17 files changed, 266 insertions, 181 deletions

diff --git a/include/linux/bitops.h b/include/linux/bitops.h
index 38c2fb7ebe09..6a2a19f14bb2 100644
--- a/include/linux/bitops.h
+++ b/include/linux/bitops.h
@@ -76,6 +76,15 @@ static __inline__ int generic_fls(int x)
  */
 #include <asm/bitops.h>
 
+
+static inline int generic_fls64(__u64 x)
+{
+        __u32 h = x >> 32;
+        if (h)
+                return fls(x) + 32;
+        return fls(x);
+}
+
 static __inline__ int get_bitmask_order(unsigned int count)
 {
         int order;
diff --git a/include/linux/dccp.h b/include/linux/dccp.h
index 71fab4311e92..088529f54965 100644
--- a/include/linux/dccp.h
+++ b/include/linux/dccp.h
@@ -192,10 +192,9 @@ enum {
 #include <linux/workqueue.h>
 
 #include <net/inet_connection_sock.h>
+#include <net/inet_sock.h>
 #include <net/inet_timewait_sock.h>
-#include <net/sock.h>
 #include <net/tcp_states.h>
-#include <net/tcp.h>
 
 enum dccp_state {
         DCCP_OPEN       = TCP_ESTABLISHED,
@@ -408,8 +407,6 @@ struct dccp_ackvec;
  * @dccps_gar - greatest valid ack number received on a non-Sync; initialized to %dccps_iss
  * @dccps_timestamp_time - time of latest TIMESTAMP option
  * @dccps_timestamp_echo - latest timestamp received on a TIMESTAMP option
- * @dccps_ext_header_len - network protocol overhead (IP/IPv6 options)
- * @dccps_pmtu_cookie - Last pmtu seen by socket
  * @dccps_packet_size - Set thru setsockopt
  * @dccps_role - Role of this sock, one of %dccp_role
  * @dccps_ndp_count - number of Non Data Packets since last data packet
@@ -434,8 +431,6 @@ struct dccp_sock {
         __u32                           dccps_timestamp_echo;
         __u32                           dccps_packet_size;
         unsigned long                   dccps_ndp_count;
-        __u16                           dccps_ext_header_len;
-        __u32                           dccps_pmtu_cookie;
         __u32                           dccps_mss_cache;
         struct dccp_options             dccps_options;
         struct dccp_ackvec              *dccps_hc_rx_ackvec;
diff --git a/include/linux/etherdevice.h b/include/linux/etherdevice.h
index 5f49a30eb6f2..745c988359c0 100644
--- a/include/linux/etherdevice.h
+++ b/include/linux/etherdevice.h
@@ -63,10 +63,11 @@ static inline int is_zero_ether_addr(const u8 *addr)
  * @addr: Pointer to a six-byte array containing the Ethernet address
  *
  * Return true if the address is a multicast address.
+ * By definition the broadcast address is also a multicast address.
  */
 static inline int is_multicast_ether_addr(const u8 *addr)
 {
-        return ((addr[0] != 0xff) && (0x01 & addr[0]));
+        return (0x01 & addr[0]);
 }
 
 /**
diff --git a/include/linux/if_pppox.h b/include/linux/if_pppox.h
index e677f73f13dd..4fab3d0a4bce 100644
--- a/include/linux/if_pppox.h
+++ b/include/linux/if_pppox.h
@@ -157,8 +157,7 @@ struct pppox_proto {
 extern int register_pppox_proto(int proto_num, struct pppox_proto *pp);
 extern void unregister_pppox_proto(int proto_num);
 extern void pppox_unbind_sock(struct sock *sk);/* delete ppp-channel binding */
-extern int pppox_channel_ioctl(struct ppp_channel *pc, unsigned int cmd,
-                               unsigned long arg);
+extern int pppox_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg);
 
 /* PPPoX socket states */
 enum {
diff --git a/include/linux/ip.h b/include/linux/ip.h
index 33e8a19a1a0f..9e2eb9a602eb 100644
--- a/include/linux/ip.h
+++ b/include/linux/ip.h
@@ -16,6 +16,7 @@
  */
 #ifndef _LINUX_IP_H
 #define _LINUX_IP_H
+#include <linux/types.h>
 #include <asm/byteorder.h>
 
