From 2a76b835f929012c70f688887bb085fd688a6c1215c820649f52d8149bf6e647 Mon Sep 17 00:00:00 2001
From: Jan Engelhardt <jengelh@inai.de>
Date: Sat, 28 Sep 2019 04:29:00 +0000
Subject: [PATCH] Accepting request 733095 from
 home:mkubecek:branches:security:netfilter

- Update to new upstream release 5.3
- fix SLE12 build

OBS-URL: https://build.opensuse.org/request/show/733095
OBS-URL: https://build.opensuse.org/package/show/security:netfilter/iproute2?expand=0&rev=179
---
 bpf-bss-section-poc.patch                     |  27 +++-----
 bpf-data-section-support-poc.patch            |  29 ++++-----
 iproute2-5.2.0.tar.sign                       | Bin 566 -> 0 bytes
 iproute2-5.2.0.tar.xz                         |   3 -
 iproute2-5.3.0.tar.sign                       | Bin 0 -> 566 bytes
 iproute2-5.3.0.tar.xz                         |   3 +
 iproute2.changes                              |  30 +++++++++
 iproute2.spec                                 |   7 +-
 ...playing-transformations-used-for-Mob.patch |  60 +++++++++---------
 9 files changed, 89 insertions(+), 70 deletions(-)
 delete mode 100644 iproute2-5.2.0.tar.sign
 delete mode 100644 iproute2-5.2.0.tar.xz
 create mode 100644 iproute2-5.3.0.tar.sign
 create mode 100644 iproute2-5.3.0.tar.xz

diff --git a/bpf-bss-section-poc.patch b/bpf-bss-section-poc.patch
index cd2f3b1..2244cd3 100644
--- a/bpf-bss-section-poc.patch
+++ b/bpf-bss-section-poc.patch
@@ -1,9 +1,7 @@
-From 8f256b14edf9fdba3e0c688b76a4124d8627cde1 Mon Sep 17 00:00:00 2001
 From: Joe Stringer <joe@wand.net.nz>
-Date: Thu, 24 Jan 2019 20:55:39 -0800
-Subject: [PATCH iproute2-next 2/2] bpf: bss section poc
-To: Stephen Hemminger <stephen@networkplumber.org>
-Cc: netdev@vger.kernel.org, daniel@iogearbox.net
+Subject: bpf: bss section poc
+Patch-mainline: No, status unknown, seems to be implemented in libbpf instead
+References: none
 
 The .bss section denotes uninitialized data, which is for instance what
 clang will generate if a static variable is set to zero by default.
@@ -15,11 +13,9 @@ Signed-off-by: Joe Stringer <joe@wand.net.nz>
  lib/bpf.c | 37 +++++++++++++++++++++++++++++++++++--
  1 file changed, 35 insertions(+), 2 deletions(-)
 
-diff --git a/lib/bpf.c b/lib/bpf.c
-index eb208275ebaa..69eaa5ee732d 100644
 --- a/lib/bpf.c
 +++ b/lib/bpf.c
-@@ -1159,6 +1159,7 @@ struct bpf_elf_ctx {
+@@ -1164,6 +1164,7 @@ struct bpf_elf_ctx {
  	int			sec_text;
  	int			sec_btf;
  	int			sec_data;
@@ -27,7 +23,7 @@ index eb208275ebaa..69eaa5ee732d 100644
  	char			license[ELF_MAX_LICENSE_LEN];
  	enum bpf_prog_type	type;
  	__u32			ifindex;
-@@ -2048,6 +2049,14 @@ static int bpf_fetch_data(struct bpf_elf_ctx *ctx, int section,
+@@ -2068,6 +2069,14 @@ static int bpf_fetch_data(struct bpf_elf_ctx *ctx, int section,
  	return 0;
  }
  
