diff --git a/frontends/nss/ecm_nss_ported_ipv4.c b/frontends/nss/ecm_nss_ported_ipv4.c
index ea997e3..0c4261a 100644
--- a/frontends/nss/ecm_nss_ported_ipv4.c
+++ b/frontends/nss/ecm_nss_ported_ipv4.c
@@ -125,14 +125,6 @@ struct ecm_nss_ported_ipv4_connection_instance {
static int ecm_nss_ported_ipv4_accelerated_count[ECM_NSS_PORTED_IPV4_PROTO_MAX] = {0};
/* Array of Number of TCP and UDP connections currently offloaded */
-/*
- * Expose what should be a static flag in the TCP connection tracker.
- */
-#ifdef ECM_OPENWRT_SUPPORT
-extern int nf_ct_tcp_no_window_check;
-#endif
-extern int nf_ct_tcp_be_liberal;
-
/*
* ecm_nss_ported_ipv4_connection_callback()
* Callback for handling create ack/nack calls.
@@ -372,6 +364,8 @@ static void ecm_nss_ported_ipv4_connection_accelerate(struct ecm_front_end_conne
uint8_t dest_mac_xlate[ETH_ALEN];
ecm_db_direction_t ecm_dir;
ecm_front_end_acceleration_mode_t result_mode;
+ struct net *net = nf_ct_net(ct);
+ struct nf_tcp_net *tn = nf_tcp_pernet(net);
DEBUG_CHECK_MAGIC(npci, ECM_NSS_PORTED_IPV4_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", npci);
@@ -1236,9 +1230,9 @@ static void ecm_nss_ported_ipv4_connection_accelerate(struct ecm_front_end_conne
nircm->tcp_rule.return_end = ct->proto.tcp.seen[return_dir].td_end;
nircm->tcp_rule.return_max_end = ct->proto.tcp.seen[return_dir].td_maxend;
#ifdef ECM_OPENWRT_SUPPORT
- if (nf_ct_tcp_be_liberal || nf_ct_tcp_no_window_check
+ if (tn->tcp_be_liberal || tn->tcp_no_window_check
#else
- if (nf_ct_tcp_be_liberal
+ if (tn->tcp_be_liberal
#endif
|| (ct->proto.tcp.seen[flow_dir].flags & IP_CT_TCP_FLAG_BE_LIBERAL)
|| (ct->proto.tcp.seen[return_dir].flags & IP_CT_TCP_FLAG_BE_LIBERAL)) {
diff --git a/frontends/nss/ecm_nss_ported_ipv6.c b/frontends/nss/ecm_nss_ported_ipv6.c
index 451a557..d1b3e14 100644
--- a/frontends/nss/ecm_nss_ported_ipv6.c
+++ b/frontends/nss/ecm_nss_ported_ipv6.c
@@ -125,14 +125,6 @@ struct ecm_nss_ported_ipv6_connection_instance {
static int ecm_nss_ported_ipv6_accelerated_count[ECM_NSS_PORTED_IPV6_PROTO_MAX] = {0};
/* Array of Number of TCP and UDP connections currently offloaded */
-/*
- * Expose what should be a static flag in the TCP connection tracker.
- */
-#ifdef ECM_OPENWRT_SUPPORT
-extern int nf_ct_tcp_no_window_check;
-#endif
-extern int nf_ct_tcp_be_liberal;
-
/*
* ecm_nss_ported_ipv6_connection_callback()
* Callback for handling create ack/nack calls.
