commit: d45a1058989471b391e01ebefddfcab848758175
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Thu Aug 14 23:03:36 2014 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Thu Aug 14 23:03:36 2014 +0000
URL:
http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-patchset.git;a=commit;h=d45a1058
Grsec/PaX: 3.0-{3.14.17,3.15.10}-201408140023
---
{3.14.16 => 3.14.17}/0000_README | 2 +-
.../4420_grsecurity-3.0-3.14.17-201408140021.patch | 986 ++-------------------
.../4425_grsec_remove_EI_PAX.patch | 0
.../4427_force_XATTR_PAX_tmpfs.patch | 0
.../4430_grsec-remove-localversion-grsec.patch | 0
.../4435_grsec-mute-warnings.patch | 0
.../4440_grsec-remove-protected-paths.patch | 0
.../4450_grsec-kconfig-default-gids.patch | 0
.../4465_selinux-avc_audit-log-curr_ip.patch | 0
.../4470_disable-compat_vdso.patch | 0
.../4475_emutramp_default_on.patch | 0
{3.15.9 => 3.15.10}/0000_README | 2 +-
.../4420_grsecurity-3.0-3.15.10-201408140023.patch | 611 ++-----------
{3.15.9 => 3.15.10}/4425_grsec_remove_EI_PAX.patch | 0
.../4427_force_XATTR_PAX_tmpfs.patch | 0
.../4430_grsec-remove-localversion-grsec.patch | 0
{3.15.9 => 3.15.10}/4435_grsec-mute-warnings.patch | 0
.../4440_grsec-remove-protected-paths.patch | 0
.../4450_grsec-kconfig-default-gids.patch | 0
.../4465_selinux-avc_audit-log-curr_ip.patch | 0
{3.15.9 => 3.15.10}/4470_disable-compat_vdso.patch | 0
{3.15.9 => 3.15.10}/4475_emutramp_default_on.patch | 0
22 files changed, 132 insertions(+), 1469 deletions(-)
diff --git a/3.14.16/0000_README b/3.14.17/0000_README
similarity index 96%
rename from 3.14.16/0000_README
rename to 3.14.17/0000_README
index c6cf3fc..e4c4eb2 100644
--- a/3.14.16/0000_README
+++ b/3.14.17/0000_README
@@ -2,7 +2,7 @@ README
-----------------------------------------------------------------------------
Individual Patch Descriptions:
-----------------------------------------------------------------------------
-Patch: 4420_grsecurity-3.0-3.14.16-201408110024.patch
+Patch: 4420_grsecurity-3.0-3.14.17-201408140021.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.14.16/4420_grsecurity-3.0-3.14.16-201408110024.patch
b/3.14.17/4420_grsecurity-3.0-3.14.17-201408140021.patch
similarity index 99%
rename from 3.14.16/4420_grsecurity-3.0-3.14.16-201408110024.patch
rename to 3.14.17/4420_grsecurity-3.0-3.14.17-201408140021.patch
index cd58a6f..1f1739c 100644
--- a/3.14.16/4420_grsecurity-3.0-3.14.16-201408110024.patch
+++ b/3.14.17/4420_grsecurity-3.0-3.14.17-201408140021.patch
@@ -287,7 +287,7 @@ index 7116fda..d8ed6e8 100644
pcd. [PARIDE]
diff --git a/Makefile b/Makefile
-index 8b22e24..7f4d29b 100644
+index 12aac03..33d9e9f 100644
--- a/Makefile
+++ b/Makefile
@@ -244,8 +244,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo
$$BASH; \
@@ -9883,142 +9883,6 @@ index 502f632..da1917f 100644
#define __S100 PAGE_READONLY
#define __S101 PAGE_READONLY
#define __S110 PAGE_SHARED
-diff --git a/arch/sparc/include/asm/pgtable_64.h
b/arch/sparc/include/asm/pgtable_64.h
-index 0f9e945..a949e55 100644
---- a/arch/sparc/include/asm/pgtable_64.h
-+++ b/arch/sparc/include/asm/pgtable_64.h
-@@ -71,6 +71,23 @@
-
- #include <linux/sched.h>
-
-+extern unsigned long sparc64_valid_addr_bitmap[];
-+
-+/* Needs to be defined here and not in linux/mm.h, as it is arch dependent */
-+static inline bool __kern_addr_valid(unsigned long paddr)
-+{
-+ if ((paddr >> MAX_PHYS_ADDRESS_BITS) != 0UL)
-+ return false;
-+ return test_bit(paddr >> ILOG2_4MB, sparc64_valid_addr_bitmap);
-+}
-+
-+static inline bool kern_addr_valid(unsigned long addr)
-+{
-+ unsigned long paddr = __pa(addr);
-+
-+ return __kern_addr_valid(paddr);
-+}
-+
- /* Entries per page directory level. */
- #define PTRS_PER_PTE (1UL << (PAGE_SHIFT-3))
- #define PTRS_PER_PMD (1UL << PMD_BITS)
-@@ -79,9 +96,12 @@
- /* Kernel has a separate 44bit address space. */
- #define FIRST_USER_ADDRESS 0
-
--#define pte_ERROR(e) __builtin_trap()
--#define pmd_ERROR(e) __builtin_trap()
--#define pgd_ERROR(e) __builtin_trap()
-+#define pmd_ERROR(e) \
-+ pr_err("%s:%d: bad pmd %p(%016lx) seen at (%pS)\n", \
-+ __FILE__, __LINE__, &(e), pmd_val(e),
__builtin_return_address(0))
-+#define pgd_ERROR(e) \
-+ pr_err("%s:%d: bad pgd %p(%016lx) seen at (%pS)\n", \
-+ __FILE__, __LINE__, &(e), pgd_val(e),
__builtin_return_address(0))
-
- #endif /* !(__ASSEMBLY__) */
-
-@@ -633,7 +653,7 @@ static inline unsigned long pmd_large(pmd_t pmd)
- {
- pte_t pte = __pte(pmd_val(pmd));
-
-- return (pte_val(pte) & _PAGE_PMD_HUGE) && pte_present(pte);
-+ return pte_val(pte) & _PAGE_PMD_HUGE;
- }
-
- #ifdef CONFIG_TRANSPARENT_HUGEPAGE
-@@ -719,20 +739,6 @@ static inline pmd_t pmd_mkwrite(pmd_t pmd)
- return __pmd(pte_val(pte));
- }
-
--static inline pmd_t pmd_mknotpresent(pmd_t pmd)
--{
-- unsigned long mask;
--
-- if (tlb_type == hypervisor)
-- mask = _PAGE_PRESENT_4V;
-- else
-- mask = _PAGE_PRESENT_4U;
--
-- pmd_val(pmd) &= ~mask;
--
-- return pmd;
--}
--
- static inline pmd_t pmd_mksplitting(pmd_t pmd)
- {
- pte_t pte = __pte(pmd_val(pmd));
-@@ -757,6 +763,20 @@ static inline int pmd_present(pmd_t pmd)
-
- #define pmd_none(pmd) (!pmd_val(pmd))
-
-+/* pmd_bad() is only called on non-trans-huge PMDs. Our encoding is
-+ * very simple, it's just the physical address. PTE tables are of
-+ * size PAGE_SIZE so make sure the sub-PAGE_SIZE bits are clear and
-+ * the top bits outside of the range of any physical address size we
-+ * support are clear as well. We also validate the physical itself.
-+ */
-+#define pmd_bad(pmd) ((pmd_val(pmd) & ~PAGE_MASK) || \
-+ !__kern_addr_valid(pmd_val(pmd)))
-+
-+#define pud_none(pud) (!pud_val(pud))
-+
-+#define pud_bad(pud) ((pud_val(pud) & ~PAGE_MASK) || \
-+ !__kern_addr_valid(pud_val(pud)))
-+
- #ifdef CONFIG_TRANSPARENT_HUGEPAGE
- extern void set_pmd_at(struct mm_struct *mm, unsigned long addr,
- pmd_t *pmdp, pmd_t pmd);
-@@ -790,10 +810,7 @@ static inline unsigned long __pmd_page(pmd_t pmd)
- #define pud_page_vaddr(pud) \
- ((unsigned long) __va(pud_val(pud)))
- #define pud_page(pud) virt_to_page((void
*)pud_page_vaddr(pud))
--#define pmd_bad(pmd) (0)
- #define pmd_clear(pmdp) (pmd_val(*(pmdp)) = 0UL)
--#define pud_none(pud) (!pud_val(pud))
--#define pud_bad(pud) (0)
- #define pud_present(pud) (pud_val(pud) != 0U)
- #define pud_clear(pudp) (pud_val(*(pudp)) = 0UL)
-
-@@ -893,6 +910,10 @@ extern void update_mmu_cache(struct vm_area_struct *,
unsigned long, pte_t *);
- extern void update_mmu_cache_pmd(struct vm_area_struct *vma, unsigned long
addr,
- pmd_t *pmd);
-
-+#define __HAVE_ARCH_PMDP_INVALIDATE
-+extern void pmdp_invalidate(struct vm_area_struct *vma, unsigned long address,
-+ pmd_t *pmdp);
-+
- #define __HAVE_ARCH_PGTABLE_DEPOSIT
- extern void pgtable_trans_huge_deposit(struct mm_struct *mm, pmd_t *pmdp,
- pgtable_t pgtable);
-@@ -919,18 +940,6 @@ extern unsigned long pte_file(pte_t);
- extern pte_t pgoff_to_pte(unsigned long);
- #define PTE_FILE_MAX_BITS (64UL - PAGE_SHIFT - 1UL)
-
--extern unsigned long sparc64_valid_addr_bitmap[];
--
--/* Needs to be defined here and not in linux/mm.h, as it is arch dependent */
--static inline bool kern_addr_valid(unsigned long addr)
--{
-- unsigned long paddr = __pa(addr);
--
-- if ((paddr >> 41UL) != 0UL)
-- return false;
-- return test_bit(paddr >> 22, sparc64_valid_addr_bitmap);
--}
--
- extern int page_in_phys_avail(unsigned long paddr);
-
- /*
diff --git a/arch/sparc/include/asm/pgtsrmmu.h
b/arch/sparc/include/asm/pgtsrmmu.h
index 79da178..c2eede8 100644
--- a/arch/sparc/include/asm/pgtsrmmu.h
@@ -10196,20 +10060,6 @@ index a5f01ac..703b554 100644
/*
* Thread-synchronous status.
*
-diff --git a/arch/sparc/include/asm/tsb.h b/arch/sparc/include/asm/tsb.h
-index 2230f80..90916f9 100644
---- a/arch/sparc/include/asm/tsb.h
-+++ b/arch/sparc/include/asm/tsb.h
-@@ -171,7 +171,8 @@ extern struct tsb_phys_patch_entry __tsb_phys_patch,
__tsb_phys_patch_end;
- andcc REG1, REG2, %g0; \
- be,pt %xcc, 700f; \
- sethi %hi(4 * 1024 * 1024), REG2; \
-- andn REG1, REG2, REG1; \
-+ brgez,pn REG1, FAIL_LABEL; \
-+ andn REG1, REG2, REG1; \
- and VADDR, REG2, REG2; \
- brlz,pt REG1, PTE_LABEL; \
- or REG1, REG2, REG1; \
diff --git a/arch/sparc/include/asm/uaccess.h
b/arch/sparc/include/asm/uaccess.h
index 0167d26..767bb0c 100644
--- a/arch/sparc/include/asm/uaccess.h
@@ -10458,7 +10308,7 @@ index c13c9f2..d572c34 100644
if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT)))
diff --git a/arch/sparc/kernel/smp_64.c b/arch/sparc/kernel/smp_64.c
-index b085311..6f885f7 100644
+index 8416d7f..f83823c 100644
--- a/arch/sparc/kernel/smp_64.c
+++ b/arch/sparc/kernel/smp_64.c
@@ -870,8 +870,8 @@ extern unsigned long xcall_flush_dcache_page_cheetah;
@@ -10958,37 +10808,10 @@ index 4ced92f..965eeed 100644
}
EXPORT_SYMBOL(die_if_kernel);
diff --git a/arch/sparc/kernel/unaligned_64.c
b/arch/sparc/kernel/unaligned_64.c
-index 3c1a7cb..9046547 100644
+index 35ab8b6..9046547 100644
--- a/arch/sparc/kernel/unaligned_64.c
+++ b/arch/sparc/kernel/unaligned_64.c
-@@ -166,17 +166,23 @@ static unsigned long *fetch_reg_addr(unsigned int reg,
struct pt_regs *regs)
- unsigned long compute_effective_address(struct pt_regs *regs,
- unsigned int insn, unsigned int rd)
- {
-+ int from_kernel = (regs->tstate & TSTATE_PRIV) != 0;
- unsigned int rs1 = (insn >> 14) & 0x1f;
- unsigned int rs2 = insn & 0x1f;
-- int from_kernel = (regs->tstate & TSTATE_PRIV) != 0;
-+ unsigned long addr;
-
- if (insn & 0x2000) {
- maybe_flush_windows(rs1, 0, rd, from_kernel);
-- return (fetch_reg(rs1, regs) + sign_extend_imm13(insn));
-+ addr = (fetch_reg(rs1, regs) + sign_extend_imm13(insn));
- } else {
- maybe_flush_windows(rs1, rs2, rd, from_kernel);
-- return (fetch_reg(rs1, regs) + fetch_reg(rs2, regs));
-+ addr = (fetch_reg(rs1, regs) + fetch_reg(rs2, regs));
- }
-+
-+ if (!from_kernel && test_thread_flag(TIF_32BIT))
-+ addr &= 0xffffffff;
-+
-+ return addr;
- }
-
- /* This is just to make gcc think die_if_kernel does return... */
-@@ -289,7 +295,7 @@ static void log_unaligned(struct pt_regs *regs)
+@@ -295,7 +295,7 @@ static void log_unaligned(struct pt_regs *regs)
static DEFINE_RATELIMIT_STATE(ratelimit, 5 * HZ, 5);
if (__ratelimit(&ratelimit)) {
@@ -11578,7 +11401,7 @@ index 59dbd46..1dd7f5e 100644
if (!(vma->vm_flags & (VM_READ | VM_EXEC)))
goto bad_area;
diff --git a/arch/sparc/mm/fault_64.c b/arch/sparc/mm/fault_64.c
-index 69bb818..3542236 100644
+index 4ced3fc..234f1e4 100644
--- a/arch/sparc/mm/fault_64.c
+++ b/arch/sparc/mm/fault_64.c
@@ -22,6 +22,9 @@
@@ -11600,124 +11423,7 @@ index 69bb818..3542236 100644
printk(KERN_CRIT "OOPS: Fault was to vaddr[%lx]\n", vaddr);
dump_stack();
unhandled_fault(regs->tpc, current, regs);
-@@ -96,38 +99,51 @@ static unsigned int get_user_insn(unsigned long tpc)
- pte_t *ptep, pte;
- unsigned long pa;
- u32 insn = 0;
-- unsigned long pstate;
-
-- if (pgd_none(*pgdp))
-- goto outret;
-+ if (pgd_none(*pgdp) || unlikely(pgd_bad(*pgdp)))
-+ goto out;
- pudp = pud_offset(pgdp, tpc);
-- if (pud_none(*pudp))
-- goto outret;
-- pmdp = pmd_offset(pudp, tpc);
-- if (pmd_none(*pmdp))
-- goto outret;
-+ if (pud_none(*pudp) || unlikely(pud_bad(*pudp)))
-+ goto out;
-
- /* This disables preemption for us as well. */
-- __asm__ __volatile__("rdpr %%pstate, %0" : "=r" (pstate));
-- __asm__ __volatile__("wrpr %0, %1, %%pstate"
-- : : "r" (pstate), "i" (PSTATE_IE));
-- ptep = pte_offset_map(pmdp, tpc);
-- pte = *ptep;
-- if (!pte_present(pte))
-- goto out;
-+ local_irq_disable();
-
-- pa = (pte_pfn(pte) << PAGE_SHIFT);
-- pa += (tpc & ~PAGE_MASK);
-+ pmdp = pmd_offset(pudp, tpc);
-+ if (pmd_none(*pmdp) || unlikely(pmd_bad(*pmdp)))
-+ goto out_irq_enable;
-
-- /* Use phys bypass so we don't pollute dtlb/dcache. */
-- __asm__ __volatile__("lduwa [%1] %2, %0"
-- : "=r" (insn)
-- : "r" (pa), "i" (ASI_PHYS_USE_EC));
-+#ifdef CONFIG_TRANSPARENT_HUGEPAGE
-+ if (pmd_trans_huge(*pmdp)) {
-+ if (pmd_trans_splitting(*pmdp))
-+ goto out_irq_enable;
-
-+ pa = pmd_pfn(*pmdp) << PAGE_SHIFT;
-+ pa += tpc & ~HPAGE_MASK;
-+
-+ /* Use phys bypass so we don't pollute dtlb/dcache. */
-+ __asm__ __volatile__("lduwa [%1] %2, %0"
-+ : "=r" (insn)
-+ : "r" (pa), "i" (ASI_PHYS_USE_EC));
-+ } else
-+#endif
-+ {
-+ ptep = pte_offset_map(pmdp, tpc);
-+ pte = *ptep;
-+ if (pte_present(pte)) {
-+ pa = (pte_pfn(pte) << PAGE_SHIFT);
-+ pa += (tpc & ~PAGE_MASK);
-+
-+ /* Use phys bypass so we don't pollute dtlb/dcache. */
-+ __asm__ __volatile__("lduwa [%1] %2, %0"
-+ : "=r" (insn)
-+ : "r" (pa), "i" (ASI_PHYS_USE_EC));
-+ }
-+ pte_unmap(ptep);
-+ }
-+out_irq_enable:
-+ local_irq_enable();
- out:
-- pte_unmap(ptep);
-- __asm__ __volatile__("wrpr %0, 0x0, %%pstate" : : "r" (pstate));
--outret:
- return insn;
- }
-
-@@ -153,7 +169,8 @@ show_signal_msg(struct pt_regs *regs, int sig, int code,
- }
-
- static void do_fault_siginfo(int code, int sig, struct pt_regs *regs,
-- unsigned int insn, int fault_code)
-+ unsigned long fault_addr, unsigned int insn,
-+ int fault_code)
- {
- unsigned long addr;
- siginfo_t info;
-@@ -161,10 +178,18 @@ static void do_fault_siginfo(int code, int sig, struct
pt_regs *regs,
- info.si_code = code;
- info.si_signo = sig;
- info.si_errno = 0;
-- if (fault_code & FAULT_CODE_ITLB)
-+ if (fault_code & FAULT_CODE_ITLB) {
- addr = regs->tpc;
-- else
-- addr = compute_effective_address(regs, insn, 0);
-+ } else {
-+ /* If we were able to probe the faulting instruction, use it
-+ * to compute a precise fault address. Otherwise use the fault
-+ * time provided address which may only have page granularity.