@@ -42,7 +38,7 @@ index eb208275ebaa..69eaa5ee732d 100644
  static void bpf_btf_report(int fd, struct bpf_elf_ctx *ctx)
  {
  	fprintf(stderr, "\nBTF debug data section \'.BTF\' %s%s (%d)!\n",
-@@ -2262,6 +2271,11 @@ static bool bpf_has_glob_data(const struct bpf_elf_ctx *ctx)
+@@ -2286,6 +2295,11 @@ static bool bpf_has_glob_data(const struct bpf_elf_ctx *ctx)
  	return ctx->sec_data;
  }
  
@@ -54,7 +50,7 @@ index eb208275ebaa..69eaa5ee732d 100644
  static int bpf_fetch_ancillary(struct bpf_elf_ctx *ctx, bool check_text_sec)
  {
  	struct bpf_elf_sec_data data;
-@@ -2286,6 +2300,9 @@ static int bpf_fetch_ancillary(struct bpf_elf_ctx *ctx, bool check_text_sec)
+@@ -2310,6 +2324,9 @@ static int bpf_fetch_ancillary(struct bpf_elf_ctx *ctx, bool check_text_sec)
  		else if (data.sec_hdr.sh_type == SHT_PROGBITS &&
  			 !strcmp(data.sec_name, ".data"))
  			ret = bpf_fetch_data(ctx, i, &data);
@@ -64,7 +60,7 @@ index eb208275ebaa..69eaa5ee732d 100644
  		else if (data.sec_hdr.sh_type == SHT_SYMTAB &&
  			 !strcmp(data.sec_name, ".symtab"))
  			ret = bpf_fetch_symtab(ctx, i, &data);
-@@ -2414,6 +2431,19 @@ static int bpf_apply_relo_glob(struct bpf_elf_ctx *ctx, struct bpf_elf_prog *pro
+@@ -2438,6 +2455,19 @@ static int bpf_apply_relo_glob(struct bpf_elf_ctx *ctx, struct bpf_elf_prog *pro
  	return 0;
  }
  
@@ -84,7 +80,7 @@ index eb208275ebaa..69eaa5ee732d 100644
  static int bpf_apply_relo_call(struct bpf_elf_ctx *ctx, struct bpf_elf_prog *prog,
  			       GElf_Rel *relo, GElf_Sym *sym,
  			       struct bpf_relo_props *props)
-@@ -2470,10 +2500,12 @@ static int bpf_apply_relo_data(struct bpf_elf_ctx *ctx,
+@@ -2494,10 +2524,12 @@ static int bpf_apply_relo_data(struct bpf_elf_ctx *ctx,
  			ret = bpf_apply_relo_map(ctx, prog, &relo, &sym, props);
  		else if (sym.st_shndx == ctx->sec_data)
  			ret = bpf_apply_relo_glob(ctx, prog, &relo, &sym, props);
@@ -98,7 +94,7 @@ index eb208275ebaa..69eaa5ee732d 100644
  				relo_ent, sym.st_shndx);
  		if (ret < 0)
  			return ret;
-@@ -2569,7 +2601,8 @@ static int bpf_fetch_prog_sec(struct bpf_elf_ctx *ctx, const char *section)
+@@ -2593,7 +2625,8 @@ static int bpf_fetch_prog_sec(struct bpf_elf_ctx *ctx, const char *section)
  			return ret;
  	}
  