@@ -376,6 +368,8 @@ static void ecm_nss_ported_ipv6_connection_accelerate(struct ecm_front_end_conne
ip_addr_t src_ip;
ip_addr_t dest_ip;
ecm_front_end_acceleration_mode_t result_mode;
+ struct net *net = nf_ct_net(ct);
+ struct nf_tcp_net *tn = nf_tcp_pernet(net);
DEBUG_CHECK_MAGIC(npci, ECM_NSS_PORTED_IPV6_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", npci);
@@ -1162,9 +1156,9 @@ static void ecm_nss_ported_ipv6_connection_accelerate(struct ecm_front_end_conne
nircm->tcp_rule.return_end = ct->proto.tcp.seen[return_dir].td_end;
nircm->tcp_rule.return_max_end = ct->proto.tcp.seen[return_dir].td_maxend;
#ifdef ECM_OPENWRT_SUPPORT
- if (nf_ct_tcp_be_liberal || nf_ct_tcp_no_window_check
+ if (tn->tcp_be_liberal || tn->tcp_no_window_check
#else
- if (nf_ct_tcp_be_liberal
+ if (tn->tcp_be_liberal
#endif
|| (ct->proto.tcp.seen[flow_dir].flags & IP_CT_TCP_FLAG_BE_LIBERAL)
|| (ct->proto.tcp.seen[return_dir].flags & IP_CT_TCP_FLAG_BE_LIBERAL)) {
diff --git a/frontends/sfe/ecm_sfe_ported_ipv4.c b/frontends/sfe/ecm_sfe_ported_ipv4.c
index 53f5b07..ef719ec 100644
--- a/frontends/sfe/ecm_sfe_ported_ipv4.c
+++ b/frontends/sfe/ecm_sfe_ported_ipv4.c
@@ -421,6 +421,8 @@ static void ecm_sfe_ported_ipv4_connecti
uint8_t dest_mac_xlate[ETH_ALEN];
ecm_db_direction_t ecm_dir;
ecm_front_end_acceleration_mode_t result_mode;
+ struct net *net = nf_ct_net(ct);
+ struct nf_tcp_net *tn = nf_tcp_pernet(net);
uint32_t l2_accel_bits = (ECM_SFE_COMMON_FLOW_L2_ACCEL_ALLOWED | ECM_SFE_COMMON_RETURN_L2_ACCEL_ALLOWED);
ecm_sfe_common_l2_accel_check_callback_t l2_accel_check;
@@ -1333,9 +1335,9 @@ static void ecm_sfe_ported_ipv4_connecti
nircm->tcp_rule.return_end = ct->proto.tcp.seen[return_dir].td_end;
nircm->tcp_rule.return_max_end = ct->proto.tcp.seen[return_dir].td_maxend;
#ifdef ECM_OPENWRT_SUPPORT
- if (nf_ct_tcp_be_liberal || nf_ct_tcp_no_window_check
+ if (tn->tcp_be_liberal || tn->tcp_no_window_check)
#else
- if (nf_ct_tcp_be_liberal
+ if (tn->tcp_be_liberal)
#endif
|| (ct->proto.tcp.seen[flow_dir].flags & IP_CT_TCP_FLAG_BE_LIBERAL)
|| (ct->proto.tcp.seen[return_dir].flags & IP_CT_TCP_FLAG_BE_LIBERAL)) {
diff --git a/frontends/sfe/ecm_sfe_ported_ipv6.c b/frontends/sfe/ecm_sfe_ported_ipv6.c
index ae04cb4..9abb563 100644
--- a/frontends/sfe/ecm_sfe_ported_ipv6.c
+++ b/frontends/sfe/ecm_sfe_ported_ipv6.c
@@ -426,7 +426,9 @@ static void ecm_sfe_ported_ipv6_connecti
ip_addr_t src_ip;
ip_addr_t dest_ip;
ecm_front_end_acceleration_mode_t result_mode;
- uint32_t l2_accel_bits = (ECM_SFE_COMMON_FLOW_L2_ACCEL_ALLOWED | ECM_SFE_COMMON_RETURN_L2_ACCEL_ALLOWED);
+ struct net *net = nf_ct_net(ct);
+ struct nf_tcp_net *tn = nf_tcp_pernet(net);
+ uint32_t l2_accel_bits = (ECM_SFE_COMMON_FLOW_L2_ACCEL_ALLOWED | ECM_SFE_COMMON_RETURN_L2_ACCEL_ALLOWED);
ecm_sfe_common_l2_accel_check_callback_t l2_accel_check;
DEBUG_CHECK_MAGIC(npci, ECM_SFE_PORTED_IPV6_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", npci);
@@ -1293,9 +1295,9 @@ static void ecm_sfe_ported_ipv6_connecti
nircm->tcp_rule.return_end = ct->proto.tcp.seen[return_dir].td_end;
nircm->tcp_rule.return_max_end = ct->proto.tcp.seen[return_dir].td_maxend;
#ifdef ECM_OPENWRT_SUPPORT
- if (nf_ct_tcp_be_liberal || nf_ct_tcp_no_window_check
+ if (tn->tcp_be_liberal || tn->tcp_no_window_check)
#else
- if (nf_ct_tcp_be_liberal
+ if (tn->tcp_be_liberal)
#endif
|| (ct->proto.tcp.seen[flow_dir].flags & IP_CT_TCP_FLAG_BE_LIBERAL)
|| (ct->proto.tcp.seen[return_dir].flags & IP_CT_TCP_FLAG_BE_LIBERAL)) {
