aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
Diffstat (limited to 'net')
-rw-r--r--net/appletalk/ddp.c16
-rw-r--r--net/atm/common.c2
-rw-r--r--net/ax25/af_ax25.c4
-rw-r--r--net/bluetooth/af_bluetooth.c9
-rw-r--r--net/bluetooth/hci_sock.c2
-rw-r--r--net/bluetooth/l2cap_core.c3
-rw-r--r--net/bluetooth/rfcomm/core.c3
-rw-r--r--net/bluetooth/rfcomm/sock.c7
-rw-r--r--net/bluetooth/sco.c1
-rw-r--r--net/bluetooth/smp.c3
-rw-r--r--net/bridge/br_if.c2
-rw-r--r--net/bridge/netfilter/ebt_ip6.c8
-rw-r--r--net/caif/caif_socket.c4
-rw-r--r--net/compat.c3
-rw-r--r--net/core/dev.c2
-rw-r--r--net/core/iovec.c3
-rw-r--r--net/core/skbuff.c75
-rw-r--r--net/ipv4/netfilter/ipt_SYNPROXY.c1
-rw-r--r--net/ipv4/route.c8
-rw-r--r--net/ipv6/netfilter/ip6t_SYNPROXY.c1
-rw-r--r--net/ipx/af_ipx.c3
-rw-r--r--net/irda/af_irda.c4
-rw-r--r--net/iucv/af_iucv.c2
-rw-r--r--net/key/af_key.c1
-rw-r--r--net/l2tp/l2tp_ppp.c2
-rw-r--r--net/llc/af_llc.c2
-rw-r--r--net/netfilter/Kconfig2
-rw-r--r--net/netfilter/nf_conntrack_core.c3
-rw-r--r--net/netfilter/nf_conntrack_seqadj.c4
-rw-r--r--net/netfilter/nf_synproxy_core.c7
-rw-r--r--net/netfilter/nft_compat.c19
-rw-r--r--net/netlink/af_netlink.c2
-rw-r--r--net/netlink/genetlink.c4
-rw-r--r--net/netrom/af_netrom.c3
-rw-r--r--net/nfc/llcp_sock.c2
-rw-r--r--net/nfc/rawsock.c2
-rw-r--r--net/packet/af_packet.c91
-rw-r--r--net/packet/internal.h1
-rw-r--r--net/rds/recv.c2
-rw-r--r--net/rose/af_rose.c8
-rw-r--r--net/rxrpc/ar-recvmsg.c9
-rw-r--r--net/socket.c22
-rw-r--r--net/tipc/socket.c6
-rw-r--r--net/unix/af_unix.c5
-rw-r--r--net/vmw_vsock/af_vsock.c2
-rw-r--r--net/vmw_vsock/vmci_transport.c2
-rw-r--r--net/wimax/stack.c1
-rw-r--r--net/x25/af_x25.c3
48 files changed, 198 insertions, 173 deletions
diff --git a/net/appletalk/ddp.c b/net/appletalk/ddp.c
index 7fee50d637f9..7d424ac6e760 100644
--- a/net/appletalk/ddp.c
+++ b/net/appletalk/ddp.c
@@ -1735,7 +1735,6 @@ static int atalk_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr
1735 size_t size, int flags) 1735 size_t size, int flags)
1736{ 1736{
1737 struct sock *sk = sock->sk; 1737 struct sock *sk = sock->sk;
1738 struct sockaddr_at *sat = (struct sockaddr_at *)msg->msg_name;
1739 struct ddpehdr *ddp; 1738 struct ddpehdr *ddp;
1740 int copied = 0; 1739 int copied = 0;
1741 int offset = 0; 1740 int offset = 0;
@@ -1764,14 +1763,13 @@ static int atalk_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr
1764 } 1763 }
1765 err = skb_copy_datagram_iovec(skb, offset, msg->msg_iov, copied); 1764 err = skb_copy_datagram_iovec(skb, offset, msg->msg_iov, copied);
1766 1765
1767 if (!err) { 1766 if (!err && msg->msg_name) {
1768 if (sat) { 1767 struct sockaddr_at *sat = msg->msg_name;
1769 sat->sat_family = AF_APPLETALK; 1768 sat->sat_family = AF_APPLETALK;
1770 sat->sat_port = ddp->deh_sport; 1769 sat->sat_port = ddp->deh_sport;
1771 sat->sat_addr.s_node = ddp->deh_snode; 1770 sat->sat_addr.s_node = ddp->deh_snode;
1772 sat->sat_addr.s_net = ddp->deh_snet; 1771 sat->sat_addr.s_net = ddp->deh_snet;
1773 } 1772 msg->msg_namelen = sizeof(*sat);
1774 msg->msg_namelen = sizeof(*sat);
1775 } 1773 }
1776 1774
1777 skb_free_datagram(sk, skb); /* Free the datagram. */ 1775 skb_free_datagram(sk, skb); /* Free the datagram. */
diff --git a/net/atm/common.c b/net/atm/common.c
index 737bef59ce89..7b491006eaf4 100644
--- a/net/atm/common.c
+++ b/net/atm/common.c
@@ -531,8 +531,6 @@ int vcc_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg,
531 struct sk_buff *skb; 531 struct sk_buff *skb;
532 int copied, error = -EINVAL; 532 int copied, error = -EINVAL;
533 533
534 msg->msg_namelen = 0;
535
536 if (sock->state != SS_CONNECTED) 534 if (sock->state != SS_CONNECTED)
537 return -ENOTCONN; 535 return -ENOTCONN;
538 536
diff --git a/net/ax25/af_ax25.c b/net/ax25/af_ax25.c
index a00123ebb0ae..7bb1605bdfd9 100644
--- a/net/ax25/af_ax25.c
+++ b/net/ax25/af_ax25.c
@@ -1636,11 +1636,11 @@ static int ax25_recvmsg(struct kiocb *iocb, struct socket *sock,
1636 1636
1637 skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied); 1637 skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
1638 1638
1639 if (msg->msg_namelen != 0) { 1639 if (msg->msg_name) {
1640 struct sockaddr_ax25 *sax = (struct sockaddr_ax25 *)msg->msg_name;
1641 ax25_digi digi; 1640 ax25_digi digi;
1642 ax25_address src; 1641 ax25_address src;
1643 const unsigned char *mac = skb_mac_header(skb); 1642 const unsigned char *mac = skb_mac_header(skb);
1643 struct sockaddr_ax25 *sax = msg->msg_name;
1644 1644
1645 memset(sax, 0, sizeof(struct full_sockaddr_ax25)); 1645 memset(sax, 0, sizeof(struct full_sockaddr_ax25));
1646 ax25_addr_parse(mac + 1, skb->data - mac - 1, &src, NULL, 1646 ax25_addr_parse(mac + 1, skb->data - mac - 1, &src, NULL,
diff --git a/net/bluetooth/af_bluetooth.c b/net/bluetooth/af_bluetooth.c
index f6a1671ea2ff..56ca494621c6 100644
--- a/net/bluetooth/af_bluetooth.c
+++ b/net/bluetooth/af_bluetooth.c
@@ -224,10 +224,9 @@ int bt_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
224 224
225 skb = skb_recv_datagram(sk, flags, noblock, &err); 225 skb = skb_recv_datagram(sk, flags, noblock, &err);
226 if (!skb) { 226 if (!skb) {
227 if (sk->sk_shutdown & RCV_SHUTDOWN) { 227 if (sk->sk_shutdown & RCV_SHUTDOWN)
228 msg->msg_namelen = 0;
229 return 0; 228 return 0;
230 } 229
231 return err; 230 return err;
232 } 231 }
233 232
@@ -245,8 +244,6 @@ int bt_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
245 if (bt_sk(sk)->skb_msg_name) 244 if (bt_sk(sk)->skb_msg_name)
246 bt_sk(sk)->skb_msg_name(skb, msg->msg_name, 245 bt_sk(sk)->skb_msg_name(skb, msg->msg_name,
247 &msg->msg_namelen); 246 &msg->msg_namelen);
248 else
249 msg->msg_namelen = 0;
250 } 247 }
251 248
252 skb_free_datagram(sk, skb); 249 skb_free_datagram(sk, skb);
@@ -295,8 +292,6 @@ int bt_sock_stream_recvmsg(struct kiocb *iocb, struct socket *sock,
295 if (flags & MSG_OOB) 292 if (flags & MSG_OOB)
296 return -EOPNOTSUPP; 293 return -EOPNOTSUPP;
297 294
298 msg->msg_namelen = 0;
299
300 BT_DBG("sk %p size %zu", sk, size); 295 BT_DBG("sk %p size %zu", sk, size);
301 296
302 lock_sock(sk); 297 lock_sock(sk);
diff --git a/net/bluetooth/hci_sock.c b/net/bluetooth/hci_sock.c
index 71f0be173080..6a6c8bb4fd72 100644
--- a/net/bluetooth/hci_sock.c
+++ b/net/bluetooth/hci_sock.c
@@ -856,8 +856,6 @@ static int hci_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
856 if (!skb) 856 if (!skb)
857 return err; 857 return err;
858 858
859 msg->msg_namelen = 0;
860
861 copied = skb->len; 859 copied = skb->len;
862 if (len < copied) { 860 if (len < copied) {
863 msg->msg_flags |= MSG_TRUNC; 861 msg->msg_flags |= MSG_TRUNC;
diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c
index 0cef67707838..4af3821df880 100644
--- a/net/bluetooth/l2cap_core.c
+++ b/net/bluetooth/l2cap_core.c
@@ -2439,6 +2439,9 @@ int l2cap_chan_send(struct l2cap_chan *chan, struct msghdr *msg, size_t len,
2439 int err; 2439 int err;
