1 |
commit: b5c2b5b2947190cece9bf6218aa9dca795670288 |
2 |
Author: Mike Pagano <mpagano <AT> gentoo <DOT> org> |
3 |
AuthorDate: Wed Apr 29 13:35:22 2015 +0000 |
4 |
Commit: Mike Pagano <mpagano <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed Apr 29 13:35:22 2015 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=b5c2b5b2 |
7 |
|
8 |
Linux patch 4.0.1 |
9 |
|
10 |
0000_README | 4 + |
11 |
1000_linux-4.0.1.patch | 479 +++++++++++++++++++++++++++++++++++++++++++++++++ |
12 |
2 files changed, 483 insertions(+) |
13 |
|
14 |
diff --git a/0000_README b/0000_README |
15 |
index 0cdee6d..483ca42 100644 |
16 |
--- a/0000_README |
17 |
+++ b/0000_README |
18 |
@@ -43,6 +43,10 @@ EXPERIMENTAL |
19 |
Individual Patch Descriptions: |
20 |
-------------------------------------------------------------------------- |
21 |
|
22 |
+Patch: 1000_linux-4.0.1.patch |
23 |
+From: http://www.kernel.org |
24 |
+Desc: Linux 4.0.1 |
25 |
+ |
26 |
Patch: 1500_XATTR_USER_PREFIX.patch |
27 |
From: https://bugs.gentoo.org/show_bug.cgi?id=470644 |
28 |
Desc: Support for namespace user.pax.* on tmpfs. |
29 |
|
30 |
diff --git a/1000_linux-4.0.1.patch b/1000_linux-4.0.1.patch |
31 |
new file mode 100644 |
32 |
index 0000000..ac58552 |
33 |
--- /dev/null |
34 |
+++ b/1000_linux-4.0.1.patch |
35 |
@@ -0,0 +1,479 @@ |
36 |
+diff --git a/Makefile b/Makefile |
37 |
+index fbd43bfe4445..f499cd2f5738 100644 |
38 |
+--- a/Makefile |
39 |
++++ b/Makefile |
40 |
+@@ -1,6 +1,6 @@ |
41 |
+ VERSION = 4 |
42 |
+ PATCHLEVEL = 0 |
43 |
+-SUBLEVEL = 0 |
44 |
++SUBLEVEL = 1 |
45 |
+ EXTRAVERSION = |
46 |
+ NAME = Hurr durr I'ma sheep |
47 |
+ |
48 |
+diff --git a/drivers/net/ethernet/broadcom/bnx2x/bnx2x.h b/drivers/net/ethernet/broadcom/bnx2x/bnx2x.h |
49 |
+index 4085c4b31047..355d5fea5be9 100644 |
50 |
+--- a/drivers/net/ethernet/broadcom/bnx2x/bnx2x.h |
51 |
++++ b/drivers/net/ethernet/broadcom/bnx2x/bnx2x.h |
52 |
+@@ -531,20 +531,8 @@ struct bnx2x_fastpath { |
53 |
+ struct napi_struct napi; |
54 |
+ |
55 |
+ #ifdef CONFIG_NET_RX_BUSY_POLL |
56 |
+- unsigned int state; |
57 |
+-#define BNX2X_FP_STATE_IDLE 0 |
58 |
+-#define BNX2X_FP_STATE_NAPI (1 << 0) /* NAPI owns this FP */ |
59 |
+-#define BNX2X_FP_STATE_POLL (1 << 1) /* poll owns this FP */ |
60 |
+-#define BNX2X_FP_STATE_DISABLED (1 << 2) |
61 |
+-#define BNX2X_FP_STATE_NAPI_YIELD (1 << 3) /* NAPI yielded this FP */ |
62 |
+-#define BNX2X_FP_STATE_POLL_YIELD (1 << 4) /* poll yielded this FP */ |
63 |
+-#define BNX2X_FP_OWNED (BNX2X_FP_STATE_NAPI | BNX2X_FP_STATE_POLL) |
64 |
+-#define BNX2X_FP_YIELD (BNX2X_FP_STATE_NAPI_YIELD | BNX2X_FP_STATE_POLL_YIELD) |
65 |
+-#define BNX2X_FP_LOCKED (BNX2X_FP_OWNED | BNX2X_FP_STATE_DISABLED) |
66 |
+-#define BNX2X_FP_USER_PEND (BNX2X_FP_STATE_POLL | BNX2X_FP_STATE_POLL_YIELD) |