--
2.34.1

55
qca/qca-nss-ecm/patches/0009-ecm_tracker_datagram-drop-static-for-EXPORT_SYMBOL.patch Normal file
View File

@ -0,0 +1,55 @@
From 9827d8597545ecfee17eba7b08d48dbcdf55c614 Mon Sep 17 00:00:00 2001
From: Ansuel Smith <ansuelsmth@gmail.com>
Date: Sun, 8 May 2022 18:39:39 +0200
Subject: [PATCH 09/12] ecm_tracker_datagram: drop static for EXPORT_SYMBOL
EXPORT_SYMBOL should NOT be static
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
---
ecm_tracker_datagram.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/ecm_tracker_datagram.c b/ecm_tracker_datagram.c
index 9c04d73..ae14146 100644
--- a/ecm_tracker_datagram.c
+++ b/ecm_tracker_datagram.c
@@ -203,7 +203,7 @@ static void ecm_tracker_datagram_datagram_discard(struct ecm_tracker_datagram_in
* ecm_tracker_datagram_discard_all()
* Discard all tracked data
*/
-static void ecm_tracker_datagram_discard_all(struct ecm_tracker_datagram_internal_instance *dtii)
+void ecm_tracker_datagram_discard_all(struct ecm_tracker_datagram_internal_instance *dtii)
{
int32_t src_count;
int32_t dest_count;
@@ -364,7 +364,7 @@ static void ecm_tracker_datagram_datagram_discard_callback(struct ecm_tracker_in
* ecm_tracker_datagram_datagram_size_get()
* Return size in bytes of datagram at index i that was sent to the target
*/
-static int32_t ecm_tracker_datagram_datagram_size_get(struct ecm_tracker_datagram_instance *uti, ecm_tracker_sender_type_t sender, int32_t i)
+int32_t ecm_tracker_datagram_datagram_size_get(struct ecm_tracker_datagram_instance *uti, ecm_tracker_sender_type_t sender, int32_t i)
{
struct ecm_tracker_datagram_internal_instance *dtii = (struct ecm_tracker_datagram_internal_instance *)uti;
@@ -412,7 +412,7 @@ static int32_t ecm_tracker_datagram_datagram_size_get_callback(struct ecm_tracke
* ecm_tracker_datagram_datagram_read()
* Read size bytes from datagram at index i into the buffer
*/
-static int ecm_tracker_datagram_datagram_read(struct ecm_tracker_datagram_instance *uti, ecm_tracker_sender_type_t sender, int32_t i, int32_t offset, int32_t size, void *buffer)
+int ecm_tracker_datagram_datagram_read(struct ecm_tracker_datagram_instance *uti, ecm_tracker_sender_type_t sender, int32_t i, int32_t offset, int32_t size, void *buffer)
{
struct ecm_tracker_datagram_internal_instance *dtii = (struct ecm_tracker_datagram_internal_instance *)uti;
int res;
@@ -466,7 +466,7 @@ static int ecm_tracker_datagram_datagram_read_callback(struct ecm_tracker_instan
* ecm_tracker_datagram_datagram_add()
* Append the datagram onto the tracker queue for the given target
*/
-static bool ecm_tracker_datagram_datagram_add(struct ecm_tracker_datagram_instance *uti, ecm_tracker_sender_type_t sender, struct sk_buff *skb)
+bool ecm_tracker_datagram_datagram_add(struct ecm_tracker_datagram_instance *uti, ecm_tracker_sender_type_t sender, struct sk_buff *skb)
{
struct ecm_tracker_datagram_internal_instance *dtii = (struct ecm_tracker_datagram_internal_instance *)uti;
struct sk_buff *skbc;
--
2.34.1

73
qca/qca-nss-ecm/patches/0010-frontends-drop-udp_get_timeouts-and-use-standard-ups.patch Normal file
View File

@ -0,0 +1,73 @@
From ef638a84405c9f6556a9d7c257ccbba74efd228e Mon Sep 17 00:00:00 2001
From: Ansuel Smith <ansuelsmth@gmail.com>
Date: Sat, 14 May 2022 20:15:10 +0200
Subject: [PATCH 10/12] frontends: drop udp_get_timeouts and use standard
upstream api
Drop udp_get_timeouts and use nf_udp_pernet and ->timeouts
instead or relying on a downstream api not present upstream.