@@ -108,6 +104,3 @@ index eb208275ebaa..69eaa5ee732d 100644
  		ret = bpf_fetch_prog_relo(ctx, section, &lderr, &sseen, &prog);
  	if (ret < 0 && !lderr)
  		ret = bpf_fetch_prog(ctx, section, &sseen);
--- 
-2.19.1
-
diff --git a/bpf-data-section-support-poc.patch b/bpf-data-section-support-poc.patch
index e3486c3..250334e 100644
--- a/bpf-data-section-support-poc.patch
+++ b/bpf-data-section-support-poc.patch
@@ -1,20 +1,16 @@
-From 4e0dcb220bd77a5ddf0f8956740281efbf1ead90 Mon Sep 17 00:00:00 2001
 From: Daniel Borkmann <daniel@iogearbox.net>
-Date: Wed, 31 Oct 2018 20:25:22 +0100
-Subject: [PATCH iproute2-next 1/2] bpf: data section support poc
-To: Stephen Hemminger <stephen@networkplumber.org>
-Cc: netdev@vger.kernel.org, daniel@iogearbox.net
+Subject: bpf: data section support poc
+Patch-mainline: No, status unknown, seems to be implemented in libbpf instead
+References: none
 
 Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
 ---
  lib/bpf.c | 40 ++++++++++++++++++++++++++++++++++++++--
  1 file changed, 38 insertions(+), 2 deletions(-)
 
-diff --git a/lib/bpf.c b/lib/bpf.c
-index 45f279fa4a41..eb208275ebaa 100644
 --- a/lib/bpf.c
 +++ b/lib/bpf.c
-@@ -1142,6 +1142,7 @@ struct bpf_elf_ctx {
+@@ -1147,6 +1147,7 @@ struct bpf_elf_ctx {
  	Elf_Data		*sym_tab;
  	Elf_Data		*str_tab;
  	Elf_Data		*btf_data;
@@ -22,7 +18,7 @@ index 45f279fa4a41..eb208275ebaa 100644
  	char			obj_uid[64];
  	int			obj_fd;
  	int			btf_fd;
-@@ -1157,6 +1158,7 @@ struct bpf_elf_ctx {
+@@ -1162,6 +1163,7 @@ struct bpf_elf_ctx {
  	int			sec_maps;
  	int			sec_text;
  	int			sec_btf;
@@ -30,7 +26,7 @@ index 45f279fa4a41..eb208275ebaa 100644
  	char			license[ELF_MAX_LICENSE_LEN];
  	enum bpf_prog_type	type;
  	__u32			ifindex;
-@@ -2037,6 +2039,15 @@ static int bpf_fetch_text(struct bpf_elf_ctx *ctx, int section,
+@@ -2057,6 +2059,15 @@ static int bpf_fetch_text(struct bpf_elf_ctx *ctx, int section,
  	return 0;
  }
  
@@ -46,7 +42,7 @@ index 45f279fa4a41..eb208275ebaa 100644
  static void bpf_btf_report(int fd, struct bpf_elf_ctx *ctx)
  {
  	fprintf(stderr, "\nBTF debug data section \'.BTF\' %s%s (%d)!\n",
-@@ -2246,6 +2257,11 @@ static bool bpf_has_call_data(const struct bpf_elf_ctx *ctx)
+@@ -2270,6 +2281,11 @@ static bool bpf_has_call_data(const struct bpf_elf_ctx *ctx)
  	return ctx->sec_text;
  }
  
@@ -58,7 +54,7 @@ index 45f279fa4a41..eb208275ebaa 100644
  static int bpf_fetch_ancillary(struct bpf_elf_ctx *ctx, bool check_text_sec)
  {
  	struct bpf_elf_sec_data data;
-@@ -2267,6 +2283,9 @@ static int bpf_fetch_ancillary(struct bpf_elf_ctx *ctx, bool check_text_sec)
+@@ -2291,6 +2307,9 @@ static int bpf_fetch_ancillary(struct bpf_elf_ctx *ctx, bool check_text_sec)
  			 !strcmp(data.sec_name, ".text") &&
  			 check_text_sec)
  			ret = bpf_fetch_text(ctx, i, &data);
@@ -68,7 +64,7 @@ index 45f279fa4a41..eb208275ebaa 100644
  		else if (data.sec_hdr.sh_type == SHT_SYMTAB &&
  			 !strcmp(data.sec_name, ".symtab"))
  			ret = bpf_fetch_symtab(ctx, i, &data);
-@@ -2380,6 +2399,21 @@ static int bpf_apply_relo_map(struct bpf_elf_ctx *ctx, struct bpf_elf_prog *prog
+@@ -2404,6 +2423,21 @@ static int bpf_apply_relo_map(struct bpf_elf_ctx *ctx, struct bpf_elf_prog *prog
  	return 0;
  }
  
