* [gentoo-commits] proj/hardened-patchset:master commit in: 4.8.14/, 4.8.13/
@ 2016-12-14 12:50 Anthony G. Basile
0 siblings, 0 replies; only message in thread
From: Anthony G. Basile @ 2016-12-14 12:50 UTC (permalink / raw
To: gentoo-commits
commit: 294e620804f37e9c6ad5a90ad1c38daac9189256
Author: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
AuthorDate: Wed Dec 14 12:49:35 2016 +0000
Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
CommitDate: Wed Dec 14 12:49:35 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-patchset.git/commit/?id=294e6208
grsecurity-3.1-4.8.14-201612110933
{4.8.13 => 4.8.14}/0000_README | 6 +-
{4.8.13 => 4.8.14}/1012_linux-4.8.13.patch | 0
4.8.14/1013_linux-4.8.14.patch | 1725 ++++++++++++++++++++
.../4420_grsecurity-3.1-4.8.14-201612110933.patch | 259 ++-
{4.8.13 => 4.8.14}/4425_grsec_remove_EI_PAX.patch | 0
.../4427_force_XATTR_PAX_tmpfs.patch | 6 +-
.../4430_grsec-remove-localversion-grsec.patch | 0
{4.8.13 => 4.8.14}/4435_grsec-mute-warnings.patch | 0
.../4440_grsec-remove-protected-paths.patch | 0
.../4450_grsec-kconfig-default-gids.patch | 12 +-
.../4465_selinux-avc_audit-log-curr_ip.patch | 2 +-
{4.8.13 => 4.8.14}/4470_disable-compat_vdso.patch | 0
{4.8.13 => 4.8.14}/4475_emutramp_default_on.patch | 0
13 files changed, 1856 insertions(+), 154 deletions(-)
diff --git a/4.8.13/0000_README b/4.8.14/0000_README
similarity index 93%
rename from 4.8.13/0000_README
rename to 4.8.14/0000_README
index 4bb277a..e2c9a03 100644
--- a/4.8.13/0000_README
+++ b/4.8.14/0000_README
@@ -6,7 +6,11 @@ Patch: 1012_linux-4.8.13.patch
From: http://www.kernel.org
Desc: Linux 4.8.13
-Patch: 4420_grsecurity-3.1-4.8.13-201612082118.patch
+Patch: 1013_linux-4.8.14.patch
+From: http://www.kernel.org
+Desc: Linux 4.8.14
+
+Patch: 4420_grsecurity-3.1-4.8.14-201612110933.patch
From: http://www.grsecurity.net
Desc: hardened-sources base patch from upstream grsecurity
diff --git a/4.8.13/1012_linux-4.8.13.patch b/4.8.14/1012_linux-4.8.13.patch
similarity index 100%
rename from 4.8.13/1012_linux-4.8.13.patch
rename to 4.8.14/1012_linux-4.8.13.patch
diff --git a/4.8.14/1013_linux-4.8.14.patch b/4.8.14/1013_linux-4.8.14.patch
new file mode 100644
index 0000000..63d837b
--- /dev/null
+++ b/4.8.14/1013_linux-4.8.14.patch
@@ -0,0 +1,1725 @@
+diff --git a/Makefile b/Makefile
+index b38abe9..6a74924 100644
+--- a/Makefile
++++ b/Makefile
+@@ -1,6 +1,6 @@
+ VERSION = 4
+ PATCHLEVEL = 8
+-SUBLEVEL = 13
++SUBLEVEL = 14
+ EXTRAVERSION =
+ NAME = Psychotic Stoned Sheep
+
+diff --git a/arch/sparc/kernel/signal_32.c b/arch/sparc/kernel/signal_32.c
+index c3c12ef..9c0c8fd 100644
+--- a/arch/sparc/kernel/signal_32.c
++++ b/arch/sparc/kernel/signal_32.c
+@@ -89,7 +89,7 @@ asmlinkage void do_sigreturn(struct pt_regs *regs)
+ sf = (struct signal_frame __user *) regs->u_regs[UREG_FP];
+
+ /* 1. Make sure we are not getting garbage from the user */
+- if (!invalid_frame_pointer(sf, sizeof(*sf)))
++ if (invalid_frame_pointer(sf, sizeof(*sf)))
+ goto segv_and_exit;
+
+ if (get_user(ufp, &sf->info.si_regs.u_regs[UREG_FP]))
+@@ -150,7 +150,7 @@ asmlinkage void do_rt_sigreturn(struct pt_regs *regs)
+
+ synchronize_user_stack();
+ sf = (struct rt_signal_frame __user *) regs->u_regs[UREG_FP];
+- if (!invalid_frame_pointer(sf, sizeof(*sf)))
++ if (invalid_frame_pointer(sf, sizeof(*sf)))
+ goto segv;
+
+ if (get_user(ufp, &sf->regs.u_regs[UREG_FP]))
+diff --git a/arch/sparc/mm/init_64.c b/arch/sparc/mm/init_64.c
+index 7ac6b62..05c7708 100644
+--- a/arch/sparc/mm/init_64.c
++++ b/arch/sparc/mm/init_64.c
+@@ -802,8 +802,10 @@ struct mdesc_mblock {
+ };
+ static struct mdesc_mblock *mblocks;
+ static int num_mblocks;
++static int find_numa_node_for_addr(unsigned long pa,
++ struct node_mem_mask *pnode_mask);
+
+-static unsigned long ra_to_pa(unsigned long addr)
++static unsigned long __init ra_to_pa(unsigned long addr)
+ {
+ int i;
+
+@@ -819,8 +821,11 @@ static unsigned long ra_to_pa(unsigned long addr)
+ return addr;
+ }
+
+-static int find_node(unsigned long addr)
++static int __init find_node(unsigned long addr)
+ {
++ static bool search_mdesc = true;
++ static struct node_mem_mask last_mem_mask = { ~0UL, ~0UL };
++ static int last_index;
+ int i;
+
+ addr = ra_to_pa(addr);
+@@ -830,13 +835,30 @@ static int find_node(unsigned long addr)
+ if ((addr & p->mask) == p->val)
+ return i;
+ }
+- /* The following condition has been observed on LDOM guests.*/
+- WARN_ONCE(1, "find_node: A physical address doesn't match a NUMA node"
+- " rule. Some physical memory will be owned by node 0.");
+- return 0;
++ /* The following condition has been observed on LDOM guests because
++ * node_masks only contains the best latency mask and value.
++ * LDOM guest's mdesc can contain a single latency group to
++ * cover multiple address range. Print warning message only if the
++ * address cannot be found in node_masks nor mdesc.
++ */
++ if ((search_mdesc) &&
++ ((addr & last_mem_mask.mask) != last_mem_mask.val)) {
++ /* find the available node in the mdesc */
++ last_index = find_numa_node_for_addr(addr, &last_mem_mask);
++ numadbg("find_node: latency group for address 0x%lx is %d\n",
++ addr, last_index);
++ if ((last_index < 0) || (last_index >= num_node_masks)) {
++ /* WARN_ONCE() and use default group 0 */
++ WARN_ONCE(1, "find_node: A physical address doesn't match a NUMA node rule. Some physical memory will be owned by node 0.");
++ search_mdesc = false;
++ last_index = 0;
++ }
++ }
++
++ return last_index;
+ }
+
+-static u64 memblock_nid_range(u64 start, u64 end, int *nid)
++static u64 __init memblock_nid_range(u64 start, u64 end, int *nid)
+ {
+ *nid = find_node(start);
+ start += PAGE_SIZE;
+@@ -1160,6 +1182,41 @@ int __node_distance(int from, int to)
+ return numa_latency[from][to];
+ }
+
++static int find_numa_node_for_addr(unsigned long pa,
++ struct node_mem_mask *pnode_mask)
++{
++ struct mdesc_handle *md = mdesc_grab();
++ u64 node, arc;
++ int i = 0;
++
++ node = mdesc_node_by_name(md, MDESC_NODE_NULL, "latency-groups");
++ if (node == MDESC_NODE_NULL)
++ goto out;
++
++ mdesc_for_each_node_by_name(md, node, "group") {
++ mdesc_for_each_arc(arc, md, node, MDESC_ARC_TYPE_FWD) {
++ u64 target = mdesc_arc_target(md, arc);
++ struct mdesc_mlgroup *m = find_mlgroup(target);
++
++ if (!m)
++ continue;
++ if ((pa & m->mask) == m->match) {
++ if (pnode_mask) {
++ pnode_mask->mask = m->mask;
++ pnode_mask->val = m->match;
++ }
++ mdesc_release(md);
++ return i;
++ }
++ }
++ i++;
++ }
++
++out:
++ mdesc_release(md);
++ return -1;
++}
++
+ static int __init find_best_numa_node_for_mlgroup(struct mdesc_mlgroup *grp)
+ {
+ int i;
+diff --git a/block/blk-map.c b/block/blk-map.c
+index b8657fa..27fd8d92 100644
+--- a/block/blk-map.c
++++ b/block/blk-map.c
+@@ -118,6 +118,9 @@ int blk_rq_map_user_iov(struct request_queue *q, struct request *rq,
+ struct iov_iter i;
+ int ret;
+
++ if (!iter_is_iovec(iter))
++ goto fail;
++
+ if (map_data)
+ copy = true;
+ else if (iov_iter_alignment(iter) & align)
+@@ -140,6 +143,7 @@ int blk_rq_map_user_iov(struct request_queue *q, struct request *rq,
+
+ unmap_rq:
+ __blk_rq_unmap_user(bio);
++fail:
+ rq->bio = NULL;
+ return -EINVAL;
+ }
+diff --git a/drivers/net/dsa/b53/b53_common.c b/drivers/net/dsa/b53/b53_common.c
+index bda37d3..b081929 100644
+--- a/drivers/net/dsa/b53/b53_common.c
++++ b/drivers/net/dsa/b53/b53_common.c
+@@ -904,9 +904,10 @@ static void b53_vlan_add(struct dsa_switch *ds, int port,
+
+ vl->members |= BIT(port) | BIT(cpu_port);
+ if (untagged)
+- vl->untag |= BIT(port) | BIT(cpu_port);
++ vl->untag |= BIT(port);
+ else
+- vl->untag &= ~(BIT(port) | BIT(cpu_port));
++ vl->untag &= ~BIT(port);
++ vl->untag &= ~BIT(cpu_port);
+
+ b53_set_vlan_entry(dev, vid, vl);
+ b53_fast_age_vlan(dev, vid);
+@@ -915,8 +916,6 @@ static void b53_vlan_add(struct dsa_switch *ds, int port,
+ if (pvid) {
+ b53_write16(dev, B53_VLAN_PAGE, B53_VLAN_PORT_DEF_TAG(port),
+ vlan->vid_end);
+- b53_write16(dev, B53_VLAN_PAGE, B53_VLAN_PORT_DEF_TAG(cpu_port),
+- vlan->vid_end);
+ b53_fast_age_vlan(dev, vid);
+ }
+ }
+@@ -926,7 +925,6 @@ static int b53_vlan_del(struct dsa_switch *ds, int port,
+ {
+ struct b53_device *dev = ds_to_priv(ds);
+ bool untagged = vlan->flags & BRIDGE_VLAN_INFO_UNTAGGED;
+- unsigned int cpu_port = dev->cpu_port;
+ struct b53_vlan *vl;
+ u16 vid;
+ u16 pvid;
+@@ -939,8 +937,6 @@ static int b53_vlan_del(struct dsa_switch *ds, int port,
+ b53_get_vlan_entry(dev, vid, vl);
+
+ vl->members &= ~BIT(port);
+- if ((vl->members & BIT(cpu_port)) == BIT(cpu_port))
+- vl->members = 0;
+
+ if (pvid == vid) {
+ if (is5325(dev) || is5365(dev))
+@@ -949,18 +945,14 @@ static int b53_vlan_del(struct dsa_switch *ds, int port,
+ pvid = 0;
+ }
+
+- if (untagged) {
++ if (untagged)
+ vl->untag &= ~(BIT(port));
+- if ((vl->untag & BIT(cpu_port)) == BIT(cpu_port))
+- vl->untag = 0;
+- }
+
+ b53_set_vlan_entry(dev, vid, vl);
+ b53_fast_age_vlan(dev, vid);
+ }
+
+ b53_write16(dev, B53_VLAN_PAGE, B53_VLAN_PORT_DEF_TAG(port), pvid);
+- b53_write16(dev, B53_VLAN_PAGE, B53_VLAN_PORT_DEF_TAG(cpu_port), pvid);
+ b53_fast_age_vlan(dev, pvid);
+
+ return 0;
+diff --git a/drivers/net/dsa/bcm_sf2.c b/drivers/net/dsa/bcm_sf2.c
+index b2b8387..4036865 100644
+--- a/drivers/net/dsa/bcm_sf2.c
++++ b/drivers/net/dsa/bcm_sf2.c
+@@ -1167,6 +1167,7 @@ static void bcm_sf2_sw_adjust_link(struct dsa_switch *ds, int port,
+ struct phy_device *phydev)
+ {
+ struct bcm_sf2_priv *priv = ds_to_priv(ds);
++ struct ethtool_eee *p = &priv->port_sts[port].eee;
+ u32 id_mode_dis = 0, port_mode;
+ const char *str = NULL;
+ u32 reg;
+@@ -1241,6 +1242,9 @@ static void bcm_sf2_sw_adjust_link(struct dsa_switch *ds, int port,
+ reg |= DUPLX_MODE;
+
+ core_writel(priv, reg, CORE_STS_OVERRIDE_GMIIP_PORT(port));
++
++ if (!phydev->is_pseudo_fixed_link)
++ p->eee_enabled = bcm_sf2_eee_init(ds, port, phydev);
+ }
+
+ static void bcm_sf2_sw_fixed_link_update(struct dsa_switch *ds, int port,
+diff --git a/drivers/net/ethernet/broadcom/genet/bcmgenet.c b/drivers/net/ethernet/broadcom/genet/bcmgenet.c
+index 5414563..842d8b9 100644
+--- a/drivers/net/ethernet/broadcom/genet/bcmgenet.c
++++ b/drivers/net/ethernet/broadcom/genet/bcmgenet.c
+@@ -1172,6 +1172,7 @@ static unsigned int __bcmgenet_tx_reclaim(struct net_device *dev,
+ struct bcmgenet_tx_ring *ring)
+ {
+ struct bcmgenet_priv *priv = netdev_priv(dev);
++ struct device *kdev = &priv->pdev->dev;
+ struct enet_cb *tx_cb_ptr;
+ struct netdev_queue *txq;
+ unsigned int pkts_compl = 0;
+@@ -1199,13 +1200,13 @@ static unsigned int __bcmgenet_tx_reclaim(struct net_device *dev,
+ if (tx_cb_ptr->skb) {
+ pkts_compl++;
+ bytes_compl += GENET_CB(tx_cb_ptr->skb)->bytes_sent;
+- dma_unmap_single(&dev->dev,
++ dma_unmap_single(kdev,
+ dma_unmap_addr(tx_cb_ptr, dma_addr),
+ dma_unmap_len(tx_cb_ptr, dma_len),
+ DMA_TO_DEVICE);
+ bcmgenet_free_cb(tx_cb_ptr);
+ } else if (dma_unmap_addr(tx_cb_ptr, dma_addr)) {
+- dma_unmap_page(&dev->dev,
++ dma_unmap_page(kdev,
+ dma_unmap_addr(tx_cb_ptr, dma_addr),
+ dma_unmap_len(tx_cb_ptr, dma_len),
+ DMA_TO_DEVICE);
+@@ -1775,6 +1776,7 @@ static int bcmgenet_alloc_rx_buffers(struct bcmgenet_priv *priv,
+
+ static void bcmgenet_free_rx_buffers(struct bcmgenet_priv *priv)
+ {
++ struct device *kdev = &priv->pdev->dev;
+ struct enet_cb *cb;
+ int i;
+
+@@ -1782,7 +1784,7 @@ static void bcmgenet_free_rx_buffers(struct bcmgenet_priv *priv)
+ cb = &priv->rx_cbs[i];
+
+ if (dma_unmap_addr(cb, dma_addr)) {
+- dma_unmap_single(&priv->dev->dev,
++ dma_unmap_single(kdev,