---
frontends/nss/ecm_nss_ipv4.c | 3 ++-
frontends/nss/ecm_nss_ipv6.c | 3 ++-
frontends/sfe/ecm_sfe_ipv4.c | 3 ++-
frontends/sfe/ecm_sfe_ipv6.c | 3 ++-
4 files changed, 8 insertions(+), 4 deletions(-)
diff --git a/frontends/nss/ecm_nss_ipv4.c b/frontends/nss/ecm_nss_ipv4.c
index 719a747..558819a 100644
--- a/frontends/nss/ecm_nss_ipv4.c
+++ b/frontends/nss/ecm_nss_ipv4.c
@@ -607,7 +607,8 @@ sync_conntrack:
#else
timeouts = nf_ct_timeout_lookup(ct);
if (!timeouts) {
- timeouts = udp_get_timeouts(nf_ct_net(ct));
+ struct nf_udp_net *un = nf_udp_pernet(nf_ct_net(ct));
+ timeouts = un->timeouts;
}
spin_lock_bh(&ct->lock);
diff --git a/frontends/nss/ecm_nss_ipv6.c b/frontends/nss/ecm_nss_ipv6.c
index 67ee364..51eb069 100644
--- a/frontends/nss/ecm_nss_ipv6.c
+++ b/frontends/nss/ecm_nss_ipv6.c
@@ -586,7 +586,8 @@ sync_conntrack:
#else
timeouts = nf_ct_timeout_lookup(ct);
if (!timeouts) {
- timeouts = udp_get_timeouts(nf_ct_net(ct));
+ struct nf_udp_net *un = nf_udp_pernet(nf_ct_net(ct));
+ timeouts = un->timeouts;
}
spin_lock_bh(&ct->lock);
diff --git a/frontends/sfe/ecm_sfe_ipv4.c b/frontends/sfe/ecm_sfe_ipv4.c
index 3f30821..931af5d 100644
--- a/frontends/sfe/ecm_sfe_ipv4.c
+++ b/frontends/sfe/ecm_sfe_ipv4.c
@@ -527,7 +527,8 @@ sync_conntrack:
#else
timeouts = nf_ct_timeout_lookup(ct);
if (!timeouts) {
- timeouts = udp_get_timeouts(nf_ct_net(ct));
+ struct nf_udp_net *un = nf_udp_pernet(nf_ct_net(ct));
+ timeouts = un->timeouts;
}
spin_lock_bh(&ct->lock);
diff --git a/frontends/sfe/ecm_sfe_ipv6.c b/frontends/sfe/ecm_sfe_ipv6.c
index 54fdbf3..63d8888 100644
--- a/frontends/sfe/ecm_sfe_ipv6.c
+++ b/frontends/sfe/ecm_sfe_ipv6.c
@@ -516,7 +516,8 @@ sync_conntrack:
#else
timeouts = nf_ct_timeout_lookup(ct);
if (!timeouts) {
- timeouts = udp_get_timeouts(nf_ct_net(ct));
+ struct nf_udp_net *un = nf_udp_pernet(nf_ct_net(ct));
+ timeouts = un->timeouts;
}
spin_lock_bh(&ct->lock);
--
2.34.1

20
qca/qca-nss-ecm/patches/0013-ecm_interface-fix-ppp-generic-function-calls-for-5.15.patch Normal file
View File

@ -0,0 +1,20 @@
--- a/ecm_interface.c
+++ b/ecm_interface.c
@@ -3551,7 +3551,7 @@ identifier_update:
if (skb && (skb->skb_iif == dev->ifindex)) {
struct pppol2tp_common_addr info;
- if (__ppp_is_multilink(dev) > 0) {
+ if (ppp_is_multilink(dev) > 0) {
DEBUG_TRACE("%px: Net device: %px is MULTILINK PPP - Unknown to the ECM\n", feci, dev);
type_info.unknown.os_specific_ident = dev_interface_num;
@@ -3561,7 +3561,7 @@ identifier_update:
ii = ecm_interface_unknown_interface_establish(&type_info.unknown, dev_name, dev_interface_num, ae_interface_num, dev_mtu);
return ii;
}
- channel_count = __ppp_hold_channels(dev, ppp_chan, 1);
+ channel_count = ppp_hold_channels(dev, ppp_chan, 1);
if (channel_count != 1) {
DEBUG_TRACE("%px: Net device: %px PPP has %d channels - ECM cannot handle this (interface becomes Unknown type)\n",
feci, dev, channel_count);

49
qca/qca-nss-ecm/patches/204-More-compile-fixes.patch
View File

@ -1,49 +0,0 @@
From e6d701c0d454d841366c556b2ef07a5203ffb35d Mon Sep 17 00:00:00 2001
From: Robert Marko <robimarko@gmail.com>
Date: Fri, 21 May 2021 21:41:31 +0200
Subject: [PATCH] More compile fixes
More runtime compile fixes.