67 |
+- /* protect state */ |
68 |
+- spinlock_t lock; |
69 |
+-#endif /* CONFIG_NET_RX_BUSY_POLL */ |
70 |
++ unsigned long busy_poll_state; |
71 |
++#endif |
72 |
+ |
73 |
+ union host_hc_status_block status_blk; |
74 |
+ /* chip independent shortcuts into sb structure */ |
75 |
+@@ -619,104 +607,83 @@ struct bnx2x_fastpath { |
76 |
+ #define bnx2x_fp_qstats(bp, fp) (&((bp)->fp_stats[(fp)->index].eth_q_stats)) |
77 |
+ |
78 |
+ #ifdef CONFIG_NET_RX_BUSY_POLL |
79 |
+-static inline void bnx2x_fp_init_lock(struct bnx2x_fastpath *fp) |
80 |
++ |
81 |
++enum bnx2x_fp_state { |
82 |
++ BNX2X_STATE_FP_NAPI = BIT(0), /* NAPI handler owns the queue */ |
83 |
++ |
84 |
++ BNX2X_STATE_FP_NAPI_REQ_BIT = 1, /* NAPI would like to own the queue */ |
85 |
++ BNX2X_STATE_FP_NAPI_REQ = BIT(1), |
86 |
++ |
87 |
++ BNX2X_STATE_FP_POLL_BIT = 2, |
88 |
++ BNX2X_STATE_FP_POLL = BIT(2), /* busy_poll owns the queue */ |
89 |
++ |
90 |
++ BNX2X_STATE_FP_DISABLE_BIT = 3, /* queue is dismantled */ |
91 |
++}; |
92 |
++ |
93 |
++static inline void bnx2x_fp_busy_poll_init(struct bnx2x_fastpath *fp) |
94 |
+ { |
95 |
+- spin_lock_init(&fp->lock); |
96 |
+- fp->state = BNX2X_FP_STATE_IDLE; |
97 |
++ WRITE_ONCE(fp->busy_poll_state, 0); |
98 |
+ } |
99 |
+ |
100 |
+ /* called from the device poll routine to get ownership of a FP */ |
101 |
+ static inline bool bnx2x_fp_lock_napi(struct bnx2x_fastpath *fp) |
102 |
+ { |
103 |
+- bool rc = true; |
104 |
+- |
105 |
+- spin_lock_bh(&fp->lock); |
106 |
+- if (fp->state & BNX2X_FP_LOCKED) { |
107 |
+- WARN_ON(fp->state & BNX2X_FP_STATE_NAPI); |
108 |
+- fp->state |= BNX2X_FP_STATE_NAPI_YIELD; |
109 |
+- rc = false; |
110 |
+- } else { |
111 |
+- /* we don't care if someone yielded */ |
112 |
+- fp->state = BNX2X_FP_STATE_NAPI; |
113 |
++ unsigned long prev, old = READ_ONCE(fp->busy_poll_state); |
114 |
++ |
115 |
++ while (1) { |
116 |
++ switch (old) { |
117 |
++ case BNX2X_STATE_FP_POLL: |
118 |
++ /* make sure bnx2x_fp_lock_poll() wont starve us */ |
119 |
++ set_bit(BNX2X_STATE_FP_NAPI_REQ_BIT, |
120 |
++ &fp->busy_poll_state); |
121 |
++ /* fallthrough */ |
122 |
++ case BNX2X_STATE_FP_POLL | BNX2X_STATE_FP_NAPI_REQ: |
123 |
++ return false; |
124 |
++ default: |
125 |
++ break; |
126 |
++ } |
127 |
++ prev = cmpxchg(&fp->busy_poll_state, old, BNX2X_STATE_FP_NAPI); |
128 |
++ if (unlikely(prev != old)) { |
129 |
++ old = prev; |
130 |
++ continue; |
131 |
++ } |
132 |
++ return true; |
133 |
+ } |
134 |
+- spin_unlock_bh(&fp->lock); |
135 |
+- return rc; |
136 |
+ } |
137 |
+ |
138 |
+-/* returns true is someone tried to get the FP while napi had it */ |
139 |
+-static inline bool bnx2x_fp_unlock_napi(struct bnx2x_fastpath *fp) |
140 |
++static inline void bnx2x_fp_unlock_napi(struct bnx2x_fastpath *fp) |
