From: Greg Kroah-Hartman Date: Wed, 18 Dec 2013 19:10:33 +0000 (-0800) Subject: 3.12-stable patches X-Git-Tag: v3.4.75~31 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=97b2f0a60cea2a620b8852de69da8c7f4ba8cb2e;p=thirdparty%2Fkernel%2Fstable-queue.git 3.12-stable patches added patches: ath9k-fix-duration-calculation-for-non-aggregated-packets.patch ath9k-fix-quickdrop-usage.patch ath9k-fix-xlna-bias-strength.patch cfg80211-disable-5-10-mhz-support-for-all-drivers.patch mac80211-fix-scheduled-scan-rtnl-deadlock.patch revert-mac80211-allow-disable-power-save-in-mesh.patch selinux-handle-tcp-syn-ack-packets-correctly-in-selinux_ip_output.patch selinux-handle-tcp-syn-ack-packets-correctly-in-selinux_ip_postroute.patch --- diff --git a/queue-3.12/ath9k-fix-duration-calculation-for-non-aggregated-packets.patch b/queue-3.12/ath9k-fix-duration-calculation-for-non-aggregated-packets.patch new file mode 100644 index 00000000000..01ee7dd242a --- /dev/null +++ b/queue-3.12/ath9k-fix-duration-calculation-for-non-aggregated-packets.patch @@ -0,0 +1,40 @@ +From bbf807bc0697e577c137a5fffb30fca7c6a45da1 Mon Sep 17 00:00:00 2001 +From: Felix Fietkau +Date: Thu, 5 Dec 2013 15:20:53 +0100 +Subject: ath9k: fix duration calculation for non-aggregated packets + +From: Felix Fietkau + +commit bbf807bc0697e577c137a5fffb30fca7c6a45da1 upstream. + +When not aggregating packets, fi->framelen should be passed in as length +to calculate the duration. Before the tx path rework, ath_tx_fill_desc +was called for either one aggregate, or one single frame, with the +length of the packet or the aggregate as a parameter. +After the rework, ath_tx_sched_aggr can pass a burst of single frames to +ath_tx_fill_desc and sets len=0. +Fix broken duration calculation by overriding the length in ath_tx_fill_desc +before passing it to ath_buf_set_rate. + +Reported-by: Simon Wunderlich +Signed-off-by: Felix Fietkau +Signed-off-by: John W. Linville +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/net/wireless/ath/ath9k/xmit.c | 4 ++++ + 1 file changed, 4 insertions(+) + +--- a/drivers/net/wireless/ath/ath9k/xmit.c ++++ b/drivers/net/wireless/ath/ath9k/xmit.c +@@ -1275,6 +1275,10 @@ static void ath_tx_fill_desc(struct ath_ + if (!rts_thresh || (len > rts_thresh)) + rts = true; + } ++ ++ if (!aggr) ++ len = fi->framelen; ++ + ath_buf_set_rate(sc, bf, &info, len, rts); + } + diff --git a/queue-3.12/ath9k-fix-quickdrop-usage.patch b/queue-3.12/ath9k-fix-quickdrop-usage.patch new file mode 100644 index 00000000000..f49b9e8ef40 --- /dev/null +++ b/queue-3.12/ath9k-fix-quickdrop-usage.patch @@ -0,0 +1,54 @@ +From 93c1cfbe598f72cfa7be49e4a7d2a1d482e15119 Mon Sep 17 00:00:00 2001 +From: Sujith Manoharan +Date: Tue, 26 Nov 2013 07:21:08 +0530 +Subject: ath9k: Fix QuickDrop usage + +From: Sujith Manoharan + +commit 93c1cfbe598f72cfa7be49e4a7d2a1d482e15119 upstream. + +Bit 5 in the miscConfiguration field of the base EEPROM +header denotes whether QuickDrop is enabled or not. Fix +the incorrect usage of BIT(1) and also make sure that +this is done only for the required chips. + +Signed-off-by: Sujith Manoharan +Signed-off-by: John W. Linville +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/net/wireless/ath/ath9k/ar9003_eeprom.c | 20 +++++++++++--------- + 1 file changed, 11 insertions(+), 9 deletions(-) + +--- a/drivers/net/wireless/ath/ath9k/ar9003_eeprom.c ++++ b/drivers/net/wireless/ath/ath9k/ar9003_eeprom.c +@@ -3966,18 +3966,20 @@ static void ar9003_hw_quick_drop_apply(s + int quick_drop; + s32 t[3], f[3] = {5180, 5500, 5785}; + +- if (!