kernel: bump 4.9 to 4.9.57

Refresh patches.
Compile-tested for ar71xx - Archer C7 v2
Runtime-tested on  ar71xx - Archer C7 v2

Fixes the following CVEs:

- CVE-2017-7518
- CVE-2017-0786
- CVE-2017-1000255
- CVE-2017-12188
- CVE-2017-15265

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>

target/linux/generic/backport-4.9/024-3-tcp-tsq-add-shortcut-in-tcp_tasklet_func.patch

@@ -60,7 +60,7 @@ Signed-off-by: David S. Miller <davem@davemloft.net>
  		nval = cmpxchg(&tp->tsq_flags, oval, nval);
  		if (nval != oval)
  			continue;
-@@ -2179,6 +2179,8 @@ static bool tcp_write_xmit(struct sock *
+@@ -2182,6 +2182,8 @@ static bool tcp_write_xmit(struct sock *
  		    unlikely(tso_fragment(sk, skb, limit, mss_now, gfp)))
  			break;
  

target/linux/generic/backport-4.9/024-5-tcp-tsq-add-a-shortcut-in-tcp_small_queue_check.patch

@@ -19,7 +19,7 @@ Signed-off-by: David S. Miller <davem@davemloft.net>
 
 --- a/net/ipv4/tcp_output.c
 +++ b/net/ipv4/tcp_output.c
-@@ -2084,6 +2084,15 @@ static bool tcp_small_queue_check(struct
+@@ -2087,6 +2087,15 @@ static bool tcp_small_queue_check(struct
  	limit <<= factor;
  
  	if (atomic_read(&sk->sk_wmem_alloc) > limit) {

target/linux/generic/backport-4.9/024-6-tcp-tcp_mtu_probe-is-likely-to-exit-early.patch

@@ -17,7 +17,7 @@ Signed-off-by: David S. Miller <davem@davemloft.net>
 
 --- a/net/ipv4/tcp_output.c
 +++ b/net/ipv4/tcp_output.c
-@@ -1925,26 +1925,26 @@ static inline void tcp_mtu_check_reprobe
+@@ -1928,26 +1928,26 @@ static inline void tcp_mtu_check_reprobe
   */
  static int tcp_mtu_probe(struct sock *sk)
  {

target/linux/generic/backport-4.9/024-8-tcp-tsq-move-tsq_flags-close-to-sk_wmem_alloc.patch

@@ -114,7 +114,7 @@ Signed-off-by: David S. Miller <davem@davemloft.net>
  		if (nval != oval)
  			continue;
  
-@@ -2093,7 +2093,7 @@ static bool tcp_small_queue_check(struct
+@@ -2096,7 +2096,7 @@ static bool tcp_small_queue_check(struct
  		    skb->prev == sk->sk_write_queue.next)
  			return false;
  
@@ -123,7 +123,7 @@ Signed-off-by: David S. Miller <davem@davemloft.net>
  		/* It is possible TX completion already happened
  		 * before we set TSQ_THROTTLED, so we must
  		 * test again the condition.
-@@ -2191,8 +2191,8 @@ static bool tcp_write_xmit(struct sock *
+@@ -2194,8 +2194,8 @@ static bool tcp_write_xmit(struct sock *
  		    unlikely(tso_fragment(sk, skb, limit, mss_now, gfp)))
  			break;
  
@@ -134,7 +134,7 @@ Signed-off-by: David S. Miller <davem@davemloft.net>
  		if (tcp_small_queue_check(sk, skb, 0))
  			break;
  
-@@ -3495,8 +3495,6 @@ void tcp_send_ack(struct sock *sk)
+@@ -3508,8 +3508,6 @@ void tcp_send_ack(struct sock *sk)
  	/* We do not want pure acks influencing TCP Small Queues or fq/pacing
  	 * too much.
  	 * SKB_TRUESIZE(max(1 .. 66, MAX_TCP_HEADER)) is unfortunately ~784

target/linux/generic/hack-4.9/661-use_fq_codel_by_default.patch

@@ -83,7 +83,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  EXPORT_SYMBOL(default_qdisc_ops);
  
  /* Main transmission queue. */
-@@ -759,7 +759,7 @@ static void attach_one_default_qdisc(str
+@@ -760,7 +760,7 @@ static void attach_one_default_qdisc(str
  				     void *_unused)
  {
  	struct Qdisc *qdisc;

target/linux/generic/hack-4.9/902-debloat_proc.patch

@@ -327,7 +327,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  
 --- a/net/core/sock.c
 +++ b/net/core/sock.c
-@@ -3082,6 +3082,8 @@ static __net_initdata struct pernet_oper
+@@ -3084,6 +3084,8 @@ static __net_initdata struct pernet_oper
  