+ dma_unmap_addr(cb, dma_addr),
+ priv->rx_buf_len, DMA_FROM_DEVICE);
+ dma_unmap_addr_set(cb, dma_addr, 0);
+diff --git a/drivers/net/ethernet/cadence/macb.c b/drivers/net/ethernet/cadence/macb.c
+index d954a97..ef0dbcf 100644
+--- a/drivers/net/ethernet/cadence/macb.c
++++ b/drivers/net/ethernet/cadence/macb.c
+@@ -959,6 +959,7 @@ static inline void macb_init_rx_ring(struct macb *bp)
+ addr += bp->rx_buffer_size;
+ }
+ bp->rx_ring[RX_RING_SIZE - 1].addr |= MACB_BIT(RX_WRAP);
++ bp->rx_tail = 0;
+ }
+
+ static int macb_rx(struct macb *bp, int budget)
+@@ -1597,8 +1598,6 @@ static void macb_init_rings(struct macb *bp)
+ bp->queues[0].tx_head = 0;
+ bp->queues[0].tx_tail = 0;
+ bp->queues[0].tx_ring[TX_RING_SIZE - 1].ctrl |= MACB_BIT(TX_WRAP);
+-
+- bp->rx_tail = 0;
+ }
+
+ static void macb_reset_hw(struct macb *bp)
+diff --git a/drivers/net/ethernet/marvell/sky2.c b/drivers/net/ethernet/marvell/sky2.c
+index 467138b..d747e17 100644
+--- a/drivers/net/ethernet/marvell/sky2.c
++++ b/drivers/net/ethernet/marvell/sky2.c
+@@ -5220,6 +5220,19 @@ static SIMPLE_DEV_PM_OPS(sky2_pm_ops, sky2_suspend, sky2_resume);
+
+ static void sky2_shutdown(struct pci_dev *pdev)
+ {
++ struct sky2_hw *hw = pci_get_drvdata(pdev);
++ int port;
++
++ for (port = 0; port < hw->ports; port++) {
++ struct net_device *ndev = hw->dev[port];
++
++ rtnl_lock();
++ if (netif_running(ndev)) {
++ dev_close(ndev);
++ netif_device_detach(ndev);
++ }
++ rtnl_unlock();
++ }
+ sky2_suspend(&pdev->dev);
+ pci_wake_from_d3(pdev, device_may_wakeup(&pdev->dev));
+ pci_set_power_state(pdev, PCI_D3hot);
+diff --git a/drivers/net/ethernet/renesas/sh_eth.c b/drivers/net/ethernet/renesas/sh_eth.c
+index 054e795..92c9a95 100644
+--- a/drivers/net/ethernet/renesas/sh_eth.c
++++ b/drivers/net/ethernet/renesas/sh_eth.c
+@@ -518,7 +518,7 @@ static struct sh_eth_cpu_data r7s72100_data = {
+
+ .ecsr_value = ECSR_ICD,
+ .ecsipr_value = ECSIPR_ICDIP,
+- .eesipr_value = 0xff7f009f,
++ .eesipr_value = 0xe77f009f,
+
+ .tx_check = EESR_TC1 | EESR_FTC,
+ .eesr_err_check = EESR_TWB1 | EESR_TWB | EESR_TABT | EESR_RABT |
+diff --git a/drivers/net/geneve.c b/drivers/net/geneve.c
+index 16af1ce..5ad706b 100644
+--- a/drivers/net/geneve.c
++++ b/drivers/net/geneve.c
+@@ -844,7 +844,6 @@ static netdev_tx_t geneve_xmit_skb(struct sk_buff *skb, struct net_device *dev,
+ struct geneve_dev *geneve = netdev_priv(dev);
+ struct geneve_sock *gs4 = geneve->sock4;
+ struct rtable *rt = NULL;
+- const struct iphdr *iip; /* interior IP header */
+ int err = -EINVAL;
+ struct flowi4 fl4;
+ __u8 tos, ttl;
+@@ -871,8 +870,6 @@ static netdev_tx_t geneve_xmit_skb(struct sk_buff *skb, struct net_device *dev,
+ sport = udp_flow_src_port(geneve->net, skb, 1, USHRT_MAX, true);
+ skb_reset_mac_header(skb);
+
+- iip = ip_hdr(skb);
+-
+ if (info) {
+ const struct ip_tunnel_key *key = &info->key;
+ u8 *opts = NULL;
+@@ -892,7 +889,7 @@ static netdev_tx_t geneve_xmit_skb(struct sk_buff *skb, struct net_device *dev,
+ if (unlikely(err))
+ goto tx_error;
+
+- tos = ip_tunnel_ecn_encap(key->tos, iip, skb);
++ tos = ip_tunnel_ecn_encap(key->tos, ip_hdr(skb), skb);
+ ttl = key->ttl;
+ df = key->tun_flags & TUNNEL_DONT_FRAGMENT ? htons(IP_DF) : 0;
+ } else {
+@@ -901,7 +898,7 @@ static netdev_tx_t geneve_xmit_skb(struct sk_buff *skb, struct net_device *dev,
+ if (unlikely(err))
+ goto tx_error;
+
+- tos = ip_tunnel_ecn_encap(fl4.flowi4_tos, iip, skb);
++ tos = ip_tunnel_ecn_encap(fl4.flowi4_tos, ip_hdr(skb), skb);
+ ttl = geneve->ttl;
+ if (!ttl && IN_MULTICAST(ntohl(fl4.daddr)))
+ ttl = 1;
+@@ -934,7 +931,6 @@ static netdev_tx_t geneve6_xmit_skb(struct sk_buff *skb, struct net_device *dev,
+ struct geneve_dev *geneve = netdev_priv(dev);
+ struct geneve_sock *gs6 = geneve->sock6;
+ struct dst_entry *dst = NULL;
+- const struct iphdr *iip; /* interior IP header */
+ int err = -EINVAL;
+ struct flowi6 fl6;
+ __u8 prio, ttl;
+@@ -959,8 +955,6 @@ static netdev_tx_t geneve6_xmit_skb(struct sk_buff *skb, struct net_device *dev,
+ sport = udp_flow_src_port(geneve->net, skb, 1, USHRT_MAX, true);
+ skb_reset_mac_header(skb);
+
+- iip = ip_hdr(skb);
+-
+ if (info) {
+ const struct ip_tunnel_key *key = &info->key;
+ u8 *opts = NULL;
+@@ -981,7 +975,7 @@ static netdev_tx_t geneve6_xmit_skb(struct sk_buff *skb, struct net_device *dev,
+ if (unlikely(err))
+ goto tx_error;
+
+- prio = ip_tunnel_ecn_encap(key->tos, iip, skb);
++ prio = ip_tunnel_ecn_encap(key->tos, ip_hdr(skb), skb);
+ ttl = key->ttl;
+ label = info->key.label;
+ } else {
+@@ -991,7 +985,7 @@ static netdev_tx_t geneve6_xmit_skb(struct sk_buff *skb, struct net_device *dev,
+ goto tx_error;
+
+ prio = ip_tunnel_ecn_encap(ip6_tclass(fl6.flowlabel),
+- iip, skb);
++ ip_hdr(skb), skb);
+ ttl = geneve->ttl;
+ if (!ttl && ipv6_addr_is_multicast(&fl6.daddr))
+ ttl = 1;
+diff --git a/drivers/net/usb/cdc_ether.c b/drivers/net/usb/cdc_ether.c
+index c47ec0a..dd623f6 100644
+--- a/drivers/net/usb/cdc_ether.c
++++ b/drivers/net/usb/cdc_ether.c
+@@ -388,12 +388,6 @@ void usbnet_cdc_status(struct usbnet *dev, struct urb *urb)
+ case USB_CDC_NOTIFY_NETWORK_CONNECTION:
+ netif_dbg(dev, timer, dev->net, "CDC: carrier %s\n",
+ event->wValue ? "on" : "off");
+-
+- /* Work-around for devices with broken off-notifications */
+- if (event->wValue &&
+- !test_bit(__LINK_STATE_NOCARRIER, &dev->net->state))
+- usbnet_link_change(dev, 0, 0);
+-
+ usbnet_link_change(dev, !!event->wValue, 0);
+ break;
+ case USB_CDC_NOTIFY_SPEED_CHANGE: /* tx/rx rates */
+@@ -466,6 +460,36 @@ static int usbnet_cdc_zte_rx_fixup(struct usbnet *dev, struct sk_buff *skb)
+ return 1;
+ }
+
++/* Ensure correct link state
++ *
++ * Some devices (ZTE MF823/831/910) export two carrier on notifications when
++ * connected. This causes the link state to be incorrect. Work around this by
++ * always setting the state to off, then on.
++ */
++void usbnet_cdc_zte_status(struct usbnet *dev, struct urb *urb)
++{
++ struct usb_cdc_notification *event;
++
++ if (urb->actual_length < sizeof(*event))
++ return;
++
++ event = urb->transfer_buffer;
++
++ if (event->bNotificationType != USB_CDC_NOTIFY_NETWORK_CONNECTION) {
++ usbnet_cdc_status(dev, urb);
++ return;
++ }
++
++ netif_dbg(dev, timer, dev->net, "CDC: carrier %s\n",
++ event->wValue ? "on" : "off");
++
++ if (event->wValue &&
++ netif_carrier_ok(dev->net))
++ netif_carrier_off(dev->net);
++
++ usbnet_link_change(dev, !!event->wValue, 0);
++}
++
+ static const struct driver_info cdc_info = {
+ .description = "CDC Ethernet Device",
+ .flags = FLAG_ETHER | FLAG_POINTTOPOINT,
+@@ -481,7 +505,7 @@ static const struct driver_info zte_cdc_info = {
+ .flags = FLAG_ETHER | FLAG_POINTTOPOINT,
+ .bind = usbnet_cdc_zte_bind,
+ .unbind = usbnet_cdc_unbind,
+- .status = usbnet_cdc_status,
++ .status = usbnet_cdc_zte_status,
+ .set_rx_mode = usbnet_cdc_update_filter,
+ .manage_power = usbnet_manage_power,
+ .rx_fixup = usbnet_cdc_zte_rx_fixup,
+diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c
+index bf3fd34..d807209 100644
+--- a/drivers/net/virtio_net.c
++++ b/drivers/net/virtio_net.c
+@@ -1468,6 +1468,11 @@ static void virtnet_free_queues(struct virtnet_info *vi)
+ netif_napi_del(&vi->rq[i].napi);
+ }
+
++ /* We called napi_hash_del() before netif_napi_del(),
++ * we need to respect an RCU grace period before freeing vi->rq
++ */
++ synchronize_net();
++
+ kfree(vi->rq);
+ kfree(vi->sq);
+ }
+diff --git a/include/linux/uio.h b/include/linux/uio.h
+index 75b4aaf..944e7ba 100644
+--- a/include/linux/uio.h
++++ b/include/linux/uio.h
+@@ -102,12 +102,12 @@ int iov_iter_npages(const struct iov_iter *i, int maxpages);
+
+ const void *dup_iter(struct iov_iter *new, struct iov_iter *old, gfp_t flags);
+
+-static inline size_t iov_iter_count(struct iov_iter *i)
++static inline size_t iov_iter_count(const struct iov_iter *i)
+ {
+ return i->count;
+ }
+
+-static inline bool iter_is_iovec(struct iov_iter *i)
++static inline bool iter_is_iovec(const struct iov_iter *i)
+ {
+ return !(i->type & (ITER_BVEC | ITER_KVEC));
+ }
+diff --git a/include/net/gro_cells.h b/include/net/gro_cells.h
+index d15214d..2a1abbf 100644
+--- a/include/net/gro_cells.h
++++ b/include/net/gro_cells.h
+@@ -68,6 +68,9 @@ static inline int gro_cells_init(struct gro_cells *gcells, struct net_device *de
+ struct gro_cell *cell = per_cpu_ptr(gcells->cells, i);
+
+ __skb_queue_head_init(&cell->napi_skbs);
++
++ set_bit(NAPI_STATE_NO_BUSY_POLL, &cell->napi.state);
++
+ netif_napi_add(dev, &cell->napi, gro_cell_poll, 64);
+ napi_enable(&cell->napi);
+ }
+diff --git a/net/core/flow.c b/net/core/flow.c
+index 3937b1b..18e8893 100644
+--- a/net/core/flow.c
++++ b/net/core/flow.c
+@@ -95,7 +95,6 @@ static void flow_cache_gc_task(struct work_struct *work)
+ list_for_each_entry_safe(fce, n, &gc_list, u.gc_list) {
+ flow_entry_kill(fce, xfrm);
+ atomic_dec(&xfrm->flow_cache_gc_count);
+- WARN_ON(atomic_read(&xfrm->flow_cache_gc_count) < 0);
+ }
+ }
+
+@@ -236,9 +235,8 @@ flow_cache_lookup(struct net *net, const struct flowi *key, u16 family, u8 dir,
+ if (fcp->hash_count > fc->high_watermark)
+ flow_cache_shrink(fc, fcp);
+
+- if (fcp->hash_count > 2 * fc->high_watermark ||
+- atomic_read(&net->xfrm.flow_cache_gc_count) > fc->high_watermark) {
+- atomic_inc(&net->xfrm.flow_cache_genid);
++ if (atomic_read(&net->xfrm.flow_cache_gc_count) >
++ 2 * num_online_cpus() * fc->high_watermark) {
+ flo = ERR_PTR(-ENOBUFS);
+ goto ret_object;
+ }
+diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c
+index 2c2eb1b..2e9a1c2 100644
+--- a/net/core/net_namespace.c
++++ b/net/core/net_namespace.c
+@@ -217,6 +217,8 @@ int peernet2id_alloc(struct net *net, struct net *peer)
+ bool alloc;
+ int id;
+
++ if (atomic_read(&net->count) == 0)
++ return NETNSA_NSID_NOT_ASSIGNED;
+ spin_lock_irqsave(&net->nsid_lock, flags);
+ alloc = atomic_read(&peer->count) == 0 ? false : true;
+ id = __peernet2id_alloc(net, peer, &alloc);
+diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
+index 189cc78..08c3702 100644
+--- a/net/core/rtnetlink.c
++++ b/net/core/rtnetlink.c
+@@ -1578,7 +1578,7 @@ static int rtnl_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb)
+ head = &net->dev_index_head[h];
+ hlist_for_each_entry(dev, head, index_hlist) {
+ if (link_dump_filtered(dev, master_idx, kind_ops))
+- continue;
++ goto cont;
+ if (idx < s_idx)
+ goto cont;
+ err = rtnl_fill_ifinfo(skb, dev, RTM_NEWLINK,
+@@ -2791,7 +2791,10 @@ static int nlmsg_populate_fdb_fill(struct sk_buff *skb,
+
+ static inline size_t rtnl_fdb_nlmsg_size(void)
+ {
+- return NLMSG_ALIGN(sizeof(struct ndmsg)) + nla_total_size(ETH_ALEN);
++ return NLMSG_ALIGN(sizeof(struct ndmsg)) +
++ nla_total_size(ETH_ALEN) + /* NDA_LLADDR */
++ nla_total_size(sizeof(u16)) + /* NDA_VLAN */
++ 0;
+ }
+
+ static void rtnl_fdb_notify(struct net_device *dev, u8 *addr, u16 vid, int type,
+diff --git a/net/core/sock.c b/net/core/sock.c
+index 10acacc..ba27920 100644
+--- a/net/core/sock.c
++++ b/net/core/sock.c
+@@ -715,7 +715,7 @@ int sock_setsockopt(struct socket *sock, int level, int optname,
+ val = min_t(u32, val, sysctl_wmem_max);
+ set_sndbuf:
+ sk->sk_userlocks |= SOCK_SNDBUF_LOCK;
+- sk->sk_sndbuf = max_t(u32, val * 2, SOCK_MIN_SNDBUF);
++ sk->sk_sndbuf = max_t(int, val * 2, SOCK_MIN_SNDBUF);
+ /* Wake up sending tasks if we upped the value. */
+ sk->sk_write_space(sk);
+ break;
+@@ -751,7 +751,7 @@ int sock_setsockopt(struct socket *sock, int level, int optname,
+ * returning the value we actually used in getsockopt
+ * is the most desirable behavior.