141 |
+ { |
142 |
+- bool rc = false; |
143 |
+- |
144 |
+- spin_lock_bh(&fp->lock); |
145 |
+- WARN_ON(fp->state & |
146 |
+- (BNX2X_FP_STATE_POLL | BNX2X_FP_STATE_NAPI_YIELD)); |
147 |
+- |
148 |
+- if (fp->state & BNX2X_FP_STATE_POLL_YIELD) |
149 |
+- rc = true; |
150 |
+- |
151 |
+- /* state ==> idle, unless currently disabled */ |
152 |
+- fp->state &= BNX2X_FP_STATE_DISABLED; |
153 |
+- spin_unlock_bh(&fp->lock); |
154 |
+- return rc; |
155 |
++ smp_wmb(); |
156 |
++ fp->busy_poll_state = 0; |
157 |
+ } |
158 |
+ |
159 |
+ /* called from bnx2x_low_latency_poll() */ |
160 |
+ static inline bool bnx2x_fp_lock_poll(struct bnx2x_fastpath *fp) |
161 |
+ { |
162 |
+- bool rc = true; |
163 |
+- |
164 |
+- spin_lock_bh(&fp->lock); |
165 |
+- if ((fp->state & BNX2X_FP_LOCKED)) { |
166 |
+- fp->state |= BNX2X_FP_STATE_POLL_YIELD; |
167 |
+- rc = false; |
168 |
+- } else { |
169 |
+- /* preserve yield marks */ |
170 |
+- fp->state |= BNX2X_FP_STATE_POLL; |
171 |
+- } |
172 |
+- spin_unlock_bh(&fp->lock); |
173 |
+- return rc; |
174 |
++ return cmpxchg(&fp->busy_poll_state, 0, BNX2X_STATE_FP_POLL) == 0; |
175 |
+ } |
176 |
+ |
177 |
+-/* returns true if someone tried to get the FP while it was locked */ |
178 |
+-static inline bool bnx2x_fp_unlock_poll(struct bnx2x_fastpath *fp) |
179 |
++static inline void bnx2x_fp_unlock_poll(struct bnx2x_fastpath *fp) |
180 |
+ { |
181 |
+- bool rc = false; |
182 |
+- |
183 |
+- spin_lock_bh(&fp->lock); |
184 |
+- WARN_ON(fp->state & BNX2X_FP_STATE_NAPI); |
185 |
+- |
186 |
+- if (fp->state & BNX2X_FP_STATE_POLL_YIELD) |
187 |
+- rc = true; |
188 |
+- |
189 |
+- /* state ==> idle, unless currently disabled */ |
190 |
+- fp->state &= BNX2X_FP_STATE_DISABLED; |
191 |
+- spin_unlock_bh(&fp->lock); |
192 |
+- return rc; |
193 |
++ smp_mb__before_atomic(); |
194 |
++ clear_bit(BNX2X_STATE_FP_POLL_BIT, &fp->busy_poll_state); |
195 |
+ } |
196 |
+ |
197 |
+-/* true if a socket is polling, even if it did not get the lock */ |
198 |
++/* true if a socket is polling */ |
199 |
+ static inline bool bnx2x_fp_ll_polling(struct bnx2x_fastpath *fp) |
200 |
+ { |
201 |
+- WARN_ON(!(fp->state & BNX2X_FP_OWNED)); |
202 |
+- return fp->state & BNX2X_FP_USER_PEND; |
203 |
++ return READ_ONCE(fp->busy_poll_state) & BNX2X_STATE_FP_POLL; |
204 |
+ } |
205 |
+ |
206 |
+ /* false if fp is currently owned */ |
207 |
+ static inline bool bnx2x_fp_ll_disable(struct bnx2x_fastpath *fp) |
208 |
+ { |
209 |
+- int rc = true; |
210 |
+- |
211 |
+- spin_lock_bh(&fp->lock); |
212 |
+- if (fp->state & BNX2X_FP_OWNED) |
213 |
+- rc = false; |
214 |
+- fp->state |= BNX2X_FP_STATE_DISABLED; |
215 |
+- spin_unlock_bh(&fp->lock); |
216 |
++ set_bit(BNX2X_STATE_FP_DISABLE_BIT, &fp->busy_poll_state); |