-+ */
-+ if (insn)
-+ addr = compute_effective_address(regs, insn, 0);
-+ else
-+ addr = fault_addr;
-+ }
- info.si_addr = (void __user *) addr;
- info.si_trapno = 0;
-
-@@ -239,7 +264,7 @@ static void __kprobes do_kernel_fault(struct pt_regs
*regs, int si_code,
- /* The si_code was set to make clear whether
- * this was a SEGV_MAPERR or SEGV_ACCERR fault.
- */
-- do_fault_siginfo(si_code, SIGSEGV, regs, insn, fault_code);
-+ do_fault_siginfo(si_code, SIGSEGV, regs, address, insn,
fault_code);
- return;
- }
-
-@@ -271,6 +296,466 @@ static void noinline __kprobes
bogus_32bit_fault_address(struct pt_regs *regs,
+@@ -281,6 +284,466 @@ static void noinline __kprobes
bogus_32bit_fault_tpc(struct pt_regs *regs)
show_regs(regs);
}
@@ -12184,7 +11890,7 @@ index 69bb818..3542236 100644
asmlinkage void __kprobes do_sparc64_fault(struct pt_regs *regs)
{
enum ctx_state prev_state = exception_enter();
-@@ -344,6 +829,29 @@ retry:
+@@ -352,6 +815,29 @@ retry:
if (!vma)
goto bad_area;
@@ -12214,28 +11920,6 @@ index 69bb818..3542236 100644
/* Pure DTLB misses do not tell us whether the fault causing
* load/store/atomic was a write or not, it only says that there
* was no match. So in such a case we (carefully) read the
-@@ -525,7 +1033,7 @@ do_sigbus:
- * Send a sigbus, regardless of whether we were in kernel
- * or user mode.
- */
-- do_fault_siginfo(BUS_ADRERR, SIGBUS, regs, insn, fault_code);
-+ do_fault_siginfo(BUS_ADRERR, SIGBUS, regs, address, insn, fault_code);
-
- /* Kernel mode? Handle exceptions or die */
- if (regs->tstate & TSTATE_PRIV)
-diff --git a/arch/sparc/mm/gup.c b/arch/sparc/mm/gup.c
-index c4d3da6..1aed043 100644
---- a/arch/sparc/mm/gup.c
-+++ b/arch/sparc/mm/gup.c
-@@ -73,7 +73,7 @@ static int gup_huge_pmd(pmd_t *pmdp, pmd_t pmd, unsigned
long addr,
- struct page *head, *page, *tail;
- int refs;
-
-- if (!pmd_large(pmd))
-+ if (!(pmd_val(pmd) & _PAGE_VALID))
- return 0;
-
- if (write && !pmd_write(pmd))
diff --git a/arch/sparc/mm/hugetlbpage.c b/arch/sparc/mm/hugetlbpage.c
index d329537..2c3746a 100644
--- a/arch/sparc/mm/hugetlbpage.c
@@ -12343,7 +12027,7 @@ index d329537..2c3746a 100644
pte_t *huge_pte_alloc(struct mm_struct *mm,
diff --git a/arch/sparc/mm/init_64.c b/arch/sparc/mm/init_64.c
-index eafbc65..5a8070d 100644
+index 9686224..dfbdb10 100644
--- a/arch/sparc/mm/init_64.c
+++ b/arch/sparc/mm/init_64.c
@@ -188,9 +188,9 @@ unsigned long sparc64_kern_sec_context __read_mostly;
@@ -12367,7 +12051,7 @@ index eafbc65..5a8070d 100644
#endif
#ifdef DCACHE_ALIASING_POSSIBLE
-@@ -466,10 +466,10 @@ void mmu_info(struct seq_file *m)
+@@ -470,10 +470,10 @@ void mmu_info(struct seq_file *m)
#ifdef CONFIG_DEBUG_DCFLUSH
seq_printf(m, "DCPageFlushes\t: %d\n",
@@ -12380,67 +12064,6 @@ index eafbc65..5a8070d 100644
#endif /* CONFIG_SMP */
#endif /* CONFIG_DEBUG_DCFLUSH */
}
-diff --git a/arch/sparc/mm/tlb.c b/arch/sparc/mm/tlb.c
-index b12cb5e..b89aba2 100644
---- a/arch/sparc/mm/tlb.c
-+++ b/arch/sparc/mm/tlb.c
-@@ -134,7 +134,7 @@ no_cache_flush:
-
- #ifdef CONFIG_TRANSPARENT_HUGEPAGE
- static void tlb_batch_pmd_scan(struct mm_struct *mm, unsigned long vaddr,
-- pmd_t pmd, bool exec)
-+ pmd_t pmd)
- {
- unsigned long end;
- pte_t *pte;
-@@ -142,8 +142,11 @@ static void tlb_batch_pmd_scan(struct mm_struct *mm,
unsigned long vaddr,
- pte = pte_offset_map(&pmd, vaddr);
- end = vaddr + HPAGE_SIZE;
- while (vaddr < end) {
-- if (pte_val(*pte) & _PAGE_VALID)
-+ if (pte_val(*pte) & _PAGE_VALID) {
-+ bool exec = pte_exec(*pte);
-+
- tlb_batch_add_one(mm, vaddr, exec);
-+ }
- pte++;
- vaddr += PAGE_SIZE;
- }
-@@ -177,19 +180,30 @@ void set_pmd_at(struct mm_struct *mm, unsigned long addr,
- }
-
- if (!pmd_none(orig)) {
-- pte_t orig_pte = __pte(pmd_val(orig));
-- bool exec = pte_exec(orig_pte);
--
- addr &= HPAGE_MASK;
- if (pmd_trans_huge(orig)) {
-+ pte_t orig_pte = __pte(pmd_val(orig));
-+ bool exec = pte_exec(orig_pte);
-+
- tlb_batch_add_one(mm, addr, exec);
- tlb_batch_add_one(mm, addr + REAL_HPAGE_SIZE, exec);
- } else {
-- tlb_batch_pmd_scan(mm, addr, orig, exec);
-+ tlb_batch_pmd_scan(mm, addr, orig);
- }
- }
- }
-
-+void pmdp_invalidate(struct vm_area_struct *vma, unsigned long address,
-+ pmd_t *pmdp)
-+{
-+ pmd_t entry = *pmdp;
-+
-+ pmd_val(entry) &= ~_PAGE_VALID;
-+
-+ set_pmd_at(vma->vm_mm, address, pmdp, entry);
-+ flush_tlb_range(vma, address, address + HPAGE_PMD_SIZE);
-+}
-+
- void pgtable_trans_huge_deposit(struct mm_struct *mm, pmd_t *pmdp,
- pgtable_t pgtable)
- {
diff --git a/arch/tile/Kconfig b/arch/tile/Kconfig
index b3692ce..e4517c9 100644
--- a/arch/tile/Kconfig
@@ -47122,10 +46745,10 @@ index bf0d55e..82bcfbd1 100644
priv = netdev_priv(dev);
priv->phy = phy;
diff --git a/drivers/net/macvlan.c b/drivers/net/macvlan.c
-index 5adecc5..aec7730 100644
+index 7f1abb7..6434b33 100644
--- a/drivers/net/macvlan.c
+++ b/drivers/net/macvlan.c
-@@ -991,13 +991,15 @@ static const struct nla_policy
macvlan_policy[IFLA_MACVLAN_MAX + 1] = {
+@@ -992,13 +992,15 @@ static const struct nla_policy
macvlan_policy[IFLA_MACVLAN_MAX + 1] = {
int macvlan_link_register(struct rtnl_link_ops *ops)
{
/* common fields */
@@ -47148,7 +46771,7 @@ index 5adecc5..aec7730 100644
return rtnl_link_register(ops);
};
-@@ -1051,7 +1053,7 @@ static int macvlan_device_event(struct notifier_block
*unused,
+@@ -1052,7 +1054,7 @@ static int macvlan_device_event(struct notifier_block
*unused,
return NOTIFY_DONE;
}
@@ -47201,19 +46824,6 @@ index 72ff14b..11d442d 100644
break;
err = 0;
break;
-diff --git a/drivers/net/ppp/pptp.c b/drivers/net/ppp/pptp.c
-index 0180531..1aff970 100644
---- a/drivers/net/ppp/pptp.c
-+++ b/drivers/net/ppp/pptp.c
-@@ -281,7 +281,7 @@ static int pptp_xmit(struct ppp_channel *chan, struct
sk_buff *skb)
- nf_reset(skb);
-
- skb->ip_summed = CHECKSUM_NONE;
-- ip_select_ident(skb, &rt->dst, NULL);
-+ ip_select_ident(skb, NULL);
- ip_send_check(iph);
-
- ip_local_out(skb);
diff --git a/drivers/net/slip/slhc.c b/drivers/net/slip/slhc.c
index 1252d9c..80e660b 100644
--- a/drivers/net/slip/slhc.c
@@ -84291,52 +83901,20 @@ index c55aeed..b3393f4 100644
/** inet_connection_sock - INET connection oriented sock
*
diff --git a/include/net/inetpeer.h b/include/net/inetpeer.h
-index 058271b..1af4453 100644
+index 823ec7b..1af4453 100644
--- a/include/net/inetpeer.h
+++ b/include/net/inetpeer.h
-@@ -41,14 +41,13 @@ struct inet_peer {
- struct rcu_head gc_rcu;
- };
- /*
-- * Once inet_peer is queued for deletion (refcnt == -1), following
fields
-- * are not available: rid, ip_id_count
-+ * Once inet_peer is queued for deletion (refcnt == -1), following field
-+ * is not available: rid
- * We can share memory with rcu_head to help keep inet_peer small.
+@@ -47,7 +47,7 @@ struct inet_peer {
*/
union {
struct {
- atomic_t rid; /* Frag
reception counter */
-- atomic_t ip_id_count; /* IP
ID for the next packet */
+ atomic_unchecked_t rid;
/* Frag reception counter */
};
struct rcu_head rcu;
struct inet_peer *gc_next;
-@@ -165,7 +164,7 @@ bool inet_peer_xrlim_allow(struct inet_peer *peer, int
timeout);
- void inetpeer_invalidate_tree(struct inet_peer_base *);
-
- /*
-- * temporary check to make sure we dont access rid, ip_id_count, tcp_ts,
-+ * temporary check to make sure we dont access rid, tcp_ts,
- * tcp_ts_stamp if no refcount is taken on inet_peer
- */
- static inline void inet_peer_refcheck(const struct inet_peer *p)
-@@ -173,13 +172,4 @@ static inline void inet_peer_refcheck(const struct
inet_peer *p)
- WARN_ON_ONCE(atomic_read(&p->refcnt) <= 0);
- }
-
--
--/* can be called with or without local BH being disabled */
--static inline int inet_getid(struct inet_peer *p, int more)
--{
-- more++;
-- inet_peer_refcheck(p);
-- return atomic_add_return(more, &p->ip_id_count) - more;
--}
--
- #endif /* _NET_INETPEER_H */
diff --git a/include/net/ip.h b/include/net/ip.h
-index 23be0fd..7251808 100644
+index 937f196..7251808 100644
--- a/include/net/ip.h
+++ b/include/net/ip.h
@@ -214,7 +214,7 @@ static inline void snmp_mib_free(void __percpu
*ptr[SNMP_ARRAY_SZ])
@@ -84348,55 +83926,15 @@ index 23be0fd..7251808 100644
static inline int inet_is_reserved_local_port(int port)
{
return test_bit(port, sysctl_local_reserved_ports);
-@@ -297,9 +297,10 @@ static inline unsigned int ip_skb_dst_mtu(const struct
sk_buff *skb)
+@@ -297,7 +297,7 @@ static inline unsigned int ip_skb_dst_mtu(const struct
sk_buff *skb)
}
}
--void __ip_select_ident(struct iphdr *iph, struct dst_entry *dst, int more);
+-u32 ip_idents_reserve(u32 hash, int segs);
+u32 ip_idents_reserve(u32 hash, int segs) __intentional_overflow(-1);
-+void __ip_select_ident(struct iphdr *iph, int segs);
-
--static inline void ip_select_ident(struct sk_buff *skb, struct dst_entry
*dst, struct sock *sk)
-+static inline void ip_select_ident_segs(struct sk_buff *skb, struct sock *sk,
int segs)
- {
- struct iphdr *iph = ip_hdr(skb);
-
-@@ -309,24 +310,20 @@ static inline void ip_select_ident(struct sk_buff *skb,
struct dst_entry *dst, s
- * does not change, they drop every other packet in
- * a TCP stream using header compression.
- */
-- iph->id = (sk && inet_sk(sk)->inet_daddr) ?