Signed-off-by: Robert Marko <robimarko@gmail.com>
---
frontends/nss/ecm_nss_ported_ipv4.c | 12 +++---------
frontends/nss/ecm_nss_ported_ipv6.c | 12 +++---------
2 files changed, 6 insertions(+), 18 deletions(-)
--- a/frontends/nss/ecm_nss_ported_ipv4.c
+++ b/frontends/nss/ecm_nss_ported_ipv4.c
@@ -2935,14 +2935,8 @@ done:
*/
bool ecm_nss_ported_ipv4_debugfs_init(struct dentry *dentry)
{
- struct dentry *udp_dentry;
-
- udp_dentry = debugfs_create_u32("udp_accelerated_count", S_IRUGO, dentry,
+ debugfs_create_u32("udp_accelerated_count", S_IRUGO, dentry,
&ecm_nss_ported_ipv4_accelerated_count[ECM_NSS_PORTED_IPV4_PROTO_UDP]);
- if (!udp_dentry) {
- DEBUG_ERROR("Failed to create ecm nss ipv4 udp_accelerated_count file in debugfs\n");
- return false;
- }
debugfs_create_u32("tcp_accelerated_count", S_IRUGO, dentry,
&ecm_nss_ported_ipv4_accelerated_count[ECM_NSS_PORTED_IPV4_PROTO_TCP]);
--- a/frontends/nss/ecm_nss_ported_ipv6.c
+++ b/frontends/nss/ecm_nss_ported_ipv6.c
@@ -2723,14 +2723,8 @@ done:
*/
bool ecm_nss_ported_ipv6_debugfs_init(struct dentry *dentry)
{
- struct dentry *udp_dentry;
-
- udp_dentry = debugfs_create_u32("udp_accelerated_count", S_IRUGO, dentry,
+ debugfs_create_u32("udp_accelerated_count", S_IRUGO, dentry,
&ecm_nss_ported_ipv6_accelerated_count[ECM_NSS_PORTED_IPV6_PROTO_UDP]);
- if (!udp_dentry) {
- DEBUG_ERROR("Failed to create ecm nss ipv6 udp_accelerated_count file in debugfs\n");
- return false;
- }
debugfs_create_u32("tcp_accelerated_count", S_IRUGO, dentry,
&ecm_nss_ported_ipv6_accelerated_count[ECM_NSS_PORTED_IPV6_PROTO_TCP]);

146
qca/qca-nss-ecm/patches/900-treewide-export-ipv4-and-ipv6-symbols.patch Normal file
View File

@ -0,0 +1,146 @@
--- a/frontends/nss/ecm_nss_ipv4.h
+++ b/frontends/nss/ecm_nss_ipv4.h
@@ -14,6 +14,9 @@
**************************************************************************
*/
+#ifndef __ECM_FRONT_END_NSS_IPV4_H
+#define __ECM_FRONT_END_NSS_IPV4_H
+
#include <nss_api_if.h>
extern int ecm_nss_ipv4_no_action_limit_default; /* Default no-action limit. */
@@ -168,3 +171,5 @@ extern void ecm_nss_ipv4_accel_done_time
extern void ecm_nss_ipv4_decel_done_time_update(struct ecm_front_end_connection_instance *feci);
extern int ecm_nss_ipv4_init(struct dentry *dentry);
extern void ecm_nss_ipv4_exit(void);
+
+#endif /* __ECM_FRONT_END_NSS_IPV4_H */
--- a/frontends/nss/ecm_nss_ipv6.h
+++ b/frontends/nss/ecm_nss_ipv6.h
@@ -14,6 +14,9 @@
**************************************************************************
*/
+#ifndef __ECM_FRONT_END_NSS_IPV6_H
+#define __ECM_FRONT_END_NSS_IPV6_H
+
#include <nss_api_if.h>
extern int ecm_nss_ipv6_no_action_limit_default; /* Default no-action limit. */
@@ -168,3 +171,5 @@ extern void ecm_nss_ipv6_accel_done_time
extern void ecm_nss_ipv6_decel_done_time_update(struct ecm_front_end_connection_instance *feci);
extern int ecm_nss_ipv6_init(struct dentry *dentry);
extern void ecm_nss_ipv6_exit(void);
+