217 |
++ return !bnx2x_fp_ll_polling(fp); |
218 |
+ |
219 |
+- return rc; |
220 |
+ } |
221 |
+ #else |
222 |
+-static inline void bnx2x_fp_init_lock(struct bnx2x_fastpath *fp) |
223 |
++static inline void bnx2x_fp_busy_poll_init(struct bnx2x_fastpath *fp) |
224 |
+ { |
225 |
+ } |
226 |
+ |
227 |
+@@ -725,9 +692,8 @@ static inline bool bnx2x_fp_lock_napi(struct bnx2x_fastpath *fp) |
228 |
+ return true; |
229 |
+ } |
230 |
+ |
231 |
+-static inline bool bnx2x_fp_unlock_napi(struct bnx2x_fastpath *fp) |
232 |
++static inline void bnx2x_fp_unlock_napi(struct bnx2x_fastpath *fp) |
233 |
+ { |
234 |
+- return false; |
235 |
+ } |
236 |
+ |
237 |
+ static inline bool bnx2x_fp_lock_poll(struct bnx2x_fastpath *fp) |
238 |
+@@ -735,9 +701,8 @@ static inline bool bnx2x_fp_lock_poll(struct bnx2x_fastpath *fp) |
239 |
+ return false; |
240 |
+ } |
241 |
+ |
242 |
+-static inline bool bnx2x_fp_unlock_poll(struct bnx2x_fastpath *fp) |
243 |
++static inline void bnx2x_fp_unlock_poll(struct bnx2x_fastpath *fp) |
244 |
+ { |
245 |
+- return false; |
246 |
+ } |
247 |
+ |
248 |
+ static inline bool bnx2x_fp_ll_polling(struct bnx2x_fastpath *fp) |
249 |
+diff --git a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c |
250 |
+index 0a9faa134a9a..2f63467bce46 100644 |
251 |
+--- a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c |
252 |
++++ b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c |
253 |
+@@ -1849,7 +1849,7 @@ static void bnx2x_napi_enable_cnic(struct bnx2x *bp) |
254 |
+ int i; |
255 |
+ |
256 |
+ for_each_rx_queue_cnic(bp, i) { |
257 |
+- bnx2x_fp_init_lock(&bp->fp[i]); |
258 |
++ bnx2x_fp_busy_poll_init(&bp->fp[i]); |
259 |
+ napi_enable(&bnx2x_fp(bp, i, napi)); |
260 |
+ } |
261 |
+ } |
262 |
+@@ -1859,7 +1859,7 @@ static void bnx2x_napi_enable(struct bnx2x *bp) |
263 |
+ int i; |
264 |
+ |
265 |
+ for_each_eth_queue(bp, i) { |
266 |
+- bnx2x_fp_init_lock(&bp->fp[i]); |
267 |
++ bnx2x_fp_busy_poll_init(&bp->fp[i]); |
268 |
+ napi_enable(&bnx2x_fp(bp, i, napi)); |
269 |
+ } |
270 |
+ } |
271 |
+@@ -3191,9 +3191,10 @@ static int bnx2x_poll(struct napi_struct *napi, int budget) |
272 |
+ } |
273 |
+ } |
274 |
+ |
275 |
++ bnx2x_fp_unlock_napi(fp); |
276 |
++ |
277 |
+ /* Fall out from the NAPI loop if needed */ |
278 |
+- if (!bnx2x_fp_unlock_napi(fp) && |
279 |
+- !(bnx2x_has_rx_work(fp) || bnx2x_has_tx_work(fp))) { |
280 |
++ if (!(bnx2x_has_rx_work(fp) || bnx2x_has_tx_work(fp))) { |
281 |
+ |
282 |
+ /* No need to update SB for FCoE L2 ring as long as |
283 |
+ * it's connected to the default SB and the SB |
284 |
+diff --git a/drivers/net/vxlan.c b/drivers/net/vxlan.c |
285 |
+index f8528a4cf54f..fceb637efd6b 100644 |
286 |
+--- a/drivers/net/vxlan.c |
287 |
++++ b/drivers/net/vxlan.c |
288 |
