24 files changed, 205 insertions, 58 deletions

diff --git a/include/asm-arm/arch-omap/clock.h b/include/asm-arm/arch-omap/clock.h
index 3c4eb9fbe48a..f83003f5287b 100644
--- a/include/asm-arm/arch-omap/clock.h
+++ b/include/asm-arm/arch-omap/clock.h
@@ -48,8 +48,6 @@ struct clk_functions {
 };
 
 extern unsigned int mpurate;
-extern struct list_head clocks;
-extern spinlock_t clockfw_lock;
 
 extern int clk_init(struct clk_functions * custom_clocks);
 extern int clk_register(struct clk *clk);
diff --git a/include/asm-ia64/meminit.h b/include/asm-ia64/meminit.h
index 894bc4d89dc0..6a33a07b3f1d 100644
--- a/include/asm-ia64/meminit.h
+++ b/include/asm-ia64/meminit.h
@@ -56,6 +56,11 @@ extern void efi_memmap_init(unsigned long *, unsigned long *);
   extern struct page *vmem_map;
   extern int find_largest_hole (u64 start, u64 end, void *arg);
   extern int create_mem_map_page_table (u64 start, u64 end, void *arg);
+  extern int vmemmap_find_next_valid_pfn(int, int);
+#else
+static inline int vmemmap_find_next_valid_pfn(int node, int i)
+{
+        return i + 1;
+}
 #endif
-
 #endif /* meminit_h */
diff --git a/include/asm-ia64/pal.h b/include/asm-ia64/pal.h
index 37e52a2836b0..20a8d618c845 100644
--- a/include/asm-ia64/pal.h
+++ b/include/asm-ia64/pal.h
@@ -1433,7 +1433,12 @@ typedef union  pal_version_u {
 } pal_version_u_t;
 
 
-/* Return PAL version information */
+/*
+ * Return PAL version information.  While the documentation states that
+ * PAL_VERSION can be called in either physical or virtual mode, some
+ * implementations only allow physical calls.  We don't call it very often,
+ * so the overhead isn't worth eliminating.
+ */
 static inline s64
 ia64_pal_version (pal_version_u_t *pal_min_version, pal_version_u_t *pal_cur_version)
 {
diff --git a/include/asm-ia64/sn/xpc.h b/include/asm-ia64/sn/xpc.h
index 8406f1ef4caf..b72af597878d 100644
--- a/include/asm-ia64/sn/xpc.h
+++ b/include/asm-ia64/sn/xpc.h
@@ -1124,8 +1124,8 @@ xpc_notify_IRQ_send_local(struct xpc_channel *ch, u8 ipi_flag,
 #define XPC_GET_IPI_FLAGS(_amo, _c)     ((u8) (((_amo) >> ((_c) * 8)) & 0xff))
 #define XPC_SET_IPI_FLAGS(_amo, _c, _f) (_amo) |= ((u64) (_f) << ((_c) * 8))
 
-#define XPC_ANY_OPENCLOSE_IPI_FLAGS_SET(_amo) ((_amo) & 0x0f0f0f0f0f0f0f0f)
-#define XPC_ANY_MSG_IPI_FLAGS_SET(_amo)       ((_amo) & 0x1010101010101010)
+#define XPC_ANY_OPENCLOSE_IPI_FLAGS_SET(_amo) ((_amo) & __IA64_UL_CONST(0x0f0f0f0f0f0f0f0f))
+#define XPC_ANY_MSG_IPI_FLAGS_SET(_amo)       ((_amo) & __IA64_UL_CONST(0x1010101010101010))
 
 
 static inline void
diff --git a/include/asm-ia64/system.h b/include/asm-ia64/system.h
index fc9677bc87ee..384fbf7f2a0f 100644
--- a/include/asm-ia64/system.h
+++ b/include/asm-ia64/system.h
@@ -24,7 +24,7 @@
  * 0xa000000000000000+2*PERCPU_PAGE_SIZE
  * - 0xa000000000000000+3*PERCPU_PAGE_SIZE remain unmapped (guard page)
  */
-#define KERNEL_START             (GATE_ADDR+0x100000000)
+#define KERNEL_START             (GATE_ADDR+__IA64_UL_CONST(0x100000000))
 #define PERCPU_ADDR             (-PERCPU_PAGE_SIZE)
 