2440 struct sk_buff_head seg_queue; 2440 struct sk_buff_head seg_queue;
2441 2441
2442 if (!chan->conn)
2443 return -ENOTCONN;
2444
2442 /* Connectionless channel */ 2445 /* Connectionless channel */
2443 if (chan->chan_type == L2CAP_CHAN_CONN_LESS) { 2446 if (chan->chan_type == L2CAP_CHAN_CONN_LESS) {
2444 skb = l2cap_create_connless_pdu(chan, msg, len, priority); 2447 skb = l2cap_create_connless_pdu(chan, msg, len, priority);
diff --git a/net/bluetooth/rfcomm/core.c b/net/bluetooth/rfcomm/core.c
index 94d06cbfbc18..facd8a79c038 100644
--- a/net/bluetooth/rfcomm/core.c
+++ b/net/bluetooth/rfcomm/core.c
@@ -694,6 +694,7 @@ static struct rfcomm_session *rfcomm_session_create(bdaddr_t *src,
694 addr.l2_family = AF_BLUETOOTH; 694 addr.l2_family = AF_BLUETOOTH;
695 addr.l2_psm = 0; 695 addr.l2_psm = 0;
696 addr.l2_cid = 0; 696 addr.l2_cid = 0;
697 addr.l2_bdaddr_type = BDADDR_BREDR;
697 *err = kernel_bind(sock, (struct sockaddr *) &addr, sizeof(addr)); 698 *err = kernel_bind(sock, (struct sockaddr *) &addr, sizeof(addr));
698 if (*err < 0) 699 if (*err < 0)
699 goto failed; 700 goto failed;
@@ -719,6 +720,7 @@ static struct rfcomm_session *rfcomm_session_create(bdaddr_t *src,
719 addr.l2_family = AF_BLUETOOTH; 720 addr.l2_family = AF_BLUETOOTH;
720 addr.l2_psm = __constant_cpu_to_le16(RFCOMM_PSM); 721 addr.l2_psm = __constant_cpu_to_le16(RFCOMM_PSM);
721 addr.l2_cid = 0; 722 addr.l2_cid = 0;
723 addr.l2_bdaddr_type = BDADDR_BREDR;
722 *err = kernel_connect(sock, (struct sockaddr *) &addr, sizeof(addr), O_NONBLOCK); 724 *err = kernel_connect(sock, (struct sockaddr *) &addr, sizeof(addr), O_NONBLOCK);
723 if (*err == 0 || *err == -EINPROGRESS) 725 if (*err == 0 || *err == -EINPROGRESS)
724 return s; 726 return s;
@@ -1983,6 +1985,7 @@ static int rfcomm_add_listener(bdaddr_t *ba)
1983 addr.l2_family = AF_BLUETOOTH; 1985 addr.l2_family = AF_BLUETOOTH;
1984 addr.l2_psm = __constant_cpu_to_le16(RFCOMM_PSM); 1986 addr.l2_psm = __constant_cpu_to_le16(RFCOMM_PSM);
1985 addr.l2_cid = 0; 1987 addr.l2_cid = 0;
1988 addr.l2_bdaddr_type = BDADDR_BREDR;
1986 err = kernel_bind(sock, (struct sockaddr *) &addr, sizeof(addr)); 1989 err = kernel_bind(sock, (struct sockaddr *) &addr, sizeof(addr));
1987 if (err < 0) { 1990 if (err < 0) {
1988 BT_ERR("Bind failed %d", err); 1991 BT_ERR("Bind failed %d", err);
diff --git a/net/bluetooth/rfcomm/sock.c b/net/bluetooth/rfcomm/sock.c
index c4d3d423f89b..3c2d3e4aa2f5 100644
--- a/net/bluetooth/rfcomm/sock.c
+++ b/net/bluetooth/rfcomm/sock.c
@@ -615,7 +615,6 @@ static int rfcomm_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
615 615
616 if (test_and_clear_bit(RFCOMM_DEFER_SETUP, &d->flags)) { 616 if (test_and_clear_bit(RFCOMM_DEFER_SETUP, &d->flags)) {
617 rfcomm_dlc_accept(d); 617 rfcomm_dlc_accept(d);
618 msg->msg_namelen = 0;
619 return 0; 618 return 0;
620 } 619 }
621 620
@@ -739,8 +738,9 @@ static int rfcomm_sock_setsockopt(struct socket *sock, int level, int optname, c
739static int rfcomm_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen) 738static int rfcomm_sock_getsockopt_old(struct socket *sock, int optname, char __user *optval, int __user *optlen)
740{ 739{
741 struct sock *sk = sock->sk; 740 struct sock *sk = sock->sk;
741 struct sock *l2cap_sk;
742 struct l2cap_conn *conn;
742 struct rfcomm_conninfo cinfo; 743 struct rfcomm_conninfo cinfo;
743 struct l2cap_conn *conn = l2cap_pi(sk)->chan->conn;
744 int len, err = 0; 744 int len, err = 0;
745 u32 opt; 745 u32 opt;
746 746
@@ -783,6 +783,9 @@ static int rfcomm_sock_getsockopt_old(struct socket *sock, int optname, char __u
783 break; 783 break;
784 } 784 }
785 785
786 l2cap_sk = rfcomm_pi(sk)->dlc->session->sock->sk;
787 conn = l2cap_pi(l2cap_sk)->chan->conn;
788
786 memset(&cinfo, 0, sizeof(cinfo)); 789 memset(&cinfo, 0, sizeof(cinfo));
787 cinfo.hci_handle = conn->hcon->handle; 790 cinfo.hci_handle = conn->hcon->handle;
788 memcpy(cinfo.dev_class, conn->hcon->dev_class, 3); 791 memcpy(cinfo.dev_class, conn->hcon->dev_class, 3);
diff --git a/net/bluetooth/sco.c b/net/bluetooth/sco.c
index 12a0e51e21e1..24fa3964b3c8 100644
--- a/net/bluetooth/sco.c
+++ b/net/bluetooth/sco.c
@@ -711,7 +711,6 @@ static int sco_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
711 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) { 711 test_bit(BT_SK_DEFER_SETUP, &bt_sk(sk)->flags)) {
712 sco_conn_defer_accept(pi->conn->hcon, pi->setting); 712 sco_conn_defer_accept(pi->conn->hcon, pi->setting);
713 sk->sk_state = BT_CONFIG; 713 sk->sk_state = BT_CONFIG;
714 msg->msg_namelen = 0;
715 714
716 release_sock(sk); 715 release_sock(sk);
717 return 0; 716 return 0;
diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
index 85a2796cac61..4b07acb8293c 100644
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c
@@ -742,6 +742,9 @@ static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
742 742
743 BT_DBG("conn %p", conn); 743 BT_DBG("conn %p", conn);
744 744
745 if (!(conn->hcon->link_mode & HCI_LM_MASTER))
746 return SMP_CMD_NOTSUPP;
747
745 hcon->pending_sec_level = authreq_to_seclevel(rp->auth_req); 748 hcon->pending_sec_level = authreq_to_seclevel(rp->auth_req);
746 749
747 if (smp_ltk_encrypt(conn, hcon->pending_sec_level)) 750 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
diff --git a/net/bridge/br_if.c b/net/bridge/br_if.c
index 6e6194fcd88e..4bf02adb5dc2 100644
--- a/net/bridge/br_if.c
+++ b/net/bridge/br_if.c
@@ -172,6 +172,8 @@ void br_dev_delete(struct net_device *dev, struct list_head *head)
172 del_nbp(p); 172 del_nbp(p);
173 } 173 }
174 174
175 br_fdb_delete_by_port(br, NULL, 1);
176
175 br_vlan_flush(br); 177 br_vlan_flush(br);
176 del_timer_sync(&br->gc_timer); 178 del_timer_sync(&br->gc_timer);
177 179
diff --git a/net/bridge/netfilter/ebt_ip6.c b/net/bridge/netfilter/ebt_ip6.c
index 99c85668f551..17fd5f2cb4b8 100644
--- a/net/bridge/netfilter/ebt_ip6.c
+++ b/net/bridge/netfilter/ebt_ip6.c
@@ -48,10 +48,12 @@ ebt_ip6_mt(const struct sk_buff *skb, struct xt_action_param *par)
48 if (info->bitmask & EBT_IP6_TCLASS && 48 if (info->bitmask & EBT_IP6_TCLASS &&
49 FWINV(info->tclass != ipv6_get_dsfield(ih6), EBT_IP6_TCLASS)) 49 FWINV(info->tclass != ipv6_get_dsfield(ih6), EBT_IP6_TCLASS))
50 return false; 50 return false;
51 if (FWINV(ipv6_masked_addr_cmp(&ih6->saddr, &info->smsk, 51 if ((info->bitmask & EBT_IP6_SOURCE &&
52 &info->saddr), EBT_IP6_SOURCE) || 52 FWINV(ipv6_masked_addr_cmp(&ih6->saddr, &info->smsk,
53 &info->saddr), EBT_IP6_SOURCE)) ||
54 (info->bitmask & EBT_IP6_DEST &&
53 FWINV(ipv6_masked_addr_cmp(&ih6->daddr, &info->dmsk, 55 FWINV(ipv6_masked_addr_cmp(&ih6->daddr, &info->dmsk,
54 &info->daddr), EBT_IP6_DEST)) 56 &info->daddr), EBT_IP6_DEST)))
55 return false; 57 return false;
56 if (info->bitmask & EBT_IP6_PROTO) { 58 if (info->bitmask & EBT_IP6_PROTO) {
57 uint8_t nexthdr = ih6->nexthdr; 59 uint8_t nexthdr = ih6->nexthdr;
diff --git a/net/caif/caif_socket.c b/net/caif/caif_socket.c
