Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp12906imu; Wed, 21 Nov 2018 14:28:44 -0800 (PST) X-Google-Smtp-Source: AFSGD/XGAjOPcajrQYMyWT7NwHIlrvkdObqh698xK3xkA0LVpBNS7ZGdLGnECNToXGMlaD1iupl7 X-Received: by 2002:a17:902:43e4:: with SMTP id j91mr8406310pld.147.1542839324316; Wed, 21 Nov 2018 14:28:44 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1542839324; cv=none; d=google.com; s=arc-20160816; b=gHjPDsGz7EFAwjKOdCl0lN5ViNooewIFiwEm8A2aMSaGAj/oU76s3QTA2s+QmgsK6X /RXDrK1O2LAh0PT1OMGTiq+In2ARKAhMayav1H4l5EQSKElI6pE7+IK4UVgJZvDQ7iLw TR5vKXRzY/tSOefmPCxVLlirhDNBlF+rG3uccTfJVc322F91SKi2GZ8kbaTat15HCAaL PjMxBEULmzXSkDtnV2VgmdMNuaL8U7epiGx8V5Y8U+FSHJJtK3ieQ/3/CdL6V9OaE1vg E1pNwOn4b5b67KKqxyBEB2mwSKcMnpS7b4ohzCOCIfG/iU8m9r5SrJI8TWqqUPJnRCpi +3hA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=4dSZzDtkWMOBSp+Hor92WXhoVLk45KuGNN5d0DGFO+0=; b=T1WKLB1QiqexbNMSwGUPfcA/cDON/1KsIW9RTsAmAhtZ3A4jaaJTldwga1tWInIXA5 BFacXQaaQol91r84hBlvMExRJdJNkf8KxITHMI+VqOCOymZQDdmKz9xDkPwfT2wzHHmn iVcV3BSrESBYbUokDR/30+mDsmGvfI8riSEakN92IuJ1g/zgWiJmLCPK2wJf32jF9yN+ OHCYPDPd7oqf50UNJRuyxD85RtxAJNnvIr/boZCrb5Y/xwSqZZN73QRfsX0ocjQPzIsb wMNoxH5W0+qL8pDoFealyufWm3XPXKzA17RyyxkZq5Cc05/XXb57JpAsicYBbQhg0/sl wmLg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=Dk1+1Q4z; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x2si37727062pgi.152.2018.11.21.14.28.27; Wed, 21 Nov 2018 14:28:44 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=Dk1+1Q4z; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732153AbeKVFmI (ORCPT + 99 others); Thu, 22 Nov 2018 00:42:08 -0500 Received: from mail.kernel.org ([198.145.29.99]:36432 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730172AbeKVFmI (ORCPT ); Thu, 22 Nov 2018 00:42:08 -0500 Received: from localhost (5356596B.cm-6-7b.dynamic.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 24130214D9; Wed, 21 Nov 2018 19:06:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1542827195; bh=hzHQ7nu5HGWjRs90yK2jy7Uw9Y7gqzwn40CG8q0GUIw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Dk1+1Q4z3W4NqTGBNr6k9JnS4R3m1z1fNsx7Lzp8c1QOJna6ZWKLrTetoz3nqiIlu xKZAr8FRiQ82rkzgR6qTm92d29uWFTzQP2OkDayQ9vI4EGToAwZi5i54i01lJ/Xe1R nSkthELUPam6p45i7lBu8vWQcGdAyiCavT4dW2LM= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, =?UTF-8?q?=EB=B0=B0=EC=84=9D=EC=A7=84?= , Eric Dumazet , "David S. Miller" Subject: [PATCH 4.19 01/42] flow_dissector: do not dissect l4 ports for fragments Date: Wed, 21 Nov 2018 20:05:37 +0100 Message-Id: <20181121183147.938018961@linuxfoundation.org> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20181121183147.869199006@linuxfoundation.org> References: <20181121183147.869199006@linuxfoundation.org> User-Agent: quilt/0.65 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.19-stable review patch. If anyone has any objections, please let me know. ------------------ From: 배석진 [ Upstream commit 62230715fd2453b3ba948c9d83cfb3ada9169169 ] Only first fragment has the sport/dport information, not the following ones. If we want consistent hash for all fragments, we need to ignore ports even for first fragment. This bug is visible for IPv6 traffic, if incoming fragments do not have a flow label, since skb_get_hash() will give different results for first fragment and following ones. It is also visible if any routing rule wants dissection and sport or dport. See commit 5e5d6fed3741 ("ipv6: route: dissect flow in input path if fib rules need it") for details. [edumazet] rewrote the changelog completely. Fixes: 06635a35d13d ("flow_dissect: use programable dissector in skb_flow_dissect and friends") Signed-off-by: 배석진 Signed-off-by: Eric Dumazet Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman --- net/core/flow_dissector.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) --- a/net/core/flow_dissector.c +++ b/net/core/flow_dissector.c @@ -1026,8 +1026,8 @@ ip_proto_again: break; } - if (dissector_uses_key(flow_dissector, - FLOW_DISSECTOR_KEY_PORTS)) { + if (dissector_uses_key(flow_dissector, FLOW_DISSECTOR_KEY_PORTS) && + !(key_control->flags & FLOW_DIS_IS_FRAGMENT)) { key_ports = skb_flow_dissector_target(flow_dissector, FLOW_DISSECTOR_KEY_PORTS, target_container);