diff options
author | Felix Fietkau <nbd@nbd.name> | 2018-06-13 12:46:54 +0200 |
---|---|---|
committer | Felix Fietkau <nbd@nbd.name> | 2018-06-14 11:47:58 +0200 |
commit | 244fd1aac66090c110a421f1411835a09847150d (patch) | |
tree | 6a3211326908b7a90ab430ec10d05199462df33b /target/linux/generic/pending-4.14/645-netfilter-nf_flow_table-rework-hardware-offload-time.patch | |
parent | 8e1269c29d4c97dd496c587ba9b182462b299681 (diff) | |
download | upstream-244fd1aac66090c110a421f1411835a09847150d.tar.gz upstream-244fd1aac66090c110a421f1411835a09847150d.tar.bz2 upstream-244fd1aac66090c110a421f1411835a09847150d.zip |
kernel: fix conntrack leak for flow_offload connections
This was caused by a race condition between offload teardown and
conntrack gc bumping the timeout of offloaded connections
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Diffstat (limited to 'target/linux/generic/pending-4.14/645-netfilter-nf_flow_table-rework-hardware-offload-time.patch')
-rw-r--r-- | target/linux/generic/pending-4.14/645-netfilter-nf_flow_table-rework-hardware-offload-time.patch | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/target/linux/generic/pending-4.14/645-netfilter-nf_flow_table-rework-hardware-offload-time.patch b/target/linux/generic/pending-4.14/645-netfilter-nf_flow_table-rework-hardware-offload-time.patch index 8da15bc336..2b3725f81e 100644 --- a/target/linux/generic/pending-4.14/645-netfilter-nf_flow_table-rework-hardware-offload-time.patch +++ b/target/linux/generic/pending-4.14/645-netfilter-nf_flow_table-rework-hardware-offload-time.patch @@ -26,9 +26,9 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name> struct flow_offload_tuple_rhash tuplehash[FLOW_OFFLOAD_DIR_MAX]; --- a/net/netfilter/nf_flow_table_core.c +++ b/net/netfilter/nf_flow_table_core.c -@@ -332,7 +332,7 @@ static int nf_flow_offload_gc_step(struc - teardown = flow->flags & (FLOW_OFFLOAD_DYING | - FLOW_OFFLOAD_TEARDOWN); +@@ -355,7 +355,7 @@ static int nf_flow_offload_gc_step(struc + if (!teardown) + nf_ct_offload_timeout(flow); - if (nf_flow_in_hw(flow) && !teardown) + if ((flow->flags & FLOW_OFFLOAD_KEEP) && !teardown) |