6 files changed, 52 insertions, 23 deletions

diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c
index 5eea4a811042..14bbfcf717ac 100644
--- a/net/ipv4/ip_sockglue.c
+++ b/net/ipv4/ip_sockglue.c
@@ -457,19 +457,28 @@ static int do_ip_setsockopt(struct sock *sk, int level,
         struct inet_sock *inet = inet_sk(sk);
         int val = 0, err;
 
-        if (((1<<optname) & ((1<<IP_PKTINFO) | (1<<IP_RECVTTL) |
-                             (1<<IP_RECVOPTS) | (1<<IP_RECVTOS) |
-                             (1<<IP_RETOPTS) | (1<<IP_TOS) |
-                             (1<<IP_TTL) | (1<<IP_HDRINCL) |
-                             (1<<IP_MTU_DISCOVER) | (1<<IP_RECVERR) |
-                             (1<<IP_ROUTER_ALERT) | (1<<IP_FREEBIND) |
-                             (1<<IP_PASSSEC) | (1<<IP_TRANSPARENT) |
-                             (1<<IP_MINTTL) | (1<<IP_NODEFRAG))) ||
-            optname == IP_UNICAST_IF ||
-            optname == IP_MULTICAST_TTL ||
-            optname == IP_MULTICAST_ALL ||
-            optname == IP_MULTICAST_LOOP ||
-            optname == IP_RECVORIGDSTADDR) {
+        switch (optname) {
+        case IP_PKTINFO:
+        case IP_RECVTTL:
+        case IP_RECVOPTS:
+        case IP_RECVTOS:
+        case IP_RETOPTS:
+        case IP_TOS:
+        case IP_TTL:
+        case IP_HDRINCL:
+        case IP_MTU_DISCOVER:
+        case IP_RECVERR:
+        case IP_ROUTER_ALERT:
+        case IP_FREEBIND:
+        case IP_PASSSEC:
+        case IP_TRANSPARENT:
+        case IP_MINTTL:
+        case IP_NODEFRAG:
+        case IP_UNICAST_IF:
+        case IP_MULTICAST_TTL:
+        case IP_MULTICAST_ALL:
+        case IP_MULTICAST_LOOP:
+        case IP_RECVORIGDSTADDR:
                 if (optlen >= sizeof(int)) {
                         if (get_user(val, (int __user *) optval))
                                 return -EFAULT;
diff --git a/net/ipv4/ip_vti.c b/net/ipv4/ip_vti.c
index 1831092f999f..858fddf6482a 100644
--- a/net/ipv4/ip_vti.c
+++ b/net/ipv4/ip_vti.c
@@ -338,12 +338,17 @@ static int vti_rcv(struct sk_buff *skb)
         if (tunnel != NULL) {
                 struct pcpu_tstats *tstats;
 
+                if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb))
+                        return -1;
+
                 tstats = this_cpu_ptr(tunnel->dev->tstats);
                 u64_stats_update_begin(&tstats->syncp);
                 tstats->rx_packets++;
                 tstats->rx_bytes += skb->len;
                 u64_stats_update_end(&tstats->syncp);
 
+                skb->mark = 0;
+                secpath_reset(skb);
                 skb->dev = tunnel->dev;
                 return 1;
         }
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
index 197c0008503c..083092e3aed6 100644
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -1212,7 +1212,7 @@ new_segment:
 wait_for_sndbuf:
                         set_bit(SOCK_NOSPACE, &sk->sk_socket->flags);
 wait_for_memory:
-                        if (copied && likely(!tp->repair))
+                        if (copied)
                                 tcp_push(sk, flags & ~MSG_MORE, mss_now, TCP_NAGLE_PUSH);
 
                         if ((err = sk_stream_wait_memory(sk, &timeo)) != 0)
@@ -1223,7 +1223,7 @@ wait_for_memory:
         }
 
 out:
-        if (copied && likely(!tp->repair))
+        if (copied)
                 tcp_push(sk, flags, mss_now, tp->nonagle);
         release_sock(sk);
         return copied + copied_syn;
diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c
index 2c2b13a999ea..609ff98aeb47 100644
--- a/net/ipv4/tcp_input.c
+++ b/net/ipv4/tcp_input.c
@@ -5313,11 +5313,6 @@ static bool tcp_validate_incoming(struct sock *sk, struct sk_buff *skb,
                 goto discard;
         }
 
