aboutsummaryrefslogtreecommitdiffstats
path: root/target/linux/generic/pending-4.9/670-ipv6-allow-rejecting-with-source-address-failed-policy.patch
diff options
context:
space:
mode:
authorStijn Tintel <stijn@linux-ipv6.be>2017-09-20 23:18:24 +0300
committerStijn Tintel <stijn@linux-ipv6.be>2017-09-20 23:50:55 +0300
commit6e48eb22b8d9039b27579283cbe46737a2f4ad80 (patch)
treed0143e45d4a3513d6596f509d5b31a6304e05abb /target/linux/generic/pending-4.9/670-ipv6-allow-rejecting-with-source-address-failed-policy.patch
parent6c32e052188e471fe13d4934df24275b74ad3a60 (diff)
downloadupstream-6e48eb22b8d9039b27579283cbe46737a2f4ad80.tar.gz
upstream-6e48eb22b8d9039b27579283cbe46737a2f4ad80.tar.bz2
upstream-6e48eb22b8d9039b27579283cbe46737a2f4ad80.zip
kernel: update 4.9 to 4.9.51
Refresh patches. Compile-tested on octeon and x86/64. Runtime-tested on octeon and x86/64. Fixes the following CVEs: - CVE-2017-14106 - CVE-2017-14497 Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Diffstat (limited to 'target/linux/generic/pending-4.9/670-ipv6-allow-rejecting-with-source-address-failed-policy.patch')
-rw-r--r--target/linux/generic/pending-4.9/670-ipv6-allow-rejecting-with-source-address-failed-policy.patch18
1 files changed, 9 insertions, 9 deletions
diff --git a/target/linux/generic/pending-4.9/670-ipv6-allow-rejecting-with-source-address-failed-policy.patch b/target/linux/generic/pending-4.9/670-ipv6-allow-rejecting-with-source-address-failed-policy.patch
index aceedaed81..3b09bffa15 100644
--- a/target/linux/generic/pending-4.9/670-ipv6-allow-rejecting-with-source-address-failed-policy.patch
+++ b/target/linux/generic/pending-4.9/670-ipv6-allow-rejecting-with-source-address-failed-policy.patch
@@ -141,7 +141,7 @@ Signed-off-by: Jonas Gorski <jogo@openwrt.org>
static const struct rt6_info ip6_blk_hole_entry_template = {
.dst = {
.__refcnt = ATOMIC_INIT(1),
-@@ -1957,6 +1974,11 @@ static struct rt6_info *ip6_route_info_c
+@@ -1966,6 +1983,11 @@ static struct rt6_info *ip6_route_info_c
rt->dst.output = ip6_pkt_prohibit_out;
rt->dst.input = ip6_pkt_prohibit;
break;
@@ -153,7 +153,7 @@ Signed-off-by: Jonas Gorski <jogo@openwrt.org>
case RTN_THROW:
case RTN_UNREACHABLE:
default:
-@@ -2600,6 +2622,17 @@ static int ip6_pkt_prohibit_out(struct n
+@@ -2609,6 +2631,17 @@ static int ip6_pkt_prohibit_out(struct n
return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_OUTNOROUTES);
}
@@ -171,7 +171,7 @@ Signed-off-by: Jonas Gorski <jogo@openwrt.org>
/*
* Allocate a dst for local (unicast / anycast) address.
*/
-@@ -2835,7 +2868,8 @@ static int rtm_to_fib6_config(struct sk_
+@@ -2844,7 +2877,8 @@ static int rtm_to_fib6_config(struct sk_
if (rtm->rtm_type == RTN_UNREACHABLE ||
rtm->rtm_type == RTN_BLACKHOLE ||
rtm->rtm_type == RTN_PROHIBIT ||
@@ -181,7 +181,7 @@ Signed-off-by: Jonas Gorski <jogo@openwrt.org>
cfg->fc_flags |= RTF_REJECT;
if (rtm->rtm_type == RTN_LOCAL)
-@@ -3207,6 +3241,9 @@ static int rt6_fill_node(struct net *net
+@@ -3216,6 +3250,9 @@ static int rt6_fill_node(struct net *net
case -EACCES:
rtm->rtm_type = RTN_PROHIBIT;
break;
@@ -191,7 +191,7 @@ Signed-off-by: Jonas Gorski <jogo@openwrt.org>
case -EAGAIN:
rtm->rtm_type = RTN_THROW;
break;
-@@ -3483,6 +3520,8 @@ static int ip6_route_dev_notify(struct n
+@@ -3492,6 +3529,8 @@ static int ip6_route_dev_notify(struct n
#ifdef CONFIG_IPV6_MULTIPLE_TABLES
net->ipv6.ip6_prohibit_entry->dst.dev = dev;
net->ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(dev);
@@ -200,7 +200,7 @@ Signed-off-by: Jonas Gorski <jogo@openwrt.org>
net->ipv6.ip6_blk_hole_entry->dst.dev = dev;
net->ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(dev);
#endif
-@@ -3705,6 +3744,17 @@ static int __net_init ip6_route_net_init
+@@ -3714,6 +3753,17 @@ static int __net_init ip6_route_net_init
net->ipv6.ip6_blk_hole_entry->dst.ops = &net->ipv6.ip6_dst_ops;
dst_init_metrics(&net->ipv6.ip6_blk_hole_entry->dst,
ip6_template_metrics, true);
@@ -218,7 +218,7 @@ Signed-off-by: Jonas Gorski <jogo@openwrt.org>
#endif
net->ipv6.sysctl.flush_delay = 0;
-@@ -3723,6 +3773,8 @@ out:
+@@ -3732,6 +3782,8 @@ out:
return ret;
#ifdef CONFIG_IPV6_MULTIPLE_TABLES
@@ -227,7 +227,7 @@ Signed-off-by: Jonas Gorski <jogo@openwrt.org>
out_ip6_prohibit_entry:
kfree(net->ipv6.ip6_prohibit_entry);
out_ip6_null_entry:
-@@ -3740,6 +3792,7 @@ static void __net_exit ip6_route_net_exi
+@@ -3749,6 +3801,7 @@ static void __net_exit ip6_route_net_exi
#ifdef CONFIG_IPV6_MULTIPLE_TABLES
kfree(net->ipv6.ip6_prohibit_entry);
kfree(net->ipv6.ip6_blk_hole_entry);
@@ -235,7 +235,7 @@ Signed-off-by: Jonas Gorski <jogo@openwrt.org>
#endif
dst_entries_destroy(&net->ipv6.ip6_dst_ops);
}
-@@ -3813,6 +3866,9 @@ void __init ip6_route_init_special_entri
+@@ -3822,6 +3875,9 @@ void __init ip6_route_init_special_entri
init_net.ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
init_net.ipv6.ip6_blk_hole_entry->dst.dev = init_net.loopback_dev;
init_net.ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);