Magellan Linux

Contents of /trunk/kernel-alx/patches-3.14/0107-3.14.8-all-fixes.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 2506 - (show annotations) (download)
Fri Oct 17 07:55:45 2014 UTC (10 years ago) by niro
File size: 19842 byte(s)
-patches for 3.14
1 diff --git a/Makefile b/Makefile
2 index f2d1225828c2..ef1d59b750ea 100644
3 --- a/Makefile
4 +++ b/Makefile
5 @@ -1,6 +1,6 @@
6 VERSION = 3
7 PATCHLEVEL = 14
8 -SUBLEVEL = 7
9 +SUBLEVEL = 8
10 EXTRAVERSION =
11 NAME = Remembering Coco
12
13 diff --git a/arch/mips/include/asm/thread_info.h b/arch/mips/include/asm/thread_info.h
14 index 24846f9053fe..e80ae50cae80 100644
15 --- a/arch/mips/include/asm/thread_info.h
16 +++ b/arch/mips/include/asm/thread_info.h
17 @@ -136,7 +136,8 @@ static inline struct thread_info *current_thread_info(void)
18 #define _TIF_SYSCALL_TRACEPOINT (1<<TIF_SYSCALL_TRACEPOINT)
19
20 #define _TIF_WORK_SYSCALL_ENTRY (_TIF_NOHZ | _TIF_SYSCALL_TRACE | \
21 - _TIF_SYSCALL_AUDIT | _TIF_SYSCALL_TRACEPOINT)
22 + _TIF_SYSCALL_AUDIT | \
23 + _TIF_SYSCALL_TRACEPOINT | _TIF_SECCOMP)
24
25 /* work to do in syscall_trace_leave() */
26 #define _TIF_WORK_SYSCALL_EXIT (_TIF_NOHZ | _TIF_SYSCALL_TRACE | \
27 diff --git a/drivers/ata/ahci.c b/drivers/ata/ahci.c
28 index 8f18342540d8..9aa42998d757 100644
29 --- a/drivers/ata/ahci.c
30 +++ b/drivers/ata/ahci.c
31 @@ -446,10 +446,14 @@ static const struct pci_device_id ahci_pci_tbl[] = {
32 .driver_data = board_ahci_yes_fbs }, /* 88se9172 */
33 { PCI_DEVICE(PCI_VENDOR_ID_MARVELL_EXT, 0x9192),
34 .driver_data = board_ahci_yes_fbs }, /* 88se9172 on some Gigabyte */
35 + { PCI_DEVICE(PCI_VENDOR_ID_MARVELL_EXT, 0x91a0),
36 + .driver_data = board_ahci_yes_fbs },
37 { PCI_DEVICE(PCI_VENDOR_ID_MARVELL_EXT, 0x91a3),
38 .driver_data = board_ahci_yes_fbs },
39 { PCI_DEVICE(PCI_VENDOR_ID_MARVELL_EXT, 0x9230),
40 .driver_data = board_ahci_yes_fbs },
41 + { PCI_DEVICE(PCI_VENDOR_ID_TTI, 0x0642),
42 + .driver_data = board_ahci_yes_fbs },
43
44 /* Promise */
45 { PCI_VDEVICE(PROMISE, 0x3f20), board_ahci }, /* PDC42819 */
46 diff --git a/drivers/infiniband/ulp/isert/ib_isert.c b/drivers/infiniband/ulp/isert/ib_isert.c
47 index b7794792760d..091169152f77 100644
48 --- a/drivers/infiniband/ulp/isert/ib_isert.c
49 +++ b/drivers/infiniband/ulp/isert/ib_isert.c
50 @@ -489,6 +489,14 @@ isert_connect_request(struct rdma_cm_id *cma_id, struct rdma_cm_event *event)
51 struct ib_device *ib_dev = cma_id->device;
52 int ret = 0;
53
54 + spin_lock_bh(&np->np_thread_lock);
55 + if (!np->enabled) {
56 + spin_unlock_bh(&np->np_thread_lock);
57 + pr_debug("iscsi_np is not enabled, reject connect request\n");
58 + return rdma_reject(cma_id, NULL, 0);
59 + }
60 + spin_unlock_bh(&np->np_thread_lock);
61 +
62 pr_debug("Entering isert_connect_request cma_id: %p, context: %p\n",
63 cma_id, cma_id->context);
64
65 diff --git a/drivers/media/dvb-core/dvb-usb-ids.h b/drivers/media/dvb-core/dvb-usb-ids.h
66 index f19a2ccd1e4b..80643ef9183f 100644
