diff options
author | Felix Fietkau <nbd@nbd.name> | 2018-06-13 12:46:54 +0200 |
---|---|---|
committer | Felix Fietkau <nbd@nbd.name> | 2018-06-13 12:54:45 +0200 |
commit | 68ab89854fede80ab6a4279204462d6b898a653f (patch) | |
tree | 36bde2b19edc0047e0763949722178b231593a75 /target/linux/generic/pending-4.14/645-netfilter-nf_flow_table-rework-hardware-offload-time.patch | |
parent | e820734f79e5acc02f837da37deb370d76cad8b2 (diff) | |
download | upstream-68ab89854fede80ab6a4279204462d6b898a653f.tar.gz upstream-68ab89854fede80ab6a4279204462d6b898a653f.tar.bz2 upstream-68ab89854fede80ab6a4279204462d6b898a653f.zip |
kernel: fix conntrack leak for flow_offload connections
This was caused by a race condition between offload teardown and
conntrack gc bumping the timeout of offloaded connections
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Diffstat (limited to 'target/linux/generic/pending-4.14/645-netfilter-nf_flow_table-rework-hardware-offload-time.patch')
-rw-r--r-- | target/linux/generic/pending-4.14/645-netfilter-nf_flow_table-rework-hardware-offload-time.patch | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/target/linux/generic/pending-4.14/645-netfilter-nf_flow_table-rework-hardware-offload-time.patch b/target/linux/generic/pending-4.14/645-netfilter-nf_flow_table-rework-hardware-offload-time.patch index 8da15bc336..2b3725f81e 100644 --- a/target/linux/generic/pending-4.14/645-netfilter-nf_flow_table-rework-hardware-offload-time.patch +++ b/target/linux/generic/pending-4.14/645-netfilter-nf_flow_table-rework-hardware-offload-time.patch @@ -26,9 +26,9 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name> struct flow_offload_tuple_rhash tuplehash[FLOW_OFFLOAD_DIR_MAX]; --- a/net/netfilter/nf_flow_table_core.c +++ b/net/netfilter/nf_flow_table_core.c -@@ -332,7 +332,7 @@ static int nf_flow_offload_gc_step(struc - teardown = flow->flags & (FLOW_OFFLOAD_DYING | - FLOW_OFFLOAD_TEARDOWN); +@@ -355,7 +355,7 @@ static int nf_flow_offload_gc_step(struc + if (!teardown) + nf_ct_offload_timeout(flow); - if (nf_flow_in_hw(flow) && !teardown) + if ((flow->flags & FLOW_OFFLOAD_KEEP) && !teardown) |