Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Anthony G. Basile" <blueness@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-patchset:master commit in: 3.14.33/, 3.18.7/, 3.2.67/, 3.18.8/, 3.14.34/
Date: Sat, 28 Feb 2015 19:50:47
Message-Id: 1425153131.c9a0d6a9244b7424def3525bb719686354aed5f4.blueness@gentoo
1 commit: c9a0d6a9244b7424def3525bb719686354aed5f4
2 Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
3 AuthorDate: Sat Feb 28 19:52:11 2015 +0000
4 Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
5 CommitDate: Sat Feb 28 19:52:11 2015 +0000
6 URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=c9a0d6a9
7
8 Grsec/PaX: 3.1-{3.2.67,3.14.34,3.18.8}-201502271843
9
10 ---
11 {3.14.33 => 3.14.34}/0000_README | 2 +-
12 .../4420_grsecurity-3.1-3.14.34-201502271838.patch | 468 +++++++++----------
13 {3.18.7 => 3.14.34}/4425_grsec_remove_EI_PAX.patch | 0
14 .../4427_force_XATTR_PAX_tmpfs.patch | 0
15 .../4430_grsec-remove-localversion-grsec.patch | 0
16 .../4435_grsec-mute-warnings.patch | 0
17 .../4440_grsec-remove-protected-paths.patch | 0
18 .../4450_grsec-kconfig-default-gids.patch | 0
19 .../4465_selinux-avc_audit-log-curr_ip.patch | 0
20 .../4470_disable-compat_vdso.patch | 0
21 {3.18.7 => 3.14.34}/4475_emutramp_default_on.patch | 0
22 {3.18.7 => 3.18.8}/0000_README | 2 +-
23 .../4420_grsecurity-3.1-3.18.8-201502271843.patch | 495 ++++++++++-----------
24 {3.14.33 => 3.18.8}/4425_grsec_remove_EI_PAX.patch | 0
25 .../4427_force_XATTR_PAX_tmpfs.patch | 0
26 .../4430_grsec-remove-localversion-grsec.patch | 0
27 {3.18.7 => 3.18.8}/4435_grsec-mute-warnings.patch | 0
28 .../4440_grsec-remove-protected-paths.patch | 0
29 .../4450_grsec-kconfig-default-gids.patch | 0
30 .../4465_selinux-avc_audit-log-curr_ip.patch | 0
31 {3.18.7 => 3.18.8}/4470_disable-compat_vdso.patch | 0
32 {3.14.33 => 3.18.8}/4475_emutramp_default_on.patch | 0
33 3.2.67/0000_README | 2 +-
34 ... 4420_grsecurity-3.1-3.2.67-201502271837.patch} | 105 ++++-
35 24 files changed, 584 insertions(+), 490 deletions(-)
36
37 diff --git a/3.14.33/0000_README b/3.14.34/0000_README
38 similarity index 96%
39 rename from 3.14.33/0000_README
40 rename to 3.14.34/0000_README
41 index d79223a..a144723 100644
42 --- a/3.14.33/0000_README
43 +++ b/3.14.34/0000_README
44 @@ -2,7 +2,7 @@ README
45 -----------------------------------------------------------------------------
46 Individual Patch Descriptions:
47 -----------------------------------------------------------------------------
48 -Patch: 4420_grsecurity-3.1-3.14.33-201502222137.patch
49 +Patch: 4420_grsecurity-3.1-3.14.34-201502271838.patch
50 From: http://www.grsecurity.net
51 Desc: hardened-sources base patch from upstream grsecurity
52
53
54 diff --git a/3.14.33/4420_grsecurity-3.1-3.14.33-201502222137.patch b/3.14.34/4420_grsecurity-3.1-3.14.34-201502271838.patch
55 similarity index 99%
56 rename from 3.14.33/4420_grsecurity-3.1-3.14.33-201502222137.patch
57 rename to 3.14.34/4420_grsecurity-3.1-3.14.34-201502271838.patch
58 index ae236cc..40b1302 100644
59 --- a/3.14.33/4420_grsecurity-3.1-3.14.33-201502222137.patch
60 +++ b/3.14.34/4420_grsecurity-3.1-3.14.34-201502271838.patch
61 @@ -292,7 +292,7 @@ index 5d91ba1..935a4e7 100644
62
63 pcd. [PARIDE]
64 diff --git a/Makefile b/Makefile
65 -index b0963ca..76c9099 100644
66 +index 5443481..47e9927 100644
67 --- a/Makefile
68 +++ b/Makefile
69 @@ -244,8 +244,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \
70 @@ -21636,10 +21636,22 @@ index 15c9876..0a43909 100644
71 };
72
73 diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c
74 -index a276fa7..e66810f 100644
75 +index a276fa7..3ef18f0 100644
76 --- a/arch/x86/kernel/cpu/microcode/intel.c
77 +++ b/arch/x86/kernel/cpu/microcode/intel.c
78 -@@ -293,13 +293,13 @@ static enum ucode_state request_microcode_fw(int cpu, struct device *device,
79 +@@ -196,6 +196,11 @@ static enum ucode_state generic_load_microcode(int cpu, void *data, size_t size,
80 + struct microcode_header_intel mc_header;
81 + unsigned int mc_size;
82 +
83 ++ if (leftover < sizeof(mc_header)) {
84 ++ pr_err("error! Truncated header in microcode data file\n");
85 ++ break;
86 ++ }
87 ++
88 + if (get_ucode_data(&mc_header, ucode_ptr, sizeof(mc_header)))
89 + break;
90 +
91 +@@ -293,13 +298,13 @@ static enum ucode_state request_microcode_fw(int cpu, struct device *device,
92
93 static int get_ucode_user(void *to, const void *from, size_t n)
94 {
95 @@ -21655,6 +21667,23 @@ index a276fa7..e66810f 100644
96 }
97
98 static void microcode_fini_cpu(int cpu)
99 +diff --git a/arch/x86/kernel/cpu/microcode/intel_early.c b/arch/x86/kernel/cpu/microcode/intel_early.c
100 +index 18f7391..8c5225d 100644
101 +--- a/arch/x86/kernel/cpu/microcode/intel_early.c
102 ++++ b/arch/x86/kernel/cpu/microcode/intel_early.c
103 +@@ -321,7 +321,11 @@ get_matching_model_microcode(int cpu, unsigned long start,
104 + unsigned int mc_saved_count = mc_saved_data->mc_saved_count;
105 + int i;
106 +
107 +- while (leftover) {
108 ++ while (leftover && mc_saved_count < ARRAY_SIZE(mc_saved_tmp)) {
109 ++
110 ++ if (leftover < sizeof(mc_header))
111 ++ break;
112 ++
113 + mc_header = (struct microcode_header_intel *)ucode_ptr;
114 +
115 + mc_size = get_totalsize(mc_header);
116 diff --git a/arch/x86/kernel/cpu/mtrr/main.c b/arch/x86/kernel/cpu/mtrr/main.c
117 index f961de9..8a9d332 100644
118 --- a/arch/x86/kernel/cpu/mtrr/main.c
119 @@ -40367,7 +40396,7 @@ index e918b6d..f87ea80 100644
120 .name = "cpuidle",
121 };
122 diff --git a/drivers/crypto/hifn_795x.c b/drivers/crypto/hifn_795x.c
123 -index 12fea3e..1e28f47 100644
124 +index 12fea3e2..1e28f47 100644
125 --- a/drivers/crypto/hifn_795x.c
126 +++ b/drivers/crypto/hifn_795x.c
127 @@ -51,7 +51,7 @@ module_param_string(hifn_pll_ref, hifn_pll_ref, sizeof(hifn_pll_ref), 0444);
128 @@ -48377,19 +48406,6 @@ index d2bb12b..d6c921e 100644
129 .kind = "nlmon",
130 .priv_size = sizeof(struct nlmon),
131 .setup = nlmon_setup,
132 -diff --git a/drivers/net/ppp/ppp_deflate.c b/drivers/net/ppp/ppp_deflate.c
133 -index 602c625..b5edc7f 100644
134 ---- a/drivers/net/ppp/ppp_deflate.c
135 -+++ b/drivers/net/ppp/ppp_deflate.c
136 -@@ -246,7 +246,7 @@ static int z_compress(void *arg, unsigned char *rptr, unsigned char *obuf,
137 - /*
138 - * See if we managed to reduce the size of the packet.
139 - */
140 -- if (olen < isize) {
141 -+ if (olen < isize && olen <= osize) {
142 - state->stats.comp_bytes += olen;
143 - state->stats.comp_packets++;
144 - } else {
145 diff --git a/drivers/net/ppp/ppp_generic.c b/drivers/net/ppp/ppp_generic.c
146 index 5a1897d..e860630 100644
147 --- a/drivers/net/ppp/ppp_generic.c
148 @@ -58307,6 +58323,35 @@ index 6530ced..4a827e2 100644
149 if (limit != RLIM_INFINITY && offset > limit)
150 goto out_sig;
151 if (offset > inode->i_sb->s_maxbytes)
152 +diff --git a/fs/autofs4/dev-ioctl.c b/fs/autofs4/dev-ioctl.c
153 +index 3182c0e..23b078e 100644
154 +--- a/fs/autofs4/dev-ioctl.c
155 ++++ b/fs/autofs4/dev-ioctl.c
156 +@@ -95,7 +95,7 @@ static int check_dev_ioctl_version(int cmd, struct autofs_dev_ioctl *param)
157 + */
158 + static struct autofs_dev_ioctl *copy_dev_ioctl(struct autofs_dev_ioctl __user *in)
159 + {
160 +- struct autofs_dev_ioctl tmp;
161 ++ struct autofs_dev_ioctl tmp, *res;
162 +
163 + if (copy_from_user(&tmp, in, sizeof(tmp)))
164 + return ERR_PTR(-EFAULT);
165 +@@ -103,7 +103,14 @@ static struct autofs_dev_ioctl *copy_dev_ioctl(struct autofs_dev_ioctl __user *i
166 + if (tmp.size < sizeof(tmp))
167 + return ERR_PTR(-EINVAL);
168 +
169 +- return memdup_user(in, tmp.size);
170 ++ if (tmp.size > (PATH_MAX + sizeof(tmp)))
171 ++ return ERR_PTR(-ENAMETOOLONG);
172 ++
173 ++ res = memdup_user(in, tmp.size);
174 ++ if (!IS_ERR(res))
175 ++ res->size = tmp.size;
176 ++
177 ++ return res;
178 + }
179 +
180 + static inline void free_dev_ioctl(struct autofs_dev_ioctl *param)
181 diff --git a/fs/autofs4/waitq.c b/fs/autofs4/waitq.c
182 index 116fd38..c04182da 100644
183 --- a/fs/autofs4/waitq.c
184 @@ -60852,10 +60897,30 @@ index 4366127..b8c2cf9 100644
185 dcache_init();
186 inode_init();
187 diff --git a/fs/debugfs/inode.c b/fs/debugfs/inode.c
188 -index 1576195..49a19ae 100644
189 +index 1576195..5bf8b25 100644
190 --- a/fs/debugfs/inode.c
191 +++ b/fs/debugfs/inode.c
192 -@@ -415,7 +415,11 @@ EXPORT_SYMBOL_GPL(debugfs_create_file);
193 +@@ -245,10 +245,19 @@ static int debugfs_show_options(struct seq_file *m, struct dentry *root)
194 + return 0;
195 + }
196 +
197 ++static void debugfs_evict_inode(struct inode *inode)
198 ++{
199 ++ truncate_inode_pages(&inode->i_data, 0);
200 ++ clear_inode(inode);
201 ++ if (S_ISLNK(inode->i_mode))
202 ++ kfree(inode->i_private);
203 ++}
204 ++
205 + static const struct super_operations debugfs_super_operations = {
206 + .statfs = simple_statfs,
207 + .remount_fs = debugfs_remount,
208 + .show_options = debugfs_show_options,
209 ++ .evict_inode = debugfs_evict_inode,
210 + };
211 +
212 + static int debug_fill_super(struct super_block *sb, void *data, int silent)
213 +@@ -415,7 +424,11 @@ EXPORT_SYMBOL_GPL(debugfs_create_file);
214 */
215 struct dentry *debugfs_create_dir(const char *name, struct dentry *parent)
216 {
217 @@ -60867,6 +60932,38 @@ index 1576195..49a19ae 100644
218 parent, NULL, NULL);
219 }
220 EXPORT_SYMBOL_GPL(debugfs_create_dir);
221 +@@ -465,23 +478,14 @@ static int __debugfs_remove(struct dentry *dentry, struct dentry *parent)
222 + int ret = 0;
223 +
224 + if (debugfs_positive(dentry)) {
225 +- if (dentry->d_inode) {
226 +- dget(dentry);
227 +- switch (dentry->d_inode->i_mode & S_IFMT) {
228 +- case S_IFDIR:
229 +- ret = simple_rmdir(parent->d_inode, dentry);
230 +- break;
231 +- case S_IFLNK:
232 +- kfree(dentry->d_inode->i_private);
233 +- /* fall through */
234 +- default:
235 +- simple_unlink(parent->d_inode, dentry);
236 +- break;
237 +- }
238 +- if (!ret)
239 +- d_delete(dentry);
240 +- dput(dentry);
241 +- }
242 ++ dget(dentry);
243 ++ if (S_ISDIR(dentry->d_inode->i_mode))
244 ++ ret = simple_rmdir(parent->d_inode, dentry);
245 ++ else
246 ++ simple_unlink(parent->d_inode, dentry);
247 ++ if (!ret)
248 ++ d_delete(dentry);
249 ++ dput(dentry);
250 + }
251 + return ret;
252 + }
253 diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c
254 index a85ceb7..5097313b 100644
255 --- a/fs/ecryptfs/inode.c
256 @@ -60894,7 +60991,7 @@ index e4141f2..d8263e8 100644
257 i += packet_length_size;
258 if (copy_to_user(&buf[i], msg_ctx->msg, msg_ctx->msg_size))
259 diff --git a/fs/exec.c b/fs/exec.c
260 -index ea4449d..cbad96a 100644
261 +index ea4449d..c3fd55e 100644
262 --- a/fs/exec.c
263 +++ b/fs/exec.c
264 @@ -56,8 +56,20 @@
265 @@ -61639,7 +61736,7 @@ index ea4449d..cbad96a 100644
266 + const char *type;
267 +#endif
268 +
269 -+#ifndef CONFIG_STACK_GROWSUP
270 ++#if !defined(CONFIG_STACK_GROWSUP) && !defined(CONFIG_X86_64)
271 + unsigned long stackstart = (unsigned long)task_stack_page(current);