67 --- a/drivers/media/dvb-core/dvb-usb-ids.h
68 +++ b/drivers/media/dvb-core/dvb-usb-ids.h
69 @@ -257,6 +257,7 @@
70 #define USB_PID_TERRATEC_T5 0x10a1
71 #define USB_PID_NOXON_DAB_STICK 0x00b3
72 #define USB_PID_NOXON_DAB_STICK_REV2 0x00e0
73 +#define USB_PID_NOXON_DAB_STICK_REV3 0x00b4
74 #define USB_PID_PINNACLE_EXPRESSCARD_320CX 0x022e
75 #define USB_PID_PINNACLE_PCTV2000E 0x022c
76 #define USB_PID_PINNACLE_PCTV_DVB_T_FLASH 0x0228
77 @@ -360,6 +361,7 @@
78 #define USB_PID_FRIIO_WHITE 0x0001
79 #define USB_PID_TVWAY_PLUS 0x0002
80 #define USB_PID_SVEON_STV20 0xe39d
81 +#define USB_PID_SVEON_STV20_RTL2832U 0xd39d
82 #define USB_PID_SVEON_STV22 0xe401
83 #define USB_PID_SVEON_STV22_IT9137 0xe411
84 #define USB_PID_AZUREWAVE_AZ6027 0x3275
85 @@ -374,4 +376,5 @@
86 #define USB_PID_CTVDIGDUAL_V2 0xe410
87 #define USB_PID_PCTV_2002E 0x025c
88 #define USB_PID_PCTV_2002E_SE 0x025d
89 +#define USB_PID_SVEON_STV27 0xd3af
90 #endif
91 diff --git a/drivers/media/usb/dvb-usb-v2/rtl28xxu.c b/drivers/media/usb/dvb-usb-v2/rtl28xxu.c
92 index fda5c64ba0e8..fd1312d0b078 100644
93 --- a/drivers/media/usb/dvb-usb-v2/rtl28xxu.c
94 +++ b/drivers/media/usb/dvb-usb-v2/rtl28xxu.c
95 @@ -1382,6 +1382,7 @@ static const struct dvb_usb_device_properties rtl2832u_props = {
96 };
97
98 static const struct usb_device_id rtl28xxu_id_table[] = {
99 + /* RTL2831U devices: */
100 { DVB_USB_DEVICE(USB_VID_REALTEK, USB_PID_REALTEK_RTL2831U,
101 &rtl2831u_props, "Realtek RTL2831U reference design", NULL) },
102 { DVB_USB_DEVICE(USB_VID_WIDEVIEW, USB_PID_FREECOM_DVBT,
103 @@ -1389,6 +1390,7 @@ static const struct usb_device_id rtl28xxu_id_table[] = {
104 { DVB_USB_DEVICE(USB_VID_WIDEVIEW, USB_PID_FREECOM_DVBT_2,
105 &rtl2831u_props, "Freecom USB2.0 DVB-T", NULL) },
106
107 + /* RTL2832U devices: */
108 { DVB_USB_DEVICE(USB_VID_REALTEK, 0x2832,
109 &rtl2832u_props, "Realtek RTL2832U reference design", NULL) },
110 { DVB_USB_DEVICE(USB_VID_REALTEK, 0x2838,
111 @@ -1401,6 +1403,8 @@ static const struct usb_device_id rtl28xxu_id_table[] = {
112 &rtl2832u_props, "TerraTec NOXON DAB Stick", NULL) },
113 { DVB_USB_DEVICE(USB_VID_TERRATEC, USB_PID_NOXON_DAB_STICK_REV2,
114 &rtl2832u_props, "TerraTec NOXON DAB Stick (rev 2)", NULL) },
115 + { DVB_USB_DEVICE(USB_VID_TERRATEC, USB_PID_NOXON_DAB_STICK_REV3,
116 + &rtl2832u_props, "TerraTec NOXON DAB Stick (rev 3)", NULL) },
117 { DVB_USB_DEVICE(USB_VID_GTEK, USB_PID_TREKSTOR_TERRES_2_0,
118 &rtl2832u_props, "Trekstor DVB-T Stick Terres 2.0", NULL) },
119 { DVB_USB_DEVICE(USB_VID_DEXATEK, 0x1101,
120 @@ -1429,7 +1433,16 @@ static const struct usb_device_id rtl28xxu_id_table[] = {
121 &rtl2832u_props, "Leadtek WinFast DTV Dongle mini", NULL) },
122 { DVB_USB_DEVICE(USB_VID_GTEK, USB_PID_CPYTO_REDI_PC50A,
123 &rtl2832u_props, "Crypto ReDi PC 50 A", NULL) },
124 -
125 + { DVB_USB_DEVICE(USB_VID_KYE, 0x707f,
126 + &rtl2832u_props, "Genius TVGo DVB-T03", NULL) },
127 + { DVB_USB_DEVICE(USB_VID_KWORLD_2, 0xd395,
128 + &rtl2832u_props, "Peak DVB-T USB", NULL) },
