--- /dev/null
+From 1d3670d5fb7e50e0c289ef8ac9e72752078bb747 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Mon, 11 May 2026 15:53:55 +0200
+Subject: ARM: allow __do_kernel_fault() to report execution of memory faults
+
+From: Russell King (Oracle) <rmk+kernel@armlinux.org.uk>
+
+commit 40b466db1dffb41f0529035c59c5739636d0e5b8 upstream.
+
+Allow __do_kernel_fault() to detect the execution of memory, so we can
+provide the same fault message as do_page_fault() would do. This is
+required when we split the kernel address fault handling from the
+main do_page_fault() code path.
+
+Reviewed-by: Xie Yuanbin <xieyuanbin1@huawei.com>
+Tested-by: Xie Yuanbin <xieyuanbin1@huawei.com>
+Signed-off-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk>
+Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ arch/arm/mm/fault.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/arch/arm/mm/fault.c b/arch/arm/mm/fault.c
+index f87f353e5a8b0a..192c8ab196dbab 100644
+--- a/arch/arm/mm/fault.c
++++ b/arch/arm/mm/fault.c
+@@ -175,6 +175,8 @@ __do_kernel_fault(struct mm_struct *mm, unsigned long addr, unsigned int fsr,
+ */
+ if (addr < PAGE_SIZE) {
+ msg = "NULL pointer dereference";
++ } else if (is_permission_fault(fsr) && fsr & FSR_LNX_PF) {
++ msg = "execution of memory";
+ } else {
+ if (is_translation_fault(fsr) &&
+ kfence_handle_page_fault(addr, is_write_fault(fsr), regs))
+--
+2.53.0
+
--- /dev/null
+From a979e27807915908120a61c03cdd7bc7dbe51be1 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Mon, 11 May 2026 15:53:57 +0200
+Subject: ARM: fix branch predictor hardening
+
+From: Russell King (Oracle) <rmk+kernel@armlinux.org.uk>
+
+commit fd2dee1c6e2256f726ba33fd3083a7be0efc80d3 upstream.
+
+__do_user_fault() may be called with indeterminent interrupt enable
+state, which means we may be preemptive at this point. This causes
+problems when calling harden_branch_predictor(). For example, when
+called from a data abort, do_alignment_fault()->do_bad_area().
+
+Move harden_branch_predictor() out of __do_user_fault() and into the
+calling contexts.
+
+Moving it into do_kernel_address_page_fault(), we can be sure that
+interrupts will be disabled here.
+
+Converting do_translation_fault() to use do_kernel_address_page_fault()
+rather than do_bad_area() means that we keep branch predictor handling
+for translation faults. Interrupts will also be disabled at this call
+site.
+
+do_sect_fault() needs special handling, so detect user mode accesses
+to kernel-addresses, and add an explicit call to branch predictor
+hardening.
+
+Finally, add branch predictor hardening to do_alignment() for the
+faulting case (user mode accessing kernel addresses) before interrupts
+are enabled.
+
+This should cover all cases where harden_branch_predictor() is called,
+ensuring that it is always has interrupts disabled, also ensuring that
+it is called early in each call path.