+#endif /* __ECM_FRONT_END_NSS_IPV6_H */
--- a/frontends/nss/ecm_nss_common.c
+++ b/frontends/nss/ecm_nss_common.c
@@ -67,6 +67,7 @@ bool ecm_nss_ipv6_is_conn_limit_reached(
return false;
}
+EXPORT_SYMBOL(ecm_nss_ipv6_is_conn_limit_reached);
#endif
/*
@@ -93,3 +94,4 @@ bool ecm_nss_ipv4_is_conn_limit_reached(
return false;
}
+EXPORT_SYMBOL(ecm_nss_ipv4_is_conn_limit_reached);
--- a/frontends/nss/ecm_nss_non_ported_ipv4.h
+++ b/frontends/nss/ecm_nss_non_ported_ipv4.h
@@ -19,7 +19,7 @@
extern bool ecm_nss_non_ported_ipv4_debugfs_init(struct dentry *dentry);
-extern struct ecm_front_end_connection_instance *ecm_nss_non_ported_ipv4_connection_instance_alloc(
- bool can_accel, int protocol,
- struct ecm_db_connection_instance **nci);
+struct ecm_front_end_connection_instance *ecm_nss_non_ported_ipv4_connection_instance_alloc(
+ bool can_accel, int protocol,
+ struct ecm_db_connection_instance **nci);
extern void ecm_nss_non_ported_ipv4_sit_set_peer(struct ecm_front_end_connection_instance *feci, struct sk_buff *skb);
--- a/frontends/nss/ecm_nss_non_ported_ipv4.c
+++ b/frontends/nss/ecm_nss_non_ported_ipv4.c
@@ -1822,6 +1822,7 @@ struct ecm_front_end_connection_instance
return feci;
}
+EXPORT_SYMBOL(ecm_nss_non_ported_ipv4_connection_instance_alloc);
/*
* ecm_nss_non_ported_ipv4_debugfs_init()
--- a/frontends/nss/ecm_nss_non_ported_ipv6.h
+++ b/frontends/nss/ecm_nss_non_ported_ipv6.h
@@ -19,7 +19,7 @@
extern bool ecm_nss_non_ported_ipv6_debugfs_init(struct dentry *dentry);
-extern struct ecm_front_end_connection_instance *ecm_nss_non_ported_ipv6_connection_instance_alloc(
- bool can_accel,
- int protocol,
- struct ecm_db_connection_instance **nci);
+struct ecm_front_end_connection_instance *ecm_nss_non_ported_ipv6_connection_instance_alloc(
+ bool can_accel,
+ int protocol,
+ struct ecm_db_connection_instance **nci);
--- a/frontends/nss/ecm_nss_non_ported_ipv6.c
+++ b/frontends/nss/ecm_nss_non_ported_ipv6.c
@@ -1648,6 +1648,7 @@ struct ecm_front_end_connection_instance
return feci;
}
+EXPORT_SYMBOL(ecm_nss_non_ported_ipv6_connection_instance_alloc);
/*
* ecm_nss_non_ported_ipv6_debugfs_init()
--- a/frontends/nss/ecm_nss_ported_ipv4.h
+++ b/frontends/nss/ecm_nss_ported_ipv4.h
@@ -19,7 +19,7 @@
extern bool ecm_nss_ported_ipv4_debugfs_init(struct dentry *dentry);
-extern struct ecm_front_end_connection_instance *ecm_nss_ported_ipv4_connection_instance_alloc(
- bool can_accel,
- int protocol,
- struct ecm_db_connection_instance **nci);
+struct ecm_front_end_connection_instance *ecm_nss_ported_ipv4_connection_instance_alloc(
+ bool can_accel,
+ int protocol,
+ struct ecm_db_connection_instance **nci);
--- a/frontends/nss/ecm_nss_ported_ipv4.c
+++ b/frontends/nss/ecm_nss_ported_ipv4.c
@@ -1877,6 +1877,7 @@ struct ecm_front_end_connection_instance
return feci;
}
+EXPORT_SYMBOL(ecm_nss_ported_ipv4_connection_instance_alloc);
/*
* ecm_nss_ported_ipv4_debugfs_init()
--- a/frontends/nss/ecm_nss_ported_ipv6.h