 #ifndef __ASSEMBLY__
diff --git a/include/linux/audit.h b/include/linux/audit.h
index b27d7debc5a1..64f9f9e56ac5 100644
--- a/include/linux/audit.h
+++ b/include/linux/audit.h
@@ -327,21 +327,31 @@ extern void __audit_getname(const char *name);
 extern void audit_putname(const char *name);
 extern void __audit_inode(const char *name, const struct inode *inode);
 extern void __audit_inode_child(const char *dname, const struct inode *inode,
-                                unsigned long pino);
+                                const struct inode *parent);
+extern void __audit_inode_update(const struct inode *inode);
+static inline int audit_dummy_context(void)
+{
+        void *p = current->audit_context;
+        return !p || *(int *)p;
+}
 static inline void audit_getname(const char *name)
 {
-        if (unlikely(current->audit_context))
+        if (unlikely(!audit_dummy_context()))
                 __audit_getname(name);
 }
 static inline void audit_inode(const char *name, const struct inode *inode) {
-        if (unlikely(current->audit_context))
+        if (unlikely(!audit_dummy_context()))
                 __audit_inode(name, inode);
 }
 static inline void audit_inode_child(const char *dname, 
-                                     const struct inode *inode, 
-                                     unsigned long pino) {
-        if (unlikely(current->audit_context))
-                __audit_inode_child(dname, inode, pino);
+                                     const struct inode *inode,
+                                     const struct inode *parent) {
+        if (unlikely(!audit_dummy_context()))
+                __audit_inode_child(dname, inode, parent);
+}
+static inline void audit_inode_update(const struct inode *inode) {
+        if (unlikely(!audit_dummy_context()))
+                __audit_inode_update(inode);
 }
 
                                 /* Private API (for audit.c only) */
@@ -365,57 +375,61 @@ extern int __audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat);
 
 static inline int audit_ipc_obj(struct kern_ipc_perm *ipcp)
 {
-        if (unlikely(current->audit_context))
+        if (unlikely(!audit_dummy_context()))
                 return __audit_ipc_obj(ipcp);
         return 0;
 }
 static inline int audit_ipc_set_perm(unsigned long qbytes, uid_t uid, gid_t gid, mode_t mode)
 {
-        if (unlikely(current->audit_context))
+        if (unlikely(!audit_dummy_context()))
                 return __audit_ipc_set_perm(qbytes, uid, gid, mode);
         return 0;
 }
 static inline int audit_mq_open(int oflag, mode_t mode, struct mq_attr __user *u_attr)
 {
-        if (unlikely(current->audit_context))
+        if (unlikely(!audit_dummy_context()))
                 return __audit_mq_open(oflag, mode, u_attr);
         return 0;
 }
 static inline int audit_mq_timedsend(mqd_t mqdes, size_t msg_len, unsigned int msg_prio, const struct timespec __user *u_abs_timeout)
 {
-        if (unlikely(current->audit_context))
+        if (unlikely(!audit_dummy_context()))
                 return __audit_mq_timedsend(mqdes, msg_len, msg_prio, u_abs_timeout);
         return 0;
 }
 static inline int audit_mq_timedreceive(mqd_t mqdes, size_t msg_len, unsigned int __user *u_msg_prio, const struct timespec __user *u_abs_timeout)
 {
-        if (unlikely(current->audit_context))
+        if (unlikely(!audit_dummy_context()))
                 return __audit_mq_timedreceive(mqdes, msg_len, u_msg_prio, u_abs_timeout);
         return 0;
 }
 static inline int audit_mq_notify(mqd_t mqdes, const struct sigevent __user *u_notification)
 {
-        if (unlikely(current->audit_context))
+        if (unlikely(!audit_dummy_context()))
                 return __audit_mq_notify(mqdes, u_notification);
         return 0;
 }
 static inline int audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
 {
-        if (unlikely(current->audit_context))
+        if (unlikely(!audit_dummy_context()))
                 return __audit_mq_getsetattr(mqdes, mqstat);
         return 0;
 }
+extern int audit_n_rules;
 #else
 #define audit_alloc(t) ({ 0; })
 #define audit_free(t) do { ; } while (0)
 #define audit_syscall_entry(ta,a,b,c,d,e) do { ; } while (0)
 #define audit_syscall_exit(f,r) do { ; } while (0)
+#define audit_dummy_context() 1
 #define audit_getname(n) do { ; } while (0)
 #define audit_putname(n) do { ; } while (0)
 #define __audit_inode(n,i) do { ; } while (0)
 #define __audit_inode_child(d,i,p) do { ; } while (0)
+#define __audit_inode_update(i) do { ; } while (0)
 #define audit_inode(n,i) do { ; } while (0)
 #define audit_inode_child(d,i,p) do { ; } while (0)
+#define audit_inode_update(i) do { ; } while (0)
 #define auditsc_get_stamp(c,t,s) do { BUG(); } while (0)
 #define audit_get_loginuid(c) ({ -1; })
 #define audit_ipc_obj(i) ({ 0; })
@@ -430,6 +444,7 @@ static inline int audit_mq_getsetattr(mqd_t mqdes, struct mq_attr *mqstat)
 #define audit_mq_timedreceive(d,l,p,t) ({ 0; })
 #define audit_mq_notify(d,n) ({ 0; })
 #define audit_mq_getsetattr(d,s) ({ 0; })
+#define audit_n_rules 0
 #endif
 