129 + { DVB_USB_DEVICE(USB_VID_KWORLD_2, USB_PID_SVEON_STV20_RTL2832U,
130 + &rtl2832u_props, "Sveon STV20", NULL) },
131 + { DVB_USB_DEVICE(USB_VID_KWORLD_2, USB_PID_SVEON_STV27,
132 + &rtl2832u_props, "Sveon STV27", NULL) },
133 +
134 + /* RTL2832P devices: */
135 { DVB_USB_DEVICE(USB_VID_HANFTEK, 0x0131,
136 &rtl2832u_props, "Astrometa DVB-T2", NULL) },
137 { }
138 diff --git a/drivers/misc/mei/hw-me.c b/drivers/misc/mei/hw-me.c
139 index 6f656c053b14..fbc4a7bbdfa9 100644
140 --- a/drivers/misc/mei/hw-me.c
141 +++ b/drivers/misc/mei/hw-me.c
142 @@ -164,6 +164,9 @@ static void mei_me_hw_reset_release(struct mei_device *dev)
143 hcsr |= H_IG;
144 hcsr &= ~H_RST;
145 mei_hcsr_set(hw, hcsr);
146 +
147 + /* complete this write before we set host ready on another CPU */
148 + mmiowb();
149 }
150 /**
151 * mei_me_hw_reset - resets fw via mei csr register.
152 @@ -183,8 +186,21 @@ static int mei_me_hw_reset(struct mei_device *dev, bool intr_enable)
153 else
154 hcsr &= ~H_IE;
155
156 + dev->recvd_hw_ready = false;
157 mei_me_reg_write(hw, H_CSR, hcsr);
158
159 + /*
160 + * Host reads the H_CSR once to ensure that the
161 + * posted write to H_CSR completes.
162 + */
163 + hcsr = mei_hcsr_read(hw);
164 +
165 + if ((hcsr & H_RST) == 0)
166 + dev_warn(&dev->pdev->dev, "H_RST is not set = 0x%08X", hcsr);
167 +
168 + if ((hcsr & H_RDY) == H_RDY)
169 + dev_warn(&dev->pdev->dev, "H_RDY is not cleared 0x%08X", hcsr);
170 +
171 if (intr_enable == false)
172 mei_me_hw_reset_release(dev);
173
174 @@ -201,6 +217,7 @@ static int mei_me_hw_reset(struct mei_device *dev, bool intr_enable)
175 static void mei_me_host_set_ready(struct mei_device *dev)
176 {
177 struct mei_me_hw *hw = to_me_hw(dev);
178 + hw->host_hw_state = mei_hcsr_read(hw);
179 hw->host_hw_state |= H_IE | H_IG | H_RDY;
180 mei_hcsr_set(hw, hw->host_hw_state);
181 }
182 @@ -233,10 +250,7 @@ static bool mei_me_hw_is_ready(struct mei_device *dev)
183 static int mei_me_hw_ready_wait(struct mei_device *dev)
184 {
185 int err;
186 - if (mei_me_hw_is_ready(dev))
187 - return 0;
188
189 - dev->recvd_hw_ready = false;
190 mutex_unlock(&dev->device_lock);
191 err = wait_event_interruptible_timeout(dev->wait_hw_ready,
192 dev->recvd_hw_ready,
193 @@ -491,14 +505,13 @@ irqreturn_t mei_me_irq_thread_handler(int irq, void *dev_id)
194 /* check if we need to start the dev */
195 if (!mei_host_is_ready(dev)) {
196 if (mei_hw_is_ready(dev)) {
197 + mei_me_hw_reset_release(dev);
198 dev_dbg(&dev->pdev->dev, "we need to start the dev.\n");
199
200 dev->recvd_hw_ready = true;
201 wake_up_interruptible(&dev->wait_hw_ready);
202 } else {
203 -
204 - dev_dbg(&dev->pdev->dev, "Reset Completed.\n");
205 - mei_me_hw_reset_release(dev);
206 + dev_dbg(&dev->pdev->dev, "Spurious Interrupt\n");
207 }
208 goto end;
209 }
210 diff --git a/drivers/pci/msi.c b/drivers/pci/msi.c
211 index 955ab7990c5b..fb02fc2fb034 100644
212 --- a/drivers/pci/msi.c
213 +++ b/drivers/pci/msi.c