-- htons(inet_sk(sk)->inet_id++) : 0;
-- } else
-- __ip_select_ident(iph, dst, 0);
--}
--
--static inline void ip_select_ident_more(struct sk_buff *skb, struct dst_entry
*dst, struct sock *sk, int more)
--{
-- struct iphdr *iph = ip_hdr(skb);
--
-- if ((iph->frag_off & htons(IP_DF)) && !skb->local_df) {
- if (sk && inet_sk(sk)->inet_daddr) {
- iph->id = htons(inet_sk(sk)->inet_id);
-- inet_sk(sk)->inet_id += 1 + more;
-- } else
-+ inet_sk(sk)->inet_id += segs;
-+ } else {
- iph->id = 0;
-- } else
-- __ip_select_ident(iph, dst, more);
-+ }
-+ } else {
-+ __ip_select_ident(iph, segs);
-+ }
-+}
-+
-+static inline void ip_select_ident(struct sk_buff *skb, struct sock *sk)
-+{
-+ ip_select_ident_segs(skb, sk, 1);
- }
+ void __ip_select_ident(struct iphdr *iph, int segs);
- /*
+ static inline void ip_select_ident_segs(struct sk_buff *skb, struct sock *sk,
int segs)
diff --git a/include/net/ip_fib.h b/include/net/ip_fib.h
index 9922093..a1755d6 100644
--- a/include/net/ip_fib.h
@@ -84446,19 +83984,6 @@ index 5679d92..2e7a690 100644
/* ip_vs_est */
struct list_head est_list; /* estimator list */
spinlock_t est_lock;
-diff --git a/include/net/ipv6.h b/include/net/ipv6.h
-index 4f541f1..9ac6578 100644
---- a/include/net/ipv6.h
-+++ b/include/net/ipv6.h
-@@ -660,8 +660,6 @@ static inline int ipv6_addr_diff(const struct in6_addr
*a1, const struct in6_add
- return __ipv6_addr_diff(a1, a2, sizeof(struct in6_addr));
- }
-
--void ipv6_select_ident(struct frag_hdr *fhdr, struct rt6_info *rt);
--
- int ip6_dst_hoplimit(struct dst_entry *dst);
-
- /*
diff --git a/include/net/irda/ircomm_tty.h b/include/net/irda/ircomm_tty.h
index 8d4f588..2e37ad2 100644
--- a/include/net/irda/ircomm_tty.h
@@ -84859,19 +84384,6 @@ index 0dfcc92..7967849 100644
/* Structure to track chunk fragments that have been acked, but peer
-diff --git a/include/net/secure_seq.h b/include/net/secure_seq.h
-index f257486..3f36d45 100644
---- a/include/net/secure_seq.h
-+++ b/include/net/secure_seq.h
-@@ -3,8 +3,6 @@
-
- #include <linux/types.h>
-
--__u32 secure_ip_id(__be32 daddr);
--__u32 secure_ipv6_id(const __be32 daddr[4]);
- u32 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport);
- u32 secure_ipv6_port_ephemeral(const __be32 *saddr, const __be32 *daddr,
- __be16 dport);
diff --git a/include/net/sock.h b/include/net/sock.h
index 2f7bc43..530dadc 100644
--- a/include/net/sock.h
@@ -98413,10 +97925,10 @@ index d074d06..ad3cfcf 100644
if (ogm_packet->flags & BATADV_DIRECTLINK)
has_directlink_flag = true;
diff --git a/net/batman-adv/fragmentation.c b/net/batman-adv/fragmentation.c
-index cc1cfd6..7a68e022 100644
+index c46387a..6ad5ef9 100644
--- a/net/batman-adv/fragmentation.c
+++ b/net/batman-adv/fragmentation.c
-@@ -446,7 +446,7 @@ bool batadv_frag_send_packet(struct sk_buff *skb,
+@@ -450,7 +450,7 @@ bool batadv_frag_send_packet(struct sk_buff *skb,
frag_header.packet_type = BATADV_UNICAST_FRAG;
frag_header.version = BATADV_COMPAT_VERSION;
frag_header.ttl = BATADV_TTL;
@@ -98779,7 +98291,7 @@ index 988721a..947846d 100644
switch (ss->ss_family) {
diff --git a/net/compat.c b/net/compat.c
-index f50161f..ab7644e 100644
+index cbc1a2a..ab7644e 100644
--- a/net/compat.c
+++ b/net/compat.c
@@ -73,9 +73,9 @@ int get_compat_msghdr(struct msghdr *kmsg, struct
compat_msghdr __user *umsg)
@@ -98795,28 +98307,17 @@ index f50161f..ab7644e 100644
return 0;
}
-@@ -85,21 +85,22 @@ int verify_compat_iovec(struct msghdr *kern_msg, struct
iovec *kern_iov,
- {
- int tot_len;
+@@ -87,7 +87,7 @@ int verify_compat_iovec(struct msghdr *kern_msg, struct
iovec *kern_iov,
-- if (kern_msg->msg_namelen) {
-+ if (kern_msg->msg_name && kern_msg->msg_namelen) {
+ if (kern_msg->msg_name && kern_msg->msg_namelen) {
if (mode == VERIFY_READ) {
- int err = move_addr_to_kernel(kern_msg->msg_name,
+ int err = move_addr_to_kernel((void __force_user
*)kern_msg->msg_name,
kern_msg->msg_namelen,
kern_address);
if (err < 0)
- return err;
- }
-- if (kern_msg->msg_name)
-- kern_msg->msg_name = kern_address;
-- } else
-+ kern_msg->msg_name = kern_address;
-+ } else {
- kern_msg->msg_name = NULL;
-+ kern_msg->msg_namelen = 0;
-+ }
+@@ -100,7 +100,7 @@ int verify_compat_iovec(struct msghdr *kern_msg, struct
iovec *kern_iov,
+ }
tot_len = iov_from_user_compat_to_kern(kern_iov,
- (struct compat_iovec __user
*)kern_msg->msg_iov,
@@ -98824,7 +98325,7 @@ index f50161f..ab7644e 100644
kern_msg->msg_iovlen);
if (tot_len >= 0)
kern_msg->msg_iov = kern_iov;
-@@ -119,20 +120,20 @@ int verify_compat_iovec(struct msghdr *kern_msg, struct
iovec *kern_iov,
+@@ -120,20 +120,20 @@ int verify_compat_iovec(struct msghdr *kern_msg, struct
iovec *kern_iov,
#define CMSG_COMPAT_FIRSTHDR(msg) \
(((msg)->msg_controllen) >= sizeof(struct compat_cmsghdr) ? \
@@ -98848,7 +98349,7 @@ index f50161f..ab7644e 100644
msg->msg_controllen)
return NULL;
return (struct compat_cmsghdr __user *)ptr;
-@@ -222,7 +223,7 @@ Efault:
+@@ -223,7 +223,7 @@ Efault:
int put_cmsg_compat(struct msghdr *kmsg, int level, int type, int len, void
*data)
{
@@ -98857,7 +98358,7 @@ index f50161f..ab7644e 100644
struct compat_cmsghdr cmhdr;
struct compat_timeval ctv;
struct compat_timespec cts[3];
-@@ -278,7 +279,7 @@ int put_cmsg_compat(struct msghdr *kmsg, int level, int
type, int len, void *dat
+@@ -279,7 +279,7 @@ int put_cmsg_compat(struct msghdr *kmsg, int level, int
type, int len, void *dat
void scm_detach_fds_compat(struct msghdr *kmsg, struct scm_cookie *scm)
{
@@ -98866,7 +98367,7 @@ index f50161f..ab7644e 100644
int fdmax = (kmsg->msg_controllen - sizeof(struct compat_cmsghdr)) /
sizeof(int);
int fdnum = scm->fp->count;
struct file **fp = scm->fp->fp;
-@@ -366,7 +367,7 @@ static int do_set_sock_timeout(struct socket *sock, int
level,
+@@ -367,7 +367,7 @@ static int do_set_sock_timeout(struct socket *sock, int
level,
return -EFAULT;
old_fs = get_fs();
set_fs(KERNEL_DS);
@@ -98875,7 +98376,7 @@ index f50161f..ab7644e 100644
set_fs(old_fs);
return err;
-@@ -427,7 +428,7 @@ static int do_get_sock_timeout(struct socket *sock, int
level, int optname,
+@@ -428,7 +428,7 @@ static int do_get_sock_timeout(struct socket *sock, int
level, int optname,
len = sizeof(ktime);
old_fs = get_fs();
set_fs(KERNEL_DS);
@@ -98884,7 +98385,7 @@ index f50161f..ab7644e 100644
set_fs(old_fs);
if (!err) {
-@@ -570,7 +571,7 @@ int compat_mc_setsockopt(struct sock *sock, int level, int
optname,
+@@ -571,7 +571,7 @@ int compat_mc_setsockopt(struct sock *sock, int level, int
optname,
case MCAST_JOIN_GROUP:
case MCAST_LEAVE_GROUP:
{
@@ -98893,7 +98394,7 @@ index f50161f..ab7644e 100644
struct group_req __user *kgr =
compat_alloc_user_space(sizeof(struct group_req));
u32 interface;
-@@ -591,7 +592,7 @@ int compat_mc_setsockopt(struct sock *sock, int level, int
optname,
+@@ -592,7 +592,7 @@ int compat_mc_setsockopt(struct sock *sock, int level, int
optname,
case MCAST_BLOCK_SOURCE:
case MCAST_UNBLOCK_SOURCE:
{
@@ -98902,7 +98403,7 @@ index f50161f..ab7644e 100644
struct group_source_req __user *kgsr = compat_alloc_user_space(
sizeof(struct group_source_req));
u32 interface;
-@@ -612,7 +613,7 @@ int compat_mc_setsockopt(struct sock *sock, int level, int
optname,
+@@ -613,7 +613,7 @@ int compat_mc_setsockopt(struct sock *sock, int level, int
optname,
}
case MCAST_MSFILTER:
{
@@ -98911,7 +98412,7 @@ index f50161f..ab7644e 100644
struct group_filter __user *kgf;
u32 interface, fmode, numsrc;
-@@ -650,7 +651,7 @@ int compat_mc_getsockopt(struct sock *sock, int level, int
optname,
+@@ -651,7 +651,7 @@ int compat_mc_getsockopt(struct sock *sock, int level, int
optname,
char __user *optval, int __user *optlen,
int (*getsockopt)(struct sock *, int, int, char __user *, int __user *))
{
@@ -98920,7 +98421,7 @@ index f50161f..ab7644e 100644
struct group_filter __user *kgf;
int __user *koptlen;
u32 interface, fmode, numsrc;
-@@ -803,7 +804,7 @@ asmlinkage long compat_sys_socketcall(int call, u32 __user
*args)
+@@ -804,7 +804,7 @@ asmlinkage long compat_sys_socketcall(int call, u32 __user
*args)
if (call < SYS_SOCKET || call > SYS_SENDMMSG)
return -EINVAL;
@@ -99145,15 +98646,11 @@ index dfa602c..3103d88 100644
fle->object = flo;
else
diff --git a/net/core/iovec.c b/net/core/iovec.c
-index b618694..cd5f0af 100644
+index 26dc006..89e838e 100644
--- a/net/core/iovec.c
+++ b/net/core/iovec.c
-@@ -39,23 +39,23 @@ int verify_iovec(struct msghdr *m, struct iovec *iov,
struct sockaddr_storage *a
- {
- int size, ct, err;
-
-- if (m->msg_namelen) {
-+ if (m->msg_name && m->msg_namelen) {
+@@ -42,7 +42,7 @@ int verify_iovec(struct msghdr *m, struct iovec *iov, struct
sockaddr_storage *a
+ if (m->msg_name && m->msg_namelen) {
if (mode == VERIFY_READ) {
void __user *namep;
- namep = (void __user __force *) m->msg_name;
@@ -99161,14 +98658,7 @@ index b618694..cd5f0af 100644
err = move_addr_to_kernel(namep, m->msg_namelen,
address);
if (err < 0)
- return err;
- }
-- if (m->msg_name)
-- m->msg_name = address;
-+ m->msg_name = address;
- } else {
- m->msg_name = NULL;
-+ m->msg_namelen = 0;
+@@ -55,7 +55,7 @@ int verify_iovec(struct msghdr *m, struct iovec *iov, struct
sockaddr_storage *a
}
size = m->msg_iovlen * sizeof(struct iovec);
@@ -99421,44 +98911,8 @@ index b442e7e..6f5b5a2 100644
i++, cmfptr++)
{
struct socket *sock;
-diff --git a/net/core/secure_seq.c b/net/core/secure_seq.c
-index 897da56..ba71212 100644
---- a/net/core/secure_seq.c
-+++ b/net/core/secure_seq.c
-@@ -85,31 +85,6 @@ EXPORT_SYMBOL(secure_ipv6_port_ephemeral);
- #endif
-
- #ifdef CONFIG_INET
--__u32 secure_ip_id(__be32 daddr)
--{
-- u32 hash[MD5_DIGEST_WORDS];
--
-- net_secret_init();
-- hash[0] = (__force __u32) daddr;
-- hash[1] = net_secret[13];
-- hash[2] = net_secret[14];
-- hash[3] = net_secret[15];
--
-- md5_transform(hash, net_secret);
--
-- return hash[0];
--}
--
--__u32 secure_ipv6_id(const __be32 daddr[4])
--{
-- __u32 hash[4];
--
-- net_secret_init();
-- memcpy(hash, daddr, 16);
-- md5_transform(hash, net_secret);
--
-- return hash[0];
--}
-
- __u32 secure_tcp_sequence_number(__be32 saddr, __be32 daddr,
- __be16 sport, __be16 dport)
diff --git a/net/core/skbuff.c b/net/core/skbuff.c
-index 7f2e1fc..6206b10 100644
+index 8f6391b..40bc442 100644
--- a/net/core/skbuff.c
+++ b/net/core/skbuff.c
@@ -2003,7 +2003,7 @@ EXPORT_SYMBOL(__skb_checksum);
@@ -99921,28 +99375,6 @@ index 9d43468..ffa28cc 100644
return nh->nh_saddr;
}
-diff --git a/net/ipv4/igmp.c b/net/ipv4/igmp.c
-index 9db3b87..0ffcd4d 100644
---- a/net/ipv4/igmp.c
-+++ b/net/ipv4/igmp.c
-@@ -369,7 +369,7 @@ static struct sk_buff *igmpv3_newpack(struct net_device
*dev, int size)
- pip->saddr = fl4.saddr;
- pip->protocol = IPPROTO_IGMP;
- pip->tot_len = 0; /* filled in later */
-- ip_select_ident(skb, &rt->dst, NULL);
-+ ip_select_ident(skb, NULL);
- ((u8 *)&pip[1])[0] = IPOPT_RA;
- ((u8 *)&pip[1])[1] = 4;
- ((u8 *)&pip[1])[2] = 0;
-@@ -714,7 +714,7 @@ static int igmp_send_report(struct in_device *in_dev,
struct ip_mc_list *pmc,
- iph->daddr = dst;
- iph->saddr = fl4.saddr;
- iph->protocol = IPPROTO_IGMP;
-- ip_select_ident(skb, &rt->dst, NULL);
-+ ip_select_ident(skb, NULL);
- ((u8 *)&iph[1])[0] = IPOPT_RA;
- ((u8 *)&iph[1])[1] = 4;
- ((u8 *)&iph[1])[2] = 0;
diff --git a/net/ipv4/inet_connection_sock.c b/net/ipv4/inet_connection_sock.c
index 0d1e2cb..4501a2c 100644
--- a/net/ipv4/inet_connection_sock.c
@@ -99987,47 +99419,14 @@ index 8b9cf27..0d8d592 100644
inet_twsk_deschedule(tw, death_row);
while (twrefcnt) {
diff --git a/net/ipv4/inetpeer.c b/net/ipv4/inetpeer.c
-index 48f4244..d83ba8a 100644
+index bf2cb4a..d83ba8a 100644
--- a/net/ipv4/inetpeer.c
+++ b/net/ipv4/inetpeer.c
-@@ -26,20 +26,7 @@
- * Theory of operations.