+
+Reviewed-by: Xie Yuanbin <xieyuanbin1@huawei.com>
+Tested-by: Xie Yuanbin <xieyuanbin1@huawei.com>
+Signed-off-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk>
+Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ arch/arm/mm/alignment.c | 6 +++++-
+ arch/arm/mm/fault.c | 39 ++++++++++++++++++++++++++-------------
+ 2 files changed, 31 insertions(+), 14 deletions(-)
+
+diff --git a/arch/arm/mm/alignment.c b/arch/arm/mm/alignment.c
+index 3c6ddb1afdc463..812380f30ae36a 100644
+--- a/arch/arm/mm/alignment.c
++++ b/arch/arm/mm/alignment.c
+@@ -19,10 +19,11 @@
+ #include <linux/init.h>
+ #include <linux/sched/signal.h>
+ #include <linux/uaccess.h>
++#include <linux/unaligned.h>
+
+ #include <asm/cp15.h>
+ #include <asm/system_info.h>
+-#include <linux/unaligned.h>
++#include <asm/system_misc.h>
+ #include <asm/opcodes.h>
+
+ #include "fault.h"
+@@ -809,6 +810,9 @@ do_alignment(unsigned long addr, unsigned int fsr, struct pt_regs *regs)
+ int thumb2_32b = 0;
+ int fault;
+
++ if (addr >= TASK_SIZE && user_mode(regs))
++ harden_branch_predictor();
++
+ if (interrupts_enabled(regs))
+ local_irq_enable();
+
+diff --git a/arch/arm/mm/fault.c b/arch/arm/mm/fault.c
+index 0e5b4bc7b21760..ed4330cc3f4e6f 100644
+--- a/arch/arm/mm/fault.c
++++ b/arch/arm/mm/fault.c
+@@ -198,9 +198,6 @@ __do_user_fault(unsigned long addr, unsigned int fsr, unsigned int sig,
+ {
+ struct task_struct *tsk = current;
+
+- if (addr > TASK_SIZE)
+- harden_branch_predictor();
+-
+ #ifdef CONFIG_DEBUG_USER
+ if (((user_debug & UDBG_SEGV) && (sig == SIGSEGV)) ||
+ ((user_debug & UDBG_BUS) && (sig == SIGBUS))) {
+@@ -269,8 +266,10 @@ do_kernel_address_page_fault(struct mm_struct *mm, unsigned long addr,
+ /*
+ * Fault from user mode for a kernel space address. User mode
+ * should not be faulting in kernel space, which includes the
+- * vector/khelper page. Send a SIGSEGV.
++ * vector/khelper page. Handle the branch predictor hardening
++ * while interrupts are still disabled, then send a SIGSEGV.
+ */
++ harden_branch_predictor();
+ __do_user_fault(addr, fsr, SIGSEGV, SEGV_MAPERR, regs);
+ } else {
+ /*
+@@ -485,16 +484,20 @@ do_page_fault(unsigned long addr, unsigned int fsr, struct pt_regs *regs)
+ * We enter here because the first level page table doesn't contain
+ * a valid entry for the address.
+ *
+- * If the address is in kernel space (>= TASK_SIZE), then we are
+- * probably faulting in the vmalloc() area.
++ * If this is a user address (addr < TASK_SIZE), we handle this as a
++ * normal page fault. This leaves the remainder of the function to handle
++ * kernel address translation faults.
+ *
+- * If the init_task's first level page tables contains the relevant
+- * entry, we copy the it to this task. If not, we send the process
+- * a signal, fixup the exception, or oops the kernel.
++ * Since user mode is not permitted to access kernel addresses, pass these
++ * directly to do_kernel_address_page_fault() to handle.
+ *
+- * NOTE! We MUST NOT take any locks for this case. We may be in an
+- * interrupt or a critical region, and should only copy the information
+- * from the master page table, nothing more.
++ * Otherwise, we're probably faulting in the vmalloc() area, so try to fix
++ * that up. Note that we must not take any locks or enable interrupts in
++ * this case.
++ *
++ * If vmalloc() fixup fails, that means the non-leaf page tables did not
++ * contain an entry for this address, so handle this via
++ * do_kernel_address_page_fault().
+ */
+ #ifdef CONFIG_MMU
+ static int __kprobes
+@@ -560,7 +563,8 @@ do_translation_fault(unsigned long addr, unsigned int fsr,
+ return 0;
+
+ bad_area:
+- do_bad_area(addr, fsr, regs);
++ do_kernel_address_page_fault(current->mm, addr, fsr, regs);
++
+ return 0;
+ }
+ #else /* CONFIG_MMU */
+@@ -580,7 +584,16 @@ do_translation_fault(unsigned long addr, unsigned int fsr,
+ static int
+ do_sect_fault(unsigned long addr, unsigned int fsr, struct pt_regs *regs)
+ {
++ /*
++ * If this is a kernel address, but from user mode, then userspace
++ * is trying bad stuff. Invoke the branch predictor handling.