 #ifdef CONFIG_AUDIT
diff --git a/include/linux/fsnotify.h b/include/linux/fsnotify.h
index cc5dec70c32c..d4f219ffaa5d 100644
--- a/include/linux/fsnotify.h
+++ b/include/linux/fsnotify.h
@@ -67,7 +67,7 @@ static inline void fsnotify_move(struct inode *old_dir, struct inode *new_dir,
         if (source) {
                 inotify_inode_queue_event(source, IN_MOVE_SELF, 0, NULL, NULL);
         }
-        audit_inode_child(new_name, source, new_dir->i_ino);
+        audit_inode_child(new_name, source, new_dir);
 }
 
 /*
@@ -98,7 +98,7 @@ static inline void fsnotify_create(struct inode *inode, struct dentry *dentry)
         inode_dir_notify(inode, DN_CREATE);
         inotify_inode_queue_event(inode, IN_CREATE, 0, dentry->d_name.name,
                                   dentry->d_inode);
-        audit_inode_child(dentry->d_name.name, dentry->d_inode, inode->i_ino);
+        audit_inode_child(dentry->d_name.name, dentry->d_inode, inode);
 }
 
 /*
@@ -109,7 +109,7 @@ static inline void fsnotify_mkdir(struct inode *inode, struct dentry *dentry)
         inode_dir_notify(inode, DN_CREATE);
         inotify_inode_queue_event(inode, IN_CREATE | IN_ISDIR, 0, 
                                   dentry->d_name.name, dentry->d_inode);
-        audit_inode_child(dentry->d_name.name, dentry->d_inode, inode->i_ino);
+        audit_inode_child(dentry->d_name.name, dentry->d_inode, inode);
 }
 
 /*
diff --git a/include/linux/kobject.h b/include/linux/kobject.h
index 0503b2ed8bae..2d229327959e 100644
--- a/include/linux/kobject.h
+++ b/include/linux/kobject.h
@@ -46,8 +46,6 @@ enum kobject_action {
         KOBJ_UMOUNT     = (__force kobject_action_t) 0x05,      /* umount event for block devices (broken) */
         KOBJ_OFFLINE    = (__force kobject_action_t) 0x06,      /* device offline */
         KOBJ_ONLINE     = (__force kobject_action_t) 0x07,      /* device online */
-        KOBJ_UNDOCK     = (__force kobject_action_t) 0x08,      /* undocking */
-        KOBJ_DOCK       = (__force kobject_action_t) 0x09,      /* dock */
 };
 
 struct kobject {
diff --git a/include/linux/netfilter_bridge.h b/include/linux/netfilter_bridge.h
index 31f02ba036ce..10c13dc4665b 100644
--- a/include/linux/netfilter_bridge.h
+++ b/include/linux/netfilter_bridge.h
@@ -6,7 +6,6 @@
 
