diff options
author | Timo Teräs <timo.teras@iki.fi> | 2015-02-09 09:43:49 +0000 |
---|---|---|
committer | Timo Teräs <timo.teras@iki.fi> | 2015-02-09 09:43:49 +0000 |
commit | 99359ed67be6571c9ec8400dc5723bb244ab9928 (patch) | |
tree | 2e55ad23faa9e7063f2c69d245fca6f0c27b34c8 | |
parent | 791f57c188c7b24928433e6ea0104de0273c8a1e (diff) | |
download | aports-99359ed67be6571c9ec8400dc5723bb244ab9928.tar.bz2 aports-99359ed67be6571c9ec8400dc5723bb244ab9928.tar.xz |
main/linux-grsec: upgrade to 3.14.32
-rw-r--r-- | main/linux-grsec/APKBUILD | 16 | ||||
-rw-r--r-- | main/linux-grsec/grsecurity-3.0-3.14.32-201502062101.patch (renamed from main/linux-grsec/grsecurity-3.0-3.14.31-201502021853.patch) | 344 |
2 files changed, 320 insertions, 40 deletions
diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD index 10cc5636c0..80f993d7db 100644 --- a/main/linux-grsec/APKBUILD +++ b/main/linux-grsec/APKBUILD @@ -2,7 +2,7 @@ _flavor=grsec pkgname=linux-${_flavor} -pkgver=3.14.31 +pkgver=3.14.32 case $pkgver in *.*.*) _kernver=${pkgver%.*};; *.*) _kernver=${pkgver};; @@ -17,7 +17,7 @@ _config=${config:-kernelconfig.${CARCH}} install= source="http://ftp.kernel.org/pub/linux/kernel/v3.x/linux-$_kernver.tar.xz http://ftp.kernel.org/pub/linux/kernel/v3.x/patch-$pkgver.xz - grsecurity-3.0-3.14.31-201502021853.patch + grsecurity-3.0-3.14.32-201502062101.patch fix-memory-map-for-PIE-applications.patch imx6q-no-unclocked-sleep.patch @@ -165,24 +165,24 @@ dev() { } md5sums="b621207b3f6ecbb67db18b13258f8ea8 linux-3.14.tar.xz -be2e0f3f1ebc124940571ca6130dc478 patch-3.14.31.xz -228c15c924d4a1d9091a41bf9919ce36 grsecurity-3.0-3.14.31-201502021853.patch +64519f60de7b12ef5bf2df4d323cee9c patch-3.14.32.xz +c2ba768d23f52cb8ee025ad92bd0375a grsecurity-3.0-3.14.32-201502062101.patch c6a4ae7e8ca6159e1631545515805216 fix-memory-map-for-PIE-applications.patch 1a307fc1d63231bf01d22493a4f14378 imx6q-no-unclocked-sleep.patch 870b91f0eb07294ba453ac61b052c0b6 kernelconfig.x86 38b50cd1a7670f886c5e9fe9f1f91496 kernelconfig.x86_64 6709c83fbbd38d40f31d39f0022d4ce9 kernelconfig.armhf" sha256sums="61558aa490855f42b6340d1a1596be47454909629327c49a5e4e10268065dffa linux-3.14.tar.xz -4eb7743905bad80c8502d88913cfb5424c1772dbe44af30da97ed4198b12e4a1 patch-3.14.31.xz -8584450f656fe28e621eac2946f0f9cf20250a6a5c8a228f3e51989a449bd90a grsecurity-3.0-3.14.31-201502021853.patch +601ea355f71435b19421d7eabd7b92b2bb25bf5598f419ac548f46e416e162e9 patch-3.14.32.xz +528dfd709203fb6ec09c2cf1ce79f3c29f5f2d4f5580cae1c20f663e4d1fd1e2 grsecurity-3.0-3.14.32-201502062101.patch 500f3577310be52e87b9fecdc2e9c4ca43210fd97d69089f9005d484563f74c7 fix-memory-map-for-PIE-applications.patch 21179fbb22a5b74af0a609350ae1a170e232908572b201d02e791d2ce0a685d3 imx6q-no-unclocked-sleep.patch bf953a65ba047b5316509da5bc7a6dbcee12767e343d26e8360369d27bfdbe78 kernelconfig.x86 d555a01f2b464e20cfa71c67ea6d571f80c707c5a3fea33879de09b085e2d7b6 kernelconfig.x86_64 01a6c90cf0643f8727d120aede2267ca7303c4ebe548c5d19222d4387ceb98cc kernelconfig.armhf" sha512sums="5730d83a7a81134c1e77c0bf89e42dee4f8251ad56c1ac2be20c59e26fdfaa7bea55f277e7af156b637f22e1584914a46089af85039177cb43485089c74ac26e linux-3.14.tar.xz -93db5af7a604ebc5012efa7864fb2583db8ff0ca985e0f4194d688808ced3c666ff5271a6a19cf1de8102834bd512370d613bd7d33e186c16069220cf54c16ad patch-3.14.31.xz -2cdd0a767e01b8ed05cae5409a956aae82cf16fde662552e5c77a13a106ad00b94cbae50a746b7da0d4b20ed4b2d918f4c0cd57f1740393afc45d47ac1f83755 