+++ b/frontends/nss/ecm_nss_ported_ipv6.h
@@ -19,7 +19,7 @@
extern bool ecm_nss_ported_ipv6_debugfs_init(struct dentry *dentry);
-extern struct ecm_front_end_connection_instance *ecm_nss_ported_ipv6_connection_instance_alloc(
- bool can_accel,
- int protocol,
- struct ecm_db_connection_instance **nci);
+struct ecm_front_end_connection_instance *ecm_nss_ported_ipv6_connection_instance_alloc(
+ bool can_accel,
+ int protocol,
+ struct ecm_db_connection_instance **nci);
--- a/frontends/nss/ecm_nss_ported_ipv6.c
+++ b/frontends/nss/ecm_nss_ported_ipv6.c
@@ -1791,6 +1791,7 @@ struct ecm_front_end_connection_instance
return feci;
}
+EXPORT_SYMBOL(ecm_nss_ported_ipv6_connection_instance_alloc);
/*
* ecm_nss_ported_ipv6_debugfs_init()

67
qca/qca-nss-ecm/patches/901-qca-nss-ecm-fix-a-memcpy-overflow-in-ecm_db.patch Normal file
View File

@ -0,0 +1,67 @@
From 1958e34c4c1b8b4fb62eba693fbd7693536947b9 Mon Sep 17 00:00:00 2001
From: flebourse <francis.lebourse@sfr.fr>
Date: Thu, 23 Dec 2021 16:11:06 +0100
Subject: [PATCH] qca-nss-ecm: fix a memcpy overflow in ecm_db
Calls to ipv6_addr_prefix() trigger a memcpy overflow if the prefix len
argument is greater than 128, cap it at this value.
stack bactrace:
detected buffer overflow in memcpy
Kernel BUG at fortify_panic+0x20/0x24
Internal error: Oops - BUG: 0 [#1] SMP
CPU: 2 PID: 2592 Comm: netifd Not tainted 5.10.80 #0
Hardware name: Xiaomi AX9000 (DT)
Call trace:
fortify_panic+0x20/0x24
ecm_db_exit+0x42c/0x49c [ecm]
ecm_db_exit+0x464/0x49c [ecm]
atomic_notifier_call_chain+0x5c/0x90
ip6_route_add+0x13c/0x1a4
inet6_rtm_newroute+0x98/0xa0
rtnetlink_rcv_msg+0x10c/0x34c
netlink_rcv_skb+0x5c/0x130
rtnetlink_rcv+0x1c/0x2c
netlink_unicast+0x1ec/0x2e0
netlink_sendmsg+0x1a4/0x394
____sys_sendmsg+0x270/0x2b4
___sys_sendmsg+0x7c/0xc0
__sys_sendmsg+0x5c/0xb0
__arm64_sys_sendmsg+0x28/0x34
el0_svc_common.constprop.0+0x88/0x190
do_el0_svc+0x74/0x94
el0_svc+0x14/0x20
el0_sync_handler+0xa8/0x130
el0_sync+0x184/0x1c0
Code: aa0003e1 912b4040 910003fd 97fff56c (d4210000)
Signed-off-By: Francis Le Bourse <francis.lebourse@sfr.fr>
---
ecm_db/ecm_db.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ecm_db/ecm_db.c b/ecm_db/ecm_db.c
index c6f408d..df04afd 100644
--- a/ecm_db/ecm_db.c
+++ b/ecm_db/ecm_db.c
@@ -298,7 +298,7 @@ static int ecm_db_ipv6_route_table_update_event(struct notifier_block *nb,
* Compute ECM connection's prefix destination address by masking it with the
* route config's destination address prefix length.
*/
- ipv6_addr_prefix(&prefix_addr, &ecm_in6, cfg->fc_dst_len);
+ ipv6_addr_prefix(&prefix_addr, &ecm_in6, min(128, cfg->fc_dst_len));
DEBUG_TRACE("dest addr prefix: %pI6 prefix_len: %d ecm_in6: %pI6\n", &prefix_addr, cfg->fc_dst_len, &ecm_in6);
@@ -326,7 +326,7 @@ static int ecm_db_ipv6_route_table_update_event(struct notifier_block *nb,
* Compute ECM connection's prefix source address by masking it with the
* route config's destination address prefix length.