272 + unsigned long currentsp = (unsigned long)&stackstart;
273 + if (unlikely((currentsp < stackstart + 512 ||
274 @@ -83908,6 +84005,19 @@ index 0ceb389..eed3fb8 100644
275
276 void gic_init_bases(unsigned int, int, void __iomem *, void __iomem *,
277 u32 offset, struct device_node *);
278 +diff --git a/include/linux/irqdesc.h b/include/linux/irqdesc.h
279 +index 472c021..097cc8b 100644
280 +--- a/include/linux/irqdesc.h
281 ++++ b/include/linux/irqdesc.h
282 +@@ -54,7 +54,7 @@ struct irq_desc {
283 + unsigned int irq_count; /* For detecting broken IRQs */
284 + unsigned long last_unhandled; /* Aging timer for unhandled count */
285 + unsigned int irqs_unhandled;
286 +- atomic_t threads_handled;
287 ++ atomic_unchecked_t threads_handled;
288 + int threads_handled_last;
289 + raw_spinlock_t lock;
290 + struct cpumask *percpu_enabled;
291 diff --git a/include/linux/jiffies.h b/include/linux/jiffies.h
292 index c367cbd..c9b79e6 100644
293 --- a/include/linux/jiffies.h
294 @@ -87297,28 +87407,10 @@ index 823ec7b..44c938c 100644
295 struct rcu_head rcu;
296 struct inet_peer *gc_next;
297 diff --git a/include/net/ip.h b/include/net/ip.h
298 -index 937f196..310a44f 100644
299 +index 3446cdd..e3d86f4 100644
300 --- a/include/net/ip.h
301 +++ b/include/net/ip.h
302 -@@ -38,11 +38,12 @@ struct inet_skb_parm {
303 - struct ip_options opt; /* Compiled IP options */
304 - unsigned char flags;
305 -
306 --#define IPSKB_FORWARDED 1
307 --#define IPSKB_XFRM_TUNNEL_SIZE 2
308 --#define IPSKB_XFRM_TRANSFORMED 4
309 --#define IPSKB_FRAG_COMPLETE 8
310 --#define IPSKB_REROUTED 16
311 -+#define IPSKB_FORWARDED BIT(0)
312 -+#define IPSKB_XFRM_TUNNEL_SIZE BIT(1)
313 -+#define IPSKB_XFRM_TRANSFORMED BIT(2)
314 -+#define IPSKB_FRAG_COMPLETE BIT(3)
315 -+#define IPSKB_REROUTED BIT(4)
316 -+#define IPSKB_DOREDIRECT BIT(5)
317 -
318 - u16 frag_max_size;
319 - };
320 -@@ -214,7 +215,7 @@ static inline void snmp_mib_free(void __percpu *ptr[SNMP_ARRAY_SZ])
321 +@@ -215,7 +215,7 @@ static inline void snmp_mib_free(void __percpu *ptr[SNMP_ARRAY_SZ])
322
323 void inet_get_local_port_range(struct net *net, int *low, int *high);
324
325 @@ -87327,7 +87419,7 @@ index 937f196..310a44f 100644
326 static inline int inet_is_reserved_local_port(int port)
327 {
328 return test_bit(port, sysctl_local_reserved_ports);
329 -@@ -297,7 +298,7 @@ static inline unsigned int ip_skb_dst_mtu(const struct sk_buff *skb)
330 +@@ -298,7 +298,7 @@ static inline unsigned int ip_skb_dst_mtu(const struct sk_buff *skb)
331 }
332 }
333
334 @@ -87652,10 +87744,10 @@ index fbcc7fa..03c7e51 100644
335 };
336
337 diff --git a/include/net/netns/ipv4.h b/include/net/netns/ipv4.h
338 -index 80f500a..f0c23c2 100644
339 +index 57c2da9..c2fb630 100644
340 --- a/include/net/netns/ipv4.h
341 +++ b/include/net/netns/ipv4.h
342 -@@ -74,7 +74,7 @@ struct netns_ipv4 {
343 +@@ -75,7 +75,7 @@ struct netns_ipv4 {
344
345 kgid_t sysctl_ping_group_range[2];
346
347 @@ -87664,7 +87756,7 @@ index 80f500a..f0c23c2 100644
348
349 #ifdef CONFIG_IP_MROUTE
350 #ifndef CONFIG_IP_MROUTE_MULTIPLE_TABLES
351 -@@ -84,6 +84,6 @@ struct netns_ipv4 {
352 +@@ -85,6 +85,6 @@ struct netns_ipv4 {
353 struct fib_rules_ops *mr_rules_ops;
354 #endif
355 #endif
356 @@ -90687,6 +90779,32 @@ index 04d0374..e7c3725 100644
357 {
358 hrtimer_peek_ahead_timers();
359 }
360 +diff --git a/kernel/irq/manage.c b/kernel/irq/manage.c
361 +index ebb8a9e..16769a5e 100644
362 +--- a/kernel/irq/manage.c
363 ++++ b/kernel/irq/manage.c
364 +@@ -857,7 +857,7 @@ static int irq_thread(void *data)
365 +
366 + action_ret = handler_fn(desc, action);
367 + if (action_ret == IRQ_HANDLED)
368 +- atomic_inc(&desc->threads_handled);
369 ++ atomic_inc_unchecked(&desc->threads_handled);
370 +
371 + wake_threads_waitq(desc);
372 + }
373 +diff --git a/kernel/irq/spurious.c b/kernel/irq/spurious.c
374 +index e2514b0..de3dfe0 100644
375 +--- a/kernel/irq/spurious.c
376 ++++ b/kernel/irq/spurious.c
377 +@@ -337,7 +337,7 @@ void note_interrupt(unsigned int irq, struct irq_desc *desc,
378 + * count. We just care about the count being
379 + * different than the one we saw before.
380 + */
381 +- handled = atomic_read(&desc->threads_handled);
382 ++ handled = atomic_read_unchecked(&desc->threads_handled);
383 + handled |= SPURIOUS_DEFERRED;
384 + if (handled != desc->threads_handled_last) {
385 + action_ret = IRQ_HANDLED;
386 diff --git a/kernel/irq_work.c b/kernel/irq_work.c
387 index 55fcce6..0e4cf34 100644
388 --- a/kernel/irq_work.c
389 @@ -102385,7 +102503,7 @@ index a16ed7b..eb44d17 100644
390
391 return err;
392 diff --git a/net/core/dev.c b/net/core/dev.c
393 -index 86bb9cc..a4f25f3 100644
394 +index 4ed77d7..e1ef1c9 100644
395 --- a/net/core/dev.c
396 +++ b/net/core/dev.c
397 @@ -1695,14 +1695,14 @@ int dev_forward_skb(struct net_device *dev, struct sk_buff *skb)
398 @@ -102801,7 +102919,7 @@ index fdac61c..e5e5b46 100644
399 pr_warn("cannot create /proc/net/%s\n", PG_PROC_DIR);
400 return -ENODEV;
401 diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
402 -index 4617586..d6ea668 100644
403 +index a6613ff..b258926 100644
404 --- a/net/core/rtnetlink.c
405 +++ b/net/core/rtnetlink.c
406 @@ -58,7 +58,7 @@ struct rtnl_link {
407 @@ -102839,7 +102957,7 @@ index 4617586..d6ea668 100644
408 }
409 EXPORT_SYMBOL_GPL(__rtnl_link_unregister);
410
411 -@@ -2685,6 +2688,9 @@ static int rtnl_bridge_setlink(struct sk_buff *skb, struct nlmsghdr *nlh)
412 +@@ -2689,6 +2692,9 @@ static int rtnl_bridge_setlink(struct sk_buff *skb, struct nlmsghdr *nlh)
413 if (br_spec) {
414 nla_for_each_nested(attr, br_spec, rem) {
415 if (nla_type(attr) == IFLA_BRIDGE_FLAGS) {
416 @@ -102849,7 +102967,7 @@ index 4617586..d6ea668 100644
417 have_flags = true;
418 flags = nla_get_u16(attr);
419 break;
420 -@@ -2755,6 +2761,9 @@ static int rtnl_bridge_dellink(struct sk_buff *skb, struct nlmsghdr *nlh)
421 +@@ -2759,6 +2765,9 @@ static int rtnl_bridge_dellink(struct sk_buff *skb, struct nlmsghdr *nlh)
422 if (br_spec) {
423 nla_for_each_nested(attr, br_spec, rem) {
424 if (nla_type(attr) == IFLA_BRIDGE_FLAGS) {
425 @@ -103532,20 +103650,6 @@ index bf2cb4a..d83ba8a 100644
426 p->metrics[RTAX_LOCK-1] = INETPEER_METRICS_NEW;
427 p->rate_tokens = 0;
428 /* 60*HZ is arbitrary, but chosen enough high so that the first
429 -diff --git a/net/ipv4/ip_forward.c b/net/ipv4/ip_forward.c
430 -index 1c6bd43..ecb34b5 100644
431 ---- a/net/ipv4/ip_forward.c
432 -+++ b/net/ipv4/ip_forward.c
433 -@@ -178,7 +178,8 @@ int ip_forward(struct sk_buff *skb)
434 - * We now generate an ICMP HOST REDIRECT giving the route
435 - * we calculated.
436 - */
437 -- if (rt->rt_flags&RTCF_DOREDIRECT && !opt->srr && !skb_sec_path(skb))
438 -+ if (IPCB(skb)->flags & IPSKB_DOREDIRECT && !opt->srr &&
439 -+ !skb_sec_path(skb))
440 - ip_rt_send_redirect(skb);
441 -
442 - skb->priority = rt_tos2priority(iph->tos);
443 diff --git a/net/ipv4/ip_fragment.c b/net/ipv4/ip_fragment.c
444 index c10a3ce..dd71f84 100644
445 --- a/net/ipv4/ip_fragment.c
446 @@ -103653,42 +103757,11 @@ index 3d4da2c..40f9c29 100644
447 icmp_send(skb, ICMP_DEST_UNREACH,
448 ICMP_PROT_UNREACH, 0);
449 }
450 -diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c
451 -index 844323b..7c1b9ac 100644
452 ---- a/net/ipv4/ip_output.c
453 -+++ b/net/ipv4/ip_output.c
454 -@@ -1471,6 +1471,7 @@ static DEFINE_PER_CPU(struct inet_sock, unicast_sock) = {
455 - .sk_wmem_alloc = ATOMIC_INIT(1),
456 - .sk_allocation = GFP_ATOMIC,
457 - .sk_flags = (1UL << SOCK_USE_WRITE_QUEUE),
458 -+ .sk_pacing_rate = ~0U,
459 - },
460 - .pmtudisc = IP_PMTUDISC_WANT,
461 - .uc_ttl = -1,
462 diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c
463 -index 580dd96..41e9720 100644
464 +index 135045e..f0dcc0d 100644
465 --- a/net/ipv4/ip_sockglue.c
466 +++ b/net/ipv4/ip_sockglue.c
467 -@@ -426,15 +426,12 @@ int ip_recv_error(struct sock *sk, struct msghdr *msg, int len, int *addr_len)
468 -
469 - memcpy(&errhdr.ee, &serr->ee, sizeof(struct sock_extended_err));
470 - sin = &errhdr.offender;
471 -- sin->sin_family = AF_UNSPEC;
472 -+ memset(sin, 0, sizeof(*sin));
473 -+
474 - if (serr->ee.ee_origin == SO_EE_ORIGIN_ICMP) {
475 -- struct inet_sock *inet = inet_sk(sk);
476 --
477 - sin->sin_family = AF_INET;
478 - sin->sin_addr.s_addr = ip_hdr(skb)->saddr;
479 -- sin->sin_port = 0;
480 -- memset(&sin->sin_zero, 0, sizeof(sin->sin_zero));
481 -- if (inet->cmsg_flags)
482 -+ if (inet_sk(sk)->cmsg_flags)
483 - ip_cmsg_recv(msg, skb);
484 - }
485 -
486 -@@ -1171,7 +1168,8 @@ static int do_ip_getsockopt(struct sock *sk, int level, int optname,
487 +@@ -1167,7 +1167,8 @@ static int do_ip_getsockopt(struct sock *sk, int level, int optname,
488 len = min_t(unsigned int, len, opt->optlen);
489 if (put_user(len, optlen))
490 return -EFAULT;
491 @@ -103698,7 +103771,7 @@ index 580dd96..41e9720 100644
492 return -EFAULT;
493 return 0;
494 }
495 -@@ -1302,7 +1300,7 @@ static int do_ip_getsockopt(struct sock *sk, int level, int optname,
496 +@@ -1298,7 +1299,7 @@ static int do_ip_getsockopt(struct sock *sk, int level, int optname,
497 if (sk->sk_type != SOCK_STREAM)
498 return -ENOPROTOOPT;
499
500 @@ -103894,7 +103967,7 @@ index 2510c02..cfb34fa 100644
501 pr_err("Unable to proc dir entry\n");
502 return -ENOMEM;
503 diff --git a/net/ipv4/ping.c b/net/ipv4/ping.c
504 -index 0d33f94..d0a62e6 100644
505 +index 04ce671..d0a62e6 100644
506 --- a/net/ipv4/ping.c
507 +++ b/net/ipv4/ping.c
508 @@ -59,7 +59,7 @@ struct ping_table {
509 @@ -103955,20 +104028,7 @@ index 0d33f94..d0a62e6 100644
510 else if (skb->protocol == htons(ETH_P_IP) && isk->cmsg_flags)
511 ip_cmsg_recv(msg, skb);
512 #endif
513 -@@ -973,8 +973,11 @@ void ping_rcv(struct sk_buff *skb)
514 -
515 - sk = ping_lookup(net, skb, ntohs(icmph->un.echo.id));
516 - if (sk != NULL) {
517 -+ struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC);
518 -+
519 - pr_debug("rcv on socket %p\n", sk);
520 -- ping_queue_rcv_skb(sk, skb_get(skb));
521 -+ if (skb2)
522 -+ ping_queue_rcv_skb(sk, skb2);
523 - sock_put(sk);
524 - return;
525 - }
526 -@@ -1113,7 +1116,7 @@ static void ping_v4_format_sock(struct sock *sp, struct seq_file *f,
527 +@@ -1116,7 +1116,7 @@ static void ping_v4_format_sock(struct sock *sp, struct seq_file *f,
528 from_kuid_munged(seq_user_ns(f), sock_i_uid(sp)),
529 0, sock_i_ino(sp),
530 atomic_read(&sp->sk_refcnt), sp,
531 @@ -104033,7 +104093,7 @@ index 11c8d81..d67116b 100644
532
533 static int raw_seq_show(struct seq_file *seq, void *v)
534 diff --git a/net/ipv4/route.c b/net/ipv4/route.c
535 -index 487bb62..31268ca 100644
536 +index b64330f..31268ca 100644
537 --- a/net/ipv4/route.c
538 +++ b/net/ipv4/route.c
539 @@ -234,7 +234,7 @@ static const struct seq_operations rt_cache_seq_ops = {
540 @@ -104086,31 +104146,7 @@ index 487bb62..31268ca 100644
541 }
542 EXPORT_SYMBOL(ip_idents_reserve);
543
544 -@@ -1554,11 +1554,10 @@ static int __mkroute_input(struct sk_buff *skb,
545 -
546 - do_cache = res->fi && !itag;