index 05a41c7ec304..d6be3edb7a43 100644
--- a/net/caif/caif_socket.c
+++ b/net/caif/caif_socket.c
@@ -286,8 +286,6 @@ static int caif_seqpkt_recvmsg(struct kiocb *iocb, struct socket *sock,
286 if (m->msg_flags&MSG_OOB) 286 if (m->msg_flags&MSG_OOB)
287 goto read_error; 287 goto read_error;
288 288
289 m->msg_namelen = 0;
290
291 skb = skb_recv_datagram(sk, flags, 0 , &ret); 289 skb = skb_recv_datagram(sk, flags, 0 , &ret);
292 if (!skb) 290 if (!skb)
293 goto read_error; 291 goto read_error;
@@ -361,8 +359,6 @@ static int caif_stream_recvmsg(struct kiocb *iocb, struct socket *sock,
361 if (flags&MSG_OOB) 359 if (flags&MSG_OOB)
362 goto out; 360 goto out;
363 361
364 msg->msg_namelen = 0;
365
366 /* 362 /*
367 * Lock the socket to prevent queue disordering 363 * Lock the socket to prevent queue disordering
368 * while sleeps in memcpy_tomsg 364 * while sleeps in memcpy_tomsg
diff --git a/net/compat.c b/net/compat.c
index 89032580bd1d..618c6a8a911b 100644
--- a/net/compat.c
+++ b/net/compat.c
@@ -93,7 +93,8 @@ int verify_compat_iovec(struct msghdr *kern_msg, struct iovec *kern_iov,
93 if (err < 0) 93 if (err < 0)
94 return err; 94 return err;
95 } 95 }
96 kern_msg->msg_name = kern_address; 96 if (kern_msg->msg_name)
97 kern_msg->msg_name = kern_address;
97 } else 98 } else
98 kern_msg->msg_name = NULL; 99 kern_msg->msg_name = NULL;
99 100
diff --git a/net/core/dev.c b/net/core/dev.c
index 7e00a7342ee6..ba3b7ea5ebb3 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -4996,7 +4996,7 @@ static void dev_change_rx_flags(struct net_device *dev, int flags)
4996{ 4996{
4997 const struct net_device_ops *ops = dev->netdev_ops; 4997 const struct net_device_ops *ops = dev->netdev_ops;
4998 4998
4999 if ((dev->flags & IFF_UP) && ops->ndo_change_rx_flags) 4999 if (ops->ndo_change_rx_flags)
5000 ops->ndo_change_rx_flags(dev, flags); 5000 ops->ndo_change_rx_flags(dev, flags);
5001} 5001}
5002 5002
diff --git a/net/core/iovec.c b/net/core/iovec.c
index 4cdb7c48dad6..b61869429f4c 100644
--- a/net/core/iovec.c
+++ b/net/core/iovec.c
@@ -48,7 +48,8 @@ int verify_iovec(struct msghdr *m, struct iovec *iov, struct sockaddr_storage *a
48 if (err < 0) 48 if (err < 0)
49 return err; 49 return err;
50 } 50 }
51 m->msg_name = address; 51 if (m->msg_name)
52 m->msg_name = address;
52 } else { 53 } else {
53 m->msg_name = NULL; 54 m->msg_name = NULL;
54 } 55 }
diff --git a/net/core/skbuff.c b/net/core/skbuff.c
index 8cec1e6b844d..2718fed53d8c 100644
--- a/net/core/skbuff.c
+++ b/net/core/skbuff.c
@@ -2796,6 +2796,7 @@ struct sk_buff *skb_segment(struct sk_buff *skb, netdev_features_t features)
2796 struct sk_buff *segs = NULL; 2796 struct sk_buff *segs = NULL;
2797 struct sk_buff *tail = NULL; 2797 struct sk_buff *tail = NULL;
2798 struct sk_buff *fskb = skb_shinfo(skb)->frag_list; 2798 struct sk_buff *fskb = skb_shinfo(skb)->frag_list;
2799 skb_frag_t *skb_frag = skb_shinfo(skb)->frags;
2799 unsigned int mss = skb_shinfo(skb)->gso_size; 2800 unsigned int mss = skb_shinfo(skb)->gso_size;
2800 unsigned int doffset = skb->data - skb_mac_header(skb); 2801 unsigned int doffset = skb->data - skb_mac_header(skb);
2801 unsigned int offset = doffset; 2802 unsigned int offset = doffset;
@@ -2835,16 +2836,38 @@ struct sk_buff *skb_segment(struct sk_buff *skb, netdev_features_t features)
2835 if (hsize > len || !sg) 2836 if (hsize > len || !sg)
2836 hsize = len; 2837 hsize = len;
2837 2838
2838 if (!hsize && i >= nfrags) { 2839 if (!hsize && i >= nfrags && skb_headlen(fskb) &&
2839 BUG_ON(fskb->len != len); 2840 (skb_headlen(fskb) == len || sg)) {
2841 BUG_ON(skb_headlen(fskb) > len);
2842
2843 i = 0;
2844 nfrags = skb_shinfo(fskb)->nr_frags;
2845 skb_frag = skb_shinfo(fskb)->frags;
2846 pos += skb_headlen(fskb);
2847
2848 while (pos < offset + len) {
2849 BUG_ON(i >= nfrags);
2850
2851 size = skb_frag_size(skb_frag);
2852 if (pos + size > offset + len)
2853 break;
2854
2855 i++;
2856 pos += size;
2857 skb_frag++;
2858 }
2840 2859
2841 pos += len;
2842 nskb = skb_clone(fskb, GFP_ATOMIC); 2860 nskb = skb_clone(fskb, GFP_ATOMIC);
2843 fskb = fskb->next; 2861 fskb = fskb->next;
2844 2862
2845 if (unlikely(!nskb)) 2863 if (unlikely(!nskb))
2846 goto err; 2864 goto err;
2847 2865
2866 if (unlikely(pskb_trim(nskb, len))) {
2867 kfree_skb(nskb);
2868 goto err;
2869 }
2870
2848 hsize = skb_end_offset(nskb); 2871 hsize = skb_end_offset(nskb);
2849 if (skb_cow_head(nskb, doffset + headroom)) { 2872 if (skb_cow_head(nskb, doffset + headroom)) {
2850 kfree_skb(nskb); 2873 kfree_skb(nskb);
@@ -2881,7 +2904,7 @@ struct sk_buff *skb_segment(struct sk_buff *skb, netdev_features_t features)
2881 nskb->data - tnl_hlen, 2904 nskb->data - tnl_hlen,
2882 doffset + tnl_hlen); 2905 doffset + tnl_hlen);
2883 2906
2884 if (fskb != skb_shinfo(skb)->frag_list) 2907 if (nskb->len == len + doffset)
2885 goto perform_csum_check; 2908 goto perform_csum_check;
2886 2909
2887 if (!sg) { 2910 if (!sg) {
@@ -2899,8 +2922,28 @@ struct sk_buff *skb_segment(struct sk_buff *skb, netdev_features_t features)
2899 2922
2900 skb_shinfo(nskb)->tx_flags = skb_shinfo(skb)->tx_flags & SKBTX_SHARED_FRAG; 2923 skb_shinfo(nskb)->tx_flags = skb_shinfo(skb)->tx_flags & SKBTX_SHARED_FRAG;
2901 2924
2902 while (pos < offset + len && i < nfrags) { 2925 while (pos < offset + len) {
2903 *frag = skb_shinfo(skb)->frags[i]; 2926 if (i >= nfrags) {
2927 BUG_ON(skb_headlen(fskb));
2928
2929 i = 0;
2930 nfrags = skb_shinfo(fskb)->nr_frags;
2931 skb_frag = skb_shinfo(fskb)->frags;
2932
2933 BUG_ON(!nfrags);
2934
2935 fskb = fskb->next;
2936 }
2937
2938 if (unlikely(skb_shinfo(nskb)->nr_frags >=
2939 MAX_SKB_FRAGS)) {
2940 net_warn_ratelimited(
2941 "skb_segment: too many frags: %u %u\n",
2942 pos, mss);
2943 goto err;
2944 }
2945
2946 *frag = *skb_frag;
2904 __skb_frag_ref(frag); 2947 __skb_frag_ref(frag);
2905 size = skb_frag_size(frag); 2948 size = skb_frag_size(frag);
2906 2949
@@ -2913,6 +2956,7 @@ struct sk_buff *skb_segment(struct sk_buff *skb, netdev_features_t features)
2913 2956
2914 if (pos + size <= offset + len) { 2957 if (pos + size <= offset + len) {
2915 i++; 2958 i++;
2959 skb_frag++;
2916 pos += size; 2960 pos += size;
2917 } else { 2961 } else {
2918 skb_frag_size_sub(frag, pos + size - (offset + len)); 2962 skb_frag_size_sub(frag, pos + size - (offset + len));
@@ -2922,25 +2966,6 @@ struct sk_buff *skb_segment(struct sk_buff *skb, netdev_features_t features)
2922 frag++; 2966 frag++;
2923 } 2967 }
2924 2968
2925 if (pos < offset + len) {
2926 struct sk_buff *fskb2 = fskb;
2927
2928 BUG_ON(pos + fskb->len != offset + len);
2929
2930 pos += fskb->len;
2931 fskb = fskb->next;
2932
2933 if (fskb2->next) {
2934 fskb2 = skb_clone(fskb2, GFP_ATOMIC);
2935 if (!fskb2)
2936 goto err;
2937 } else
2938 skb_get(fskb2);
2939
2940 SKB_FRAG_ASSERT(nskb);
2941 skb_shinfo(nskb)->frag_list = fskb2;
2942 }
2943
2944skip_fraglist: 2969skip_fraglist:
2945 nskb->data_len = len - hsize; 2970 nskb->data_len = len - hsize;