(pBase->miscConfiguration & BIT(1))) ++ if (!(pBase->miscConfiguration & BIT(4))) + return; + +- if (freq < 4000) +- quick_drop = eep->modalHeader2G.quick_drop; +- else { +- t[0] = eep->base_ext1.quick_drop_low; +- t[1] = eep->modalHeader5G.quick_drop; +- t[2] = eep->base_ext1.quick_drop_high; +- quick_drop = ar9003_hw_power_interpolate(freq, f, t, 3); ++ if (AR_SREV_9300(ah) || AR_SREV_9580(ah) || AR_SREV_9340(ah)) { ++ if (freq < 4000) { ++ quick_drop = eep->modalHeader2G.quick_drop; ++ } else { ++ t[0] = eep->base_ext1.quick_drop_low; ++ t[1] = eep->modalHeader5G.quick_drop; ++ t[2] = eep->base_ext1.quick_drop_high; ++ quick_drop = ar9003_hw_power_interpolate(freq, f, t, 3); ++ } ++ REG_RMW_FIELD(ah, AR_PHY_AGC, AR_PHY_AGC_QUICK_DROP, quick_drop); + } +- REG_RMW_FIELD(ah, AR_PHY_AGC, AR_PHY_AGC_QUICK_DROP, quick_drop); + } + + static void ar9003_hw_txend_to_xpa_off_apply(struct ath_hw *ah, bool is2ghz) diff --git a/queue-3.12/ath9k-fix-xlna-bias-strength.patch b/queue-3.12/ath9k-fix-xlna-bias-strength.patch new file mode 100644 index 00000000000..b232358be6b --- /dev/null +++ b/queue-3.12/ath9k-fix-xlna-bias-strength.patch @@ -0,0 +1,32 @@ +From a1783a7b0846fc6414483e6caf646db72023fffd Mon Sep 17 00:00:00 2001 +From: Sujith Manoharan +Date: Tue, 26 Nov 2013 07:21:39 +0530 +Subject: ath9k: Fix XLNA bias strength + +From: Sujith Manoharan + +commit a1783a7b0846fc6414483e6caf646db72023fffd upstream. + +The EEPROM parameter to determine whether the bias +strength values for XLNA have to be applied is part +of the miscConfiguration field and not featureEnable. + +Signed-off-by: Sujith Manoharan +Signed-off-by: John W. Linville +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/net/wireless/ath/ath9k/ar9003_eeprom.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/drivers/net/wireless/ath/ath9k/ar9003_eeprom.c ++++ b/drivers/net/wireless/ath/ath9k/ar9003_eeprom.c +@@ -4019,7 +4019,7 @@ static void ar9003_hw_xlna_bias_strength + struct ar9300_eeprom *eep = &ah->eeprom.ar9300_eep; + u8 bias; + +- if (!(eep->baseEepHeader.featureEnable & 0x40)) ++ if (!(eep->baseEepHeader.miscConfiguration & 0x40)) + return; + + if (!AR_SREV_9300(ah)) diff --git a/queue-3.12/cfg80211-disable-5-10-mhz-support-for-all-drivers.patch b/queue-3.12/cfg80211-disable-5-10-mhz-support-for-all-drivers.patch new file mode 100644 index 00000000000..ae71ce103a8 --- /dev/null +++ b/queue-3.12/cfg80211-disable-5-10-mhz-support-for-all-drivers.patch @@ -0,0 +1,36 @@ +From 9f16d84ad73ea04145a5dc85c8f1067915b37eea Mon Sep 17 00:00:00 2001 +From: Johannes Berg +Date: Sun, 17 Nov 2013 10:37:34 +0100 +Subject: cfg80211: disable 5/10 MHz support for all drivers + +From: Johannes Berg + +commit 9f16d84ad73ea04145a5dc85c8f1067915b37eea upstream. + +Due to nl80211 API breakage, 5/10 MHz support is broken for +all drivers. Fixing it requires adding new API, but that +can't be done as a bugfix commit since that would require +either updating all APIs in the trees needing the bugfix or +cause different kernels to have incompatible API. + +Therefore, just disable 5/10 MHz support for all drivers. + +Signed-off-by: Johannes Berg +Signed-off-by: Greg Kroah-Hartman + +--- + net/wireless/core.c | 3 +++ + 1 file changed, 3 insertions(+) + +--- a/net/wireless/core.c ++++ b/net/wireless/core.c +@@ -451,6 +451,9 @@ int wiphy_register(struct wiphy *wiphy) + int i; + u16 ifmodes = wiphy->interface_modes; + ++ /* support for 5/10 MHz is broken due to nl80211 API mess - disable */ ++ wiphy->flags &= ~WIPHY_FLAG_SUPPORTS_5_10_MHZ; ++ + #ifdef CONFIG_PM + if (WARN_ON(wiphy->wowlan && + (wiphy->wowlan->flags & WIPHY_WOWLAN_GTK_REKEY_FAILURE) && diff --git a/queue-3.12/mac80211-fix-scheduled-scan-rtnl-deadlock.patch b/queue-3.12/mac80211-fix-scheduled-scan-rtnl-deadlock.patch new file mode 100644 index 00000000000..34d8c4aa32c --- /dev/null +++ b/queue-3.12/mac80211-fix-scheduled-scan-rtnl-deadlock.patch @@ -0,0 +1,50 @@ +From 18db594a1005d908d995a2fc8f5a7bf4286fdca0 Mon Sep 17 00:00:00 2001 +From: Johannes Berg +Date: Wed, 6 Nov 2013 10:34:36 +0100 +Subject: mac80211: fix scheduled scan rtnl deadlock + +From: Johannes Berg + +commit 18db594a1005d908d995a2fc8f5a7bf4286fdca0 upstream. + +When changing cfg80211 to use RTNL locking, this caused a +deadlock in mac80211 as it calls cfg80211_sched_scan_stopped() +from a work item that's on a workqueue that is flushed with +the RTNL held. + +Fix this by simply using schedule_work(), the work only needs +to finish running before the wiphy is unregistered, no other +synchronisation (e.g. with suspend) is really required since +for suspend userspace is already blocked anyway when we flush +the workqueue so will only pick up the event after resume. + +Fixes: 5fe231e87372 ("cfg80211: vastly simplify locking") +Reported-and-tested-by: Eliad Peller +Signed-off-by: Johannes Berg +Signed-off-by: Greg Kroah-Hartman + +--- + net/mac80211/main.c | 1 + + net/mac80211/scan.c | 2 +- + 2 files changed, 2 insertions(+), 1 deletion(-) + +--- a/net/mac80211/main.c ++++ b/net/mac80211/main.c +@@ -1047,6 +1047,7 @@ void ieee80211_unregister_hw(struct ieee + + cancel_work_sync(&local->restart_work); + cancel_work_sync(&local->reconfig_filter); ++ flush_work(&local->sched_scan_stopped_work); + + ieee80211_clear_tx_pending(local); + rate_control_deinitialize(local); +--- a/net/mac80211/scan.c ++++ b/net/mac80211/scan.c +@@ -1089,6 +1089,6 @@ void ieee80211_sched_scan_stopped(struct + + trace_api_sched_scan_stopped(local); + +- ieee80211_queue_work(&local->hw, &local->sched_scan_stopped_work); ++ schedule_work(&local->sched_scan_stopped_work); + } + EXPORT_SYMBOL(ieee80211_sched_scan_stopped); diff --git a/queue-3.12/revert-mac80211-allow-disable-power-save-in-mesh.patch b/queue-3.12/revert-mac80211-allow-disable-power-save-in-mesh.patch new file mode 100644 index 00000000000..5e3bea6023c --- /dev/null +++ b/queue-3.12/revert-mac80211-allow-disable-power-save-in-mesh.patch @@ -0,0 +1,45 @@ +From 2d3db210860f1df099a35b1dd54cca35454e0361 Mon Sep 17 00:00:00 2001 +From: Bob Copeland +Date: Tue, 29 Oct 2013 18:11:59 -0400 +Subject: Revert "mac80211: allow disable power save in mesh" + +From: Bob Copeland + +commit 2d3db210860f1df099a35b1dd54cca35454e0361 upstream. + +This reverts commit ee1f668136b2fb6640ee2d54c2a525ea41f98211. + +The aformentioned commit added a check to allow +'iw wlan0 set power_save off' to work for mesh interfaces. + +However, this is problematic because it also allows +'iw wlan0 set power_save on', which will crash in short order +because all of the subsequent code manipulates sdata->u.mgd. + +The power-saving states for mesh interfaces can be manipulated +through the mesh config, e.g: +'iw wlan0 set mesh_param mesh_power_save=active' (which, +despite the name, actualy disables power saving since the +setting refers to the type of sleep the interface undergoes). + +Fixes: ee1f668136b2 ("mac80211: allow disable power save in mesh") +Signed-off-by: Bob Copeland +Signed-off-by: Johannes Berg +Signed-off-by: Greg Kroah-Hartman + +--- + net/mac80211/cfg.