 #define IPTOS_TOS_MASK          0x1E
@@ -78,126 +79,6 @@
 #define IPOPT_TS_TSANDADDR      1               /* timestamps and addresses */
 #define IPOPT_TS_PRESPEC        3               /* specified modules only */
 
-#ifdef __KERNEL__
-#include <linux/config.h>
-#include <linux/types.h>
-#include <net/request_sock.h>
-#include <net/sock.h>
-#include <linux/igmp.h>
-#include <net/flow.h>
-
-struct ip_options {
-  __u32         faddr;                          /* Saved first hop address */
-  unsigned char optlen;
-  unsigned char srr;
-  unsigned char rr;
-  unsigned char ts;
-  unsigned char is_setbyuser:1,                 /* Set by setsockopt?                   */
-                is_data:1,                      /* Options in __data, rather than skb   */
-                is_strictroute:1,               /* Strict source route                  */
-                srr_is_hit:1,                   /* Packet destination addr was our one  */
-                is_changed:1,                   /* IP checksum more not valid           */      
-                rr_needaddr:1,                  /* Need to record addr of outgoing dev  */
-                ts_needtime:1,                  /* Need to record timestamp             */
-                ts_needaddr:1;                  /* Need to record addr of outgoing dev  */
-  unsigned char router_alert;
-  unsigned char __pad1;
-  unsigned char __pad2;
-  unsigned char __data[0];
-};
-
-#define optlength(opt) (sizeof(struct ip_options) + opt->optlen)
-
-struct inet_request_sock {
-        struct request_sock     req;
-        u32                     loc_addr;
-        u32                     rmt_addr;
-        u16                     rmt_port;
-        u16                     snd_wscale : 4, 
-                                rcv_wscale : 4, 
-                                tstamp_ok  : 1,
-                                sack_ok    : 1,
-                                wscale_ok  : 1,
-                                ecn_ok     : 1,
-                                acked      : 1;
-        struct ip_options       *opt;
-};
-
-static inline struct inet_request_sock *inet_rsk(const struct request_sock *sk)
-{
-        return (struct inet_request_sock *)sk;
-}
-
-struct ipv6_pinfo;
-
-struct inet_sock {
-        /* sk and pinet6 has to be the first two members of inet_sock */
-        struct sock             sk;
-#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
-        struct ipv6_pinfo       *pinet6;
-#endif
-        /* Socket demultiplex comparisons on incoming packets. */
-        __u32                   daddr;          /* Foreign IPv4 addr */
-        __u32                   rcv_saddr;      /* Bound local IPv4 addr */
-        __u16                   dport;          /* Destination port */
-        __u16                   num;            /* Local port */
-        __u32                   saddr;          /* Sending source */
-        __s16                   uc_ttl;         /* Unicast TTL */
-        __u16                   cmsg_flags;
-        struct ip_options       *opt;
-        __u16                   sport;          /* Source port */
-        __u16                   id;             /* ID counter for DF pkts */
-        __u8                    tos;            /* TOS */
-        __u8                    mc_ttl;         /* Multicasting TTL */
-        __u8                    pmtudisc;
-        unsigned                recverr : 1,
-                                freebind : 1,
-                                hdrincl : 1,
-                                mc_loop : 1;
-        int                     mc_index;       /* Multicast device index */
-        __u32                   mc_addr;
-        struct ip_mc_socklist   *mc_list;       /* Group array */
-        /*
-         * Following members are used to retain the infomation to build
-         * an ip header on each ip fragmentation while the socket is corked.
-         */
-        struct {
-                unsigned int            flags;
-                unsigned int            fragsize;
-                struct ip_options       *opt;
-                struct rtable           *rt;
-                int                     length; /* Total length of all frames */
-                u32                     addr;
-                struct flowi            fl;
-        } cork;
-};
-
-#define IPCORK_OPT      1       /* ip-options has been held in ipcork.opt */
-#define IPCORK_ALLFRAG  2       /* always fragment (for ipv6 for now) */
-
-static inline struct inet_sock *inet_sk(const struct sock *sk)
-{
-        return (struct inet_sock *)sk;
-}
-
-static inline void __inet_sk_copy_descendant(struct sock *sk_to,
-                                             const struct sock *sk_from,
-                                             const int ancestor_size)
-{
-        memcpy(inet_sk(sk_to) + 1, inet_sk(sk_from) + 1,
-               sk_from->sk_prot->obj_size - ancestor_size);
-}
-#if !(defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE))
-static inline void inet_sk_copy_descendant(struct sock *sk_to,
-                                           const struct sock *sk_from)
-{
-        __inet_sk_copy_descendant(sk_to, sk_from, sizeof(struct inet_sock));
-}
-#endif
-#endif
-
-extern int inet_sk_rebuild_header(struct sock *sk);
-
 struct iphdr {
 #if defined(__LITTLE_ENDIAN_BITFIELD)
         __u8    ihl:4,
diff --git a/include/linux/ipv6.h b/include/linux/ipv6.h
index e0b922785d98..93bbed5c6cf4 100644
--- a/include/linux/ipv6.h
+++ b/include/linux/ipv6.h
@@ -171,12 +171,13 @@ enum {
 };
 