2946 nskb->len += nskb->data_len; 2971 nskb->len += nskb->data_len;
diff --git a/net/ipv4/netfilter/ipt_SYNPROXY.c b/net/ipv4/netfilter/ipt_SYNPROXY.c
index 01cffeaa0085..f13bd91d9a56 100644
--- a/net/ipv4/netfilter/ipt_SYNPROXY.c
+++ b/net/ipv4/netfilter/ipt_SYNPROXY.c
@@ -244,6 +244,7 @@ synproxy_recv_client_ack(const struct synproxy_net *snet,
244 244
245 this_cpu_inc(snet->stats->cookie_valid); 245 this_cpu_inc(snet->stats->cookie_valid);
246 opts->mss = mss; 246 opts->mss = mss;
247 opts->options |= XT_SYNPROXY_OPT_MSS;
247 248
248 if (opts->options & XT_SYNPROXY_OPT_TIMESTAMP) 249 if (opts->options & XT_SYNPROXY_OPT_TIMESTAMP)
249 synproxy_check_timestamp_cookie(opts); 250 synproxy_check_timestamp_cookie(opts);
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index f428935c50db..f8da28278014 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -1776,8 +1776,12 @@ local_input:
1776 rth->dst.error= -err; 1776 rth->dst.error= -err;
1777 rth->rt_flags &= ~RTCF_LOCAL; 1777 rth->rt_flags &= ~RTCF_LOCAL;
1778 } 1778 }
1779 if (do_cache) 1779 if (do_cache) {
1780 rt_cache_route(&FIB_RES_NH(res), rth); 1780 if (unlikely(!rt_cache_route(&FIB_RES_NH(res), rth))) {
1781 rth->dst.flags |= DST_NOCACHE;
1782 rt_add_uncached_list(rth);
1783 }
1784 }
1781 skb_dst_set(skb, &rth->dst); 1785 skb_dst_set(skb, &rth->dst);
1782 err = 0; 1786 err = 0;
1783 goto out; 1787 goto out;
diff --git a/net/ipv6/netfilter/ip6t_SYNPROXY.c b/net/ipv6/netfilter/ip6t_SYNPROXY.c
index bf9f612c1bc2..f78f41aca8e9 100644
--- a/net/ipv6/netfilter/ip6t_SYNPROXY.c
+++ b/net/ipv6/netfilter/ip6t_SYNPROXY.c
@@ -259,6 +259,7 @@ synproxy_recv_client_ack(const struct synproxy_net *snet,
259 259
260 this_cpu_inc(snet->stats->cookie_valid); 260 this_cpu_inc(snet->stats->cookie_valid);
261 opts->mss = mss; 261 opts->mss = mss;
262 opts->options |= XT_SYNPROXY_OPT_MSS;
262 263
263 if (opts->options & XT_SYNPROXY_OPT_TIMESTAMP) 264 if (opts->options & XT_SYNPROXY_OPT_TIMESTAMP)
264 synproxy_check_timestamp_cookie(opts); 265 synproxy_check_timestamp_cookie(opts);
diff --git a/net/ipx/af_ipx.c b/net/ipx/af_ipx.c
index 7a1e0fc1bd4d..e096025b477f 100644
--- a/net/ipx/af_ipx.c
+++ b/net/ipx/af_ipx.c
@@ -1823,8 +1823,6 @@ static int ipx_recvmsg(struct kiocb *iocb, struct socket *sock,
1823 if (skb->tstamp.tv64) 1823 if (skb->tstamp.tv64)
1824 sk->sk_stamp = skb->tstamp; 1824 sk->sk_stamp = skb->tstamp;
1825 1825
1826 msg->msg_namelen = sizeof(*sipx);
1827
1828 if (sipx) { 1826 if (sipx) {
1829 sipx->sipx_family = AF_IPX; 1827 sipx->sipx_family = AF_IPX;
1830 sipx->sipx_port = ipx->ipx_source.sock; 1828 sipx->sipx_port = ipx->ipx_source.sock;
@@ -1832,6 +1830,7 @@ static int ipx_recvmsg(struct kiocb *iocb, struct socket *sock,
1832 sipx->sipx_network = IPX_SKB_CB(skb)->ipx_source_net; 1830 sipx->sipx_network = IPX_SKB_CB(skb)->ipx_source_net;
1833 sipx->sipx_type = ipx->ipx_type; 1831 sipx->sipx_type = ipx->ipx_type;
1834 sipx->sipx_zero = 0; 1832 sipx->sipx_zero = 0;
1833 msg->msg_namelen = sizeof(*sipx);
1835 } 1834 }
1836 rc = copied; 1835 rc = copied;
1837 1836
diff --git a/net/irda/af_irda.c b/net/irda/af_irda.c
index 0f676908d15b..de7db23049f1 100644
--- a/net/irda/af_irda.c
+++ b/net/irda/af_irda.c
@@ -1385,8 +1385,6 @@ static int irda_recvmsg_dgram(struct kiocb *iocb, struct socket *sock,
1385 1385
1386 IRDA_DEBUG(4, "%s()\n", __func__); 1386 IRDA_DEBUG(4, "%s()\n", __func__);
1387 1387
1388 msg->msg_namelen = 0;
1389
1390 skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT, 1388 skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT,
1391 flags & MSG_DONTWAIT, &err); 1389 flags & MSG_DONTWAIT, &err);
1392 if (!skb) 1390 if (!skb)
@@ -1451,8 +1449,6 @@ static int irda_recvmsg_stream(struct kiocb *iocb, struct socket *sock,
1451 target = sock_rcvlowat(sk, flags & MSG_WAITALL, size); 1449 target = sock_rcvlowat(sk, flags & MSG_WAITALL, size);
1452 timeo = sock_rcvtimeo(sk, noblock); 1450 timeo = sock_rcvtimeo(sk, noblock);
1453 1451
1454 msg->msg_namelen = 0;
1455
1456 do { 1452 do {
1457 int chunk; 1453 int chunk;
1458 struct sk_buff *skb = skb_dequeue(&sk->sk_receive_queue); 1454 struct sk_buff *skb = skb_dequeue(&sk->sk_receive_queue);
diff --git a/net/iucv/af_iucv.c b/net/iucv/af_iucv.c
index 168aff5e60de..c4b7218058b6 100644
--- a/net/iucv/af_iucv.c
+++ b/net/iucv/af_iucv.c
@@ -1324,8 +1324,6 @@ static int iucv_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
1324 int err = 0; 1324 int err = 0;
1325 u32 offset; 1325 u32 offset;
1326 1326
1327 msg->msg_namelen = 0;
1328
1329 if ((sk->sk_state == IUCV_DISCONN) && 1327 if ((sk->sk_state == IUCV_DISCONN) &&
1330 skb_queue_empty(&iucv->backlog_skb_q) && 1328 skb_queue_empty(&iucv->backlog_skb_q) &&
1331 skb_queue_empty(&sk->sk_receive_queue) && 1329 skb_queue_empty(&sk->sk_receive_queue) &&
diff --git a/net/key/af_key.c b/net/key/af_key.c
index 911ef03bf8fb..545f047868ad 100644
--- a/net/key/af_key.c
+++ b/net/key/af_key.c
@@ -3616,7 +3616,6 @@ static int pfkey_recvmsg(struct kiocb *kiocb,
3616 if (flags & ~(MSG_PEEK|MSG_DONTWAIT|MSG_TRUNC|MSG_CMSG_COMPAT)) 3616 if (flags & ~(MSG_PEEK|MSG_DONTWAIT|MSG_TRUNC|MSG_CMSG_COMPAT))
3617 goto out; 3617 goto out;
3618 3618
3619 msg->msg_namelen = 0;
3620 skb = skb_recv_datagram(sk, flags, flags & MSG_DONTWAIT, &err); 3619 skb = skb_recv_datagram(sk, flags, flags & MSG_DONTWAIT, &err);
3621 if (skb == NULL) 3620 if (skb == NULL)
3622 goto out; 3621 goto out;
diff --git a/net/l2tp/l2tp_ppp.c b/net/l2tp/l2tp_ppp.c
index ffda81ef1a70..be5fadf34739 100644
--- a/net/l2tp/l2tp_ppp.c
+++ b/net/l2tp/l2tp_ppp.c
@@ -197,8 +197,6 @@ static int pppol2tp_recvmsg(struct kiocb *iocb, struct socket *sock,
197 if (sk->sk_state & PPPOX_BOUND) 197 if (sk->sk_state & PPPOX_BOUND)
198 goto end; 198 goto end;
199 199
200 msg->msg_namelen = 0;
201
202 err = 0; 200 err = 0;
203 skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT, 201 skb = skb_recv_datagram(sk, flags & ~MSG_DONTWAIT,
204 flags & MSG_DONTWAIT, &err); 202 flags & MSG_DONTWAIT, &err);
diff --git a/net/llc/af_llc.c b/net/llc/af_llc.c
index 6cba486353e8..7b01b9f5846c 100644
--- a/net/llc/af_llc.c
+++ b/net/llc/af_llc.c
@@ -720,8 +720,6 @@ static int llc_ui_recvmsg(struct kiocb *iocb, struct socket *sock,
720 int target; /* Read at least this many bytes */ 720 int target; /* Read at least this many bytes */
721 long timeo; 721 long timeo;
722 722
723 msg->msg_namelen = 0;
724
725 lock_sock(sk); 723 lock_sock(sk);
726 copied = -ENOTCONN; 724 copied = -ENOTCONN;
727 if (unlikely(sk->sk_type == SOCK_STREAM && sk->sk_state == TCP_LISTEN)) 725 if (unlikely(sk->sk_type == SOCK_STREAM && sk->sk_state == TCP_LISTEN))
diff --git a/net/netfilter/Kconfig b/net/netfilter/Kconfig
index 48acec17e27a..c3398cd99b94 100644
--- a/net/netfilter/Kconfig
+++ b/net/netfilter/Kconfig
@@ -909,7 +909,7 @@ config NETFILTER_XT_MATCH_CONNLABEL
909 connection simultaneously. 909 connection simultaneously.