 #include <linux/netfilter.h>
 #if defined(__KERNEL__) && defined(CONFIG_BRIDGE_NETFILTER)
-#include <asm/atomic.h>
 #include <linux/if_ether.h>
 #endif
 
diff --git a/include/linux/pci_ids.h b/include/linux/pci_ids.h
index c09396d2c77b..4eae06b08cf2 100644
--- a/include/linux/pci_ids.h
+++ b/include/linux/pci_ids.h
@@ -2142,6 +2142,7 @@
 #define PCI_DEVICE_ID_INTEL_82820_UP_HB 0x2501
 #define PCI_DEVICE_ID_INTEL_82850_HB    0x2530
 #define PCI_DEVICE_ID_INTEL_82860_HB    0x2531
+#define PCI_DEVICE_ID_INTEL_E7501_MCH   0x254c
 #define PCI_DEVICE_ID_INTEL_82845G_HB   0x2560
 #define PCI_DEVICE_ID_INTEL_82845G_IG   0x2562
 #define PCI_DEVICE_ID_INTEL_82865_HB    0x2570
diff --git a/include/linux/security.h b/include/linux/security.h
index f75303831d09..6bc2aad494ff 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -1109,6 +1109,16 @@ struct swap_info_struct;
  *      @name contains the name of the security module being unstacked.
  *      @ops contains a pointer to the struct security_operations of the module to unstack.
  * 
+ * @secid_to_secctx:
+ *      Convert secid to security context.
+ *      @secid contains the security ID.
+ *      @secdata contains the pointer that stores the converted security context.
+ *
+ * @release_secctx:
+ *      Release the security context.
+ *      @secdata contains the security context.
+ *      @seclen contains the length of the security context.
+ *
  * This is the main security structure.
  */
 struct security_operations {
@@ -1289,6 +1299,8 @@ struct security_operations {
 
         int (*getprocattr)(struct task_struct *p, char *name, void *value, size_t size);
         int (*setprocattr)(struct task_struct *p, char *name, void *value, size_t size);
+        int (*secid_to_secctx)(u32 secid, char **secdata, u32 *seclen);
+        void (*release_secctx)(char *secdata, u32 seclen);
 
 #ifdef CONFIG_SECURITY_NETWORK
         int (*unix_stream_connect) (struct socket * sock,
@@ -1317,7 +1329,7 @@ struct security_operations {
         int (*socket_shutdown) (struct socket * sock, int how);
         int (*socket_sock_rcv_skb) (struct sock * sk, struct sk_buff * skb);
         int (*socket_getpeersec_stream) (struct socket *sock, char __user *optval, int __user *optlen, unsigned len);
-        int (*socket_getpeersec_dgram) (struct sk_buff *skb, char **secdata, u32 *seclen);
+        int (*socket_getpeersec_dgram) (struct socket *sock, struct sk_buff *skb, u32 *secid);
         int (*sk_alloc_security) (struct sock *sk, int family, gfp_t priority);
         void (*sk_free_security) (struct sock *sk);
         unsigned int (*sk_getsid) (struct sock *sk, struct flowi *fl, u8 dir);
@@ -2059,6 +2071,16 @@ static inline int security_netlink_recv(struct sk_buff * skb, int cap)
         return security_ops->netlink_recv(skb, cap);
 }
 
+static inline int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen)
+{
+        return security_ops->secid_to_secctx(secid, secdata, seclen);
+}
+
+static inline void security_release_secctx(char *secdata, u32 seclen)
+{
+        return security_ops->release_secctx(secdata, seclen);
+}
+
 /* prototypes */
 extern int security_init        (void);
 extern int register_security    (struct security_operations *ops);
@@ -2725,6 +2747,14 @@ static inline void securityfs_remove(struct dentry *dentry)
 {
 }
 
+static inline int security_secid_to_secctx(u32 secid, char **secdata, u32 *seclen)
+{
+        return -EOPNOTSUPP;
+}
+
+static inline void security_release_secctx(char *secdata, u32 seclen)
+{
+}
 #endif  /* CONFIG_SECURITY */
 
