sys-kernel/longterm-sources: Bump 4.19HEADmaster

1775 files changed, 401923 insertions, 399633 deletions

diff --git a/sys-kernel/boest-v4.19.81/0001-patch-4.19-ja1.diff.patch b/sys-kernel/boest-v4.19.81/0001-patch-4.19-ja1.diff.patch
deleted file mode 100644
index c32e28f3..00000000
--- a/sys-kernel/boest-v4.19.81/0001-patch-4.19-ja1.diff.patch
+++ /dev/null
@@ -1,2127 +0,0 @@
-From 216ce9b493542ea729c73aa5dd77b429eb85b275 Mon Sep 17 00:00:00 2001
-From: Julian Anastasov <ja@ssi.bg>
-Date: Sun, 28 Oct 2018 09:28:02 +0000
-Subject: [PATCH 01/15] patch-4.19-ja1.diff
-
-Jumbo patch containing the following parts:
- - routes-2.X.*.diff (static_routes, alt_routes, nf_reroute but without arp_prefsrc functionality, it is replaced by arprules and rp_filter_mask)
- - hidden-2.X.*.diff (conf/*/hidden)
- - arprules-2.X.*.diff (iparp/arprules support)
- - rp_filter_mask-2.X.*.diff (conf/*/rp_filter_mask)
- - forward_shared-2.X.*.diff (conf/*/forward_shared)
- - send-to-self-2.X.*.diff (conf/*/loop, included March 3, 2004, up to Linux 3.5)
-
-URL: http://ja.ssi.bg/patch-4.19-ja1.diff
----
- Documentation/networking/ip-sysctl.txt      |  30 +
- include/linux/inetdevice.h                  |   3 +
- include/net/flow.h                          |   2 +
- include/net/ip_fib.h                        |   7 +-
- include/net/netfilter/nf_nat.h              |   5 +
- include/net/route.h                         |   5 +
- include/uapi/linux/ip.h                     |   3 +
- include/uapi/linux/rtnetlink.h              |  64 +-
- net/bridge/br_netfilter_hooks.c             |   3 +
- net/ipv4/arp.c                              | 695 +++++++++++++++++++-
- net/ipv4/devinet.c                          |  14 +-
- net/ipv4/fib_frontend.c                     |  56 +-
- net/ipv4/fib_rules.c                        |   5 +
- net/ipv4/fib_semantics.c                    | 257 ++++++--
- net/ipv4/fib_trie.c                         |   3 +
- net/ipv4/netfilter/iptable_nat.c            |   7 +
- net/ipv4/netfilter/nf_nat_masquerade_ipv4.c |  27 +-
- net/ipv4/route.c                            |  69 +-
- net/netfilter/nf_nat_core.c                 |  43 ++
- security/selinux/nlmsgtab.c                 |   5 +-
- 20 files changed, 1175 insertions(+), 128 deletions(-)
-
-diff --git a/Documentation/networking/ip-sysctl.txt b/Documentation/networking/ip-sysctl.txt
-index 7eb9366422f5..a333642844d2 100644
---- a/Documentation/networking/ip-sysctl.txt
-+++ b/Documentation/networking/ip-sysctl.txt
-@@ -1062,6 +1062,19 @@ forwarding - BOOLEAN
- 	Enable IP forwarding on this interface.  This controls whether packets
- 	received _on_ this interface can be forwarded.
- 
-+forward_shared - BOOLEAN
-+	Integer value determines if a source validation should allow
-+	forwarding of packets with local source address. 1 means yes,
-+	0 means no. By default the flag is disabled and such packets
-+	are not forwarded.
-+
-+	If you enable this flag on internal network, the router will forward
-+	packets from internal hosts with shared IP addresses no matter how
-+	the rp_filter is set. This flag is activated only if it is
-+	enabled both in specific device section and in "all" section.
-+
-+	The forward_shared value could be ignored when rp_filter is set to 0.
-+
- mc_forwarding - BOOLEAN
- 	Do multicast routing. The kernel needs to be compiled with CONFIG_MROUTE
- 	and a multicast routing daemon is required.
-@@ -1177,6 +1190,15 @@ rp_filter - INTEGER
- 	Default value is 0. Note that some distributions enable it
- 	in startup scripts.
- 
-+rp_filter_mask - INTEGER
-+	Integer value representing bitmask of the mediums for which the
-+	reverse path protection is disabled. If the source validation
-+	results in reverse path to interface with medium_id value in
-+	the 1..31 range the access is allowed if the corresponding bit
-+	is set in the bitmask. The bitmask value is considered only when
-+	rp_filter is enabled. By default the bitmask is empty preserving
-+	the original rp_filter semantic.