++ * Interrupts are disabled here.
++ */
++ if (addr >= TASK_SIZE && user_mode(regs))
++ harden_branch_predictor();
++
+ do_bad_area(addr, fsr, regs);
++
+ return 0;
+ }
+ #endif /* CONFIG_ARM_LPAE */
+--
+2.53.0
+
--- /dev/null
+From 29185952ab2aa9f4b7296e97b5b1146bcaed0b50 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Mon, 11 May 2026 15:53:56 +0200
+Subject: ARM: fix hash_name() fault
+
+From: Russell King (Oracle) <rmk+kernel@armlinux.org.uk>
+
+commit 7733bc7d299d682f2723dc38fc7f370b9bf973e9 upstream.
+
+Zizhi Wo reports:
+
+"During the execution of hash_name()->load_unaligned_zeropad(), a
+ potential memory access beyond the PAGE boundary may occur. For
+ example, when the filename length is near the PAGE_SIZE boundary.
+ This triggers a page fault, which leads to a call to
+ do_page_fault()->mmap_read_trylock(). If we can't acquire the lock,
+ we have to fall back to the mmap_read_lock() path, which calls
+ might_sleep(). This breaks RCU semantics because path lookup occurs
+ under an RCU read-side critical section."
+
+This is seen with CONFIG_DEBUG_ATOMIC_SLEEP=y and CONFIG_KFENCE=y.
+
+Kernel addresses (with the exception of the vectors/kuser helper
+page) do not have VMAs associated with them. If the vectors/kuser
+helper page faults, then there are two possibilities:
+
+1. if the fault happened while in kernel mode, then we're basically
+ dead, because the CPU won't be able to vector through this page
+ to handle the fault.
+2. if the fault happened while in user mode, that means the page was
+ protected from user access, and we want to fault anyway.
+
+Thus, we can handle kernel addresses from any context entirely
+separately without going anywhere near the mmap lock. This gives us
+an entirely non-sleeping path for all kernel mode kernel address
+faults.
+
+As we handle the kernel address faults before interrupts are enabled,
+this change has the side effect of improving the branch predictor
+hardening, but does not completely solve the issue.
+
+Reported-by: Zizhi Wo <wozizhi@huaweicloud.com>
+Reported-by: Xie Yuanbin <xieyuanbin1@huawei.com>
+Link: https://lore.kernel.org/r/20251126090505.3057219-1-wozizhi@huaweicloud.com
+Reviewed-by: Xie Yuanbin <xieyuanbin1@huawei.com>
+Tested-by: Xie Yuanbin <xieyuanbin1@huawei.com>
+Signed-off-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk>
+Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ arch/arm/mm/fault.c | 35 +++++++++++++++++++++++++++++++++++
+ 1 file changed, 35 insertions(+)
+
+diff --git a/arch/arm/mm/fault.c b/arch/arm/mm/fault.c
+index 192c8ab196dbab..0e5b4bc7b21760 100644
+--- a/arch/arm/mm/fault.c
++++ b/arch/arm/mm/fault.c
+@@ -261,6 +261,35 @@ static inline bool ttbr0_usermode_access_allowed(struct pt_regs *regs)
+ }
+ #endif
+
++static int __kprobes
++do_kernel_address_page_fault(struct mm_struct *mm, unsigned long addr,
++ unsigned int fsr, struct pt_regs *regs)
++{
++ if (user_mode(regs)) {
++ /*
++ * Fault from user mode for a kernel space address. User mode
++ * should not be faulting in kernel space, which includes the
++ * vector/khelper page. Send a SIGSEGV.
++ */
++ __do_user_fault(addr, fsr, SIGSEGV, SEGV_MAPERR, regs);
++ } else {
++ /*
++ * Fault from kernel mode. Enable interrupts if they were
++ * enabled in the parent context. Section (upper page table)
++ * translation faults are handled via do_translation_fault(),
++ * so we will only get here for a non-present kernel space
++ * PTE or PTE permission fault. This may happen in exceptional
++ * circumstances and need the fixup tables to be walked.