+@@ -1713,12 +1713,6 @@ static int vxlan6_xmit_skb(struct dst_entry *dst, struct sk_buff *skb, |
289 |
+ } |
290 |
+ } |
291 |
+ |
292 |
+- skb = iptunnel_handle_offloads(skb, udp_sum, type); |
293 |
+- if (IS_ERR(skb)) { |
294 |
+- err = -EINVAL; |
295 |
+- goto err; |
296 |
+- } |
297 |
+- |
298 |
+ skb_scrub_packet(skb, xnet); |
299 |
+ |
300 |
+ min_headroom = LL_RESERVED_SPACE(dst->dev) + dst->header_len |
301 |
+@@ -1738,6 +1732,12 @@ static int vxlan6_xmit_skb(struct dst_entry *dst, struct sk_buff *skb, |
302 |
+ goto err; |
303 |
+ } |
304 |
+ |
305 |
++ skb = iptunnel_handle_offloads(skb, udp_sum, type); |
306 |
++ if (IS_ERR(skb)) { |
307 |
++ err = -EINVAL; |
308 |
++ goto err; |
309 |
++ } |
310 |
++ |
311 |
+ vxh = (struct vxlanhdr *) __skb_push(skb, sizeof(*vxh)); |
312 |
+ vxh->vx_flags = htonl(VXLAN_HF_VNI); |
313 |
+ vxh->vx_vni = md->vni; |
314 |
+@@ -1798,10 +1798,6 @@ int vxlan_xmit_skb(struct rtable *rt, struct sk_buff *skb, |
315 |
+ } |
316 |
+ } |
317 |
+ |
318 |
+- skb = iptunnel_handle_offloads(skb, udp_sum, type); |
319 |
+- if (IS_ERR(skb)) |
320 |
+- return PTR_ERR(skb); |
321 |
+- |
322 |
+ min_headroom = LL_RESERVED_SPACE(rt->dst.dev) + rt->dst.header_len |
323 |
+ + VXLAN_HLEN + sizeof(struct iphdr) |
324 |
+ + (skb_vlan_tag_present(skb) ? VLAN_HLEN : 0); |
325 |
+@@ -1817,6 +1813,10 @@ int vxlan_xmit_skb(struct rtable *rt, struct sk_buff *skb, |
326 |
+ if (WARN_ON(!skb)) |
327 |
+ return -ENOMEM; |
328 |
+ |
329 |
++ skb = iptunnel_handle_offloads(skb, udp_sum, type); |
330 |
++ if (IS_ERR(skb)) |
331 |
++ return PTR_ERR(skb); |
332 |
++ |
333 |
+ vxh = (struct vxlanhdr *) __skb_push(skb, sizeof(*vxh)); |
334 |
+ vxh->vx_flags = htonl(VXLAN_HF_VNI); |
335 |
+ vxh->vx_vni = md->vni; |
336 |
+diff --git a/fs/exec.c b/fs/exec.c |
337 |
+index c7f9b733406d..00400cf522dc 100644 |
338 |
+--- a/fs/exec.c |
339 |
++++ b/fs/exec.c |
340 |
+@@ -1265,6 +1265,53 @@ static void check_unsafe_exec(struct linux_binprm *bprm) |
341 |
+ spin_unlock(&p->fs->lock); |
342 |
+ } |
343 |
+ |
344 |
++static void bprm_fill_uid(struct linux_binprm *bprm) |
345 |
++{ |
346 |
++ struct inode *inode; |
347 |
++ unsigned int mode; |
348 |
++ kuid_t uid; |
349 |
++ kgid_t gid; |
350 |
++ |
351 |
++ /* clear any previous set[ug]id data from a previous binary */ |
352 |
++ bprm->cred->euid = current_euid(); |
353 |
++ bprm->cred->egid = current_egid(); |
354 |
++ |
355 |
++ if (bprm->file->f_path.mnt->mnt_flags & MNT_NOSUID) |
356 |
++ return; |
357 |
++ |
358 |
++ if (task_no_new_privs(current)) |
359 |
++ return; |
360 |
++ |
361 |
++ inode = file_inode(bprm->file); |
362 |
++ mode = READ_ONCE(inode->i_mode); |
363 |
++ if (!(mode & (S_ISUID|S_ISGID))) |
364 |
++ return; |
365 |
++ |
366 |
++ /* Be careful if suid/sgid is set */ |