grsecurity-3.0-3.14.31-201502021853.patch +b5105f88d982fef656cae9e232457e24a49efc59717ff3511a0d08544beae88644a2a03644361f2f56e5d5e9dcdb8de51da12d8c3ccb8c4e2712abc391d608b9 patch-3.14.32.xz +9a34575ae4a827bbd201eb679dc3554ac391ebf3c6cc1aadd2e40598d55396bee80df36a1739cb676689e35153ca0822e3f7cab5123ef8b19a8a1671f00fe134 grsecurity-3.0-3.14.32-201502062101.patch 4665c56ae1bbac311f9205d64918e84ee8b01d47d6e2396ff6b8adfb10aada7f7254531ce62e31edbb65c2a54a830f09ad05d314dfcd75d6272f4068945ad7c7 fix-memory-map-for-PIE-applications.patch 87d1ad59732f265a5b0db54490dc1762c14ea4b868e7eb1aedc3ce57b48046de7bbc08cf5cfcf6f1380fa84063b0edb16ba3d5e3c5670be9bbb229275c88b221 imx6q-no-unclocked-sleep.patch dde402be39f68955f9395f807631f1457e90cda76a80e0e198695c8f946cdba02a00fe12a59a77bf5e8b40f5ecb52efbe364449f3e58d8996f27e07b719ac6a4 kernelconfig.x86 diff --git a/main/linux-grsec/grsecurity-3.0-3.14.31-201502021853.patch b/main/linux-grsec/grsecurity-3.0-3.14.32-201502062101.patch index 7d0e977e50..65a470aea6 100644 --- a/main/linux-grsec/grsecurity-3.0-3.14.31-201502021853.patch +++ b/main/linux-grsec/grsecurity-3.0-3.14.32-201502062101.patch @@ -292,7 +292,7 @@ index 5d91ba1..935a4e7 100644 pcd. [PARIDE] diff --git a/Makefile b/Makefile -index 5abf670..9b24a3b 100644 +index 00fffa3..1dc26b3 100644 --- a/Makefile +++ b/Makefile @@ -244,8 +244,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ @@ -3896,7 +3896,7 @@ index 7abde2c..9df495f 100644 static bool of_init = false; diff --git a/arch/arm/mm/context.c b/arch/arm/mm/context.c -index 6eb97b3..ac509f6 100644 +index 6eb97b3..e77848e 100644 --- a/arch/arm/mm/context.c +++ b/arch/arm/mm/context.c @@ -43,7 +43,7 @@ @@ -3908,7 +3908,40 @@ index 6eb97b3..ac509f6 100644 static DECLARE_BITMAP(asid_map, NUM_USER_ASIDS); static DEFINE_PER_CPU(atomic64_t, active_asids); -@@ -182,7 +182,7 @@ static u64 new_context(struct mm_struct *mm, unsigned int cpu) +@@ -144,21 +144,17 @@ static void flush_context(unsigned int cpu) + /* Update the list of reserved ASIDs and the ASID bitmap. */ + bitmap_clear(asid_map, 0, NUM_USER_ASIDS); + for_each_possible_cpu(i) { +- if (i == cpu) { +- asid = 0; +- } else { +- asid = atomic64_xchg(&per_cpu(active_asids, i), 0); +- /* +- * If this CPU has already been through a +- * rollover, but hasn't run another task in +- * the meantime, we must preserve its reserved +- * ASID, as this is the only trace we have of +- * the process it is still running. +- */ +- if (asid == 0) +- asid = per_cpu(reserved_asids, i); +- __set_bit(asid & ~ASID_MASK, asid_map); +- } ++ asid = atomic64_xchg(&per_cpu(active_asids, i), 0); ++ /* ++ * If this CPU has already been through a ++ * rollover, but hasn't run another task in ++ * the meantime, we must preserve its reserved ++ * ASID, as this is the only trace we have of ++ * the process it is still running. ++ */ ++ if (asid == 0) ++ asid = per_cpu(reserved_asids, i); ++ __set_bit(asid & ~ASID_MASK, asid_map); + per_cpu(reserved_asids, i) = asid; + } + +@@ -182,7 +178,7 @@ static u64 new_context(struct mm_struct *mm, unsigned int cpu) { static u32 cur_idx = 1; u64 asid = atomic64_read(&mm->context.id); @@ -3917,7 +3950,7 @@ index 6eb97b3..ac509f6 100644 if (asid != 0 && is_reserved_asid(asid)) { /* -@@ -203,7 +203,7 @@ static u64 new_context(struct mm_struct *mm, unsigned int cpu) +@@ -203,7 +199,7 @@ static u64 new_context(struct mm_struct *mm, unsigned int cpu) */ asid = find_next_zero_bit(asid_map, NUM_USER_ASIDS, cur_idx); if (asid == NUM_USER_ASIDS) { @@ -3926,7 +3959,7 @@ index 6eb97b3..ac509f6 100644 &asid_generation); flush_context(cpu); asid = find_next_zero_bit(asid_map, NUM_USER_ASIDS, 1); -@@ -234,14 +234,14 @@ void check_and_switch_context(struct mm_struct *mm, struct task_struct *tsk) +@@ -234,14 +230,14 @@ void check_and_switch_context(struct mm_struct *mm, struct task_struct *tsk) cpu_set_reserved_ttbr0(); asid = atomic64_read(&mm->context.id); @@ -12602,7 +12635,7 @@ index 50f8c5e..4f84fff 100644 return diff; } diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile -index b5bb498..74110e8 100644 +index 67e9f5c..2af15db 100644 --- a/arch/x86/boot/compressed/Makefile +++ b/arch/x86/boot/compressed/Makefile @@ -16,6 +16,9 @@ KBUILD_CFLAGS += $(cflags-y) @@ -22121,7 +22154,7 @@ index f2a1770..10fa52d 100644 +EXPORT_SYMBOL(pax_check_alloca); +#endif diff --git a/arch/x86/kernel/dumpstack_64.c b/arch/x86/kernel/dumpstack_64.c -index 66e274a..99080e6 100644 +index 66e274a..81f4ebf 100644 --- a/arch/x86/kernel/dumpstack_64.c +++ b/arch/x86/kernel/dumpstack_64.c @@ -118,9 +118,9 @@ void dump_trace(struct task_struct *task, struct pt_regs *regs, @@ -22185,7 +22218,13 @@ index 66e274a..99080e6 100644 put_cpu(); } EXPORT_SYMBOL(dump_trace); -@@ -299,3 +303,50 @@ int is_valid_bugaddr(unsigned long ip) +@@ -294,8 +298,55 @@ int is_valid_bugaddr(unsigned long ip) + { + unsigned short ud2; + +- if (__copy_from_user(&ud2, (const void __user *) ip, sizeof(ud2))) ++ if (probe_kernel_address((unsigned short *)ip, ud2)) + return 0; return ud2 == 0x0b0f; } @@ -44542,6 +44581,19 @@ index 4d9b195..455075c 100644 return -EFAULT; } else { memcpy(buf, dp, left); +diff --git a/drivers/isdn/hardware/eicon/message.c b/drivers/isdn/hardware/eicon/message.c +index a82e542..f766a79 100644 +--- a/drivers/isdn/hardware/eicon/message.c ++++ b/drivers/isdn/hardware/eicon/message.c +@@ -1474,7 +1474,7 @@ static byte connect_res(dword Id, word Number, DIVA_CAPI_ADAPTER *a, + add_ai(plci, &parms[5]); + sig_req(plci, REJECT, 0); + } +- else if (Reject == 1 || Reject > 9) ++ else if (Reject == 1 || Reject >= 9) + { + add_ai(plci, &parms[5]); + sig_req(plci, HANGUP, 0); diff --git a/drivers/isdn/i4l/isdn_common.c b/drivers/isdn/i4l/isdn_common.c index 9bb12ba..d4262f7 100644 --- a/drivers/isdn/i4l/isdn_common.c @@ -47957,6 +48009,19 @@ index 8be5b40..081bc1b 100644 #include "ftmac100.h" +diff --git a/drivers/net/ethernet/freescale/gianfar_ethtool.c b/drivers/net/ethernet/freescale/gianfar_ethtool.c +index 63d2344..65b62c47 100644 +--- a/drivers/net/ethernet/freescale/gianfar_ethtool.c ++++ b/drivers/net/ethernet/freescale/gianfar_ethtool.c +@@ -1614,7 +1614,7 @@ static int gfar_write_filer_table(struct gfar_private *priv, + lock_rx_qs(priv); + + /* Fill regular entries */ +- for (; i < MAX_FILER_IDX - 1 && (tab->fe[i].ctrl | tab->fe[i].ctrl); ++ for (; i < MAX_FILER_IDX - 1 && (tab->fe[i].ctrl | tab->fe[i].prop); + i++) + gfar_write_filer(priv, i, tab->fe[i].ctrl, tab->fe[i].prop); + /* Fill the rest with fall-troughs */ diff --git a/drivers/net/ethernet/intel/i40e/i40e_ptp.c b/drivers/net/ethernet/intel/i40e/i40e_ptp.c index e33ec6c..f54cfe7 100644 --- a/drivers/net/ethernet/intel/i40e/i40e_ptp.c @@ -50509,10 +50574,10 @@ index 84419af..268ede8 100644 &dev_attr_energy_uj.attr; } diff --git a/drivers/regulator/core.c b/drivers/regulator/core.c -index