- * We keep one entry for each peer IP address. The nodes contains
long-living
- * information about the peer which doesn't depend on routes.
-- * At this moment this information consists only of ID field for the next
-- * outgoing IP packet. This field is incremented with each packet as encoded
-- * in inet_getid() function (include/net/inetpeer.h).
-- * At the moment of writing this notes identifier of IP packets is generated
-- * to be unpredictable using this code only for packets subjected
-- * (actually or potentially) to defragmentation. I.e. DF packets less than
-- * PMTU in size when local fragmentation is disabled use a constant ID and do
-- * not use this code (see ip_select_ident() in include/net/ip.h).
- *
-- * Route cache entries hold references to our nodes.
-- * New cache entries get references via lookup by destination IP address in
-- * the avl tree. The reference is grabbed only when it's needed i.e. only
-- * when we try to output IP packet which needs an unpredictable ID (see
-- * __ip_select_ident() in net/ipv4/route.c).
- * Nodes are removed only when reference counter goes to 0.
- * When it's happened the node may be removed when a sufficient amount of
- * time has been passed since its last use. The less-recently-used entry can
-@@ -62,7 +49,6 @@
- * refcnt: atomically against modifications on other CPU;
- * usually under some other lock to prevent node disappearing
- * daddr: unchangeable
-- * ip_id_count: atomic value (no lock needed)
- */
-
- static struct kmem_cache *peer_cachep __read_mostly;
-@@ -496,11 +482,7 @@ relookup:
+@@ -482,7 +482,7 @@ relookup:
if (p) {
p->daddr = *daddr;
atomic_set(&p->refcnt, 1);
- atomic_set(&p->rid, 0);
-- atomic_set(&p->ip_id_count,
-- (daddr->family == AF_INET) ?
-- secure_ip_id(daddr->addr.a4) :
-- secure_ipv6_id(daddr->addr.a6));
+ atomic_set_unchecked(&p->rid, 0);
p->metrics[RTAX_LOCK-1] = INETPEER_METRICS_NEW;
p->rate_tokens = 0;
@@ -100114,38 +99513,6 @@ index 94213c8..8bdb342 100644
.kind = "gretap",
.maxtype = IFLA_GRE_MAX,
.policy = ipgre_policy,
-diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c
-index 73c6b63..ed88d78 100644
---- a/net/ipv4/ip_output.c
-+++ b/net/ipv4/ip_output.c
-@@ -148,7 +148,7 @@ int ip_build_and_send_pkt(struct sk_buff *skb, struct sock
*sk,
- iph->daddr = (opt && opt->opt.srr ? opt->opt.faddr : daddr);
- iph->saddr = saddr;
- iph->protocol = sk->sk_protocol;
-- ip_select_ident(skb, &rt->dst, sk);
-+ ip_select_ident(skb, sk);
-
- if (opt && opt->opt.optlen) {
- iph->ihl += opt->opt.optlen>>2;
-@@ -386,8 +386,7 @@ packet_routed:
- ip_options_build(skb, &inet_opt->opt, inet->inet_daddr, rt, 0);
- }
-
-- ip_select_ident_more(skb, &rt->dst, sk,
-- (skb_shinfo(skb)->gso_segs ?: 1) - 1);
-+ ip_select_ident_segs(skb, sk, skb_shinfo(skb)->gso_segs ?: 1);
-
- skb->priority = sk->sk_priority;
- skb->mark = sk->sk_mark;
-@@ -1338,7 +1337,7 @@ struct sk_buff *__ip_make_skb(struct sock *sk,
- iph->ttl = ttl;
- iph->protocol = sk->sk_protocol;
- ip_copy_addrs(iph, fl4);
-- ip_select_ident(skb, &rt->dst, sk);
-+ ip_select_ident(skb, sk);
-
- if (opt) {
- iph->ihl += opt->optlen>>2;
diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c
index 580dd96..9fcef7e 100644
--- a/net/ipv4/ip_sockglue.c
@@ -100169,19 +99536,6 @@ index 580dd96..9fcef7e 100644
msg.msg_controllen = len;
msg.msg_flags = flags;
-diff --git a/net/ipv4/ip_tunnel_core.c b/net/ipv4/ip_tunnel_core.c
-index 8d69626..65b664d 100644
---- a/net/ipv4/ip_tunnel_core.c
-+++ b/net/ipv4/ip_tunnel_core.c
-@@ -74,7 +74,7 @@ int iptunnel_xmit(struct rtable *rt, struct sk_buff *skb,
- iph->daddr = dst;
- iph->saddr = src;
- iph->ttl = ttl;
-- __ip_select_ident(iph, &rt->dst, (skb_shinfo(skb)->gso_segs ?: 1) - 1);
-+ __ip_select_ident(iph, skb_shinfo(skb)->gso_segs ?: 1);
-
- err = ip_local_out(skb);
- if (unlikely(net_xmit_eval(err)))
diff --git a/net/ipv4/ip_vti.c b/net/ipv4/ip_vti.c
index e4a8f76..dd8ad72 100644
--- a/net/ipv4/ip_vti.c
@@ -100257,19 +99611,6 @@ index 62eaa00..29b2dc2 100644
.kind = "ipip",
.maxtype = IFLA_IPTUN_MAX,
.policy = ipip_policy,
-diff --git a/net/ipv4/ipmr.c b/net/ipv4/ipmr.c
-index 2886357..1149fc2 100644
---- a/net/ipv4/ipmr.c
-+++ b/net/ipv4/ipmr.c
-@@ -1663,7 +1663,7 @@ static void ip_encap(struct sk_buff *skb, __be32 saddr,
__be32 daddr)
- iph->protocol = IPPROTO_IPIP;
- iph->ihl = 5;
- iph->tot_len = htons(skb->len);
-- ip_select_ident(skb, skb_dst(skb), NULL);
-+ ip_select_ident(skb, NULL);
- ip_send_check(iph);
-
- memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt));
diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c
index f95b6f9..2ee2097 100644
--- a/net/ipv4/netfilter/arp_tables.c
@@ -100453,7 +99794,7 @@ index e21934b..4e7cb58 100644
static int ping_v4_seq_show(struct seq_file *seq, void *v)
diff --git a/net/ipv4/raw.c b/net/ipv4/raw.c
-index c04518f..d67116b 100644
+index 11c8d81..d67116b 100644
--- a/net/ipv4/raw.c
+++ b/net/ipv4/raw.c
@@ -311,7 +311,7 @@ static int raw_rcv_skb(struct sock *sk, struct sk_buff
*skb)
@@ -100465,15 +99806,6 @@ index c04518f..d67116b 100644
kfree_skb(skb);
return NET_RX_DROP;
}
-@@ -389,7 +389,7 @@ static int raw_send_hdrinc(struct sock *sk, struct flowi4
*fl4,
- iph->check = 0;
- iph->tot_len = htons(length);
- if (!iph->id)
-- ip_select_ident(skb, &rt->dst, NULL);
-+ ip_select_ident(skb, NULL);
-
- iph->check = ip_fast_csum((unsigned char *)iph, iph->ihl);
- }
@@ -748,16 +748,20 @@ static int raw_init(struct sock *sk)
static int raw_seticmpfilter(struct sock *sk, char __user *optval, int optlen)
@@ -100517,18 +99849,10 @@ index c04518f..d67116b 100644
static int raw_seq_show(struct seq_file *seq, void *v)
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
-index 031553f..1f6f4e2 100644
+index ca5a01e..1f6f4e2 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
-@@ -89,6 +89,7 @@
- #include <linux/rcupdate.h>
- #include <linux/times.h>
- #include <linux/slab.h>
-+#include <linux/jhash.h>
- #include <net/dst.h>
- #include <net/net_namespace.h>
- #include <net/protocol.h>
-@@ -233,7 +234,7 @@ static const struct seq_operations rt_cache_seq_ops = {
+@@ -234,7 +234,7 @@ static const struct seq_operations rt_cache_seq_ops = {
static int rt_cache_seq_open(struct inode *inode, struct file *file)
{
@@ -100537,7 +99861,7 @@ index 031553f..1f6f4e2 100644
}
static const struct file_operations rt_cache_seq_fops = {
-@@ -324,7 +325,7 @@ static const struct seq_operations rt_cpu_seq_ops = {
+@@ -325,7 +325,7 @@ static const struct seq_operations rt_cpu_seq_ops = {
static int rt_cpu_seq_open(struct inode *inode, struct file *file)
{
@@ -100546,7 +99870,7 @@ index 031553f..1f6f4e2 100644
}
static const struct file_operations rt_cpu_seq_fops = {
-@@ -362,7 +363,7 @@ static int rt_acct_proc_show(struct seq_file *m, void *v)
+@@ -363,7 +363,7 @@ static int rt_acct_proc_show(struct seq_file *m, void *v)
static int rt_acct_proc_open(struct inode *inode, struct file *file)
{
@@ -100555,78 +99879,25 @@ index 031553f..1f6f4e2 100644
}
static const struct file_operations rt_acct_proc_fops = {
-@@ -462,39 +463,45 @@ static struct neighbour *ipv4_neigh_lookup(const struct
dst_entry *dst,
- return neigh_create(&arp_tbl, pkey, dev);
- }
+@@ -465,7 +465,7 @@ static struct neighbour *ipv4_neigh_lookup(const struct
dst_entry *dst,
--/*
-- * Peer allocation may fail only in serious out-of-memory conditions. However
-- * we still can generate some output.
-- * Random ID selection looks a bit dangerous because we have no chances to
-- * select ID being unique in a reasonable period of time.
-- * But broken packet identifier may be better than no packet at all.
-+#define IP_IDENTS_SZ 2048u
-+struct ip_ident_bucket {
+ #define IP_IDENTS_SZ 2048u
+ struct ip_ident_bucket {
+- atomic_t id;
+ atomic_unchecked_t id;
-+ u32 stamp32;
-+};
-+
-+static struct ip_ident_bucket *ip_idents __read_mostly;
-+
-+/* In order to protect privacy, we add a perturbation to identifiers
-+ * if one generator is seldom used. This makes hard for an attacker
-+ * to infer how many packets were sent between two points in time.
- */
--static void ip_select_fb_ident(struct iphdr *iph)
-+u32 ip_idents_reserve(u32 hash, int segs)
- {
-- static DEFINE_SPINLOCK(ip_fb_id_lock);
-- static u32 ip_fallback_id;
-- u32 salt;
-+ struct ip_ident_bucket *bucket = ip_idents + hash % IP_IDENTS_SZ;
-+ u32 old = ACCESS_ONCE(bucket->stamp32);
-+ u32 now = (u32)jiffies;
-+ u32 delta = 0;
-
-- spin_lock_bh(&ip_fb_id_lock);
-- salt = secure_ip_id((__force __be32)ip_fallback_id ^ iph->daddr);
-- iph->id = htons(salt & 0xFFFF);
-- ip_fallback_id = salt;
-- spin_unlock_bh(&ip_fb_id_lock);
-+ if (old != now && cmpxchg(&bucket->stamp32, old, now) == old)
-+ delta = prandom_u32_max(now - old);
-+
-+ return atomic_add_return_unchecked(segs + delta, &bucket->id) - segs;
- }
-+EXPORT_SYMBOL(ip_idents_reserve);
-
--void __ip_select_ident(struct iphdr *iph, struct dst_entry *dst, int more)
-+void __ip_select_ident(struct iphdr *iph, int segs)
- {
-- struct net *net = dev_net(dst->dev);
-- struct inet_peer *peer;
-+ static u32 ip_idents_hashrnd __read_mostly;
-+ u32 hash, id;
+ u32 stamp32;
+ };
-- peer = inet_getpeer_v4(net->ipv4.peers, iph->daddr, 1);
-- if (peer) {
-- iph->id = htons(inet_getid(peer, more));
-- inet_putpeer(peer);
-- return;
-- }
-+ net_get_random_once(&ip_idents_hashrnd, sizeof(ip_idents_hashrnd));
+@@ -485,7 +485,7 @@ u32 ip_idents_reserve(u32 hash, int segs)
+ if (old != now && cmpxchg(&bucket->stamp32, old, now) == old)
+ delta = prandom_u32_max(now - old);
-- ip_select_fb_ident(iph);
-+ hash = jhash_3words((__force u32)iph->daddr,
-+ (__force u32)iph->saddr,
-+ iph->protocol,
-+ ip_idents_hashrnd);
-+ id = ip_idents_reserve(hash, segs);
-+ iph->id = htons(id);
+- return atomic_add_return(segs + delta, &bucket->id) - segs;
++ return atomic_add_return_unchecked(segs + delta, &bucket->id) - segs;
}
- EXPORT_SYMBOL(__ip_select_ident);
+ EXPORT_SYMBOL(ip_idents_reserve);
-@@ -2624,34 +2631,34 @@ static struct ctl_table ipv4_route_flush_table[] = {
+@@ -2631,34 +2631,34 @@ static struct ctl_table ipv4_route_flush_table[] = {
.maxlen = sizeof(int),
.mode = 0200,
.proc_handler = ipv4_sysctl_rtcache_flush,
@@ -100669,7 +99940,7 @@ index 031553f..1f6f4e2 100644
err_dup:
return -ENOMEM;
}
-@@ -2674,8 +2681,8 @@ static __net_initdata struct pernet_operations
sysctl_route_ops = {
+@@ -2681,8 +2681,8 @@ static __net_initdata struct pernet_operations
sysctl_route_ops = {
static __net_init int rt_genid_init(struct net *net)
{
@@ -100680,19 +99951,6 @@ index 031553f..1f6f4e2 100644
get_random_bytes(&net->ipv4.dev_addr_genid,
sizeof(net->ipv4.dev_addr_genid));
return 0;
-@@ -2718,6 +2725,12 @@ int __init ip_rt_init(void)
- {
- int rc = 0;
-
-+ ip_idents = kmalloc(IP_IDENTS_SZ * sizeof(*ip_idents), GFP_KERNEL);
-+ if (!ip_idents)
-+ panic("IP: failed to allocate ip_idents\n");
-+
-+ prandom_bytes(ip_idents, IP_IDENTS_SZ * sizeof(*ip_idents));
-+
- #ifdef CONFIG_IP_ROUTE_CLASSID
- ip_rt_acct = __alloc_percpu(256 * sizeof(struct ip_rt_acct),
__alignof__(struct ip_rt_acct));
- if (!ip_rt_acct)
diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c
index 44eba05..b36864b 100644
--- a/net/ipv4/sysctl_net_ipv4.c
@@ -100989,33 +100247,6 @@ index 64f0354..a81b39d 100644
if (retransmits_timed_out(sk, retry_until,
syn_set ? 0 : icsk->icsk_user_timeout,
syn_set)) {
/* Has it gone just too far? */
-diff --git a/net/ipv4/tcp_vegas.c b/net/ipv4/tcp_vegas.c
-index 06cae62..6b1a5fd 100644
---- a/net/ipv4/tcp_vegas.c
-+++ b/net/ipv4/tcp_vegas.c
-@@ -219,7 +219,8 @@ static void tcp_vegas_cong_avoid(struct sock *sk, u32 ack,
u32 acked,
- * This is:
- * (actual rate in segments) * baseRTT
- */
-- target_cwnd = tp->snd_cwnd * vegas->baseRTT / rtt;
-+ target_cwnd = (u64)tp->snd_cwnd * vegas->baseRTT;
-+ do_div(target_cwnd, rtt);
-
- /* Calculate the difference between the window we had,
- * and the window we would like to have. This quantity
-diff --git a/net/ipv4/tcp_veno.c b/net/ipv4/tcp_veno.c
-index 326475a..603ad49 100644
---- a/net/ipv4/tcp_veno.c
-+++ b/net/ipv4/tcp_veno.c
-@@ -145,7 +145,7 @@ static void tcp_veno_cong_avoid(struct sock *sk, u32 ack,
u32 acked,
-
- rtt = veno->minrtt;
-
-- target_cwnd = (tp->snd_cwnd * veno->basertt);
-+ target_cwnd = (u64)tp->snd_cwnd * veno->basertt;
- target_cwnd <<= V_PARAM_SHIFT;
- do_div(target_cwnd, rtt);
-
diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c
index b25e852..cdc3258 100644
--- a/net/ipv4/udp.c
@@ -101134,24 +100365,6 @@ index b25e852..cdc3258 100644
}
int udp4_seq_show(struct seq_file *seq, void *v)
-diff --git a/net/ipv4/xfrm4_mode_tunnel.c b/net/ipv4/xfrm4_mode_tunnel.c
-index 31b1815..1f564a1 100644
---- a/net/ipv4/xfrm4_mode_tunnel.c
-+++ b/net/ipv4/xfrm4_mode_tunnel.c
-@@ -117,12 +117,12 @@ static int xfrm4_mode_tunnel_output(struct xfrm_state
*x, struct sk_buff *skb)
-
- top_iph->frag_off = (flags & XFRM_STATE_NOPMTUDISC) ?