367 |
++ mutex_lock(&inode->i_mutex); |
368 |
++ |
369 |
++ /* reload atomically mode/uid/gid now that lock held */ |
370 |
++ mode = inode->i_mode; |
371 |
++ uid = inode->i_uid; |
372 |
++ gid = inode->i_gid; |
373 |
++ mutex_unlock(&inode->i_mutex); |
374 |
++ |
375 |
++ /* We ignore suid/sgid if there are no mappings for them in the ns */ |
376 |
++ if (!kuid_has_mapping(bprm->cred->user_ns, uid) || |
377 |
++ !kgid_has_mapping(bprm->cred->user_ns, gid)) |
378 |
++ return; |
379 |
++ |
380 |
++ if (mode & S_ISUID) { |
381 |
++ bprm->per_clear |= PER_CLEAR_ON_SETID; |
382 |
++ bprm->cred->euid = uid; |
383 |
++ } |
384 |
++ |
385 |
++ if ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) { |
386 |
++ bprm->per_clear |= PER_CLEAR_ON_SETID; |
387 |
++ bprm->cred->egid = gid; |
388 |
++ } |
389 |
++} |
390 |
++ |
391 |
+ /* |
392 |
+ * Fill the binprm structure from the inode. |
393 |
+ * Check permissions, then read the first 128 (BINPRM_BUF_SIZE) bytes |
394 |
+@@ -1273,36 +1320,9 @@ static void check_unsafe_exec(struct linux_binprm *bprm) |
395 |
+ */ |
396 |
+ int prepare_binprm(struct linux_binprm *bprm) |
397 |
+ { |
398 |
+- struct inode *inode = file_inode(bprm->file); |
399 |
+- umode_t mode = inode->i_mode; |
400 |
+ int retval; |
401 |
+ |
402 |
+- |
403 |
+- /* clear any previous set[ug]id data from a previous binary */ |
404 |
+- bprm->cred->euid = current_euid(); |
405 |
+- bprm->cred->egid = current_egid(); |
406 |
+- |
407 |
+- if (!(bprm->file->f_path.mnt->mnt_flags & MNT_NOSUID) && |
408 |
+- !task_no_new_privs(current) && |
409 |
+- kuid_has_mapping(bprm->cred->user_ns, inode->i_uid) && |
410 |
+- kgid_has_mapping(bprm->cred->user_ns, inode->i_gid)) { |
411 |
+- /* Set-uid? */ |
412 |
+- if (mode & S_ISUID) { |
413 |
+- bprm->per_clear |= PER_CLEAR_ON_SETID; |
414 |
+- bprm->cred->euid = inode->i_uid; |
415 |
+- } |
416 |
+- |
417 |
+- /* Set-gid? */ |
418 |
+- /* |
419 |
+- * If setgid is set but no group execute bit then this |
420 |
+- * is a candidate for mandatory locking, not a setgid |
421 |
+- * executable. |
422 |
+- */ |
423 |
+- if ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) { |
424 |
+- bprm->per_clear |= PER_CLEAR_ON_SETID; |
425 |
+- bprm->cred->egid = inode->i_gid; |
426 |
+- } |
427 |
+- } |
428 |
++ bprm_fill_uid(bprm); |
429 |
+ |
430 |
+ /* fill in binprm security blob */ |
431 |
+ retval = security_bprm_set_creds(bprm); |
432 |
+diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c |
433 |
+index a28e09c7825d..36508e69e92a 100644 |
434 |
+--- a/kernel/bpf/verifier.c |
435 |
++++ b/kernel/bpf/verifier.c |
436 |
+@@ -1380,7 +1380,8 @@ peek_stack: |
437 |
+ /* tell verifier to check for equivalent states |
438 |
+ * after every call and jump |
439 |
+ */ |
