8 files changed, 78 insertions, 8 deletions

diff --git a/net/ipv4/Kconfig b/net/ipv4/Kconfig
index 7c3a7d191249..571f8950ed06 100644
--- a/net/ipv4/Kconfig
+++ b/net/ipv4/Kconfig
@@ -46,7 +46,7 @@ config IP_ADVANCED_ROUTER
           rp_filter on use:
 
           echo 1 > /proc/sys/net/ipv4/conf/<device>/rp_filter
-           and
+           or
           echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter
 
           Note that some distributions enable it in startup scripts.
diff --git a/net/ipv4/datagram.c b/net/ipv4/datagram.c
index f0550941df7b..721a8a37b45c 100644
--- a/net/ipv4/datagram.c
+++ b/net/ipv4/datagram.c
@@ -62,8 +62,11 @@ int ip4_datagram_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len)
         }
         if (!inet->inet_saddr)
                 inet->inet_saddr = rt->rt_src;  /* Update source address */
-        if (!inet->inet_rcv_saddr)
+        if (!inet->inet_rcv_saddr) {
                 inet->inet_rcv_saddr = rt->rt_src;
+                if (sk->sk_prot->rehash)
+                        sk->sk_prot->rehash(sk);
+        }
         inet->inet_daddr = rt->rt_dst;
         inet->inet_dport = usin->sin_port;
         sk->sk_state = TCP_ESTABLISHED;
diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c
index a43968918350..7d02a9f999fa 100644
--- a/net/ipv4/fib_frontend.c
+++ b/net/ipv4/fib_frontend.c
@@ -246,6 +246,7 @@ int fib_validate_source(__be32 src, __be32 dst, u8 tos, int oif,
 
         struct fib_result res;
         int no_addr, rpf, accept_local;
+        bool dev_match;
         int ret;
         struct net *net;
 
@@ -273,12 +274,22 @@ int fib_validate_source(__be32 src, __be32 dst, u8 tos, int oif,
         }
         *spec_dst = FIB_RES_PREFSRC(res);
         fib_combine_itag(itag, &res);
+        dev_match = false;
+
 #ifdef CONFIG_IP_ROUTE_MULTIPATH
-        if (FIB_RES_DEV(res) == dev || res.fi->fib_nhs > 1)
+        for (ret = 0; ret < res.fi->fib_nhs; ret++) {
+                struct fib_nh *nh = &res.fi->fib_nh[ret];
+
+                if (nh->nh_dev == dev) {
+                        dev_match = true;
+                        break;
+                }
+        }
 #else
         if (FIB_RES_DEV(res) == dev)
+                dev_match = true;
 #endif
-        {
+        if (dev_match) {
                 ret = FIB_RES_NH(res).nh_scope >= RT_SCOPE_HOST;
                 fib_res_put(&res);
                 return ret;
diff --git a/net/ipv4/fib_trie.c b/net/ipv4/fib_trie.c
index 79d057a939ba..4a8e370862bc 100644
--- a/net/ipv4/fib_trie.c
+++ b/net/ipv4/fib_trie.c
@@ -186,7 +186,9 @@ static inline struct tnode *node_parent_rcu(struct node *node)
 {
         struct tnode *ret = node_parent(node);
 
-        return rcu_dereference(ret);
+        return rcu_dereference_check(ret,
+                                     rcu_read_lock_held() ||
+                                     lockdep_rtnl_is_held());
 }
 
 /* Same as rcu_assign_pointer
@@ -1753,7 +1755,9 @@ static struct leaf *leaf_walk_rcu(struct tnode *p, struct node *c)
 
 static struct leaf *trie_firstleaf(struct trie *t)
 {
-        struct tnode *n = (struct tnode *) rcu_dereference(t->trie);
+        struct tnode *n = (struct tnode *) rcu_dereference_check(t->trie,
+                                                        rcu_read_lock_held() ||
+                                                        lockdep_rtnl_is_held());
 
         if (!n)
                 return NULL;
diff --git a/net/ipv4/igmp.c b/net/ipv4/igmp.c
index a1ad0e7180d2..1fdcacd36ce7 100644
--- a/net/ipv4/igmp.c
+++ b/net/ipv4/igmp.c
@@ -834,7 +834,7 @@ static void igmp_heard_query(struct in_device *in_dev, struct sk_buff *skb,
         int                     mark = 0;
 