afca1bc..86840b8 100644 +index b798404..cd11618 100644 --- a/drivers/regulator/core.c +++ b/drivers/regulator/core.c -@@ -3366,7 +3366,7 @@ regulator_register(const struct regulator_desc *regulator_desc, +@@ -3368,7 +3368,7 @@ regulator_register(const struct regulator_desc *regulator_desc, { const struct regulation_constraints *constraints = NULL; const struct regulator_init_data *init_data; @@ -50521,7 +50586,7 @@ index afca1bc..86840b8 100644 struct regulator_dev *rdev; struct device *dev; int ret, i; -@@ -3436,7 +3436,7 @@ regulator_register(const struct regulator_desc *regulator_desc, +@@ -3438,7 +3438,7 @@ regulator_register(const struct regulator_desc *regulator_desc, rdev->dev.of_node = config->of_node; rdev->dev.parent = dev; dev_set_name(&rdev->dev, "regulator.%d", @@ -52558,7 +52623,7 @@ index 24884ca..26c8220 100644 login->tgt_agt = sbp_target_agent_register(login); if (IS_ERR(login->tgt_agt)) { diff --git a/drivers/target/target_core_device.c b/drivers/target/target_core_device.c -index 38b4be2..c68af1c 100644 +index 26ae688..ca12181 100644 --- a/drivers/target/target_core_device.c +++ b/drivers/target/target_core_device.c @@ -1526,7 +1526,7 @@ struct se_device *target_alloc_device(struct se_hba *hba, const char *name) @@ -59791,7 +59856,7 @@ index 10a4ccb..92dbc5e 100644 sb->s_bdi = &fsc->backing_dev_info; return err; diff --git a/fs/cifs/cifs_debug.c b/fs/cifs/cifs_debug.c -index f3ac415..3d2420c 100644 +index f3ac415..e26bd76 100644 --- a/fs/cifs/cifs_debug.c +++ b/fs/cifs/cifs_debug.c @@ -286,8 +286,8 @@ static ssize_t cifs_stats_proc_write(struct file *file, @@ -59834,6 +59899,20 @@ index f3ac415..3d2420c 100644 if (server->ops->print_stats) server->ops->print_stats(m, tcon); } +@@ -615,9 +615,11 @@ cifs_security_flags_handle_must_flags(unsigned int *flags) + *flags = CIFSSEC_MUST_NTLMV2; + else if ((*flags & CIFSSEC_MUST_NTLM) == CIFSSEC_MUST_NTLM) + *flags = CIFSSEC_MUST_NTLM; +- else if ((*flags & CIFSSEC_MUST_LANMAN) == CIFSSEC_MUST_LANMAN) ++ else if (CIFSSEC_MUST_LANMAN && ++ (*flags & CIFSSEC_MUST_LANMAN) == CIFSSEC_MUST_LANMAN) + *flags = CIFSSEC_MUST_LANMAN; +- else if ((*flags & CIFSSEC_MUST_PLNTXT) == CIFSSEC_MUST_PLNTXT) ++ else if (CIFSSEC_MUST_PLNTXT && ++ (*flags & CIFSSEC_MUST_PLNTXT) == CIFSSEC_MUST_PLNTXT) + *flags = CIFSSEC_MUST_PLNTXT; + + *flags |= signflags; diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c index 7c6b73c..a8f0db2 100644 --- a/fs/cifs/cifsfs.c @@ -59952,10 +60031,37 @@ index 5d12d69..161d0ce 100644 GLOBAL_EXTERN atomic_t smBufAllocCount; GLOBAL_EXTERN atomic_t midCount; diff --git a/fs/cifs/file.c b/fs/cifs/file.c -index d375322..88c3ead 100644 +index d375322..2f1ac75 100644 --- a/fs/cifs/file.c +++ b/fs/cifs/file.c -@@ -1900,10 +1900,14 @@ static int cifs_writepages(struct address_space *mapping, +@@ -366,6 +366,7 @@ void cifsFileInfo_put(struct cifsFileInfo *cifs_file) + struct cifsLockInfo *li, *tmp; + struct cifs_fid fid; + struct cifs_pending_open open; ++ bool oplock_break_cancelled; + + spin_lock(&cifs_file_list_lock); + if (--cifs_file->count > 0) { +@@ -397,7 +398,7 @@ void cifsFileInfo_put(struct cifsFileInfo *cifs_file) + } + spin_unlock(&cifs_file_list_lock); + +- cancel_work_sync(&cifs_file->oplock_break); ++ oplock_break_cancelled = cancel_work_sync(&cifs_file->oplock_break); + + if (!tcon->need_reconnect && !cifs_file->invalidHandle) { + struct TCP_Server_Info *server = tcon->ses->server; +@@ -409,6 +410,9 @@ void cifsFileInfo_put(struct cifsFileInfo *cifs_file) + _free_xid(xid); + } + ++ if (oplock_break_cancelled) ++ cifs_done_oplock_break(cifsi); ++ + cifs_del_pending_open(&open); + + /* +@@ -1900,10 +1904,14 @@ static int cifs_writepages(struct address_space *mapping, index = mapping->writeback_index; /* Start from prev offset */ end = -1; } else { @@ -60239,6 +60345,19 @@ index 3487929..47a6ebf2 100644 } req->FileIndex = cpu_to_le32(index); +diff --git a/fs/cifs/smbencrypt.c b/fs/cifs/smbencrypt.c +index 43eb136..f17e718 100644 +--- a/fs/cifs/smbencrypt.c ++++ b/fs/cifs/smbencrypt.c +@@ -220,7 +220,7 @@ E_md4hash(const unsigned char *passwd, unsigned char *p16, + } + + rc = mdfour(p16, (unsigned char *) wpwd, len * sizeof(__le16)); +- memset(wpwd, 0, 129 * sizeof(__le16)); ++ memzero_explicit(wpwd, sizeof(wpwd)); + + return rc; + } diff --git a/fs/coda/cache.c b/fs/coda/cache.c index 1da168c..8bc7ff6 100644 --- a/fs/coda/cache.c @@ -95086,10 +95205,10 @@ index c9b6f01..37781d9 100644 .thread_should_run = watchdog_should_run, .thread_fn = watchdog, diff --git a/kernel/workqueue.c b/kernel/workqueue.c -index b4defde..f092808 100644 +index f6f31d8..bbe30db 100644 --- a/kernel/workqueue.c +++ b/kernel/workqueue.c -@@ -4703,7 +4703,7 @@ static void rebind_workers(struct worker_pool *pool) +@@ -4687,7 +4687,7 @@ static void rebind_workers(struct worker_pool *pool) WARN_ON_ONCE(!(worker_flags & WORKER_UNBOUND)); worker_flags |= WORKER_REBOUND; worker_flags &= ~WORKER_UNBOUND; @@ -102032,7 +102151,7 @@ index a16ed7b..eb44d17 100644 return err; diff --git a/net/core/dev.c b/net/core/dev.c -index 86bb9cc..8814d50 100644 +index 86bb9cc..a4f25f3 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -1695,14 +1695,14 @@ int dev_forward_skb(struct net_device *dev, struct sk_buff *skb) @@ -102097,6 +102216,24 @@ index 86bb9cc..8814d50 100644 { struct softnet_data *sd = &__get_cpu_var(softnet_data); unsigned long time_limit = jiffies + 2; +@@ -5066,7 +5066,7 @@ void netdev_upper_dev_unlink(struct net_device *dev, + } + EXPORT_SYMBOL(netdev_upper_dev_unlink); + +-void netdev_adjacent_add_links(struct net_device *dev) ++static void netdev_adjacent_add_links(struct net_device *dev) + { + struct netdev_adjacent *iter; + +@@ -5091,7 +5091,7 @@ void netdev_adjacent_add_links(struct net_device *dev) + } + } + +-void netdev_adjacent_del_links(struct net_device *dev) ++static void netdev_adjacent_del_links(struct net_device *dev) + { + struct netdev_adjacent *iter; + @@ -6376,7 +6376,7 @@ struct rtnl_link_stats64 *dev_get_stats(struct net_device *dev, } else { netdev_stats_to_stats64(storage, &dev->stats); @@ -102106,6 +102243,15 @@ index 86bb9cc..8814d50 100644 return storage; } EXPORT_SYMBOL(dev_get_stats); +@@ -6392,7 +6392,7 @@ struct netdev_queue *dev_ingress_queue_create(struct net_device *dev) + if (!queue) + return NULL; + netdev_init_one_queue(dev, queue, NULL); +- queue->qdisc = &noop_qdisc; ++ RCU_INIT_POINTER(queue->qdisc, &noop_qdisc); + queue->qdisc_sleeping = &noop_qdisc; + rcu_assign_pointer(dev->ingress_queue, queue); + #endif diff --git a/net/core/dev_ioctl.c b/net/core/dev_ioctl.c index cf999e0..c59a9754 100644 --- a/net/core/dev_ioctl.c @@ -104265,7 +104411,7 @@ index e1a6393..f634ce5 100644 return -ENOMEM; } diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c -index 3f0ec06..5aad945 100644 +index 3f0ec06..230c2c5 