- 0 : (XFRM_MODE_SKB_CB(skb)->frag_off & htons(IP_DF));
-- ip_select_ident(skb, dst->child, NULL);
-
- top_iph->ttl = ip4_dst_hoplimit(dst->child);
-
- top_iph->saddr = x->props.saddr.a4;
- top_iph->daddr = x->id.daddr.a4;
-+ ip_select_ident(skb, NULL);
-
- return 0;
- }
diff --git a/net/ipv4/xfrm4_policy.c b/net/ipv4/xfrm4_policy.c
index e1a6393..f634ce5 100644
--- a/net/ipv4/xfrm4_policy.c
@@ -101365,31 +100578,6 @@ index 2465d18..bc5bf7f 100644
.kind = "ip6gretap",
.maxtype = IFLA_GRE_MAX,
.policy = ip6gre_policy,
-diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c
-index a62b610..073e5a6 100644
---- a/net/ipv6/ip6_output.c
-+++ b/net/ipv6/ip6_output.c
-@@ -537,6 +537,20 @@ static void ip6_copy_metadata(struct sk_buff *to, struct
sk_buff *from)
- skb_copy_secmark(to, from);
- }
-
-+static void ipv6_select_ident(struct frag_hdr *fhdr, struct rt6_info *rt)
-+{
-+ static u32 ip6_idents_hashrnd __read_mostly;
-+ u32 hash, id;
-+
-+ net_get_random_once(&ip6_idents_hashrnd, sizeof(ip6_idents_hashrnd));
-+
-+ hash = __ipv6_addr_jhash(&rt->rt6i_dst.addr, ip6_idents_hashrnd);
-+ hash = __ipv6_addr_jhash(&rt->rt6i_src.addr, hash);
-+
-+ id = ip_idents_reserve(hash, 1);
-+ fhdr->identification = htonl(id);
-+}
-+
- int ip6_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *))
- {
- struct sk_buff *frag;
diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c
index 9120339..cfdd84f 100644
--- a/net/ipv6/ip6_tunnel.c
@@ -101539,36 +100727,13 @@ index 767ab8d..c5ec70a 100644
return -ENOMEM;
}
diff --git a/net/ipv6/output_core.c b/net/ipv6/output_core.c
-index b31a012..ab2f47d 100644
+index 798eb0f..ab2f47d 100644
--- a/net/ipv6/output_core.c
+++ b/net/ipv6/output_core.c
-@@ -7,30 +7,6 @@
+@@ -7,7 +7,6 @@
#include <net/ip6_fib.h>
#include <net/addrconf.h>
--void ipv6_select_ident(struct frag_hdr *fhdr, struct rt6_info *rt)
--{
-- static atomic_t ipv6_fragmentation_id;
-- int ident;
--
--#if IS_ENABLED(CONFIG_IPV6)
-- if (rt && !(rt->dst.flags & DST_NOPEER)) {
-- struct inet_peer *peer;
-- struct net *net;
--
-- net = dev_net(rt->dst.dev);
-- peer = inet_getpeer_v6(net->ipv6.peers, &rt->rt6i_dst.addr, 1);
-- if (peer) {
-- fhdr->identification = htonl(inet_getid(peer, 0));
-- inet_putpeer(peer);
-- return;
-- }
-- }
--#endif
-- ident = atomic_inc_return(&ipv6_fragmentation_id);
-- fhdr->identification = htonl(ident);
--}
--EXPORT_SYMBOL(ipv6_select_ident);
-
int ip6_find_1stfragopt(struct sk_buff *skb, u8 **nexthdr)
{
@@ -102591,18 +101756,9 @@ index db80126..ef7110e 100644
cp->old_state = cp->state;
/*
diff --git a/net/netfilter/ipvs/ip_vs_xmit.c b/net/netfilter/ipvs/ip_vs_xmit.c
-index c47444e..e9a86e6 100644
+index 7f0e1cf..e9a86e6 100644
--- a/net/netfilter/ipvs/ip_vs_xmit.c
+++ b/net/netfilter/ipvs/ip_vs_xmit.c
-@@ -883,7 +883,7 @@ ip_vs_tunnel_xmit(struct sk_buff *skb, struct ip_vs_conn
*cp,
- iph->daddr = cp->daddr.ip;
- iph->saddr = saddr;
- iph->ttl = old_iph->ttl;
-- ip_select_ident(skb, &rt->dst, NULL);
-+ ip_select_ident(skb, NULL);
-
- /* Another hack: avoid icmp_send in ip_fragment */
- skb->local_df = 1;
@@ -1102,7 +1102,7 @@ ip_vs_icmp_xmit(struct sk_buff *skb, struct ip_vs_conn
*cp,
else
rc = NF_ACCEPT;
@@ -103519,18 +102675,6 @@ index f226709..0e735a8 100644
_proto("Tx RESPONSE %%%u", ntohl(hdr->serial));
ret = kernel_sendmsg(conn->trans->local->socket, &msg, iov, 3, len);
-diff --git a/net/sctp/associola.c b/net/sctp/associola.c
-index a4d5701..5d97d8f 100644
---- a/net/sctp/associola.c
-+++ b/net/sctp/associola.c
-@@ -1151,6 +1151,7 @@ void sctp_assoc_update(struct sctp_association *asoc,
- asoc->c = new->c;
- asoc->peer.rwnd = new->peer.rwnd;
- asoc->peer.sack_needed = new->peer.sack_needed;
-+ asoc->peer.auth_capable = new->peer.auth_capable;
- asoc->peer.i = new->peer.i;
- sctp_tsnmap_init(&asoc->peer.tsn_map, SCTP_TSN_MAP_INITIAL,
- asoc->peer.i.initial_tsn, GFP_ATOMIC);
diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c
index 2b1738e..a9d0fc9 100644
--- a/net/sctp/ipv6.c
diff --git a/3.14.16/4425_grsec_remove_EI_PAX.patch
b/3.14.17/4425_grsec_remove_EI_PAX.patch
similarity index 100%
rename from 3.14.16/4425_grsec_remove_EI_PAX.patch
rename to 3.14.17/4425_grsec_remove_EI_PAX.patch
diff --git a/3.14.16/4427_force_XATTR_PAX_tmpfs.patch
b/3.14.17/4427_force_XATTR_PAX_tmpfs.patch
similarity index 100%
rename from 3.14.16/4427_force_XATTR_PAX_tmpfs.patch
rename to 3.14.17/4427_force_XATTR_PAX_tmpfs.patch
diff --git a/3.14.16/4430_grsec-remove-localversion-grsec.patch
b/3.14.17/4430_grsec-remove-localversion-grsec.patch
similarity index 100%
rename from 3.14.16/4430_grsec-remove-localversion-grsec.patch
rename to 3.14.17/4430_grsec-remove-localversion-grsec.patch
diff --git a/3.14.16/4435_grsec-mute-warnings.patch
b/3.14.17/4435_grsec-mute-warnings.patch
similarity index 100%
rename from 3.14.16/4435_grsec-mute-warnings.patch
rename to 3.14.17/4435_grsec-mute-warnings.patch
diff --git a/3.14.16/4440_grsec-remove-protected-paths.patch
b/3.14.17/4440_grsec-remove-protected-paths.patch
similarity index 100%
rename from 3.14.16/4440_grsec-remove-protected-paths.patch
rename to 3.14.17/4440_grsec-remove-protected-paths.patch
diff --git a/3.14.16/4450_grsec-kconfig-default-gids.patch
b/3.14.17/4450_grsec-kconfig-default-gids.patch
similarity index 100%
rename from 3.14.16/4450_grsec-kconfig-default-gids.patch
rename to 3.14.17/4450_grsec-kconfig-default-gids.patch
diff --git a/3.14.16/4465_selinux-avc_audit-log-curr_ip.patch
b/3.14.17/4465_selinux-avc_audit-log-curr_ip.patch
similarity index 100%
rename from 3.14.16/4465_selinux-avc_audit-log-curr_ip.patch
rename to 3.14.17/4465_selinux-avc_audit-log-curr_ip.patch
diff --git a/3.14.16/4470_disable-compat_vdso.patch
b/3.14.17/4470_disable-compat_vdso.patch
similarity index 100%
rename from 3.14.16/4470_disable-compat_vdso.patch
rename to 3.14.17/4470_disable-compat_vdso.patch
diff --git a/3.14.16/4475_emutramp_default_on.patch
b/3.14.17/4475_emutramp_default_on.patch
similarity index 100%
rename from 3.14.16/4475_emutramp_default_on.patch
rename to 3.14.17/4475_emutramp_default_on.patch
diff --git a/3.15.9/0000_README b/3.15.10/0000_README
similarity index 96%
rename from 3.15.9/0000_README
rename to 3.15.10/0000_README
index 1b914bb..9e87c71 100644
--- a/3.15.9/0000_README
+++ b/3.15.10/0000_README
@@ -2,7 +2,7 @@ README
-----------------------------------------------------------------------------
Individual Patch Descriptions:
-----------------------------------------------------------------------------
-Patch: 4420_grsecurity-3.0-3.15.9-201408110025.patch
+Patch: 4420_grsecurity-3.0-3.15.10-201408140023.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/3.15.9/4420_grsecurity-3.0-3.15.9-201408110025.patch
b/3.15.10/4420_grsecurity-3.0-3.15.10-201408140023.patch
similarity index 99%
rename from 3.15.9/4420_grsecurity-3.0-3.15.9-201408110025.patch
rename to 3.15.10/4420_grsecurity-3.0-3.15.10-201408140023.patch
index eb185bb..500720d 100644
--- a/3.15.9/4420_grsecurity-3.0-3.15.9-201408110025.patch
+++ b/3.15.10/4420_grsecurity-3.0-3.15.10-201408140023.patch
@@ -287,7 +287,7 @@ index 30a8ad0d..2ed9efd 100644
pcd. [PARIDE]
diff --git a/Makefile b/Makefile
-index 25b85ab..131efa3 100644
+index 76b75f7b84..34cd7f7 100644
--- a/Makefile
+++ b/Makefile
@@ -245,8 +245,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo
$$BASH; \
@@ -12070,7 +12070,7 @@ index d329537..2c3746a 100644
pte_t *huge_pte_alloc(struct mm_struct *mm,
diff --git a/arch/sparc/mm/init_64.c b/arch/sparc/mm/init_64.c
-index ed3c969..42fe48d 100644
+index 9686224..dfbdb10 100644
--- a/arch/sparc/mm/init_64.c
+++ b/arch/sparc/mm/init_64.c
@@ -188,9 +188,9 @@ unsigned long sparc64_kern_sec_context __read_mostly;
@@ -12094,7 +12094,7 @@ index ed3c969..42fe48d 100644
#endif
#ifdef DCACHE_ALIASING_POSSIBLE
-@@ -466,10 +466,10 @@ void mmu_info(struct seq_file *m)
+@@ -470,10 +470,10 @@ void mmu_info(struct seq_file *m)
#ifdef CONFIG_DEBUG_DCFLUSH
seq_printf(m, "DCPageFlushes\t: %d\n",
@@ -46534,10 +46534,10 @@ index 78f18be..1d19c62 100644
priv = netdev_priv(dev);
priv->phy = phy;
diff --git a/drivers/net/macvlan.c b/drivers/net/macvlan.c
-index 7eec598..90b8428 100644
+index d650b91..7717c68 100644
--- a/drivers/net/macvlan.c
+++ b/drivers/net/macvlan.c
-@@ -984,13 +984,15 @@ static const struct nla_policy
macvlan_policy[IFLA_MACVLAN_MAX + 1] = {
+@@ -985,13 +985,15 @@ static const struct nla_policy
macvlan_policy[IFLA_MACVLAN_MAX + 1] = {
int macvlan_link_register(struct rtnl_link_ops *ops)
{
/* common fields */
@@ -46560,7 +46560,7 @@ index 7eec598..90b8428 100644
return rtnl_link_register(ops);
};
-@@ -1044,7 +1046,7 @@ static int macvlan_device_event(struct notifier_block
*unused,
+@@ -1045,7 +1047,7 @@ static int macvlan_device_event(struct notifier_block
*unused,
return NOTIFY_DONE;
}
@@ -46613,19 +46613,6 @@ index 3c41a83..5fe2d7f 100644
break;
err = 0;
break;
-diff --git a/drivers/net/ppp/pptp.c b/drivers/net/ppp/pptp.c
-index 0180531..1aff970 100644
---- a/drivers/net/ppp/pptp.c
-+++ b/drivers/net/ppp/pptp.c
-@@ -281,7 +281,7 @@ static int pptp_xmit(struct ppp_channel *chan, struct
sk_buff *skb)
- nf_reset(skb);
-
- skb->ip_summed = CHECKSUM_NONE;
-- ip_select_ident(skb, &rt->dst, NULL);
-+ ip_select_ident(skb, NULL);
- ip_send_check(iph);
-
- ip_local_out(skb);
diff --git a/drivers/net/slip/slhc.c b/drivers/net/slip/slhc.c
index 1252d9c..80e660b 100644
--- a/drivers/net/slip/slhc.c
@@ -83795,52 +83782,20 @@ index 7a43138..bc76865 100644
/** inet_connection_sock - INET connection oriented sock
*
diff --git a/include/net/inetpeer.h b/include/net/inetpeer.h
-index 058271b..1af4453 100644
+index 823ec7b..1af4453 100644
--- a/include/net/inetpeer.h
+++ b/include/net/inetpeer.h
-@@ -41,14 +41,13 @@ struct inet_peer {
- struct rcu_head gc_rcu;
- };
- /*
-- * Once inet_peer is queued for deletion (refcnt == -1), following
fields
-- * are not available: rid, ip_id_count
-+ * Once inet_peer is queued for deletion (refcnt == -1), following field
-+ * is not available: rid
- * We can share memory with rcu_head to help keep inet_peer small.
