Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp84176imu; Wed, 21 Nov 2018 15:50:50 -0800 (PST) X-Google-Smtp-Source: AFSGD/X2dZ2ZJGj0fZ+zRqWjgY3dTWQJhuaQSG/ggWk+HwL/pdTnG/KEDOLH+INZd+BIXdLhvgBJ X-Received: by 2002:a63:4613:: with SMTP id t19-v6mr7937888pga.197.1542844250314; Wed, 21 Nov 2018 15:50:50 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1542844250; cv=none; d=google.com; s=arc-20160816; b=JHHiAARArLEkrLczg84lcD6huvhN+FgvB7KimKUzd8NuV7B+BLN/qRMMvaHcqhkNCX yjQ5ptsJnoabDT89eLmCCLEItnsUDdTf0+4xo5a39SHzoiLrY9gQnpDpivlU7lp+Mh9e elW5EyeDH+luu9zO+9JaUhXE9rQcGH+dwfkWkV0bn5D+/d3WfcyzI0QKJSwGUH0l0Zbn fqENeCYkTvRapQ3gDRPW+kvqHo7JLflhwhtHj2rJhzE78romIjQpSmDI67K8H6Fiap/m tj4L54TAmA0jybYNY57JdsFjma+LZdi6oyLtlRnZB8IHcBeo3IQOD943sLzsWYfB3THT 0JQg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=InFVR+wOwsd42tMYiNqo7KBlspuHlJH4qyvgG3CgOAE=; b=Rowxqfc9bFX4vUABimHBVxm0Yj6BUffHOV05VDDFeWajntJIi0NIUyHJMWh2Tefh5m 9PQXA98n0Eu/dhpYM5k3EESNKsjfjhMdwJ2NDbv3OVXIW6ofqQu/4QOEHPlaNTP46sH8 74+8dSfbVslsn3ZXqvAgO2ZbQCnQol8oB9Vy0JI2q9NGH1OltoHdtcyKM1RGOevAWrzk CwA0CkEROQAx6S+mGGc2bvyerFKTl/4zJexID/cF11uUDKermPfSLOQ3de033SGla5cD J2ykSA4IBknOF0EF+V2/ZMbgIQSk1hXBuukx0KKd/svZ30bsbJTmeT4U65rQ4Y06WMPL J50Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=QvL2w46g; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 37si44852230pgw.590.2018.11.21.15.50.35; Wed, 21 Nov 2018 15:50:50 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=QvL2w46g; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388201AbeKVFoX (ORCPT + 99 others); Thu, 22 Nov 2018 00:44:23 -0500 Received: from mail.kernel.org ([198.145.29.99]:38896 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726862AbeKVFoX (ORCPT ); Thu, 22 Nov 2018 00:44:23 -0500 Received: from localhost (5356596B.cm-6-7b.dynamic.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id EA4DE214D9; Wed, 21 Nov 2018 19:08:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1542827330; bh=bQcNOcGRIEK0Qx8XCflbQ1aLGUJSF8TEIjdRTFPEePw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=QvL2w46gjUBt4aZuOR1y9u05QzHPrNO7bM4uwD2Ce2RPr9ZdtZPzup5/v9zbCPYMW WLomiEVKdOfQlM1+NffiqDJv3cVLYFLSzT8yq69jbbMRI5zXVo0pr7NgBtiK7/uOxK Olx8ebukSmIMGBOG2K/P0TRdixhkxehAZ1yFnS+I= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, =?UTF-8?q?=EB=B0=B0=EC=84=9D=EC=A7=84?= , Eric Dumazet , "David S. Miller" Subject: [PATCH 4.14 01/21] flow_dissector: do not dissect l4 ports for fragments Date: Wed, 21 Nov 2018 20:06:45 +0100 Message-Id: <20181121183422.162425937@linuxfoundation.org> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20181121183422.103826775@linuxfoundation.org> References: <20181121183422.103826775@linuxfoundation.org> User-Agent: quilt/0.65 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.14-stable review patch. If anyone has any objections, please let me know. ------------------ From: 배석진 [ Upstream commit 62230715fd2453b3ba948c9d83cfb3ada9169169 ] Only first fragment has the sport/dport information, not the following ones. If we want consistent hash for all fragments, we need to ignore ports even for first fragment. This bug is visible for IPv6 traffic, if incoming fragments do not have a flow label, since skb_get_hash() will give different results for first fragment and following ones. It is also visible if any routing rule wants dissection and sport or dport. See commit 5e5d6fed3741 ("ipv6: route: dissect flow in input path if fib rules need it") for details. [edumazet] rewrote the changelog completely. Fixes: 06635a35d13d ("flow_dissect: use programable dissector in skb_flow_dissect and friends") Signed-off-by: 배석진 Signed-off-by: Eric Dumazet Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman --- net/core/flow_dissector.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) --- a/net/core/flow_dissector.c +++ b/net/core/flow_dissector.c @@ -838,8 +838,8 @@ ip_proto_again: break; } - if (dissector_uses_key(flow_dissector, - FLOW_DISSECTOR_KEY_PORTS)) { + if (dissector_uses_key(flow_dissector, FLOW_DISSECTOR_KEY_PORTS) && + !(key_control->flags & FLOW_DIS_IS_FRAGMENT)) { key_ports = skb_flow_dissector_target(flow_dissector, FLOW_DISSECTOR_KEY_PORTS, target_container);