+ */
+- sk->sk_rcvbuf = max_t(u32, val * 2, SOCK_MIN_RCVBUF);
++ sk->sk_rcvbuf = max_t(int, val * 2, SOCK_MIN_RCVBUF);
+ break;
+
+ case SO_RCVBUFFORCE:
+diff --git a/net/dccp/ipv4.c b/net/dccp/ipv4.c
+index b567c87..edbe59d 100644
+--- a/net/dccp/ipv4.c
++++ b/net/dccp/ipv4.c
+@@ -700,6 +700,7 @@ int dccp_invalid_packet(struct sk_buff *skb)
+ {
+ const struct dccp_hdr *dh;
+ unsigned int cscov;
++ u8 dccph_doff;
+
+ if (skb->pkt_type != PACKET_HOST)
+ return 1;
+@@ -721,18 +722,19 @@ int dccp_invalid_packet(struct sk_buff *skb)
+ /*
+ * If P.Data Offset is too small for packet type, drop packet and return
+ */
+- if (dh->dccph_doff < dccp_hdr_len(skb) / sizeof(u32)) {
+- DCCP_WARN("P.Data Offset(%u) too small\n", dh->dccph_doff);
++ dccph_doff = dh->dccph_doff;
++ if (dccph_doff < dccp_hdr_len(skb) / sizeof(u32)) {
++ DCCP_WARN("P.Data Offset(%u) too small\n", dccph_doff);
+ return 1;
+ }
+ /*
+ * If P.Data Offset is too too large for packet, drop packet and return
+ */
+- if (!pskb_may_pull(skb, dh->dccph_doff * sizeof(u32))) {
+- DCCP_WARN("P.Data Offset(%u) too large\n", dh->dccph_doff);
++ if (!pskb_may_pull(skb, dccph_doff * sizeof(u32))) {
++ DCCP_WARN("P.Data Offset(%u) too large\n", dccph_doff);
+ return 1;
+ }
+-
++ dh = dccp_hdr(skb);
+ /*
+ * If P.type is not Data, Ack, or DataAck and P.X == 0 (the packet
+ * has short sequence numbers), drop packet and return
+diff --git a/net/dsa/dsa2.c b/net/dsa/dsa2.c
+index f30bad9..3bdecd2 100644
+--- a/net/dsa/dsa2.c
++++ b/net/dsa/dsa2.c
+@@ -28,8 +28,10 @@ static struct dsa_switch_tree *dsa_get_dst(u32 tree)
+ struct dsa_switch_tree *dst;
+
+ list_for_each_entry(dst, &dsa_switch_trees, list)
+- if (dst->tree == tree)
++ if (dst->tree == tree) {
++ kref_get(&dst->refcount);
+ return dst;
++ }
+ return NULL;
+ }
+
+diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c
+index eebbc0f..ed22af6 100644
+--- a/net/ipv4/af_inet.c
++++ b/net/ipv4/af_inet.c
+@@ -1237,7 +1237,7 @@ struct sk_buff *inet_gso_segment(struct sk_buff *skb,
+ fixedid = !!(skb_shinfo(skb)->gso_type & SKB_GSO_TCP_FIXEDID);
+
+ /* fixed ID is invalid if DF bit is not set */
+- if (fixedid && !(iph->frag_off & htons(IP_DF)))
++ if (fixedid && !(ip_hdr(skb)->frag_off & htons(IP_DF)))
+ goto out;
+ }
+
+diff --git a/net/ipv4/esp4.c b/net/ipv4/esp4.c
+index d95631d..20fb25e 100644
+--- a/net/ipv4/esp4.c
++++ b/net/ipv4/esp4.c
+@@ -476,7 +476,7 @@ static int esp_input(struct xfrm_state *x, struct sk_buff *skb)
+ esph = (void *)skb_push(skb, 4);
+ *seqhi = esph->spi;
+ esph->spi = esph->seq_no;
+- esph->seq_no = htonl(XFRM_SKB_CB(skb)->seq.input.hi);
++ esph->seq_no = XFRM_SKB_CB(skb)->seq.input.hi;
+ aead_request_set_callback(req, 0, esp_input_done_esn, skb);
+ }
+
+diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c
+index 1b25daf..9301308 100644
+--- a/net/ipv4/fib_frontend.c
++++ b/net/ipv4/fib_frontend.c
+@@ -157,7 +157,7 @@ static void fib_replace_table(struct net *net, struct fib_table *old,
+
+ int fib_unmerge(struct net *net)
+ {
+- struct fib_table *old, *new;
++ struct fib_table *old, *new, *main_table;
+
+ /* attempt to fetch local table if it has been allocated */
+ old = fib_get_table(net, RT_TABLE_LOCAL);
+@@ -168,11 +168,21 @@ int fib_unmerge(struct net *net)
+ if (!new)
+ return -ENOMEM;
+
++ /* table is already unmerged */
++ if (new == old)
++ return 0;
++
+ /* replace merged table with clean table */
+- if (new != old) {
+- fib_replace_table(net, old, new);
+- fib_free_table(old);
+- }
++ fib_replace_table(net, old, new);
++ fib_free_table(old);
++
++ /* attempt to fetch main table if it has been allocated */
++ main_table = fib_get_table(net, RT_TABLE_MAIN);
++ if (!main_table)
++ return 0;
++
++ /* flush local entries from main table */
++ fib_table_flush_external(main_table);
+
+ return 0;
+ }
+diff --git a/net/ipv4/fib_trie.c b/net/ipv4/fib_trie.c
+index 7ef7031..84fd7272 100644
+--- a/net/ipv4/fib_trie.c
++++ b/net/ipv4/fib_trie.c
+@@ -681,6 +681,13 @@ static unsigned char update_suffix(struct key_vector *tn)
+ {
+ unsigned char slen = tn->pos;
+ unsigned long stride, i;
++ unsigned char slen_max;
++
++ /* only vector 0 can have a suffix length greater than or equal to
++ * tn->pos + tn->bits, the second highest node will have a suffix
++ * length at most of tn->pos + tn->bits - 1
++ */
++ slen_max = min_t(unsigned char, tn->pos + tn->bits - 1, tn->slen);
+
+ /* search though the list of children looking for nodes that might
+ * have a suffix greater than the one we currently have. This is
+@@ -698,12 +705,8 @@ static unsigned char update_suffix(struct key_vector *tn)
+ slen = n->slen;
+ i &= ~(stride - 1);
+
+- /* if slen covers all but the last bit we can stop here
+- * there will be nothing longer than that since only node
+- * 0 and 1 << (bits - 1) could have that as their suffix
+- * length.
+- */
+- if ((slen + 1) >= (tn->pos + tn->bits))
++ /* stop searching if we have hit the maximum possible value */
++ if (slen >= slen_max)
+ break;
+ }
+
+@@ -875,39 +878,27 @@ static struct key_vector *resize(struct trie *t, struct key_vector *tn)
+ return collapse(t, tn);
+
+ /* update parent in case halve failed */
+- tp = node_parent(tn);
+-
+- /* Return if at least one deflate was run */
+- if (max_work != MAX_WORK)
+- return tp;
+-
+- /* push the suffix length to the parent node */
+- if (tn->slen > tn->pos) {
+- unsigned char slen = update_suffix(tn);
+-
+- if (slen > tp->slen)
+- tp->slen = slen;
+- }
+-
+- return tp;
++ return node_parent(tn);
+ }
+
+-static void leaf_pull_suffix(struct key_vector *tp, struct key_vector *l)
++static void node_pull_suffix(struct key_vector *tn, unsigned char slen)
+ {
+- while ((tp->slen > tp->pos) && (tp->slen > l->slen)) {
+- if (update_suffix(tp) > l->slen)
++ unsigned char node_slen = tn->slen;
++
++ while ((node_slen > tn->pos) && (node_slen > slen)) {
++ slen = update_suffix(tn);
++ if (node_slen == slen)
+ break;
+- tp = node_parent(tp);
++
++ tn = node_parent(tn);
++ node_slen = tn->slen;
+ }
+ }
+
+-static void leaf_push_suffix(struct key_vector *tn, struct key_vector *l)
++static void node_push_suffix(struct key_vector *tn, unsigned char slen)
+ {
+- /* if this is a new leaf then tn will be NULL and we can sort
+- * out parent suffix lengths as a part of trie_rebalance
+- */
+- while (tn->slen < l->slen) {
+- tn->slen = l->slen;
++ while (tn->slen < slen) {
++ tn->slen = slen;
+ tn = node_parent(tn);
+ }
+ }
+@@ -1028,6 +1019,7 @@ static int fib_insert_node(struct trie *t, struct key_vector *tp,
+ }
+
+ /* Case 3: n is NULL, and will just insert a new leaf */
++ node_push_suffix(tp, new->fa_slen);
+ NODE_INIT_PARENT(l, tp);
+ put_child_root(tp, key, l);
+ trie_rebalance(t, tp);
+@@ -1069,7 +1061,7 @@ static int fib_insert_alias(struct trie *t, struct key_vector *tp,
+ /* if we added to the tail node then we need to update slen */
+ if (l->slen < new->fa_slen) {
+ l->slen = new->fa_slen;
+- leaf_push_suffix(tp, l);
++ node_push_suffix(tp, new->fa_slen);
+ }
+
+ return 0;
+@@ -1470,6 +1462,8 @@ static void fib_remove_alias(struct trie *t, struct key_vector *tp,
+ * out parent suffix lengths as a part of trie_rebalance
+ */
+ if (hlist_empty(&l->leaf)) {
++ if (tp->slen == l->slen)
++ node_pull_suffix(tp, tp->pos);
+ put_child_root(tp, l->key, NULL);
+ node_free(l);
+ trie_rebalance(t, tp);
+@@ -1482,7 +1476,7 @@ static void fib_remove_alias(struct trie *t, struct key_vector *tp,
+
+ /* update the trie with the latest suffix length */
+ l->slen = fa->fa_slen;
+- leaf_pull_suffix(tp, l);
++ node_pull_suffix(tp, fa->fa_slen);
+ }
+
+ /* Caller must hold RTNL. */
+@@ -1713,8 +1707,10 @@ struct fib_table *fib_trie_unmerge(struct fib_table *oldtb)
+ local_l = fib_find_node(lt, &local_tp, l->key);
+
+ if (fib_insert_alias(lt, local_tp, local_l, new_fa,
+- NULL, l->key))
++ NULL, l->key)) {
++ kmem_cache_free(fn_alias_kmem, new_fa);
+ goto out;
++ }
+ }
+
+ /* stop loop if key wrapped back to 0 */
+@@ -1751,6 +1747,10 @@ void fib_table_flush_external(struct fib_table *tb)
+ if (IS_TRIE(pn))
+ break;
+
++ /* update the suffix to address pulled leaves */
++ if (pn->slen > pn->pos)
++ update_suffix(pn);
++
+ /* resize completed node */
+ pn = resize(t, pn);
+ cindex = get_index(pkey, pn);
+@@ -1826,6 +1826,10 @@ int fib_table_flush(struct fib_table *tb)
+ if (IS_TRIE(pn))
+ break;
+
++ /* update the suffix to address pulled leaves */
++ if (pn->slen > pn->pos)
++ update_suffix(pn);
++
+ /* resize completed node */
+ pn = resize(t, pn);
+ cindex = get_index(pkey, pn);
+diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c
+index 307daed..f4790c3 100644
+--- a/net/ipv4/ip_output.c
++++ b/net/ipv4/ip_output.c
+@@ -98,6 +98,9 @@ int __ip_local_out(struct net *net, struct sock *sk, struct sk_buff *skb)
+
+ iph->tot_len = htons(skb->len);
+ ip_send_check(iph);
++
++ skb->protocol = htons(ETH_P_IP);
++
+ return nf_hook(NFPROTO_IPV4, NF_INET_LOCAL_OUT,
+ net, sk, skb, NULL, skb_dst(skb)->dev,
+ dst_output);
+diff --git a/net/ipv4/ping.c b/net/ipv4/ping.c
+index 66ddcb6..dcdd5ae 100644
+--- a/net/ipv4/ping.c
++++ b/net/ipv4/ping.c
+@@ -662,6 +662,10 @@ int ping_common_sendmsg(int family, struct msghdr *msg, size_t len,
+ if (len > 0xFFFF)
+ return -EMSGSIZE;
+
++ /* Must have at least a full ICMP header. */
++ if (len < icmph_len)
++ return -EINVAL;
++
+ /*
+ * Check the flags.