 #ifdef __KERNEL__
-#include <linux/in6.h>          /* struct sockaddr_in6 */
 #include <linux/icmpv6.h>
-#include <net/if_inet6.h>       /* struct ipv6_mc_socklist */
 #include <linux/tcp.h>
 #include <linux/udp.h>
 
+#include <net/if_inet6.h>       /* struct ipv6_mc_socklist */
+#include <net/inet_sock.h>
+
 /* 
    This structure contains results of exthdrs parsing
    as offsets from skb->nh.
@@ -199,18 +200,17 @@ static inline int inet6_iif(const struct sk_buff *skb)
         return IP6CB(skb)->iif;
 }
 
-struct tcp6_request_sock {
-        struct tcp_request_sock req;
+struct inet6_request_sock {
         struct in6_addr         loc_addr;
         struct in6_addr         rmt_addr;
         struct sk_buff          *pktopts;
         int                     iif;
 };
 
-static inline struct tcp6_request_sock *tcp6_rsk(const struct request_sock *sk)
-{
-        return (struct tcp6_request_sock *)sk;
-}
+struct tcp6_request_sock {
+        struct tcp_request_sock   tcp6rsk_tcp;
+        struct inet6_request_sock tcp6rsk_inet6;
+};
 
 /**
  * struct ipv6_pinfo - ipv6 private area
@@ -298,12 +298,36 @@ struct tcp6_sock {
         struct ipv6_pinfo inet6;
 };
 
+extern int inet6_sk_rebuild_header(struct sock *sk);
+
 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
 static inline struct ipv6_pinfo * inet6_sk(const struct sock *__sk)
 {
         return inet_sk(__sk)->pinet6;
 }
 
+static inline struct inet6_request_sock *
+                        inet6_rsk(const struct request_sock *rsk)
+{
+        return (struct inet6_request_sock *)(((u8 *)rsk) +
+                                             inet_rsk(rsk)->inet6_rsk_offset);
+}
+
+static inline u32 inet6_rsk_offset(struct request_sock *rsk)
+{
+        return rsk->rsk_ops->obj_size - sizeof(struct inet6_request_sock);
+}
+
+static inline struct request_sock *inet6_reqsk_alloc(struct request_sock_ops *ops)
+{
+        struct request_sock *req = reqsk_alloc(ops);
+
+        if (req != NULL)
+                inet_rsk(req)->inet6_rsk_offset = inet6_rsk_offset(req);
+
+        return req;
+}
+
 static inline struct raw6_sock *raw6_sk(const struct sock *sk)
 {
         return (struct raw6_sock *)sk;
@@ -323,28 +347,37 @@ static inline void inet_sk_copy_descendant(struct sock *sk_to,
 #define __ipv6_only_sock(sk)    (inet6_sk(sk)->ipv6only)
 #define ipv6_only_sock(sk)      ((sk)->sk_family == PF_INET6 && __ipv6_only_sock(sk))
 
-#include <linux/tcp.h>
+struct inet6_timewait_sock {
+        struct in6_addr tw_v6_daddr;
+        struct in6_addr tw_v6_rcv_saddr;
+};
 
 struct tcp6_timewait_sock {
-        struct tcp_timewait_sock tw_v6_sk;
-        struct in6_addr          tw_v6_daddr;
-        struct in6_addr          tw_v6_rcv_saddr;
+        struct tcp_timewait_sock   tcp6tw_tcp;
+        struct inet6_timewait_sock tcp6tw_inet6;
 };
 
-static inline struct tcp6_timewait_sock *tcp6_twsk(const struct sock *sk)
+static inline u16 inet6_tw_offset(const struct proto *prot)
 {
-        return (struct tcp6_timewait_sock *)sk;
+        return prot->twsk_prot->twsk_obj_size -
+                        sizeof(struct inet6_timewait_sock);
 }
 