++ */
++ if (interrupts_enabled(regs))
++ local_irq_enable();
++
++ __do_kernel_fault(mm, addr, fsr, regs);
++ }
++
++ return 0;
++}
++
+ static int __kprobes
+ do_page_fault(unsigned long addr, unsigned int fsr, struct pt_regs *regs)
+ {
+@@ -274,6 +303,12 @@ do_page_fault(unsigned long addr, unsigned int fsr, struct pt_regs *regs)
+ if (kprobe_page_fault(regs, fsr))
+ return 0;
+
++ /*
++ * Handle kernel addresses faults separately, which avoids touching
++ * the mmap lock from contexts that are not able to sleep.
++ */
++ if (addr >= TASK_SIZE)
++ return do_kernel_address_page_fault(mm, addr, fsr, regs);
+
+ /* Enable interrupts if they were enabled in the parent context. */
+ if (interrupts_enabled(regs))
+--
+2.53.0
+
--- /dev/null
+From 4665ea6b6d801a544c92798b9aa7abc35ed28d31 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Mon, 11 May 2026 15:53:54 +0200
+Subject: ARM: group is_permission_fault() with is_translation_fault()
+
+From: Russell King (Oracle) <rmk+kernel@armlinux.org.uk>
+
+commit dea20281ac88226615761c570c8ff7adc18e6ac2 upstream.
+
+Group is_permission_fault() with is_translation_fault(), which is
+needed to use is_permission_fault() in __do_kernel_fault(). As
+this is static inline, there is no need for this to be under
+CONFIG_MMU.
+
+Signed-off-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk>
+Signed-off-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ arch/arm/mm/fault.c | 26 +++++++++++++-------------
+ 1 file changed, 13 insertions(+), 13 deletions(-)
+
+diff --git a/arch/arm/mm/fault.c b/arch/arm/mm/fault.c
+index 2bc828a1940c05..f87f353e5a8b0a 100644
+--- a/arch/arm/mm/fault.c
++++ b/arch/arm/mm/fault.c
+@@ -128,6 +128,19 @@ static inline bool is_translation_fault(unsigned int fsr)
+ return false;
+ }
+
++static inline bool is_permission_fault(unsigned int fsr)
++{
++ int fs = fsr_fs(fsr);
++#ifdef CONFIG_ARM_LPAE
++ if ((fs & FS_MMU_NOLL_MASK) == FS_PERM_NOLL)
++ return true;
++#else
++ if (fs == FS_L1_PERM || fs == FS_L2_PERM)
++ return true;
++#endif
++ return false;
++}
++
+ static void die_kernel_fault(const char *msg, struct mm_struct *mm,
+ unsigned long addr, unsigned int fsr,
+ struct pt_regs *regs)
+@@ -225,19 +238,6 @@ void do_bad_area(unsigned long addr, unsigned int fsr, struct pt_regs *regs)
+ }
+
+ #ifdef CONFIG_MMU
+-static inline bool is_permission_fault(unsigned int fsr)
+-{
+- int fs = fsr_fs(fsr);
+-#ifdef CONFIG_ARM_LPAE
+- if ((fs & FS_MMU_NOLL_MASK) == FS_PERM_NOLL)
+- return true;
+-#else
+- if (fs == FS_L1_PERM || fs == FS_L2_PERM)
+- return true;
+-#endif
+- return false;
+-}
+-
+ #ifdef CONFIG_CPU_TTBR0_PAN
+ static inline bool ttbr0_usermode_access_allowed(struct pt_regs *regs)
+ {
+--
+2.53.0
+
--- /dev/null
+From 04bce6bd62cc6b3f6b6e3580501113b2cad3db0a Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Sun, 26 Apr 2026 01:26:43 +0000
+Subject: bpf: Free reuseport cBPF prog after RCU grace period.