  static int __init proto_init(void)
  {

target/linux/generic/pending-4.9/630-packet_socket_type.patch

@@ -30,7 +30,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  #define PACKET_FANOUT_LB		1
 --- a/net/packet/af_packet.c
 +++ b/net/packet/af_packet.c
-@@ -1772,6 +1772,7 @@ static int packet_rcv_spkt(struct sk_buf
+@@ -1778,6 +1778,7 @@ static int packet_rcv_spkt(struct sk_buf
  {
  	struct sock *sk;
  	struct sockaddr_pkt *spkt;
@@ -38,7 +38,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  
  	/*
  	 *	When we registered the protocol we saved the socket in the data
-@@ -1779,6 +1780,7 @@ static int packet_rcv_spkt(struct sk_buf
+@@ -1785,6 +1786,7 @@ static int packet_rcv_spkt(struct sk_buf
  	 */
  
  	sk = pt->af_packet_priv;
@@ -46,7 +46,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  
  	/*
  	 *	Yank back the headers [hope the device set this
-@@ -1791,7 +1793,7 @@ static int packet_rcv_spkt(struct sk_buf
+@@ -1797,7 +1799,7 @@ static int packet_rcv_spkt(struct sk_buf
  	 *	so that this procedure is noop.
  	 */
  
@@ -55,7 +55,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  		goto out;
  
  	if (!net_eq(dev_net(dev), sock_net(sk)))
-@@ -2029,12 +2031,12 @@ static int packet_rcv(struct sk_buff *sk
+@@ -2035,12 +2037,12 @@ static int packet_rcv(struct sk_buff *sk
  	unsigned int snaplen, res;
  	bool is_drop_n_account = false;
  
@@ -71,7 +71,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  	if (!net_eq(dev_net(dev), sock_net(sk)))
  		goto drop;
  
-@@ -2160,12 +2162,12 @@ static int tpacket_rcv(struct sk_buff *s
+@@ -2166,12 +2168,12 @@ static int tpacket_rcv(struct sk_buff *s
  	BUILD_BUG_ON(TPACKET_ALIGN(sizeof(*h.h2)) != 32);
  	BUILD_BUG_ON(TPACKET_ALIGN(sizeof(*h.h3)) != 48);
  
@@ -87,7 +87,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  	if (!net_eq(dev_net(dev), sock_net(sk)))
  		goto drop;
  
-@@ -3240,6 +3242,7 @@ static int packet_create(struct net *net
+@@ -3250,6 +3252,7 @@ static int packet_create(struct net *net
  	mutex_init(&po->pg_vec_lock);
  	po->rollover = NULL;
  	po->prot_hook.func = packet_rcv;
@@ -95,7 +95,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  
  	if (sock->type == SOCK_PACKET)
  		po->prot_hook.func = packet_rcv_spkt;
-@@ -3826,6 +3829,16 @@ packet_setsockopt(struct socket *sock, i
+@@ -3836,6 +3839,16 @@ packet_setsockopt(struct socket *sock, i
  		po->xmit = val ? packet_direct_xmit : dev_queue_xmit;
  		return 0;
  	}
@@ -112,7 +112,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  	default:
  		return -ENOPROTOOPT;
  	}
-@@ -3878,6 +3891,13 @@ static int packet_getsockopt(struct sock
+@@ -3888,6 +3901,13 @@ static int packet_getsockopt(struct sock
  	case PACKET_VNET_HDR:
  		val = po->has_vnet_hdr;
  		break;

target/linux/generic/pending-4.9/666-Add-support-for-MAP-E-FMRs-mesh-mode.patch

@@ -300,7 +300,7 @@ Signed-off-by: Steven Barth <cyrus@openwrt.org>
  /**
   * ip6_tnl_addr_conflict - compare packet addresses to tunnel's own
   *   @t: the outgoing tunnel device
-@@ -1285,6 +1425,7 @@ ip6ip6_tnl_xmit(struct sk_buff *skb, str
+@@ -1286,6 +1426,7 @@ ip6ip6_tnl_xmit(struct sk_buff *skb, str
  {
  	struct ip6_tnl *t = netdev_priv(dev);
  	struct ipv6hdr *ipv6h = ipv6_hdr(skb);
@@ -308,7 +308,7 @@ Signed-off-by: Steven Barth <cyrus@openwrt.org>
  	int encap_limit = -1;
  	__u16 offset;
  	struct flowi6 fl6;
-@@ -1343,6 +1484,18 @@ ip6ip6_tnl_xmit(struct sk_buff *skb, str
+@@ -1344,6 +1485,18 @@ ip6ip6_tnl_xmit(struct sk_buff *skb, str
  			fl6.flowi6_mark = skb->mark;
  	}
  
@@ -327,7 +327,7 @@ Signed-off-by: Steven Barth <cyrus@openwrt.org>
  	if (iptunnel_handle_offloads(skb, SKB_GSO_IPXIP6))
  		return -1;
  