+@@ -47,7 +47,7 @@ struct inet_peer {
*/
union {
struct {
- atomic_t rid; /* Frag
reception counter */
-- atomic_t ip_id_count; /* IP
ID for the next packet */
+ atomic_unchecked_t rid;
/* Frag reception counter */
};
struct rcu_head rcu;
struct inet_peer *gc_next;
-@@ -165,7 +164,7 @@ bool inet_peer_xrlim_allow(struct inet_peer *peer, int
timeout);
- void inetpeer_invalidate_tree(struct inet_peer_base *);
-
- /*
-- * temporary check to make sure we dont access rid, ip_id_count, tcp_ts,
-+ * temporary check to make sure we dont access rid, tcp_ts,
- * tcp_ts_stamp if no refcount is taken on inet_peer
- */
- static inline void inet_peer_refcheck(const struct inet_peer *p)
-@@ -173,13 +172,4 @@ static inline void inet_peer_refcheck(const struct
inet_peer *p)
- WARN_ON_ONCE(atomic_read(&p->refcnt) <= 0);
- }
-
--
--/* can be called with or without local BH being disabled */
--static inline int inet_getid(struct inet_peer *p, int more)
--{
-- more++;
-- inet_peer_refcheck(p);
-- return atomic_add_return(more, &p->ip_id_count) - more;
--}
--
- #endif /* _NET_INETPEER_H */
diff --git a/include/net/ip.h b/include/net/ip.h
-index 3ec2b0f..6a28064 100644
+index 54de029..6a28064 100644
--- a/include/net/ip.h
+++ b/include/net/ip.h
@@ -220,7 +220,7 @@ static inline void snmp_mib_free(void __percpu
*ptr[SNMP_ARRAY_SZ])
@@ -83852,55 +83807,15 @@ index 3ec2b0f..6a28064 100644
static inline int inet_is_reserved_local_port(int port)
{
return test_bit(port, sysctl_local_reserved_ports);
-@@ -310,9 +310,10 @@ static inline unsigned int ip_skb_dst_mtu(const struct
sk_buff *skb)
+@@ -310,7 +310,7 @@ static inline unsigned int ip_skb_dst_mtu(const struct
sk_buff *skb)
}
}
--void __ip_select_ident(struct iphdr *iph, struct dst_entry *dst, int more);
+-u32 ip_idents_reserve(u32 hash, int segs);
+u32 ip_idents_reserve(u32 hash, int segs) __intentional_overflow(-1);
-+void __ip_select_ident(struct iphdr *iph, int segs);
-
--static inline void ip_select_ident(struct sk_buff *skb, struct dst_entry
*dst, struct sock *sk)
-+static inline void ip_select_ident_segs(struct sk_buff *skb, struct sock *sk,
int segs)
- {
- struct iphdr *iph = ip_hdr(skb);
+ void __ip_select_ident(struct iphdr *iph, int segs);
-@@ -322,24 +323,20 @@ static inline void ip_select_ident(struct sk_buff *skb,
struct dst_entry *dst, s
- * does not change, they drop every other packet in
- * a TCP stream using header compression.
- */
-- iph->id = (sk && inet_sk(sk)->inet_daddr) ?
-- htons(inet_sk(sk)->inet_id++) : 0;
-- } else
-- __ip_select_ident(iph, dst, 0);
--}
--
--static inline void ip_select_ident_more(struct sk_buff *skb, struct dst_entry
*dst, struct sock *sk, int more)
--{
-- struct iphdr *iph = ip_hdr(skb);
--
-- if ((iph->frag_off & htons(IP_DF)) && !skb->local_df) {
- if (sk && inet_sk(sk)->inet_daddr) {
- iph->id = htons(inet_sk(sk)->inet_id);
-- inet_sk(sk)->inet_id += 1 + more;
-- } else
-+ inet_sk(sk)->inet_id += segs;
-+ } else {
- iph->id = 0;
-- } else
-- __ip_select_ident(iph, dst, more);
-+ }
-+ } else {
-+ __ip_select_ident(iph, segs);
-+ }
-+}
-+
-+static inline void ip_select_ident(struct sk_buff *skb, struct sock *sk)
-+{
-+ ip_select_ident_segs(skb, sk, 1);
- }
-
- /*
+ static inline void ip_select_ident_segs(struct sk_buff *skb, struct sock *sk,
int segs)
diff --git a/include/net/ip_fib.h b/include/net/ip_fib.h
index 9922093..a1755d6 100644
--- a/include/net/ip_fib.h
@@ -83950,19 +83865,6 @@ index 5679d92..2e7a690 100644
/* ip_vs_est */
struct list_head est_list; /* estimator list */
spinlock_t est_lock;
-diff --git a/include/net/ipv6.h b/include/net/ipv6.h
-index d640925..d681568 100644
---- a/include/net/ipv6.h
-+++ b/include/net/ipv6.h
-@@ -660,8 +660,6 @@ static inline int ipv6_addr_diff(const struct in6_addr
*a1, const struct in6_add
- return __ipv6_addr_diff(a1, a2, sizeof(struct in6_addr));
- }
-
--void ipv6_select_ident(struct frag_hdr *fhdr, struct rt6_info *rt);
--
- int ip6_dst_hoplimit(struct dst_entry *dst);
-
- /*
diff --git a/include/net/irda/ircomm_tty.h b/include/net/irda/ircomm_tty.h
index 8d4f588..2e37ad2 100644
--- a/include/net/irda/ircomm_tty.h
@@ -84376,19 +84278,6 @@ index 0dfcc92..7967849 100644
/* Structure to track chunk fragments that have been acked, but peer
-diff --git a/include/net/secure_seq.h b/include/net/secure_seq.h
-index f257486..3f36d45 100644
---- a/include/net/secure_seq.h
-+++ b/include/net/secure_seq.h
-@@ -3,8 +3,6 @@
-
- #include <linux/types.h>
-
--__u32 secure_ip_id(__be32 daddr);
--__u32 secure_ipv6_id(const __be32 daddr[4]);
- u32 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport);
- u32 secure_ipv6_port_ephemeral(const __be32 *saddr, const __be32 *daddr,
- __be16 dport);
diff --git a/include/net/sock.h b/include/net/sock.h
index f5a7e22..043b85f 100644
--- a/include/net/sock.h
@@ -98019,10 +97908,10 @@ index f04224c..f326579 100644
if (ogm_packet->flags & BATADV_DIRECTLINK)
has_directlink_flag = true;
diff --git a/net/batman-adv/fragmentation.c b/net/batman-adv/fragmentation.c
-index f14e54a..66f3e2e 100644
+index 022d18a..919daff 100644
--- a/net/batman-adv/fragmentation.c
+++ b/net/batman-adv/fragmentation.c
-@@ -446,7 +446,7 @@ bool batadv_frag_send_packet(struct sk_buff *skb,
+@@ -450,7 +450,7 @@ bool batadv_frag_send_packet(struct sk_buff *skb,
frag_header.packet_type = BATADV_UNICAST_FRAG;
frag_header.version = BATADV_COMPAT_VERSION;
frag_header.ttl = BATADV_TTL;
@@ -98385,7 +98274,7 @@ index 1948d59..9e854d5 100644
switch (ss->ss_family) {
diff --git a/net/compat.c b/net/compat.c
-index 9a76eaf..f9c070c 100644
+index bc8aeef..f9c070c 100644
--- a/net/compat.c
+++ b/net/compat.c
@@ -73,9 +73,9 @@ int get_compat_msghdr(struct msghdr *kmsg, struct
compat_msghdr __user *umsg)
@@ -98401,28 +98290,17 @@ index 9a76eaf..f9c070c 100644
return 0;
}
-@@ -85,21 +85,22 @@ int verify_compat_iovec(struct msghdr *kern_msg, struct
iovec *kern_iov,
- {
- int tot_len;
+@@ -87,7 +87,7 @@ int verify_compat_iovec(struct msghdr *kern_msg, struct
iovec *kern_iov,
-- if (kern_msg->msg_namelen) {
-+ if (kern_msg->msg_name && kern_msg->msg_namelen) {
+ if (kern_msg->msg_name && kern_msg->msg_namelen) {
if (mode == VERIFY_READ) {
- int err = move_addr_to_kernel(kern_msg->msg_name,
+ int err = move_addr_to_kernel((void __force_user
*)kern_msg->msg_name,
kern_msg->msg_namelen,
kern_address);
if (err < 0)
- return err;
- }
-- if (kern_msg->msg_name)
-- kern_msg->msg_name = kern_address;
-- } else
-+ kern_msg->msg_name = kern_address;
-+ } else {
- kern_msg->msg_name = NULL;
-+ kern_msg->msg_namelen = 0;
-+ }
+@@ -100,7 +100,7 @@ int verify_compat_iovec(struct msghdr *kern_msg, struct
iovec *kern_iov,
+ }
tot_len = iov_from_user_compat_to_kern(kern_iov,
- (struct compat_iovec __user
*)kern_msg->msg_iov,
@@ -98430,7 +98308,7 @@ index 9a76eaf..f9c070c 100644
kern_msg->msg_iovlen);
if (tot_len >= 0)
kern_msg->msg_iov = kern_iov;
-@@ -119,20 +120,20 @@ int verify_compat_iovec(struct msghdr *kern_msg, struct
iovec *kern_iov,
+@@ -120,20 +120,20 @@ int verify_compat_iovec(struct msghdr *kern_msg, struct
iovec *kern_iov,
#define CMSG_COMPAT_FIRSTHDR(msg) \
(((msg)->msg_controllen) >= sizeof(struct compat_cmsghdr) ? \
@@ -98454,7 +98332,7 @@ index 9a76eaf..f9c070c 100644
msg->msg_controllen)
return NULL;
return (struct compat_cmsghdr __user *)ptr;
-@@ -222,7 +223,7 @@ Efault:
+@@ -223,7 +223,7 @@ Efault:
int put_cmsg_compat(struct msghdr *kmsg, int level, int type, int len, void
*data)
{
@@ -98463,7 +98341,7 @@ index 9a76eaf..f9c070c 100644
struct compat_cmsghdr cmhdr;
struct compat_timeval ctv;
struct compat_timespec cts[3];
-@@ -278,7 +279,7 @@ int put_cmsg_compat(struct msghdr *kmsg, int level, int
type, int len, void *dat
+@@ -279,7 +279,7 @@ int put_cmsg_compat(struct msghdr *kmsg, int level, int
type, int len, void *dat
void scm_detach_fds_compat(struct msghdr *kmsg, struct scm_cookie *scm)
{
@@ -98472,7 +98350,7 @@ index 9a76eaf..f9c070c 100644
int fdmax = (kmsg->msg_controllen - sizeof(struct compat_cmsghdr)) /
sizeof(int);
int fdnum = scm->fp->count;
struct file **fp = scm->fp->fp;
-@@ -366,7 +367,7 @@ static int do_set_sock_timeout(struct socket *sock, int
level,
+@@ -367,7 +367,7 @@ static int do_set_sock_timeout(struct socket *sock, int
level,
return -EFAULT;
old_fs = get_fs();
set_fs(KERNEL_DS);
@@ -98481,7 +98359,7 @@ index 9a76eaf..f9c070c 100644
set_fs(old_fs);
return err;
-@@ -427,7 +428,7 @@ static int do_get_sock_timeout(struct socket *sock, int
level, int optname,
+@@ -428,7 +428,7 @@ static int do_get_sock_timeout(struct socket *sock, int
level, int optname,
len = sizeof(ktime);
old_fs = get_fs();
set_fs(KERNEL_DS);
@@ -98490,7 +98368,7 @@ index 9a76eaf..f9c070c 100644
set_fs(old_fs);
if (!err) {
-@@ -570,7 +571,7 @@ int compat_mc_setsockopt(struct sock *sock, int level, int
optname,
+@@ -571,7 +571,7 @@ int compat_mc_setsockopt(struct sock *sock, int level, int
optname,
case MCAST_JOIN_GROUP:
case MCAST_LEAVE_GROUP:
{
@@ -98499,7 +98377,7 @@ index 9a76eaf..f9c070c 100644
struct group_req __user *kgr =
compat_alloc_user_space(sizeof(struct group_req));
u32 interface;
-@@ -591,7 +592,7 @@ int compat_mc_setsockopt(struct sock *sock, int level, int
optname,
+@@ -592,7 +592,7 @@ int compat_mc_setsockopt(struct sock *sock, int level, int
optname,
case MCAST_BLOCK_SOURCE:
case MCAST_UNBLOCK_SOURCE:
{
@@ -98508,7 +98386,7 @@ index 9a76eaf..f9c070c 100644
struct group_source_req __user *kgsr = compat_alloc_user_space(
sizeof(struct group_source_req));
u32 interface;
-@@ -612,7 +613,7 @@ int compat_mc_setsockopt(struct sock *sock, int level, int
optname,
+@@ -613,7 +613,7 @@ int compat_mc_setsockopt(struct sock *sock, int level, int
optname,
}
case MCAST_MSFILTER:
{
@@ -98517,7 +98395,7 @@ index 9a76eaf..f9c070c 100644
struct group_filter __user *kgf;
u32 interface, fmode, numsrc;
-@@ -650,7 +651,7 @@ int compat_mc_getsockopt(struct sock *sock, int level, int
optname,
+@@ -651,7 +651,7 @@ int compat_mc_getsockopt(struct sock *sock, int level, int
optname,
char __user *optval, int __user *optlen,
int (*getsockopt)(struct sock *, int, int, char __user *, int __user *))
{
@@ -98526,7 +98404,7 @@ index 9a76eaf..f9c070c 100644
struct group_filter __user *kgf;
int __user *koptlen;
u32 interface, fmode, numsrc;
-@@ -803,7 +804,7 @@ COMPAT_SYSCALL_DEFINE2(socketcall, int, call, u32 __user
*, args)
+@@ -804,7 +804,7 @@ COMPAT_SYSCALL_DEFINE2(socketcall, int, call, u32 __user
*, args)
if (call < SYS_SOCKET || call > SYS_SENDMMSG)
return -EINVAL;
@@ -98719,15 +98597,11 @@ index a0348fd..6951c76 100644
fle->object = flo;
else
diff --git a/net/core/iovec.c b/net/core/iovec.c
-index b618694..cd5f0af 100644
+index 26dc006..89e838e 100644
--- a/net/core/iovec.c
+++ b/net/core/iovec.c
-@@ -39,23 +39,23 @@ int verify_iovec(struct msghdr *m, struct iovec *iov,
struct sockaddr_storage *a
- {
- int size, ct, err;
-
-- if (m->msg_namelen) {
-+ if (m->msg_name && m->msg_namelen) {
+@@ -42,7 +42,7 @@ int verify_iovec(struct msghdr *m, struct iovec *iov, struct
sockaddr_storage *a
+ if (m->msg_name && m->msg_namelen) {
if (mode == VERIFY_READ) {
void __user *namep;
- namep = (void __user __force *) m->msg_name;
@@ -98735,14 +98609,7 @@ index b618694..cd5f0af 100644
err = move_addr_to_kernel(namep, m->msg_namelen,
address);
if (err < 0)
- return err;
- }
-- if (m->msg_name)
-- m->msg_name = address;
-+ m->msg_name = address;
- } else {
- m->msg_name = NULL;
-+ m->msg_namelen = 0;
+@@ -55,7 +55,7 @@ int verify_iovec(struct msghdr *m, struct iovec *iov, struct
sockaddr_storage *a
}
size = m->msg_iovlen * sizeof(struct iovec);
@@ -99017,44 +98884,8 @@ index b442e7e..6f5b5a2 100644
i++, cmfptr++)
{
struct socket *sock;
-diff --git a/net/core/secure_seq.c b/net/core/secure_seq.c
-index 897da56..ba71212 100644
---- a/net/core/secure_seq.c
-+++ b/net/core/secure_seq.c
-@@ -85,31 +85,6 @@ EXPORT_SYMBOL(secure_ipv6_port_ephemeral);
- #endif
-
- #ifdef CONFIG_INET
--__u32 secure_ip_id(__be32 daddr)
--{
-- u32 hash[MD5_DIGEST_WORDS];
--
-- net_secret_init();
-- hash[0] = (__force __u32) daddr;
-- hash[1] = net_secret[13];
-- hash[2] = net_secret[14];
-- hash[3] = net_secret[15];
--
-- md5_transform(hash, net_secret);
--
-- return hash[0];
--}
--
--__u32 secure_ipv6_id(const __be32 daddr[4])
--{
-- __u32 hash[4];
--
-- net_secret_init();
-- memcpy(hash, daddr, 16);
-- md5_transform(hash, net_secret);
--
-- return hash[0];
--}
-
- __u32 secure_tcp_sequence_number(__be32 saddr, __be32 daddr,
- __be16 sport, __be16 dport)
diff --git a/net/core/skbuff.c b/net/core/skbuff.c
-index 9433047..8763e83 100644
+index 6ab5f77..6fd2a81 100644
--- a/net/core/skbuff.c
+++ b/net/core/skbuff.c
@@ -2003,7 +2003,7 @@ EXPORT_SYMBOL(__skb_checksum);
@@ -99559,28 +99390,6 @@ index b10cd43a..22327f9 100644
return nh->nh_saddr;
}
-diff --git a/net/ipv4/igmp.c b/net/ipv4/igmp.c
-index 9db3b87..0ffcd4d 100644
---- a/net/ipv4/igmp.c
-+++ b/net/ipv4/igmp.c
-@@ -369,7 +369,7 @@ static struct sk_buff *igmpv3_newpack(struct net_device
*dev, int size)
- pip->saddr = fl4.saddr;
- pip->protocol = IPPROTO_IGMP;
- pip->tot_len = 0; /* filled in later */
-- ip_select_ident(skb, &rt->dst, NULL);
-+ ip_select_ident(skb, NULL);
- ((u8 *)&pip[1])[0] = IPOPT_RA;
- ((u8 *)&pip[1])[1] = 4;
- ((u8 *)&pip[1])[2] = 0;
-@@ -714,7 +714,7 @@ static int igmp_send_report(struct in_device *in_dev,
struct ip_mc_list *pmc,
- iph->daddr = dst;
- iph->saddr = fl4.saddr;
- iph->protocol = IPPROTO_IGMP;
-- ip_select_ident(skb, &rt->dst, NULL);
-+ ip_select_ident(skb, NULL);
- ((u8 *)&iph[1])[0] = IPOPT_RA;
- ((u8 *)&iph[1])[1] = 4;
- ((u8 *)&iph[1])[2] = 0;
diff --git a/net/ipv4/inet_connection_sock.c b/net/ipv4/inet_connection_sock.c
index a56b8e6..5be2a30 100644
--- a/net/ipv4/inet_connection_sock.c
@@ -99625,47 +99434,14 @@ index 8b9cf27..0d8d592 100644
inet_twsk_deschedule(tw, death_row);
while (twrefcnt) {
diff --git a/net/ipv4/inetpeer.c b/net/ipv4/inetpeer.c
-index 48f4244..d83ba8a 100644
+index bf2cb4a..d83ba8a 100644
--- a/net/ipv4/inetpeer.c
+++ b/net/ipv4/inetpeer.c
-@@ -26,20 +26,7 @@
- * Theory of operations.