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +--- a/net/mac80211/cfg.c ++++ b/net/mac80211/cfg.c +@@ -2386,8 +2386,7 @@ static int ieee80211_set_power_mgmt(stru + struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev); + struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr); + +- if (sdata->vif.type != NL80211_IFTYPE_STATION && +- sdata->vif.type != NL80211_IFTYPE_MESH_POINT) ++ if (sdata->vif.type != NL80211_IFTYPE_STATION) + return -EOPNOTSUPP; + + if (!(local->hw.flags & IEEE80211_HW_SUPPORTS_PS)) diff --git a/queue-3.12/selinux-handle-tcp-syn-ack-packets-correctly-in-selinux_ip_output.patch b/queue-3.12/selinux-handle-tcp-syn-ack-packets-correctly-in-selinux_ip_output.patch new file mode 100644 index 00000000000..4347a8d4224 --- /dev/null +++ b/queue-3.12/selinux-handle-tcp-syn-ack-packets-correctly-in-selinux_ip_output.patch @@ -0,0 +1,83 @@ +From 47180068276a04ed31d24fe04c673138208b07a9 Mon Sep 17 00:00:00 2001 +From: Paul Moore +Date: Wed, 4 Dec 2013 16:10:45 -0500 +Subject: selinux: handle TCP SYN-ACK packets correctly in selinux_ip_output() + +From: Paul Moore + +commit 47180068276a04ed31d24fe04c673138208b07a9 upstream. + +In selinux_ip_output() we always label packets based on the parent +socket. While this approach works in almost all cases, it doesn't +work in the case of TCP SYN-ACK packets when the correct label is not +the label of the parent socket, but rather the label of the larval +socket represented by the request_sock struct. + +Unfortunately, since the request_sock isn't queued on the parent +socket until *after* the SYN-ACK packet is sent, we can't lookup the +request_sock to determine the correct label for the packet; at this +point in time the best we can do is simply pass/NF_ACCEPT the packet. +It must be said that simply passing the packet without any explicit +labeling action, while far from ideal, is not terrible as the SYN-ACK +packet will inherit any IP option based labeling from the initial +connection request so the label *should* be correct and all our +access controls remain in place so we shouldn't have to worry about +information leaks. + +Reported-by: Janak Desai +Tested-by: Janak Desai +Signed-off-by: Paul Moore +Signed-off-by: Greg Kroah-Hartman + +--- + security/selinux/hooks.c | 25 +++++++++++++++++++++++-- + 1 file changed, 23 insertions(+), 2 deletions(-) + +--- a/security/selinux/hooks.c ++++ b/security/selinux/hooks.c +@@ -53,6 +53,7 @@ + #include /* for local_port_range[] */ + #include + #include /* struct or_callable used in sock_rcv_skb */ ++#include + #include + #include + #include +@@ -4690,6 +4691,7 @@ static unsigned int selinux_ipv6_forward + static unsigned int selinux_ip_output(struct sk_buff *skb, + u16 family) + { ++ struct sock *sk; + u32 sid; + + if (!netlbl_enabled()) +@@ -4698,8 +4700,27 @@ static unsigned int selinux_ip_output(st + /* we do this in the LOCAL_OUT path and not the POST_ROUTING path + * because we want to make sure we apply the necessary labeling + * before IPsec is applied so we can leverage AH protection */ +- if (skb->sk) { +- struct sk_security_struct *sksec = skb->sk->sk_security; ++ sk = skb->sk; ++ if (sk) { ++ struct sk_security_struct *sksec; ++ ++ if (sk->sk_state == TCP_LISTEN) ++ /* if the socket is the listening state then this ++ * packet is a SYN-ACK packet which