 #ifdef CONFIG_SECURITY_NETWORK
@@ -2840,10 +2870,9 @@ static inline int security_socket_getpeersec_stream(struct socket *sock, char __
         return security_ops->socket_getpeersec_stream(sock, optval, optlen, len);
 }
 
-static inline int security_socket_getpeersec_dgram(struct sk_buff *skb, char **secdata,
-                                                   u32 *seclen)
+static inline int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid)
 {
-        return security_ops->socket_getpeersec_dgram(skb, secdata, seclen);
+        return security_ops->socket_getpeersec_dgram(sock, skb, secid);
 }
 
 static inline int security_sk_alloc(struct sock *sk, int family, gfp_t priority)
@@ -2968,8 +2997,7 @@ static inline int security_socket_getpeersec_stream(struct socket *sock, char __
         return -ENOPROTOOPT;
 }
 
-static inline int security_socket_getpeersec_dgram(struct sk_buff *skb, char **secdata,
-                                                   u32 *seclen)
+static inline int security_socket_getpeersec_dgram(struct socket *sock, struct sk_buff *skb, u32 *secid)
 {
         return -ENOPROTOOPT;
 }
diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h
index 4307e764ef0a..19c96d498e20 100644
--- a/include/linux/skbuff.h
+++ b/include/linux/skbuff.h
@@ -604,12 +604,17 @@ static inline __u32 skb_queue_len(const struct sk_buff_head *list_)
         return list_->qlen;
 }
 
-extern struct lock_class_key skb_queue_lock_key;
-
+/*
+ * This function creates a split out lock class for each invocation;
+ * this is needed for now since a whole lot of users of the skb-queue
+ * infrastructure in drivers have different locking usage (in hardirq)
+ * than the networking core (in softirq only). In the long run either the
+ * network layer or drivers should need annotation to consolidate the
+ * main types of usage into 3 classes.
+ */
 static inline void skb_queue_head_init(struct sk_buff_head *list)
 {
         spin_lock_init(&list->lock);
-        lockdep_set_class(&list->lock, &skb_queue_lock_key);
         list->prev = list->next = (struct sk_buff *)list;
         list->qlen = 0;
 }
@@ -1104,6 +1109,28 @@ static inline struct sk_buff *dev_alloc_skb(unsigned int length)
         return __dev_alloc_skb(length, GFP_ATOMIC);
 }
 
+extern struct sk_buff *__netdev_alloc_skb(struct net_device *dev,
+                unsigned int length, gfp_t gfp_mask);
+
+/**
+ *      netdev_alloc_skb - allocate an skbuff for rx on a specific device
+ *      @dev: network device to receive on
+ *      @length: length to allocate
+ *
+ *      Allocate a new &sk_buff and assign it a usage count of one. The
+ *      buffer has unspecified headroom built in. Users should allocate
+ *      the headroom they think they need without accounting for the
+ *      built in space. The built in space is used for optimisations.
+ *
+ *      %NULL is returned if there is no free memory. Although this function
+ *      allocates memory it can be called from an interrupt.
+ */
+static inline struct sk_buff *netdev_alloc_skb(struct net_device *dev,
+                unsigned int length)
+{
+        return __netdev_alloc_skb(dev, length, GFP_ATOMIC);
+}
+
 /**
  *      skb_cow - copy header of skb when it is required
  *      @skb: buffer to cow
diff --git a/include/linux/usb.h b/include/linux/usb.h
index c944e8f06a4a..d2bd0c8e0154 100644
--- a/include/linux/usb.h
+++ b/include/linux/usb.h
@@ -103,8 +103,7 @@ enum usb_interface_condition {
  * @condition: binding state of the interface: not bound, binding
  *      (in probe()), bound to a driver, or unbinding (in disconnect())
  * @dev: driver model's view of this device
- * @usb_dev: if an interface is bound to the USB major, this will point
- *      to the sysfs representation for that device.
+ * @class_dev: driver model's class view of this device.
  *
  * USB device drivers attach to interfaces on a physical device.  Each
  * interface encapsulates a single high level function, such as feeding
@@ -144,7 +143,7 @@ struct usb_interface {
                                          * bound to */
         enum usb_interface_condition condition;         /* state of binding */
         struct device dev;              /* interface specific device info */
-        struct device *usb_dev;         /* pointer to the usb class's device, if any */
+        struct class_device *class_dev;
 };
 #define to_usb_interface(d) container_of(d, struct usb_interface, dev)
 #define interface_to_usbdev(intf) \
@@ -361,7 +360,7 @@ struct usb_device {
         char *serial;                   /* iSerialNumber string, if present */
 
         struct list_head filelist;
-        struct device *usbfs_dev;
+        struct class_device *class_dev;
         struct dentry *usbfs_dentry;    /* usbfs dentry entry for the device */
 