214 @@ -414,7 +414,7 @@ static void free_msi_irqs(struct pci_dev *dev)
215 if (dev->msi_irq_groups) {
216 sysfs_remove_groups(&dev->dev.kobj, dev->msi_irq_groups);
217 msi_attrs = dev->msi_irq_groups[0]->attrs;
218 - list_for_each_entry(entry, &dev->msi_list, list) {
219 + while (msi_attrs[count]) {
220 dev_attr = container_of(msi_attrs[count],
221 struct device_attribute, attr);
222 kfree(dev_attr->attr.name);
223 diff --git a/drivers/target/iscsi/iscsi_target.c b/drivers/target/iscsi/iscsi_target.c
224 index 86b92d95ac10..39a34da5260f 100644
225 --- a/drivers/target/iscsi/iscsi_target.c
226 +++ b/drivers/target/iscsi/iscsi_target.c
227 @@ -460,6 +460,7 @@ int iscsit_del_np(struct iscsi_np *np)
228 spin_lock_bh(&np->np_thread_lock);
229 np->np_exports--;
230 if (np->np_exports) {
231 + np->enabled = true;
232 spin_unlock_bh(&np->np_thread_lock);
233 return 0;
234 }
235 diff --git a/drivers/target/iscsi/iscsi_target_core.h b/drivers/target/iscsi/iscsi_target_core.h
236 index 48f7b3bf4e8c..1d4a8c86551f 100644
237 --- a/drivers/target/iscsi/iscsi_target_core.h
238 +++ b/drivers/target/iscsi/iscsi_target_core.h
239 @@ -773,6 +773,7 @@ struct iscsi_np {
240 int np_ip_proto;
241 int np_sock_type;
242 enum np_thread_state_table np_thread_state;
243 + bool enabled;
244 enum iscsi_timer_flags_table np_login_timer_flags;
245 u32 np_exports;
246 enum np_flags_table np_flags;
247 diff --git a/drivers/target/iscsi/iscsi_target_login.c b/drivers/target/iscsi/iscsi_target_login.c
248 index 369ef10e8077..cad6fdcc64da 100644
249 --- a/drivers/target/iscsi/iscsi_target_login.c
250 +++ b/drivers/target/iscsi/iscsi_target_login.c
251 @@ -981,6 +981,7 @@ int iscsi_target_setup_login_socket(
252 }
253
254 np->np_transport = t;
255 + np->enabled = true;
256 return 0;
257 }
258
259 diff --git a/drivers/target/iscsi/iscsi_target_tpg.c b/drivers/target/iscsi/iscsi_target_tpg.c
260 index 44a5471de00f..d875f7972325 100644
261 --- a/drivers/target/iscsi/iscsi_target_tpg.c
262 +++ b/drivers/target/iscsi/iscsi_target_tpg.c
263 @@ -184,6 +184,8 @@ static void iscsit_clear_tpg_np_login_thread(
264 return;
265 }
266
267 + if (shutdown)
268 + tpg_np->tpg_np->enabled = false;
269 iscsit_reset_np_thread(tpg_np->tpg_np, tpg_np, tpg, shutdown);
270 }
271
272 diff --git a/drivers/target/target_core_alua.c b/drivers/target/target_core_alua.c
273 index c3d9df6aaf5f..f0f0cc0e5752 100644
274 --- a/drivers/target/target_core_alua.c
275 +++ b/drivers/target/target_core_alua.c
276 @@ -564,7 +564,16 @@ static inline int core_alua_state_standby(
277 case REPORT_LUNS:
278 case RECEIVE_DIAGNOSTIC:
279 case SEND_DIAGNOSTIC:
280 + case READ_CAPACITY:
281 return 0;
282 + case SERVICE_ACTION_IN:
283 + switch (cdb[1] & 0x1f) {
284 + case SAI_READ_CAPACITY_16:
285 + return 0;
286 + default:
287 + *alua_ascq = ASCQ_04H_ALUA_TG_PT_STANDBY;
288 + return 1;
289 + }
290 case MAINTENANCE_IN:
291 switch (cdb[1] & 0x1f) {
292 case MI_REPORT_TARGET_PGS:
293 diff --git a/fs/attr.c b/fs/attr.c
294 index 5d4e59d56e85..6530ced19697 100644