means it needs to ++ * be labeled based on the connection/request_sock and ++ * not the parent socket. unfortunately, we can't ++ * lookup the request_sock yet as it isn't queued on ++ * the parent socket until after the SYN-ACK is sent. ++ * the "solution" is to simply pass the packet as-is ++ * as any IP option based labeling should be copied ++ * from the initial connection request (in the IP ++ * layer). it is far from ideal, but until we get a ++ * security label in the packet itself this is the ++ * best we can do. */ ++ return NF_ACCEPT; ++ ++ /* standard practice, label using the parent socket */ ++ sksec = sk->sk_security; + sid = sksec->sid; + } else + sid = SECINITSID_KERNEL; diff --git a/queue-3.12/selinux-handle-tcp-syn-ack-packets-correctly-in-selinux_ip_postroute.patch b/queue-3.12/selinux-handle-tcp-syn-ack-packets-correctly-in-selinux_ip_postroute.patch new file mode 100644 index 00000000000..dfd5f2d1c95 --- /dev/null +++ b/queue-3.12/selinux-handle-tcp-syn-ack-packets-correctly-in-selinux_ip_postroute.patch @@ -0,0 +1,138 @@ +From 446b802437f285de68ffb8d6fac3c44c3cab5b04 Mon Sep 17 00:00:00 2001 +From: Paul Moore +Date: Wed, 4 Dec 2013 16:10:51 -0500 +Subject: selinux: handle TCP SYN-ACK packets correctly in selinux_ip_postroute() + +From: Paul Moore + +commit 446b802437f285de68ffb8d6fac3c44c3cab5b04 upstream. + +In selinux_ip_postroute() we perform access checks based on the +packet's security label. For locally generated traffic we get the +packet's security label from the associated socket; this works in all +cases except for TCP SYN-ACK packets. In the case of SYN-ACK packet's +the correct security label is stored in the connection's request_sock, +not the server's socket. Unfortunately, at the point in time when +selinux_ip_postroute() is called we can't query the request_sock +directly, we need to recreate the label using the same logic that +originally labeled the associated request_sock. + +See the inline comments for more explanation. + +Reported-by: Janak Desai +Tested-by: Janak Desai +Signed-off-by: Paul Moore +Signed-off-by: Greg Kroah-Hartman + +--- + security/selinux/hooks.c | 68 ++++++++++++++++++++++++++++++++++++----------- + 1 file changed, 53 insertions(+), 15 deletions(-) + +--- a/security/selinux/hooks.c ++++ b/security/selinux/hooks.c +@@ -3806,6 +3806,30 @@ static int selinux_skb_peerlbl_sid(struc + return 0; + } + ++/** ++ * selinux_conn_sid - Determine the child socket label for a connection ++ * @sk_sid: the parent socket's SID ++ * @skb_sid: the packet's SID ++ * @conn_sid: the resulting connection SID ++ * ++ * If @skb_sid is valid then the user:role:type information from @sk_sid is ++ * combined with the MLS information from @skb_sid in order to create ++ * @conn_sid. If @skb_sid is not valid then then @conn_sid is simply a copy ++ * of @sk_sid. Returns zero on success, negative values on failure. ++ * ++ */ ++static int selinux_conn_sid(u32 sk_sid, u32 skb_sid, u32 *conn_sid) ++{ ++ int err = 0; ++ ++ if (skb_sid != SECSID_NULL) ++ err = security_sid_mls_copy(sk_sid, skb_sid, conn_sid); ++ else ++ *conn_sid = sk_sid; ++ ++ return err; ++} ++ + /* socket security operations */ + + static int socket_sockcreate_sid(const struct task_security_struct *tsec, +@@ -4412,7 +4436,7 @@ static int selinux_inet_conn_request(str + struct sk_security_struct *sksec = sk->sk_security; + int err; + u16 family = sk->sk_family; +- u32 newsid; ++ u32 connsid; + u32 peersid; + + /* handle mapped IPv4 