         /*
diff --git a/include/linux/usb_usual.h b/include/linux/usb_usual.h
index f38f43f20fae..e7fc5fed5b98 100644
--- a/include/linux/usb_usual.h
+++ b/include/linux/usb_usual.h
@@ -44,7 +44,9 @@
         US_FLAG(NO_WP_DETECT,   0x00000200)                     \
                 /* Don't check for write-protect */             \
         US_FLAG(MAX_SECTORS_64, 0x00000400)                     \
-                /* Sets max_sectors to 64    */
+                /* Sets max_sectors to 64    */                 \
+        US_FLAG(IGNORE_DEVICE,  0x00000800)                     \
+                /* Don't claim device */
 
 #define US_FLAG(name, value)    US_FL_##name = value ,
 enum { US_DO_ALL_FLAGS };
diff --git a/include/linux/videodev.h b/include/linux/videodev.h
index 41bc7e9603cd..518c7a32175e 100644
--- a/include/linux/videodev.h
+++ b/include/linux/videodev.h
@@ -12,10 +12,11 @@
 #ifndef __LINUX_VIDEODEV_H
 #define __LINUX_VIDEODEV_H
 
-#define HAVE_V4L1 1
-
 #include <linux/videodev2.h>
 
+#ifdef CONFIG_VIDEO_V4L1_COMPAT
+#define HAVE_V4L1 1
+
 struct video_capability
 {
         char name[32];
@@ -336,6 +337,8 @@ struct video_code
 #define VID_HARDWARE_SN9C102    38
 #define VID_HARDWARE_ARV        39
 
+#endif /* CONFIG_VIDEO_V4L1_COMPAT */
+
 #endif /* __LINUX_VIDEODEV_H */
 
 /*
diff --git a/include/linux/videodev2.h b/include/linux/videodev2.h
index a62673dad76e..b7146956a929 100644
--- a/include/linux/videodev2.h
+++ b/include/linux/videodev2.h
@@ -716,7 +716,7 @@ struct v4l2_ext_control
                 __s64 value64;
                 void *reserved;
         };
-};
+} __attribute__ ((packed));
 
 struct v4l2_ext_controls
 {
diff --git a/include/media/v4l2-dev.h b/include/media/v4l2-dev.h
index 62dae1a8c441..f8665326ed9f 100644
--- a/include/media/v4l2-dev.h
+++ b/include/media/v4l2-dev.h
@@ -341,11 +341,14 @@ extern int video_usercopy(struct inode *inode, struct file *file,
 extern struct video_device* video_devdata(struct file*);
 
 #define to_video_device(cd) container_of(cd, struct video_device, class_dev)
-static inline void
+static inline int
 video_device_create_file(struct video_device *vfd,
                          struct class_device_attribute *attr)
 {
-        class_device_create_file(&vfd->class_dev, attr);
+        int ret = class_device_create_file(&vfd->class_dev, attr);
+        if (ret < 0)
+                printk(KERN_WARNING "%s error: %d\n", __FUNCTION__, ret);
+        return ret;
 }
 static inline void
 video_device_remove_file(struct video_device *vfd,
diff --git a/include/net/af_unix.h b/include/net/af_unix.h
index 2fec827c8801..c0398f5a8cb9 100644
--- a/include/net/af_unix.h
+++ b/include/net/af_unix.h
@@ -54,15 +54,13 @@ struct unix_skb_parms {
         struct ucred            creds;          /* Skb credentials      */
         struct scm_fp_list      *fp;            /* Passed files         */
 #ifdef CONFIG_SECURITY_NETWORK
-        char                    *secdata;       /* Security context     */
-        u32                     seclen;         /* Security length      */
+        u32                     secid;          /* Security ID          */
 #endif
 };
 