-@@ -1470,6 +1623,14 @@ ip6_tnl_change(struct ip6_tnl *t, const
+@@ -1471,6 +1624,14 @@ ip6_tnl_change(struct ip6_tnl *t, const
  	t->parms.flowinfo = p->flowinfo;
  	t->parms.link = p->link;
  	t->parms.proto = p->proto;
@@ -342,7 +342,7 @@ Signed-off-by: Steven Barth <cyrus@openwrt.org>
  	dst_cache_reset(&t->dst_cache);
  	ip6_tnl_link_config(t);
  	return 0;
-@@ -1508,6 +1669,7 @@ ip6_tnl_parm_from_user(struct __ip6_tnl_
+@@ -1509,6 +1670,7 @@ ip6_tnl_parm_from_user(struct __ip6_tnl_
  	p->flowinfo = u->flowinfo;
  	p->link = u->link;
  	p->proto = u->proto;
@@ -350,7 +350,7 @@ Signed-off-by: Steven Barth <cyrus@openwrt.org>
  	memcpy(p->name, u->name, sizeof(u->name));
  }
  
-@@ -1885,6 +2047,15 @@ static int ip6_tnl_validate(struct nlatt
+@@ -1886,6 +2048,15 @@ static int ip6_tnl_validate(struct nlatt
  	return 0;
  }
  
@@ -366,7 +366,7 @@ Signed-off-by: Steven Barth <cyrus@openwrt.org>
  static void ip6_tnl_netlink_parms(struct nlattr *data[],
  				  struct __ip6_tnl_parm *parms)
  {
-@@ -1919,6 +2090,46 @@ static void ip6_tnl_netlink_parms(struct
+@@ -1920,6 +2091,46 @@ static void ip6_tnl_netlink_parms(struct
  
  	if (data[IFLA_IPTUN_COLLECT_METADATA])
  		parms->collect_md = true;
@@ -413,7 +413,7 @@ Signed-off-by: Steven Barth <cyrus@openwrt.org>
  }
  
  static bool ip6_tnl_netlink_encap_parms(struct nlattr *data[],
-@@ -2028,6 +2239,12 @@ static void ip6_tnl_dellink(struct net_d
+@@ -2029,6 +2240,12 @@ static void ip6_tnl_dellink(struct net_d
  
  static size_t ip6_tnl_get_size(const struct net_device *dev)
  {
@@ -426,7 +426,7 @@ Signed-off-by: Steven Barth <cyrus@openwrt.org>
  	return
  		/* IFLA_IPTUN_LINK */
  		nla_total_size(4) +
-@@ -2055,6 +2272,24 @@ static size_t ip6_tnl_get_size(const str
+@@ -2056,6 +2273,24 @@ static size_t ip6_tnl_get_size(const str
  		nla_total_size(2) +
  		/* IFLA_IPTUN_COLLECT_METADATA */
  		nla_total_size(0) +
@@ -451,7 +451,7 @@ Signed-off-by: Steven Barth <cyrus@openwrt.org>
  		0;
  }
  
-@@ -2062,6 +2297,9 @@ static int ip6_tnl_fill_info(struct sk_b
+@@ -2063,6 +2298,9 @@ static int ip6_tnl_fill_info(struct sk_b
  {
  	struct ip6_tnl *tunnel = netdev_priv(dev);
  	struct __ip6_tnl_parm *parm = &tunnel->parms;
@@ -461,7 +461,7 @@ Signed-off-by: Steven Barth <cyrus@openwrt.org>
  
  	if (nla_put_u32(skb, IFLA_IPTUN_LINK, parm->link) ||
  	    nla_put_in6_addr(skb, IFLA_IPTUN_LOCAL, &parm->laddr) ||
-@@ -2070,9 +2308,27 @@ static int ip6_tnl_fill_info(struct sk_b
+@@ -2071,9 +2309,27 @@ static int ip6_tnl_fill_info(struct sk_b
  	    nla_put_u8(skb, IFLA_IPTUN_ENCAP_LIMIT, parm->encap_limit) ||
  	    nla_put_be32(skb, IFLA_IPTUN_FLOWINFO, parm->flowinfo) ||
  	    nla_put_u32(skb, IFLA_IPTUN_FLAGS, parm->flags) ||
@@ -490,7 +490,7 @@ Signed-off-by: Steven Barth <cyrus@openwrt.org>
  	if (nla_put_u16(skb, IFLA_IPTUN_ENCAP_TYPE, tunnel->encap.type) ||
  	    nla_put_be16(skb, IFLA_IPTUN_ENCAP_SPORT, tunnel->encap.sport) ||
  	    nla_put_be16(skb, IFLA_IPTUN_ENCAP_DPORT, tunnel->encap.dport) ||
-@@ -2110,6 +2366,7 @@ static const struct nla_policy ip6_tnl_p
+@@ -2111,6 +2367,7 @@ static const struct nla_policy ip6_tnl_p
  	[IFLA_IPTUN_ENCAP_SPORT]	= { .type = NLA_U16 },
  	[IFLA_IPTUN_ENCAP_DPORT]	= { .type = NLA_U16 },
  	[IFLA_IPTUN_COLLECT_METADATA]	= { .type = NLA_FLAG },