+ */
+diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c
+index c0d71e7..a2d54f5 100644
+--- a/net/ipv4/udp.c
++++ b/net/ipv4/udp.c
+@@ -1451,7 +1451,7 @@ static void udp_v4_rehash(struct sock *sk)
+ udp_lib_rehash(sk, new_hash);
+ }
+
+-static int __udp_queue_rcv_skb(struct sock *sk, struct sk_buff *skb)
++int __udp_queue_rcv_skb(struct sock *sk, struct sk_buff *skb)
+ {
+ int rc;
+
+diff --git a/net/ipv4/udp_impl.h b/net/ipv4/udp_impl.h
+index 7e0fe4b..feb50a1 100644
+--- a/net/ipv4/udp_impl.h
++++ b/net/ipv4/udp_impl.h
+@@ -25,7 +25,7 @@ int udp_recvmsg(struct sock *sk, struct msghdr *msg, size_t len, int noblock,
+ int flags, int *addr_len);
+ int udp_sendpage(struct sock *sk, struct page *page, int offset, size_t size,
+ int flags);
+-int udp_queue_rcv_skb(struct sock *sk, struct sk_buff *skb);
++int __udp_queue_rcv_skb(struct sock *sk, struct sk_buff *skb);
+ void udp_destroy_sock(struct sock *sk);
+
+ #ifdef CONFIG_PROC_FS
+diff --git a/net/ipv4/udplite.c b/net/ipv4/udplite.c
+index 2eea073..705d9fb 100644
+--- a/net/ipv4/udplite.c
++++ b/net/ipv4/udplite.c
+@@ -50,7 +50,7 @@ struct proto udplite_prot = {
+ .sendmsg = udp_sendmsg,
+ .recvmsg = udp_recvmsg,
+ .sendpage = udp_sendpage,
+- .backlog_rcv = udp_queue_rcv_skb,
++ .backlog_rcv = __udp_queue_rcv_skb,
+ .hash = udp_lib_hash,
+ .unhash = udp_lib_unhash,
+ .get_port = udp_v4_get_port,
+diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
+index f5432d6..8f2e36f 100644
+--- a/net/ipv6/addrconf.c
++++ b/net/ipv6/addrconf.c
+@@ -163,7 +163,7 @@ static struct rt6_info *addrconf_get_prefix_route(const struct in6_addr *pfx,
+
+ static void addrconf_dad_start(struct inet6_ifaddr *ifp);
+ static void addrconf_dad_work(struct work_struct *w);
+-static void addrconf_dad_completed(struct inet6_ifaddr *ifp);
++static void addrconf_dad_completed(struct inet6_ifaddr *ifp, bool bump_id);
+ static void addrconf_dad_run(struct inet6_dev *idev);
+ static void addrconf_rs_timer(unsigned long data);
+ static void __ipv6_ifa_notify(int event, struct inet6_ifaddr *ifa);
+@@ -2893,6 +2893,7 @@ static void add_addr(struct inet6_dev *idev, const struct in6_addr *addr,
+ spin_lock_bh(&ifp->lock);
+ ifp->flags &= ~IFA_F_TENTATIVE;
+ spin_unlock_bh(&ifp->lock);
++ rt_genid_bump_ipv6(dev_net(idev->dev));
+ ipv6_ifa_notify(RTM_NEWADDR, ifp);
+ in6_ifa_put(ifp);
+ }
+@@ -3736,7 +3737,7 @@ static void addrconf_dad_begin(struct inet6_ifaddr *ifp)
+ {
+ struct inet6_dev *idev = ifp->idev;
+ struct net_device *dev = idev->dev;
+- bool notify = false;
++ bool bump_id, notify = false;
+
+ addrconf_join_solict(dev, &ifp->addr);
+
+@@ -3751,11 +3752,12 @@ static void addrconf_dad_begin(struct inet6_ifaddr *ifp)
+ idev->cnf.accept_dad < 1 ||
+ !(ifp->flags&IFA_F_TENTATIVE) ||
+ ifp->flags & IFA_F_NODAD) {
++ bump_id = ifp->flags & IFA_F_TENTATIVE;
+ ifp->flags &= ~(IFA_F_TENTATIVE|IFA_F_OPTIMISTIC|IFA_F_DADFAILED);
+ spin_unlock(&ifp->lock);
+ read_unlock_bh(&idev->lock);
+
+- addrconf_dad_completed(ifp);
++ addrconf_dad_completed(ifp, bump_id);
+ return;
+ }
+
+@@ -3815,8 +3817,8 @@ static void addrconf_dad_work(struct work_struct *w)
+ struct inet6_ifaddr,
+ dad_work);
+ struct inet6_dev *idev = ifp->idev;
++ bool bump_id, disable_ipv6 = false;
+ struct in6_addr mcaddr;
+- bool disable_ipv6 = false;
+
+ enum {
+ DAD_PROCESS,
+@@ -3886,11 +3888,12 @@ static void addrconf_dad_work(struct work_struct *w)
+ * DAD was successful
+ */
+
++ bump_id = ifp->flags & IFA_F_TENTATIVE;
+ ifp->flags &= ~(IFA_F_TENTATIVE|IFA_F_OPTIMISTIC|IFA_F_DADFAILED);
+ spin_unlock(&ifp->lock);
+ write_unlock_bh(&idev->lock);
+
+- addrconf_dad_completed(ifp);
++ addrconf_dad_completed(ifp, bump_id);
+
+ goto out;
+ }
+@@ -3927,7 +3930,7 @@ static bool ipv6_lonely_lladdr(struct inet6_ifaddr *ifp)
+ return true;
+ }
+
+-static void addrconf_dad_completed(struct inet6_ifaddr *ifp)
++static void addrconf_dad_completed(struct inet6_ifaddr *ifp, bool bump_id)
+ {
+ struct net_device *dev = ifp->idev->dev;
+ struct in6_addr lladdr;
+@@ -3978,6 +3981,9 @@ static void addrconf_dad_completed(struct inet6_ifaddr *ifp)
+ spin_unlock(&ifp->lock);
+ write_unlock_bh(&ifp->idev->lock);
+ }
++
++ if (bump_id)
++ rt_genid_bump_ipv6(dev_net(dev));
+ }
+
+ static void addrconf_dad_run(struct inet6_dev *idev)
+diff --git a/net/ipv6/esp6.c b/net/ipv6/esp6.c
+index 060a60b..111ba55 100644
+--- a/net/ipv6/esp6.c
++++ b/net/ipv6/esp6.c
+@@ -418,7 +418,7 @@ static int esp6_input(struct xfrm_state *x, struct sk_buff *skb)
+ esph = (void *)skb_push(skb, 4);
+ *seqhi = esph->spi;
+ esph->spi = esph->seq_no;
+- esph->seq_no = htonl(XFRM_SKB_CB(skb)->seq.input.hi);
++ esph->seq_no = XFRM_SKB_CB(skb)->seq.input.hi;
+ aead_request_set_callback(req, 0, esp_input_done_esn, skb);
+ }
+
+diff --git a/net/ipv6/ip6_offload.c b/net/ipv6/ip6_offload.c
+index a09418b..93294cf 100644
+--- a/net/ipv6/ip6_offload.c
++++ b/net/ipv6/ip6_offload.c
+@@ -98,7 +98,7 @@ static struct sk_buff *ipv6_gso_segment(struct sk_buff *skb,
+ segs = ops->callbacks.gso_segment(skb, features);
+ }
+
+- if (IS_ERR(segs))
++ if (IS_ERR_OR_NULL(segs))
+ goto out;
+
+ for (skb = segs; skb; skb = skb->next) {
+diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c
+index 41489f3..da4e7b3 100644
+--- a/net/ipv6/ip6_tunnel.c
++++ b/net/ipv6/ip6_tunnel.c
+@@ -1014,6 +1014,7 @@ int ip6_tnl_xmit(struct sk_buff *skb, struct net_device *dev, __u8 dsfield,
+ int mtu;
+ unsigned int psh_hlen = sizeof(struct ipv6hdr) + t->encap_hlen;
+ unsigned int max_headroom = psh_hlen;
++ bool use_cache = false;
+ int err = -1;
+
+ /* NBMA tunnel */
+@@ -1038,7 +1039,15 @@ int ip6_tnl_xmit(struct sk_buff *skb, struct net_device *dev, __u8 dsfield,
+
+ memcpy(&fl6->daddr, addr6, sizeof(fl6->daddr));
+ neigh_release(neigh);
+- } else if (!fl6->flowi6_mark)
++ } else if (!(t->parms.flags &
++ (IP6_TNL_F_USE_ORIG_TCLASS | IP6_TNL_F_USE_ORIG_FWMARK))) {
++ /* enable the cache only only if the routing decision does
++ * not depend on the current inner header value
++ */
++ use_cache = true;
++ }
++
++ if (use_cache)
+ dst = dst_cache_get(&t->dst_cache);
+
+ if (!ip6_tnl_xmit_ctl(t, &fl6->saddr, &fl6->daddr))
+@@ -1113,7 +1122,7 @@ int ip6_tnl_xmit(struct sk_buff *skb, struct net_device *dev, __u8 dsfield,
+ skb = new_skb;
+ }
+
+- if (!fl6->flowi6_mark && ndst)
++ if (use_cache && ndst)
+ dst_cache_set_ip6(&t->dst_cache, ndst, &fl6->saddr);
+ skb_dst_set(skb, dst);
+
+@@ -1134,7 +1143,6 @@ int ip6_tnl_xmit(struct sk_buff *skb, struct net_device *dev, __u8 dsfield,
+ if (err)
+ return err;
+
+- skb->protocol = htons(ETH_P_IPV6);
+ skb_push(skb, sizeof(struct ipv6hdr));
+ skb_reset_network_header(skb);
+ ipv6h = ipv6_hdr(skb);
+diff --git a/net/ipv6/output_core.c b/net/ipv6/output_core.c
+index 462f2a76b..1d18432 100644
+--- a/net/ipv6/output_core.c
++++ b/net/ipv6/output_core.c
+@@ -148,6 +148,8 @@ int __ip6_local_out(struct net *net, struct sock *sk, struct sk_buff *skb)
+ ipv6_hdr(skb)->payload_len = htons(len);
+ IP6CB(skb)->nhoff = offsetof(struct ipv6hdr, nexthdr);
+
++ skb->protocol = htons(ETH_P_IPV6);
++
+ return nf_hook(NFPROTO_IPV6, NF_INET_LOCAL_OUT,
+ net, sk, skb, NULL, skb_dst(skb)->dev,
+ dst_output);
+diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c
+index c2a8656..fa39ab8 100644
+--- a/net/ipv6/udp.c
++++ b/net/ipv6/udp.c
+@@ -514,7 +514,7 @@ void __udp6_lib_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
+ return;
+ }
+
+-static int __udpv6_queue_rcv_skb(struct sock *sk, struct sk_buff *skb)
++int __udpv6_queue_rcv_skb(struct sock *sk, struct sk_buff *skb)
+ {
+ int rc;
+
+diff --git a/net/ipv6/udp_impl.h b/net/ipv6/udp_impl.h
+index 0682c03..3c1dbc9 100644
+--- a/net/ipv6/udp_impl.h
++++ b/net/ipv6/udp_impl.h
+@@ -26,7 +26,7 @@ int compat_udpv6_getsockopt(struct sock *sk, int level, int optname,
+ int udpv6_sendmsg(struct sock *sk, struct msghdr *msg, size_t len);
+ int udpv6_recvmsg(struct sock *sk, struct msghdr *msg, size_t len, int noblock,
+ int flags, int *addr_len);
+-int udpv6_queue_rcv_skb(struct sock *sk, struct sk_buff *skb);
++int __udpv6_queue_rcv_skb(struct sock *sk, struct sk_buff *skb);
+ void udpv6_destroy_sock(struct sock *sk);
+
+ void udp_v6_clear_sk(struct sock *sk, int size);
+diff --git a/net/ipv6/udplite.c b/net/ipv6/udplite.c
+index fd6ef41..af2895c 100644
+--- a/net/ipv6/udplite.c
++++ b/net/ipv6/udplite.c
+@@ -45,7 +45,7 @@ struct proto udplitev6_prot = {
+ .getsockopt = udpv6_getsockopt,
+ .sendmsg = udpv6_sendmsg,
+ .recvmsg = udpv6_recvmsg,
+- .backlog_rcv = udpv6_queue_rcv_skb,
++ .backlog_rcv = __udpv6_queue_rcv_skb,
+ .hash = udp_lib_hash,
+ .unhash = udp_lib_unhash,
+ .get_port = udp_v6_get_port,
+diff --git a/net/l2tp/l2tp_ip.c b/net/l2tp/l2tp_ip.c
+index 42de4cc..d0e906d 100644
+--- a/net/l2tp/l2tp_ip.c
++++ b/net/l2tp/l2tp_ip.c
+@@ -251,8 +251,6 @@ static int l2tp_ip_bind(struct sock *sk, struct sockaddr *uaddr, int addr_len)
+ int ret;
+ int chk_addr_ret;
+
+- if (!sock_flag(sk, SOCK_ZAPPED))
+- return -EINVAL;
+ if (addr_len < sizeof(struct sockaddr_l2tpip))
+ return -EINVAL;
+ if (addr->l2tp_family != AF_INET)
+@@ -267,6 +265,9 @@ static int l2tp_ip_bind(struct sock *sk, struct sockaddr *uaddr, int addr_len)
+ read_unlock_bh(&l2tp_ip_lock);
+
+ lock_sock(sk);
++ if (!sock_flag(sk, SOCK_ZAPPED))
++ goto out;
++
+ if (sk->sk_state != TCP_CLOSE || addr_len < sizeof(struct sockaddr_l2tpip))
+ goto out;
+
+diff --git a/net/l2tp/l2tp_ip6.c b/net/l2tp/l2tp_ip6.c
+index ea2ae66..b9c6a41 100644
+--- a/net/l2tp/l2tp_ip6.c
++++ b/net/l2tp/l2tp_ip6.c
+@@ -269,8 +269,6 @@ static int l2tp_ip6_bind(struct sock *sk, struct sockaddr *uaddr, int addr_len)
+ int addr_type;
+ int err;
+
+- if (!sock_flag(sk, SOCK_ZAPPED))
+- return -EINVAL;
+ if (addr->l2tp_family != AF_INET6)
+ return -EINVAL;
+ if (addr_len < sizeof(*addr))
+@@ -296,6 +294,9 @@ static int l2tp_ip6_bind(struct sock *sk, struct sockaddr *uaddr, int addr_len)
+ lock_sock(sk);
+
+ err = -EINVAL;
++ if (!sock_flag(sk, SOCK_ZAPPED))
++ goto out_unlock;
++
+ if (sk->sk_state != TCP_CLOSE)
+ goto out_unlock;
+
+diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
+index 62bea45..246f29d 100644
+--- a/net/netlink/af_netlink.c
++++ b/net/netlink/af_netlink.c
+@@ -329,7 +329,6 @@ static void netlink_sock_destruct(struct sock *sk)
+ if (nlk->cb_running) {
+ if (nlk->cb.done)
+ nlk->cb.done(&nlk->cb);
+-
+ module_put(nlk->cb.module);
+ kfree_skb(nlk->cb.skb);
+ }
+@@ -346,6 +345,14 @@ static void netlink_sock_destruct(struct sock *sk)
+ WARN_ON(nlk_sk(sk)->groups);
+ }
+
++static void netlink_sock_destruct_work(struct work_struct *work)
++{
++ struct netlink_sock *nlk = container_of(work, struct netlink_sock,
++ work);
++
++ sk_free(&nlk->sk);
++}
++
+ /* This lock without WQ_FLAG_EXCLUSIVE is good on UP and it is _very_ bad on
+ * SMP. Look, when several writers sleep and reader wakes them up, all but one
+ * immediately hit write lock and grab all the cpus. Exclusive sleep solves
+@@ -648,8 +655,18 @@ static int netlink_create(struct net *net, struct socket *sock, int protocol,
+ static void deferred_put_nlk_sk(struct rcu_head *head)
+ {
+ struct netlink_sock *nlk = container_of(head, struct netlink_sock, rcu);
++ struct sock *sk = &nlk->sk;
++
++ if (!atomic_dec_and_test(&sk->sk_refcnt))
++ return;
++
++ if (nlk->cb_running && nlk->cb.done) {
++ INIT_WORK(&nlk->work, netlink_sock_destruct_work);
++ schedule_work(&nlk->work);
++ return;
++ }
+
+- sock_put(&nlk->sk);
++ sk_free(sk);
+ }
+
+ static int netlink_release(struct socket *sock)