 
-        if (len == 8) {
+        if (len == 8 || IGMP_V2_SEEN(in_dev)) {
                 if (ih->code == 0) {
                         /* Alas, old v1 router presents here. */
 
diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c
index 6c40a8c46e79..64b70ad162e3 100644
--- a/net/ipv4/ip_sockglue.c
+++ b/net/ipv4/ip_sockglue.c
@@ -1129,6 +1129,9 @@ static int do_ip_getsockopt(struct sock *sk, int level, int optname,
         case IP_HDRINCL:
                 val = inet->hdrincl;
                 break;
+        case IP_NODEFRAG:
+                val = inet->nodefrag;
+                break;
         case IP_MTU_DISCOVER:
                 val = inet->pmtudisc;
                 break;
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index 3f56b6e6c6aa..6298f75d5e93 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -2738,6 +2738,11 @@ slow_output:
 }
 EXPORT_SYMBOL_GPL(__ip_route_output_key);
 
+static struct dst_entry *ipv4_blackhole_dst_check(struct dst_entry *dst, u32 cookie)
+{
+        return NULL;
+}
+
 static void ipv4_rt_blackhole_update_pmtu(struct dst_entry *dst, u32 mtu)
 {
 }
@@ -2746,7 +2751,7 @@ static struct dst_ops ipv4_dst_blackhole_ops = {
         .family                 =       AF_INET,
         .protocol               =       cpu_to_be16(ETH_P_IP),
         .destroy                =       ipv4_dst_destroy,
-        .check                  =       ipv4_dst_check,
+        .check                  =       ipv4_blackhole_dst_check,
         .update_pmtu            =       ipv4_rt_blackhole_update_pmtu,
         .entries                =       ATOMIC_INIT(0),
 };
diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c
index 32e0bef60d0a..fb23c2e63b52 100644
--- a/net/ipv4/udp.c
+++ b/net/ipv4/udp.c
@@ -1260,6 +1260,49 @@ void udp_lib_unhash(struct sock *sk)
 }
 EXPORT_SYMBOL(udp_lib_unhash);
 
+/*
+ * inet_rcv_saddr was changed, we must rehash secondary hash
+ */
+void udp_lib_rehash(struct sock *sk, u16 newhash)
+{
+        if (sk_hashed(sk)) {
+                struct udp_table *udptable = sk->sk_prot->h.udp_table;
+                struct udp_hslot *hslot, *hslot2, *nhslot2;
+
+                hslot2 = udp_hashslot2(udptable, udp_sk(sk)->udp_portaddr_hash);
+                nhslot2 = udp_hashslot2(udptable, newhash);
+                udp_sk(sk)->udp_portaddr_hash = newhash;
+                if (hslot2 != nhslot2) {
+                        hslot = udp_hashslot(udptable, sock_net(sk),
+                                             udp_sk(sk)->udp_port_hash);
+                        /* we must lock primary chain too */
+                        spin_lock_bh(&hslot->lock);
+
+                        spin_lock(&hslot2->lock);
+                        hlist_nulls_del_init_rcu(&udp_sk(sk)->udp_portaddr_node);
+                        hslot2->count--;
+                        spin_unlock(&hslot2->lock);
+
+                        spin_lock(&nhslot2->lock);
+                        hlist_nulls_add_head_rcu(&udp_sk(sk)->udp_portaddr_node,
+                                                 &nhslot2->head);
+                        nhslot2->count++;
+                        spin_unlock(&nhslot2->lock);
+
+                        spin_unlock_bh(&hslot->lock);
+                }
+        }
+}
+EXPORT_SYMBOL(udp_lib_rehash);
+
+static void udp_v4_rehash(struct sock *sk)
+{
+        u16 new_hash = udp4_portaddr_hash(sock_net(sk),
+                                          inet_sk(sk)->inet_rcv_saddr,
+                                          inet_sk(sk)->inet_num);
+        udp_lib_rehash(sk, new_hash);
+}
+
 static int __udp_queue_rcv_skb(struct sock *sk, struct sk_buff *skb)
 {
         int rc;
@@ -1843,6 +1886,7 @@ struct proto udp_prot = {
         .backlog_rcv       = __udp_queue_rcv_skb,
         .hash              = udp_lib_hash,
         .unhash            = udp_lib_unhash,
+        .rehash            = udp_v4_rehash,
         .get_port          = udp_v4_get_port,
         .memory_allocated  = &udp_memory_allocated,
         .sysctl_mem        = sysctl_udp_mem,