@@ -90,7 +86,7 @@ index 45f279fa4a41..eb208275ebaa 100644
  static int bpf_apply_relo_call(struct bpf_elf_ctx *ctx, struct bpf_elf_prog *prog,
  			       GElf_Rel *relo, GElf_Sym *sym,
  			       struct bpf_relo_props *props)
-@@ -2434,10 +2468,12 @@ static int bpf_apply_relo_data(struct bpf_elf_ctx *ctx,
+@@ -2458,10 +2492,12 @@ static int bpf_apply_relo_data(struct bpf_elf_ctx *ctx,
  
  		if (sym.st_shndx == ctx->sec_maps)
  			ret = bpf_apply_relo_map(ctx, prog, &relo, &sym, props);
@@ -104,7 +100,7 @@ index 45f279fa4a41..eb208275ebaa 100644
  				relo_ent, sym.st_shndx);
  		if (ret < 0)
  			return ret;
-@@ -2533,7 +2569,7 @@ static int bpf_fetch_prog_sec(struct bpf_elf_ctx *ctx, const char *section)
+@@ -2557,7 +2593,7 @@ static int bpf_fetch_prog_sec(struct bpf_elf_ctx *ctx, const char *section)
  			return ret;
  	}
  
@@ -113,6 +109,3 @@ index 45f279fa4a41..eb208275ebaa 100644
  		ret = bpf_fetch_prog_relo(ctx, section, &lderr, &sseen, &prog);
  	if (ret < 0 && !lderr)
  		ret = bpf_fetch_prog(ctx, section, &sseen);
--- 
-2.19.1
-
diff --git a/iproute2-5.2.0.tar.sign b/iproute2-5.2.0.tar.sign
deleted file mode 100644
index 863b91faed1824c8130fb07351cb6a817eb81f4fb559c72229c719382f4012d6..0000000000000000000000000000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 566
zcmV-60?GY}0y6{v0SEvc79j+mZ^K2fTj%FyxIB-5r+;9T&E$Rs0$n4BbN~to5P+wD
zV3p0}euQcd{T(v0t>dYk*hJ3zxr=%Ne2pNtz8QAtEz@T6^t%Jp{*eNsayVEB5xoZg
zJ<&Or&Td(*UqhLAU`FNG7JR)H^nrdB0Fh^e-&3x-@knpJB$T~A<`^@5G4aW0=fFED
z@ol7P%J?FrFR`pp#wP{Cpc8k7drc@YQzpN!-Ra-?GEk-b(e->dF~~28LWv85uShZz
zInHq3TRTn8{x4wQNCr3_PQmgG2}uy`nsV(?CmB!<^zb?k)Y?e$F;@{@DZkaTHaWOu
zsP&v<(UA5Sq1Tf}7`3&Q80(6V)Q?oq!{_dtlj%{9Blyv8C-nM=cwPnEbqvt*aG#BQ
z+mUxx1@ss{YCAa|?2&&Lll@ehr}7{k`jOT&X+{3R3brC{;fK~)R1K}T&KrxVG$){_
zpnf2KY^yALVpc)I=4p?+x0E_;U5c_!JLnC?d#ti4q@uJV75?F57(WJ<sD0y^Gk9RB
zjKOonJM7FFi!PFYHL@uUVpZ3fYemDYm0u~{wbIh&dI|<!rH;?kK4S1K^{G#R>3n^J
z+>*`}-0}Ahh|2UPV{KDt=i@d9$o%PR56H34_z6q^-C#l~20FYwG%>WYE}h8W11j-C
zW)Eld%80<shWzGC>P`%GGDqQrczi60_rMz%hXb!CO4d_xu;)**mzj>2_WPRbx<B87
Ef=wzK;Q#;t