547 - if (out_dev == in_dev && err && IN_DEV_TX_REDIRECTS(out_dev) &&
548 -+ skb->protocol == htons(ETH_P_IP) &&
549 - (IN_DEV_SHARED_MEDIA(out_dev) ||
550 -- inet_addr_onlink(out_dev, saddr, FIB_RES_GW(*res)))) {
551 -- flags |= RTCF_DOREDIRECT;
552 -- do_cache = false;
553 -- }
554 -+ inet_addr_onlink(out_dev, saddr, FIB_RES_GW(*res))))
555 -+ IPCB(skb)->flags |= IPSKB_DOREDIRECT;
556 -
557 - if (skb->protocol != htons(ETH_P_IP)) {
558 - /* Not IP (i.e. ARP). Do not create route, if it is
559 -@@ -2305,6 +2304,8 @@ static int rt_fill_info(struct net *net, __be32 dst, __be32 src,
560 - r->rtm_flags = (rt->rt_flags & ~0xFFFF) | RTM_F_CLONED;
561 - if (rt->rt_flags & RTCF_NOTIFY)
562 - r->rtm_flags |= RTM_F_NOTIFY;
563 -+ if (IPCB(skb)->flags & IPSKB_DOREDIRECT)
564 -+ r->rtm_flags |= RTCF_DOREDIRECT;
565 -
566 - if (nla_put_be32(skb, RTA_DST, dst))
567 - goto nla_put_failure;
568 -@@ -2631,34 +2632,34 @@ static struct ctl_table ipv4_route_flush_table[] = {
569 +@@ -2632,34 +2632,34 @@ static struct ctl_table ipv4_route_flush_table[] = {
570 .maxlen = sizeof(int),
571 .mode = 0200,
572 .proc_handler = ipv4_sysctl_rtcache_flush,
573 @@ -104153,7 +104189,7 @@ index 487bb62..31268ca 100644
574 err_dup:
575 return -ENOMEM;
576 }
577 -@@ -2681,8 +2682,8 @@ static __net_initdata struct pernet_operations sysctl_route_ops = {
578 +@@ -2682,8 +2682,8 @@ static __net_initdata struct pernet_operations sysctl_route_ops = {
579
580 static __net_init int rt_genid_init(struct net *net)
581 {
582 @@ -104164,7 +104200,7 @@ index 487bb62..31268ca 100644
583 get_random_bytes(&net->ipv4.dev_addr_genid,
584 sizeof(net->ipv4.dev_addr_genid));
585 return 0;
586 -@@ -2725,11 +2726,7 @@ int __init ip_rt_init(void)
587 +@@ -2726,11 +2726,7 @@ int __init ip_rt_init(void)
588 {
589 int rc = 0;
590
591 @@ -104346,7 +104382,7 @@ index 2291791..7b62d2b 100644
592 if (icsk->icsk_af_ops->conn_request(sk, skb) < 0)
593 return 1;
594 diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
595 -index a782d5b..28f0ae5 100644
596 +index b7effad..70ddfe0 100644
597 --- a/net/ipv4/tcp_ipv4.c
598 +++ b/net/ipv4/tcp_ipv4.c
599 @@ -91,6 +91,10 @@ int sysctl_tcp_low_latency __read_mostly;
600 @@ -104360,7 +104396,7 @@ index a782d5b..28f0ae5 100644
601 #ifdef CONFIG_TCP_MD5SIG
602 static int tcp_v4_md5_hash_hdr(char *md5_hash, const struct tcp_md5sig_key *key,
603 __be32 daddr, __be32 saddr, const struct tcphdr *th);
604 -@@ -1830,6 +1834,9 @@ int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb)
605 +@@ -1832,6 +1836,9 @@ int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb)
606 return 0;
607
608 reset:
609 @@ -104370,7 +104406,7 @@ index a782d5b..28f0ae5 100644
610 tcp_v4_send_reset(rsk, skb);
611 discard:
612 kfree_skb(skb);
613 -@@ -1975,12 +1982,19 @@ int tcp_v4_rcv(struct sk_buff *skb)
614 +@@ -1977,12 +1984,19 @@ int tcp_v4_rcv(struct sk_buff *skb)
615 TCP_SKB_CB(skb)->sacked = 0;
616
617 sk = __inet_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest);
618 @@ -104393,7 +104429,7 @@ index a782d5b..28f0ae5 100644
619
620 if (unlikely(iph->ttl < inet_sk(sk)->min_ttl)) {
621 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
622 -@@ -2034,6 +2048,10 @@ csum_error:
623 +@@ -2036,6 +2050,10 @@ csum_error:
624 bad_packet:
625 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
626 } else {
627 @@ -104803,38 +104839,10 @@ index d935889..2f64330 100644
628 err = ipv6_init_mibs(net);
629 if (err)
630 diff --git a/net/ipv6/datagram.c b/net/ipv6/datagram.c
631 -index c3bf2d2..c85df82 100644
632 +index 841cfa2..c85df82 100644
633 --- a/net/ipv6/datagram.c
634 +++ b/net/ipv6/datagram.c
635 -@@ -382,11 +382,10 @@ int ipv6_recv_error(struct sock *sk, struct msghdr *msg, int len, int *addr_len)
636 -
637 - memcpy(&errhdr.ee, &serr->ee, sizeof(struct sock_extended_err));
638 - sin = &errhdr.offender;
639 -- sin->sin6_family = AF_UNSPEC;
640 -+ memset(sin, 0, sizeof(*sin));
641 -+
642 - if (serr->ee.ee_origin != SO_EE_ORIGIN_LOCAL) {
643 - sin->sin6_family = AF_INET6;
644 -- sin->sin6_flowinfo = 0;
645 -- sin->sin6_port = 0;
646 - if (np->rxopt.all)
647 - ip6_datagram_recv_common_ctl(sk, msg, skb);
648 - if (skb->protocol == htons(ETH_P_IPV6)) {
649 -@@ -397,12 +396,9 @@ int ipv6_recv_error(struct sock *sk, struct msghdr *msg, int len, int *addr_len)
650 - ipv6_iface_scope_id(&sin->sin6_addr,
651 - IP6CB(skb)->iif);
652 - } else {
653 -- struct inet_sock *inet = inet_sk(sk);
654 --
655 - ipv6_addr_set_v4mapped(ip_hdr(skb)->saddr,
656 - &sin->sin6_addr);
657 -- sin->sin6_scope_id = 0;
658 -- if (inet->cmsg_flags)
659 -+ if (inet_sk(sk)->cmsg_flags)
660 - ip_cmsg_recv(msg, skb);
661 - }
662 - }
663 -@@ -938,5 +934,5 @@ void ip6_dgram_sock_seq_show(struct seq_file *seq, struct sock *sp,
664 +@@ -934,5 +934,5 @@ void ip6_dgram_sock_seq_show(struct seq_file *seq, struct sock *sp,
665 0,
666 sock_i_ino(sp),
667 atomic_read(&sp->sk_refcnt), sp,
668 @@ -105263,25 +105271,10 @@ index cc85a9b..526a133 100644
669 return -ENOMEM;
670 }
671 diff --git a/net/ipv6/route.c b/net/ipv6/route.c
672 -index 7cc1102..50e95c7 100644
673 +index 6f1b850..50e95c7 100644
674 --- a/net/ipv6/route.c
675 +++ b/net/ipv6/route.c
676 -@@ -1160,12 +1160,9 @@ static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
677 - struct net *net = dev_net(dst->dev);
678 -
679 - rt6->rt6i_flags |= RTF_MODIFIED;
680 -- if (mtu < IPV6_MIN_MTU) {
681 -- u32 features = dst_metric(dst, RTAX_FEATURES);
682 -+ if (mtu < IPV6_MIN_MTU)
683 - mtu = IPV6_MIN_MTU;
684 -- features |= RTAX_FEATURE_ALLFRAG;
685 -- dst_metric_set(dst, RTAX_FEATURES, features);
686 -- }
687 -+
688 - dst_metric_set(dst, RTAX_MTU, mtu);
689 - rt6_update_expires(rt6, net->ipv6.sysctl.ip6_rt_mtu_expires);
690 - }
691 -@@ -2973,7 +2970,7 @@ struct ctl_table ipv6_route_table_template[] = {
692 +@@ -2970,7 +2970,7 @@ struct ctl_table ipv6_route_table_template[] = {
693
694 struct ctl_table * __net_init ipv6_route_sysctl_init(struct net *net)
695 {
696 @@ -105729,6 +105722,43 @@ index 1a3c7e0..80f8b0c 100644
697 if (!llc_proc_dir)
698 goto out;
699
700 +diff --git a/net/llc/sysctl_net_llc.c b/net/llc/sysctl_net_llc.c
701 +index 612a5dd..799bafc 100644
702 +--- a/net/llc/sysctl_net_llc.c
703 ++++ b/net/llc/sysctl_net_llc.c
704 +@@ -18,28 +18,28 @@ static struct ctl_table llc2_timeout_table[] = {
705 + {
706 + .procname = "ack",
707 + .data = &sysctl_llc2_ack_timeout,
708 +- .maxlen = sizeof(long),
709 ++ .maxlen = sizeof(sysctl_llc2_ack_timeout),
710 + .mode = 0644,
711 + .proc_handler = proc_dointvec_jiffies,
712 + },
713 + {
714 + .procname = "busy",
715 + .data = &sysctl_llc2_busy_timeout,
716 +- .maxlen = sizeof(long),
717 ++ .maxlen = sizeof(sysctl_llc2_busy_timeout),
718 + .mode = 0644,
719 + .proc_handler = proc_dointvec_jiffies,
720 + },
721 + {
722 + .procname = "p",
723 + .data = &sysctl_llc2_p_timeout,
724 +- .maxlen = sizeof(long),
725 ++ .maxlen = sizeof(sysctl_llc2_p_timeout),
726 + .mode = 0644,
727 + .proc_handler = proc_dointvec_jiffies,
728 + },
729 + {
730 + .procname = "rej",
731 + .data = &sysctl_llc2_rej_timeout,
732 +- .maxlen = sizeof(long),
733 ++ .maxlen = sizeof(sysctl_llc2_rej_timeout),
734 + .mode = 0644,
735 + .proc_handler = proc_dointvec_jiffies,
736 + },
737 diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
738 index 453e974..b3a43a5 100644
739 --- a/net/mac80211/cfg.c
740 @@ -107274,18 +107304,6 @@ index 8e3cf49..4a8e322 100644
741 }
742
743 static int cls_bpf_change(struct net *net, struct sk_buff *in_skb,
744 -diff --git a/net/sctp/associola.c b/net/sctp/associola.c
745 -index d477d47..abc0922 100644
746 ---- a/net/sctp/associola.c
747 -+++ b/net/sctp/associola.c
748 -@@ -1235,7 +1235,6 @@ void sctp_assoc_update(struct sctp_association *asoc,
749 - asoc->peer.peer_hmacs = new->peer.peer_hmacs;
750 - new->peer.peer_hmacs = NULL;
751 -
752 -- sctp_auth_key_put(asoc->asoc_shared_key);
753 - sctp_auth_asoc_init_active_key(asoc, GFP_ATOMIC);
754 - }
755 -
756 diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c
757 index 2b1738e..a9d0fc9 100644
758 --- a/net/sctp/ipv6.c
759 @@ -107545,7 +107563,7 @@ index dfa532f..1dcfb44 100644
760 }
761
762 diff --git a/net/socket.c b/net/socket.c
763 -index a19ae19..edb5c03 100644
764 +index 1b2c2d6..ba09864 100644
765 --- a/net/socket.c
766 +++ b/net/socket.c
767 @@ -88,6 +88,7 @@
768 @@ -107583,7 +107601,7 @@ index a19ae19..edb5c03 100644
769
770 static struct file_system_type sock_fs_type = {
771 .name = "sockfs",
772 -@@ -1256,6 +1259,8 @@ int __sock_create(struct net *net, int family, int type, int protocol,
773 +@@ -1253,6 +1256,8 @@ int __sock_create(struct net *net, int family, int type, int protocol,
774 return -EAFNOSUPPORT;
775 if (type < 0 || type >= SOCK_MAX)
776 return -EINVAL;
777 @@ -107592,7 +107610,7 @@ index a19ae19..edb5c03 100644
778
779 /* Compatibility.
780
781 -@@ -1276,6 +1281,20 @@ int __sock_create(struct net *net, int family, int type, int protocol,
782 +@@ -1273,6 +1278,20 @@ int __sock_create(struct net *net, int family, int type, int protocol,
783 if (err)
784 return err;
785
786 @@ -107613,7 +107631,7 @@ index a19ae19..edb5c03 100644
787 /*
788 * Allocate the socket and allow the family to set things up. if
789 * the protocol is 0, the family is instructed to select an appropriate
790 -@@ -1527,6 +1546,14 @@ SYSCALL_DEFINE3(bind, int, fd, struct sockaddr __user *, umyaddr, int, addrlen)
791 +@@ -1524,6 +1543,14 @@ SYSCALL_DEFINE3(bind, int, fd, struct sockaddr __user *, umyaddr, int, addrlen)
792 if (sock) {
793 err = move_addr_to_kernel(umyaddr, addrlen, &address);
794 if (err >= 0) {
795 @@ -107628,7 +107646,7 @@ index a19ae19..edb5c03 100644
796 err = security_socket_bind(sock,
797 (struct sockaddr *)&address,
798 addrlen);
799 -@@ -1535,6 +1562,7 @@ SYSCALL_DEFINE3(bind, int, fd, struct sockaddr __user *, umyaddr, int, addrlen)
800 +@@ -1532,6 +1559,7 @@ SYSCALL_DEFINE3(bind, int, fd, struct sockaddr __user *, umyaddr, int, addrlen)
801 (struct sockaddr *)
802 &address, addrlen);
803 }
804 @@ -107636,7 +107654,7 @@ index a19ae19..edb5c03 100644
805 fput_light(sock->file, fput_needed);
806 }
807 return err;
808 -@@ -1558,10 +1586,20 @@ SYSCALL_DEFINE2(listen, int, fd, int, backlog)
809 +@@ -1555,10 +1583,20 @@ SYSCALL_DEFINE2(listen, int, fd, int, backlog)
810 if ((unsigned int)backlog > somaxconn)
811 backlog = somaxconn;
812
813 @@ -107657,7 +107675,7 @@ index a19ae19..edb5c03 100644
814 fput_light(sock->file, fput_needed);
815 }
816 return err;
817 -@@ -1605,6 +1643,18 @@ SYSCALL_DEFINE4(accept4, int, fd, struct sockaddr __user *, upeer_sockaddr,
818 +@@ -1602,6 +1640,18 @@ SYSCALL_DEFINE4(accept4, int, fd, struct sockaddr __user *, upeer_sockaddr,
819 newsock->type = sock->type;
820 newsock->ops = sock->ops;
821
822 @@ -107676,7 +107694,7 @@ index a19ae19..edb5c03 100644
823 /*
824 * We don't need try_module_get here, as the listening socket (sock)
825 * has the protocol module (sock->ops->owner) held.