+diff --git a/net/netlink/af_netlink.h b/net/netlink/af_netlink.h
+index 3cfd6cc..4fdb383 100644
+--- a/net/netlink/af_netlink.h
++++ b/net/netlink/af_netlink.h
+@@ -3,6 +3,7 @@
+
+ #include <linux/rhashtable.h>
+ #include <linux/atomic.h>
++#include <linux/workqueue.h>
+ #include <net/sock.h>
+
+ #define NLGRPSZ(x) (ALIGN(x, sizeof(unsigned long) * 8) / 8)
+@@ -33,6 +34,7 @@ struct netlink_sock {
+
+ struct rhash_head node;
+ struct rcu_head rcu;
++ struct work_struct work;
+ };
+
+ static inline struct netlink_sock *nlk_sk(struct sock *sk)
+diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c
+index d2238b2..dd23323 100644
+--- a/net/packet/af_packet.c
++++ b/net/packet/af_packet.c
+@@ -3648,19 +3648,25 @@ packet_setsockopt(struct socket *sock, int level, int optname, char __user *optv
+
+ if (optlen != sizeof(val))
+ return -EINVAL;
+- if (po->rx_ring.pg_vec || po->tx_ring.pg_vec)
+- return -EBUSY;
+ if (copy_from_user(&val, optval, sizeof(val)))
+ return -EFAULT;
+ switch (val) {
+ case TPACKET_V1:
+ case TPACKET_V2:
+ case TPACKET_V3:
+- po->tp_version = val;
+- return 0;
++ break;
+ default:
+ return -EINVAL;
+ }
++ lock_sock(sk);
++ if (po->rx_ring.pg_vec || po->tx_ring.pg_vec) {
++ ret = -EBUSY;
++ } else {
++ po->tp_version = val;
++ ret = 0;
++ }
++ release_sock(sk);
++ return ret;
+ }
+ case PACKET_RESERVE:
+ {
+@@ -4164,6 +4170,7 @@ static int packet_set_ring(struct sock *sk, union tpacket_req_u *req_u,
+ /* Added to avoid minimal code churn */
+ struct tpacket_req *req = &req_u->req;
+
++ lock_sock(sk);
+ /* Opening a Tx-ring is NOT supported in TPACKET_V3 */
+ if (!closing && tx_ring && (po->tp_version > TPACKET_V2)) {
+ net_warn_ratelimited("Tx-ring is not supported.\n");
+@@ -4245,7 +4252,6 @@ static int packet_set_ring(struct sock *sk, union tpacket_req_u *req_u,
+ goto out;
+ }
+
+- lock_sock(sk);
+
+ /* Detach socket from network */
+ spin_lock(&po->bind_lock);
+@@ -4294,11 +4300,11 @@ static int packet_set_ring(struct sock *sk, union tpacket_req_u *req_u,
+ if (!tx_ring)
+ prb_shutdown_retire_blk_timer(po, rb_queue);
+ }
+- release_sock(sk);
+
+ if (pg_vec)
+ free_pg_vec(pg_vec, order, req->tp_block_nr);
+ out:
++ release_sock(sk);
+ return err;
+ }
+
+diff --git a/net/sched/act_pedit.c b/net/sched/act_pedit.c
+index b54d56d..cf9b2fe 100644
+--- a/net/sched/act_pedit.c
++++ b/net/sched/act_pedit.c
+@@ -108,6 +108,17 @@ static void tcf_pedit_cleanup(struct tc_action *a, int bind)
+ kfree(keys);
+ }
+
++static bool offset_valid(struct sk_buff *skb, int offset)
++{
++ if (offset > 0 && offset > skb->len)
++ return false;
++
++ if (offset < 0 && -offset > skb_headroom(skb))
++ return false;
++
++ return true;
++}
++
+ static int tcf_pedit(struct sk_buff *skb, const struct tc_action *a,
+ struct tcf_result *res)
+ {
+@@ -134,6 +145,11 @@ static int tcf_pedit(struct sk_buff *skb, const struct tc_action *a,
+ if (tkey->offmask) {
+ char *d, _d;
+
++ if (!offset_valid(skb, off + tkey->at)) {
++ pr_info("tc filter pedit 'at' offset %d out of bounds\n",
++ off + tkey->at);
++ goto bad;
++ }
+ d = skb_header_pointer(skb, off + tkey->at, 1,
+ &_d);
+ if (!d)
+@@ -146,10 +162,10 @@ static int tcf_pedit(struct sk_buff *skb, const struct tc_action *a,
+ " offset must be on 32 bit boundaries\n");
+ goto bad;
+ }
+- if (offset > 0 && offset > skb->len) {
+- pr_info("tc filter pedit"
+- " offset %d can't exceed pkt length %d\n",
+- offset, skb->len);
++
++ if (!offset_valid(skb, off + offset)) {
++ pr_info("tc filter pedit offset %d out of bounds\n",
++ offset);
+ goto bad;
+ }
+
+diff --git a/net/sched/cls_basic.c b/net/sched/cls_basic.c
+index 0b8c3ac..1bf1f451 100644
+--- a/net/sched/cls_basic.c
++++ b/net/sched/cls_basic.c
+@@ -62,9 +62,6 @@ static unsigned long basic_get(struct tcf_proto *tp, u32 handle)
+ struct basic_head *head = rtnl_dereference(tp->root);
+ struct basic_filter *f;
+
+- if (head == NULL)
+- return 0UL;
+-
+ list_for_each_entry(f, &head->flist, link) {
+ if (f->handle == handle) {
+ l = (unsigned long) f;
+@@ -109,7 +106,6 @@ static bool basic_destroy(struct tcf_proto *tp, bool force)
+ tcf_unbind_filter(tp, &f->res);
+ call_rcu(&f->rcu, basic_delete_filter);
+ }
+- RCU_INIT_POINTER(tp->root, NULL);
+ kfree_rcu(head, rcu);
+ return true;
+ }
+diff --git a/net/sched/cls_bpf.c b/net/sched/cls_bpf.c
+index c3002c2..dbec458 100644
+--- a/net/sched/cls_bpf.c
++++ b/net/sched/cls_bpf.c
+@@ -200,7 +200,6 @@ static bool cls_bpf_destroy(struct tcf_proto *tp, bool force)
+ call_rcu(&prog->rcu, __cls_bpf_delete_prog);
+ }
+
+- RCU_INIT_POINTER(tp->root, NULL);
+ kfree_rcu(head, rcu);
+ return true;
+ }
+@@ -211,9 +210,6 @@ static unsigned long cls_bpf_get(struct tcf_proto *tp, u32 handle)
+ struct cls_bpf_prog *prog;
+ unsigned long ret = 0UL;
+
+- if (head == NULL)
+- return 0UL;
+-
+ list_for_each_entry(prog, &head->plist, link) {
+ if (prog->handle == handle) {
+ ret = (unsigned long) prog;
+diff --git a/net/sched/cls_cgroup.c b/net/sched/cls_cgroup.c
+index 4c85bd3..c104c20 100644
+--- a/net/sched/cls_cgroup.c
++++ b/net/sched/cls_cgroup.c
+@@ -130,11 +130,10 @@ static bool cls_cgroup_destroy(struct tcf_proto *tp, bool force)
+
+ if (!force)
+ return false;
+-
+- if (head) {
+- RCU_INIT_POINTER(tp->root, NULL);
++ /* Head can still be NULL due to cls_cgroup_init(). */
++ if (head)
+ call_rcu(&head->rcu, cls_cgroup_destroy_rcu);
+- }
++
+ return true;
+ }
+
+diff --git a/net/sched/cls_flow.c b/net/sched/cls_flow.c
+index fbfec6a..d7ba2b4 100644
+--- a/net/sched/cls_flow.c
++++ b/net/sched/cls_flow.c
+@@ -583,7 +583,6 @@ static bool flow_destroy(struct tcf_proto *tp, bool force)
+ list_del_rcu(&f->list);
+ call_rcu(&f->rcu, flow_destroy_filter);
+ }
+- RCU_INIT_POINTER(tp->root, NULL);
+ kfree_rcu(head, rcu);
+ return true;
+ }
+diff --git a/net/sched/cls_flower.c b/net/sched/cls_flower.c
+index 5060801..a411571 100644
+--- a/net/sched/cls_flower.c
++++ b/net/sched/cls_flower.c
+@@ -13,6 +13,7 @@
+ #include <linux/init.h>
+ #include <linux/module.h>
+ #include <linux/rhashtable.h>
++#include <linux/workqueue.h>
+
+ #include <linux/if_ether.h>
+ #include <linux/in6.h>
+@@ -55,7 +56,10 @@ struct cls_fl_head {
+ bool mask_assigned;
+ struct list_head filters;
+ struct rhashtable_params ht_params;
+- struct rcu_head rcu;
++ union {
++ struct work_struct work;
++ struct rcu_head rcu;
++ };
+ };
+
+ struct cls_fl_filter {
+@@ -239,6 +243,24 @@ static void fl_hw_update_stats(struct tcf_proto *tp, struct cls_fl_filter *f)
+ dev->netdev_ops->ndo_setup_tc(dev, tp->q->handle, tp->protocol, &tc);
+ }
+
++static void fl_destroy_sleepable(struct work_struct *work)
++{
++ struct cls_fl_head *head = container_of(work, struct cls_fl_head,
++ work);
++ if (head->mask_assigned)
++ rhashtable_destroy(&head->ht);
++ kfree(head);
++ module_put(THIS_MODULE);
++}
++
++static void fl_destroy_rcu(struct rcu_head *rcu)
++{
++ struct cls_fl_head *head = container_of(rcu, struct cls_fl_head, rcu);
++
++ INIT_WORK(&head->work, fl_destroy_sleepable);
++ schedule_work(&head->work);
++}
++
+ static bool fl_destroy(struct tcf_proto *tp, bool force)
+ {
+ struct cls_fl_head *head = rtnl_dereference(tp->root);
+@@ -252,10 +274,9 @@ static bool fl_destroy(struct tcf_proto *tp, bool force)
+ list_del_rcu(&f->list);
+ call_rcu(&f->rcu, fl_destroy_filter);
+ }
+- RCU_INIT_POINTER(tp->root, NULL);
+- if (head->mask_assigned)
+- rhashtable_destroy(&head->ht);
+- kfree_rcu(head, rcu);
++
++ __module_get(THIS_MODULE);
++ call_rcu(&head->rcu, fl_destroy_rcu);
+ return true;
+ }
+
+diff --git a/net/sched/cls_matchall.c b/net/sched/cls_matchall.c
+index 25927b6..f935429 100644
+--- a/net/sched/cls_matchall.c
++++ b/net/sched/cls_matchall.c
+@@ -114,7 +114,6 @@ static bool mall_destroy(struct tcf_proto *tp, bool force)
+
+ call_rcu(&f->rcu, mall_destroy_filter);
+ }
+- RCU_INIT_POINTER(tp->root, NULL);
+ kfree_rcu(head, rcu);
+ return true;
+ }
+diff --git a/net/sched/cls_rsvp.h b/net/sched/cls_rsvp.h
+index f9c9fc0..9992dfa 100644
+--- a/net/sched/cls_rsvp.h
++++ b/net/sched/cls_rsvp.h
+@@ -152,7 +152,8 @@ static int rsvp_classify(struct sk_buff *skb, const struct tcf_proto *tp,
+ return -1;
+ nhptr = ip_hdr(skb);
+ #endif
+-
++ if (unlikely(!head))
++ return -1;
+ restart:
+
+ #if RSVP_DST_LEN == 4
+diff --git a/net/sched/cls_tcindex.c b/net/sched/cls_tcindex.c
+index 944c8ff..403746b 100644
+--- a/net/sched/cls_tcindex.c
++++ b/net/sched/cls_tcindex.c
+@@ -503,7 +503,6 @@ static bool tcindex_destroy(struct tcf_proto *tp, bool force)
+ walker.fn = tcindex_destroy_element;
+ tcindex_walk(tp, &walker);
+
+- RCU_INIT_POINTER(tp->root, NULL);
+ call_rcu(&p->rcu, __tcindex_destroy);
+ return true;
+ }
+diff --git a/net/tipc/bearer.c b/net/tipc/bearer.c
+index 65b1bbf..6167699 100644
+--- a/net/tipc/bearer.c
++++ b/net/tipc/bearer.c
+@@ -402,6 +402,10 @@ int tipc_enable_l2_media(struct net *net, struct tipc_bearer *b,
+ dev = dev_get_by_name(net, driver_name);
+ if (!dev)
+ return -ENODEV;
++ if (tipc_mtu_bad(dev, 0)) {
++ dev_put(dev);
++ return -EINVAL;
++ }
+
+ /* Associate TIPC bearer with L2 bearer */
+ rcu_assign_pointer(b->media_ptr, dev);
+@@ -606,8 +610,6 @@ static int tipc_l2_device_event(struct notifier_block *nb, unsigned long evt,
+ if (!b)
+ return NOTIFY_DONE;
+
+- b->mtu = dev->mtu;
+-
+ switch (evt) {
+ case NETDEV_CHANGE:
+ if (netif_carrier_ok(dev))
+@@ -621,6 +623,11 @@ static int tipc_l2_device_event(struct notifier_block *nb, unsigned long evt,
+ tipc_reset_bearer(net, b);
+ break;
+ case NETDEV_CHANGEMTU:
++ if (tipc_mtu_bad(dev, 0)) {
++ bearer_disable(net, b);
++ break;
++ }
++ b->mtu = dev->mtu;
+ tipc_reset_bearer(net, b);
+ break;
+ case NETDEV_CHANGEADDR:
+diff --git a/net/tipc/bearer.h b/net/tipc/bearer.h
+index 43757f1..d93f1f1 100644
+--- a/net/tipc/bearer.h
++++ b/net/tipc/bearer.h
+@@ -39,6 +39,7 @@
+
+ #include "netlink.h"
+ #include "core.h"
++#include "msg.h"
+ #include <net/genetlink.h>
+
+ #define MAX_MEDIA 3
+@@ -59,6 +60,9 @@
+ #define TIPC_MEDIA_TYPE_IB 2
+ #define TIPC_MEDIA_TYPE_UDP 3
+
++/* minimum bearer MTU */
++#define TIPC_MIN_BEARER_MTU (MAX_H_SIZE + INT_H_SIZE)
++
+ /**
+ * struct tipc_media_addr - destination address used by TIPC bearers
+ * @value: address info (format defined by media)
+@@ -213,4 +217,13 @@ void tipc_bearer_xmit(struct net *net, u32 bearer_id,
+ void tipc_bearer_bc_xmit(struct net *net, u32 bearer_id,
+ struct sk_buff_head *xmitq);
+
++/* check if device MTU is too low for tipc headers */
++static inline bool tipc_mtu_bad(struct net_device *dev, unsigned int reserve)
++{
++ if (dev->mtu >= TIPC_MIN_BEARER_MTU + reserve)
++ return false;
++ netdev_warn(dev, "MTU too low for tipc bearer\n");
++ return true;
++}
++
+ #endif /* _TIPC_BEARER_H */
+diff --git a/net/tipc/udp_media.c b/net/tipc/udp_media.c
+index ae7e14c..f60f346 100644
+--- a/net/tipc/udp_media.c
++++ b/net/tipc/udp_media.c
+@@ -372,6 +372,11 @@ static int tipc_udp_enable(struct net *net, struct tipc_bearer *b,
+ udp_conf.local_ip.s_addr = htonl(INADDR_ANY);
+ udp_conf.use_udp_checksums = false;
+ ub->ifindex = dev->ifindex;
++ if (tipc_mtu_bad(dev, sizeof(struct iphdr) +
++ sizeof(struct udphdr))) {
++ err = -EINVAL;
++ goto err;
++ }
+ b->mtu = dev->mtu - sizeof(struct iphdr)
+ - sizeof(struct udphdr);
+ #if IS_ENABLED(CONFIG_IPV6)
+diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
+index 8309687..568f307 100644
+--- a/net/unix/af_unix.c
++++ b/net/unix/af_unix.c
+@@ -2199,7 +2199,8 @@ static int unix_dgram_recvmsg(struct socket *sock, struct msghdr *msg,
+ * Sleep until more data has arrived. But check for races..