+
+From: Kuniyuki Iwashima <kuniyu@google.com>
+
+[ Upstream commit 18fc650ccd7fe3376eca89203668cfb8268f60df ]
+
+Eulgyu Kim reported the splat below with a repro. [0]
+
+The repro sets up a UDP reuseport group with a cBPF prog and
+replaces it with a new one while another thread is sending
+a UDP packet to the group.
+
+The reuseport prog is freed by sk_reuseport_prog_free().
+bpf_prog_put() is called for "e"BPF prog to destruct through
+multiple stages while cBPF prog is freed immediately by
+bpf_release_orig_filter() and bpf_prog_free().
+
+If a reuseport prog is detached from the setsockopt() path
+(reuseport_attach_prog() or reuseport_detach_prog()),
+sk_reuseport_prog_free() is called without waiting for RCU
+readers to complete, resulting in various bugs.
+
+Let's defer freeing the reuseport cBPF prog after one RCU
+grace period.
+
+Note "e"BPF prog is safe as is unless the fast path starts
+to touch fields destroyed in bpf_prog_put_deferred() and
+__bpf_prog_put_noref().
+
+[0]:
+BUG: KASAN: vmalloc-out-of-bounds in reuseport_select_sock+0xedc/0x1220 net/core/sock_reuseport.c:596
+Read of size 4 at addr ffffc9000051e004 by task slowme/10208
+CPU: 6 UID: 1000 PID: 10208 Comm: slowme Not tainted 7.0.0-geb7ac95ff75e #32 PREEMPT(full)
+Hardware name: QEMU Ubuntu 24.04 PC v2 (i440FX + PIIX, arch_caps fix, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
+Call Trace:
+ <IRQ>
+ dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120
+ print_address_description mm/kasan/report.c:378 [inline]
+ print_report+0xca/0x240 mm/kasan/report.c:482
+ kasan_report+0x118/0x150 mm/kasan/report.c:595
+ reuseport_select_sock+0xedc/0x1220 net/core/sock_reuseport.c:596
+ udp4_lib_lookup2+0x3bc/0x950 net/ipv4/udp.c:495
+ __udp4_lib_lookup+0x768/0xe20 net/ipv4/udp.c:723
+ __udp4_lib_lookup_skb+0x297/0x390 net/ipv4/udp.c:752
+ __udp4_lib_rcv+0x1312/0x2620 net/ipv4/udp.c:2752
+ ip_protocol_deliver_rcu+0x282/0x440 net/ipv4/ip_input.c:207
+ ip_local_deliver_finish+0x3bb/0x6f0 net/ipv4/ip_input.c:241
+ NF_HOOK+0x30c/0x3a0 include/linux/netfilter.h:318
+ NF_HOOK+0x30c/0x3a0 include/linux/netfilter.h:318
+ __netif_receive_skb_one_core net/core/dev.c:6181 [inline]
+ __netif_receive_skb net/core/dev.c:6294 [inline]
+ process_backlog+0xaa4/0x1960 net/core/dev.c:6645
+ __napi_poll+0xae/0x340 net/core/dev.c:7709
+ napi_poll net/core/dev.c:7772 [inline]
+ net_rx_action+0x5d7/0xf50 net/core/dev.c:7929
+ handle_softirqs+0x22b/0x870 kernel/softirq.c:622
+ do_softirq+0x76/0xd0 kernel/softirq.c:523
+ </IRQ>
+ <TASK>
+ __local_bh_enable_ip+0xf8/0x130 kernel/softirq.c:450
+ local_bh_enable include/linux/bottom_half.h:33 [inline]
+ rcu_read_unlock_bh include/linux/rcupdate.h:924 [inline]
+ __dev_queue_xmit+0x1dd7/0x3710 net/core/dev.c:4890
+ neigh_output include/net/neighbour.h:556 [inline]
+ ip_finish_output2+0xca9/0x1070 net/ipv4/ip_output.c:237
+ NF_HOOK_COND include/linux/netfilter.h:307 [inline]