910 910
911config NETFILTER_XT_MATCH_CONNLIMIT 911config NETFILTER_XT_MATCH_CONNLIMIT
912 tristate '"connlimit" match support"' 912 tristate '"connlimit" match support'
913 depends on NF_CONNTRACK 913 depends on NF_CONNTRACK
914 depends on NETFILTER_ADVANCED 914 depends on NETFILTER_ADVANCED
915 ---help--- 915 ---help---
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index e22d950c60b3..43549eb7a7be 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -764,9 +764,10 @@ void nf_conntrack_free(struct nf_conn *ct)
764 struct net *net = nf_ct_net(ct); 764 struct net *net = nf_ct_net(ct);
765 765
766 nf_ct_ext_destroy(ct); 766 nf_ct_ext_destroy(ct);
767 atomic_dec(&net->ct.count);
768 nf_ct_ext_free(ct); 767 nf_ct_ext_free(ct);
769 kmem_cache_free(net->ct.nf_conntrack_cachep, ct); 768 kmem_cache_free(net->ct.nf_conntrack_cachep, ct);
769 smp_mb__before_atomic_dec();
770 atomic_dec(&net->ct.count);
770} 771}
771EXPORT_SYMBOL_GPL(nf_conntrack_free); 772EXPORT_SYMBOL_GPL(nf_conntrack_free);
772 773
diff --git a/net/netfilter/nf_conntrack_seqadj.c b/net/netfilter/nf_conntrack_seqadj.c
index 5f9bfd060dea..17c1bcb182c6 100644
--- a/net/netfilter/nf_conntrack_seqadj.c
+++ b/net/netfilter/nf_conntrack_seqadj.c
@@ -41,8 +41,8 @@ int nf_ct_seqadj_set(struct nf_conn *ct, enum ip_conntrack_info ctinfo,
41 spin_lock_bh(&ct->lock); 41 spin_lock_bh(&ct->lock);
42 this_way = &seqadj->seq[dir]; 42 this_way = &seqadj->seq[dir];
43 if (this_way->offset_before == this_way->offset_after || 43 if (this_way->offset_before == this_way->offset_after ||
44 before(this_way->correction_pos, seq)) { 44 before(this_way->correction_pos, ntohl(seq))) {
45 this_way->correction_pos = seq; 45 this_way->correction_pos = ntohl(seq);
46 this_way->offset_before = this_way->offset_after; 46 this_way->offset_before = this_way->offset_after;
47 this_way->offset_after += off; 47 this_way->offset_after += off;
48 } 48 }
diff --git a/net/netfilter/nf_synproxy_core.c b/net/netfilter/nf_synproxy_core.c
index cdf4567ba9b3..9858e3e51a3a 100644
--- a/net/netfilter/nf_synproxy_core.c
+++ b/net/netfilter/nf_synproxy_core.c
@@ -151,9 +151,10 @@ void synproxy_init_timestamp_cookie(const struct xt_synproxy_info *info,
151 opts->tsecr = opts->tsval; 151 opts->tsecr = opts->tsval;
152 opts->tsval = tcp_time_stamp & ~0x3f; 152 opts->tsval = tcp_time_stamp & ~0x3f;
153 153
154 if (opts->options & XT_SYNPROXY_OPT_WSCALE) 154 if (opts->options & XT_SYNPROXY_OPT_WSCALE) {
155 opts->tsval |= info->wscale; 155 opts->tsval |= opts->wscale;
156 else 156 opts->wscale = info->wscale;
157 } else
157 opts->tsval |= 0xf; 158 opts->tsval |= 0xf;
158 159
159 if (opts->options & XT_SYNPROXY_OPT_SACK_PERM) 160 if (opts->options & XT_SYNPROXY_OPT_SACK_PERM)
diff --git a/net/netfilter/nft_compat.c b/net/netfilter/nft_compat.c
index a82667c64729..da0c1f4ada12 100644
--- a/net/netfilter/nft_compat.c
+++ b/net/netfilter/nft_compat.c
@@ -128,7 +128,7 @@ static const struct nla_policy nft_rule_compat_policy[NFTA_RULE_COMPAT_MAX + 1]
128 [NFTA_RULE_COMPAT_FLAGS] = { .type = NLA_U32 }, 128 [NFTA_RULE_COMPAT_FLAGS] = { .type = NLA_U32 },
129}; 129};
130 130
131static u8 nft_parse_compat(const struct nlattr *attr, bool *inv) 131static int nft_parse_compat(const struct nlattr *attr, u8 *proto, bool *inv)
132{ 132{
133 struct nlattr *tb[NFTA_RULE_COMPAT_MAX+1]; 133 struct nlattr *tb[NFTA_RULE_COMPAT_MAX+1];
134 u32 flags; 134 u32 flags;
@@ -148,7 +148,8 @@ static u8 nft_parse_compat(const struct nlattr *attr, bool *inv)
148 if (flags & NFT_RULE_COMPAT_F_INV) 148 if (flags & NFT_RULE_COMPAT_F_INV)
149 *inv = true; 149 *inv = true;
150 150
151 return ntohl(nla_get_be32(tb[NFTA_RULE_COMPAT_PROTO])); 151 *proto = ntohl(nla_get_be32(tb[NFTA_RULE_COMPAT_PROTO]));
152 return 0;
152} 153}
153 154
154static int 155static int
@@ -166,8 +167,11 @@ nft_target_init(const struct nft_ctx *ctx, const struct nft_expr *expr,
166 167
167 target_compat_from_user(target, nla_data(tb[NFTA_TARGET_INFO]), info); 168 target_compat_from_user(target, nla_data(tb[NFTA_TARGET_INFO]), info);
168 169
169 if (ctx->nla[NFTA_RULE_COMPAT]) 170 if (ctx->nla[NFTA_RULE_COMPAT]) {
170 proto = nft_parse_compat(ctx->nla[NFTA_RULE_COMPAT], &inv); 171 ret = nft_parse_compat(ctx->nla[NFTA_RULE_COMPAT], &proto, &inv);
172 if (ret < 0)
173 goto err;
174 }
171 175
172 nft_target_set_tgchk_param(&par, ctx, target, info, &e, proto, inv); 176 nft_target_set_tgchk_param(&par, ctx, target, info, &e, proto, inv);
173 177
@@ -356,8 +360,11 @@ nft_match_init(const struct nft_ctx *ctx, const struct nft_expr *expr,
356 360
357 match_compat_from_user(match, nla_data(tb[NFTA_MATCH_INFO]), info); 361 match_compat_from_user(match, nla_data(tb[NFTA_MATCH_INFO]), info);
358 362
359 if (ctx->nla[NFTA_RULE_COMPAT]) 363 if (ctx->nla[NFTA_RULE_COMPAT]) {
360 proto = nft_parse_compat(ctx->nla[NFTA_RULE_COMPAT], &inv); 364 ret = nft_parse_compat(ctx->nla[NFTA_RULE_COMPAT], &proto, &inv);
365 if (ret < 0)
366 goto err;
367 }
361 368
362 nft_match_set_mtchk_param(&par, ctx, match, info, &e, proto, inv); 369 nft_match_set_mtchk_param(&par, ctx, match, info, &e, proto, inv);
363 370
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
index f0176e1a5a81..bca50b95c182 100644
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
@@ -2335,8 +2335,6 @@ static int netlink_recvmsg(struct kiocb *kiocb, struct socket *sock,
2335 } 2335 }
2336#endif 2336#endif
2337 2337
2338 msg->msg_namelen = 0;
2339
2340 copied = data_skb->len; 2338 copied = data_skb->len;
2341 if (len < copied) { 2339 if (len < copied) {
2342 msg->msg_flags |= MSG_TRUNC; 2340 msg->msg_flags |= MSG_TRUNC;
diff --git a/net/netlink/genetlink.c b/net/netlink/genetlink.c
index 7dbc4f732c75..4518a57aa5fe 100644
--- a/net/netlink/genetlink.c
+++ b/net/netlink/genetlink.c
@@ -1045,7 +1045,7 @@ static int genlmsg_mcast(struct sk_buff *skb, u32 portid, unsigned long group,
1045int genlmsg_multicast_allns(struct genl_family *family, struct sk_buff *skb, 1045int genlmsg_multicast_allns(struct genl_family *family, struct sk_buff *skb,
1046 u32 portid, unsigned int group, gfp_t flags) 1046 u32 portid, unsigned int group, gfp_t flags)
1047{ 1047{
1048 if (group >= family->n_mcgrps) 1048 if (WARN_ON_ONCE(group >= family->n_mcgrps))
1049 return -EINVAL; 1049 return -EINVAL;
1050 group = family->mcgrp_offset + group; 1050 group = family->mcgrp_offset + group;
1051 return genlmsg_mcast(skb, portid, group, flags); 1051 return genlmsg_mcast(skb, portid, group, flags);
@@ -1062,7 +1062,7 @@ void genl_notify(struct genl_family *family,
1062 if (nlh) 1062 if (nlh)
1063 report = nlmsg_report(nlh); 1063 report = nlmsg_report(nlh);
1064 1064
1065 if (group >= family->n_mcgrps) 1065 if (WARN_ON_ONCE(group >= family->n_mcgrps))
1066 return; 1066 return;
1067 group = family->mcgrp_offset + group; 1067 group = family->mcgrp_offset + group;
1068 nlmsg_notify(sk, skb, portid, group, report, flags); 1068 nlmsg_notify(sk, skb, portid, group, report, flags);
diff --git a/net/netrom/af_netrom.c b/net/netrom/af_netrom.c
index 698814bfa7ad..53c19a35fc6d 100644
--- a/net/netrom/af_netrom.c
+++ b/net/netrom/af_netrom.c
@@ -1179,10 +1179,9 @@ static int nr_recvmsg(struct kiocb *iocb, struct socket *sock,
1179 sax->sax25_family = AF_NETROM; 1179 sax->sax25_family = AF_NETROM;
1180 skb_copy_from_linear_data_offset(skb, 7, sax->sax25_call.ax25_call, 1180 skb_copy_from_linear_data_offset(skb, 7, sax->sax25_call.ax25_call,
1181 AX25_ADDR_LEN); 1181 AX25_ADDR_LEN);
1182 msg->msg_namelen = sizeof(*sax);
1182 } 1183 }
1183 1184
1184 msg->msg_namelen = sizeof(*sax);
1185
1186 skb_free_datagram(sk, skb); 1185 skb_free_datagram(sk, skb);
1187 1186
1188 release_sock(sk); 1187 release_sock(sk);
diff --git a/net/nfc/llcp_sock.c b/net/nfc/llcp_sock.c
index d308402b67d8..824c6056bf82 100644
--- a/net/nfc/llcp_sock.c
+++ b/net/nfc/llcp_sock.c
@@ -807,8 +807,6 @@ static int llcp_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
807 807
808 pr_debug("%p %zu\n", sk, len); 808 pr_debug("%p %zu\n", sk, len);
809 809
810 msg->msg_namelen = 0;
811
812 lock_sock(sk); 810 lock_sock(sk);
813 811
814 if (sk->sk_state == LLCP_CLOSED && 812 if (sk->sk_state == LLCP_CLOSED &&