diff --git a/iproute2-5.2.0.tar.xz b/iproute2-5.2.0.tar.xz
deleted file mode 100644
index 33c22f4..0000000
--- a/iproute2-5.2.0.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:a5b95dec26353fc71dba9bb403e9343fad2a06bd69fb154a22a2aa2914f74da8
-size 729540
diff --git a/iproute2-5.3.0.tar.sign b/iproute2-5.3.0.tar.sign
new file mode 100644
index 0000000000000000000000000000000000000000000000000000000000000000..e2b3bd3f6173b68271c30ea98257cab0ebdd08f112012255966641f6b824050e
GIT binary patch
literal 566
zcmV-60?GY}0y6{v0SEvc79j+mZ^K2fTj%FyxIB-5r+;9T&E$Rs0$qx4H2?|;5P+wD
zV3p0}eloid0KKB_mE92z6~*TvdK9#K8Lz-X9iN5IxcVl={ncZ7$9)En<3dmca<qRa
zb=rT;^k8=5uSI<OrxuR!LuQS6?aodpC>sRFRmDmr+GB}oS;iR4cp7`26z_U;%NM1D
z199P&jq5(_fD;74z?-=GzRTIEQe+1S6V1ABt!Id>J0AtUoesVo*+18zm=DwV%%er`
z1}7sKZ+;xd_%RVWOmN54Mq2h@=?F0Na0*Y}WnS0o{<7=h)PqpAoKxQKo)AL9nIHq_
zeqDXNkRUYBPpQ!v5HIX8cu{r<VCpdxVKw78x(=@|%RLK;j@~W1AqD85AvvSC0x!yX
zO9&WVLJ}F2CtIL~SSJu3oc>sbB!oS>8%gB%D<51cZ^Z6Uxz{?|#dNDAaB`%=c{hx!
zr&JV9QyH+|2mK|c+<g;TFGYuJ#kmzv@DalIEjjD;*Xy^l1dLCYj&fy9N<X!IJ0YR2
zFFM21B(SVv&yz7)+WAaSDS48m9S4nM!fk74)jw@ECWv_K0{9yDHJwAwlR9)5#l9Mm
zhRxU4#Oo3~JjT{i{amQ!noB67Ju|R0W6}+%B+=yb1&EkVs6rniW;h6Q&@j`b?z-av
zh4yz~-%U0=7PF&{Dhv|C;25x4Dq=J%p+ddycvlEmCg`%NPiS{nx3{8Jm^4Iq_$as^
E-JuBzmH+?%

literal 0
HcmV?d00001

diff --git a/iproute2-5.3.0.tar.xz b/iproute2-5.3.0.tar.xz
new file mode 100644
index 0000000..ef9ac7c
--- /dev/null
+++ b/iproute2-5.3.0.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:cb1c1e45993a3bd2438543fd4332d70f1726a6e6ff97dc613a8258c993117b3f
+size 742660
diff --git a/iproute2.changes b/iproute2.changes
index eedcab9..78337c2 100644
--- a/iproute2.changes
+++ b/iproute2.changes
@@ -1,3 +1,33 @@
+-------------------------------------------------------------------
+Wed Sep 25 07:07:32 UTC 2019 - Michal Kubeček <mkubecek@suse.cz>
+
+- Update to new upstream release 5.3
+  * devlink: show devlink port number
+  * devlink: introduce PCI PF and VF port flavor and attribute
+  * ip: support for nexthop objects
+  * ip: add -Numeric option
+  * ip: bond: support peer notification delay
+  * rdma: query/set netns sharing sys parameter
+  * rdma: support setting netns of rdma device
+  * rdma: support "stat qp show"
+  * rdma: support per-port counter mode
+  * rdma: support stat manual mode
+  * rdma: support default counter statistics
+  * rdma: support CQ adaptive moderation
+  * tc: support act_ctinfo action
+  * tc: skbedit: add mask parameter
+  * tc: add mpls actions
+  * tc: stricter parameter parsing
+  * tc: netem: json output
+  * tipc: support interface name when activating UDP bearer
+  * update documentation
+- refresh
+  * xfrm-support-displaying-transformations-used-for-Mob.patch
+  * bpf-data-section-support-poc.patch
+  * bpf-bss-section-poc.patch
+- use fallback definition %make_build if it is not defined
+  (fix SLE12 build)
+
 -------------------------------------------------------------------
 Mon Aug 12 07:00:32 UTC 2019 - Martin Liška <mliska@suse.cz>
 