-+
- arp_filter - BOOLEAN
- 	1 - Allows you to have multiple network interfaces on the same
- 	subnet, and have the ARPs for each interface be answered
-@@ -1317,6 +1339,14 @@ drop_gratuitous_arp - BOOLEAN
- 	Default: off (0)
- 
- 
-+hidden - BOOLEAN
-+	Hide addresses attached to this device from other devices.
-+	Such addresses will never be selected by source address autoselection
-+	mechanism, host does not answer broadcast ARP requests for them,
-+	does not announce them as source address of ARP requests, but they
-+	are still reachable via IP. This flag is activated only if it is
-+	enabled both in specific device section and in "all" section.
-+
- tag - INTEGER
- 	Allows you to write a number, which can be used as required.
- 	Default value is 0.
-diff --git a/include/linux/inetdevice.h b/include/linux/inetdevice.h
-index c759d1cbcedd..46e2a7ec281b 100644
---- a/include/linux/inetdevice.h
-+++ b/include/linux/inetdevice.h
-@@ -95,9 +95,11 @@ static inline void ipv4_devconf_setall(struct in_device *in_dev)
- #define IN_DEV_MFORWARD(in_dev)		IN_DEV_ANDCONF((in_dev), MC_FORWARDING)
- #define IN_DEV_BFORWARD(in_dev)		IN_DEV_ANDCONF((in_dev), BC_FORWARDING)
- #define IN_DEV_RPFILTER(in_dev)		IN_DEV_MAXCONF((in_dev), RP_FILTER)
-+#define IN_DEV_RPFILTER_MASK(in_dev)	IN_DEV_CONF_GET(in_dev, RP_FILTER_MASK)
- #define IN_DEV_SRC_VMARK(in_dev)    	IN_DEV_ORCONF((in_dev), SRC_VMARK)
- #define IN_DEV_SOURCE_ROUTE(in_dev)	IN_DEV_ANDCONF((in_dev), \
- 						       ACCEPT_SOURCE_ROUTE)
-+#define IN_DEV_FORWARD_SHARED(in_dev)	IN_DEV_ANDCONF((in_dev), FORWARD_SHARED)
- #define IN_DEV_ACCEPT_LOCAL(in_dev)	IN_DEV_ORCONF((in_dev), ACCEPT_LOCAL)
- #define IN_DEV_BOOTP_RELAY(in_dev)	IN_DEV_ANDCONF((in_dev), BOOTP_RELAY)
- 
-@@ -110,6 +112,7 @@ static inline void ipv4_devconf_setall(struct in_device *in_dev)
- 						      SECURE_REDIRECTS)
- #define IN_DEV_IDTAG(in_dev)		IN_DEV_CONF_GET(in_dev, TAG)
- #define IN_DEV_MEDIUM_ID(in_dev)	IN_DEV_CONF_GET(in_dev, MEDIUM_ID)
-+#define IN_DEV_HIDDEN(in_dev)		IN_DEV_ANDCONF((in_dev), HIDDEN)
- #define IN_DEV_PROMOTE_SECONDARIES(in_dev) \
- 					IN_DEV_ORCONF((in_dev), \
- 						      PROMOTE_SECONDARIES)
-diff --git a/include/net/flow.h b/include/net/flow.h
-index 8ce21793094e..8278eb051131 100644
---- a/include/net/flow.h
-+++ b/include/net/flow.h
-@@ -91,6 +91,7 @@ struct flowi4 {
- #define fl4_ipsec_spi		uli.spi
- #define fl4_mh_type		uli.mht.type
- #define fl4_gre_key		uli.gre_key
-+	__be32			fl4_gw;
- } __attribute__((__aligned__(BITS_PER_LONG/8)));
- 
- static inline void flowi4_init_output(struct flowi4 *fl4, int oif,
-@@ -114,6 +115,7 @@ static inline void flowi4_init_output(struct flowi4 *fl4, int oif,
- 	fl4->saddr = saddr;
- 	fl4->fl4_dport = dport;
- 	fl4->fl4_sport = sport;
-+	fl4->fl4_gw = 0;
- }
- 
- /* Reset some input parameters after previous lookup */
-diff --git a/include/net/ip_fib.h b/include/net/ip_fib.h
-index 95eed32d8c6b..6ec06dcdf7ba 100644
---- a/include/net/ip_fib.h
-+++ b/include/net/ip_fib.h