-static inline struct in6_addr *__tcp_v6_rcv_saddr(const struct sock *sk)
+static inline struct inet6_timewait_sock *inet6_twsk(const struct sock *sk)
+{
+        return (struct inet6_timewait_sock *)(((u8 *)sk) +
+                                              inet_twsk(sk)->tw_ipv6_offset);
+}
+
+static inline struct in6_addr *__inet6_rcv_saddr(const struct sock *sk)
 {
         return likely(sk->sk_state != TCP_TIME_WAIT) ?
-                &inet6_sk(sk)->rcv_saddr : &tcp6_twsk(sk)->tw_v6_rcv_saddr;
+                &inet6_sk(sk)->rcv_saddr : &inet6_twsk(sk)->tw_v6_rcv_saddr;
 }
 
-static inline struct in6_addr *tcp_v6_rcv_saddr(const struct sock *sk)
+static inline struct in6_addr *inet6_rcv_saddr(const struct sock *sk)
 {
-        return sk->sk_family == AF_INET6 ? __tcp_v6_rcv_saddr(sk) : NULL;
+        return sk->sk_family == AF_INET6 ? __inet6_rcv_saddr(sk) : NULL;
 }
 
 static inline int inet_v6_ipv6only(const struct sock *sk)
@@ -361,13 +394,19 @@ static inline struct ipv6_pinfo * inet6_sk(const struct sock *__sk)
         return NULL;
 }
 
+static inline struct inet6_request_sock *
+                        inet6_rsk(const struct request_sock *rsk)
+{
+        return NULL;
+}
+
 static inline struct raw6_sock *raw6_sk(const struct sock *sk)
 {
         return NULL;
 }
 
-#define __tcp_v6_rcv_saddr(__sk)        NULL
-#define tcp_v6_rcv_saddr(__sk)          NULL
+#define __inet6_rcv_saddr(__sk) NULL
+#define inet6_rcv_saddr(__sk)   NULL
 #define tcp_twsk_ipv6only(__sk)         0
 #define inet_v6_ipv6only(__sk)          0
 #endif /* defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) */
diff --git a/include/linux/net.h b/include/linux/net.h
index d6a41e6577f6..28195a2d8ff0 100644
--- a/include/linux/net.h
+++ b/include/linux/net.h
@@ -107,7 +107,7 @@ enum sock_type {
 struct socket {
         socket_state            state;
         unsigned long           flags;
-        struct proto_ops        *ops;
+        const struct proto_ops  *ops;
         struct fasync_struct    *fasync_list;
         struct file             *file;
         struct sock             *sk;
@@ -260,7 +260,7 @@ SOCKCALL_WRAP(name, recvmsg, (struct kiocb *iocb, struct socket *sock, struct ms
 SOCKCALL_WRAP(name, mmap, (struct file *file, struct socket *sock, struct vm_area_struct *vma), \
               (file, sock, vma)) \
               \
-static struct proto_ops name##_ops = {                  \
+static const struct proto_ops name##_ops = {                    \
         .family         = fam,                          \
         .owner          = THIS_MODULE,                  \
         .release        = __lock_##name##_release,      \
diff --git a/include/linux/pfkeyv2.h b/include/linux/pfkeyv2.h
index 724066778aff..6351c4055ace 100644
--- a/include/linux/pfkeyv2.h
+++ b/include/linux/pfkeyv2.h
@@ -216,6 +216,16 @@ struct sadb_x_nat_t_port {
 } __attribute__((packed));
 /* sizeof(struct sadb_x_nat_t_port) == 8 */
 
+/* Generic LSM security context */
+struct sadb_x_sec_ctx {
+        uint16_t        sadb_x_sec_len;
+        uint16_t        sadb_x_sec_exttype;
+        uint8_t         sadb_x_ctx_alg;  /* LSMs: e.g., selinux == 1 */
+        uint8_t         sadb_x_ctx_doi;
+        uint16_t        sadb_x_ctx_len;
+} __attribute__((packed));
+/* sizeof(struct sadb_sec_ctx) = 8 */
+
 /* Message types */
 #define SADB_RESERVED           0
 #define SADB_GETSPI             1
@@ -325,7 +335,8 @@ struct sadb_x_nat_t_port {
 #define SADB_X_EXT_NAT_T_SPORT          21
 #define SADB_X_EXT_NAT_T_DPORT          22
 #define SADB_X_EXT_NAT_T_OA             23
-#define SADB_EXT_MAX                    23
+#define SADB_X_EXT_SEC_CTX              24
+#define SADB_EXT_MAX                    24
 