826 -@@ -1650,6 +1700,8 @@ SYSCALL_DEFINE4(accept4, int, fd, struct sockaddr __user *, upeer_sockaddr,
827 +@@ -1647,6 +1697,8 @@ SYSCALL_DEFINE4(accept4, int, fd, struct sockaddr __user *, upeer_sockaddr,
828 fd_install(newfd, newfile);
829 err = newfd;
830
831 @@ -107685,7 +107703,7 @@ index a19ae19..edb5c03 100644
832 out_put:
833 fput_light(sock->file, fput_needed);
834 out:
835 -@@ -1682,6 +1734,7 @@ SYSCALL_DEFINE3(connect, int, fd, struct sockaddr __user *, uservaddr,
836 +@@ -1679,6 +1731,7 @@ SYSCALL_DEFINE3(connect, int, fd, struct sockaddr __user *, uservaddr,
837 int, addrlen)
838 {
839 struct socket *sock;
840 @@ -107693,7 +107711,7 @@ index a19ae19..edb5c03 100644
841 struct sockaddr_storage address;
842 int err, fput_needed;
843
844 -@@ -1692,6 +1745,17 @@ SYSCALL_DEFINE3(connect, int, fd, struct sockaddr __user *, uservaddr,
845 +@@ -1689,6 +1742,17 @@ SYSCALL_DEFINE3(connect, int, fd, struct sockaddr __user *, uservaddr,
846 if (err < 0)
847 goto out_put;
848
849 @@ -107711,7 +107729,7 @@ index a19ae19..edb5c03 100644
850 err =
851 security_socket_connect(sock, (struct sockaddr *)&address, addrlen);
852 if (err)
853 -@@ -1773,6 +1837,8 @@ SYSCALL_DEFINE3(getpeername, int, fd, struct sockaddr __user *, usockaddr,
854 +@@ -1770,6 +1834,8 @@ SYSCALL_DEFINE3(getpeername, int, fd, struct sockaddr __user *, usockaddr,
855 * the protocol.
856 */
857
858 @@ -107720,7 +107738,7 @@ index a19ae19..edb5c03 100644
859 SYSCALL_DEFINE6(sendto, int, fd, void __user *, buff, size_t, len,
860 unsigned int, flags, struct sockaddr __user *, addr,
861 int, addr_len)
862 -@@ -1839,7 +1905,7 @@ SYSCALL_DEFINE6(recvfrom, int, fd, void __user *, ubuf, size_t, size,
863 +@@ -1836,7 +1902,7 @@ SYSCALL_DEFINE6(recvfrom, int, fd, void __user *, ubuf, size_t, size,
864 struct socket *sock;
865 struct iovec iov;
866 struct msghdr msg;
867 @@ -107729,7 +107747,7 @@ index a19ae19..edb5c03 100644
868 int err, err2;
869 int fput_needed;
870
871 -@@ -1987,6 +2053,9 @@ static int copy_msghdr_from_user(struct msghdr *kmsg,
872 +@@ -1984,6 +2050,9 @@ static int copy_msghdr_from_user(struct msghdr *kmsg,
873 if (copy_from_user(kmsg, umsg, sizeof(struct msghdr)))
874 return -EFAULT;
875
876 @@ -107739,7 +107757,7 @@ index a19ae19..edb5c03 100644
877 if (kmsg->msg_namelen < 0)
878 return -EINVAL;
879
880 -@@ -2065,7 +2134,7 @@ static int ___sys_sendmsg(struct socket *sock, struct msghdr __user *msg,
881 +@@ -2062,7 +2131,7 @@ static int ___sys_sendmsg(struct socket *sock, struct msghdr __user *msg,
882 * checking falls down on this.
883 */
884 if (copy_from_user(ctl_buf,
885 @@ -107748,7 +107766,7 @@ index a19ae19..edb5c03 100644
886 ctl_len))
887 goto out_freectl;
888 msg_sys->msg_control = ctl_buf;
889 -@@ -2216,7 +2285,7 @@ static int ___sys_recvmsg(struct socket *sock, struct msghdr __user *msg,
890 +@@ -2213,7 +2282,7 @@ static int ___sys_recvmsg(struct socket *sock, struct msghdr __user *msg,
891 int err, total_len, len;
892
893 /* kernel mode address */
894 @@ -107757,7 +107775,7 @@ index a19ae19..edb5c03 100644
895
896 /* user mode address pointers */
897 struct sockaddr __user *uaddr;
898 -@@ -2245,7 +2314,7 @@ static int ___sys_recvmsg(struct socket *sock, struct msghdr __user *msg,
899 +@@ -2242,7 +2311,7 @@ static int ___sys_recvmsg(struct socket *sock, struct msghdr __user *msg,
900 /* Save the user-mode address (verify_iovec will change the
901 * kernel msghdr to use the kernel address space)
902 */
903 @@ -107766,7 +107784,7 @@ index a19ae19..edb5c03 100644
904 uaddr_len = COMPAT_NAMELEN(msg);
905 if (MSG_CMSG_COMPAT & flags)
906 err = verify_compat_iovec(msg_sys, iov, &addr, VERIFY_WRITE);
907 -@@ -2889,7 +2958,7 @@ static int ethtool_ioctl(struct net *net, struct compat_ifreq __user *ifr32)
908 +@@ -2886,7 +2955,7 @@ static int ethtool_ioctl(struct net *net, struct compat_ifreq __user *ifr32)
909 ifr = compat_alloc_user_space(buf_size);
910 rxnfc = (void __user *)ifr + ALIGN(sizeof(struct ifreq), 8);
911
912 @@ -107775,7 +107793,7 @@ index a19ae19..edb5c03 100644
913 return -EFAULT;
914
915 if (put_user(convert_in ? rxnfc : compat_ptr(data),
916 -@@ -3000,7 +3069,7 @@ static int bond_ioctl(struct net *net, unsigned int cmd,
917 +@@ -2997,7 +3066,7 @@ static int bond_ioctl(struct net *net, unsigned int cmd,
918 old_fs = get_fs();
919 set_fs(KERNEL_DS);
920 err = dev_ioctl(net, cmd,
921 @@ -107784,7 +107802,7 @@ index a19ae19..edb5c03 100644
922 set_fs(old_fs);
923
924 return err;
925 -@@ -3093,7 +3162,7 @@ static int compat_sioc_ifmap(struct net *net, unsigned int cmd,
926 +@@ -3090,7 +3159,7 @@ static int compat_sioc_ifmap(struct net *net, unsigned int cmd,
927
928 old_fs = get_fs();
929 set_fs(KERNEL_DS);
930 @@ -107793,7 +107811,7 @@ index a19ae19..edb5c03 100644
931 set_fs(old_fs);
932
933 if (cmd == SIOCGIFMAP && !err) {
934 -@@ -3177,7 +3246,7 @@ static int routing_ioctl(struct net *net, struct socket *sock,
935 +@@ -3174,7 +3243,7 @@ static int routing_ioctl(struct net *net, struct socket *sock,
936 ret |= get_user(rtdev, &(ur4->rt_dev));
937 if (rtdev) {
938 ret |= copy_from_user(devname, compat_ptr(rtdev), 15);
939 @@ -107802,7 +107820,7 @@ index a19ae19..edb5c03 100644
940 devname[15] = 0;
941 } else
942 r4.rt_dev = NULL;
943 -@@ -3404,8 +3473,8 @@ int kernel_getsockopt(struct socket *sock, int level, int optname,
944 +@@ -3401,8 +3470,8 @@ int kernel_getsockopt(struct socket *sock, int level, int optname,
945 int __user *uoptlen;
946 int err;
947
948 @@ -107813,7 +107831,7 @@ index a19ae19..edb5c03 100644
949
950 set_fs(KERNEL_DS);
951 if (level == SOL_SOCKET)
952 -@@ -3425,7 +3494,7 @@ int kernel_setsockopt(struct socket *sock, int level, int optname,
953 +@@ -3422,7 +3491,7 @@ int kernel_setsockopt(struct socket *sock, int level, int optname,
954 char __user *uoptval;
955 int err;
956
957
958 diff --git a/3.18.7/4425_grsec_remove_EI_PAX.patch b/3.14.34/4425_grsec_remove_EI_PAX.patch
959 similarity index 100%
960 rename from 3.18.7/4425_grsec_remove_EI_PAX.patch
961 rename to 3.14.34/4425_grsec_remove_EI_PAX.patch
962
963 diff --git a/3.14.33/4427_force_XATTR_PAX_tmpfs.patch b/3.14.34/4427_force_XATTR_PAX_tmpfs.patch
964 similarity index 100%
965 rename from 3.14.33/4427_force_XATTR_PAX_tmpfs.patch
966 rename to 3.14.34/4427_force_XATTR_PAX_tmpfs.patch
967
968 diff --git a/3.18.7/4430_grsec-remove-localversion-grsec.patch b/3.14.34/4430_grsec-remove-localversion-grsec.patch
969 similarity index 100%
970 rename from 3.18.7/4430_grsec-remove-localversion-grsec.patch
971 rename to 3.14.34/4430_grsec-remove-localversion-grsec.patch
972
973 diff --git a/3.14.33/4435_grsec-mute-warnings.patch b/3.14.34/4435_grsec-mute-warnings.patch
974 similarity index 100%
975 rename from 3.14.33/4435_grsec-mute-warnings.patch
976 rename to 3.14.34/4435_grsec-mute-warnings.patch
977
978 diff --git a/3.18.7/4440_grsec-remove-protected-paths.patch b/3.14.34/4440_grsec-remove-protected-paths.patch
979 similarity index 100%
980 rename from 3.18.7/4440_grsec-remove-protected-paths.patch
981 rename to 3.14.34/4440_grsec-remove-protected-paths.patch
982
983 diff --git a/3.14.33/4450_grsec-kconfig-default-gids.patch b/3.14.34/4450_grsec-kconfig-default-gids.patch
984 similarity index 100%
985 rename from 3.14.33/4450_grsec-kconfig-default-gids.patch
986 rename to 3.14.34/4450_grsec-kconfig-default-gids.patch
987
988 diff --git a/3.14.33/4465_selinux-avc_audit-log-curr_ip.patch b/3.14.34/4465_selinux-avc_audit-log-curr_ip.patch
989 similarity index 100%
990 rename from 3.14.33/4465_selinux-avc_audit-log-curr_ip.patch
991 rename to 3.14.34/4465_selinux-avc_audit-log-curr_ip.patch
992
993 diff --git a/3.14.33/4470_disable-compat_vdso.patch b/3.14.34/4470_disable-compat_vdso.patch
994 similarity index 100%
995 rename from 3.14.33/4470_disable-compat_vdso.patch
996 rename to 3.14.34/4470_disable-compat_vdso.patch
997
998 diff --git a/3.18.7/4475_emutramp_default_on.patch b/3.14.34/4475_emutramp_default_on.patch
999 similarity index 100%
1000 rename from 3.18.7/4475_emutramp_default_on.patch
1001 rename to 3.14.34/4475_emutramp_default_on.patch
1002
1003 diff --git a/3.18.7/0000_README b/3.18.8/0000_README
1004 similarity index 96%
1005 rename from 3.18.7/0000_README
1006 rename to 3.18.8/0000_README
1007 index 366e930..eca6688 100644
1008 --- a/3.18.7/0000_README
1009 +++ b/3.18.8/0000_README
1010 @@ -2,7 +2,7 @@ README
1011 -----------------------------------------------------------------------------
1012 Individual Patch Descriptions:
1013 -----------------------------------------------------------------------------
1014 -Patch: 4420_grsecurity-3.1-3.18.7-201502222138.patch
1015 +Patch: 4420_grsecurity-3.1-3.18.8-201502271843.patch
1016 From: http://www.grsecurity.net
1017 Desc: hardened-sources base patch from upstream grsecurity
1018
1019
1020 diff --git a/3.18.7/4420_grsecurity-3.1-3.18.7-201502222138.patch b/3.18.8/4420_grsecurity-3.1-3.18.8-201502271843.patch
1021 similarity index 99%
1022 rename from 3.18.7/4420_grsecurity-3.1-3.18.7-201502222138.patch
1023 rename to 3.18.8/4420_grsecurity-3.1-3.18.8-201502271843.patch
1024 index 1db1bc3..70b99d6 100644
1025 --- a/3.18.7/4420_grsecurity-3.1-3.18.7-201502222138.patch
1026 +++ b/3.18.8/4420_grsecurity-3.1-3.18.8-201502271843.patch
1027 @@ -370,7 +370,7 @@ index f4c71d4..66811b1 100644
1028
1029 pcd. [PARIDE]
1030 diff --git a/Makefile b/Makefile
1031 -index 0efae22..380e711 100644
1032 +index 0b3f8a1..2b1f2b6 100644
1033 --- a/Makefile
1034 +++ b/Makefile
1035 @@ -298,7 +298,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \
1036 @@ -21646,10 +21646,22 @@ index 36a8361..e7058c2 100644
1037 };
1038
1039 diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c
1040 -index c6826d1..ad18e14a 100644
1041 +index c6826d1..8dc677e 100644
1042 --- a/arch/x86/kernel/cpu/microcode/intel.c
1043 +++ b/arch/x86/kernel/cpu/microcode/intel.c
1044 -@@ -293,13 +293,13 @@ static enum ucode_state request_microcode_fw(int cpu, struct device *device,
1045 +@@ -196,6 +196,11 @@ static enum ucode_state generic_load_microcode(int cpu, void *data, size_t size,
1046 + struct microcode_header_intel mc_header;
1047 + unsigned int mc_size;
1048 +
1049 ++ if (leftover < sizeof(mc_header)) {
1050 ++ pr_err("error! Truncated header in microcode data file\n");
1051 ++ break;
1052 ++ }
1053 ++
1054 + if (get_ucode_data(&mc_header, ucode_ptr, sizeof(mc_header)))
1055 + break;
1056 +
1057 +@@ -293,13 +298,13 @@ static enum ucode_state request_microcode_fw(int cpu, struct device *device,
1058
1059 static int get_ucode_user(void *to, const void *from, size_t n)
1060 {
1061 @@ -21665,6 +21677,23 @@ index c6826d1..ad18e14a 100644
1062 }
1063
1064 static void microcode_fini_cpu(int cpu)
1065 +diff --git a/arch/x86/kernel/cpu/microcode/intel_early.c b/arch/x86/kernel/cpu/microcode/intel_early.c
1066 +index ec9df6f..420eb93 100644
1067 +--- a/arch/x86/kernel/cpu/microcode/intel_early.c
1068 ++++ b/arch/x86/kernel/cpu/microcode/intel_early.c
1069 +@@ -321,7 +321,11 @@ get_matching_model_microcode(int cpu, unsigned long start,
1070 + unsigned int mc_saved_count = mc_saved_data->mc_saved_count;
1071 + int i;
1072 +
1073 +- while (leftover) {
1074 ++ while (leftover && mc_saved_count < ARRAY_SIZE(mc_saved_tmp)) {
1075 ++
1076 ++ if (leftover < sizeof(mc_header))
1077 ++ break;
1078 ++
1079 + mc_header = (struct microcode_header_intel *)ucode_ptr;
1080 +
1081 + mc_size = get_totalsize(mc_header);
1082 diff --git a/arch/x86/kernel/cpu/mtrr/main.c b/arch/x86/kernel/cpu/mtrr/main.c
1083 index ea5f363..cb0e905 100644
1084 --- a/arch/x86/kernel/cpu/mtrr/main.c
1085 @@ -48414,42 +48443,6 @@ index 2f48f79..8ae1a1a 100644
1086
1087 spinlock_t request_lock;
1088 struct list_head req_list;
1089 -diff --git a/drivers/net/hyperv/netvsc.c b/drivers/net/hyperv/netvsc.c
1090 -index 7d76c95..63d7a64 100644
1091 ---- a/drivers/net/hyperv/netvsc.c
1092 -+++ b/drivers/net/hyperv/netvsc.c
1093 -@@ -716,7 +716,7 @@ int netvsc_send(struct hv_device *device,
1094 - u64 req_id;
1095 - unsigned int section_index = NETVSC_INVALID_INDEX;
1096 - u32 msg_size = 0;
1097 -- struct sk_buff *skb;
1098 -+ struct sk_buff *skb = NULL;
1099 - u16 q_idx = packet->q_idx;
1100 -
1101 -
1102 -@@ -743,8 +743,6 @@ int netvsc_send(struct hv_device *device,
1103 - packet);
1104 - skb = (struct sk_buff *)
1105 - (unsigned long)packet->send_completion_tid;
1106 -- if (skb)
1107 -- dev_kfree_skb_any(skb);
1108 - packet->page_buf_cnt = 0;
1109 - }
1110 - }
1111 -@@ -807,6 +805,13 @@ int netvsc_send(struct hv_device *device,
1112 - packet, ret);
1113 - }
1114 -
1115 -+ if (ret != 0) {
1116 -+ if (section_index != NETVSC_INVALID_INDEX)
1117 -+ netvsc_free_send_slot(net_device, section_index);
1118 -+ } else if (skb) {
1119 -+ dev_kfree_skb_any(skb);
1120 -+ }
1121 -+
1122 - return ret;
1123 - }
1124 -
1125 diff --git a/drivers/net/hyperv/rndis_filter.c b/drivers/net/hyperv/rndis_filter.c
1126 index 2b86f0b..ecc996f 100644
1127 --- a/drivers/net/hyperv/rndis_filter.c
1128 @@ -48587,19 +48580,6 @@ index 34924df..a747360 100644
1129 .kind = "nlmon",
1130 .priv_size = sizeof(struct nlmon),
1131 .setup = nlmon_setup,
1132 -diff --git a/drivers/net/ppp/ppp_deflate.c b/drivers/net/ppp/ppp_deflate.c
1133 -index 602c625..b5edc7f 100644
1134 ---- a/drivers/net/ppp/ppp_deflate.c
1135 -+++ b/drivers/net/ppp/ppp_deflate.c
1136 -@@ -246,7 +246,7 @@ static int z_compress(void *arg, unsigned char *rptr, unsigned char *obuf,
1137 - /*
1138 - * See if we managed to reduce the size of the packet.