+ */
+ static long unix_stream_data_wait(struct sock *sk, long timeo,
+- struct sk_buff *last, unsigned int last_len)
++ struct sk_buff *last, unsigned int last_len,
++ bool freezable)
+ {
+ struct sk_buff *tail;
+ DEFINE_WAIT(wait);
+@@ -2220,7 +2221,10 @@ static long unix_stream_data_wait(struct sock *sk, long timeo,
+
+ sk_set_bit(SOCKWQ_ASYNC_WAITDATA, sk);
+ unix_state_unlock(sk);
+- timeo = freezable_schedule_timeout(timeo);
++ if (freezable)
++ timeo = freezable_schedule_timeout(timeo);
++ else
++ timeo = schedule_timeout(timeo);
+ unix_state_lock(sk);
+
+ if (sock_flag(sk, SOCK_DEAD))
+@@ -2250,7 +2254,8 @@ struct unix_stream_read_state {
+ unsigned int splice_flags;
+ };
+
+-static int unix_stream_read_generic(struct unix_stream_read_state *state)
++static int unix_stream_read_generic(struct unix_stream_read_state *state,
++ bool freezable)
+ {
+ struct scm_cookie scm;
+ struct socket *sock = state->socket;
+@@ -2330,7 +2335,7 @@ static int unix_stream_read_generic(struct unix_stream_read_state *state)
+ mutex_unlock(&u->iolock);
+
+ timeo = unix_stream_data_wait(sk, timeo, last,
+- last_len);
++ last_len, freezable);
+
+ if (signal_pending(current)) {
+ err = sock_intr_errno(timeo);
+@@ -2472,7 +2477,7 @@ static int unix_stream_recvmsg(struct socket *sock, struct msghdr *msg,
+ .flags = flags
+ };
+
+- return unix_stream_read_generic(&state);
++ return unix_stream_read_generic(&state, true);
+ }
+
+ static ssize_t skb_unix_socket_splice(struct sock *sk,
+@@ -2518,7 +2523,7 @@ static ssize_t unix_stream_splice_read(struct socket *sock, loff_t *ppos,
+ flags & SPLICE_F_NONBLOCK)
+ state.flags = MSG_DONTWAIT;
+
+- return unix_stream_read_generic(&state);
++ return unix_stream_read_generic(&state, false);
+ }
+
+ static int unix_shutdown(struct socket *sock, int mode)
diff --git a/4.8.13/4420_grsecurity-3.1-4.8.13-201612082118.patch b/4.8.14/4420_grsecurity-3.1-4.8.14-201612110933.patch
similarity index 99%
rename from 4.8.13/4420_grsecurity-3.1-4.8.13-201612082118.patch
rename to 4.8.14/4420_grsecurity-3.1-4.8.14-201612110933.patch
index a2b5f41..c16e8f5 100644
--- a/4.8.13/4420_grsecurity-3.1-4.8.13-201612082118.patch
+++ b/4.8.14/4420_grsecurity-3.1-4.8.14-201612110933.patch
@@ -407,7 +407,7 @@ index ffab8b5..b8fcd61 100644
A toggle value indicating if modules are allowed to be loaded
diff --git a/Makefile b/Makefile
-index b38abe9..edadcba 100644
+index 6a74924..c5a7b40 100644
--- a/Makefile
+++ b/Makefile
@@ -302,7 +302,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \
@@ -12837,7 +12837,7 @@ index 988acc8b..f26345c 100644
pte_t *huge_pte_alloc(struct mm_struct *mm,
diff --git a/arch/sparc/mm/init_64.c b/arch/sparc/mm/init_64.c
-index 7ac6b62..58e934c 100644
+index 05c7708..222a546 100644
--- a/arch/sparc/mm/init_64.c
+++ b/arch/sparc/mm/init_64.c
@@ -189,9 +189,9 @@ unsigned long sparc64_kern_sec_context __read_mostly;
@@ -40819,10 +40819,10 @@ index 36c7ac3..ba1f2fd 100644
blk_requestq_cachep = kmem_cache_create("request_queue",
sizeof(struct request_queue), 0, SLAB_PANIC, NULL);
diff --git a/block/blk-map.c b/block/blk-map.c
-index b8657fa..dad7c1e 100644
+index 27fd8d92..c03179e 100644
--- a/block/blk-map.c
+++ b/block/blk-map.c
-@@ -219,7 +219,7 @@ int blk_rq_map_kern(struct request_queue *q, struct request *rq, void *kbuf,
+@@ -223,7 +223,7 @@ int blk_rq_map_kern(struct request_queue *q, struct request *rq, void *kbuf,
if (!len || !kbuf)
return -EINVAL;
@@ -63902,10 +63902,10 @@ index 771cc26..c681a90 100644
/*
* Init NAPI, so that state is set to NAPI_STATE_SCHED,
diff --git a/drivers/net/ethernet/cadence/macb.c b/drivers/net/ethernet/cadence/macb.c
-index d954a97..2a1c33a 100644
+index ef0dbcf..8d94c43 100644
--- a/drivers/net/ethernet/cadence/macb.c
+++ b/drivers/net/ethernet/cadence/macb.c
-@@ -1341,7 +1341,7 @@ static inline int macb_clear_csum(struct sk_buff *skb)
+@@ -1342,7 +1342,7 @@ static inline int macb_clear_csum(struct sk_buff *skb)
return 0;
}
@@ -63914,7 +63914,7 @@ index d954a97..2a1c33a 100644
{
u16 queue_index = skb_get_queue_mapping(skb);
struct macb *bp = netdev_priv(dev);
-@@ -2612,7 +2612,7 @@ static int at91ether_close(struct net_device *dev)
+@@ -2611,7 +2611,7 @@ static int at91ether_close(struct net_device *dev)
}
/* Transmit packet */
@@ -64986,7 +64986,7 @@ index e55638c..5fe3a62 100644
int (*set_speed)(struct net_device *, u8 aneg, u16 sp, u8 dpx, u32 adv);
int (*get_settings)(struct net_device *, struct ethtool_cmd *);
diff --git a/drivers/net/ethernet/renesas/sh_eth.c b/drivers/net/ethernet/renesas/sh_eth.c
-index 054e795..5180c73 100644
+index 92c9a95..1c8f44b 100644
--- a/drivers/net/ethernet/renesas/sh_eth.c
+++ b/drivers/net/ethernet/renesas/sh_eth.c
@@ -2300,7 +2300,7 @@ static void sh_eth_tx_timeout(struct net_device *ndev)
@@ -65408,10 +65408,10 @@ index 93dc10b..6598671 100644
struct net_local *lp = netdev_priv(dev);
struct sk_buff *new_skb;
diff --git a/drivers/net/geneve.c b/drivers/net/geneve.c
-index 16af1ce..deabcc5 100644
+index 5ad706b..6a5d38a 100644
--- a/drivers/net/geneve.c
+++ b/drivers/net/geneve.c
-@@ -1450,7 +1450,7 @@ nla_put_failure:
+@@ -1444,7 +1444,7 @@ nla_put_failure:
return -EMSGSIZE;
}
@@ -65420,7 +65420,7 @@ index 16af1ce..deabcc5 100644
.kind = "geneve",
.maxtype = IFLA_GENEVE_MAX,
.policy = geneve_policy,
-@@ -1516,7 +1516,7 @@ static int geneve_netdevice_event(struct notifier_block *unused,
+@@ -1510,7 +1510,7 @@ static int geneve_netdevice_event(struct notifier_block *unused,
return NOTIFY_DONE;
}
@@ -66151,7 +66151,7 @@ index a2515887..6d13233 100644
/* we will have to manufacture ethernet headers, prepare template */
diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c
-index bf3fd34..43d918f 100644
+index d807209..90cc005 100644
--- a/drivers/net/virtio_net.c
+++ b/drivers/net/virtio_net.c
@@ -48,7 +48,7 @@ module_param(gso, bool, 0444);
@@ -140959,7 +140959,7 @@ index 8d4608c..460372d 100644
int __genl_register_family(struct genl_family *family);
diff --git a/include/net/gro_cells.h b/include/net/gro_cells.h
-index d15214d..f6de1b4 100644
+index 2a1abbf..93305b8 100644
--- a/include/net/gro_cells.h
+++ b/include/net/gro_cells.h
@@ -25,7 +25,7 @@ static inline int gro_cells_receive(struct gro_cells *gcells, struct sk_buff *sk
@@ -159318,7 +159318,7 @@ index cb06ace..3cab3fc 100644
fp->len = fprog->len;
/* Since unattached filters are not copied back to user
diff --git a/net/core/flow.c b/net/core/flow.c
-index 3937b1b..b18d1cb 100644
+index 18e8893..82936b2 100644
--- a/net/core/flow.c
+++ b/net/core/flow.c
@@ -65,7 +65,7 @@ static void flow_cache_new_hashrnd(unsigned long arg)
@@ -159330,16 +159330,7 @@ index 3937b1b..b18d1cb 100644
return 0;
if (fle->object && !fle->object->ops->check(fle->object))
return 0;
-@@ -238,7 +238,7 @@ flow_cache_lookup(struct net *net, const struct flowi *key, u16 family, u8 dir,
-
- if (fcp->hash_count > 2 * fc->high_watermark ||
- atomic_read(&net->xfrm.flow_cache_gc_count) > fc->high_watermark) {
-- atomic_inc(&net->xfrm.flow_cache_genid);
-+ atomic_inc_unchecked(&net->xfrm.flow_cache_genid);
- flo = ERR_PTR(-ENOBUFS);
- goto ret_object;
- }
-@@ -253,7 +253,7 @@ flow_cache_lookup(struct net *net, const struct flowi *key, u16 family, u8 dir,
+@@ -251,7 +251,7 @@ flow_cache_lookup(struct net *net, const struct flowi *key, u16 family, u8 dir,
hlist_add_head(&fle->u.hlist, &fcp->hash_table[hash]);
fcp->hash_count++;
}
@@ -159348,7 +159339,7 @@ index 3937b1b..b18d1cb 100644
flo = fle->object;
if (!flo)
goto ret_object;
-@@ -274,7 +274,7 @@ nocache:
+@@ -272,7 +272,7 @@ nocache:
}
flo = resolver(net, key, family, dir, flo, ctx);
if (fle) {
@@ -159525,10 +159516,10 @@ index 6e4f347..8eff663 100644
static DEVICE_ATTR_RO(carrier_changes);
diff --git a/net/core/net_namespace.c b/net/core/net_namespace.c
-index 2c2eb1b..2f3b518 100644
+index 2e9a1c2..95e9455 100644
--- a/net/core/net_namespace.c
+++ b/net/core/net_namespace.c
-@@ -526,7 +526,7 @@ static __net_exit void net_ns_net_exit(struct net *net)
+@@ -528,7 +528,7 @@ static __net_exit void net_ns_net_exit(struct net *net)
ns_free_inum(&net->ns);
}
@@ -159537,7 +159528,7 @@ index 2c2eb1b..2f3b518 100644
.init = net_ns_net_init,
.exit = net_ns_net_exit,
};
-@@ -775,7 +775,7 @@ static int __register_pernet_operations(struct list_head *list,
+@@ -777,7 +777,7 @@ static int __register_pernet_operations(struct list_head *list,
int error;
LIST_HEAD(net_exit_list);
@@ -159546,7 +159537,7 @@ index 2c2eb1b..2f3b518 100644
if (ops->init || (ops->id && ops->size)) {
for_each_net(net) {
error = ops_init(ops, net);
-@@ -788,7 +788,7 @@ static int __register_pernet_operations(struct list_head *list,
+@@ -790,7 +790,7 @@ static int __register_pernet_operations(struct list_head *list,
out_undo:
/* If I have an error cleanup all namespaces I initialized */
@@ -159555,7 +159546,7 @@ index 2c2eb1b..2f3b518 100644
ops_exit_list(ops, &net_exit_list);
ops_free_list(ops, &net_exit_list);
return error;
-@@ -799,7 +799,7 @@ static void __unregister_pernet_operations(struct pernet_operations *ops)
+@@ -801,7 +801,7 @@ static void __unregister_pernet_operations(struct pernet_operations *ops)
struct net *net;
LIST_HEAD(net_exit_list);
@@ -159564,7 +159555,7 @@ index 2c2eb1b..2f3b518 100644
for_each_net(net)
list_add_tail(&net->exit_list, &net_exit_list);
ops_exit_list(ops, &net_exit_list);
-@@ -933,7 +933,7 @@ int register_pernet_device(struct pernet_operations *ops)
+@@ -935,7 +935,7 @@ int register_pernet_device(struct pernet_operations *ops)
mutex_lock(&net_mutex);
error = register_pernet_operations(&pernet_list, ops);
if (!error && (first_device == &pernet_list))
@@ -159609,7 +159600,7 @@ index 306b8f0..0214187 100644
pr_warn("cannot create /proc/net/%s\n", PG_PROC_DIR);
return -ENODEV;
diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
-index 189cc78..d76c934 100644
+index 08c3702..d50e672 100644
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c
@@ -61,7 +61,7 @@ struct rtnl_link {
@@ -159656,7 +159647,7 @@ index 189cc78..d76c934 100644
nla_put_u8(skb, IFLA_PROTO_DOWN, dev->proto_down))
goto nla_put_failure;
-@@ -3829,7 +3832,7 @@ static int rtnetlink_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
+@@ -3832,7 +3835,7 @@ static int rtnetlink_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
__rtnl_unlock();
rtnl = net->rtnl;
{
@@ -159758,7 +159749,7 @@ index 3864b4b6..d2cbe83 100644
}
diff --git a/net/core/sock.c b/net/core/sock.c
-index 10acacc..8b564eb 100644
+index ba27920..3f998d0 100644
--- a/net/core/sock.c
+++ b/net/core/sock.c
@@ -411,13 +411,13 @@ int __sock_queue_rcv_skb(struct sock *sk, struct sk_buff *skb)
@@ -160360,7 +160351,7 @@ index cb7176c..afd2c62 100644
return NULL;
}
diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c
-index eebbc0f..59069ff 100644
+index ed22af6..0e88bcd 100644
--- a/net/ipv4/af_inet.c
+++ b/net/ipv4/af_inet.c
@@ -1445,7 +1445,7 @@ int inet_recv_error(struct sock *sk, struct msghdr *msg, int len, int *addr_len)
@@ -160504,10 +160495,10 @@ index 062a67c..cb05c97 100644
.exit = devinet_exit_net,
};
diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c
-index 1b25daf..9ef9ef2 100644
+index 9301308..e164d8d 100644
--- a/net/ipv4/fib_frontend.c
+++ b/net/ipv4/fib_frontend.c
-@@ -1141,12 +1141,12 @@ static int fib_inetaddr_event(struct notifier_block *this, unsigned long event,
+@@ -1151,12 +1151,12 @@ static int fib_inetaddr_event(struct notifier_block *this, unsigned long event,
#ifdef CONFIG_IP_ROUTE_MULTIPATH
fib_sync_up(dev, RTNH_F_DEAD);
#endif
@@ -160522,7 +160513,7 @@ index 1b25daf..9ef9ef2 100644
if (!ifa->ifa_dev->ifa_list) {
/* Last address was deleted from this interface.
* Disable IP.