packets arriving via IPv6 sockets */ +@@ -4422,16 +4446,11 @@ static int selinux_inet_conn_request(str + err = selinux_skb_peerlbl_sid(skb, family, &peersid); + if (err) + return err; +- if (peersid == SECSID_NULL) { +- req->secid = sksec->sid; +- req->peer_secid = SECSID_NULL; +- } else { +- err = security_sid_mls_copy(sksec->sid, peersid, &newsid); +- if (err) +- return err; +- req->secid = newsid; +- req->peer_secid = peersid; +- } ++ err = selinux_conn_sid(sksec->sid, peersid, &connsid); ++ if (err) ++ return err; ++ req->secid = connsid; ++ req->peer_secid = peersid; + + return selinux_netlbl_inet_conn_request(req, family); + } +@@ -4805,12 +4824,12 @@ static unsigned int selinux_ip_postroute + if (!secmark_active && !peerlbl_active) + return NF_ACCEPT; + +- /* if the packet is being forwarded then get the peer label from the +- * packet itself; otherwise check to see if it is from a local +- * application or the kernel, if from an application get the peer label +- * from the sending socket, otherwise use the kernel's sid */ + sk = skb->sk; + if (sk == NULL) { ++ /* Without an associated socket the packet is either coming ++ * from the kernel or it is being forwarded; check the packet ++ * to determine which and if the packet is being forwarded ++ * query the packet directly to determine the security label. */ + if (skb->skb_iif) { + secmark_perm = PACKET__FORWARD_OUT; + if (selinux_skb_peerlbl_sid(skb, family, &peer_sid)) +@@ -4819,7 +4838,26 @@ static unsigned int selinux_ip_postroute + secmark_perm = PACKET__SEND; + peer_sid = SECINITSID_KERNEL; + } ++ } else if (sk->sk_state == TCP_LISTEN) { ++ /* Locally generated packet but the associated socket is in the ++ * listening state which means this is a SYN-ACK packet. In ++ * this particular case the correct security label is assigned ++ * to the connection/request_sock but unfortunately we can't ++ * query the request_sock as it isn't queued on the parent ++ * socket until after the SYN-ACK packet is sent; the only ++ * viable choice is to regenerate the label like we do in ++ * selinux_inet_conn_request(). See also selinux_ip_output() ++ * for similar problems. */ ++ u32 skb_sid; ++ struct sk_security_struct *sksec = sk->sk_security; ++ if (selinux_skb_peerlbl_sid(skb, family, &skb_sid)) ++ return NF_DROP; ++ if (selinux_conn_sid(sksec->sid, skb_sid, &peer_sid)) ++ return NF_DROP; ++ secmark_perm = PACKET__SEND; + } else { ++ /* Locally generated packet, fetch the security label from the ++ * associated socket. */ + struct sk_security_struct *sksec = sk->sk_security; + peer_sid = sksec->sid; + secmark_perm = PACKET__SEND; diff --git a/queue-3.12/series b/queue-3.12/series index ae980690c0d..df85d000dca 100644 --- a/queue-3.12/series +++ b/queue-3.12/series @@ -46,3 +46,11 @@ regulator-pfuze100-fix-address-of-fabid.patch partially-revert-mtd-nand-pxa3xx-introduce-marvell-armada370-nand-compatible-string.patch iommu-arm-smmu-use-mutex-instead-of-spinlock-for-locking-page-tables.patch drm-i915-fix-pipe-csc-post-offset-calculation.patch +ath9k-fix-quickdrop-usage.patch +ath9k-fix-xlna-bias-strength.patch +ath9k-fix-duration-calculation-for-non-aggregated-packets.patch +cfg80211-disable-5-10-mhz-support-for-all-drivers.patch +selinux-handle-tcp-syn-ack-packets-correctly-in-selinux_ip_output.patch +selinux-handle-tcp-syn-ack-packets-correctly-in-selinux_ip_postroute.patch +revert-mac80211-allow-disable-power-save-in-mesh.patch +mac80211-fix-scheduled-scan-rtnl-deadlock.patch