440 |
+- env->explored_states[t + 1] = STATE_LIST_MARK; |
441 |
++ if (t + 1 < insn_cnt) |
442 |
++ env->explored_states[t + 1] = STATE_LIST_MARK; |
443 |
+ } else { |
444 |
+ /* conditional jump with two edges */ |
445 |
+ ret = push_insn(t, t + 1, FALLTHROUGH, env); |
446 |
+diff --git a/net/core/skbuff.c b/net/core/skbuff.c |
447 |
+index 8e4ac97c8477..98d45fe72f51 100644 |
448 |
+--- a/net/core/skbuff.c |
449 |
++++ b/net/core/skbuff.c |
450 |
+@@ -4169,19 +4169,21 @@ EXPORT_SYMBOL(skb_try_coalesce); |
451 |
+ */ |
452 |
+ void skb_scrub_packet(struct sk_buff *skb, bool xnet) |
453 |
+ { |
454 |
+- if (xnet) |
455 |
+- skb_orphan(skb); |
456 |
+ skb->tstamp.tv64 = 0; |
457 |
+ skb->pkt_type = PACKET_HOST; |
458 |
+ skb->skb_iif = 0; |
459 |
+ skb->ignore_df = 0; |
460 |
+ skb_dst_drop(skb); |
461 |
+- skb->mark = 0; |
462 |
+ skb_sender_cpu_clear(skb); |
463 |
+- skb_init_secmark(skb); |
464 |
+ secpath_reset(skb); |
465 |
+ nf_reset(skb); |
466 |
+ nf_reset_trace(skb); |
467 |
++ |
468 |
++ if (!xnet) |
469 |
++ return; |
470 |
++ |
471 |
++ skb_orphan(skb); |
472 |
++ skb->mark = 0; |
473 |
+ } |
474 |
+ EXPORT_SYMBOL_GPL(skb_scrub_packet); |
475 |
+ |
476 |
+diff --git a/net/ipv4/geneve.c b/net/ipv4/geneve.c |
477 |
+index 5a4828ba05ad..a566a2e4715b 100644 |
478 |
+--- a/net/ipv4/geneve.c |
479 |
++++ b/net/ipv4/geneve.c |
480 |
+@@ -113,10 +113,6 @@ int geneve_xmit_skb(struct geneve_sock *gs, struct rtable *rt, |
481 |
+ int min_headroom; |
482 |
+ int err; |
483 |
+ |
484 |
+- skb = udp_tunnel_handle_offloads(skb, csum); |
485 |
+- if (IS_ERR(skb)) |
486 |
+- return PTR_ERR(skb); |
487 |
+- |
488 |
+ min_headroom = LL_RESERVED_SPACE(rt->dst.dev) + rt->dst.header_len |
489 |
+ + GENEVE_BASE_HLEN + opt_len + sizeof(struct iphdr) |
490 |
+ + (skb_vlan_tag_present(skb) ? VLAN_HLEN : 0); |
491 |
+@@ -131,6 +127,10 @@ int geneve_xmit_skb(struct geneve_sock *gs, struct rtable *rt, |
492 |
+ if (unlikely(!skb)) |
493 |
+ return -ENOMEM; |
494 |
+ |
495 |
++ skb = udp_tunnel_handle_offloads(skb, csum); |
496 |
++ if (IS_ERR(skb)) |
497 |
++ return PTR_ERR(skb); |
498 |
++ |
499 |
+ gnvh = (struct genevehdr *)__skb_push(skb, sizeof(*gnvh) + opt_len); |
500 |
+ geneve_build_header(gnvh, tun_flags, vni, opt_len, opt); |
501 |
+ |
502 |
+diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c |
503 |
+index 1db253e36045..d520492ba698 100644 |
504 |
+--- a/net/ipv4/tcp_output.c |
505 |
++++ b/net/ipv4/tcp_output.c |
506 |
+@@ -2929,6 +2929,8 @@ struct sk_buff *tcp_make_synack(struct sock *sk, struct dst_entry *dst, |
507 |
+ } |
508 |
+ #endif |
509 |
+ |
510 |
++ /* Do not fool tcpdump (if any), clean our debris */ |
511 |
++ skb->tstamp.tv64 = 0; |
512 |
+ return skb; |
513 |
+ } |
514 |
+ EXPORT_SYMBOL(tcp_make_synack); |