-        /* ts_recent update must be made after we are sure that the packet
-         * is in window.
-         */
-        tcp_replace_ts_recent(tp, TCP_SKB_CB(skb)->seq);
-
         /* step 3: check security and precedence [ignored] */
 
         /* step 4: Check for a SYN
@@ -5552,6 +5547,11 @@ step5:
         if (th->ack && tcp_ack(sk, skb, FLAG_SLOWPATH) < 0)
                 goto discard;
 
+        /* ts_recent update must be made after we are sure that the packet
+         * is in window.
+         */
+        tcp_replace_ts_recent(tp, TCP_SKB_CB(skb)->seq);
+
         tcp_rcv_rtt_measure_ts(sk, skb);
 
         /* Process urgent data. */
@@ -6130,6 +6130,11 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb,
         } else
                 goto discard;
 
+        /* ts_recent update must be made after we are sure that the packet
+         * is in window.
+         */
+        tcp_replace_ts_recent(tp, TCP_SKB_CB(skb)->seq);
+
         /* step 6: check the URG bit */
         tcp_urg(sk, skb, th);
 
diff --git a/net/ipv4/tcp_metrics.c b/net/ipv4/tcp_metrics.c
index 53bc5847bfa8..f696d7c2e9fa 100644
--- a/net/ipv4/tcp_metrics.c
+++ b/net/ipv4/tcp_metrics.c
@@ -1,7 +1,6 @@
 #include <linux/rcupdate.h>
 #include <linux/spinlock.h>
 #include <linux/jiffies.h>
-#include <linux/bootmem.h>
 #include <linux/module.h>
 #include <linux/cache.h>
 #include <linux/slab.h>
@@ -9,6 +8,7 @@
 #include <linux/tcp.h>
 #include <linux/hash.h>
 #include <linux/tcp_metrics.h>
+#include <linux/vmalloc.h>
 
 #include <net/inet_connection_sock.h>
 #include <net/net_namespace.h>
@@ -1034,7 +1034,10 @@ static int __net_init tcp_net_metrics_init(struct net *net)
         net->ipv4.tcp_metrics_hash_log = order_base_2(slots);
         size = sizeof(struct tcpm_hash_bucket) << net->ipv4.tcp_metrics_hash_log;
 
-        net->ipv4.tcp_metrics_hash = kzalloc(size, GFP_KERNEL);
+        net->ipv4.tcp_metrics_hash = kzalloc(size, GFP_KERNEL | __GFP_NOWARN);
+        if (!net->ipv4.tcp_metrics_hash)
+                net->ipv4.tcp_metrics_hash = vzalloc(size);
+
         if (!net->ipv4.tcp_metrics_hash)
                 return -ENOMEM;
 
@@ -1055,7 +1058,10 @@ static void __net_exit tcp_net_metrics_exit(struct net *net)
                         tm = next;
                 }
         }
-        kfree(net->ipv4.tcp_metrics_hash);
+        if (is_vmalloc_addr(net->ipv4.tcp_metrics_hash))
+                vfree(net->ipv4.tcp_metrics_hash);
+        else
+                kfree(net->ipv4.tcp_metrics_hash);
 }
 
 static __net_initdata struct pernet_operations tcp_net_metrics_ops = {
diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c
index cfe6ffe1c177..2798706cb063 100644
--- a/net/ipv4/tcp_output.c
+++ b/net/ipv4/tcp_output.c
@@ -1986,6 +1986,9 @@ static bool tcp_write_xmit(struct sock *sk, unsigned int mss_now, int nonagle,
                 tso_segs = tcp_init_tso_segs(sk, skb, mss_now);
                 BUG_ON(!tso_segs);
 
+                if (unlikely(tp->repair) && tp->repair_queue == TCP_SEND_QUEUE)
+                        goto repair; /* Skip network transmission */
+
                 cwnd_quota = tcp_cwnd_test(tp, skb);
                 if (!cwnd_quota)
                         break;
@@ -2026,6 +2029,7 @@ static bool tcp_write_xmit(struct sock *sk, unsigned int mss_now, int nonagle,
                 if (unlikely(tcp_transmit_skb(sk, skb, 1, gfp)))
                         break;
 
+repair:
                 /* Advance the send_head.  This one is sent out.
                  * This call will increment packets_out.
                  */