 /* Identity Extension values */
 #define SADB_IDENTTYPE_RESERVED 0
diff --git a/include/linux/pkt_sched.h b/include/linux/pkt_sched.h
index e87b233615b3..d10f35338507 100644
--- a/include/linux/pkt_sched.h
+++ b/include/linux/pkt_sched.h
@@ -429,6 +429,7 @@ enum
         TCA_NETEM_CORR,
         TCA_NETEM_DELAY_DIST,
         TCA_NETEM_REORDER,
+        TCA_NETEM_CORRUPT,
         __TCA_NETEM_MAX,
 };
 
@@ -457,6 +458,12 @@ struct tc_netem_reorder
         __u32   correlation;
 };
 
+struct tc_netem_corrupt
+{
+        __u32   probability;
+        __u32   correlation;
+};
+
 #define NETEM_DIST_SCALE        8192
 
 #endif
diff --git a/include/linux/random.h b/include/linux/random.h
index 7b2adb3322d5..5d6456bcdeba 100644
--- a/include/linux/random.h
+++ b/include/linux/random.h
@@ -52,9 +52,9 @@ extern void get_random_bytes(void *buf, int nbytes);
 void generate_random_uuid(unsigned char uuid_out[16]);
 
 extern __u32 secure_ip_id(__u32 daddr);
-extern u32 secure_tcp_port_ephemeral(__u32 saddr, __u32 daddr, __u16 dport);
-extern u32 secure_tcpv6_port_ephemeral(const __u32 *saddr, const __u32 *daddr, 
-                                       __u16 dport);
+extern u32 secure_ipv4_port_ephemeral(__u32 saddr, __u32 daddr, __u16 dport);
+extern u32 secure_ipv6_port_ephemeral(const __u32 *saddr, const __u32 *daddr, 
+                                      __u16 dport);
 extern __u32 secure_tcp_sequence_number(__u32 saddr, __u32 daddr,
                                         __u16 sport, __u16 dport);
 extern __u32 secure_tcpv6_sequence_number(__u32 *saddr, __u32 *daddr,
diff --git a/include/linux/security.h b/include/linux/security.h
index f7e0ae018712..ef753654daa5 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -59,6 +59,12 @@ struct sk_buff;
 struct sock;
 struct sockaddr;
 struct socket;
+struct flowi;
+struct dst_entry;
+struct xfrm_selector;
+struct xfrm_policy;
+struct xfrm_state;
+struct xfrm_user_sec_ctx;
 