diff --git a/net/nfc/rawsock.c b/net/nfc/rawsock.c
index cd958b381f96..66bcd2eb5773 100644
--- a/net/nfc/rawsock.c
+++ b/net/nfc/rawsock.c
@@ -244,8 +244,6 @@ static int rawsock_recvmsg(struct kiocb *iocb, struct socket *sock,
244 if (!skb) 244 if (!skb)
245 return rc; 245 return rc;
246 246
247 msg->msg_namelen = 0;
248
249 copied = skb->len; 247 copied = skb->len;
250 if (len < copied) { 248 if (len < copied) {
251 msg->msg_flags |= MSG_TRUNC; 249 msg->msg_flags |= MSG_TRUNC;
diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c
index 2e8286b47c28..ac27c86ef6d1 100644
--- a/net/packet/af_packet.c
+++ b/net/packet/af_packet.c
@@ -244,11 +244,15 @@ static void __fanout_link(struct sock *sk, struct packet_sock *po);
244static void register_prot_hook(struct sock *sk) 244static void register_prot_hook(struct sock *sk)
245{ 245{
246 struct packet_sock *po = pkt_sk(sk); 246 struct packet_sock *po = pkt_sk(sk);
247
247 if (!po->running) { 248 if (!po->running) {
248 if (po->fanout) 249 if (po->fanout) {
249 __fanout_link(sk, po); 250 __fanout_link(sk, po);
250 else 251 } else {
251 dev_add_pack(&po->prot_hook); 252 dev_add_pack(&po->prot_hook);
253 rcu_assign_pointer(po->cached_dev, po->prot_hook.dev);
254 }
255
252 sock_hold(sk); 256 sock_hold(sk);
253 po->running = 1; 257 po->running = 1;
254 } 258 }
@@ -266,10 +270,13 @@ static void __unregister_prot_hook(struct sock *sk, bool sync)
266 struct packet_sock *po = pkt_sk(sk); 270 struct packet_sock *po = pkt_sk(sk);
267 271
268 po->running = 0; 272 po->running = 0;
269 if (po->fanout) 273 if (po->fanout) {
270 __fanout_unlink(sk, po); 274 __fanout_unlink(sk, po);
271 else 275 } else {
272 __dev_remove_pack(&po->prot_hook); 276 __dev_remove_pack(&po->prot_hook);
277 RCU_INIT_POINTER(po->cached_dev, NULL);
278 }
279
273 __sock_put(sk); 280 __sock_put(sk);
274 281
275 if (sync) { 282 if (sync) {
@@ -2052,12 +2059,24 @@ static int tpacket_fill_skb(struct packet_sock *po, struct sk_buff *skb,
2052 return tp_len; 2059 return tp_len;
2053} 2060}
2054 2061
2062static struct net_device *packet_cached_dev_get(struct packet_sock *po)
2063{
2064 struct net_device *dev;
2065
2066 rcu_read_lock();
2067 dev = rcu_dereference(po->cached_dev);
2068 if (dev)
2069 dev_hold(dev);
2070 rcu_read_unlock();
2071
2072 return dev;
2073}
2074
2055static int tpacket_snd(struct packet_sock *po, struct msghdr *msg) 2075static int tpacket_snd(struct packet_sock *po, struct msghdr *msg)
2056{ 2076{
2057 struct sk_buff *skb; 2077 struct sk_buff *skb;
2058 struct net_device *dev; 2078 struct net_device *dev;
2059 __be16 proto; 2079 __be16 proto;
2060 bool need_rls_dev = false;
2061 int err, reserve = 0; 2080 int err, reserve = 0;
2062 void *ph; 2081 void *ph;
2063 struct sockaddr_ll *saddr = (struct sockaddr_ll *)msg->msg_name; 2082 struct sockaddr_ll *saddr = (struct sockaddr_ll *)msg->msg_name;
@@ -2070,7 +2089,7 @@ static int tpacket_snd(struct packet_sock *po, struct msghdr *msg)
2070 mutex_lock(&po->pg_vec_lock); 2089 mutex_lock(&po->pg_vec_lock);
2071 2090
2072 if (saddr == NULL) { 2091 if (saddr == NULL) {
2073 dev = po->prot_hook.dev; 2092 dev = packet_cached_dev_get(po);
2074 proto = po->num; 2093 proto = po->num;
2075 addr = NULL; 2094 addr = NULL;
2076 } else { 2095 } else {
@@ -2084,19 +2103,17 @@ static int tpacket_snd(struct packet_sock *po, struct msghdr *msg)
2084 proto = saddr->sll_protocol; 2103 proto = saddr->sll_protocol;
2085 addr = saddr->sll_addr; 2104 addr = saddr->sll_addr;
2086 dev = dev_get_by_index(sock_net(&po->sk), saddr->sll_ifindex); 2105 dev = dev_get_by_index(sock_net(&po->sk), saddr->sll_ifindex);
2087 need_rls_dev = true;
2088 } 2106 }
2089 2107
2090 err = -ENXIO; 2108 err = -ENXIO;
2091 if (unlikely(dev == NULL)) 2109 if (unlikely(dev == NULL))
2092 goto out; 2110 goto out;
2093
2094 reserve = dev->hard_header_len;
2095
2096 err = -ENETDOWN; 2111 err = -ENETDOWN;
2097 if (unlikely(!(dev->flags & IFF_UP))) 2112 if (unlikely(!(dev->flags & IFF_UP)))
2098 goto out_put; 2113 goto out_put;
2099 2114
2115 reserve = dev->hard_header_len;
2116
2100 size_max = po->tx_ring.frame_size 2117 size_max = po->tx_ring.frame_size
2101 - (po->tp_hdrlen - sizeof(struct sockaddr_ll)); 2118 - (po->tp_hdrlen - sizeof(struct sockaddr_ll));
2102 2119
@@ -2173,8 +2190,7 @@ out_status:
2173 __packet_set_status(po, ph, status); 2190 __packet_set_status(po, ph, status);
2174 kfree_skb(skb); 2191 kfree_skb(skb);
2175out_put: 2192out_put:
2176 if (need_rls_dev) 2193 dev_put(dev);
2177 dev_put(dev);
2178out: 2194out:
2179 mutex_unlock(&po->pg_vec_lock); 2195 mutex_unlock(&po->pg_vec_lock);
2180 return err; 2196 return err;
@@ -2212,7 +2228,6 @@ static int packet_snd(struct socket *sock,
2212 struct sk_buff *skb; 2228 struct sk_buff *skb;
2213 struct net_device *dev; 2229 struct net_device *dev;
2214 __be16 proto; 2230 __be16 proto;
2215 bool need_rls_dev = false;
2216 unsigned char *addr; 2231 unsigned char *addr;
2217 int err, reserve = 0; 2232 int err, reserve = 0;
2218 struct virtio_net_hdr vnet_hdr = { 0 }; 2233 struct virtio_net_hdr vnet_hdr = { 0 };
@@ -2228,7 +2243,7 @@ static int packet_snd(struct socket *sock,
2228 */ 2243 */
2229 2244
2230 if (saddr == NULL) { 2245 if (saddr == NULL) {
2231 dev = po->prot_hook.dev; 2246 dev = packet_cached_dev_get(po);
2232 proto = po->num; 2247 proto = po->num;
2233 addr = NULL; 2248 addr = NULL;
2234 } else { 2249 } else {
@@ -2240,19 +2255,17 @@ static int packet_snd(struct socket *sock,
2240 proto = saddr->sll_protocol; 2255 proto = saddr->sll_protocol;
2241 addr = saddr->sll_addr; 2256 addr = saddr->sll_addr;
2242 dev = dev_get_by_index(sock_net(sk), saddr->sll_ifindex); 2257 dev = dev_get_by_index(sock_net(sk), saddr->sll_ifindex);
2243 need_rls_dev = true;
2244 } 2258 }
2245 2259
2246 err = -ENXIO; 2260 err = -ENXIO;
2247 if (dev == NULL) 2261 if (unlikely(dev == NULL))
2248 goto out_unlock; 2262 goto out_unlock;
2249 if (sock->type == SOCK_RAW)
2250 reserve = dev->hard_header_len;
2251
2252 err = -ENETDOWN; 2263 err = -ENETDOWN;
2253 if (!(dev->flags & IFF_UP)) 2264 if (unlikely(!(dev->flags & IFF_UP)))
2254 goto out_unlock; 2265 goto out_unlock;
2255 2266
2267 if (sock->type == SOCK_RAW)
2268 reserve = dev->hard_header_len;
2256 if (po->has_vnet_hdr) { 2269 if (po->has_vnet_hdr) {
2257 vnet_hdr_len = sizeof(vnet_hdr); 2270 vnet_hdr_len = sizeof(vnet_hdr);
2258 2271
@@ -2386,15 +2399,14 @@ static int packet_snd(struct socket *sock,
2386 if (err > 0 && (err = net_xmit_errno(err)) != 0) 2399 if (err > 0 && (err = net_xmit_errno(err)) != 0)
2387 goto out_unlock; 2400 goto out_unlock;
2388 2401
2389 if (need_rls_dev) 2402 dev_put(dev);
2390 dev_put(dev);
2391 2403
2392 return len; 2404 return len;
2393 2405
2394out_free: 2406out_free:
2395 kfree_skb(skb); 2407 kfree_skb(skb);
2396out_unlock: 2408out_unlock:
2397 if (dev && need_rls_dev) 2409 if (dev)
2398 dev_put(dev); 2410 dev_put(dev);
2399out: 2411out:
2400 return err; 2412 return err;
@@ -2614,6 +2626,7 @@ static int packet_create(struct net *net, struct socket *sock, int protocol,
2614 po = pkt_sk(sk); 2626 po = pkt_sk(sk);
2615 sk->sk_family = PF_PACKET; 2627 sk->sk_family = PF_PACKET;
2616 po->num = proto; 2628 po->num = proto;
2629 RCU_INIT_POINTER(po->cached_dev, NULL);
2617 2630
2618 sk->sk_destruct = packet_sock_destruct; 2631 sk->sk_destruct = packet_sock_destruct;
2619 sk_refcnt_debug_inc(sk); 2632 sk_refcnt_debug_inc(sk);
@@ -2660,7 +2673,6 @@ static int packet_recvmsg(struct kiocb *iocb, struct socket *sock,
2660 struct sock *sk = sock->sk; 2673 struct sock *sk = sock->sk;
2661 struct sk_buff *skb; 2674 struct sk_buff *skb;
2662 int copied, err; 2675 int copied, err;
2663 struct sockaddr_ll *sll;
2664 int vnet_hdr_len = 0; 2676 int vnet_hdr_len = 0;
2665 2677
2666 err = -EINVAL; 2678 err = -EINVAL;
@@ -2744,22 +2756,10 @@ static int packet_recvmsg(struct kiocb *iocb, struct socket *sock,
2744 goto out_free; 2756 goto out_free;
2745 } 2757 }
2746 2758
2747 /* 2759 /* You lose any data beyond the buffer you gave. If it worries
2748 * If the address length field is there to be filled in, we fill 2760 * a user program they can ask the device for its MTU
2749 * it in now. 2761 * anyway.