295 --- a/fs/attr.c
296 +++ b/fs/attr.c
297 @@ -50,14 +50,14 @@ int inode_change_ok(const struct inode *inode, struct iattr *attr)
298 if ((ia_valid & ATTR_UID) &&
299 (!uid_eq(current_fsuid(), inode->i_uid) ||
300 !uid_eq(attr->ia_uid, inode->i_uid)) &&
301 - !inode_capable(inode, CAP_CHOWN))
302 + !capable_wrt_inode_uidgid(inode, CAP_CHOWN))
303 return -EPERM;
304
305 /* Make sure caller can chgrp. */
306 if ((ia_valid & ATTR_GID) &&
307 (!uid_eq(current_fsuid(), inode->i_uid) ||
308 (!in_group_p(attr->ia_gid) && !gid_eq(attr->ia_gid, inode->i_gid))) &&
309 - !inode_capable(inode, CAP_CHOWN))
310 + !capable_wrt_inode_uidgid(inode, CAP_CHOWN))
311 return -EPERM;
312
313 /* Make sure a caller can chmod. */
314 @@ -67,7 +67,7 @@ int inode_change_ok(const struct inode *inode, struct iattr *attr)
315 /* Also check the setgid bit! */
316 if (!in_group_p((ia_valid & ATTR_GID) ? attr->ia_gid :
317 inode->i_gid) &&
318 - !inode_capable(inode, CAP_FSETID))
319 + !capable_wrt_inode_uidgid(inode, CAP_FSETID))
320 attr->ia_mode &= ~S_ISGID;
321 }
322
323 @@ -160,7 +160,7 @@ void setattr_copy(struct inode *inode, const struct iattr *attr)
324 umode_t mode = attr->ia_mode;
325
326 if (!in_group_p(inode->i_gid) &&
327 - !inode_capable(inode, CAP_FSETID))
328 + !capable_wrt_inode_uidgid(inode, CAP_FSETID))
329 mode &= ~S_ISGID;
330 inode->i_mode = mode;
331 }
332 diff --git a/fs/inode.c b/fs/inode.c
333 index 4bcdad3c9361..e846a32e8d6e 100644
334 --- a/fs/inode.c
335 +++ b/fs/inode.c
336 @@ -1840,14 +1840,18 @@ EXPORT_SYMBOL(inode_init_owner);
337 * inode_owner_or_capable - check current task permissions to inode
338 * @inode: inode being checked
339 *
340 - * Return true if current either has CAP_FOWNER to the inode, or
341 - * owns the file.
342 + * Return true if current either has CAP_FOWNER in a namespace with the
343 + * inode owner uid mapped, or owns the file.
344 */
345 bool inode_owner_or_capable(const struct inode *inode)
346 {
347 + struct user_namespace *ns;
348 +
349 if (uid_eq(current_fsuid(), inode->i_uid))
350 return true;
351 - if (inode_capable(inode, CAP_FOWNER))
352 +
353 + ns = current_user_ns();
354 + if (ns_capable(ns, CAP_FOWNER) && kuid_has_mapping(ns, inode->i_uid))
355 return true;
356 return false;
357 }
358 diff --git a/fs/namei.c b/fs/namei.c
359 index 4a3c105cf703..8274c8d39b03 100644
360 --- a/fs/namei.c
361 +++ b/fs/namei.c
362 @@ -332,10 +332,11 @@ int generic_permission(struct inode *inode, int mask)
363
364 if (S_ISDIR(inode->i_mode)) {
365 /* DACs are overridable for directories */
366 - if (inode_capable(inode, CAP_DAC_OVERRIDE))
367 + if (capable_wrt_inode_uidgid(inode, CAP_DAC_OVERRIDE))
368 return 0;
369 if (!(mask & MAY_WRITE))
370 - if (inode_capable(inode, CAP_DAC_READ_SEARCH))
371 + if (capable_wrt_inode_uidgid(inode,
372 + CAP_DAC_READ_SEARCH))
373 return 0;
374 return -EACCES;
375 }
376 @@ -345,7 +346,7 @@ int generic_permission(struct inode *inode, int mask)
377 * at least one exec bit set.