- * We keep one entry for each peer IP address. The nodes contains
long-living
- * information about the peer which doesn't depend on routes.
-- * At this moment this information consists only of ID field for the next
-- * outgoing IP packet. This field is incremented with each packet as encoded
-- * in inet_getid() function (include/net/inetpeer.h).
-- * At the moment of writing this notes identifier of IP packets is generated
-- * to be unpredictable using this code only for packets subjected
-- * (actually or potentially) to defragmentation. I.e. DF packets less than
-- * PMTU in size when local fragmentation is disabled use a constant ID and do
-- * not use this code (see ip_select_ident() in include/net/ip.h).
- *
-- * Route cache entries hold references to our nodes.
-- * New cache entries get references via lookup by destination IP address in
-- * the avl tree. The reference is grabbed only when it's needed i.e. only
-- * when we try to output IP packet which needs an unpredictable ID (see
-- * __ip_select_ident() in net/ipv4/route.c).
- * Nodes are removed only when reference counter goes to 0.
- * When it's happened the node may be removed when a sufficient amount of
- * time has been passed since its last use. The less-recently-used entry can
-@@ -62,7 +49,6 @@
- * refcnt: atomically against modifications on other CPU;
- * usually under some other lock to prevent node disappearing
- * daddr: unchangeable
-- * ip_id_count: atomic value (no lock needed)
- */
-
- static struct kmem_cache *peer_cachep __read_mostly;
-@@ -496,11 +482,7 @@ relookup:
+@@ -482,7 +482,7 @@ relookup:
if (p) {
p->daddr = *daddr;
atomic_set(&p->refcnt, 1);
- atomic_set(&p->rid, 0);
-- atomic_set(&p->ip_id_count,
-- (daddr->family == AF_INET) ?
-- secure_ip_id(daddr->addr.a4) :
-- secure_ipv6_id(daddr->addr.a6));
+ atomic_set_unchecked(&p->rid, 0);
p->metrics[RTAX_LOCK-1] = INETPEER_METRICS_NEW;
p->rate_tokens = 0;
@@ -99752,38 +99528,6 @@ index 94213c8..8bdb342 100644
.kind = "gretap",
.maxtype = IFLA_GRE_MAX,
.policy = ipgre_policy,
-diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c
-index a52f501..4ecc160 100644
---- a/net/ipv4/ip_output.c
-+++ b/net/ipv4/ip_output.c
-@@ -148,7 +148,7 @@ int ip_build_and_send_pkt(struct sk_buff *skb, struct sock
*sk,
- iph->daddr = (opt && opt->opt.srr ? opt->opt.faddr : daddr);
- iph->saddr = saddr;
- iph->protocol = sk->sk_protocol;
-- ip_select_ident(skb, &rt->dst, sk);
-+ ip_select_ident(skb, sk);
-
- if (opt && opt->opt.optlen) {
- iph->ihl += opt->opt.optlen>>2;
-@@ -430,8 +430,7 @@ packet_routed:
- ip_options_build(skb, &inet_opt->opt, inet->inet_daddr, rt, 0);
- }
-
-- ip_select_ident_more(skb, &rt->dst, sk,
-- (skb_shinfo(skb)->gso_segs ?: 1) - 1);
-+ ip_select_ident_segs(skb, sk, skb_shinfo(skb)->gso_segs ?: 1);
-
- /* TODO : should we use skb->sk here instead of sk ? */
- skb->priority = sk->sk_priority;
-@@ -1379,7 +1378,7 @@ struct sk_buff *__ip_make_skb(struct sock *sk,
- iph->ttl = ttl;
- iph->protocol = sk->sk_protocol;
- ip_copy_addrs(iph, fl4);
-- ip_select_ident(skb, &rt->dst, sk);
-+ ip_select_ident(skb, sk);
-
- if (opt) {
- iph->ihl += opt->optlen>>2;
diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c
index 64741b9..6f334a2 100644
--- a/net/ipv4/ip_sockglue.c
@@ -99807,19 +99551,6 @@ index 64741b9..6f334a2 100644
msg.msg_controllen = len;
msg.msg_flags = flags;
-diff --git a/net/ipv4/ip_tunnel_core.c b/net/ipv4/ip_tunnel_core.c
-index bcf206c..847e69c 100644
---- a/net/ipv4/ip_tunnel_core.c
-+++ b/net/ipv4/ip_tunnel_core.c
-@@ -74,7 +74,7 @@ int iptunnel_xmit(struct sock *sk, struct rtable *rt, struct
sk_buff *skb,
- iph->daddr = dst;
- iph->saddr = src;
- iph->ttl = ttl;
-- __ip_select_ident(iph, &rt->dst, (skb_shinfo(skb)->gso_segs ?: 1) - 1);
-+ __ip_select_ident(iph, skb_shinfo(skb)->gso_segs ?: 1);
-
- err = ip_local_out_sk(sk, skb);
- if (unlikely(net_xmit_eval(err)))
diff --git a/net/ipv4/ip_vti.c b/net/ipv4/ip_vti.c
index 13ef00f..8ffca25 100644
--- a/net/ipv4/ip_vti.c
@@ -99895,19 +99626,6 @@ index 62eaa00..29b2dc2 100644
.kind = "ipip",
.maxtype = IFLA_IPTUN_MAX,
.policy = ipip_policy,
-diff --git a/net/ipv4/ipmr.c b/net/ipv4/ipmr.c
-index d84dc8d..d11a50d 100644
---- a/net/ipv4/ipmr.c
-+++ b/net/ipv4/ipmr.c
-@@ -1663,7 +1663,7 @@ static void ip_encap(struct sk_buff *skb, __be32 saddr,
__be32 daddr)
- iph->protocol = IPPROTO_IPIP;
- iph->ihl = 5;
- iph->tot_len = htons(skb->len);
-- ip_select_ident(skb, skb_dst(skb), NULL);
-+ ip_select_ident(skb, NULL);
- ip_send_check(iph);
-
- memset(&(IPCB(skb)->opt), 0, sizeof(IPCB(skb)->opt));
diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c
index f95b6f9..2ee2097 100644
--- a/net/ipv4/netfilter/arp_tables.c
@@ -100124,7 +99842,7 @@ index 044a0dd..e0c1971 100644
static int ping_v4_seq_show(struct seq_file *seq, void *v)
diff --git a/net/ipv4/raw.c b/net/ipv4/raw.c
-index a9dbe58..b54c00e 100644
+index 2c65160..b54c00e 100644
--- a/net/ipv4/raw.c
+++ b/net/ipv4/raw.c
@@ -311,7 +311,7 @@ static int raw_rcv_skb(struct sock *sk, struct sk_buff
*skb)
@@ -100136,15 +99854,6 @@ index a9dbe58..b54c00e 100644
kfree_skb(skb);
return NET_RX_DROP;
}
-@@ -389,7 +389,7 @@ static int raw_send_hdrinc(struct sock *sk, struct flowi4
*fl4,
- iph->check = 0;
- iph->tot_len = htons(length);
- if (!iph->id)
-- ip_select_ident(skb, &rt->dst, NULL);
-+ ip_select_ident(skb, NULL);
-
- iph->check = ip_fast_csum((unsigned char *)iph, iph->ihl);
- }
@@ -696,6 +696,9 @@ static int raw_recvmsg(struct kiocb *iocb, struct sock
*sk, struct msghdr *msg,
if (flags & MSG_OOB)
goto out;
@@ -100206,18 +99915,10 @@ index a9dbe58..b54c00e 100644
static int raw_seq_show(struct seq_file *seq, void *v)
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
-index be9f2b1..aae0ac9 100644
+index fd618d4..aae0ac9 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
-@@ -89,6 +89,7 @@
- #include <linux/rcupdate.h>
- #include <linux/times.h>
- #include <linux/slab.h>
-+#include <linux/jhash.h>
- #include <net/dst.h>
- #include <net/net_namespace.h>
- #include <net/protocol.h>
-@@ -227,7 +228,7 @@ static const struct seq_operations rt_cache_seq_ops = {
+@@ -228,7 +228,7 @@ static const struct seq_operations rt_cache_seq_ops = {
static int rt_cache_seq_open(struct inode *inode, struct file *file)
{
@@ -100226,7 +99927,7 @@ index be9f2b1..aae0ac9 100644
}
static const struct file_operations rt_cache_seq_fops = {
-@@ -318,7 +319,7 @@ static const struct seq_operations rt_cpu_seq_ops = {
+@@ -319,7 +319,7 @@ static const struct seq_operations rt_cpu_seq_ops = {
static int rt_cpu_seq_open(struct inode *inode, struct file *file)
{
@@ -100235,7 +99936,7 @@ index be9f2b1..aae0ac9 100644
}
static const struct file_operations rt_cpu_seq_fops = {
-@@ -356,7 +357,7 @@ static int rt_acct_proc_show(struct seq_file *m, void *v)
+@@ -357,7 +357,7 @@ static int rt_acct_proc_show(struct seq_file *m, void *v)
static int rt_acct_proc_open(struct inode *inode, struct file *file)
{
@@ -100244,78 +99945,25 @@ index be9f2b1..aae0ac9 100644
}
static const struct file_operations rt_acct_proc_fops = {
-@@ -456,39 +457,45 @@ static struct neighbour *ipv4_neigh_lookup(const struct
dst_entry *dst,
- return neigh_create(&arp_tbl, pkey, dev);
- }
+@@ -459,7 +459,7 @@ static struct neighbour *ipv4_neigh_lookup(const struct
dst_entry *dst,
--/*
-- * Peer allocation may fail only in serious out-of-memory conditions. However
-- * we still can generate some output.
-- * Random ID selection looks a bit dangerous because we have no chances to
-- * select ID being unique in a reasonable period of time.
-- * But broken packet identifier may be better than no packet at all.
-+#define IP_IDENTS_SZ 2048u
-+struct ip_ident_bucket {
+ #define IP_IDENTS_SZ 2048u
+ struct ip_ident_bucket {
+- atomic_t id;
+ atomic_unchecked_t id;
-+ u32 stamp32;
-+};
-+
-+static struct ip_ident_bucket *ip_idents __read_mostly;
-+
-+/* In order to protect privacy, we add a perturbation to identifiers
-+ * if one generator is seldom used. This makes hard for an attacker
-+ * to infer how many packets were sent between two points in time.
- */
--static void ip_select_fb_ident(struct iphdr *iph)
-+u32 ip_idents_reserve(u32 hash, int segs)
- {
-- static DEFINE_SPINLOCK(ip_fb_id_lock);
-- static u32 ip_fallback_id;
-- u32 salt;
-+ struct ip_ident_bucket *bucket = ip_idents + hash % IP_IDENTS_SZ;
-+ u32 old = ACCESS_ONCE(bucket->stamp32);
-+ u32 now = (u32)jiffies;
-+ u32 delta = 0;
-
-- spin_lock_bh(&ip_fb_id_lock);
-- salt = secure_ip_id((__force __be32)ip_fallback_id ^ iph->daddr);
-- iph->id = htons(salt & 0xFFFF);
-- ip_fallback_id = salt;
-- spin_unlock_bh(&ip_fb_id_lock);
-+ if (old != now && cmpxchg(&bucket->stamp32, old, now) == old)
-+ delta = prandom_u32_max(now - old);
-+
-+ return atomic_add_return_unchecked(segs + delta, &bucket->id) - segs;
- }
-+EXPORT_SYMBOL(ip_idents_reserve);
-
--void __ip_select_ident(struct iphdr *iph, struct dst_entry *dst, int more)
-+void __ip_select_ident(struct iphdr *iph, int segs)
- {
-- struct net *net = dev_net(dst->dev);
-- struct inet_peer *peer;
-+ static u32 ip_idents_hashrnd __read_mostly;
-+ u32 hash, id;
+ u32 stamp32;
+ };
-- peer = inet_getpeer_v4(net->ipv4.peers, iph->daddr, 1);
-- if (peer) {
-- iph->id = htons(inet_getid(peer, more));
-- inet_putpeer(peer);
-- return;
-- }
-+ net_get_random_once(&ip_idents_hashrnd, sizeof(ip_idents_hashrnd));
+@@ -479,7 +479,7 @@ u32 ip_idents_reserve(u32 hash, int segs)
+ if (old != now && cmpxchg(&bucket->stamp32, old, now) == old)
+ delta = prandom_u32_max(now - old);
-- ip_select_fb_ident(iph);
-+ hash = jhash_3words((__force u32)iph->daddr,
-+ (__force u32)iph->saddr,
-+ iph->protocol,
-+ ip_idents_hashrnd);
-+ id = ip_idents_reserve(hash, segs);
-+ iph->id = htons(id);
+- return atomic_add_return(segs + delta, &bucket->id) - segs;
++ return atomic_add_return_unchecked(segs + delta, &bucket->id) - segs;
}
- EXPORT_SYMBOL(__ip_select_ident);
+ EXPORT_SYMBOL(ip_idents_reserve);
-@@ -2611,34 +2618,34 @@ static struct ctl_table ipv4_route_flush_table[] = {
+@@ -2618,34 +2618,34 @@ static struct ctl_table ipv4_route_flush_table[] = {
.maxlen = sizeof(int),
.mode = 0200,
.proc_handler = ipv4_sysctl_rtcache_flush,
@@ -100358,7 +100006,7 @@ index be9f2b1..aae0ac9 100644
err_dup:
return -ENOMEM;
}
-@@ -2661,8 +2668,8 @@ static __net_initdata struct pernet_operations
sysctl_route_ops = {
+@@ -2668,8 +2668,8 @@ static __net_initdata struct pernet_operations
sysctl_route_ops = {
static __net_init int rt_genid_init(struct net *net)
{
@@ -100369,19 +100017,6 @@ index be9f2b1..aae0ac9 100644
get_random_bytes(&net->ipv4.dev_addr_genid,
sizeof(net->ipv4.dev_addr_genid));
return 0;
-@@ -2705,6 +2712,12 @@ int __init ip_rt_init(void)
- {
- int rc = 0;
-
-+ ip_idents = kmalloc(IP_IDENTS_SZ * sizeof(*ip_idents), GFP_KERNEL);
-+ if (!ip_idents)
-+ panic("IP: failed to allocate ip_idents\n");
-+
-+ prandom_bytes(ip_idents, IP_IDENTS_SZ * sizeof(*ip_idents));
-+
- #ifdef CONFIG_IP_ROUTE_CLASSID
- ip_rt_acct = __alloc_percpu(256 * sizeof(struct ip_rt_acct),
__alignof__(struct ip_rt_acct));
- if (!ip_rt_acct)
diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c
index 5cde8f2..5f5684e 100644
--- a/net/ipv4/sysctl_net_ipv4.c
@@ -100678,33 +100313,6 @@ index 286227a..c495a76 100644
if (retransmits_timed_out(sk, retry_until,
syn_set ? 0 : icsk->icsk_user_timeout,
syn_set)) {
/* Has it gone just too far? */
-diff --git a/net/ipv4/tcp_vegas.c b/net/ipv4/tcp_vegas.c
-index 48539ff..08c8ab4 100644
---- a/net/ipv4/tcp_vegas.c
-+++ b/net/ipv4/tcp_vegas.c
-@@ -219,7 +219,8 @@ static void tcp_vegas_cong_avoid(struct sock *sk, u32 ack,
u32 acked,
- * This is:
- * (actual rate in segments) * baseRTT
- */
-- target_cwnd = tp->snd_cwnd * vegas->baseRTT / rtt;
-+ target_cwnd = (u64)tp->snd_cwnd * vegas->baseRTT;
-+ do_div(target_cwnd, rtt);
-
- /* Calculate the difference between the window we had,
- * and the window we would like to have. This quantity
-diff --git a/net/ipv4/tcp_veno.c b/net/ipv4/tcp_veno.c
-index 1b8e28f..4cd4e1b 100644
---- a/net/ipv4/tcp_veno.c
-+++ b/net/ipv4/tcp_veno.c
-@@ -145,7 +145,7 @@ static void tcp_veno_cong_avoid(struct sock *sk, u32 ack,
u32 acked,
-
- rtt = veno->minrtt;
-
-- target_cwnd = (tp->snd_cwnd * veno->basertt);
-+ target_cwnd = (u64)tp->snd_cwnd * veno->basertt;
- target_cwnd <<= V_PARAM_SHIFT;
- do_div(target_cwnd, rtt);
-
diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c
index 54a5fe9..78fea00 100644
--- a/net/ipv4/udp.c
@@ -100844,24 +100452,6 @@ index 54a5fe9..78fea00 100644
}
int udp4_seq_show(struct seq_file *seq, void *v)
-diff --git a/net/ipv4/xfrm4_mode_tunnel.c b/net/ipv4/xfrm4_mode_tunnel.c
-index 05f2b48..91771a7 100644
---- a/net/ipv4/xfrm4_mode_tunnel.c
-+++ b/net/ipv4/xfrm4_mode_tunnel.c
-@@ -58,12 +58,12 @@ static int xfrm4_mode_tunnel_output(struct xfrm_state *x,
struct sk_buff *skb)
-
- top_iph->frag_off = (flags & XFRM_STATE_NOPMTUDISC) ?
- 0 : (XFRM_MODE_SKB_CB(skb)->frag_off & htons(IP_DF));
-- ip_select_ident(skb, dst->child, NULL);
-
- top_iph->ttl = ip4_dst_hoplimit(dst->child);
-
- top_iph->saddr = x->props.saddr.a4;
- top_iph->daddr = x->id.daddr.a4;
-+ ip_select_ident(skb, NULL);
-
- return 0;
- }
diff --git a/net/ipv4/xfrm4_policy.c b/net/ipv4/xfrm4_policy.c
index 6156f68..d6ab46d 100644
--- a/net/ipv4/xfrm4_policy.c
@@ -101075,31 +100665,6 @@ index 9d92146..d986c6a 100644
.kind = "ip6gretap",
.maxtype = IFLA_GRE_MAX,
.policy = ip6gre_policy,
-diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c
-index fbf1156..1362d3a 100644
---- a/net/ipv6/ip6_output.c
-+++ b/net/ipv6/ip6_output.c
-@@ -537,6 +537,20 @@ static void ip6_copy_metadata(struct sk_buff *to, struct
sk_buff *from)
- skb_copy_secmark(to, from);
- }
-
-+static void ipv6_select_ident(struct frag_hdr *fhdr, struct rt6_info *rt)
-+{
-+ static u32 ip6_idents_hashrnd __read_mostly;
-+ u32 hash, id;
-+
-+ net_get_random_once(&ip6_idents_hashrnd, sizeof(ip6_idents_hashrnd));
-+
-+ hash = __ipv6_addr_jhash(&rt->rt6i_dst.addr, ip6_idents_hashrnd);
-+ hash = __ipv6_addr_jhash(&rt->rt6i_src.addr, hash);
-+
-+ id = ip_idents_reserve(hash, 1);
-+ fhdr->identification = htonl(id);
-+}
-+
- int ip6_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *))
- {
- struct sk_buff *frag;
diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c
index afa0824..04ba530 100644
--- a/net/ipv6/ip6_tunnel.c
@@ -101249,38 +100814,13 @@ index 767ab8d..c5ec70a 100644
return -ENOMEM;
}
diff --git a/net/ipv6/output_core.c b/net/ipv6/output_core.c
-index 56596ce..ffa0293 100644
+index 6179ac1..ffa0293 100644
--- a/net/ipv6/output_core.c
+++ b/net/ipv6/output_core.c
-@@ -8,32 +8,6 @@
+@@ -8,7 +8,6 @@
#include <net/addrconf.h>
#include <net/secure_seq.h>
--void ipv6_select_ident(struct frag_hdr *fhdr, struct rt6_info *rt)
--{
-- static atomic_t ipv6_fragmentation_id;
-- struct in6_addr addr;
-- int ident;
--
--#if IS_ENABLED(CONFIG_IPV6)
-- struct inet_peer *peer;
-- struct net *net;
--
-- net = dev_net(rt->dst.dev);
-- peer = inet_getpeer_v6(net->ipv6.peers, &rt->rt6i_dst.addr, 1);
-- if (peer) {
-- fhdr->identification = htonl(inet_getid(peer, 0));
-- inet_putpeer(peer);
-- return;
-- }
--#endif
-- ident = atomic_inc_return(&ipv6_fragmentation_id);
--
-- addr = rt->rt6i_dst.addr;
-- addr.s6_addr32[0] ^= (__force __be32)ident;
-- fhdr->identification = htonl(secure_ipv6_id(addr.s6_addr32));
--}
--EXPORT_SYMBOL(ipv6_select_ident);
-
int ip6_find_1stfragopt(struct sk_buff *skb, u8 **nexthdr)
{
@@ -102429,18 +101969,9 @@ index db80126..ef7110e 100644
cp->old_state = cp->state;
/*
diff --git a/net/netfilter/ipvs/ip_vs_xmit.c b/net/netfilter/ipvs/ip_vs_xmit.c
-index c47444e..e9a86e6 100644
+index 7f0e1cf..e9a86e6 100644
--- a/net/netfilter/ipvs/ip_vs_xmit.c
+++ b/net/netfilter/ipvs/ip_vs_xmit.c
-@@ -883,7 +883,7 @@ ip_vs_tunnel_xmit(struct sk_buff *skb, struct ip_vs_conn
*cp,
- iph->daddr = cp->daddr.ip;
- iph->saddr = saddr;
- iph->ttl = old_iph->ttl;
-- ip_select_ident(skb, &rt->dst, NULL);
-+ ip_select_ident(skb, NULL);
-
- /* Another hack: avoid icmp_send in ip_fragment */
- skb->local_df = 1;
@@ -1102,7 +1102,7 @@ ip_vs_icmp_xmit(struct sk_buff *skb, struct ip_vs_conn
*cp,
else
rc = NF_ACCEPT;
@@ -103378,18 +102909,6 @@ index e1543b0..7ce8bd0 100644
linkwatch_fire_event(dev);
}
}
-diff --git a/net/sctp/associola.c b/net/sctp/associola.c
-index 0b99998..a6953b0 100644
---- a/net/sctp/associola.c
-+++ b/net/sctp/associola.c
-@@ -1151,6 +1151,7 @@ void sctp_assoc_update(struct sctp_association *asoc,
- asoc->c = new->c;
- asoc->peer.rwnd = new->peer.rwnd;
- asoc->peer.sack_needed = new->peer.sack_needed;
-+ asoc->peer.auth_capable = new->peer.auth_capable;
- asoc->peer.i = new->peer.i;
- sctp_tsnmap_init(&asoc->peer.tsn_map, SCTP_TSN_MAP_INITIAL,
- asoc->peer.i.initial_tsn, GFP_ATOMIC);
diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c
index 2b1738e..a9d0fc9 100644
--- a/net/sctp/ipv6.c
@@ -104467,7 +103986,7 @@ index 0917f04..f4e3d8c 100644
if (!proc_create("x25/route", S_IRUGO, init_net.proc_net,
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
-index c08fbd1..3d99e85 100644
+index ed60843..311e7c7 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -325,7 +325,7 @@ static void xfrm_policy_kill(struct xfrm_policy *policy)
@@ -104497,7 +104016,7 @@ index c08fbd1..3d99e85 100644
return xdst;
}
-@@ -2546,10 +2546,11 @@ void xfrm_garbage_collect(struct net *net)
+@@ -2548,10 +2548,11 @@ void xfrm_garbage_collect(struct net *net)
}
EXPORT_SYMBOL(xfrm_garbage_collect);
@@ -104510,7 +104029,7 @@ index c08fbd1..3d99e85 100644
static void xfrm_init_pmtu(struct dst_entry *dst)
{
-@@ -2599,7 +2600,7 @@ static int xfrm_bundle_ok(struct xfrm_dst *first)
+@@ -2601,7 +2602,7 @@ static int xfrm_bundle_ok(struct xfrm_dst *first)
if (xdst->xfrm_genid != dst->xfrm->genid)
return 0;
if (xdst->num_pols > 0 &&
@@ -104519,7 +104038,7 @@ index c08fbd1..3d99e85 100644
return 0;
mtu = dst_mtu(dst->child);
-@@ -2687,8 +2688,6 @@ int xfrm_policy_register_afinfo(struct
xfrm_policy_afinfo *afinfo)
+@@ -2689,8 +2690,6 @@ int xfrm_policy_register_afinfo(struct
xfrm_policy_afinfo *afinfo)
dst_ops->link_failure = xfrm_link_failure;
if (likely(dst_ops->neigh_lookup == NULL))
dst_ops->neigh_lookup = xfrm_neigh_lookup;
@@ -104528,7 +104047,7 @@ index c08fbd1..3d99e85 100644
rcu_assign_pointer(xfrm_policy_afinfo[afinfo->family], afinfo);
}
spin_unlock(&xfrm_policy_afinfo_lock);
-@@ -2742,7 +2741,6 @@ int xfrm_policy_unregister_afinfo(struct
xfrm_policy_afinfo *afinfo)
+@@ -2744,7 +2743,6 @@ int xfrm_policy_unregister_afinfo(struct
xfrm_policy_afinfo *afinfo)
dst_ops->check = NULL;
dst_ops->negative_advice = NULL;
dst_ops->link_failure = NULL;
@@ -104536,7 +104055,7 @@ index c08fbd1..3d99e85 100644
}
return err;
}
-@@ -3137,7 +3135,7 @@ static int xfrm_policy_migrate(struct xfrm_policy *pol,
+@@ -3139,7 +3137,7 @@ static int xfrm_policy_migrate(struct xfrm_policy *pol,
sizeof(pol->xfrm_vec[i].saddr));
pol->xfrm_vec[i].encap_family = mp->new_family;
/* flush bundles */
diff --git a/3.15.9/4425_grsec_remove_EI_PAX.patch
b/3.15.10/4425_grsec_remove_EI_PAX.patch
similarity index 100%
rename from 3.15.9/4425_grsec_remove_EI_PAX.patch
rename to 3.15.10/4425_grsec_remove_EI_PAX.patch
diff --git a/3.15.9/4427_force_XATTR_PAX_tmpfs.patch
b/3.15.10/4427_force_XATTR_PAX_tmpfs.patch
similarity index 100%
rename from 3.15.9/4427_force_XATTR_PAX_tmpfs.patch
rename to 3.15.10/4427_force_XATTR_PAX_tmpfs.patch
diff --git a/3.15.9/4430_grsec-remove-localversion-grsec.patch
b/3.15.10/4430_grsec-remove-localversion-grsec.patch
similarity index 100%
rename from 3.15.9/4430_grsec-remove-localversion-grsec.patch
rename to 3.15.10/4430_grsec-remove-localversion-grsec.patch
diff --git a/3.15.9/4435_grsec-mute-warnings.patch
b/3.15.10/4435_grsec-mute-warnings.patch
similarity index 100%
rename from 3.15.9/4435_grsec-mute-warnings.patch
rename to 3.15.10/4435_grsec-mute-warnings.patch
diff --git a/3.15.9/4440_grsec-remove-protected-paths.patch
b/3.15.10/4440_grsec-remove-protected-paths.patch
similarity index 100%
rename from 3.15.9/4440_grsec-remove-protected-paths.patch
rename to 3.15.10/4440_grsec-remove-protected-paths.patch
diff --git a/3.15.9/4450_grsec-kconfig-default-gids.patch
b/3.15.10/4450_grsec-kconfig-default-gids.patch
similarity index 100%
rename from 3.15.9/4450_grsec-kconfig-default-gids.patch
rename to 3.15.10/4450_grsec-kconfig-default-gids.patch
diff --git a/3.15.9/4465_selinux-avc_audit-log-curr_ip.patch
b/3.15.10/4465_selinux-avc_audit-log-curr_ip.patch
similarity index 100%
rename from 3.15.9/4465_selinux-avc_audit-log-curr_ip.patch
rename to 3.15.10/4465_selinux-avc_audit-log-curr_ip.patch
diff --git a/3.15.9/4470_disable-compat_vdso.patch
b/3.15.10/4470_disable-compat_vdso.patch
similarity index 100%
rename from 3.15.9/4470_disable-compat_vdso.patch
rename to 3.15.10/4470_disable-compat_vdso.patch
diff --git a/3.15.9/4475_emutramp_default_on.patch
b/3.15.10/4475_emutramp_default_on.patch
similarity index 100%
rename from 3.15.9/4475_emutramp_default_on.patch
rename to 3.15.10/4475_emutramp_default_on.patch
