include/linux/netfilter.h | 38 +++++ include/linux/netfilter_ipv4.h | 5 include/linux/netfilter_ipv4/ip_tables.h | 3 include/linux/netfilter_ipv4/ipt_LOG.h | 3 include/linux/netfilter_ipv4/ipt_owner.h | 3 include/linux/netfilter_ipv6.h | 5 include/linux/netfilter_ipv6/ip6_tables.h | 3 include/linux/netfilter_ipv6/ip6t_LOG.h | 3 include/linux/netfilter_ipv6/ip6t_owner.h | 3 include/linux/netfilter_logging.h | 2 include/linux/selinux.h | 87 +++++++++++ include/net/sock.h | 6 net/ipv4/ip_input.c | 4 net/ipv4/netfilter/Kconfig | 12 + net/ipv4/netfilter/Makefile | 1 net/ipv4/netfilter/ip_conntrack_proto_icmp.c | 9 - net/ipv4/netfilter/ip_conntrack_proto_tcp.c | 18 +- net/ipv4/netfilter/ip_conntrack_proto_udp.c | 6 net/ipv4/netfilter/ip_nat_rule.c | 4 net/ipv4/netfilter/ip_tables.c | 12 + net/ipv4/netfilter/ipt_CLASSIFY.c | 1 net/ipv4/netfilter/ipt_CLUSTERIP.c | 1 net/ipv4/netfilter/ipt_CONNMARK.c | 1 net/ipv4/netfilter/ipt_DSCP.c | 1 net/ipv4/netfilter/ipt_ECN.c | 1 net/ipv4/netfilter/ipt_LOG.c | 47 +++++- net/ipv4/netfilter/ipt_MARK.c | 2 net/ipv4/netfilter/ipt_MASQUERADE.c | 1 net/ipv4/netfilter/ipt_NETMAP.c | 1 net/ipv4/netfilter/ipt_NFQUEUE.c | 1 net/ipv4/netfilter/ipt_NOTRACK.c | 1 net/ipv4/netfilter/ipt_REDIRECT.c | 1 net/ipv4/netfilter/ipt_REJECT.c | 1 net/ipv4/netfilter/ipt_SAME.c | 1 net/ipv4/netfilter/ipt_TCPMSS.c | 1 net/ipv4/netfilter/ipt_TOS.c | 1 net/ipv4/netfilter/ipt_TTL.c | 6 net/ipv4/netfilter/ipt_ULOG.c | 2 net/ipv4/netfilter/ipt_addrtype.c | 6 net/ipv4/netfilter/ipt_ah.c | 1 net/ipv4/netfilter/ipt_comment.c | 1 net/ipv4/netfilter/ipt_connbytes.c | 1 net/ipv4/netfilter/ipt_connmark.c | 1 net/ipv4/netfilter/ipt_conntrack.c | 1 net/ipv4/netfilter/ipt_dccp.c | 1 net/ipv4/netfilter/ipt_dscp.c | 6 net/ipv4/netfilter/ipt_ecn.c | 6 net/ipv4/netfilter/ipt_esp.c | 1 net/ipv4/netfilter/ipt_hashlimit.c | 1 net/ipv4/netfilter/ipt_helper.c | 1 net/ipv4/netfilter/ipt_iprange.c | 1 net/ipv4/netfilter/ipt_length.c | 1 net/ipv4/netfilter/ipt_limit.c | 1 net/ipv4/netfilter/ipt_mac.c | 1 net/ipv4/netfilter/ipt_mark.c | 1 net/ipv4/netfilter/ipt_multiport.c | 2 net/ipv4/netfilter/ipt_owner.c | 72 ++++++++- net/ipv4/netfilter/ipt_physdev.c | 1 net/ipv4/netfilter/ipt_pkttype.c | 1 net/ipv4/netfilter/ipt_realm.c | 1 net/ipv4/netfilter/ipt_recent.c | 4 net/ipv4/netfilter/ipt_sctp.c | 1 net/ipv4/netfilter/ipt_state.c | 1 net/ipv4/netfilter/ipt_string.c | 1 net/ipv4/netfilter/ipt_tcpmss.c | 1 net/ipv4/netfilter/ipt_tos.c | 1 net/ipv4/netfilter/ipt_ttl.c | 6 net/ipv4/netfilter/iptable_filter.c | 4 net/ipv4/netfilter/iptable_mangle.c | 4 net/ipv4/netfilter/iptable_raw.c | 2 net/ipv4/netfilter/iptable_skfilter.c | 179 ++++++++++++++++++++++++ net/ipv6/netfilter/Kconfig | 13 + net/ipv6/netfilter/Makefile | 1 net/ipv6/netfilter/ip6_tables.c | 15 +- net/ipv6/netfilter/ip6t_HL.c | 1 net/ipv6/netfilter/ip6t_LOG.c | 50 +++++- net/ipv6/netfilter/ip6t_MARK.c | 1 net/ipv6/netfilter/ip6t_NFQUEUE.c | 1 net/ipv6/netfilter/ip6t_REJECT.c | 1 net/ipv6/netfilter/ip6t_ah.c | 1 net/ipv6/netfilter/ip6t_dst.c | 1 net/ipv6/netfilter/ip6t_esp.c | 1 net/ipv6/netfilter/ip6t_eui64.c | 1 net/ipv6/netfilter/ip6t_frag.c | 1 net/ipv6/netfilter/ip6t_hbh.c | 1 net/ipv6/netfilter/ip6t_hl.c | 6 net/ipv6/netfilter/ip6t_ipv6header.c | 1 net/ipv6/netfilter/ip6t_length.c | 9 + net/ipv6/netfilter/ip6t_limit.c | 1 net/ipv6/netfilter/ip6t_mac.c | 1 net/ipv6/netfilter/ip6t_mark.c | 1 net/ipv6/netfilter/ip6t_multiport.c | 1 net/ipv6/netfilter/ip6t_owner.c | 76 +++++++++- net/ipv6/netfilter/ip6t_physdev.c | 1 net/ipv6/netfilter/ip6t_rt.c | 1 net/ipv6/netfilter/ip6table_filter.c | 4 net/ipv6/netfilter/ip6table_mangle.c | 4 net/ipv6/netfilter/ip6table_raw.c | 2 net/ipv6/netfilter/ip6table_skfilter.c | 198 +++++++++++++++++++++++++++ net/ipv6/tcp_ipv6.c | 2 net/netfilter/Makefile | 2 net/netfilter/core.c | 88 +++++++++++- net/netfilter/nf_log.c | 3 net/netfilter/nf_sk.c | 43 +++++ net/netfilter/nfnetlink_log.c | 1 security/selinux/Makefile | 2 security/selinux/exports.c | 45 ++++++ security/selinux/hooks.c | 37 +++-- security/selinux/include/security.h | 5 security/selinux/ss/services.c | 4 110 files changed, 1115 insertions(+), 123 deletions(-)