1139 - */
1140 -- if (olen < isize) {
1141 -+ if (olen < isize && olen <= osize) {
1142 - state->stats.comp_bytes += olen;
1143 - state->stats.comp_packets++;
1144 - } else {
1145 diff --git a/drivers/net/ppp/ppp_generic.c b/drivers/net/ppp/ppp_generic.c
1146 index 794a473..9fd437b 100644
1147 --- a/drivers/net/ppp/ppp_generic.c
1148 @@ -58395,6 +58375,32 @@ index 6530ced..4a827e2 100644
1149 if (limit != RLIM_INFINITY && offset > limit)
1150 goto out_sig;
1151 if (offset > inode->i_sb->s_maxbytes)
1152 +diff --git a/fs/autofs4/dev-ioctl.c b/fs/autofs4/dev-ioctl.c
1153 +index aaf96cb..ac7d921 100644
1154 +--- a/fs/autofs4/dev-ioctl.c
1155 ++++ b/fs/autofs4/dev-ioctl.c
1156 +@@ -95,7 +95,7 @@ static int check_dev_ioctl_version(int cmd, struct autofs_dev_ioctl *param)
1157 + */
1158 + static struct autofs_dev_ioctl *copy_dev_ioctl(struct autofs_dev_ioctl __user *in)
1159 + {
1160 +- struct autofs_dev_ioctl tmp;
1161 ++ struct autofs_dev_ioctl tmp, *res;
1162 +
1163 + if (copy_from_user(&tmp, in, sizeof(tmp)))
1164 + return ERR_PTR(-EFAULT);
1165 +@@ -106,7 +106,11 @@ static struct autofs_dev_ioctl *copy_dev_ioctl(struct autofs_dev_ioctl __user *i
1166 + if (tmp.size > (PATH_MAX + sizeof(tmp)))
1167 + return ERR_PTR(-ENAMETOOLONG);
1168 +
1169 +- return memdup_user(in, tmp.size);
1170 ++ res = memdup_user(in, tmp.size);
1171 ++ if (!IS_ERR(res))
1172 ++ res->size = tmp.size;
1173 ++
1174 ++ return res;
1175 + }
1176 +
1177 + static inline void free_dev_ioctl(struct autofs_dev_ioctl *param)
1178 diff --git a/fs/autofs4/waitq.c b/fs/autofs4/waitq.c
1179 index 116fd38..c04182da 100644
1180 --- a/fs/autofs4/waitq.c
1181 @@ -60908,10 +60914,30 @@ index 03dca3c..15f326d 100644
1182 dcache_init();
1183 inode_init();
1184 diff --git a/fs/debugfs/inode.c b/fs/debugfs/inode.c
1185 -index 05f2960..b012481 100644
1186 +index 05f2960..780f4f8 100644
1187 --- a/fs/debugfs/inode.c
1188 +++ b/fs/debugfs/inode.c
1189 -@@ -416,7 +416,11 @@ EXPORT_SYMBOL_GPL(debugfs_create_file);
1190 +@@ -246,10 +246,19 @@ static int debugfs_show_options(struct seq_file *m, struct dentry *root)
1191 + return 0;
1192 + }
1193 +
1194 ++static void debugfs_evict_inode(struct inode *inode)
1195 ++{
1196 ++ truncate_inode_pages_final(&inode->i_data);
1197 ++ clear_inode(inode);
1198 ++ if (S_ISLNK(inode->i_mode))
1199 ++ kfree(inode->i_private);
1200 ++}
1201 ++
1202 + static const struct super_operations debugfs_super_operations = {
1203 + .statfs = simple_statfs,
1204 + .remount_fs = debugfs_remount,
1205 + .show_options = debugfs_show_options,
1206 ++ .evict_inode = debugfs_evict_inode,
1207 + };
1208 +
1209 + static int debug_fill_super(struct super_block *sb, void *data, int silent)
1210 +@@ -416,7 +425,11 @@ EXPORT_SYMBOL_GPL(debugfs_create_file);
1211 */
1212 struct dentry *debugfs_create_dir(const char *name, struct dentry *parent)
1213 {
1214 @@ -60923,6 +60949,38 @@ index 05f2960..b012481 100644
1215 parent, NULL, NULL);
1216 }
1217 EXPORT_SYMBOL_GPL(debugfs_create_dir);
1218 +@@ -466,23 +479,14 @@ static int __debugfs_remove(struct dentry *dentry, struct dentry *parent)
1219 + int ret = 0;
1220 +
1221 + if (debugfs_positive(dentry)) {
1222 +- if (dentry->d_inode) {
1223 +- dget(dentry);
1224 +- switch (dentry->d_inode->i_mode & S_IFMT) {
1225 +- case S_IFDIR:
1226 +- ret = simple_rmdir(parent->d_inode, dentry);
1227 +- break;
1228 +- case S_IFLNK:
1229 +- kfree(dentry->d_inode->i_private);
1230 +- /* fall through */
1231 +- default:
1232 +- simple_unlink(parent->d_inode, dentry);
1233 +- break;
1234 +- }
1235 +- if (!ret)
1236 +- d_delete(dentry);
1237 +- dput(dentry);
1238 +- }
1239 ++ dget(dentry);
1240 ++ if (S_ISDIR(dentry->d_inode->i_mode))
1241 ++ ret = simple_rmdir(parent->d_inode, dentry);
1242 ++ else
1243 ++ simple_unlink(parent->d_inode, dentry);
1244 ++ if (!ret)
1245 ++ d_delete(dentry);
1246 ++ dput(dentry);
1247 + }
1248 + return ret;
1249 + }
1250 diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c
1251 index 1686dc2..9611c50 100644
1252 --- a/fs/ecryptfs/inode.c
1253 @@ -60950,7 +61008,7 @@ index e4141f2..d8263e8 100644
1254 i += packet_length_size;
1255 if (copy_to_user(&buf[i], msg_ctx->msg, msg_ctx->msg_size))
1256 diff --git a/fs/exec.c b/fs/exec.c
1257 -index 7302b75..b917171 100644
1258 +index 7302b75..44eb2f8 100644
1259 --- a/fs/exec.c
1260 +++ b/fs/exec.c
1261 @@ -56,8 +56,20 @@
1262 @@ -61695,7 +61753,7 @@ index 7302b75..b917171 100644
1263 + const char *type;
1264 +#endif
1265 +
1266 -+#ifndef CONFIG_STACK_GROWSUP
1267 ++#if !defined(CONFIG_STACK_GROWSUP) && !defined(CONFIG_X86_64)
1268 + unsigned long stackstart = (unsigned long)task_stack_page(current);
1269 + unsigned long currentsp = (unsigned long)&stackstart;
1270 + if (unlikely((currentsp < stackstart + 512 ||
1271 @@ -62072,7 +62130,7 @@ index 8313ca3..8a37d08 100644
1272 "MMP failure info: last update time: %llu, last update "
1273 "node: %s, last update device: %s\n",
1274 diff --git a/fs/ext4/super.c b/fs/ext4/super.c
1275 -index 2c9e686..6a40edc 100644
1276 +index fc7391e..1927b04 100644
1277 --- a/fs/ext4/super.c
1278 +++ b/fs/ext4/super.c
1279 @@ -1254,7 +1254,7 @@ static ext4_fsblk_t get_sb_block(void **data)
1280 @@ -83000,6 +83058,19 @@ index 13eed92..3261c86 100644
1281
1282 void gic_init_bases(unsigned int, int, void __iomem *, void __iomem *,
1283 u32 offset, struct device_node *);
1284 +diff --git a/include/linux/irqdesc.h b/include/linux/irqdesc.h
1285 +index faf433a..7dcb186 100644
1286 +--- a/include/linux/irqdesc.h
1287 ++++ b/include/linux/irqdesc.h
1288 +@@ -61,7 +61,7 @@ struct irq_desc {
1289 + unsigned int irq_count; /* For detecting broken IRQs */
1290 + unsigned long last_unhandled; /* Aging timer for unhandled count */
1291 + unsigned int irqs_unhandled;
1292 +- atomic_t threads_handled;
1293 ++ atomic_unchecked_t threads_handled;
1294 + int threads_handled_last;
1295 + raw_spinlock_t lock;
1296 + struct cpumask *percpu_enabled;
1297 diff --git a/include/linux/jiffies.h b/include/linux/jiffies.h
1298 index c367cbd..c9b79e6 100644
1299 --- a/include/linux/jiffies.h
1300 @@ -86445,28 +86516,10 @@ index 80479ab..0c3f647 100644
1301 struct rcu_head rcu;
1302 struct inet_peer *gc_next;
1303 diff --git a/include/net/ip.h b/include/net/ip.h
1304 -index 0bb6207..1f38247 100644
1305 +index 09cf5ae..ab62fcf 100644
1306 --- a/include/net/ip.h
1307 +++ b/include/net/ip.h
1308 -@@ -39,11 +39,12 @@ struct inet_skb_parm {
1309 - struct ip_options opt; /* Compiled IP options */
1310 - unsigned char flags;
1311 -
1312 --#define IPSKB_FORWARDED 1
1313 --#define IPSKB_XFRM_TUNNEL_SIZE 2
1314 --#define IPSKB_XFRM_TRANSFORMED 4
1315 --#define IPSKB_FRAG_COMPLETE 8
1316 --#define IPSKB_REROUTED 16
1317 -+#define IPSKB_FORWARDED BIT(0)
1318 -+#define IPSKB_XFRM_TUNNEL_SIZE BIT(1)
1319 -+#define IPSKB_XFRM_TRANSFORMED BIT(2)
1320 -+#define IPSKB_FRAG_COMPLETE BIT(3)
1321 -+#define IPSKB_REROUTED BIT(4)
1322 -+#define IPSKB_DOREDIRECT BIT(5)
1323 -
1324 - u16 frag_max_size;
1325 - };
1326 -@@ -316,7 +317,7 @@ static inline unsigned int ip_skb_dst_mtu(const struct sk_buff *skb)
1327 +@@ -317,7 +317,7 @@ static inline unsigned int ip_skb_dst_mtu(const struct sk_buff *skb)
1328 }
1329 }
1330
1331 @@ -86779,10 +86832,10 @@ index 29d6a94..235d3d84 100644
1332 };
1333
1334 diff --git a/include/net/netns/ipv4.h b/include/net/netns/ipv4.h
1335 -index 24945ce..f19e42f 100644
1336 +index 0ffef1a..2ce1ceb 100644
1337 --- a/include/net/netns/ipv4.h
1338 +++ b/include/net/netns/ipv4.h
1339 -@@ -83,7 +83,7 @@ struct netns_ipv4 {
1340 +@@ -84,7 +84,7 @@ struct netns_ipv4 {
1341
1342 struct ping_group_range ping_group_range;
1343
1344 @@ -86791,7 +86844,7 @@ index 24945ce..f19e42f 100644
1345
1346 #ifdef CONFIG_SYSCTL
1347 unsigned long *sysctl_local_reserved_ports;
1348 -@@ -97,6 +97,6 @@ struct netns_ipv4 {
1349 +@@ -98,6 +98,6 @@ struct netns_ipv4 {
1350 struct fib_rules_ops *mr_rules_ops;
1351 #endif
1352 #endif
1353 @@ -89732,6 +89785,32 @@ index b358a80..fc25240 100644
1354 gcov_info_unlink(prev, info);
1355 if (gcov_events_enabled)
1356 gcov_event(GCOV_REMOVE, info);
1357 +diff --git a/kernel/irq/manage.c b/kernel/irq/manage.c
1358 +index 0a9104b..fc260e4 100644
1359 +--- a/kernel/irq/manage.c
1360 ++++ b/kernel/irq/manage.c
1361 +@@ -869,7 +869,7 @@ static int irq_thread(void *data)
1362 +
1363 + action_ret = handler_fn(desc, action);
1364 + if (action_ret == IRQ_HANDLED)
1365 +- atomic_inc(&desc->threads_handled);
1366 ++ atomic_inc_unchecked(&desc->threads_handled);
1367 +
1368 + wake_threads_waitq(desc);
1369 + }
1370 +diff --git a/kernel/irq/spurious.c b/kernel/irq/spurious.c
1371 +index e2514b0..de3dfe0 100644
1372 +--- a/kernel/irq/spurious.c
1373 ++++ b/kernel/irq/spurious.c
1374 +@@ -337,7 +337,7 @@ void note_interrupt(unsigned int irq, struct irq_desc *desc,
1375 + * count. We just care about the count being
1376 + * different than the one we saw before.