2750 */ 2762 */
2751
2752 sll = &PACKET_SKB_CB(skb)->sa.ll;
2753 if (sock->type == SOCK_PACKET)
2754 msg->msg_namelen = sizeof(struct sockaddr_pkt);
2755 else
2756 msg->msg_namelen = sll->sll_halen + offsetof(struct sockaddr_ll, sll_addr);
2757
2758 /*
2759 * You lose any data beyond the buffer you gave. If it worries a
2760 * user program they can ask the device for its MTU anyway.
2761 */
2762
2763 copied = skb->len; 2763 copied = skb->len;
2764 if (copied > len) { 2764 if (copied > len) {
2765 copied = len; 2765 copied = len;
@@ -2772,9 +2772,20 @@ static int packet_recvmsg(struct kiocb *iocb, struct socket *sock,
2772 2772
2773 sock_recv_ts_and_drops(msg, sk, skb); 2773 sock_recv_ts_and_drops(msg, sk, skb);
2774 2774
2775 if (msg->msg_name) 2775 if (msg->msg_name) {
2776 /* If the address length field is there to be filled
2777 * in, we fill it in now.
2778 */
2779 if (sock->type == SOCK_PACKET) {
2780 msg->msg_namelen = sizeof(struct sockaddr_pkt);
2781 } else {
2782 struct sockaddr_ll *sll = &PACKET_SKB_CB(skb)->sa.ll;
2783 msg->msg_namelen = sll->sll_halen +
2784 offsetof(struct sockaddr_ll, sll_addr);
2785 }
2776 memcpy(msg->msg_name, &PACKET_SKB_CB(skb)->sa, 2786 memcpy(msg->msg_name, &PACKET_SKB_CB(skb)->sa,
2777 msg->msg_namelen); 2787 msg->msg_namelen);
2788 }
2778 2789
2779 if (pkt_sk(sk)->auxdata) { 2790 if (pkt_sk(sk)->auxdata) {
2780 struct tpacket_auxdata aux; 2791 struct tpacket_auxdata aux;
diff --git a/net/packet/internal.h b/net/packet/internal.h
index c4e4b4561207..1035fa2d909c 100644
--- a/net/packet/internal.h
+++ b/net/packet/internal.h
@@ -113,6 +113,7 @@ struct packet_sock {
113 unsigned int tp_loss:1; 113 unsigned int tp_loss:1;
114 unsigned int tp_tx_has_off:1; 114 unsigned int tp_tx_has_off:1;
115 unsigned int tp_tstamp; 115 unsigned int tp_tstamp;
116 struct net_device __rcu *cached_dev;
116 struct packet_type prot_hook ____cacheline_aligned_in_smp; 117 struct packet_type prot_hook ____cacheline_aligned_in_smp;
117}; 118};
118 119
diff --git a/net/rds/recv.c b/net/rds/recv.c
index 9f0f17cf6bf9..de339b24ca14 100644
--- a/net/rds/recv.c
+++ b/net/rds/recv.c
@@ -410,8 +410,6 @@ int rds_recvmsg(struct kiocb *iocb, struct socket *sock, struct msghdr *msg,
410 410
411 rdsdebug("size %zu flags 0x%x timeo %ld\n", size, msg_flags, timeo); 411 rdsdebug("size %zu flags 0x%x timeo %ld\n", size, msg_flags, timeo);
412 412
413 msg->msg_namelen = 0;
414
415 if (msg_flags & MSG_OOB) 413 if (msg_flags & MSG_OOB)
416 goto out; 414 goto out;
417 415
diff --git a/net/rose/af_rose.c b/net/rose/af_rose.c
index e98fcfbe6007..33af77246bfe 100644
--- a/net/rose/af_rose.c
+++ b/net/rose/af_rose.c
@@ -1216,7 +1216,6 @@ static int rose_recvmsg(struct kiocb *iocb, struct socket *sock,
1216{ 1216{
1217 struct sock *sk = sock->sk; 1217 struct sock *sk = sock->sk;
1218 struct rose_sock *rose = rose_sk(sk); 1218 struct rose_sock *rose = rose_sk(sk);
1219 struct sockaddr_rose *srose = (struct sockaddr_rose *)msg->msg_name;
1220 size_t copied; 1219 size_t copied;
1221 unsigned char *asmptr; 1220 unsigned char *asmptr;
1222 struct sk_buff *skb; 1221 struct sk_buff *skb;
@@ -1252,8 +1251,11 @@ static int rose_recvmsg(struct kiocb *iocb, struct socket *sock,
1252 1251
1253 skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied); 1252 skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
1254 1253
1255 if (srose != NULL) { 1254 if (msg->msg_name) {
1256 memset(srose, 0, msg->msg_namelen); 1255 struct sockaddr_rose *srose;
1256
1257 memset(msg->msg_name, 0, sizeof(struct full_sockaddr_rose));
1258 srose = msg->msg_name;
1257 srose->srose_family = AF_ROSE; 1259 srose->srose_family = AF_ROSE;
1258 srose->srose_addr = rose->dest_addr; 1260 srose->srose_addr = rose->dest_addr;
1259 srose->srose_call = rose->dest_call; 1261 srose->srose_call = rose->dest_call;
diff --git a/net/rxrpc/ar-recvmsg.c b/net/rxrpc/ar-recvmsg.c
index 4b48687c3890..898492a8d61b 100644
--- a/net/rxrpc/ar-recvmsg.c
+++ b/net/rxrpc/ar-recvmsg.c
@@ -143,10 +143,13 @@ int rxrpc_recvmsg(struct kiocb *iocb, struct socket *sock,
143 143
144 /* copy the peer address and timestamp */ 144 /* copy the peer address and timestamp */
145 if (!continue_call) { 145 if (!continue_call) {
146 if (msg->msg_name && msg->msg_namelen > 0) 146 if (msg->msg_name) {
147 size_t len =
148 sizeof(call->conn->trans->peer->srx);
147 memcpy(msg->msg_name, 149 memcpy(msg->msg_name,
148 &call->conn->trans->peer->srx, 150 &call->conn->trans->peer->srx, len);
149 sizeof(call->conn->trans->peer->srx)); 151 msg->msg_namelen = len;
152 }
150 sock_recv_ts_and_drops(msg, &rx->sk, skb); 153 sock_recv_ts_and_drops(msg, &rx->sk, skb);
151 } 154 }
152 155
diff --git a/net/socket.c b/net/socket.c
index c226aceee65b..0b18693f2be6 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -221,12 +221,13 @@ static int move_addr_to_user(struct sockaddr_storage *kaddr, int klen,
221 int err; 221 int err;
222 int len; 222 int len;
223 223
224 BUG_ON(klen > sizeof(struct sockaddr_storage));
224 err = get_user(len, ulen); 225 err = get_user(len, ulen);
225 if (err) 226 if (err)
226 return err; 227 return err;
227 if (len > klen) 228 if (len > klen)
228 len = klen; 229 len = klen;
229 if (len < 0 || len > sizeof(struct sockaddr_storage)) 230 if (len < 0)
230 return -EINVAL; 231 return -EINVAL;
231 if (len) { 232 if (len) {
232 if (audit_sockaddr(klen, kaddr)) 233 if (audit_sockaddr(klen, kaddr))
@@ -1840,8 +1841,10 @@ SYSCALL_DEFINE6(recvfrom, int, fd, void __user *, ubuf, size_t, size,
1840 msg.msg_iov = &iov; 1841 msg.msg_iov = &iov;
1841 iov.iov_len = size; 1842 iov.iov_len = size;
1842 iov.iov_base = ubuf; 1843 iov.iov_base = ubuf;
1843 msg.msg_name = (struct sockaddr *)&address; 1844 /* Save some cycles and don't copy the address if not needed */
1844 msg.msg_namelen = sizeof(address); 1845 msg.msg_name = addr ? (struct sockaddr *)&address : NULL;
1846 /* We assume all kernel code knows the size of sockaddr_storage */
1847 msg.msg_namelen = 0;
1845 if (sock->file->f_flags & O_NONBLOCK) 1848 if (sock->file->f_flags & O_NONBLOCK)
1846 flags |= MSG_DONTWAIT; 1849 flags |= MSG_DONTWAIT;
1847 err = sock_recvmsg(sock, &msg, size, flags); 1850 err = sock_recvmsg(sock, &msg, size, flags);
@@ -2221,16 +2224,14 @@ static int ___sys_recvmsg(struct socket *sock, struct msghdr __user *msg,
2221 goto out; 2224 goto out;
2222 } 2225 }
2223 2226
2224 /* 2227 /* Save the user-mode address (verify_iovec will change the
2225 * Save the user-mode address (verify_iovec will change the 2228 * kernel msghdr to use the kernel address space)
