Gitiles
Code Review Sign In
git01.mediatek.com / openwrt / feeds / mtk-openwrt-feeds / 0f67e42852dbdd5c877707eb8d5f96b613172a6a^! / .
commit0f67e42852dbdd5c877707eb8d5f96b613172a6a[log] [tgz]
authordeveloper <developer@mediatek.com>Mon Jul 05 14:46:36 2021 +0800
committerdeveloper <developer@mediatek.com>Wed Jul 07 22:09:17 2021 +0800
treef48551b67c34fca1c765c27e4e4e9fc6cac51746
parentf3ac1551531839af45c676542399068535bb66c0 [diff]
[][Add necessary patch and config for NF_HNAT]

[Description]
Add necessary patch and config for NF_HNAT.
	- patch : for resolving IPv6 expand headroom issue
	- config : for enabling NETFILTER by default

[Release-log]
N/A

Change-Id: Iffce551fd9caeb3e36911c2d45e5127a98682d1c
Reviewed-on: https://gerrit.mediatek.inc/c/openwrt/feeds/mtk_openwrt_feeds/+/4712981

diff --git a/target/linux/mediatek/mt7986/config-5.4 b/target/linux/mediatek/mt7986/config-5.4
index 2622dbe..9e6c54c 100644
--- a/target/linux/mediatek/mt7986/config-5.4
+++ b/target/linux/mediatek/mt7986/config-5.4

@@ -248,6 +248,11 @@
 CONFIG_ILLEGAL_POINTER_VALUE=0xdead000000000000
 CONFIG_INITRAMFS_SOURCE=""
 CONFIG_IO_URING=y
+CONFIG_IP_NF_FILTER=m
+CONFIG_IP_NF_IPTABLES=m
+CONFIG_IP_NF_MANGLE=m
+CONFIG_IP_NF_NAT=m
+CONFIG_IP_NF_TARGET_MASQUERADE=m
 CONFIG_IRQCHIP=y
 CONFIG_IRQ_DOMAIN=y
 CONFIG_IRQ_DOMAIN_HIERARCHY=y
@@ -304,6 +309,7 @@
 CONFIG_MUTEX_SPIN_ON_OWNER=y
 CONFIG_NEED_DMA_MAP_STATE=y
 CONFIG_NEED_SG_DMA_LENGTH=y
+CONFIG_NETFILTER=y
 CONFIG_NET_DEVLINK=y
 CONFIG_NET_DSA=y
 CONFIG_NET_DSA_MT7530=y
@@ -312,6 +318,9 @@
 CONFIG_NET_MEDIATEK_SOC=y
 CONFIG_NET_SWITCHDEV=y
 CONFIG_NET_VENDOR_MEDIATEK=y
+CONFIG_NF_CONNTRACK=y
+CONFIG_NF_CONNTRACK_IPV4=m
+CONFIG_NF_CONNTRACK_IPV6=m
 CONFIG_NLS=y
 CONFIG_NMBM=y
 # CONFIG_NMBM_LOG_LEVEL_DEBUG is not set

diff --git a/target/linux/mediatek/patches-5.4/1001-mtkhnat-ipv6-fix-pskb-expand-head-limitation.patch b/target/linux/mediatek/patches-5.4/1001-mtkhnat-ipv6-fix-pskb-expand-head-limitation.patch
new file mode 100644
index 0000000..72719c8
--- /dev/null
+++ b/target/linux/mediatek/patches-5.4/1001-mtkhnat-ipv6-fix-pskb-expand-head-limitation.patch

@@ -0,0 +1,22 @@
+diff --git a/net/core/skbuff.c b/net/core/skbuff.c
+index 5ba1c72f..f4239459 100644
+--- a/net/core/skbuff.c
++++ b/net/core/skbuff.c
+@@ -69,6 +69,7 @@
+ #include <net/ip6_checksum.h>
+ #include <net/xfrm.h>
+ #include <net/mpls.h>
++#include <net/ra_nat.h>
+ 
+ #include <linux/uaccess.h>
+ #include <trace/events/skb.h>
+@@ -1666,6 +1667,9 @@ int pskb_expand_head(struct sk_buff *skb, int nhead, int ntail,
+ 	       skb_shinfo(skb),
+ 	       offsetof(struct skb_shared_info, frags[skb_shinfo(skb)->nr_frags]));
+ 
++	/*headroom copy*/
++	memcpy(data, skb->head, FOE_INFO_LEN);
++
+ 	/*
+ 	 * if shinfo is shared we must drop the old head gracefully, but if it
+ 	 * is not we can just drop the old head and let the existing refcount