1377 + */
1378 +- handled = atomic_read(&desc->threads_handled);
1379 ++ handled = atomic_read_unchecked(&desc->threads_handled);
1380 + handled |= SPURIOUS_DEFERRED;
1381 + if (handled != desc->threads_handled_last) {
1382 + action_ret = IRQ_HANDLED;
1383 diff --git a/kernel/jump_label.c b/kernel/jump_label.c
1384 index 9019f15..9a3c42e 100644
1385 --- a/kernel/jump_label.c
1386 @@ -101597,7 +101676,7 @@ index fdbc9a8..cd6972c 100644
1387
1388 return err;
1389 diff --git a/net/core/dev.c b/net/core/dev.c
1390 -index 8440968..e14d2b7 100644
1391 +index 9704a5c..1f363d0d 100644
1392 --- a/net/core/dev.c
1393 +++ b/net/core/dev.c
1394 @@ -1683,14 +1683,14 @@ int __dev_forward_skb(struct net_device *dev, struct sk_buff *skb)
1395 @@ -101978,7 +102057,7 @@ index 443256b..bbff424 100644
1396 pr_warn("cannot create /proc/net/%s\n", PG_PROC_DIR);
1397 return -ENODEV;
1398 diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
1399 -index 76321ea..3129bd6 100644
1400 +index ca82629..66264f7 100644
1401 --- a/net/core/rtnetlink.c
1402 +++ b/net/core/rtnetlink.c
1403 @@ -58,7 +58,7 @@ struct rtnl_link {
1404 @@ -102655,20 +102734,6 @@ index 241afd7..31b95d5 100644
1405 p->metrics[RTAX_LOCK-1] = INETPEER_METRICS_NEW;
1406 p->rate_tokens = 0;
1407 /* 60*HZ is arbitrary, but chosen enough high so that the first
1408 -diff --git a/net/ipv4/ip_forward.c b/net/ipv4/ip_forward.c
1409 -index 3a83ce5..787b3c2 100644
1410 ---- a/net/ipv4/ip_forward.c
1411 -+++ b/net/ipv4/ip_forward.c
1412 -@@ -129,7 +129,8 @@ int ip_forward(struct sk_buff *skb)
1413 - * We now generate an ICMP HOST REDIRECT giving the route
1414 - * we calculated.
1415 - */
1416 -- if (rt->rt_flags&RTCF_DOREDIRECT && !opt->srr && !skb_sec_path(skb))
1417 -+ if (IPCB(skb)->flags & IPSKB_DOREDIRECT && !opt->srr &&
1418 -+ !skb_sec_path(skb))
1419 - ip_rt_send_redirect(skb);
1420 -
1421 - skb->priority = rt_tos2priority(iph->tos);
1422 diff --git a/net/ipv4/ip_fragment.c b/net/ipv4/ip_fragment.c
1423 index 2811cc1..ad5a534 100644
1424 --- a/net/ipv4/ip_fragment.c
1425 @@ -102776,42 +102841,11 @@ index 3d4da2c..40f9c29 100644
1426 icmp_send(skb, ICMP_DEST_UNREACH,
1427 ICMP_PROT_UNREACH, 0);
1428 }
1429 -diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c
1430 -index bc6471d..c5e8a0c 100644
1431 ---- a/net/ipv4/ip_output.c
1432 -+++ b/net/ipv4/ip_output.c
1433 -@@ -1517,6 +1517,7 @@ static DEFINE_PER_CPU(struct inet_sock, unicast_sock) = {
1434 - .sk_wmem_alloc = ATOMIC_INIT(1),
1435 - .sk_allocation = GFP_ATOMIC,
1436 - .sk_flags = (1UL << SOCK_USE_WRITE_QUEUE),
1437 -+ .sk_pacing_rate = ~0U,
1438 - },
1439 - .pmtudisc = IP_PMTUDISC_WANT,
1440 - .uc_ttl = -1,
1441 diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c
1442 -index 9daf217..373d454 100644
1443 +index 046fce0..4b28126 100644
1444 --- a/net/ipv4/ip_sockglue.c
1445 +++ b/net/ipv4/ip_sockglue.c
1446 -@@ -443,15 +443,12 @@ int ip_recv_error(struct sock *sk, struct msghdr *msg, int len, int *addr_len)
1447 -
1448 - memcpy(&errhdr.ee, &serr->ee, sizeof(struct sock_extended_err));
1449 - sin = &errhdr.offender;
1450 -- sin->sin_family = AF_UNSPEC;
1451 -+ memset(sin, 0, sizeof(*sin));
1452 -+
1453 - if (serr->ee.ee_origin == SO_EE_ORIGIN_ICMP) {
1454 -- struct inet_sock *inet = inet_sk(sk);
1455 --
1456 - sin->sin_family = AF_INET;
1457 - sin->sin_addr.s_addr = ip_hdr(skb)->saddr;
1458 -- sin->sin_port = 0;
1459 -- memset(&sin->sin_zero, 0, sizeof(sin->sin_zero));
1460 -- if (inet->cmsg_flags)
1461 -+ if (inet_sk(sk)->cmsg_flags)
1462 - ip_cmsg_recv(msg, skb);
1463 - }
1464 -
1465 -@@ -1177,7 +1174,8 @@ static int do_ip_getsockopt(struct sock *sk, int level, int optname,
1466 +@@ -1173,7 +1173,8 @@ static int do_ip_getsockopt(struct sock *sk, int level, int optname,
1467 len = min_t(unsigned int, len, opt->optlen);
1468 if (put_user(len, optlen))
1469 return -EFAULT;
1470 @@ -102821,7 +102855,7 @@ index 9daf217..373d454 100644
1471 return -EFAULT;
1472 return 0;
1473 }
1474 -@@ -1308,7 +1306,7 @@ static int do_ip_getsockopt(struct sock *sk, int level, int optname,
1475 +@@ -1304,7 +1305,7 @@ static int do_ip_getsockopt(struct sock *sk, int level, int optname,
1476 if (sk->sk_type != SOCK_STREAM)
1477 return -ENOPROTOOPT;
1478
1479 @@ -103017,7 +103051,7 @@ index e90f83a..3e6acca 100644
1480 pr_err("Unable to proc dir entry\n");
1481 return -ENOMEM;
1482 diff --git a/net/ipv4/ping.c b/net/ipv4/ping.c
1483 -index 5d740cc..22c8e65 100644
1484 +index 5638b17..22c8e65 100644
1485 --- a/net/ipv4/ping.c
1486 +++ b/net/ipv4/ping.c
1487 @@ -59,7 +59,7 @@ struct ping_table {
1488 @@ -103069,20 +103103,7 @@ index 5d740cc..22c8e65 100644
1489 else if (skb->protocol == htons(ETH_P_IP) && isk->cmsg_flags)
1490 ip_cmsg_recv(msg, skb);
1491 #endif
1492 -@@ -965,8 +965,11 @@ void ping_rcv(struct sk_buff *skb)
1493 -
1494 - sk = ping_lookup(net, skb, ntohs(icmph->un.echo.id));
1495 - if (sk != NULL) {
1496 -+ struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC);
1497 -+
1498 - pr_debug("rcv on socket %p\n", sk);
1499 -- ping_queue_rcv_skb(sk, skb_get(skb));
1500 -+ if (skb2)
1501 -+ ping_queue_rcv_skb(sk, skb2);
1502 - sock_put(sk);
1503 - return;
1504 - }
1505 -@@ -1105,7 +1108,7 @@ static void ping_v4_format_sock(struct sock *sp, struct seq_file *f,
1506 +@@ -1108,7 +1108,7 @@ static void ping_v4_format_sock(struct sock *sp, struct seq_file *f,
1507 from_kuid_munged(seq_user_ns(f), sock_i_uid(sp)),
1508 0, sock_i_ino(sp),
1509 atomic_read(&sp->sk_refcnt), sp,
1510 @@ -103147,7 +103168,7 @@ index 739db31..74f0210 100644
1511
1512 static int raw_seq_show(struct seq_file *seq, void *v)
1513 diff --git a/net/ipv4/route.c b/net/ipv4/route.c
1514 -index 6a2155b..47de388 100644
1515 +index d58dd0e..47de388 100644
1516 --- a/net/ipv4/route.c
1517 +++ b/net/ipv4/route.c
1518 @@ -228,7 +228,7 @@ static const struct seq_operations rt_cache_seq_ops = {
1519 @@ -103200,31 +103221,7 @@ index 6a2155b..47de388 100644
1520 }
1521 EXPORT_SYMBOL(ip_idents_reserve);
1522
1523 -@@ -1554,11 +1554,10 @@ static int __mkroute_input(struct sk_buff *skb,
1524 -
1525 - do_cache = res->fi && !itag;
1526 - if (out_dev == in_dev && err && IN_DEV_TX_REDIRECTS(out_dev) &&
1527 -+ skb->protocol == htons(ETH_P_IP) &&
1528 - (IN_DEV_SHARED_MEDIA(out_dev) ||
1529 -- inet_addr_onlink(out_dev, saddr, FIB_RES_GW(*res)))) {
1530 -- flags |= RTCF_DOREDIRECT;
1531 -- do_cache = false;
1532 -- }
1533 -+ inet_addr_onlink(out_dev, saddr, FIB_RES_GW(*res))))
1534 -+ IPCB(skb)->flags |= IPSKB_DOREDIRECT;
1535 -
1536 - if (skb->protocol != htons(ETH_P_IP)) {
1537 - /* Not IP (i.e. ARP). Do not create route, if it is
1538 -@@ -2303,6 +2302,8 @@ static int rt_fill_info(struct net *net, __be32 dst, __be32 src,
1539 - r->rtm_flags = (rt->rt_flags & ~0xFFFF) | RTM_F_CLONED;
1540 - if (rt->rt_flags & RTCF_NOTIFY)
1541 - r->rtm_flags |= RTM_F_NOTIFY;
1542 -+ if (IPCB(skb)->flags & IPSKB_DOREDIRECT)
1543 -+ r->rtm_flags |= RTCF_DOREDIRECT;
1544 -
1545 - if (nla_put_be32(skb, RTA_DST, dst))
1546 - goto nla_put_failure;
1547 -@@ -2624,34 +2625,34 @@ static struct ctl_table ipv4_route_flush_table[] = {
1548 +@@ -2625,34 +2625,34 @@ static struct ctl_table ipv4_route_flush_table[] = {
1549 .maxlen = sizeof(int),
1550 .mode = 0200,
1551 .proc_handler = ipv4_sysctl_rtcache_flush,
1552 @@ -103267,7 +103264,7 @@ index 6a2155b..47de388 100644
1553 err_dup:
1554 return -ENOMEM;
1555 }
1556 -@@ -2674,8 +2675,8 @@ static __net_initdata struct pernet_operations sysctl_route_ops = {
1557 +@@ -2675,8 +2675,8 @@ static __net_initdata struct pernet_operations sysctl_route_ops = {
1558
1559 static __net_init int rt_genid_init(struct net *net)
1560 {
1561 @@ -103278,7 +103275,7 @@ index 6a2155b..47de388 100644
1562 get_random_bytes(&net->ipv4.dev_addr_genid,
1563 sizeof(net->ipv4.dev_addr_genid));
1564 return 0;
1565 -@@ -2718,11 +2719,7 @@ int __init ip_rt_init(void)
1566 +@@ -2719,11 +2719,7 @@ int __init ip_rt_init(void)
1567 {
1568 int rc = 0;
1569
1570 @@ -103425,7 +103422,7 @@ index d107ee2..bcebf11 100644
1571 if (icsk->icsk_af_ops->conn_request(sk, skb) < 0)
1572 return 1;
1573 diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
1574 -index ef7089c..a3e65fb 100644
1575 +index 944ce5e..5b83585 100644
1576 --- a/net/ipv4/tcp_ipv4.c
1577 +++ b/net/ipv4/tcp_ipv4.c
1578 @@ -89,6 +89,10 @@ int sysctl_tcp_tw_reuse __read_mostly;
1579 @@ -103439,7 +103436,7 @@ index ef7089c..a3e65fb 100644
1580 #ifdef CONFIG_TCP_MD5SIG
1581 static int tcp_v4_md5_hash_hdr(char *md5_hash, const struct tcp_md5sig_key *key,
1582 __be32 daddr, __be32 saddr, const struct tcphdr *th);
1583 -@@ -1469,6 +1473,9 @@ int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb)
1584 +@@ -1471,6 +1475,9 @@ int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb)
1585 return 0;
1586
1587 reset:
1588 @@ -103449,7 +103446,7 @@ index ef7089c..a3e65fb 100644
1589 tcp_v4_send_reset(rsk, skb);
1590 discard:
1591 kfree_skb(skb);
1592 -@@ -1633,12 +1640,19 @@ int tcp_v4_rcv(struct sk_buff *skb)
1593 +@@ -1635,12 +1642,19 @@ int tcp_v4_rcv(struct sk_buff *skb)
1594 TCP_SKB_CB(skb)->sacked = 0;
1595
1596 sk = __inet_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest);
1597 @@ -103472,7 +103469,7 @@ index ef7089c..a3e65fb 100644
1598
1599 if (unlikely(iph->ttl < inet_sk(sk)->min_ttl)) {
1600 NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
1601 -@@ -1694,6 +1708,10 @@ csum_error:
1602 +@@ -1696,6 +1710,10 @@ csum_error:
1603 bad_packet:
1604 TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
1605 } else {
1606 @@ -103869,38 +103866,10 @@ index e8c4400..a4cd5da 100644
1607 err = ipv6_init_mibs(net);
1608 if (err)
1609 diff --git a/net/ipv6/datagram.c b/net/ipv6/datagram.c
1610 -index 2cdc383..4f1b785 100644
1611 +index 11e3945..4f1b785 100644
1612 --- a/net/ipv6/datagram.c
1613 +++ b/net/ipv6/datagram.c
1614 -@@ -383,11 +383,10 @@ int ipv6_recv_error(struct sock *sk, struct msghdr *msg, int len, int *addr_len)
1615 -
1616 - memcpy(&errhdr.ee, &serr->ee, sizeof(struct sock_extended_err));