2226 * kernel msghdr to use the kernel address space)
2227 */ 2229 */
2228
2229 uaddr = (__force void __user *)msg_sys->msg_name; 2230 uaddr = (__force void __user *)msg_sys->msg_name;
2230 uaddr_len = COMPAT_NAMELEN(msg); 2231 uaddr_len = COMPAT_NAMELEN(msg);
2231 if (MSG_CMSG_COMPAT & flags) { 2232 if (MSG_CMSG_COMPAT & flags)
2232 err = verify_compat_iovec(msg_sys, iov, &addr, VERIFY_WRITE); 2233 err = verify_compat_iovec(msg_sys, iov, &addr, VERIFY_WRITE);
2233 } else 2234 else
2234 err = verify_iovec(msg_sys, iov, &addr, VERIFY_WRITE); 2235 err = verify_iovec(msg_sys, iov, &addr, VERIFY_WRITE);
2235 if (err < 0) 2236 if (err < 0)
2236 goto out_freeiov; 2237 goto out_freeiov;
@@ -2239,6 +2240,9 @@ static int ___sys_recvmsg(struct socket *sock, struct msghdr __user *msg,
2239 cmsg_ptr = (unsigned long)msg_sys->msg_control; 2240 cmsg_ptr = (unsigned long)msg_sys->msg_control;
2240 msg_sys->msg_flags = flags & (MSG_CMSG_CLOEXEC|MSG_CMSG_COMPAT); 2241 msg_sys->msg_flags = flags & (MSG_CMSG_CLOEXEC|MSG_CMSG_COMPAT);
2241 2242
2243 /* We assume all kernel code knows the size of sockaddr_storage */
2244 msg_sys->msg_namelen = 0;
2245
2242 if (sock->file->f_flags & O_NONBLOCK) 2246 if (sock->file->f_flags & O_NONBLOCK)
2243 flags |= MSG_DONTWAIT; 2247 flags |= MSG_DONTWAIT;
2244 err = (nosec ? sock_recvmsg_nosec : sock_recvmsg)(sock, msg_sys, 2248 err = (nosec ? sock_recvmsg_nosec : sock_recvmsg)(sock, msg_sys,
diff --git a/net/tipc/socket.c b/net/tipc/socket.c
index 3906527259d1..3b61851bb927 100644
--- a/net/tipc/socket.c
+++ b/net/tipc/socket.c
@@ -980,9 +980,6 @@ static int recv_msg(struct kiocb *iocb, struct socket *sock,
980 goto exit; 980 goto exit;
981 } 981 }
982 982
983 /* will be updated in set_orig_addr() if needed */
984 m->msg_namelen = 0;
985
986 timeout = sock_rcvtimeo(sk, flags & MSG_DONTWAIT); 983 timeout = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
987restart: 984restart:
988 985
@@ -1091,9 +1088,6 @@ static int recv_stream(struct kiocb *iocb, struct socket *sock,
1091 goto exit; 1088 goto exit;
1092 } 1089 }
1093 1090
1094 /* will be updated in set_orig_addr() if needed */
1095 m->msg_namelen = 0;
1096
1097 target = sock_rcvlowat(sk, flags & MSG_WAITALL, buf_len); 1091 target = sock_rcvlowat(sk, flags & MSG_WAITALL, buf_len);
1098 timeout = sock_rcvtimeo(sk, flags & MSG_DONTWAIT); 1092 timeout = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
1099 1093
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index c1f403bed683..01625ccc3ae6 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -1754,7 +1754,6 @@ static void unix_copy_addr(struct msghdr *msg, struct sock *sk)
1754{ 1754{
1755 struct unix_sock *u = unix_sk(sk); 1755 struct unix_sock *u = unix_sk(sk);
1756 1756
1757 msg->msg_namelen = 0;
1758 if (u->addr) { 1757 if (u->addr) {
1759 msg->msg_namelen = u->addr->len; 1758 msg->msg_namelen = u->addr->len;
1760 memcpy(msg->msg_name, u->addr->name, u->addr->len); 1759 memcpy(msg->msg_name, u->addr->name, u->addr->len);
@@ -1778,8 +1777,6 @@ static int unix_dgram_recvmsg(struct kiocb *iocb, struct socket *sock,
1778 if (flags&MSG_OOB) 1777 if (flags&MSG_OOB)
1779 goto out; 1778 goto out;
1780 1779
1781 msg->msg_namelen = 0;
1782
1783 err = mutex_lock_interruptible(&u->readlock); 1780 err = mutex_lock_interruptible(&u->readlock);
1784 if (err) { 1781 if (err) {
1785 err = sock_intr_errno(sock_rcvtimeo(sk, noblock)); 1782 err = sock_intr_errno(sock_rcvtimeo(sk, noblock));
@@ -1924,8 +1921,6 @@ static int unix_stream_recvmsg(struct kiocb *iocb, struct socket *sock,
1924 target = sock_rcvlowat(sk, flags&MSG_WAITALL, size); 1921 target = sock_rcvlowat(sk, flags&MSG_WAITALL, size);
1925 timeo = sock_rcvtimeo(sk, flags&MSG_DONTWAIT); 1922 timeo = sock_rcvtimeo(sk, flags&MSG_DONTWAIT);
1926 1923
1927 msg->msg_namelen = 0;
1928
1929 /* Lock the socket to prevent queue disordering 1924 /* Lock the socket to prevent queue disordering
1930 * while sleeps in memcpy_tomsg 1925 * while sleeps in memcpy_tomsg
1931 */ 1926 */
diff --git a/net/vmw_vsock/af_vsock.c b/net/vmw_vsock/af_vsock.c
index 545c08b8a1d4..5adfd94c5b85 100644
--- a/net/vmw_vsock/af_vsock.c
+++ b/net/vmw_vsock/af_vsock.c
@@ -1662,8 +1662,6 @@ vsock_stream_recvmsg(struct kiocb *kiocb,
1662 vsk = vsock_sk(sk); 1662 vsk = vsock_sk(sk);
1663 err = 0; 1663 err = 0;
1664 1664
1665 msg->msg_namelen = 0;
1666
1667 lock_sock(sk); 1665 lock_sock(sk);
1668 1666
1669 if (sk->sk_state != SS_CONNECTED) { 1667 if (sk->sk_state != SS_CONNECTED) {
diff --git a/net/vmw_vsock/vmci_transport.c b/net/vmw_vsock/vmci_transport.c
index 9d6986634e0b..687360da62d9 100644
--- a/net/vmw_vsock/vmci_transport.c
+++ b/net/vmw_vsock/vmci_transport.c
@@ -1746,8 +1746,6 @@ static int vmci_transport_dgram_dequeue(struct kiocb *kiocb,
1746 if (flags & MSG_OOB || flags & MSG_ERRQUEUE) 1746 if (flags & MSG_OOB || flags & MSG_ERRQUEUE)
1747 return -EOPNOTSUPP; 1747 return -EOPNOTSUPP;
1748 1748
1749 msg->msg_namelen = 0;
1750
1751 /* Retrieve the head sk_buff from the socket's receive queue. */ 1749 /* Retrieve the head sk_buff from the socket's receive queue. */
1752 err = 0; 1750 err = 0;
1753 skb = skb_recv_datagram(&vsk->sk, flags, noblock, &err); 1751 skb = skb_recv_datagram(&vsk->sk, flags, noblock, &err);
diff --git a/net/wimax/stack.c b/net/wimax/stack.c
index ef2191b969a7..ec8b577db135 100644
--- a/net/wimax/stack.c
+++ b/net/wimax/stack.c
@@ -610,7 +610,6 @@ int __init wimax_subsys_init(void)
610 d_fnend(4, NULL, "() = 0\n"); 610 d_fnend(4, NULL, "() = 0\n");
611 return 0; 611 return 0;
612 612
613 genl_unregister_family(&wimax_gnl_family);
614error_register_family: 613error_register_family:
615 d_fnend(4, NULL, "() = %d\n", result); 614 d_fnend(4, NULL, "() = %d\n", result);
616 return result; 615 return result;
diff --git a/net/x25/af_x25.c b/net/x25/af_x25.c
index 45a3ab5612c1..7622789d3750 100644
--- a/net/x25/af_x25.c
+++ b/net/x25/af_x25.c
@@ -1340,10 +1340,9 @@ static int x25_recvmsg(struct kiocb *iocb, struct socket *sock,
1340 if (sx25) { 1340 if (sx25) {
1341 sx25->sx25_family = AF_X25; 1341 sx25->sx25_family = AF_X25;
1342 sx25->sx25_addr = x25->dest_addr; 1342 sx25->sx25_addr = x25->dest_addr;
1343 msg->msg_namelen = sizeof(*sx25);
1343 } 1344 }
1344 1345
1345 msg->msg_namelen = sizeof(struct sockaddr_x25);
1346
1347 x25_check_rbuf(sk); 1346 x25_check_rbuf(sk);
1348 rc = copied; 1347 rc = copied;
1349out_free_dgram: 1348out_free_dgram:
generated by cgit v1.2.2 (git 2.25.0) at 2025-01-09 22:48:19 -0500