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -170,7 +170,7 @@ static struct ipv6_devconf ipv6_devconf __read_mostly = { @@ -104338,7 +104484,29 @@ index 3f0ec06..5aad945 100644 for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) { idx = 0; head = &net->dev_index_head[h]; -@@ -4741,11 +4748,8 @@ static void __ipv6_ifa_notify(int event, struct inet6_ifaddr *ifp) +@@ -4512,6 +4519,21 @@ static int inet6_set_iftoken(struct inet6_dev *idev, struct in6_addr *token) + return 0; + } + ++static const struct nla_policy inet6_af_policy[IFLA_INET6_MAX + 1] = { ++ [IFLA_INET6_TOKEN] = { .len = sizeof(struct in6_addr) }, ++}; ++ ++static int inet6_validate_link_af(const struct net_device *dev, ++ const struct nlattr *nla) ++{ ++ struct nlattr *tb[IFLA_INET6_MAX + 1]; ++ ++ if (dev && !__in6_dev_get(dev)) ++ return -EAFNOSUPPORT; ++ ++ return nla_parse_nested(tb, IFLA_INET6_MAX, nla, inet6_af_policy); ++} ++ + static int inet6_set_link_af(struct net_device *dev, const struct nlattr *nla) + { + int err = -EINVAL; +@@ -4741,11 +4763,8 @@ static void __ipv6_ifa_notify(int event, struct inet6_ifaddr *ifp) rt = rt6_lookup(dev_net(dev), &ifp->peer_addr, NULL, dev->ifindex, 1); @@ -104352,7 +104520,7 @@ index 3f0ec06..5aad945 100644 } dst_hold(&ifp->rt->dst); -@@ -4753,7 +4757,7 @@ static void __ipv6_ifa_notify(int event, struct inet6_ifaddr *ifp) +@@ -4753,7 +4772,7 @@ static void __ipv6_ifa_notify(int event, struct inet6_ifaddr *ifp) dst_free(&ifp->rt->dst); break; } @@ -104361,7 +104529,7 @@ index 3f0ec06..5aad945 100644 rt_genid_bump_ipv6(net); } -@@ -4774,7 +4778,7 @@ int addrconf_sysctl_forward(struct ctl_table *ctl, int write, +@@ -4774,7 +4793,7 @@ int addrconf_sysctl_forward(struct ctl_table *ctl, int write, int *valp = ctl->data; int val = *valp; loff_t pos = *ppos; @@ -104370,7 +104538,7 @@ index 3f0ec06..5aad945 100644 int ret; /* -@@ -4859,7 +4863,7 @@ int addrconf_sysctl_disable(struct ctl_table *ctl, int write, +@@ -4859,7 +4878,7 @@ int addrconf_sysctl_disable(struct ctl_table *ctl, int write, int *valp = ctl->data; int val = *valp; loff_t pos = *ppos; @@ -104379,6 +104547,14 @@ index 3f0ec06..5aad945 100644 int ret; /* +@@ -5299,6 +5318,7 @@ static struct rtnl_af_ops inet6_ops = { + .family = AF_INET6, + .fill_link_af = inet6_fill_link_af, + .get_link_af_size = inet6_get_link_af_size, ++ .validate_link_af = inet6_validate_link_af, + .set_link_af = inet6_set_link_af, + }; + diff --git a/net/ipv6/af_inet6.c b/net/ipv6/af_inet6.c index d935889..2f64330 100644 --- a/net/ipv6/af_inet6.c @@ -104445,7 +104621,7 @@ index 7b32652..0bc348b 100644 table = kmemdup(ipv6_icmp_table_template, sizeof(ipv6_icmp_table_template), diff --git a/net/ipv6/ip6_gre.c b/net/ipv6/ip6_gre.c -index 4a230b1..a1d47b8 100644 +index 4a230b1..42d6ab42 100644 --- a/net/ipv6/ip6_gre.c +++ b/net/ipv6/ip6_gre.c @@ -71,7 +71,7 @@ struct ip6gre_net { @@ -104457,6 +104633,24 @@ index 4a230b1..a1d47b8 100644 static int ip6gre_tunnel_init(struct net_device *dev); static void ip6gre_tunnel_setup(struct net_device *dev); static void ip6gre_tunnel_link(struct ip6gre_net *ign, struct ip6_tnl *t); +@@ -413,7 +413,7 @@ static void ip6gre_err(struct sk_buff *skb, struct inet6_skb_parm *opt, + if (code == ICMPV6_HDR_FIELD) + teli = ip6_tnl_parse_tlv_enc_lim(skb, skb->data); + +- if (teli && teli == info - 2) { ++ if (teli && teli == be32_to_cpu(info) - 2) { + tel = (struct ipv6_tlv_tnl_enc_lim *) &skb->data[teli]; + if (tel->encap_limit == 0) { + net_warn_ratelimited("%s: Too small encapsulation limit or routing loop in tunnel!