 extern int cap_netlink_send(struct sock *sk, struct sk_buff *skb);
 extern int cap_netlink_recv(struct sk_buff *skb);
@@ -788,6 +794,52 @@ struct swap_info_struct;
  *      which is used to copy security attributes between local stream sockets.
  * @sk_free_security:
  *      Deallocate security structure.
+ * @sk_getsid:
+ *      Retrieve the LSM-specific sid for the sock to enable caching of network
+ *      authorizations.
+ *
+ * Security hooks for XFRM operations.
+ *
+ * @xfrm_policy_alloc_security:
+ *      @xp contains the xfrm_policy being added to Security Policy Database
+ *      used by the XFRM system.
+ *      @sec_ctx contains the security context information being provided by
+ *      the user-level policy update program (e.g., setkey).
+ *      Allocate a security structure to the xp->selector.security field.
+ *      The security field is initialized to NULL when the xfrm_policy is
+ *      allocated.
+ *      Return 0 if operation was successful (memory to allocate, legal context)
+ * @xfrm_policy_clone_security:
+ *      @old contains an existing xfrm_policy in the SPD.
+ *      @new contains a new xfrm_policy being cloned from old.
+ *      Allocate a security structure to the new->selector.security field
+ *      that contains the information from the old->selector.security field.
+ *      Return 0 if operation was successful (memory to allocate).
+ * @xfrm_policy_free_security:
+ *      @xp contains the xfrm_policy
+ *      Deallocate xp->selector.security.
+ * @xfrm_state_alloc_security:
+ *      @x contains the xfrm_state being added to the Security Association
+ *      Database by the XFRM system.
+ *      @sec_ctx contains the security context information being provided by
+ *      the user-level SA generation program (e.g., setkey or racoon).
+ *      Allocate a security structure to the x->sel.security field.  The
+ *      security field is initialized to NULL when the xfrm_state is
+ *      allocated.
+ *      Return 0 if operation was successful (memory to allocate, legal context).
+ * @xfrm_state_free_security:
+ *      @x contains the xfrm_state.
+ *      Deallocate x>sel.security.
+ * @xfrm_policy_lookup:
+ *      @xp contains the xfrm_policy for which the access control is being
+ *      checked.
+ *      @sk_sid contains the sock security label that is used to authorize
+ *      access to the policy xp.
+ *      @dir contains the direction of the flow (input or output).
+ *      Check permission when a sock selects a xfrm_policy for processing
+ *      XFRMs on a packet.  The hook is called when selecting either a
+ *      per-socket policy or a generic xfrm policy.
+ *      Return 0 if permission is granted.
  *
  * Security hooks affecting all Key Management operations
  *
@@ -1237,8 +1289,18 @@ struct security_operations {
         int (*socket_getpeersec) (struct socket *sock, char __user *optval, int __user *optlen, unsigned len);
         int (*sk_alloc_security) (struct sock *sk, int family, gfp_t priority);
         void (*sk_free_security) (struct sock *sk);
+        unsigned int (*sk_getsid) (struct sock *sk, struct flowi *fl, u8 dir);
 #endif  /* CONFIG_SECURITY_NETWORK */
 
+#ifdef CONFIG_SECURITY_NETWORK_XFRM
+        int (*xfrm_policy_alloc_security) (struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx);
+        int (*xfrm_policy_clone_security) (struct xfrm_policy *old, struct xfrm_policy *new);
+        void (*xfrm_policy_free_security) (struct xfrm_policy *xp);
+        int (*xfrm_state_alloc_security) (struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx);
+        void (*xfrm_state_free_security) (struct xfrm_state *x);
+        int (*xfrm_policy_lookup)(struct xfrm_policy *xp, u32 sk_sid, u8 dir);
+#endif  /* CONFIG_SECURITY_NETWORK_XFRM */
+
         /* key management security hooks */
 #ifdef CONFIG_KEYS
         int (*key_alloc)(struct key *key);
@@ -2679,6 +2741,11 @@ static inline void security_sk_free(struct sock *sk)
 {
         return security_ops->sk_free_security(sk);
 }
+
+static inline unsigned int security_sk_sid(struct sock *sk, struct flowi *fl, u8 dir)
+{
+        return security_ops->sk_getsid(sk, fl, dir);
+}
 #else   /* CONFIG_SECURITY_NETWORK */
 static inline int security_unix_stream_connect(struct socket * sock,
                                                struct socket * other, 
@@ -2795,8 +2862,73 @@ static inline int security_sk_alloc(struct sock *sk, int family, gfp_t priority)
 static inline void security_sk_free(struct sock *sk)
 {
 }
+
+static inline unsigned int security_sk_sid(struct sock *sk, struct flowi *fl, u8 dir)
+{
+        return 0;
+}
 #endif  /* CONFIG_SECURITY_NETWORK */
 