diff --git a/iproute2.spec b/iproute2.spec
index 498115b..ffa3a6d 100644
--- a/iproute2.spec
+++ b/iproute2.spec
@@ -17,9 +17,9 @@
 
 
 Name:           iproute2
-Version:        5.2
+Version:        5.3
 Release:        0
-%define rversion 5.2.0
+%define rversion 5.3.0
 Summary:        Linux network configuration utilities
 License:        GPL-2.0-only
 Group:          Productivity/Networking/Routing
@@ -102,6 +102,9 @@ find . -name *.orig -delete
 # https://bugzilla.novell.com/show_bug.cgi?id=388021
 xt_libdir="$(pkg-config xtables --variable=xtlibdir)"
 xt_cflags="$(pkg-config xtables --cflags)"
+%if 0%{!?make_build:1}
+%define make_build make %{?_smp_mflags}
+%endif
 %make_build CCOPTS="-D_GNU_SOURCE %optflags -Wstrict-prototypes -Wno-error -fPIC -DXT_LIB_DIR=\\\"$xt_libdir\\\" $xt_cflags"
 
 %install
diff --git a/xfrm-support-displaying-transformations-used-for-Mob.patch b/xfrm-support-displaying-transformations-used-for-Mob.patch
index a1444ee..f131b5c 100644
--- a/xfrm-support-displaying-transformations-used-for-Mob.patch
+++ b/xfrm-support-displaying-transformations-used-for-Mob.patch
@@ -1,5 +1,4 @@
 From: Jan Engelhardt <jengelh@inai.de>
-Date: Wed, 21 Jan 2015 22:57:10 +0100
 Subject: xfrm: support displaying transformations used for Mobile IPv6
 Patch-mainline: No
 
@@ -7,15 +6,13 @@ Patch taken from mip6d-ng c397c3b4a16bb2e31a86f6c5e344a1278d1577c5
 and included in openSUSE so as to facilitate mip6d-ng.
 ---
  ip/ipxfrm.c      | 2 +-
- ip/xfrm_policy.c | 1 +
- ip/xfrm_state.c  | 1 +
- 3 files changed, 3 insertions(+), 1 deletion(-)
+ ip/xfrm_policy.c | 3 ++-
+ ip/xfrm_state.c  | 3 ++-
+ 3 files changed, 5 insertions(+), 3 deletions(-)
 
-diff --git a/ip/ipxfrm.c b/ip/ipxfrm.c
-index d5eb22e25476..b72858d8a210 100644
 --- a/ip/ipxfrm.c
 +++ b/ip/ipxfrm.c
-@@ -114,7 +114,7 @@ struct typeent {
+@@ -103,7 +103,7 @@ struct typeent {
  static const struct typeent xfrmproto_types[] = {
  	{ "esp", IPPROTO_ESP }, { "ah", IPPROTO_AH }, { "comp", IPPROTO_COMP },
  	{ "route2", IPPROTO_ROUTING }, { "hao", IPPROTO_DSTOPTS },
@@ -24,30 +21,33 @@ index d5eb22e25476..b72858d8a210 100644
  	{ NULL, -1 }
  };
  
-diff --git a/ip/xfrm_policy.c b/ip/xfrm_policy.c
-index de689c4d86c4..6ee2ec6abeba 100644
 --- a/ip/xfrm_policy.c
 +++ b/ip/xfrm_policy.c
-@@ -93,6 +93,7 @@ static void usage(void)
- 	fprintf(stderr, "%s | ", strxf_xfrmproto(IPPROTO_ESP));
- 	fprintf(stderr, "%s | ", strxf_xfrmproto(IPPROTO_AH));
- 	fprintf(stderr, "%s | ", strxf_xfrmproto(IPPROTO_COMP));
-+	fprintf(stderr, "%s | ", strxf_xfrmproto(IPPROTO_IPV6));
- 	fprintf(stderr, "%s | ", strxf_xfrmproto(IPPROTO_ROUTING));
- 	fprintf(stderr, "%s\n", strxf_xfrmproto(IPPROTO_DSTOPTS));
- 	fprintf(stderr, "MODE := transport | tunnel | beet | ro | in_trigger\n");
-diff --git a/ip/xfrm_state.c b/ip/xfrm_state.c
-index e11c93bf1c3b..b501e6d04727 100644
+@@ -97,10 +97,11 @@ static void usage(void)
+ 		"ID := [ src ADDR ] [ dst ADDR ] [ proto XFRM-PROTO ] [ spi SPI ]\n"
+ 		"XFRM-PROTO := ");
+ 	fprintf(stderr,
+-		"%s | %s | %s | %s | %s\n",
++		"%s | %s | %s | %s | %s | %s\n",
+ 		strxf_xfrmproto(IPPROTO_ESP),
+ 		strxf_xfrmproto(IPPROTO_AH),
+ 		strxf_xfrmproto(IPPROTO_COMP),
++		strxf_xfrmproto(IPPROTO_IPV6),
+ 		strxf_xfrmproto(IPPROTO_ROUTING),
+ 		strxf_xfrmproto(IPPROTO_DSTOPTS));
+ 	fprintf(stderr,
 --- a/ip/xfrm_state.c
 +++ b/ip/xfrm_state.c
-@@ -73,6 +73,7 @@ static void usage(void)
- 	fprintf(stderr, "%s | ", strxf_xfrmproto(IPPROTO_ESP));
- 	fprintf(stderr, "%s | ", strxf_xfrmproto(IPPROTO_AH));
- 	fprintf(stderr, "%s | ", strxf_xfrmproto(IPPROTO_COMP));
-+	fprintf(stderr, "%s | ", strxf_xfrmproto(IPPROTO_IPV6));
- 	fprintf(stderr, "%s | ", strxf_xfrmproto(IPPROTO_ROUTING));
- 	fprintf(stderr, "%s\n", strxf_xfrmproto(IPPROTO_DSTOPTS));
- 	fprintf(stderr, "ALGO-LIST := [ ALGO-LIST ] ALGO\n");
--- 
-2.14.1
-
+@@ -76,10 +76,11 @@ static void usage(void)
+ 		"ID := [ src ADDR ] [ dst ADDR ] [ proto XFRM-PROTO ] [ spi SPI ]\n"
+ 		"XFRM-PROTO := ");
+ 	fprintf(stderr,
+-		"%s | %s | %s | %s | %s\n",
++		"%s | %s | %s | %s | %s | %s\n",
+ 		strxf_xfrmproto(IPPROTO_ESP),
+ 		strxf_xfrmproto(IPPROTO_AH),
+ 		strxf_xfrmproto(IPPROTO_COMP),
++		strxf_xfrmproto(IPPROTO_IPV6),
+ 		strxf_xfrmproto(IPPROTO_ROUTING),
+ 		strxf_xfrmproto(IPPROTO_DSTOPTS));
+ 	fprintf(stderr,