\n", +@@ -425,7 +425,7 @@ static void ip6gre_err(struct sk_buff *skb, struct inet6_skb_parm *opt, + } + break; + case ICMPV6_PKT_TOOBIG: +- mtu = info - offset; ++ mtu = be32_to_cpu(info) - offset; + if (mtu < IPV6_MIN_MTU) + mtu = IPV6_MIN_MTU; + t->dev->mtu = mtu; @@ -1290,7 +1290,7 @@ static void ip6gre_fb_tunnel_init(struct net_device *dev) } @@ -105938,7 +106132,7 @@ index f042ae5..30ea486 100644 } EXPORT_SYMBOL(nf_unregister_sockopt); diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c -index c68e5e0..8d52d50 100644 +index c68e5e0..3bed3f0 100644 --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c @@ -152,8 +152,8 @@ nf_tables_chain_type_lookup(const struct nft_af_info *afi, @@ -105952,6 +106146,18 @@ index c68e5e0..8d52d50 100644 nfnl_lock(NFNL_SUBSYS_NFTABLES); type = __nf_tables_chain_type_lookup(afi->family, nla); if (type != NULL) +@@ -789,9 +789,11 @@ nf_tables_counters(struct nft_base_chain *chain, const struct nlattr *attr) + /* Restore old counters on this cpu, no problem. Per-cpu statistics + * are not exposed to userspace. + */ ++ preempt_disable(); + stats = this_cpu_ptr(newstats); + stats->bytes = be64_to_cpu(nla_get_be64(tb[NFTA_COUNTER_BYTES])); + stats->pkts = be64_to_cpu(nla_get_be64(tb[NFTA_COUNTER_PACKETS])); ++ preempt_enable(); + + if (chain->stats) { + /* nfnl_lock is held, add some nfnl function for this, later */ diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c index 6ff12a1..d1815b6 100644 --- a/net/netfilter/nfnetlink_log.c @@ -106462,6 +106668,27 @@ index a82fb66..1ea9251 100644 continue; } list_del_init(&rm->m_conn_item); +diff --git a/net/rds/sysctl.c b/net/rds/sysctl.c +index b5cb2aa..35773ad 100644 +--- a/net/rds/sysctl.c ++++ b/net/rds/sysctl.c +@@ -71,14 +71,14 @@ static struct ctl_table rds_sysctl_rds_table[] = { + { + .procname = "max_unacked_packets", + .data = &rds_sysctl_max_unacked_packets, +- .maxlen = sizeof(unsigned long), ++ .maxlen = sizeof(int), + .mode = 0644, + .proc_handler = proc_dointvec, + }, + { + .procname = "max_unacked_bytes", + .data = &rds_sysctl_max_unacked_bytes, +- .maxlen = sizeof(unsigned long), ++ .maxlen = sizeof(int), + .mode = 0644, + .proc_handler = proc_dointvec, + }, diff --git a/net/rds/tcp.c b/net/rds/tcp.c index edac9ef..16bcb98 100644 --- a/net/rds/tcp.c @@ -106748,6 +106975,31 @@ index f226709..0e735a8 100644 _proto("Tx RESPONSE %%%u", ntohl(hdr->serial)); ret = kernel_sendmsg(conn->trans->local->socket, &msg, iov, 3, len); +diff --git a/net/sched/cls_api.c b/net/sched/cls_api.c +index bdbdb1a..1afc85f 100644 +--- a/net/sched/cls_api.c ++++ b/net/sched/cls_api.c +@@ -555,8 +555,9 @@ void tcf_exts_change(struct tcf_proto *tp, struct tcf_exts *dst, + } + EXPORT_SYMBOL(tcf_exts_change); + +-#define tcf_exts_first_act(ext) \ +- list_first_entry(&(exts)->actions, struct tc_action, list) ++#define tcf_exts_first_act(ext) \ ++ list_first_entry_or_null(&(exts)->actions, \ ++ struct tc_action, list) + + int tcf_exts_dump(struct sk_buff *skb, struct tcf_exts *exts) + { +@@ -597,7 +598,7 @@ int tcf_exts_dump_stats(struct sk_buff *skb, struct tcf_exts *exts) + { + #ifdef CONFIG_NET_CLS_ACT + struct tc_action *a = tcf_exts_first_act(exts); +- if (tcf_action_copy_stats(skb, a, 1) < 0) ++ if (a != NULL && tcf_action_copy_stats(skb, a, 1) < 0) + return -1; + #endif + return 0; diff --git