+#ifdef CONFIG_SECURITY_NETWORK_XFRM
+static inline int security_xfrm_policy_alloc(struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx)
+{
+        return security_ops->xfrm_policy_alloc_security(xp, sec_ctx);
+}
+
+static inline int security_xfrm_policy_clone(struct xfrm_policy *old, struct xfrm_policy *new)
+{
+        return security_ops->xfrm_policy_clone_security(old, new);
+}
+
+static inline void security_xfrm_policy_free(struct xfrm_policy *xp)
+{
+        security_ops->xfrm_policy_free_security(xp);
+}
+
+static inline int security_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx)
+{
+        return security_ops->xfrm_state_alloc_security(x, sec_ctx);
+}
+
+static inline void security_xfrm_state_free(struct xfrm_state *x)
+{
+        security_ops->xfrm_state_free_security(x);
+}
+
+static inline int security_xfrm_policy_lookup(struct xfrm_policy *xp, u32 sk_sid, u8 dir)
+{
+        return security_ops->xfrm_policy_lookup(xp, sk_sid, dir);
+}
+#else   /* CONFIG_SECURITY_NETWORK_XFRM */
+static inline int security_xfrm_policy_alloc(struct xfrm_policy *xp, struct xfrm_user_sec_ctx *sec_ctx)
+{
+        return 0;
+}
+
+static inline int security_xfrm_policy_clone(struct xfrm_policy *old, struct xfrm_policy *new)
+{
+        return 0;
+}
+
+static inline void security_xfrm_policy_free(struct xfrm_policy *xp)
+{
+}
+
+static inline int security_xfrm_state_alloc(struct xfrm_state *x, struct xfrm_user_sec_ctx *sec_ctx)
+{
+        return 0;
+}
+
+static inline void security_xfrm_state_free(struct xfrm_state *x)
+{
+}
+
+static inline int security_xfrm_policy_lookup(struct xfrm_policy *xp, u32 sk_sid, u8 dir)
+{
+        return 0;
+}
+#endif  /* CONFIG_SECURITY_NETWORK_XFRM */
+
 #ifdef CONFIG_KEYS
 #ifdef CONFIG_SECURITY
 static inline int security_key_alloc(struct key *key)
diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h
index 8c5d6001a923..483cfc47ec34 100644
--- a/include/linux/skbuff.h
+++ b/include/linux/skbuff.h
@@ -32,7 +32,6 @@
 
 #define HAVE_ALLOC_SKB          /* For the drivers to know */
 #define HAVE_ALIGNABLE_SKB      /* Ditto 8)                */
-#define SLAB_SKB                /* Slabified skbuffs       */
 
 #define CHECKSUM_NONE 0
 #define CHECKSUM_HW 1
@@ -134,7 +133,7 @@ struct skb_frag_struct {
  */
 struct skb_shared_info {
         atomic_t        dataref;
-        unsigned int    nr_frags;
+        unsigned short  nr_frags;
         unsigned short  tso_size;
         unsigned short  tso_segs;
         unsigned short  ufo_size;
@@ -1239,6 +1238,8 @@ extern int	       skb_copy_and_csum_datagram_iovec(struct sk_buff *skb,
                                                         int hlen,
                                                         struct iovec *iov);
 extern void            skb_free_datagram(struct sock *sk, struct sk_buff *skb);
+extern void            skb_kill_datagram(struct sock *sk, struct sk_buff *skb,
+                                         unsigned int flags);
 extern unsigned int    skb_checksum(const struct sk_buff *skb, int offset,
                                     int len, unsigned int csum);
 extern int             skb_copy_bits(const struct sk_buff *skb, int offset,
diff --git a/include/linux/socket.h b/include/linux/socket.h
index 1739c2d5b95b..9f4019156fd8 100644
--- a/include/linux/socket.h
+++ b/include/linux/socket.h
@@ -27,7 +27,6 @@ struct __kernel_sockaddr_storage {
 #include <linux/compiler.h>             /* __user                       */
 
 extern int sysctl_somaxconn;
-extern void sock_init(void);
 #ifdef CONFIG_PROC_FS
 struct seq_file;
 extern void socket_seq_show(struct seq_file *seq);
diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h
index 4be34ef8c2f7..93fa765e47d3 100644
--- a/include/linux/sysctl.h
+++ b/include/linux/sysctl.h
@@ -390,6 +390,7 @@ enum
         NET_IPV4_ICMP_ERRORS_USE_INBOUND_IFADDR=109,
         NET_TCP_CONG_CONTROL=110,
         NET_TCP_ABC=111,
+        NET_IPV4_IPFRAG_MAX_DIST=112,
 };
 
 enum {
diff --git a/include/linux/tcp.h b/include/linux/tcp.h
index 0e1da6602e05..f2bb2396853f 100644
--- a/include/linux/tcp.h
+++ b/include/linux/tcp.h
@@ -55,22 +55,6 @@ struct tcphdr {
         __u16   urg_ptr;
 };
 