-@@ -367,6 +367,8 @@ static inline bool fib4_rules_early_flow_dissect(struct net *net,
- 	return true;
- }
- 
-+u32 fib_result_table(struct fib_result *res);
-+
- #endif /* CONFIG_IP_MULTIPLE_TABLES */
- 
- /* Exported by fib_frontend.c */
-@@ -375,7 +377,8 @@ void ip_fib_init(void);
- __be32 fib_compute_spec_dst(struct sk_buff *skb);
- int fib_validate_source(struct sk_buff *skb, __be32 src, __be32 dst,
- 			u8 tos, int oif, struct net_device *dev,
--			struct in_device *idev, u32 *itag);
-+			struct in_device *idev, u32 *itag, int our);
-+void fib_select_default(const struct flowi4 *flp, struct fib_result *res);
- #ifdef CONFIG_IP_ROUTE_CLASSID
- static inline int fib_num_tclassid_users(struct net *net)
- {
-@@ -452,4 +455,6 @@ static inline void fib_proc_exit(struct net *net)
- 
- u32 ip_mtu_from_fib_result(struct fib_result *res, __be32 daddr);
- 
-+extern rwlock_t fib_nhflags_lock;
-+
- #endif  /* _NET_FIB_H */
-diff --git a/include/net/netfilter/nf_nat.h b/include/net/netfilter/nf_nat.h
-index a17eb2f8d40e..749d505486d3 100644
---- a/include/net/netfilter/nf_nat.h
-+++ b/include/net/netfilter/nf_nat.h
-@@ -37,6 +37,11 @@ struct nf_conn_nat {
- #endif
- };
- 
-+/* Call input routing for SNAT-ed traffic */
-+unsigned int ip_nat_route_input(void *priv,
-+				struct sk_buff *skb,
-+				const struct nf_hook_state *state);
-+
- /* Set up the info structure to map into this range. */
- unsigned int nf_nat_setup_info(struct nf_conn *ct,
- 			       const struct nf_nat_range2 *range,
-diff --git a/include/net/route.h b/include/net/route.h
-index bb53cdba38dc..646b987c4001 100644
---- a/include/net/route.h
-+++ b/include/net/route.h
-@@ -182,6 +182,9 @@ int ip_route_input_noref(struct sk_buff *skb, __be32 dst, __be32 src,
- int ip_route_input_rcu(struct sk_buff *skb, __be32 dst, __be32 src,
- 		       u8 tos, struct net_device *devin,
- 		       struct fib_result *res);
-+int ip_route_input_common_rcu(struct sk_buff *skb, __be32 dst, __be32 src,
-+			      u8 tos, struct net_device *devin, __be32 lsrc,
-+			      struct fib_result *res);
- 
- static inline int ip_route_input(struct sk_buff *skb, __be32 dst, __be32 src,
- 				 u8 tos, struct net_device *devin)
-@@ -218,6 +221,8 @@ unsigned int inet_addr_type_dev_table(struct net *net,
- void ip_rt_multicast_event(struct in_device *);
- int ip_rt_ioctl(struct net *, unsigned int cmd, struct rtentry *rt);
- void ip_rt_get_source(u8 *src, struct sk_buff *skb, struct rtable *rt);
-+int ip_route_input_lookup(struct sk_buff*, __be32 dst, __be32 src, u8 tos,
-+			  struct net_device *devin, __be32 lsrc);
- struct rtable *rt_dst_alloc(struct net_device *dev,
- 			     unsigned int flags, u16 type,
- 			     bool nopolicy, bool noxfrm, bool will_cache);
-diff --git a/include/uapi/linux/ip.h b/include/uapi/linux/ip.h
-index e42d13b55cf3..d03711046f2e 100644
---- a/include/uapi/linux/ip.h
-+++ b/include/uapi/linux/ip.h
-@@ -169,6 +169,9 @@ enum
- 	IPV4_DEVCONF_DROP_UNICAST_IN_L2_MULTICAST,
- 	IPV4_DEVCONF_DROP_GRATUITOUS_ARP,
- 	IPV4_DEVCONF_BC_FORWARDING,