1617 - sin = &errhdr.offender;
1618 -- sin->sin6_family = AF_UNSPEC;
1619 -+ memset(sin, 0, sizeof(*sin));
1620 -+
1621 - if (serr->ee.ee_origin != SO_EE_ORIGIN_LOCAL) {
1622 - sin->sin6_family = AF_INET6;
1623 -- sin->sin6_flowinfo = 0;
1624 -- sin->sin6_port = 0;
1625 - if (np->rxopt.all)
1626 - ip6_datagram_recv_common_ctl(sk, msg, skb);
1627 - if (skb->protocol == htons(ETH_P_IPV6)) {
1628 -@@ -398,12 +397,9 @@ int ipv6_recv_error(struct sock *sk, struct msghdr *msg, int len, int *addr_len)
1629 - ipv6_iface_scope_id(&sin->sin6_addr,
1630 - IP6CB(skb)->iif);
1631 - } else {
1632 -- struct inet_sock *inet = inet_sk(sk);
1633 --
1634 - ipv6_addr_set_v4mapped(ip_hdr(skb)->saddr,
1635 - &sin->sin6_addr);
1636 -- sin->sin6_scope_id = 0;
1637 -- if (inet->cmsg_flags)
1638 -+ if (inet_sk(sk)->cmsg_flags)
1639 - ip_cmsg_recv(msg, skb);
1640 - }
1641 - }
1642 -@@ -928,5 +924,5 @@ void ip6_dgram_sock_seq_show(struct seq_file *seq, struct sock *sp,
1643 +@@ -924,5 +924,5 @@ void ip6_dgram_sock_seq_show(struct seq_file *seq, struct sock *sp,
1644 0,
1645 sock_i_ino(sp),
1646 atomic_read(&sp->sk_refcnt), sp,
1647 @@ -103921,7 +103890,7 @@ index 97ae700..18dcae0 100644
1648 table = kmemdup(ipv6_icmp_table_template,
1649 sizeof(ipv6_icmp_table_template),
1650 diff --git a/net/ipv6/ip6_fib.c b/net/ipv6/ip6_fib.c
1651 -index b2d1838..0194c04 100644
1652 +index f1c6d5e..faabef6 100644
1653 --- a/net/ipv6/ip6_fib.c
1654 +++ b/net/ipv6/ip6_fib.c
1655 @@ -99,9 +99,9 @@ static int fib6_new_sernum(struct net *net)
1656 @@ -104335,25 +104304,10 @@ index 1a157ca..9fc05f4 100644
1657 return -ENOMEM;
1658 }
1659 diff --git a/net/ipv6/route.c b/net/ipv6/route.c
1660 -index a318dd89..42a612c 100644
1661 +index d02ee01..42a612c 100644
1662 --- a/net/ipv6/route.c
1663 +++ b/net/ipv6/route.c
1664 -@@ -1150,12 +1150,9 @@ static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
1665 - struct net *net = dev_net(dst->dev);
1666 -
1667 - rt6->rt6i_flags |= RTF_MODIFIED;
1668 -- if (mtu < IPV6_MIN_MTU) {
1669 -- u32 features = dst_metric(dst, RTAX_FEATURES);
1670 -+ if (mtu < IPV6_MIN_MTU)
1671 - mtu = IPV6_MIN_MTU;
1672 -- features |= RTAX_FEATURE_ALLFRAG;
1673 -- dst_metric_set(dst, RTAX_FEATURES, features);
1674 -- }
1675 -+
1676 - dst_metric_set(dst, RTAX_MTU, mtu);
1677 - rt6_update_expires(rt6, net->ipv6.sysctl.ip6_rt_mtu_expires);
1678 - }
1679 -@@ -2965,7 +2962,7 @@ struct ctl_table ipv6_route_table_template[] = {
1680 +@@ -2962,7 +2962,7 @@ struct ctl_table ipv6_route_table_template[] = {
1681
1682 struct ctl_table * __net_init ipv6_route_sysctl_init(struct net *net)
1683 {
1684 @@ -104845,6 +104799,43 @@ index 1a3c7e0..80f8b0c 100644
1685 if (!llc_proc_dir)
1686 goto out;
1687
1688 +diff --git a/net/llc/sysctl_net_llc.c b/net/llc/sysctl_net_llc.c
1689 +index 612a5dd..799bafc 100644
1690 +--- a/net/llc/sysctl_net_llc.c
1691 ++++ b/net/llc/sysctl_net_llc.c
1692 +@@ -18,28 +18,28 @@ static struct ctl_table llc2_timeout_table[] = {
1693 + {
1694 + .procname = "ack",
1695 + .data = &sysctl_llc2_ack_timeout,
1696 +- .maxlen = sizeof(long),
1697 ++ .maxlen = sizeof(sysctl_llc2_ack_timeout),
1698 + .mode = 0644,
1699 + .proc_handler = proc_dointvec_jiffies,
1700 + },
1701 + {
1702 + .procname = "busy",
1703 + .data = &sysctl_llc2_busy_timeout,
1704 +- .maxlen = sizeof(long),
1705 ++ .maxlen = sizeof(sysctl_llc2_busy_timeout),
1706 + .mode = 0644,
1707 + .proc_handler = proc_dointvec_jiffies,
1708 + },
1709 + {
1710 + .procname = "p",
1711 + .data = &sysctl_llc2_p_timeout,
1712 +- .maxlen = sizeof(long),
1713 ++ .maxlen = sizeof(sysctl_llc2_p_timeout),
1714 + .mode = 0644,
1715 + .proc_handler = proc_dointvec_jiffies,
1716 + },
1717 + {
1718 + .procname = "rej",
1719 + .data = &sysctl_llc2_rej_timeout,
1720 +- .maxlen = sizeof(long),
1721 ++ .maxlen = sizeof(sysctl_llc2_rej_timeout),
1722 + .mode = 0644,
1723 + .proc_handler = proc_dointvec_jiffies,
1724 + },
1725 diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c
1726 index 343da1e..509873f 100644
1727 --- a/net/mac80211/cfg.c
1728 @@ -106361,18 +106352,6 @@ index 6efca30..1259f82 100644
1729 linkwatch_fire_event(dev);
1730 }
1731 }
1732 -diff --git a/net/sctp/associola.c b/net/sctp/associola.c
1733 -index f791edd..26d06db 100644
1734 ---- a/net/sctp/associola.c
1735 -+++ b/net/sctp/associola.c
1736 -@@ -1182,7 +1182,6 @@ void sctp_assoc_update(struct sctp_association *asoc,
1737 - asoc->peer.peer_hmacs = new->peer.peer_hmacs;
1738 - new->peer.peer_hmacs = NULL;
1739 -
1740 -- sctp_auth_key_put(asoc->asoc_shared_key);
1741 - sctp_auth_asoc_init_active_key(asoc, GFP_ATOMIC);
1742 - }
1743 -
1744 diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c
1745 index 0e4198e..f94193e 100644
1746 --- a/net/sctp/ipv6.c
1747 @@ -106621,7 +106600,7 @@ index 2e9ada1..40f425d 100644
1748
1749 table = kmemdup(sctp_net_table, sizeof(sctp_net_table), GFP_KERNEL);
1750 diff --git a/net/socket.c b/net/socket.c
1751 -index fe20c31..83a0ed6 100644
1752 +index cf9ebf1..9522714 100644
1753 --- a/net/socket.c
1754 +++ b/net/socket.c
1755 @@ -89,6 +89,7 @@
1756 @@ -106659,7 +106638,7 @@ index fe20c31..83a0ed6 100644
1757
1758 static struct file_system_type sock_fs_type = {
1759 .name = "sockfs",
1760 -@@ -1263,6 +1266,8 @@ int __sock_create(struct net *net, int family, int type, int protocol,
1761 +@@ -1260,6 +1263,8 @@ int __sock_create(struct net *net, int family, int type, int protocol,
1762 return -EAFNOSUPPORT;
1763 if (type < 0 || type >= SOCK_MAX)
1764 return -EINVAL;
1765 @@ -106668,7 +106647,7 @@ index fe20c31..83a0ed6 100644
1766
1767 /* Compatibility.
1768
1769 -@@ -1283,6 +1288,20 @@ int __sock_create(struct net *net, int family, int type, int protocol,
1770 +@@ -1280,6 +1285,20 @@ int __sock_create(struct net *net, int family, int type, int protocol,
1771 if (err)
1772 return err;
1773
1774 @@ -106689,7 +106668,7 @@ index fe20c31..83a0ed6 100644
1775 /*
1776 * Allocate the socket and allow the family to set things up. if
1777 * the protocol is 0, the family is instructed to select an appropriate
1778 -@@ -1534,6 +1553,14 @@ SYSCALL_DEFINE3(bind, int, fd, struct sockaddr __user *, umyaddr, int, addrlen)
1779 +@@ -1531,6 +1550,14 @@ SYSCALL_DEFINE3(bind, int, fd, struct sockaddr __user *, umyaddr, int, addrlen)
1780 if (sock) {
1781 err = move_addr_to_kernel(umyaddr, addrlen, &address);
1782 if (err >= 0) {
1783 @@ -106704,7 +106683,7 @@ index fe20c31..83a0ed6 100644
1784 err = security_socket_bind(sock,
1785 (struct sockaddr *)&address,
1786 addrlen);
1787 -@@ -1542,6 +1569,7 @@ SYSCALL_DEFINE3(bind, int, fd, struct sockaddr __user *, umyaddr, int, addrlen)
1788 +@@ -1539,6 +1566,7 @@ SYSCALL_DEFINE3(bind, int, fd, struct sockaddr __user *, umyaddr, int, addrlen)
1789 (struct sockaddr *)
1790 &address, addrlen);
1791 }
1792 @@ -106712,7 +106691,7 @@ index fe20c31..83a0ed6 100644
1793 fput_light(sock->file, fput_needed);
1794 }
1795 return err;
1796 -@@ -1565,10 +1593,20 @@ SYSCALL_DEFINE2(listen, int, fd, int, backlog)
1797 +@@ -1562,10 +1590,20 @@ SYSCALL_DEFINE2(listen, int, fd, int, backlog)
1798 if ((unsigned int)backlog > somaxconn)
1799 backlog = somaxconn;
1800
1801 @@ -106733,7 +106712,7 @@ index fe20c31..83a0ed6 100644
1802 fput_light(sock->file, fput_needed);
1803 }
1804 return err;
1805 -@@ -1612,6 +1650,18 @@ SYSCALL_DEFINE4(accept4, int, fd, struct sockaddr __user *, upeer_sockaddr,
1806 +@@ -1609,6 +1647,18 @@ SYSCALL_DEFINE4(accept4, int, fd, struct sockaddr __user *, upeer_sockaddr,
1807 newsock->type = sock->type;
1808 newsock->ops = sock->ops;
1809
1810 @@ -106752,7 +106731,7 @@ index fe20c31..83a0ed6 100644
1811 /*
1812 * We don't need try_module_get here, as the listening socket (sock)
1813 * has the protocol module (sock->ops->owner) held.
1814 -@@ -1657,6 +1707,8 @@ SYSCALL_DEFINE4(accept4, int, fd, struct sockaddr __user *, upeer_sockaddr,
1815 +@@ -1654,6 +1704,8 @@ SYSCALL_DEFINE4(accept4, int, fd, struct sockaddr __user *, upeer_sockaddr,
1816 fd_install(newfd, newfile);
1817 err = newfd;
1818
1819 @@ -106761,7 +106740,7 @@ index fe20c31..83a0ed6 100644
1820 out_put:
1821 fput_light(sock->file, fput_needed);
1822 out:
1823 -@@ -1689,6 +1741,7 @@ SYSCALL_DEFINE3(connect, int, fd, struct sockaddr __user *, uservaddr,
1824 +@@ -1686,6 +1738,7 @@ SYSCALL_DEFINE3(connect, int, fd, struct sockaddr __user *, uservaddr,
1825 int, addrlen)
1826 {
1827 struct socket *sock;
1828 @@ -106769,7 +106748,7 @@ index fe20c31..83a0ed6 100644
1829 struct sockaddr_storage address;
1830 int err, fput_needed;
1831
1832 -@@ -1699,6 +1752,17 @@ SYSCALL_DEFINE3(connect, int, fd, struct sockaddr __user *, uservaddr,
1833 +@@ -1696,6 +1749,17 @@ SYSCALL_DEFINE3(connect, int, fd, struct sockaddr __user *, uservaddr,
1834 if (err < 0)
1835 goto out_put;
1836
1837 @@ -106787,7 +106766,7 @@ index fe20c31..83a0ed6 100644
1838 err =
1839 security_socket_connect(sock, (struct sockaddr *)&address, addrlen);
1840 if (err)
1841 -@@ -1780,6 +1844,8 @@ SYSCALL_DEFINE3(getpeername, int, fd, struct sockaddr __user *, usockaddr,
1842 +@@ -1777,6 +1841,8 @@ SYSCALL_DEFINE3(getpeername, int, fd, struct sockaddr __user *, usockaddr,
1843 * the protocol.
1844 */
1845
1846 @@ -106796,7 +106775,7 @@ index fe20c31..83a0ed6 100644
1847 SYSCALL_DEFINE6(sendto, int, fd, void __user *, buff, size_t, len,
1848 unsigned int, flags, struct sockaddr __user *, addr,
1849 int, addr_len)
1850 -@@ -1846,7 +1912,7 @@ SYSCALL_DEFINE6(recvfrom, int, fd, void __user *, ubuf, size_t, size,
1851 +@@ -1843,7 +1909,7 @@ SYSCALL_DEFINE6(recvfrom, int, fd, void __user *, ubuf, size_t, size,
1852 struct socket *sock;
1853 struct iovec iov;
1854 struct msghdr msg;
1855 @@ -106805,7 +106784,7 @@ index fe20c31..83a0ed6 100644
1856 int err, err2;
1857 int fput_needed;
1858
1859 -@@ -2075,7 +2141,7 @@ static int ___sys_sendmsg(struct socket *sock, struct msghdr __user *msg,
1860 +@@ -2072,7 +2138,7 @@ static int ___sys_sendmsg(struct socket *sock, struct msghdr __user *msg,
1861 * checking falls down on this.