 #define UNIXCB(skb)     (*(struct unix_skb_parms*)&((skb)->cb))
 #define UNIXCREDS(skb)  (&UNIXCB((skb)).creds)
-#define UNIXSECDATA(skb)        (&UNIXCB((skb)).secdata)
-#define UNIXSECLEN(skb)         (&UNIXCB((skb)).seclen)
+#define UNIXSID(skb)    (&UNIXCB((skb)).secid)
 
 #define unix_state_rlock(s)     spin_lock(&unix_sk(s)->lock)
 #define unix_state_runlock(s)   spin_unlock(&unix_sk(s)->lock)
diff --git a/include/net/ip6_route.h b/include/net/ip6_route.h
index ab29dafb1a6a..96b0e66406ec 100644
--- a/include/net/ip6_route.h
+++ b/include/net/ip6_route.h
@@ -139,16 +139,22 @@ extern rwlock_t rt6_lock;
 /*
  *      Store a destination cache entry in a socket
  */
-static inline void ip6_dst_store(struct sock *sk, struct dst_entry *dst,
-                                     struct in6_addr *daddr)
+static inline void __ip6_dst_store(struct sock *sk, struct dst_entry *dst,
+                                   struct in6_addr *daddr)
 {
         struct ipv6_pinfo *np = inet6_sk(sk);
         struct rt6_info *rt = (struct rt6_info *) dst;
 
-        write_lock(&sk->sk_dst_lock);
         sk_setup_caps(sk, dst);
         np->daddr_cache = daddr;
         np->dst_cookie = rt->rt6i_node ? rt->rt6i_node->fn_sernum : 0;
+}
+
+static inline void ip6_dst_store(struct sock *sk, struct dst_entry *dst,
+                                 struct in6_addr *daddr)
+{
+        write_lock(&sk->sk_dst_lock);
+        __ip6_dst_store(sk, dst, daddr);
         write_unlock(&sk->sk_dst_lock);
 }
 
diff --git a/include/net/ipv6.h b/include/net/ipv6.h
index a8fdf7970b37..ece7e8a84ffd 100644
--- a/include/net/ipv6.h
+++ b/include/net/ipv6.h
@@ -468,6 +468,9 @@ extern void			ip6_flush_pending_frames(struct sock *sk);
 extern int                      ip6_dst_lookup(struct sock *sk,
                                                struct dst_entry **dst,
                                                struct flowi *fl);
+extern int                      ip6_sk_dst_lookup(struct sock *sk,
+                                                  struct dst_entry **dst,
+                                                  struct flowi *fl);
 
 /*
  *      skb processing functions
diff --git a/include/net/netdma.h b/include/net/netdma.h
index ceae5ee85c04..7f53cd1d8b1e 100644
--- a/include/net/netdma.h
+++ b/include/net/netdma.h
@@ -29,7 +29,7 @@ static inline struct dma_chan *get_softnet_dma(void)
 {
         struct dma_chan *chan;
         rcu_read_lock();
-        chan = rcu_dereference(__get_cpu_var(softnet_data.net_dma));
+        chan = rcu_dereference(__get_cpu_var(softnet_data).net_dma);
         if (chan)
                 dma_chan_get(chan);
         rcu_read_unlock();
diff --git a/include/net/netevent.h b/include/net/netevent.h
new file mode 100644
index 000000000000..e5d216241423
--- /dev/null
+++ b/include/net/netevent.h
@@ -0,0 +1,33 @@
+#ifndef _NET_EVENT_H
+#define _NET_EVENT_H
+
+/*
+ *      Generic netevent notifiers
+ *
+ *      Authors:
+ *      Tom Tucker              <tom@opengridcomputing.com>
+ *      Steve Wise              <swise@opengridcomputing.com>
+ *
+ *      Changes:
+ */
+#ifdef __KERNEL__
+
+#include <net/dst.h>
+
+struct netevent_redirect {
+        struct dst_entry *old;
+        struct dst_entry *new;
+};
+
+enum netevent_notif_type {
+        NETEVENT_NEIGH_UPDATE = 1, /* arg is struct neighbour ptr */
+        NETEVENT_PMTU_UPDATE,      /* arg is struct dst_entry ptr */
+        NETEVENT_REDIRECT,         /* arg is struct netevent_redirect ptr */
+};
+
+extern int register_netevent_notifier(struct notifier_block *nb);
+extern int unregister_netevent_notifier(struct notifier_block *nb);
+extern int call_netevent_notifiers(unsigned long val, void *v);
+
+#endif
+#endif
diff --git a/include/net/scm.h b/include/net/scm.h
index 02daa097cdcd..5637d5e22d5f 100644
--- a/include/net/scm.h
+++ b/include/net/scm.h
@@ -3,6 +3,7 @@
 