-+	IPV4_DEVCONF_HIDDEN,
-+	IPV4_DEVCONF_RP_FILTER_MASK,
-+	IPV4_DEVCONF_FORWARD_SHARED,
- 	__IPV4_DEVCONF_MAX
- };
- 
-diff --git a/include/uapi/linux/rtnetlink.h b/include/uapi/linux/rtnetlink.h
-index 46399367627f..92593fd1a055 100644
---- a/include/uapi/linux/rtnetlink.h
-+++ b/include/uapi/linux/rtnetlink.h
-@@ -157,6 +157,13 @@ enum {
- 	RTM_GETCHAIN,
- #define RTM_GETCHAIN RTM_GETCHAIN
- 
-+	RTM_NEWARPRULE	= 104,
-+#define	RTM_NEWARPRULE	RTM_NEWARPRULE
-+	RTM_DELARPRULE,
-+#define	RTM_DELARPRULE	RTM_DELARPRULE
-+	RTM_GETARPRULE,
-+#define	RTM_GETARPRULE	RTM_GETARPRULE
-+
- 	__RTM_MAX,
- #define RTM_MAX		(((__RTM_MAX + 3) & ~3) - 1)
- };
-@@ -374,8 +381,11 @@ struct rtnexthop {
- #define RTNH_F_OFFLOAD		8	/* offloaded route */
- #define RTNH_F_LINKDOWN		16	/* carrier-down on nexthop */
- #define RTNH_F_UNRESOLVED	32	/* The entry is unresolved (ipmr) */
-+#define RTNH_F_SUSPECT		64	/* We don't know the real state	*/
-+#define RTNH_F_BADSTATE		(RTNH_F_DEAD | RTNH_F_SUSPECT)
- 
--#define RTNH_COMPARE_MASK	(RTNH_F_DEAD | RTNH_F_LINKDOWN | RTNH_F_OFFLOAD)
-+#define RTNH_COMPARE_MASK	(RTNH_F_DEAD | RTNH_F_LINKDOWN | \
-+				 RTNH_F_OFFLOAD | RTNH_F_SUSPECT)
- 
- /* Macros to handle hexthops */
- 
-@@ -617,6 +627,54 @@ enum {
- 
- #define NDUSEROPT_MAX	(__NDUSEROPT_MAX - 1)
- 
-+/******************************************************************************
-+ *		Definitions used in ARP tables administration
-+ ****/
-+
-+#define ARPA_TABLE_INPUT	0
-+#define ARPA_TABLE_OUTPUT	1
-+#define ARPA_TABLE_FORWARD	2
-+#define ARPA_TABLE_ALL		-1
-+
-+#define ARPM_F_PREFSRC		0x0001
-+#define ARPM_F_WILDIIF		0x0002
-+#define ARPM_F_WILDOIF		0x0004
-+#define ARPM_F_BROADCAST	0x0008
-+#define ARPM_F_UNICAST		0x0010
-+
-+struct arpmsg
-+{
-+	unsigned char		arpm_family;
-+	unsigned char		arpm_table;
-+	unsigned char		arpm_action;
-+	unsigned char		arpm_from_len;
-+	unsigned char		arpm_to_len;
-+	unsigned char		arpm__pad1;
-+	unsigned short		arpm__pad2;
-+	unsigned		arpm_pref;
-+	unsigned		arpm_flags;
-+};
-+
-+enum
-+{
-+	ARPA_UNSPEC,
-+	ARPA_FROM,			/* FROM IP prefix	*/
-+	ARPA_TO,			/* TO IP prefix		*/
-+	ARPA_LLFROM,			/* FROM LL prefix	*/
-+	ARPA_LLTO,			/* TO LL prefix		*/
-+	ARPA_LLSRC,			/* New SRC lladdr	*/
-+	ARPA_LLDST,			/* New DST lladdr	*/
-+	ARPA_IIF,			/* In interface prefix	*/
-+	ARPA_OIF,			/* Out interface prefix	*/
-+	ARPA_SRC,			/* New IP SRC		*/
-+	ARPA_DST,			/* New IP DST, not used	*/
-+	ARPA_PACKETS,			/* Packets		*/
-+};
-+
-+#define ARPA_MAX	ARPA_PACKETS
-+
-+#define ARPA_RTA(r)  ((struct rtattr*)(((char*)(r)) + NLMSG_ALIGN(sizeof(struct arpmsg))))
-+
- #ifndef __KERNEL__
- /* RTnetlink multicast groups - backwards compatibility for userspace */
- #define RTMGRP_LINK		1
-@@ -637,6 +695,8 @@ enum {
- #define RTMGRP_DECnet_IFADDR    0x1000
- #define RTMGRP_DECnet_ROUTE     0x4000
- 
-+#define RTMGRP_ARP		0x00010000
-+
- #define RTMGRP_IPV6_PREFIX	0x20000
- #endif
- 
-@@ -704,6 +764,8 @@ enum rtnetlink_groups {
- #define RTNLGRP_IPV4_MROUTE_R	RTNLGRP_IPV4_MROUTE_R