a/net/sched/cls_bpf.c b/net/sched/cls_bpf.c index 8e3cf49..4a8e322 100644 --- a/net/sched/cls_bpf.c @@ -106888,10 +107140,38 @@ index fef2acd..c705c4f 100644 sctp_generate_t1_cookie_event, sctp_generate_t1_init_event, diff --git a/net/sctp/socket.c b/net/sctp/socket.c -index 604a6ac..f87f0a3 100644 +index 604a6ac..990354d 100644 --- a/net/sctp/socket.c +++ b/net/sctp/socket.c -@@ -2175,11 +2175,13 @@ static int sctp_setsockopt_events(struct sock *sk, char __user *optval, +@@ -1605,6 +1605,7 @@ static int sctp_sendmsg(struct kiocb *iocb, struct sock *sk, + sctp_scope_t scope; + long timeo; + __u16 sinfo_flags = 0; ++ bool wait_connect = false; + struct sctp_datamsg *datamsg; + int msg_flags = msg->msg_flags; + +@@ -1924,6 +1925,7 @@ static int sctp_sendmsg(struct kiocb *iocb, struct sock *sk, + if (err < 0) + goto out_free; + ++ wait_connect = true; + pr_debug("%s: we associated primitively\n", __func__); + } + +@@ -1961,6 +1963,11 @@ static int sctp_sendmsg(struct kiocb *iocb, struct sock *sk, + sctp_datamsg_put(datamsg); + err = msg_len; + ++ if (unlikely(wait_connect)) { ++ timeo = sock_sndtimeo(sk, msg_flags & MSG_DONTWAIT); ++ sctp_wait_for_connect(asoc, &timeo); ++ } ++ + /* If we are already past ASSOCIATE, the lower + * layers are responsible for association cleanup. + */ +@@ -2175,11 +2182,13 @@ static int sctp_setsockopt_events(struct sock *sk, char __user *optval, { struct sctp_association *asoc; struct sctp_ulpevent *event; @@ -106906,7 +107186,7 @@ index 604a6ac..f87f0a3 100644 /* * At the time when a user app subscribes to SCTP_SENDER_DRY_EVENT, -@@ -4259,13 +4261,16 @@ static int sctp_getsockopt_disable_fragments(struct sock *sk, int len, +@@ -4259,13 +4268,16 @@ static int sctp_getsockopt_disable_fragments(struct sock *sk, int len, static int sctp_getsockopt_events(struct sock *sk, int len, char __user *optval, int __user *optlen) { @@ -106924,7 +107204,7 @@ index 604a6ac..f87f0a3 100644 return -EFAULT; return 0; } -@@ -4283,6 +4288,8 @@ static int sctp_getsockopt_events(struct sock *sk, int len, char __user *optval, +@@ -4283,6 +4295,8 @@ static int sctp_getsockopt_events(struct sock *sk, int len, char __user *optval, */ static int sctp_getsockopt_autoclose(struct sock *sk, int len, char __user *optval, int __user *optlen) { @@ -106933,7 +107213,7 @@ index 604a6ac..f87f0a3 100644 /* Applicable to UDP-style socket only */ if (sctp_style(sk, TCP)) return -EOPNOTSUPP; -@@ -4291,7 +4298,8 @@ static int sctp_getsockopt_autoclose(struct sock *sk, int len, char __user *optv +@@ -4291,7 +4305,8 @@ static int sctp_getsockopt_autoclose(struct sock *sk, int len, char __user *optv len = sizeof(int); if (put_user(len, optlen)) return -EFAULT; @@ -106943,7 +107223,7 @@ index 604a6ac..f87f0a3 100644 return -EFAULT; return 0; } -@@ -4666,12 +4674,15 @@ static int sctp_getsockopt_delayed_ack(struct sock *sk, int len, +@@ -4666,12 +4681,15 @@ static int sctp_getsockopt_delayed_ack(struct sock *sk, int len, */ static int sctp_getsockopt_initmsg(struct sock *sk, int len, char __user *optval, int __user *optlen) { @@ -106960,7 +107240,7 @@ index 604a6ac..f87f0a3 100644 return -EFAULT; return 0; } -@@ -4712,6 +4723,8 @@ static int sctp_getsockopt_peer_addrs(struct sock *sk, int len, +@@ -4712,6 +4730,8 @@ static int sctp_getsockopt_peer_addrs(struct sock *sk, int len, addrlen = sctp_get_af_specific(temp.sa.sa_family)->sockaddr_len; if (space_left < addrlen) return -ENOMEM; |