 #include <linux/limits.h>
 #include <linux/net.h>
+#include <linux/security.h>
 
 /* Well, we should have at least one descriptor open
  * to accept passed FDs 8)
@@ -20,8 +21,7 @@ struct scm_cookie
         struct ucred            creds;          /* Skb credentials      */
         struct scm_fp_list      *fp;            /* Passed files         */
 #ifdef CONFIG_SECURITY_NETWORK
-        char                    *secdata;       /* Security context     */
-        u32                     seclen;         /* Security length      */
+        u32                     secid;          /* Passed security ID   */
 #endif
         unsigned long           seq;            /* Connection seqno     */
 };
@@ -32,6 +32,16 @@ extern int __scm_send(struct socket *sock, struct msghdr *msg, struct scm_cookie
 extern void __scm_destroy(struct scm_cookie *scm);
 extern struct scm_fp_list * scm_fp_dup(struct scm_fp_list *fpl);
 
+#ifdef CONFIG_SECURITY_NETWORK
+static __inline__ void unix_get_peersec_dgram(struct socket *sock, struct scm_cookie *scm)
+{
+        security_socket_getpeersec_dgram(sock, NULL, &scm->secid);
+}
+#else
+static __inline__ void unix_get_peersec_dgram(struct socket *sock, struct scm_cookie *scm)
+{ }
+#endif /* CONFIG_SECURITY_NETWORK */
+
 static __inline__ void scm_destroy(struct scm_cookie *scm)
 {
         if (scm && scm->fp)
@@ -47,6 +57,7 @@ static __inline__ int scm_send(struct socket *sock, struct msghdr *msg,
         scm->creds.pid = p->tgid;
         scm->fp = NULL;
         scm->seq = 0;
+        unix_get_peersec_dgram(sock, scm);
         if (msg->msg_controllen <= 0)
                 return 0;
         return __scm_send(sock, msg, scm);
@@ -55,8 +66,18 @@ static __inline__ int scm_send(struct socket *sock, struct msghdr *msg,
 #ifdef CONFIG_SECURITY_NETWORK
 static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm)
 {
-        if (test_bit(SOCK_PASSSEC, &sock->flags) && scm->secdata != NULL)
-                put_cmsg(msg, SOL_SOCKET, SCM_SECURITY, scm->seclen, scm->secdata);
+        char *secdata;
+        u32 seclen;
+        int err;
+
+        if (test_bit(SOCK_PASSSEC, &sock->flags)) {
+                err = security_secid_to_secctx(scm->secid, &secdata, &seclen);
+
+                if (!err) {
+                        put_cmsg(msg, SOL_SOCKET, SCM_SECURITY, seclen, secdata);
+                        security_release_secctx(secdata, seclen);
+                }
+        }
 }
 #else
 static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm)
diff --git a/include/net/tcp.h b/include/net/tcp.h
index 0720bddff1e9..7a093d0aa0fe 100644
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -914,6 +914,9 @@ static inline void tcp_set_state(struct sock *sk, int state)
 
 static inline void tcp_done(struct sock *sk)
 {
+        if(sk->sk_state == TCP_SYN_SENT || sk->sk_state == TCP_SYN_RECV)
+                TCP_INC_STATS_BH(TCP_MIB_ATTEMPTFAILS);
+
         tcp_set_state(sk, TCP_CLOSE);
         tcp_clear_xmit_timers(sk);