-@@ -1186,7 +1186,7 @@ static int fib_netdev_event(struct notifier_block *this, unsigned long event, vo
+@@ -1196,7 +1196,7 @@ static int fib_netdev_event(struct notifier_block *this, unsigned long event, vo
#ifdef CONFIG_IP_ROUTE_MULTIPATH
fib_sync_up(dev, RTNH_F_DEAD);
#endif
@@ -160974,7 +160965,7 @@ index 4a9e6db..06174e1 100644
pr_err("Unable to proc dir entry\n");
return -ENOMEM;
diff --git a/net/ipv4/ping.c b/net/ipv4/ping.c
-index 66ddcb6..0de0097 100644
+index dcdd5ae..2b7b5a2 100644
--- a/net/ipv4/ping.c
+++ b/net/ipv4/ping.c
@@ -59,7 +59,7 @@ struct ping_table {
@@ -161013,7 +161004,7 @@ index 66ddcb6..0de0097 100644
info, (u8 *)icmph);
#endif
}
-@@ -924,10 +924,10 @@ int ping_recvmsg(struct sock *sk, struct msghdr *msg, size_t len, int noblock,
+@@ -928,10 +928,10 @@ int ping_recvmsg(struct sock *sk, struct msghdr *msg, size_t len, int noblock,
}
if (inet6_sk(sk)->rxopt.all)
@@ -161026,7 +161017,7 @@ index 66ddcb6..0de0097 100644
else if (skb->protocol == htons(ETH_P_IP) && isk->cmsg_flags)
ip_cmsg_recv(msg, skb);
#endif
-@@ -1124,7 +1124,7 @@ static void ping_v4_format_sock(struct sock *sp, struct seq_file *f,
+@@ -1128,7 +1128,7 @@ static void ping_v4_format_sock(struct sock *sp, struct seq_file *f,
from_kuid_munged(seq_user_ns(f), sock_i_uid(sp)),
0, sock_i_ino(sp),
atomic_read(&sp->sk_refcnt), sp,
@@ -161603,7 +161594,7 @@ index f712b41..b651403 100644
syn_set ? 0 : icsk->icsk_user_timeout, syn_set)) {
/* Has it gone just too far? */
diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c
-index c0d71e7..f4b404a3 100644
+index a2d54f5..f94953a 100644
--- a/net/ipv4/udp.c
+++ b/net/ipv4/udp.c
@@ -87,6 +87,7 @@
@@ -161826,7 +161817,7 @@ index 542074c..648df74 100644
sizeof(XFRM_MODE_SKB_CB(skb)->flow_lbl));
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
-index f5432d6..42b4ef0 100644
+index 8f2e36f..720a68f 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -179,7 +179,7 @@ static struct ipv6_devconf ipv6_devconf __read_mostly = {
@@ -161865,7 +161856,7 @@ index f5432d6..42b4ef0 100644
if (ops->ndo_do_ioctl) {
mm_segment_t oldfs = get_fs();
-@@ -4119,16 +4119,23 @@ static const struct file_operations if6_fops = {
+@@ -4125,16 +4125,23 @@ static const struct file_operations if6_fops = {
.release = seq_release_net,
};
@@ -161890,7 +161881,7 @@ index f5432d6..42b4ef0 100644
}
static struct pernet_operations if6_proc_net_ops = {
-@@ -4747,7 +4754,7 @@ static int inet6_dump_addr(struct sk_buff *skb, struct netlink_callback *cb,
+@@ -4753,7 +4760,7 @@ static int inet6_dump_addr(struct sk_buff *skb, struct netlink_callback *cb,
s_ip_idx = ip_idx = cb->args[2];
rcu_read_lock();
@@ -161899,7 +161890,7 @@ index f5432d6..42b4ef0 100644
for (h = s_h; h < NETDEV_HASHENTRIES; h++, s_idx = 0) {
idx = 0;
head = &net->dev_index_head[h];
-@@ -4960,7 +4967,7 @@ static inline size_t inet6_if_nlmsg_size(void)
+@@ -4966,7 +4973,7 @@ static inline size_t inet6_if_nlmsg_size(void)
+ nla_total_size(inet6_ifla6_size()); /* IFLA_PROTINFO */
}
@@ -161908,7 +161899,7 @@ index f5432d6..42b4ef0 100644
int items, int bytes)
{
int i;
-@@ -4970,7 +4977,7 @@ static inline void __snmp6_fill_statsdev(u64 *stats, atomic_long_t *mib,
+@@ -4976,7 +4983,7 @@ static inline void __snmp6_fill_statsdev(u64 *stats, atomic_long_t *mib,
/* Use put_unaligned() because stats may not be aligned for u64. */
put_unaligned(items, &stats[0]);
for (i = 1; i < items; i++)
@@ -161917,7 +161908,7 @@ index f5432d6..42b4ef0 100644
memset(&stats[items], 0, pad);
}
-@@ -5427,7 +5434,7 @@ static void __ipv6_ifa_notify(int event, struct inet6_ifaddr *ifp)
+@@ -5433,7 +5440,7 @@ static void __ipv6_ifa_notify(int event, struct inet6_ifaddr *ifp)
rt_genid_bump_ipv6(net);
break;
}
@@ -161926,7 +161917,7 @@ index f5432d6..42b4ef0 100644
}
static void ipv6_ifa_notify(int event, struct inet6_ifaddr *ifp)
-@@ -5447,7 +5454,7 @@ int addrconf_sysctl_forward(struct ctl_table *ctl, int write,
+@@ -5453,7 +5460,7 @@ int addrconf_sysctl_forward(struct ctl_table *ctl, int write,
int *valp = ctl->data;
int val = *valp;
loff_t pos = *ppos;
@@ -161935,7 +161926,7 @@ index f5432d6..42b4ef0 100644
int ret;
/*
-@@ -5470,7 +5477,7 @@ static
+@@ -5476,7 +5483,7 @@ static
int addrconf_sysctl_hop_limit(struct ctl_table *ctl, int write,
void __user *buffer, size_t *lenp, loff_t *ppos)
{
@@ -161944,7 +161935,7 @@ index f5432d6..42b4ef0 100644
int min_hl = 1, max_hl = 255;
lctl = *ctl;
-@@ -5486,7 +5493,7 @@ int addrconf_sysctl_mtu(struct ctl_table *ctl, int write,
+@@ -5492,7 +5499,7 @@ int addrconf_sysctl_mtu(struct ctl_table *ctl, int write,
{
struct inet6_dev *idev = ctl->extra1;
int min_mtu = IPV6_MIN_MTU;
@@ -161953,7 +161944,7 @@ index f5432d6..42b4ef0 100644
lctl = *ctl;
lctl.extra1 = &min_mtu;
-@@ -5561,7 +5568,7 @@ int addrconf_sysctl_disable(struct ctl_table *ctl, int write,
+@@ -5567,7 +5574,7 @@ int addrconf_sysctl_disable(struct ctl_table *ctl, int write,
int *valp = ctl->data;
int val = *valp;
loff_t pos = *ppos;
@@ -161962,7 +161953,7 @@ index f5432d6..42b4ef0 100644
int ret;
/*
-@@ -5626,7 +5633,7 @@ static int addrconf_sysctl_stable_secret(struct ctl_table *ctl, int write,
+@@ -5632,7 +5639,7 @@ static int addrconf_sysctl_stable_secret(struct ctl_table *ctl, int write,
int err;
struct in6_addr addr;
char str[IPV6_MAX_STRLEN];
@@ -161971,7 +161962,7 @@ index f5432d6..42b4ef0 100644
struct net *net = ctl->extra2;
struct ipv6_stable_secret *secret = ctl->data;
-@@ -5695,7 +5702,7 @@ int addrconf_sysctl_ignore_routes_with_linkdown(struct ctl_table *ctl,
+@@ -5701,7 +5708,7 @@ int addrconf_sysctl_ignore_routes_with_linkdown(struct ctl_table *ctl,
int *valp = ctl->data;
int val = *valp;
loff_t pos = *ppos;
@@ -161980,7 +161971,7 @@ index f5432d6..42b4ef0 100644
int ret;
/* ctl->data points to idev->cnf.ignore_routes_when_linkdown
-@@ -6035,7 +6042,7 @@ static int __addrconf_sysctl_register(struct net *net, char *dev_name,
+@@ -6041,7 +6048,7 @@ static int __addrconf_sysctl_register(struct net *net, char *dev_name,
struct inet6_dev *idev, struct ipv6_devconf *p)
{
int i, ifindex;
@@ -162111,7 +162102,7 @@ index edc3daa..c951634 100644
.maxtype = IFLA_GRE_MAX,
.policy = ip6gre_policy,
diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c
-index 41489f3..62a4ed4 100644
+index da4e7b3..fd21a2d 100644
--- a/net/ipv6/ip6_tunnel.c
+++ b/net/ipv6/ip6_tunnel.c
@@ -80,7 +80,7 @@ static u32 HASH(const struct in6_addr *addr1, const struct in6_addr *addr2)
@@ -162123,7 +162114,7 @@ index 41489f3..62a4ed4 100644
static int ip6_tnl_net_id __read_mostly;
struct ip6_tnl_net {
-@@ -1997,7 +1997,7 @@ static const struct nla_policy ip6_tnl_policy[IFLA_IPTUN_MAX + 1] = {
+@@ -2005,7 +2005,7 @@ static const struct nla_policy ip6_tnl_policy[IFLA_IPTUN_MAX + 1] = {
[IFLA_IPTUN_ENCAP_DPORT] = { .type = NLA_U16 },
};
@@ -162611,7 +162602,7 @@ index af6a09e..3dafd52 100644
}
diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c
-index c2a8656..cef76e9 100644
+index fa39ab8..580da9b 100644
--- a/net/ipv6/udp.c
+++ b/net/ipv6/udp.c
@@ -78,6 +78,10 @@ static u32 udp6_ehashfn(const struct net *net,
@@ -163562,10 +163553,10 @@ index 57fc5a4..310e75b 100644
}
diff --git a/net/l2tp/l2tp_ip.c b/net/l2tp/l2tp_ip.c
-index 42de4cc..f00aa3e 100644
+index d0e906d..a6abcf4 100644
--- a/net/l2tp/l2tp_ip.c
+++ b/net/l2tp/l2tp_ip.c
-@@ -610,7 +610,7 @@ static struct inet_protosw l2tp_ip_protosw = {
+@@ -611,7 +611,7 @@ static struct inet_protosw l2tp_ip_protosw = {
.ops = &l2tp_ip_ops,
};
@@ -163575,10 +163566,10 @@ index 42de4cc..f00aa3e 100644
.netns_ok = 1,
};
diff --git a/net/l2tp/l2tp_ip6.c b/net/l2tp/l2tp_ip6.c
-index ea2ae66..0ef42f0 100644
+index b9c6a41..95592d6 100644
--- a/net/l2tp/l2tp_ip6.c
+++ b/net/l2tp/l2tp_ip6.c
-@@ -771,7 +771,7 @@ static struct inet_protosw l2tp_ip6_protosw = {
+@@ -772,7 +772,7 @@ static struct inet_protosw l2tp_ip6_protosw = {
.ops = &l2tp_ip6_ops,
};
@@ -165372,7 +165363,7 @@ index 11de55e..f25e448 100644
return 0;
}
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
-index 62bea45..94c8501 100644
+index 246f29d..1b68023 100644
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
@@ -287,7 +287,7 @@ static void netlink_overrun(struct sock *sk)
@@ -165384,7 +165375,7 @@ index 62bea45..94c8501 100644
}
static void netlink_rcv_wake(struct sock *sk)
-@@ -1703,11 +1703,12 @@ static void netlink_cmsg_recv_pktinfo(struct msghdr *msg, struct sk_buff *skb)
+@@ -1720,11 +1720,12 @@ static void netlink_cmsg_recv_pktinfo(struct msghdr *msg, struct sk_buff *skb)
static void netlink_cmsg_listen_all_nsid(struct sock *sk, struct msghdr *msg,
struct sk_buff *skb)
{
@@ -165399,7 +165390,7 @@ index 62bea45..94c8501 100644
}
static int netlink_sendmsg(struct socket *sock, struct msghdr *msg, size_t len)
-@@ -2151,7 +2152,9 @@ errout_skb:
+@@ -2168,7 +2169,9 @@ errout_skb:
int __netlink_dump_start(struct sock *ssk, struct sk_buff *skb,
const struct nlmsghdr *nlh,
@@ -165410,7 +165401,7 @@ index 62bea45..94c8501 100644
{
struct netlink_callback *cb;
struct sock *sk;
-@@ -2174,7 +2177,7 @@ int __netlink_dump_start(struct sock *ssk, struct sk_buff *skb,
+@@ -2191,7 +2194,7 @@ int __netlink_dump_start(struct sock *ssk, struct sk_buff *skb,
goto error_unlock;
}
/* add reference of module which cb->dump belongs to */
@@ -165419,7 +165410,7 @@ index 62bea45..94c8501 100644
ret = -EPROTONOSUPPORT;
goto error_unlock;
}
-@@ -2185,8 +2188,8 @@ int __netlink_dump_start(struct sock *ssk, struct sk_buff *skb,
+@@ -2202,8 +2205,8 @@ int __netlink_dump_start(struct sock *ssk, struct sk_buff *skb,
cb->dump = control->dump;
cb->done = control->done;
cb->nlh = nlh;
@@ -165430,7 +165421,7 @@ index 62bea45..94c8501 100644
cb->min_dump_alloc = control->min_dump_alloc;
cb->skb = skb;
-@@ -2453,7 +2456,7 @@ static int netlink_seq_show(struct seq_file *seq, void *v)
+@@ -2470,7 +2473,7 @@ static int netlink_seq_show(struct seq_file *seq, void *v)
sk_wmem_alloc_get(s),
nlk->cb_running,
atomic_read(&s->sk_refcnt),
@@ -165439,7 +165430,7 @@ index 62bea45..94c8501 100644
sock_i_ino(s)
);
-@@ -2560,7 +2563,7 @@ static void __init netlink_add_usersock_entry(void)
+@@ -2577,7 +2580,7 @@ static void __init netlink_add_usersock_entry(void)
netlink_table_ungrab();
}
@@ -165612,7 +165603,7 @@ index 7eb955e..479c9a6 100644
static int __init ovs_vxlan_tnl_init(void)
diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c
-index d2238b2..746fec2 100644
+index dd23323..746fec2 100644
--- a/net/packet/af_packet.c
+++ b/net/packet/af_packet.c
@@ -278,7 +278,7 @@ static int packet_direct_xmit(struct sk_buff *skb)
@@ -165667,38 +165658,7 @@ index d2238b2..746fec2 100644
spin_unlock(&sk->sk_receive_queue.lock);
drop_n_restore:
-@@ -3648,19 +3648,25 @@ packet_setsockopt(struct socket *sock, int level, int optname, char __user *optv
-
- if (optlen != sizeof(val))
- return -EINVAL;
-- if (po->rx_ring.pg_vec || po->tx_ring.pg_vec)
-- return -EBUSY;
- if (copy_from_user(&val, optval, sizeof(val)))
- return -EFAULT;
- switch (val) {
- case TPACKET_V1:
- case TPACKET_V2:
- case TPACKET_V3:
-+ break;
-+ default:
-+ return -EINVAL;
-+ }
-+ lock_sock(sk);
-+ if (po->rx_ring.pg_vec || po->tx_ring.pg_vec) {
-+ ret = -EBUSY;
-+ } else {
- po->tp_version = val;
-- return 0;
-- default:
-- return -EINVAL;
-+ ret = 0;
- }
-+ release_sock(sk);
-+ return ret;
- }
- case PACKET_RESERVE:
- {
-@@ -3841,7 +3847,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname,
+@@ -3847,7 +3847,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname,
case PACKET_HDRLEN:
if (len > sizeof(int))
len = sizeof(int);
@@ -165707,7 +165667,7 @@ index d2238b2..746fec2 100644
return -EFAULT;
switch (val) {
case TPACKET_V1:
-@@ -3876,9 +3882,9 @@ static int packet_getsockopt(struct socket *sock, int level, int optname,
+@@ -3882,9 +3882,9 @@ static int packet_getsockopt(struct socket *sock, int level, int optname,
case PACKET_ROLLOVER_STATS:
if (!po->rollover)
return -EINVAL;
@@ -165720,7 +165680,7 @@ index d2238b2..746fec2 100644
data = &rstats;
lv = sizeof(rstats);
break;
-@@ -3896,7 +3902,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname,
