3 files changed, 18 insertions, 9 deletions
diff --git a/net/core/dev.c b/net/core/dev.c
index 14dac0654f28..d2c8a06b3a98 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -2284,7 +2284,7 @@ EXPORT_SYMBOL(skb_checksum_help);
 __be16 skb_network_protocol(struct sk_buff *skb, int *depth)
 {
        __be16 type = skb->protocol;
-        int vlan_depth = ETH_HLEN;
+        int vlan_depth = skb->mac_len;
        /* Tunnel gso handlers can set protocol to ethernet. */
        if (type == htons(ETH_P_TEB)) {
@@ -5238,6 +5238,7 @@ void __dev_set_rx_mode(struct net_device *dev)
        if (ops->ndo_set_rx_mode)
                ops->ndo_set_rx_mode(dev);
 }
+EXPORT_SYMBOL(__dev_set_rx_mode);
 void dev_set_rx_mode(struct net_device *dev)
 {
diff --git a/net/core/dst.c b/net/core/dst.c
index ca4231ec7347..80d6286c8b62 100644
--- a/net/core/dst.c
+++ b/net/core/dst.c
@@ -142,12 +142,12 @@ loop:
        mutex_unlock(&dst_gc_mutex);
 }
-int dst_discard(struct sk_buff *skb)
+int dst_discard_sk(struct sock *sk, struct sk_buff *skb)
 {
        kfree_skb(skb);
        return 0;
 }
-EXPORT_SYMBOL(dst_discard);
+EXPORT_SYMBOL(dst_discard_sk);
 const u32 dst_default_metrics[RTAX_MAX + 1] = {
        /* This initializer is needed to force linker to place this variable
@@ -184,7 +184,7 @@ void *dst_alloc(struct dst_ops *ops, struct net_device *dev,
        dst->xfrm = NULL;
 #endif
        dst->input = dst_discard;
-        dst->output = dst_discard;
+        dst->output = dst_discard_sk;
        dst->error = 0;
        dst->obsolete = initial_obsolete;
        dst->header_len = 0;
@@ -209,8 +209,10 @@ static void ___dst_free(struct dst_entry *dst)
        /* The first case (dev==NULL) is required, when
           protocol module is unloaded.
         */
-        if (dst->dev == NULL || !(dst->dev->flags&IFF_UP))
+        if (dst->dev == NULL || !(dst->dev->flags&IFF_UP)) {
-                dst->input = dst->output = dst_discard;
+                dst->input = dst_discard;
+                dst->output = dst_discard_sk;
+        }
        dst->obsolete = DST_OBSOLETE_DEAD;
 }
@@ -361,7 +363,8 @@ static void dst_ifdown(struct dst_entry *dst, struct net_device *dev,
                return;
        if (!unregister) {
-                dst->input = dst->output = dst_discard;
+                dst->input = dst_discard;
+                dst->output = dst_discard_sk;
        } else {
                dst->dev = dev_net(dst->dev)->loopback_dev;
                dev_hold(dst->dev);
diff --git a/net/core/filter.c b/net/core/filter.c
index e08b3822c72a..cd58614660cf 100644
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -600,6 +600,9 @@ static u64 __skb_get_nlattr(u64 ctx, u64 A, u64 X, u64 r4, u64 r5)
        if (skb_is_nonlinear(skb))
                return 0;
+        if (skb->len < sizeof(struct nlattr))
+                return 0;
        if (A > skb->len - sizeof(struct nlattr))
                return 0;
@@ -618,11 +621,14 @@ static u64 __skb_get_nlattr_nest(u64 ctx, u64 A, u64 X, u64 r4, u64 r5)
        if (skb_is_nonlinear(skb))
                return 0;
+        if (skb->len < sizeof(struct nlattr))
+                return 0;
        if (A > skb->len - sizeof(struct nlattr))
                return 0;
        nla = (struct nlattr *) &skb->data[A];
-        if (nla->nla_len > A - skb->len)
+        if (nla->nla_len > skb->len - A)
                return 0;
        nla = nla_find_nested(nla, X);
@@ -1737,7 +1743,6 @@ void sk_decode_filter(struct sock_filter *filt, struct sock_filter *to)
                [BPF_S_ANC_RXHASH]      = BPF_LD|BPF_B|BPF_ABS,
                [BPF_S_ANC_CPU]         = BPF_LD|BPF_B|BPF_ABS,
                [BPF_S_ANC_ALU_XOR_X]   = BPF_LD|BPF_B|BPF_ABS,
-                [BPF_S_ANC_SECCOMP_LD_W] = BPF_LD|BPF_B|BPF_ABS,
                [BPF_S_ANC_VLAN_TAG]    = BPF_LD|BPF_B|BPF_ABS,
                [BPF_S_ANC_VLAN_TAG_PRESENT] = BPF_LD|BPF_B|BPF_ABS,
                [BPF_S_ANC_PAY_OFFSET]  = BPF_LD|BPF_B|BPF_ABS,