378 */
379 if (!(mask & MAY_EXEC) || (inode->i_mode & S_IXUGO))
380 - if (inode_capable(inode, CAP_DAC_OVERRIDE))
381 + if (capable_wrt_inode_uidgid(inode, CAP_DAC_OVERRIDE))
382 return 0;
383
384 /*
385 @@ -353,7 +354,7 @@ int generic_permission(struct inode *inode, int mask)
386 */
387 mask &= MAY_READ | MAY_WRITE | MAY_EXEC;
388 if (mask == MAY_READ)
389 - if (inode_capable(inode, CAP_DAC_READ_SEARCH))
390 + if (capable_wrt_inode_uidgid(inode, CAP_DAC_READ_SEARCH))
391 return 0;
392
393 return -EACCES;
394 @@ -2370,7 +2371,7 @@ static inline int check_sticky(struct inode *dir, struct inode *inode)
395 return 0;
396 if (uid_eq(dir->i_uid, fsuid))
397 return 0;
398 - return !inode_capable(inode, CAP_FOWNER);
399 + return !capable_wrt_inode_uidgid(inode, CAP_FOWNER);
400 }
401
402 /*
403 diff --git a/fs/xfs/xfs_ioctl.c b/fs/xfs/xfs_ioctl.c
404 index bcfe61202115..78e62cc471c5 100644
405 --- a/fs/xfs/xfs_ioctl.c
406 +++ b/fs/xfs/xfs_ioctl.c
407 @@ -1241,7 +1241,7 @@ xfs_ioctl_setattr(
408 * cleared upon successful return from chown()
409 */
410 if ((ip->i_d.di_mode & (S_ISUID|S_ISGID)) &&
411 - !inode_capable(VFS_I(ip), CAP_FSETID))
412 + !capable_wrt_inode_uidgid(VFS_I(ip), CAP_FSETID))
413 ip->i_d.di_mode &= ~(S_ISUID|S_ISGID);
414
415 /*
416 diff --git a/include/linux/capability.h b/include/linux/capability.h
417 index a6ee1f9a5018..84b13ad67c1c 100644
418 --- a/include/linux/capability.h
419 +++ b/include/linux/capability.h
420 @@ -210,7 +210,7 @@ extern bool has_ns_capability_noaudit(struct task_struct *t,
421 struct user_namespace *ns, int cap);
422 extern bool capable(int cap);
423 extern bool ns_capable(struct user_namespace *ns, int cap);
424 -extern bool inode_capable(const struct inode *inode, int cap);
425 +extern bool capable_wrt_inode_uidgid(const struct inode *inode, int cap);
426 extern bool file_ns_capable(const struct file *file, struct user_namespace *ns, int cap);
427
428 /* audit system wants to get cap info from files as well */
429 diff --git a/kernel/auditsc.c b/kernel/auditsc.c
430 index 3b29605ea1b2..37e621606807 100644
431 --- a/kernel/auditsc.c
432 +++ b/kernel/auditsc.c
433 @@ -720,6 +720,22 @@ static enum audit_state audit_filter_task(struct task_struct *tsk, char **key)
434 return AUDIT_BUILD_CONTEXT;
435 }
436
437 +static int audit_in_mask(const struct audit_krule *rule, unsigned long val)
438 +{
439 + int word, bit;
440 +
441 + if (val > 0xffffffff)
442 + return false;
443 +
444 + word = AUDIT_WORD(val);
445 + if (word >= AUDIT_BITMASK_SIZE)
446 + return false;
447 +
448 + bit = AUDIT_BIT(val);
449 +
450 + return rule->mask[word] & bit;
451 +}
452 +
453 /* At syscall entry and exit time, this filter is called if the
454 * audit_state is not low enough that auditing cannot take place, but is
455 * also not high enough that we already know we have to write an audit
456 @@ -737,11 +753,8 @@ static enum audit_state audit_filter_syscall(struct task_struct *tsk,
457
458 rcu_read_lock();
459 if (!list_empty(list)) {
460 - int word = AUDIT_WORD(ctx->major);
461 - int bit = AUDIT_BIT(ctx->major);
462 -
463 list_for_each_entry_rcu(e, list, list) {
464 - if ((e->rule.mask[word] & bit) == bit &&