+@@ -3902,7 +3902,7 @@ static int packet_getsockopt(struct socket *sock, int level, int optname,
len = lv;
if (put_user(len, optlen))
return -EFAULT;
@@ -165729,35 +165689,6 @@ index d2238b2..746fec2 100644
return -EFAULT;
return 0;
}
-@@ -4164,6 +4170,7 @@ static int packet_set_ring(struct sock *sk, union tpacket_req_u *req_u,
- /* Added to avoid minimal code churn */
- struct tpacket_req *req = &req_u->req;
-
-+ lock_sock(sk);
- /* Opening a Tx-ring is NOT supported in TPACKET_V3 */
- if (!closing && tx_ring && (po->tp_version > TPACKET_V2)) {
- net_warn_ratelimited("Tx-ring is not supported.\n");
-@@ -4245,7 +4252,6 @@ static int packet_set_ring(struct sock *sk, union tpacket_req_u *req_u,
- goto out;
- }
-
-- lock_sock(sk);
-
- /* Detach socket from network */
- spin_lock(&po->bind_lock);
-@@ -4294,11 +4300,11 @@ static int packet_set_ring(struct sock *sk, union tpacket_req_u *req_u,
- if (!tx_ring)
- prb_shutdown_retire_blk_timer(po, rb_queue);
- }
-- release_sock(sk);
-
- if (pg_vec)
- free_pg_vec(pg_vec, order, req->tp_block_nr);
- out:
-+ release_sock(sk);
- return err;
- }
-
diff --git a/net/packet/diag.c b/net/packet/diag.c
index 0ed68f0..54c1dbe 100644
--- a/net/packet/diag.c
@@ -167438,7 +167369,7 @@ index 0dd0224..36a22a0 100644
sub->evt.event = htohl(event, sub->swap);
sub->evt.found_lower = htohl(found_lower, sub->swap);
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
-index 8309687..50b3b18 100644
+index 568f307..e5ca018 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -921,6 +921,12 @@ static struct sock *unix_find_other(struct net *net,
@@ -167488,7 +167419,7 @@ index 8309687..50b3b18 100644
done_path_create(&path, dentry);
return err;
}
-@@ -2799,9 +2819,13 @@ static int unix_seq_show(struct seq_file *seq, void *v)
+@@ -2804,9 +2824,13 @@ static int unix_seq_show(struct seq_file *seq, void *v)
seq_puts(seq, "Num RefCount Protocol Flags Type St "
"Inode Path\n");
else {
@@ -167503,7 +167434,7 @@ index 8309687..50b3b18 100644
seq_printf(seq, "%pK: %08X %08X %08X %04X %02X %5lu",
s,
-@@ -2826,10 +2850,29 @@ static int unix_seq_show(struct seq_file *seq, void *v)
+@@ -2831,10 +2855,29 @@ static int unix_seq_show(struct seq_file *seq, void *v)
seq_putc(seq, '@');
i++;
}
@@ -170220,7 +170151,7 @@ index 172850b..a4e216d 100644
{
return symtab->add_cgraph_insertion_hook(hook, data);
diff --git a/scripts/gcc-plugins/gcc-generate-gimple-pass.h b/scripts/gcc-plugins/gcc-generate-gimple-pass.h
-index 526c3c7..0b081fe 100644
+index 526c3c7..831300b 100644
--- a/scripts/gcc-plugins/gcc-generate-gimple-pass.h
+++ b/scripts/gcc-plugins/gcc-generate-gimple-pass.h
@@ -119,7 +119,7 @@ public:
@@ -170232,6 +170163,50 @@ index 526c3c7..0b081fe 100644
#ifndef NO_EXECUTE
#if BUILDING_GCC_VERSION >= 5000
+@@ -136,6 +136,7 @@ opt_pass *_MAKE_PASS_NAME_PASS(void)
+ return new _PASS_NAME_PASS();
+ }
+ #else
++struct opt_pass *_MAKE_PASS_NAME_PASS(void);
+ struct opt_pass *_MAKE_PASS_NAME_PASS(void)
+ {
+ return &_PASS_NAME_PASS.pass;
+diff --git a/scripts/gcc-plugins/gcc-generate-ipa-pass.h b/scripts/gcc-plugins/gcc-generate-ipa-pass.h
+index 9bd926e..93d8743 100644
+--- a/scripts/gcc-plugins/gcc-generate-ipa-pass.h
++++ b/scripts/gcc-plugins/gcc-generate-ipa-pass.h
+@@ -225,6 +225,7 @@ opt_pass *_MAKE_PASS_NAME_PASS(void)
+ return new _PASS_NAME_PASS();
+ }
+ #else
++struct opt_pass *_MAKE_PASS_NAME_PASS(void);
+ struct opt_pass *_MAKE_PASS_NAME_PASS(void)
+ {
+ return &_PASS_NAME_PASS.pass;
+diff --git a/scripts/gcc-plugins/gcc-generate-rtl-pass.h b/scripts/gcc-plugins/gcc-generate-rtl-pass.h
+index 1dc67a5..e858d67 100644
+--- a/scripts/gcc-plugins/gcc-generate-rtl-pass.h
++++ b/scripts/gcc-plugins/gcc-generate-rtl-pass.h
+@@ -136,6 +136,7 @@ opt_pass *_MAKE_PASS_NAME_PASS(void)
+ return new _PASS_NAME_PASS();
+ }
+ #else
++struct opt_pass *_MAKE_PASS_NAME_PASS(void);
+ struct opt_pass *_MAKE_PASS_NAME_PASS(void)
+ {
+ return &_PASS_NAME_PASS.pass;
+diff --git a/scripts/gcc-plugins/gcc-generate-simple_ipa-pass.h b/scripts/gcc-plugins/gcc-generate-simple_ipa-pass.h
+index a27e2b3..d5ed4e2 100644
+--- a/scripts/gcc-plugins/gcc-generate-simple_ipa-pass.h
++++ b/scripts/gcc-plugins/gcc-generate-simple_ipa-pass.h
+@@ -136,6 +136,7 @@ opt_pass *_MAKE_PASS_NAME_PASS(void)
+ return new _PASS_NAME_PASS();
+ }
+ #else
++struct opt_pass *_MAKE_PASS_NAME_PASS(void);
+ struct opt_pass *_MAKE_PASS_NAME_PASS(void)
+ {
+ return &_PASS_NAME_PASS.pass;
diff --git a/scripts/gcc-plugins/gen-random-seed.sh b/scripts/gcc-plugins/gen-random-seed.sh
new file mode 100644
index 0000000..7514850
@@ -172617,7 +172592,7 @@ index 0000000..a213367
+}
diff --git a/scripts/gcc-plugins/latent_entropy_plugin.c b/scripts/gcc-plugins/latent_entropy_plugin.c
new file mode 100644
-index 0000000..4ff5389
+index 0000000..fc16dd7
--- /dev/null
+++ b/scripts/gcc-plugins/latent_entropy_plugin.c
@@ -0,0 +1,613 @@
@@ -172704,7 +172679,7 @@ index 0000000..4ff5389
+static GTY(()) tree latent_entropy_decl;
+
+static struct plugin_info latent_entropy_plugin_info = {
-+ .version = "201610182310",
++ .version = "20161210",
+ .help = "disable\tturn off latent entropy instrumentation\n",
+};
+
@@ -174462,10 +174437,10 @@ index 0000000..2f53f14
+#include "gcc-generate-gimple-pass.h"
diff --git a/scripts/gcc-plugins/rap_plugin/rap_hash.c b/scripts/gcc-plugins/rap_plugin/rap_hash.c
new file mode 100644
-index 0000000..7c59f38
+index 0000000..161102f
--- /dev/null
+++ b/scripts/gcc-plugins/rap_plugin/rap_hash.c
-@@ -0,0 +1,382 @@
+@@ -0,0 +1,380 @@
+/*
+ * Copyright 2012-2016 by PaX Team <pageexec@freemail.hu>
+ * Licensed under the GPL v2
@@ -174585,8 +174560,6 @@ index 0000000..7c59f38
+ }
+}
+
-+__attribute__((weak)) tree c_global_trees[CTI_MAX];
-+
+// the core computation of the rap hash
+// the first piece is a (hopefully) compiler independent encondig of the type, derived from the gcc tree code
+// the second piece is type specific information, such as the size, qualifiers, (recursively) referenced types, etc
diff --git a/4.8.13/4425_grsec_remove_EI_PAX.patch b/4.8.14/4425_grsec_remove_EI_PAX.patch
similarity index 100%
rename from 4.8.13/4425_grsec_remove_EI_PAX.patch
rename to 4.8.14/4425_grsec_remove_EI_PAX.patch
diff --git a/4.8.13/4427_force_XATTR_PAX_tmpfs.patch b/4.8.14/4427_force_XATTR_PAX_tmpfs.patch
similarity index 95%
rename from 4.8.13/4427_force_XATTR_PAX_tmpfs.patch
rename to 4.8.14/4427_force_XATTR_PAX_tmpfs.patch
index 2562d2f..caecb91 100644
--- a/4.8.13/4427_force_XATTR_PAX_tmpfs.patch
+++ b/4.8.14/4427_force_XATTR_PAX_tmpfs.patch
@@ -14,7 +14,7 @@ diff -Naur a/mm/shmem.c b/mm/shmem.c
static int shmem_user_xattr_handler_set(const struct xattr_handler *handler,
struct dentry *dentry, struct inode *inode,
const char *name, const void *value,
-@@ -3271,7 +3270,6 @@
+@@ -3273,7 +3272,6 @@
name = xattr_full_name(handler, name);
return simple_xattr_set(&info->xattrs, name, value, size, flags);
}
@@ -22,7 +22,7 @@ diff -Naur a/mm/shmem.c b/mm/shmem.c
static const struct xattr_handler shmem_security_xattr_handler = {
.prefix = XATTR_SECURITY_PREFIX,
-@@ -3285,13 +3283,11 @@
+@@ -3287,13 +3285,11 @@
.set = shmem_xattr_handler_set,
};
@@ -36,7 +36,7 @@ diff -Naur a/mm/shmem.c b/mm/shmem.c
static const struct xattr_handler *shmem_xattr_handlers[] = {
#ifdef CONFIG_TMPFS_POSIX_ACL
-@@ -3301,9 +3297,7 @@
+@@ -3303,9 +3299,7 @@
&shmem_security_xattr_handler,
&shmem_trusted_xattr_handler,
diff --git a/4.8.13/4430_grsec-remove-localversion-grsec.patch b/4.8.14/4430_grsec-remove-localversion-grsec.patch
similarity index 100%
rename from 4.8.13/4430_grsec-remove-localversion-grsec.patch
rename to 4.8.14/4430_grsec-remove-localversion-grsec.patch
diff --git a/4.8.13/4435_grsec-mute-warnings.patch b/4.8.14/4435_grsec-mute-warnings.patch
similarity index 100%
rename from 4.8.13/4435_grsec-mute-warnings.patch
rename to 4.8.14/4435_grsec-mute-warnings.patch
diff --git a/4.8.13/4440_grsec-remove-protected-paths.patch b/4.8.14/4440_grsec-remove-protected-paths.patch
similarity index 100%
rename from 4.8.13/4440_grsec-remove-protected-paths.patch
rename to 4.8.14/4440_grsec-remove-protected-paths.patch
diff --git a/4.8.13/4450_grsec-kconfig-default-gids.patch b/4.8.14/4450_grsec-kconfig-default-gids.patch
similarity index 96%
rename from 4.8.13/4450_grsec-kconfig-default-gids.patch
rename to 4.8.14/4450_grsec-kconfig-default-gids.patch
index 6fd0511..cee6e27 100644
--- a/4.8.13/4450_grsec-kconfig-default-gids.patch
+++ b/4.8.14/4450_grsec-kconfig-default-gids.patch
@@ -16,7 +16,7 @@ from shooting themselves in the foot.
diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
--- a/grsecurity/Kconfig 2012-10-13 09:51:35.000000000 -0400
+++ b/grsecurity/Kconfig 2012-10-13 09:52:32.000000000 -0400
-@@ -699,7 +699,7 @@
+@@ -700,7 +700,7 @@
config GRKERNSEC_AUDIT_GID
int "GID for auditing"
depends on GRKERNSEC_AUDIT_GROUP
@@ -25,7 +25,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
config GRKERNSEC_EXECLOG
bool "Exec logging"
-@@ -948,7 +948,7 @@
+@@ -949,7 +949,7 @@
config GRKERNSEC_TPE_UNTRUSTED_GID
int "GID for TPE-untrusted users"
depends on GRKERNSEC_TPE && !GRKERNSEC_TPE_INVERT
@@ -34,7 +34,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
help
Setting this GID determines what group TPE restrictions will be
*enabled* for. If the sysctl option is enabled, a sysctl option
-@@ -957,7 +957,7 @@
+@@ -958,7 +958,7 @@
config GRKERNSEC_TPE_TRUSTED_GID
int "GID for TPE-trusted users"
depends on GRKERNSEC_TPE && GRKERNSEC_TPE_INVERT
@@ -43,7 +43,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
help
Setting this GID determines what group TPE restrictions will be
*disabled* for. If the sysctl option is enabled, a sysctl option
-@@ -1042,7 +1042,7 @@
+@@ -1043,7 +1043,7 @@
config GRKERNSEC_SOCKET_ALL_GID
int "GID to deny all sockets for"
depends on GRKERNSEC_SOCKET_ALL
@@ -52,7 +52,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
help
Here you can choose the GID to disable socket access for. Remember to
add the users you want socket access disabled for to the GID
-@@ -1063,7 +1063,7 @@
+@@ -1064,7 +1064,7 @@
config GRKERNSEC_SOCKET_CLIENT_GID
int "GID to deny client sockets for"
depends on GRKERNSEC_SOCKET_CLIENT
@@ -61,7 +61,7 @@ diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
help
Here you can choose the GID to disable client socket access for.
Remember to add the users you want client socket access disabled for to
-@@ -1081,7 +1081,7 @@
+@@ -1082,7 +1082,7 @@
config GRKERNSEC_SOCKET_SERVER_GID
int "GID to deny server sockets for"
depends on GRKERNSEC_SOCKET_SERVER
diff --git a/4.8.13/4465_selinux-avc_audit-log-curr_ip.patch b/4.8.14/4465_selinux-avc_audit-log-curr_ip.patch
similarity index 99%
rename from 4.8.13/4465_selinux-avc_audit-log-curr_ip.patch
rename to 4.8.14/4465_selinux-avc_audit-log-curr_ip.patch
index 7248385..06a5294 100644
--- a/4.8.13/4465_selinux-avc_audit-log-curr_ip.patch
+++ b/4.8.14/4465_selinux-avc_audit-log-curr_ip.patch
@@ -28,7 +28,7 @@ Signed-off-by: Lorenzo Hernandez Garcia-Hierro <lorenzo@gnu.org>
diff -Naur a/grsecurity/Kconfig b/grsecurity/Kconfig
--- a/grsecurity/Kconfig 2011-04-17 19:25:54.000000000 -0400
+++ b/grsecurity/Kconfig 2011-04-17 19:32:53.000000000 -0400
-@@ -1176,6 +1176,27 @@
+@@ -1177,6 +1177,27 @@
menu "Logging Options"
depends on GRKERNSEC
diff --git a/4.8.13/4470_disable-compat_vdso.patch b/4.8.14/4470_disable-compat_vdso.patch
similarity index 100%
rename from 4.8.13/4470_disable-compat_vdso.patch
rename to 4.8.14/4470_disable-compat_vdso.patch
diff --git a/4.8.13/4475_emutramp_default_on.patch b/4.8.14/4475_emutramp_default_on.patch
similarity index 100%
rename from 4.8.13/4475_emutramp_default_on.patch
rename to 4.8.14/4475_emutramp_default_on.patch
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2016-12-14 12:50 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-12-14 12:50 [gentoo-commits] proj/hardened-patchset:master commit in: 4.8.14/, 4.8.13/ Anthony G. Basile
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox