32 files changed, 94 insertions, 26 deletions
diff --git a/include/asm-alpha/socket.h b/include/asm-alpha/socket.h
index b5193229132a..d22ab97ea72e 100644
--- a/include/asm-alpha/socket.h
+++ b/include/asm-alpha/socket.h
@@ -51,6 +51,7 @@
 #define SCM_TIMESTAMP           SO_TIMESTAMP
 #define SO_PEERSEC              30
+#define SO_PASSSEC              34
 /* Security levels - as per NRL IPv6 - don't actually do anything */
 #define SO_SECURITY_AUTHENTICATION              19
diff --git a/include/asm-arm/socket.h b/include/asm-arm/socket.h
index 3c51da6438c9..19f7df702b06 100644
--- a/include/asm-arm/socket.h
+++ b/include/asm-arm/socket.h
@@ -48,5 +48,6 @@
 #define SO_ACCEPTCONN           30
 #define SO_PEERSEC              31
+#define SO_PASSSEC              34
 #endif /* _ASM_SOCKET_H */
diff --git a/include/asm-arm26/socket.h b/include/asm-arm26/socket.h
index 3c51da6438c9..19f7df702b06 100644
--- a/include/asm-arm26/socket.h
+++ b/include/asm-arm26/socket.h
@@ -48,5 +48,6 @@
 #define SO_ACCEPTCONN           30
 #define SO_PEERSEC              31
+#define SO_PASSSEC              34
 #endif /* _ASM_SOCKET_H */
diff --git a/include/asm-cris/socket.h b/include/asm-cris/socket.h
index 8b1da3e58c55..01cfdf1d6d33 100644
--- a/include/asm-cris/socket.h
+++ b/include/asm-cris/socket.h
@@ -50,6 +50,7 @@
 #define SO_ACCEPTCONN          30
 #define SO_PEERSEC             31
+#define SO_PASSSEC              34
 #endif /* _ASM_SOCKET_H */
diff --git a/include/asm-frv/socket.h b/include/asm-frv/socket.h
index 7177f8b9817c..31db18fc871f 100644
--- a/include/asm-frv/socket.h
+++ b/include/asm-frv/socket.h
@@ -48,6 +48,7 @@
 #define SO_ACCEPTCONN           30
 #define SO_PEERSEC              31
+#define SO_PASSSEC              34
 #endif /* _ASM_SOCKET_H */
diff --git a/include/asm-h8300/socket.h b/include/asm-h8300/socket.h
index d98cf85bafc1..ebc830fee0d0 100644
--- a/include/asm-h8300/socket.h
+++ b/include/asm-h8300/socket.h
@@ -48,5 +48,6 @@
 #define SO_ACCEPTCONN           30
 #define SO_PEERSEC              31
+#define SO_PASSSEC              34
 #endif /* _ASM_SOCKET_H */
diff --git a/include/asm-i386/socket.h b/include/asm-i386/socket.h
index 802ae76195b7..5755d57c4e95 100644
--- a/include/asm-i386/socket.h
+++ b/include/asm-i386/socket.h
@@ -48,5 +48,6 @@
 #define SO_ACCEPTCONN           30
 #define SO_PEERSEC              31
+#define SO_PASSSEC              34
 #endif /* _ASM_SOCKET_H */
diff --git a/include/asm-ia64/socket.h b/include/asm-ia64/socket.h
index a255006fb7b5..d638ef3d50c3 100644
--- a/include/asm-ia64/socket.h
+++ b/include/asm-ia64/socket.h
@@ -57,5 +57,6 @@
 #define SO_ACCEPTCONN           30
 #define SO_PEERSEC             31
+#define SO_PASSSEC              34
 #endif /* _ASM_IA64_SOCKET_H */
diff --git a/include/asm-m32r/socket.h b/include/asm-m32r/socket.h
index 8b6680f223c0..acdf748fcdc8 100644
--- a/include/asm-m32r/socket.h
+++ b/include/asm-m32r/socket.h
@@ -48,5 +48,6 @@
 #define SO_ACCEPTCONN           30
 #define SO_PEERSEC              31
+#define SO_PASSSEC              34
 #endif /* _ASM_M32R_SOCKET_H */
diff --git a/include/asm-m68k/socket.h b/include/asm-m68k/socket.h
index f578ca4b776a..a5966ec005ae 100644
--- a/include/asm-m68k/socket.h
+++ b/include/asm-m68k/socket.h
@@ -48,5 +48,6 @@
 #define SO_ACCEPTCONN           30
 #define SO_PEERSEC             31
+#define SO_PASSSEC              34
 #endif /* _ASM_SOCKET_H */
diff --git a/include/asm-mips/socket.h b/include/asm-mips/socket.h
index 0bb31e5aaca6..36ebe4e186a7 100644
--- a/include/asm-mips/socket.h
+++ b/include/asm-mips/socket.h
@@ -69,6 +69,7 @@ To add: #define SO_REUSEPORT 0x0200	/* Allow local address and port reuse.  */
 #define SO_PEERSEC              30
 #define SO_SNDBUFFORCE          31
 #define SO_RCVBUFFORCE          33
+#define SO_PASSSEC              34
 #ifdef __KERNEL__
diff --git a/include/asm-parisc/socket.h b/include/asm-parisc/socket.h
index 1bf54dc53c10..ce2eae1708b5 100644
--- a/include/asm-parisc/socket.h
+++ b/include/asm-parisc/socket.h
@@ -48,5 +48,6 @@
 #define SO_ACCEPTCONN           0x401c
 #define SO_PEERSEC              0x401d
+#define SO_PASSSEC              0x401e
 #endif /* _ASM_SOCKET_H */
diff --git a/include/asm-powerpc/socket.h b/include/asm-powerpc/socket.h
index e4b8177d4acc..c8b1da50e72d 100644
--- a/include/asm-powerpc/socket.h
+++ b/include/asm-powerpc/socket.h
@@ -55,5 +55,6 @@
 #define SO_ACCEPTCONN           30
 #define SO_PEERSEC              31
+#define SO_PASSSEC              34
 #endif  /* _ASM_POWERPC_SOCKET_H */
diff --git a/include/asm-s390/socket.h b/include/asm-s390/socket.h
index 15a5298c8744..1778a49a74c5 100644
--- a/include/asm-s390/socket.h
+++ b/include/asm-s390/socket.h
@@ -56,5 +56,6 @@
 #define SO_ACCEPTCONN           30
 #define SO_PEERSEC              31
+#define SO_PASSSEC              34
 #endif /* _ASM_SOCKET_H */
diff --git a/include/asm-sh/socket.h b/include/asm-sh/socket.h
index 553904ff9336..ca70362eb563 100644
--- a/include/asm-sh/socket.h
+++ b/include/asm-sh/socket.h
@@ -48,5 +48,6 @@
 #define SO_ACCEPTCONN           30
 #define SO_PEERSEC              31
+#define SO_PASSSEC              34
 #endif /* __ASM_SH_SOCKET_H */
diff --git a/include/asm-sparc/socket.h b/include/asm-sparc/socket.h
index 4e0ce3a35ea9..f6c4e5baf3f7 100644
--- a/include/asm-sparc/socket.h
+++ b/include/asm-sparc/socket.h
@@ -48,6 +48,7 @@
 #define SCM_TIMESTAMP           SO_TIMESTAMP
 #define SO_PEERSEC              0x001e
+#define SO_PASSSEC              0x001f
 /* Security levels - as per NRL IPv6 - don't actually do anything */
 #define SO_SECURITY_AUTHENTICATION              0x5001
diff --git a/include/asm-sparc64/socket.h b/include/asm-sparc64/socket.h
index 59987dad3359..754d46a50af3 100644
--- a/include/asm-sparc64/socket.h
+++ b/include/asm-sparc64/socket.h
@@ -48,6 +48,7 @@
 #define SCM_TIMESTAMP           SO_TIMESTAMP
 #define SO_PEERSEC              0x001e
+#define SO_PASSSEC              0x001f
 /* Security levels - as per NRL IPv6 - don't actually do anything */
 #define SO_SECURITY_AUTHENTICATION              0x5001
diff --git a/include/asm-v850/socket.h b/include/asm-v850/socket.h
index 0240d366a0a4..0dfe55ac2ef2 100644
--- a/include/asm-v850/socket.h
+++ b/include/asm-v850/socket.h
@@ -48,5 +48,6 @@
 #define SO_ACCEPTCONN           30
 #define SO_PEERSEC              31
+#define SO_PASSSEC              34
 #endif /* __V850_SOCKET_H__ */
diff --git a/include/asm-x86_64/socket.h b/include/asm-x86_64/socket.h
index f2cdbeae5d5b..b46702607933 100644
--- a/include/asm-x86_64/socket.h
+++ b/include/asm-x86_64/socket.h
@@ -48,5 +48,6 @@
 #define SO_ACCEPTCONN           30
 #define SO_PEERSEC             31
+#define SO_PASSSEC              34
 #endif /* _ASM_SOCKET_H */
diff --git a/include/asm-xtensa/socket.h b/include/asm-xtensa/socket.h
index 00f83f3a6d72..971d231be60e 100644
--- a/include/asm-xtensa/socket.h
+++ b/include/asm-xtensa/socket.h
@@ -59,5 +59,6 @@
 #define SO_ACCEPTCONN           30
 #define SO_PEERSEC              31
+#define SO_PASSSEC              34
 #endif  /* _XTENSA_SOCKET_H */
diff --git a/include/linux/atmdev.h b/include/linux/atmdev.h
index 1eb238affb12..41788a31c438 100644
--- a/include/linux/atmdev.h
+++ b/include/linux/atmdev.h
@@ -7,6 +7,7 @@
 #define LINUX_ATMDEV_H
+#include <linux/device.h>
 #include <linux/atmapi.h>
 #include <linux/atm.h>
 #include <linux/atmioc.h>
@@ -358,6 +359,7 @@ struct atm_dev {
        struct proc_dir_entry *proc_entry; /* proc entry */
        char *proc_name;                /* proc entry name */
 #endif
+        struct class_device class_dev;  /* sysfs class device */
        struct list_head dev_list;      /* linkage */
 };
@@ -459,7 +461,7 @@ static inline void atm_dev_put(struct atm_dev *dev)
                BUG_ON(!test_bit(ATM_DF_REMOVED, &dev->flags));
                if (dev->ops->dev_close)
                        dev->ops->dev_close(dev);
-                kfree(dev);
+                class_device_put(&dev->class_dev);
        }
 }
diff --git a/include/linux/net.h b/include/linux/net.h
index 385e68f5bd93..b20c53c74413 100644
--- a/include/linux/net.h
+++ b/include/linux/net.h
@@ -61,6 +61,7 @@ typedef enum {
 #define SOCK_ASYNC_WAITDATA     1
 #define SOCK_NOSPACE            2
 #define SOCK_PASSCRED           3
+#define SOCK_PASSSEC            4
 #ifndef ARCH_HAS_SOCKET_TYPES
 /**
diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h
index 03cd7551a7a1..aa2d3c12c4d8 100644
--- a/include/linux/netdevice.h
+++ b/include/linux/netdevice.h
@@ -315,6 +315,8 @@ struct net_device
 #define NETIF_F_GSO_SHIFT       16
 #define NETIF_F_TSO             (SKB_GSO_TCPV4 << NETIF_F_GSO_SHIFT)
 #define NETIF_F_UFO             (SKB_GSO_UDPV4 << NETIF_F_GSO_SHIFT)
+#define NETIF_F_GSO_ROBUST      (SKB_GSO_DODGY << NETIF_F_GSO_SHIFT)
+#define NETIF_F_TSO_ECN         (SKB_GSO_TCPV4_ECN << NETIF_F_GSO_SHIFT)
 #define NETIF_F_GEN_CSUM        (NETIF_F_NO_CSUM | NETIF_F_HW_CSUM)
 #define NETIF_F_ALL_CSUM        (NETIF_F_IP_CSUM | NETIF_F_GEN_CSUM)
@@ -543,7 +545,8 @@ struct packet_type {
                                         struct net_device *,
                                         struct packet_type *,
                                         struct net_device *);
-        struct sk_buff          *(*gso_segment)(struct sk_buff *skb, int sg);
+        struct sk_buff          *(*gso_segment)(struct sk_buff *skb,
+                                                int features);
        void                    *af_packet_priv;
        struct list_head        list;
 };
@@ -968,7 +971,7 @@ extern int		netdev_max_backlog;
 extern int              weight_p;
 extern int              netdev_set_master(struct net_device *dev, struct net_device *master);
 extern int skb_checksum_help(struct sk_buff *skb, int inward);
-extern struct sk_buff *skb_gso_segment(struct sk_buff *skb, int sg);
+extern struct sk_buff *skb_gso_segment(struct sk_buff *skb, int features);
 #ifdef CONFIG_BUG
 extern void netdev_rx_csum_fault(struct net_device *dev);
 #else
@@ -988,11 +991,16 @@ extern void dev_seq_stop(struct seq_file *seq, void *v);
 extern void linkwatch_run_queue(void);
+static inline int skb_gso_ok(struct sk_buff *skb, int features)
+{
+        int feature = skb_shinfo(skb)->gso_size ?
+                      skb_shinfo(skb)->gso_type << NETIF_F_GSO_SHIFT : 0;
+        return (features & feature) == feature;
+}
 static inline int netif_needs_gso(struct net_device *dev, struct sk_buff *skb)
 {
-        int feature = skb_shinfo(skb)->gso_type << NETIF_F_GSO_SHIFT;
+        return !skb_gso_ok(skb, dev->features);
-        return skb_shinfo(skb)->gso_size &&
-               (dev->features & feature) != feature;
 }
 #endif /* __KERNEL__ */
diff --git a/include/linux/security.h b/include/linux/security.h
index 51805806f974..c7ea15716dce 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -67,7 +67,7 @@ struct xfrm_state;
 struct xfrm_user_sec_ctx;
 extern int cap_netlink_send(struct sock *sk, struct sk_buff *skb);
-extern int cap_netlink_recv(struct sk_buff *skb);
+extern int cap_netlink_recv(struct sk_buff *skb, int cap);
 /*
 * Values used in the task_security_ops calls
@@ -656,6 +656,7 @@ struct swap_info_struct;
 *      Check permission before processing the received netlink message in
 *      @skb.
 *      @skb contains the sk_buff structure for the netlink message.
+ *      @cap indicates the capability required
 *      Return 0 if permission is granted.
 *
 * Security hooks for Unix domain networking.
@@ -1266,7 +1267,7 @@ struct security_operations {
                          struct sembuf * sops, unsigned nsops, int alter);
        int (*netlink_send) (struct sock * sk, struct sk_buff * skb);
-        int (*netlink_recv) (struct sk_buff * skb);
+        int (*netlink_recv) (struct sk_buff * skb, int cap);
        /* allow module stacking */
        int (*register_security) (const char *name,
@@ -2032,9 +2033,9 @@ static inline int security_netlink_send(struct sock *sk, struct sk_buff * skb)
        return security_ops->netlink_send(sk, skb);
 }
-static inline int security_netlink_recv(struct sk_buff * skb)
+static inline int security_netlink_recv(struct sk_buff * skb, int cap)
 {
-        return security_ops->netlink_recv(skb);
+        return security_ops->netlink_recv(skb, cap);
 }
 /* prototypes */
@@ -2670,9 +2671,9 @@ static inline int security_netlink_send (struct sock *sk, struct sk_buff *skb)
        return cap_netlink_send (sk, skb);
 }
-static inline int security_netlink_recv (struct sk_buff *skb)
+static inline int security_netlink_recv (struct sk_buff *skb, int cap)
 {
-        return cap_netlink_recv (skb);
+        return cap_netlink_recv (skb, cap);
 }
 static inline struct dentry *securityfs_create_dir(const char *name,
diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h
index 16eef03ce0eb..59918be91d0a 100644
--- a/include/linux/skbuff.h
+++ b/include/linux/skbuff.h
@@ -172,6 +172,12 @@ enum {
 enum {
        SKB_GSO_TCPV4 = 1 << 0,
        SKB_GSO_UDPV4 = 1 << 1,
+        /* This indicates the skb is from an untrusted source. */
+        SKB_GSO_DODGY = 1 << 2,
+        /* This indicates the tcp segment has CWR set. */
+        SKB_GSO_TCPV4_ECN = 1 << 3,
 };
 /** 
@@ -1298,8 +1304,7 @@ extern void	       skb_copy_and_csum_dev(const struct sk_buff *skb, u8 *to);
 extern void            skb_split(struct sk_buff *skb,
                                 struct sk_buff *skb1, const u32 len);
-extern void            skb_release_data(struct sk_buff *skb);
+extern struct sk_buff *skb_segment(struct sk_buff *skb, int features);
-extern struct sk_buff *skb_segment(struct sk_buff *skb, int sg);
 static inline void *skb_header_pointer(const struct sk_buff *skb, int offset,
                                       int len, void *buffer)
diff --git a/include/net/af_unix.h b/include/net/af_unix.h
index 795f81f9ec7f..5ba72d95280c 100644
--- a/include/net/af_unix.h
+++ b/include/net/af_unix.h
@@ -53,10 +53,16 @@ struct unix_address {
 struct unix_skb_parms {
        struct ucred            creds;          /* Skb credentials      */
        struct scm_fp_list      *fp;            /* Passed files         */
+#ifdef CONFIG_SECURITY_NETWORK
+        char                    *secdata;       /* Security context     */
+        u32                     seclen;         /* Security length      */
+#endif
 };
 #define UNIXCB(skb)     (*(struct unix_skb_parms*)&((skb)->cb))
 #define UNIXCREDS(skb)  (&UNIXCB((skb)).creds)
+#define UNIXSECDATA(skb)        (&UNIXCB((skb)).secdata)
+#define UNIXSECLEN(skb)         (&UNIXCB((skb)).seclen)
 #define unix_state_rlock(s)     spin_lock(&unix_sk(s)->lock)
 #define unix_state_runlock(s)   spin_unlock(&unix_sk(s)->lock)
diff --git a/include/net/pkt_sched.h b/include/net/pkt_sched.h
index 75b5b9333fc7..1925c65e617b 100644
--- a/include/net/pkt_sched.h
+++ b/include/net/pkt_sched.h
@@ -169,17 +169,23 @@ psched_tod_diff(int delta_sec, int bound)
 #define PSCHED_TADD2(tv, delta, tv_res) \
 ({ \
-           int __delta = (tv).tv_usec + (delta); \
+           int __delta = (delta); \
-           (tv_res).tv_sec = (tv).tv_sec; \
+           (tv_res) = (tv); \
-           if (__delta > USEC_PER_SEC) { (tv_res).tv_sec++; __delta -= USEC_PER_SEC; } \
+           while(__delta >= USEC_PER_SEC){ \
+                 (tv_res).tv_sec++; \
+                 __delta -= USEC_PER_SEC; \
+           } \
           (tv_res).tv_usec = __delta; \
 })
 #define PSCHED_TADD(tv, delta) \
 ({ \
-           (tv).tv_usec += (delta); \
+           int __delta = (delta); \
-           if ((tv).tv_usec > USEC_PER_SEC) { (tv).tv_sec++; \
+           while(__delta >= USEC_PER_SEC){ \
-                 (tv).tv_usec -= USEC_PER_SEC; } \
+                 (tv).tv_sec++; \
+                 __delta -= USEC_PER_SEC; \
+           } \
+           (tv).tv_usec = __delta; \
 })
 /* Set/check that time is in the "past perfect";
diff --git a/include/net/protocol.h b/include/net/protocol.h
index 3b6dc15c68a5..40b6b9c9973f 100644
--- a/include/net/protocol.h
+++ b/include/net/protocol.h
@@ -36,7 +36,8 @@
 struct net_protocol {
        int                     (*handler)(struct sk_buff *skb);
        void                    (*err_handler)(struct sk_buff *skb, u32 info);
-        struct sk_buff         *(*gso_segment)(struct sk_buff *skb, int sg);
+        struct sk_buff         *(*gso_segment)(struct sk_buff *skb,
+                                               int features);
        int                     no_policy;
 };
diff --git a/include/net/scm.h b/include/net/scm.h
index 540619cb7160..02daa097cdcd 100644
--- a/include/net/scm.h
+++ b/include/net/scm.h
@@ -19,6 +19,10 @@ struct scm_cookie
 {
        struct ucred            creds;          /* Skb credentials      */
        struct scm_fp_list      *fp;            /* Passed files         */
+#ifdef CONFIG_SECURITY_NETWORK
+        char                    *secdata;       /* Security context     */
+        u32                     seclen;         /* Security length      */
+#endif
        unsigned long           seq;            /* Connection seqno     */
 };
@@ -48,6 +52,17 @@ static __inline__ int scm_send(struct socket *sock, struct msghdr *msg,
        return __scm_send(sock, msg, scm);
 }
+#ifdef CONFIG_SECURITY_NETWORK
+static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm)
+{
+        if (test_bit(SOCK_PASSSEC, &sock->flags) && scm->secdata != NULL)
+                put_cmsg(msg, SOL_SOCKET, SCM_SECURITY, scm->seclen, scm->secdata);
+}
+#else
+static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm)
+{ }
+#endif /* CONFIG_SECURITY_NETWORK */
 static __inline__ void scm_recv(struct socket *sock, struct msghdr *msg,
                                struct scm_cookie *scm, int flags)
 {
@@ -62,6 +77,8 @@ static __inline__ void scm_recv(struct socket *sock, struct msghdr *msg,
        if (test_bit(SOCK_PASSCRED, &sock->flags))
                put_cmsg(msg, SOL_SOCKET, SCM_CREDENTIALS, sizeof(scm->creds), &scm->creds);
+        scm_passec(sock, msg, scm);
        if (!scm->fp)
                return;
        
diff --git a/include/net/sock.h b/include/net/sock.h
index 2d8d6adf1616..7136bae48c2f 100644
--- a/include/net/sock.h
+++ b/include/net/sock.h
@@ -383,7 +383,6 @@ enum sock_flags {
        SOCK_USE_WRITE_QUEUE, /* whether to call sk->sk_write_space in sock_wfree */
        SOCK_DBG, /* %SO_DEBUG setting */
        SOCK_RCVTSTAMP, /* %SO_TIMESTAMP setting */
-        SOCK_NO_LARGESEND, /* whether to sent large segments or not */
        SOCK_LOCALROUTE, /* route locally only, %SO_DONTROUTE setting */
        SOCK_QUEUE_SHRUNK, /* write queue has been shrunk recently */
 };
@@ -1033,7 +1032,7 @@ static inline void sk_setup_caps(struct sock *sk, struct dst_entry *dst)
        if (sk->sk_route_caps & NETIF_F_GSO)
                sk->sk_route_caps |= NETIF_F_TSO;
        if (sk->sk_route_caps & NETIF_F_TSO) {
-                if (sock_flag(sk, SOCK_NO_LARGESEND) || dst->header_len)
+                if (dst->header_len)
                        sk->sk_route_caps &= ~NETIF_F_TSO;
                else 
                        sk->sk_route_caps |= NETIF_F_SG | NETIF_F_HW_CSUM;
diff --git a/include/net/tcp.h b/include/net/tcp.h
index ca3d38dfc00b..624921e76332 100644
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -1086,7 +1086,7 @@ extern struct request_sock_ops tcp_request_sock_ops;
 extern int tcp_v4_destroy_sock(struct sock *sk);
-extern struct sk_buff *tcp_tso_segment(struct sk_buff *skb, int sg);
+extern struct sk_buff *tcp_tso_segment(struct sk_buff *skb, int features);
 #ifdef CONFIG_PROC_FS
 extern int  tcp4_proc_init(void);
diff --git a/include/net/tcp_ecn.h b/include/net/tcp_ecn.h
index c6b84397448d..7bb366f70934 100644
--- a/include/net/tcp_ecn.h
+++ b/include/net/tcp_ecn.h
@@ -31,10 +31,9 @@ static inline void TCP_ECN_send_syn(struct sock *sk, struct tcp_sock *tp,
                                    struct sk_buff *skb)
 {
        tp->ecn_flags = 0;
-        if (sysctl_tcp_ecn && !(sk->sk_route_caps & NETIF_F_TSO)) {
+        if (sysctl_tcp_ecn) {
                TCP_SKB_CB(skb)->flags |= TCPCB_FLAG_ECE|TCPCB_FLAG_CWR;
                tp->ecn_flags = TCP_ECN_OK;
-                sock_set_flag(sk, SOCK_NO_LARGESEND);
        }
 }
@@ -56,6 +55,9 @@ static inline void TCP_ECN_send(struct sock *sk, struct tcp_sock *tp,
                        if (tp->ecn_flags&TCP_ECN_QUEUE_CWR) {
                                tp->ecn_flags &= ~TCP_ECN_QUEUE_CWR;
                                skb->h.th->cwr = 1;
+                                if (skb_shinfo(skb)->gso_type & SKB_GSO_TCPV4)
+                                        skb_shinfo(skb)->gso_type |=
+                                                SKB_GSO_TCPV4_ECN;
                        }
                } else {
                        /* ACK or retransmitted segment: clear ECT|CE */