465 + if (audit_in_mask(&e->rule, ctx->major) &&
466 audit_filter_rules(tsk, &e->rule, ctx, NULL,
467 &state, false)) {
468 rcu_read_unlock();
469 @@ -761,20 +774,16 @@ static enum audit_state audit_filter_syscall(struct task_struct *tsk,
470 static int audit_filter_inode_name(struct task_struct *tsk,
471 struct audit_names *n,
472 struct audit_context *ctx) {
473 - int word, bit;
474 int h = audit_hash_ino((u32)n->ino);
475 struct list_head *list = &audit_inode_hash[h];
476 struct audit_entry *e;
477 enum audit_state state;
478
479 - word = AUDIT_WORD(ctx->major);
480 - bit = AUDIT_BIT(ctx->major);
481 -
482 if (list_empty(list))
483 return 0;
484
485 list_for_each_entry_rcu(e, list, list) {
486 - if ((e->rule.mask[word] & bit) == bit &&
487 + if (audit_in_mask(&e->rule, ctx->major) &&
488 audit_filter_rules(tsk, &e->rule, ctx, n, &state, false)) {
489 ctx->current_state = state;
490 return 1;
491 diff --git a/kernel/capability.c b/kernel/capability.c
492 index 34019c57888d..1191a44786df 100644
493 --- a/kernel/capability.c
494 +++ b/kernel/capability.c
495 @@ -433,23 +433,19 @@ bool capable(int cap)
496 EXPORT_SYMBOL(capable);
497
498 /**
499 - * inode_capable - Check superior capability over inode
500 + * capable_wrt_inode_uidgid - Check nsown_capable and uid and gid mapped
501 * @inode: The inode in question
502 * @cap: The capability in question
503 *
504 - * Return true if the current task has the given superior capability
505 - * targeted at it's own user namespace and that the given inode is owned
506 - * by the current user namespace or a child namespace.
507 - *
508 - * Currently we check to see if an inode is owned by the current
509 - * user namespace by seeing if the inode's owner maps into the
510 - * current user namespace.
511 - *
512 + * Return true if the current task has the given capability targeted at
513 + * its own user namespace and that the given inode's uid and gid are
514 + * mapped into the current user namespace.
515 */
516 -bool inode_capable(const struct inode *inode, int cap)
517 +bool capable_wrt_inode_uidgid(const struct inode *inode, int cap)
518 {
519 struct user_namespace *ns = current_user_ns();
520
521 - return ns_capable(ns, cap) && kuid_has_mapping(ns, inode->i_uid);
522 + return ns_capable(ns, cap) && kuid_has_mapping(ns, inode->i_uid) &&
523 + kgid_has_mapping(ns, inode->i_gid);
524 }
525 -EXPORT_SYMBOL(inode_capable);
526 +EXPORT_SYMBOL(capable_wrt_inode_uidgid);
527 diff --git a/net/ipv4/netfilter/nf_defrag_ipv4.c b/net/ipv4/netfilter/nf_defrag_ipv4.c
528 index 12e13bd82b5b..f40f321b41fc 100644
529 --- a/net/ipv4/netfilter/nf_defrag_ipv4.c
530 +++ b/net/ipv4/netfilter/nf_defrag_ipv4.c
531 @@ -22,7 +22,6 @@
532 #endif
533 #include <net/netfilter/nf_conntrack_zones.h>
534
535 -/* Returns new sk_buff, or NULL */
536 static int nf_ct_ipv4_gather_frags(struct sk_buff *skb, u_int32_t user)
537 {
538 int err;
539 @@ -33,8 +32,10 @@ static int nf_ct_ipv4_gather_frags(struct sk_buff *skb, u_int32_t user)
540 err = ip_defrag(skb, user);
541 local_bh_enable();
542
543 - if (!err)
544 + if (!err) {
545 ip_send_check(ip_hdr(skb));
546 + skb->local_df = 1;
547 + }
548
549 return err;
550 }