-#define TCP_ACTION_FIN  (1 << 7)
-
-enum {
-  TCPF_ESTABLISHED = (1 << 1),
-  TCPF_SYN_SENT  = (1 << 2),
-  TCPF_SYN_RECV  = (1 << 3),
-  TCPF_FIN_WAIT1 = (1 << 4),
-  TCPF_FIN_WAIT2 = (1 << 5),
-  TCPF_TIME_WAIT = (1 << 6),
-  TCPF_CLOSE     = (1 << 7),
-  TCPF_CLOSE_WAIT = (1 << 8),
-  TCPF_LAST_ACK  = (1 << 9),
-  TCPF_LISTEN    = (1 << 10),
-  TCPF_CLOSING   = (1 << 11) 
-};
-
 /*
  *      The union cast uses a gcc extension to avoid aliasing problems
  *  (union is compatible to any of its members)
@@ -254,10 +238,9 @@ struct tcp_sock {
         __u32   snd_wl1;        /* Sequence for window update           */
         __u32   snd_wnd;        /* The window we expect to receive      */
         __u32   max_window;     /* Maximal window ever seen from peer   */
-        __u32   pmtu_cookie;    /* Last pmtu seen by socket             */
         __u32   mss_cache;      /* Cached effective mss, not including SACKS */
         __u16   xmit_size_goal; /* Goal for segmenting output packets   */
-        __u16   ext_header_len; /* Network protocol overhead (IP/IPv6 options) */
+        /* XXX Two bytes hole, try to pack */
 
         __u32   window_clamp;   /* Maximal window to advertise          */
         __u32   rcv_ssthresh;   /* Current window clamp                 */
@@ -295,8 +278,6 @@ struct tcp_sock {
 
         struct sk_buff_head     out_of_order_queue; /* Out of order segments go here */
 
-        struct tcp_func         *af_specific;   /* Operations which are AF_INET{4,6} specific   */
-
         __u32   rcv_wnd;        /* Current receiver window              */
         __u32   rcv_wup;        /* rcv_nxt on last window update sent   */
         __u32   write_seq;      /* Tail(+1) of data held in tcp send buffer */
diff --git a/include/linux/udp.h b/include/linux/udp.h
index b60e0b4a25c4..85a55658831c 100644
--- a/include/linux/udp.h
+++ b/include/linux/udp.h
@@ -35,10 +35,10 @@ struct udphdr {
 #define UDP_ENCAP_ESPINUDP      2 /* draft-ietf-ipsec-udp-encaps-06 */
 
 #ifdef __KERNEL__
-
 #include <linux/config.h>
-#include <net/sock.h>
-#include <linux/ip.h>
+#include <linux/types.h>
+
+#include <net/inet_sock.h>
 
 struct udp_sock {
         /* inet_sock has to be the first member */
diff --git a/include/linux/xfrm.h b/include/linux/xfrm.h
index 0fb077d68441..82fbb758e28f 100644
--- a/include/linux/xfrm.h
+++ b/include/linux/xfrm.h
@@ -27,6 +27,22 @@ struct xfrm_id
         __u8            proto;
 };
 
+struct xfrm_sec_ctx {
+        __u8    ctx_doi;
+        __u8    ctx_alg;
+        __u16   ctx_len;
+        __u32   ctx_sid;
+        char    ctx_str[0];
+};
+
+/* Security Context Domains of Interpretation */
+#define XFRM_SC_DOI_RESERVED 0
+#define XFRM_SC_DOI_LSM 1
+
+/* Security Context Algorithms */
+#define XFRM_SC_ALG_RESERVED 0
+#define XFRM_SC_ALG_SELINUX 1
+
 /* Selector, used as selector both on policy rules (SPD) and SAs. */
 
 struct xfrm_selector
@@ -146,6 +162,18 @@ enum {
 
 #define XFRM_NR_MSGTYPES (XFRM_MSG_MAX + 1 - XFRM_MSG_BASE)
 
+/*
+ * Generic LSM security context for comunicating to user space
+ * NOTE: Same format as sadb_x_sec_ctx
+ */
+struct xfrm_user_sec_ctx {
+        __u16                   len;
+        __u16                   exttype;
+        __u8                    ctx_alg;  /* LSMs: e.g., selinux == 1 */
+        __u8                    ctx_doi;
+        __u16                   ctx_len;
+};
+
 struct xfrm_user_tmpl {
         struct xfrm_id          id;
         __u16                   family;
@@ -176,6 +204,7 @@ enum xfrm_attr_type_t {
         XFRMA_TMPL,             /* 1 or more struct xfrm_user_tmpl */
         XFRMA_SA,
         XFRMA_POLICY,
+        XFRMA_SEC_CTX,          /* struct xfrm_sec_ctx */
         __XFRMA_MAX
 
 #define XFRMA_MAX (__XFRMA_MAX - 1)