1862 */
1863 if (copy_from_user(ctl_buf,
1864 @@ -106814,7 +106793,7 @@ index fe20c31..83a0ed6 100644
1865 ctl_len))
1866 goto out_freectl;
1867 msg_sys->msg_control = ctl_buf;
1868 -@@ -2226,7 +2292,7 @@ static int ___sys_recvmsg(struct socket *sock, struct msghdr __user *msg,
1869 +@@ -2223,7 +2289,7 @@ static int ___sys_recvmsg(struct socket *sock, struct msghdr __user *msg,
1870 int err, total_len, len;
1871
1872 /* kernel mode address */
1873 @@ -106823,7 +106802,7 @@ index fe20c31..83a0ed6 100644
1874
1875 /* user mode address pointers */
1876 struct sockaddr __user *uaddr;
1877 -@@ -2255,7 +2321,7 @@ static int ___sys_recvmsg(struct socket *sock, struct msghdr __user *msg,
1878 +@@ -2252,7 +2318,7 @@ static int ___sys_recvmsg(struct socket *sock, struct msghdr __user *msg,
1879 /* Save the user-mode address (verify_iovec will change the
1880 * kernel msghdr to use the kernel address space)
1881 */
1882 @@ -106832,7 +106811,7 @@ index fe20c31..83a0ed6 100644
1883 uaddr_len = COMPAT_NAMELEN(msg);
1884 if (MSG_CMSG_COMPAT & flags)
1885 err = verify_compat_iovec(msg_sys, iov, &addr, VERIFY_WRITE);
1886 -@@ -2896,7 +2962,7 @@ static int ethtool_ioctl(struct net *net, struct compat_ifreq __user *ifr32)
1887 +@@ -2893,7 +2959,7 @@ static int ethtool_ioctl(struct net *net, struct compat_ifreq __user *ifr32)
1888 ifr = compat_alloc_user_space(buf_size);
1889 rxnfc = (void __user *)ifr + ALIGN(sizeof(struct ifreq), 8);
1890
1891 @@ -106841,7 +106820,7 @@ index fe20c31..83a0ed6 100644
1892 return -EFAULT;
1893
1894 if (put_user(convert_in ? rxnfc : compat_ptr(data),
1895 -@@ -3007,7 +3073,7 @@ static int bond_ioctl(struct net *net, unsigned int cmd,
1896 +@@ -3004,7 +3070,7 @@ static int bond_ioctl(struct net *net, unsigned int cmd,
1897 old_fs = get_fs();
1898 set_fs(KERNEL_DS);
1899 err = dev_ioctl(net, cmd,
1900 @@ -106850,7 +106829,7 @@ index fe20c31..83a0ed6 100644
1901 set_fs(old_fs);
1902
1903 return err;
1904 -@@ -3100,7 +3166,7 @@ static int compat_sioc_ifmap(struct net *net, unsigned int cmd,
1905 +@@ -3097,7 +3163,7 @@ static int compat_sioc_ifmap(struct net *net, unsigned int cmd,
1906
1907 old_fs = get_fs();
1908 set_fs(KERNEL_DS);
1909 @@ -106859,7 +106838,7 @@ index fe20c31..83a0ed6 100644
1910 set_fs(old_fs);
1911
1912 if (cmd == SIOCGIFMAP && !err) {
1913 -@@ -3184,7 +3250,7 @@ static int routing_ioctl(struct net *net, struct socket *sock,
1914 +@@ -3181,7 +3247,7 @@ static int routing_ioctl(struct net *net, struct socket *sock,
1915 ret |= get_user(rtdev, &(ur4->rt_dev));
1916 if (rtdev) {
1917 ret |= copy_from_user(devname, compat_ptr(rtdev), 15);
1918 @@ -106868,7 +106847,7 @@ index fe20c31..83a0ed6 100644
1919 devname[15] = 0;
1920 } else
1921 r4.rt_dev = NULL;
1922 -@@ -3411,8 +3477,8 @@ int kernel_getsockopt(struct socket *sock, int level, int optname,
1923 +@@ -3408,8 +3474,8 @@ int kernel_getsockopt(struct socket *sock, int level, int optname,
1924 int __user *uoptlen;
1925 int err;
1926
1927 @@ -106879,7 +106858,7 @@ index fe20c31..83a0ed6 100644
1928
1929 set_fs(KERNEL_DS);
1930 if (level == SOL_SOCKET)
1931 -@@ -3432,7 +3498,7 @@ int kernel_setsockopt(struct socket *sock, int level, int optname,
1932 +@@ -3429,7 +3495,7 @@ int kernel_setsockopt(struct socket *sock, int level, int optname,
1933 char __user *uoptval;
1934 int err;
1935
1936
1937 diff --git a/3.14.33/4425_grsec_remove_EI_PAX.patch b/3.18.8/4425_grsec_remove_EI_PAX.patch
1938 similarity index 100%
1939 rename from 3.14.33/4425_grsec_remove_EI_PAX.patch
1940 rename to 3.18.8/4425_grsec_remove_EI_PAX.patch
1941
1942 diff --git a/3.18.7/4427_force_XATTR_PAX_tmpfs.patch b/3.18.8/4427_force_XATTR_PAX_tmpfs.patch
1943 similarity index 100%
1944 rename from 3.18.7/4427_force_XATTR_PAX_tmpfs.patch
1945 rename to 3.18.8/4427_force_XATTR_PAX_tmpfs.patch
1946
1947 diff --git a/3.14.33/4430_grsec-remove-localversion-grsec.patch b/3.18.8/4430_grsec-remove-localversion-grsec.patch
1948 similarity index 100%
1949 rename from 3.14.33/4430_grsec-remove-localversion-grsec.patch
1950 rename to 3.18.8/4430_grsec-remove-localversion-grsec.patch
1951
1952 diff --git a/3.18.7/4435_grsec-mute-warnings.patch b/3.18.8/4435_grsec-mute-warnings.patch
1953 similarity index 100%
1954 rename from 3.18.7/4435_grsec-mute-warnings.patch
1955 rename to 3.18.8/4435_grsec-mute-warnings.patch
1956
1957 diff --git a/3.14.33/4440_grsec-remove-protected-paths.patch b/3.18.8/4440_grsec-remove-protected-paths.patch
1958 similarity index 100%
1959 rename from 3.14.33/4440_grsec-remove-protected-paths.patch
1960 rename to 3.18.8/4440_grsec-remove-protected-paths.patch
1961
1962 diff --git a/3.18.7/4450_grsec-kconfig-default-gids.patch b/3.18.8/4450_grsec-kconfig-default-gids.patch
1963 similarity index 100%
1964 rename from 3.18.7/4450_grsec-kconfig-default-gids.patch
1965 rename to 3.18.8/4450_grsec-kconfig-default-gids.patch
1966
1967 diff --git a/3.18.7/4465_selinux-avc_audit-log-curr_ip.patch b/3.18.8/4465_selinux-avc_audit-log-curr_ip.patch
1968 similarity index 100%
1969 rename from 3.18.7/4465_selinux-avc_audit-log-curr_ip.patch
1970 rename to 3.18.8/4465_selinux-avc_audit-log-curr_ip.patch
1971
1972 diff --git a/3.18.7/4470_disable-compat_vdso.patch b/3.18.8/4470_disable-compat_vdso.patch
1973 similarity index 100%
1974 rename from 3.18.7/4470_disable-compat_vdso.patch
1975 rename to 3.18.8/4470_disable-compat_vdso.patch
1976
1977 diff --git a/3.14.33/4475_emutramp_default_on.patch b/3.18.8/4475_emutramp_default_on.patch
1978 similarity index 100%
1979 rename from 3.14.33/4475_emutramp_default_on.patch
1980 rename to 3.18.8/4475_emutramp_default_on.patch
1981
1982 diff --git a/3.2.67/0000_README b/3.2.67/0000_README
1983 index c7f6e15..54feb50 100644
1984 --- a/3.2.67/0000_README
1985 +++ b/3.2.67/0000_README
1986 @@ -186,7 +186,7 @@ Patch: 1066_linux-3.2.67.patch
1987 From: http://www.kernel.org
1988 Desc: Linux 3.2.67
1989
1990 -Patch: 4420_grsecurity-3.1-3.2.67-201502222131.patch
1991 +Patch: 4420_grsecurity-3.1-3.2.67-201502271837.patch
1992 From: http://www.grsecurity.net
1993 Desc: hardened-sources base patch from upstream grsecurity
1994
1995
1996 diff --git a/3.2.67/4420_grsecurity-3.1-3.2.67-201502222131.patch b/3.2.67/4420_grsecurity-3.1-3.2.67-201502271837.patch
1997 similarity index 99%
1998 rename from 3.2.67/4420_grsecurity-3.1-3.2.67-201502222131.patch
1999 rename to 3.2.67/4420_grsecurity-3.1-3.2.67-201502271837.patch
2000 index f77ebd7..51ee248 100644
2001 --- a/3.2.67/4420_grsecurity-3.1-3.2.67-201502222131.patch
2002 +++ b/3.2.67/4420_grsecurity-3.1-3.2.67-201502271837.patch
2003 @@ -56080,6 +56080,35 @@ index b8f55c4..4c2b80c 100644
2004 if (limit != RLIM_INFINITY && offset > limit)
2005 goto out_sig;
2006 if (offset > inode->i_sb->s_maxbytes)
2007 +diff --git a/fs/autofs4/dev-ioctl.c b/fs/autofs4/dev-ioctl.c
2008 +index de54271..62d7a6d 100644
2009 +--- a/fs/autofs4/dev-ioctl.c
2010 ++++ b/fs/autofs4/dev-ioctl.c
2011 +@@ -95,7 +95,7 @@ static int check_dev_ioctl_version(int cmd, struct autofs_dev_ioctl *param)
2012 + */
2013 + static struct autofs_dev_ioctl *copy_dev_ioctl(struct autofs_dev_ioctl __user *in)
2014 + {
2015 +- struct autofs_dev_ioctl tmp;
2016 ++ struct autofs_dev_ioctl tmp, *res;
2017 +
2018 + if (copy_from_user(&tmp, in, sizeof(tmp)))
2019 + return ERR_PTR(-EFAULT);
2020 +@@ -103,7 +103,14 @@ static struct autofs_dev_ioctl *copy_dev_ioctl(struct autofs_dev_ioctl __user *i
2021 + if (tmp.size < sizeof(tmp))
2022 + return ERR_PTR(-EINVAL);
2023 +
2024 +- return memdup_user(in, tmp.size);
2025 ++ if (tmp.size > (PATH_MAX + sizeof(tmp)))
2026 ++ return ERR_PTR(-ENAMETOOLONG);
2027 ++
2028 ++ res = memdup_user(in, tmp.size);
2029 ++ if (!IS_ERR(res))
2030 ++ res->size = tmp.size;
2031 ++
2032 ++ return res;
2033 + }
2034 +
2035 + static inline void free_dev_ioctl(struct autofs_dev_ioctl *param)
2036 diff --git a/fs/autofs4/init.c b/fs/autofs4/init.c
2037 index c038727..4ba2927 100644
2038 --- a/fs/autofs4/init.c
2039 @@ -58549,7 +58578,7 @@ index 451b9b8..12e5a03 100644
2040
2041 out_free_fd:
2042 diff --git a/fs/exec.c b/fs/exec.c
2043 -index 78199eb..a1fb382 100644
2044 +index 78199eb..abce65a 100644
2045 --- a/fs/exec.c
2046 +++ b/fs/exec.c
2047 @@ -55,12 +55,35 @@
2048 @@ -59417,7 +59446,7 @@ index 78199eb..a1fb382 100644
2049 + const char *type;
2050 +#endif
2051 +
2052 -+#ifndef CONFIG_STACK_GROWSUP
2053 ++#if !defined(CONFIG_STACK_GROWSUP) && !defined(CONFIG_X86_64)
2054 + unsigned long stackstart = (unsigned long)task_stack_page(current);
2055 + unsigned long currentsp = (unsigned long)&stackstart;
2056 + if (unlikely(currentsp < stackstart + 512 ||
2057 @@ -82474,7 +82503,7 @@ index bff29c5..7437762 100644
2058 /*
2059 * irq_chip specific flags
2060 diff --git a/include/linux/irqdesc.h b/include/linux/irqdesc.h
2061 -index e2e1ab5..1e1e417 100644
2062 +index e2e1ab5..eef4751 100644
2063 --- a/include/linux/irqdesc.h
2064 +++ b/include/linux/irqdesc.h
2065 @@ -41,7 +41,6 @@ struct module;
2066 @@ -82485,6 +82514,15 @@ index e2e1ab5..1e1e417 100644
2067 unsigned int __percpu *kstat_irqs;
2068 irq_flow_handler_t handle_irq;
2069 #ifdef CONFIG_IRQ_PREFLOW_FASTEOI
2070 +@@ -55,7 +54,7 @@ struct irq_desc {
2071 + unsigned int irq_count; /* For detecting broken IRQs */
2072 + unsigned long last_unhandled; /* Aging timer for unhandled count */
2073 + unsigned int irqs_unhandled;
2074 +- atomic_t threads_handled;
2075 ++ atomic_unchecked_t threads_handled;
2076 + int threads_handled_last;
2077 + raw_spinlock_t lock;
2078 + struct cpumask *percpu_enabled;
2079 diff --git a/include/linux/jiffies.h b/include/linux/jiffies.h
2080 index f4e8578..cbfc9fc 100644
2081 --- a/include/linux/jiffies.h
2082 @@ -89994,9 +90032,18 @@ index 20e88af..ec1b0d2 100644
2083 };
2084
2085 diff --git a/kernel/irq/manage.c b/kernel/irq/manage.c
2086 -index 127a32e..6afe478 100644
2087 +index 127a32e..129057f 100644
2088 --- a/kernel/irq/manage.c
2089 +++ b/kernel/irq/manage.c
2090 +@@ -814,7 +814,7 @@ static int irq_thread(void *data)
2091 + raw_spin_unlock_irq(&desc->lock);
2092 + action_ret = handler_fn(desc, action);
2093 + if (action_ret == IRQ_HANDLED)
2094 +- atomic_inc(&desc->threads_handled);
2095 ++ atomic_inc_unchecked(&desc->threads_handled);
2096 + }
2097 +
2098 + wake = atomic_dec_and_test(&desc->threads_active);
2099 @@ -900,22 +900,6 @@ __setup_irq(unsigned int irq, struct irq_desc *desc, struct irqaction *new)
2100 return -ENOSYS;
2101 if (!try_module_get(desc->owner))
2102 @@ -90028,6 +90075,19 @@ index 127a32e..6afe478 100644
2103 * IRQF_TRIGGER_* Specify active edge(s) or level
2104 *
2105 */
2106 +diff --git a/kernel/irq/spurious.c b/kernel/irq/spurious.c
2107 +index 6d426eb..01b2d87 100644
2108 +--- a/kernel/irq/spurious.c
2109 ++++ b/kernel/irq/spurious.c
2110 +@@ -331,7 +331,7 @@ void note_interrupt(unsigned int irq, struct irq_desc *desc,
2111 + * count. We just care about the count being
2112 + * different than the one we saw before.
2113 + */
2114 +- handled = atomic_read(&desc->threads_handled);
2115 ++ handled = atomic_read_unchecked(&desc->threads_handled);
2116 + handled |= SPURIOUS_DEFERRED;
2117 + if (handled != desc->threads_handled_last) {
2118 + action_ret = IRQ_HANDLED;
2119 diff --git a/kernel/jump_label.c b/kernel/jump_label.c
2120 index 66ff710..794bc5a 100644
2121 --- a/kernel/jump_label.c
2122 @@ -106653,6 +106713,43 @@ index a1839c0..4e06b9b 100644
2123 if (!llc_proc_dir)
2124 goto out;
2125
2126 +diff --git a/net/llc/sysctl_net_llc.c b/net/llc/sysctl_net_llc.c
2127 +index e2ebe35..be078ec 100644
2128 +--- a/net/llc/sysctl_net_llc.c
2129 ++++ b/net/llc/sysctl_net_llc.c
2130 +@@ -17,28 +17,28 @@ static struct ctl_table llc2_timeout_table[] = {
2131 + {
2132 + .procname = "ack",
2133 + .data = &sysctl_llc2_ack_timeout,
2134 +- .maxlen = sizeof(long),
2135 ++ .maxlen = sizeof(sysctl_llc2_ack_timeout),
2136 + .mode = 0644,
2137 + .proc_handler = proc_dointvec_jiffies,
2138 + },
2139 + {
2140 + .procname = "busy",
2141 + .data = &sysctl_llc2_busy_timeout,
2142 +- .maxlen = sizeof(long),
2143 ++ .maxlen = sizeof(sysctl_llc2_busy_timeout),
2144 + .mode = 0644,
2145 + .proc_handler = proc_dointvec_jiffies,
2146 + },
2147 + {
2148 + .procname = "p",
2149 + .data = &sysctl_llc2_p_timeout,
2150 +- .maxlen = sizeof(long),
2151 ++ .maxlen = sizeof(sysctl_llc2_p_timeout),
2152 + .mode = 0644,
2153 + .proc_handler = proc_dointvec_jiffies,
2154 + },
2155 + {
2156 + .procname = "rej",
2157 + .data = &sysctl_llc2_rej_timeout,
2158 +- .maxlen = sizeof(long),
2159 ++ .maxlen = sizeof(sysctl_llc2_rej_timeout),
2160 + .mode = 0644,
2161 + .proc_handler = proc_dointvec_jiffies,
2162 + },
2163 diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h
2164 index a9cf593..b04a2d5 100644
2165 --- a/net/mac80211/ieee80211_i.h
Report Message
Find on MARC Find on Google Groups