*/
- ipv6_addr_prefix(&prefix_addr, &ecm_in6, cfg->fc_dst_len);
+ ipv6_addr_prefix(&prefix_addr, &ecm_in6, min(128, cfg->fc_dst_len));
DEBUG_TRACE("src addr prefix: %pI6 prefix_len: %d ecm_in6: %pI6\n", &prefix_addr, cfg->fc_dst_len, &ecm_in6);
--
2.1.4

75
qca/qca-nss-ecm/patches/902-qca-nss-ecm-Fix-nf_ct_net-null-pointer-reference.patch Normal file
View File

@ -0,0 +1,75 @@
--- a/frontends/nss/ecm_nss_ported_ipv4.c
+++ b/frontends/nss/ecm_nss_ported_ipv4.c
@@ -335,8 +335,12 @@ static void ecm_nss_ported_ipv4_connecti
uint8_t dest_mac_xlate[ETH_ALEN];
ecm_db_direction_t ecm_dir;
ecm_front_end_acceleration_mode_t result_mode;
- struct net *net = nf_ct_net(ct);
- struct nf_tcp_net *tn = nf_tcp_pernet(net);
+ struct nf_tcp_net *tn;
+
+ if (ct) {
+ struct net *net = nf_ct_net(ct);
+ tn = nf_tcp_pernet(net);
+ }
DEBUG_CHECK_MAGIC(feci, ECM_FRONT_END_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", feci);
--- a/frontends/nss/ecm_nss_ported_ipv6.c
+++ b/frontends/nss/ecm_nss_ported_ipv6.c
@@ -340,8 +340,12 @@ static void ecm_nss_ported_ipv6_connecti
ip_addr_t src_ip;
ip_addr_t dest_ip;
ecm_front_end_acceleration_mode_t result_mode;
- struct net *net = nf_ct_net(ct);
- struct nf_tcp_net *tn = nf_tcp_pernet(net);
+ struct nf_tcp_net *tn;
+
+ if (ct) {
+ struct net *net = nf_ct_net(ct);
+ tn = nf_tcp_pernet(net);
+ }
DEBUG_CHECK_MAGIC(feci, ECM_FRONT_END_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", feci);
--- a/frontends/sfe/ecm_sfe_ported_ipv4.c
+++ b/frontends/sfe/ecm_sfe_ported_ipv4.c
@@ -365,11 +365,15 @@ static void ecm_sfe_ported_ipv4_connecti
uint8_t dest_mac_xlate[ETH_ALEN];
ecm_db_direction_t ecm_dir;
ecm_front_end_acceleration_mode_t result_mode;
- struct net *net = nf_ct_net(ct);
- struct nf_tcp_net *tn = nf_tcp_pernet(net);
+ struct nf_tcp_net *tn;
uint32_t l2_accel_bits = (ECM_SFE_COMMON_FLOW_L2_ACCEL_ALLOWED | ECM_SFE_COMMON_RETURN_L2_ACCEL_ALLOWED);
ecm_sfe_common_l2_accel_check_callback_t l2_accel_check;
+ if (ct) {
+ struct net *net = nf_ct_net(ct);
+ tn = nf_tcp_pernet(net);
+ }
+
DEBUG_CHECK_MAGIC(feci, ECM_FRONT_END_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", feci);
/*
--- a/frontends/sfe/ecm_sfe_ported_ipv6.c
+++ b/frontends/sfe/ecm_sfe_ported_ipv6.c
@@ -369,11 +369,15 @@ static void ecm_sfe_ported_ipv6_connecti
ip_addr_t src_ip;
ip_addr_t dest_ip;
ecm_front_end_acceleration_mode_t result_mode;
- struct net *net = nf_ct_net(ct);
- struct nf_tcp_net *tn = nf_tcp_pernet(net);
+ struct nf_tcp_net *tn;
uint32_t l2_accel_bits = (ECM_SFE_COMMON_FLOW_L2_ACCEL_ALLOWED | ECM_SFE_COMMON_RETURN_L2_ACCEL_ALLOWED);
ecm_sfe_common_l2_accel_check_callback_t l2_accel_check;
+ if (ct) {
+ struct net *net = nf_ct_net(ct);
+ tn = nf_tcp_pernet(net);
+ }
+
DEBUG_CHECK_MAGIC(feci, ECM_FRONT_END_CONNECTION_INSTANCE_MAGIC, "%px: magic failed", feci);
/*