+ ip_output+0x29f/0x450 net/ipv4/ip_output.c:438
+ ip_send_skb+0x45/0xc0 net/ipv4/ip_output.c:1508
+ udp_send_skb+0xb04/0x1510 net/ipv4/udp.c:1195
+ udp_sendmsg+0x1a71/0x2350 net/ipv4/udp.c:1485
+ sock_sendmsg_nosec net/socket.c:727 [inline]
+ __sock_sendmsg net/socket.c:742 [inline]
+ __sys_sendto+0x554/0x680 net/socket.c:2206
+ __do_sys_sendto net/socket.c:2213 [inline]
+ __se_sys_sendto net/socket.c:2209 [inline]
+ __x64_sys_sendto+0xde/0x100 net/socket.c:2209
+ do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
+ do_syscall_64+0x160/0xf80 arch/x86/entry/syscall_64.c:94
+ entry_SYSCALL_64_after_hwframe+0x77/0x7f
+RIP: 0033:0x415a2d
+Code: b3 66 2e 0f 1f 84 00 00 00 00 00 66 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
+RSP: 002b:00007f6bc31e41e8 EFLAGS: 00000212 ORIG_RAX: 000000000000002c
+RAX: ffffffffffffffda RBX: 00007f6bc31e4cdc RCX: 0000000000415a2d
+RDX: 0000000000000001 RSI: 00007f6bc31e421f RDI: 0000000000000003
+RBP: 00007f6bc31e4240 R08: 00007f6bc31e4220 R09: 0000000000000010
+R10: 0000000000000000 R11: 0000000000000212 R12: 00007f6bc31e46c0
+R13: ffffffffffffffb8 R14: 0000000000000000 R15: 00007ffc9b0d70b0
+ </TASK>
+
+Fixes: 538950a1b752 ("soreuseport: setsockopt SO_ATTACH_REUSEPORT_[CE]BPF")
+Reported-by: Eulgyu Kim <eulgyukim@snu.ac.kr>
+Reported-by: Taeyang Lee <0wn@theori.io>
+Signed-off-by: Kuniyuki Iwashima <kuniyu@google.com>
+Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
+Acked-by: Daniel Borkmann <daniel@iogearbox.net>
+Link: https://lore.kernel.org/bpf/20260426012647.3233119-1-kuniyu@google.com
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ net/core/filter.c | 15 ++++++++++++---
+ 1 file changed, 12 insertions(+), 3 deletions(-)
+
+diff --git a/net/core/filter.c b/net/core/filter.c
+index e6dd40e0276ed1..0b61945491054b 100644
+--- a/net/core/filter.c
++++ b/net/core/filter.c
+@@ -1660,15 +1660,24 @@ int sk_reuseport_attach_bpf(u32 ufd, struct sock *sk)
+ return err;
+ }
+
++static void sk_reuseport_prog_free_rcu(struct rcu_head *rcu)
++{
++ struct bpf_prog_aux *aux = container_of(rcu, struct bpf_prog_aux, rcu);
++ struct bpf_prog *prog = aux->prog;
++
++ bpf_release_orig_filter(prog);
++ bpf_prog_free(prog);
++}
++
+ void sk_reuseport_prog_free(struct bpf_prog *prog)
+ {
+ if (!prog)
+ return;
+
+- if (prog->type == BPF_PROG_TYPE_SK_REUSEPORT)
+- bpf_prog_put(prog);
++ if (bpf_prog_was_classic(prog))
++ call_rcu(&prog->aux->rcu, sk_reuseport_prog_free_rcu);
+ else
+- bpf_prog_destroy(prog);
++ bpf_prog_put(prog);
+ }
+
+ static inline int __bpf_try_make_writable(struct sk_buff *skb,
+--
+2.53.0
+
--- /dev/null
+bpf-free-reuseport-cbpf-prog-after-rcu-grace-period.patch
+arm-group-is_permission_fault-with-is_translation_fa.patch
+arm-allow-__do_kernel_fault-to-report-execution-of-m.patch
+arm-fix-hash_name-fault.patch
+arm-fix-branch-predictor-hardening.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