- 	RTNLGRP_IPV6_MROUTE_R,
- #define RTNLGRP_IPV6_MROUTE_R	RTNLGRP_IPV6_MROUTE_R
-+	RTNLGRP_ARP,
-+#define RTNLGRP_ARP		RTNLGRP_ARP
- 	__RTNLGRP_MAX
- };
- #define RTNLGRP_MAX	(__RTNLGRP_MAX - 1)
-diff --git a/net/bridge/br_netfilter_hooks.c b/net/bridge/br_netfilter_hooks.c
-index 212c184c1eee..200f61e869f5 100644
---- a/net/bridge/br_netfilter_hooks.c
-+++ b/net/bridge/br_netfilter_hooks.c
-@@ -360,6 +360,9 @@ static int br_nf_pre_routing_finish(struct net *net, struct sock *sk, struct sk_
- 
- 	nf_bridge->frag_max_size = IPCB(skb)->frag_max_size;
- 
-+	/* Old skb->dst is not expected, it is lost in all cases */
-+	skb_dst_drop(skb);
-+
- 	if (nf_bridge->pkt_otherhost) {
- 		skb->pkt_type = PACKET_OTHERHOST;
- 		nf_bridge->pkt_otherhost = false;
-diff --git a/net/ipv4/arp.c b/net/ipv4/arp.c
-index e90c89ef8c08..8873e5ca3c3f 100644
---- a/net/ipv4/arp.c
-+++ b/net/ipv4/arp.c
-@@ -71,6 +71,9 @@
-  *					sending (e.g. insert 8021q tag).
-  *		Harald Welte	:	convert to make use of jenkins hash
-  *		Jesper D. Brouer:       Proxy ARP PVLAN RFC 3069 support.
-+ *		Julian Anastasov:	"hidden" flag: hide the
-+ *					interface and don't reply for it
-+ *		Julian Anastasov:	ARP filtering via netlink
-  */
- 
- #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
-@@ -95,6 +98,7 @@
- #include <linux/proc_fs.h>
- #include <linux/seq_file.h>
- #include <linux/stat.h>
-+#include <net/netlink.h>
- #include <linux/init.h>
- #include <linux/net.h>
- #include <linux/rcupdate.h>
-@@ -185,6 +189,48 @@ struct neigh_table arp_tbl = {
- };
- EXPORT_SYMBOL(arp_tbl);
- 
-+struct arpf_node {
-+	struct arpf_node *	at_next;
-+	u32			at_pref;
-+	u32			at_from;
-+	u32			at_from_mask;
-+	u32			at_to;
-+	u32			at_to_mask;
-+	u32			at_src;
-+	atomic_t		at_packets;
-+	atomic_t		at_refcnt;
-+	unsigned		at_flags;
-+	unsigned char		at_from_len;
-+	unsigned char		at_to_len;
-+	unsigned char		at_action;
-+	char			at_dead;
-+	unsigned char		at_llfrom_len;
-+	unsigned char		at_llto_len;
-+	unsigned char		at_llsrc_len;
-+	unsigned char		at_lldst_len;
-+	unsigned char		at_iif_len;
-+	unsigned char		at_oif_len;
-+	unsigned short		at__pad1;
-+	unsigned char		at_llfrom[MAX_ADDR_LEN];
-+	unsigned char		at_llto[MAX_ADDR_LEN];
-+	unsigned char		at_llsrc[MAX_ADDR_LEN];
-+	unsigned char		at_lldst[MAX_ADDR_LEN];
-+	char			at_iif[IFNAMSIZ];
-+	char			at_oif[IFNAMSIZ];
-+};
-+
-+static struct arpf_node *arp_tabs[3];
-+
-+static struct kmem_cache *arpf_cachep;
-+
-+static DEFINE_RWLOCK(arpf_lock);
-+
-+static void
-+arpf_send(int table, struct net *net, struct sk_buff *skb, u32 sip, u32 tip,
-+	  unsigned char *from_hw, unsigned char *to_hw,
-+	  struct net_device *idev, struct net_device *odev,
-+	  struct dst_entry *dst);
-+
- int arp_mc_map(__be32 addr, u8 *haddr, struct net_device *dev, int dir)
- {
- 	switch (dev->type) {
-@@ -338,7 +384,9 @@ static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb)
- 	struct net_device *dev = neigh->dev;
- 	__be32 target = *(__be32 *)neigh->primary_key;
- 	int probes = atomic_read(&a