Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp105141imu; Wed, 21 Nov 2018 16:14:18 -0800 (PST) X-Google-Smtp-Source: AJdET5crxyIclBS99I4Y19HGyCqmQ1OP+Q43XpEHxi9u7a3QGfS1B5QUsumw02nv6kWMQSWR3oNy X-Received: by 2002:a62:399b:: with SMTP id u27mr9331962pfj.181.1542845658105; Wed, 21 Nov 2018 16:14:18 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1542845658; cv=none; d=google.com; s=arc-20160816; b=EiCA0NNf1LWGKlO7vk+tLqjfXXA1uMnJCXCY2sQKswRnthqShhC3JXJX3JNgyN2uwk g20aDvq4e9Y6tZzST4MLilgLIvYbOBELHZtQxlCt670MpbGJfyTVh+1omFmECMNtEG/e 6+QWd8k67T51veKaeA6Q0JJT+pyOcvgajQY6z53eLu40Q4r+m2aaN8vbI+uvzPI+ch9x O+yFpa4HCn9WWX4R6s19iXuOhRvUrv53qOwM13Fh+Hfw35XhgdOPsKJmvYWDNvu2rrdr fDJMnLbiUwBYiiVTIkWz0/khqTdhe6dtWKKb44vdI1Zaj3E0ALJyuTIyhXG4XsSeDaPQ jgZQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=ZWHm/qWNFeVzKS3x1CDbVoYCwiUKCWDUoSyWM7QH+w8=; b=Q4tlFSSgV/G0QbDgNloXGFQpK7eo03cKcbGMxWu1+8Nw0plpC4KUVO8KucbHHnXfkK dvs/0vy+EK2QmusbkTWHM7Ts2sjU+loT4PlDkxCchBq8J9C8yB9qbdHH99LITeRcox5n TcSZBMjddLbpA4N5mfmsovmjWs/asBX1GSjYkRs49Vxsc8B2KW/qzvuGW6xeoklqum0h aIHRNOVweuX5lsiWclYzjiynmt8jFp5P5BwsRZ9Iov17jBL69nqZcemjO1/DSb+wvy20 NO2pLnzzmrlCiesPOr1sS646xcRg2TlWPONK6LbXhXrqR8C2VLcXxOD/LwUtNu83FGLZ hXyw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=x0Xi8GRb; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j187si4021803pfg.160.2018.11.21.16.14.03; Wed, 21 Nov 2018 16:14:18 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=x0Xi8GRb; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388522AbeKVFpR (ORCPT + 99 others); Thu, 22 Nov 2018 00:45:17 -0500 Received: from mail.kernel.org ([198.145.29.99]:40060 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730870AbeKVFpQ (ORCPT ); Thu, 22 Nov 2018 00:45:16 -0500 Received: from localhost (5356596B.cm-6-7b.dynamic.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 6C2C12151B; Wed, 21 Nov 2018 19:09:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1542827383; bh=T5BRjfZIa3GLOEFxW+bwXD8ZBLYXvBQCUYKQaPWZFgI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=x0Xi8GRb8433kdNKZV9j5ZKeNWVmGh5lza5LccySq9BO33pdfhNLP2WAx6NizHKi3 E011mWnrJarZSLgcUoAUgy1q8EOR+J2s68Z/P9SJxM7Z5W5HkBG4UEYTFXWI9Vni2f 8egAdQ04W5aipMLNeI8zNeKKwXVBGygu/8/+L2FA= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, =?UTF-8?q?=EB=B0=B0=EC=84=9D=EC=A7=84?= , Eric Dumazet , "David S. Miller" Subject: [PATCH 4.9 01/59] flow_dissector: do not dissect l4 ports for fragments Date: Wed, 21 Nov 2018 20:06:16 +0100 Message-Id: <20181121183508.316417893@linuxfoundation.org> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20181121183508.262873520@linuxfoundation.org> References: <20181121183508.262873520@linuxfoundation.org> User-Agent: quilt/0.65 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.9-stable review patch. If anyone has any objections, please let me know. ------------------ From: 배석진 [ Upstream commit 62230715fd2453b3ba948c9d83cfb3ada9169169 ] Only first fragment has the sport/dport information, not the following ones. If we want consistent hash for all fragments, we need to ignore ports even for first fragment. This bug is visible for IPv6 traffic, if incoming fragments do not have a flow label, since skb_get_hash() will give different results for first fragment and following ones. It is also visible if any routing rule wants dissection and sport or dport. See commit 5e5d6fed3741 ("ipv6: route: dissect flow in input path if fib rules need it") for details. [edumazet] rewrote the changelog completely. Fixes: 06635a35d13d ("flow_dissect: use programable dissector in skb_flow_dissect and friends") Signed-off-by: 배석진 Signed-off-by: Eric Dumazet Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman --- net/core/flow_dissector.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) --- a/net/core/flow_dissector.c +++ b/net/core/flow_dissector.c @@ -538,8 +538,8 @@ ip_proto_again: break; } - if (dissector_uses_key(flow_dissector, - FLOW_DISSECTOR_KEY_PORTS)) { + if (dissector_uses_key(flow_dissector, FLOW_DISSECTOR_KEY_PORTS) && + !(key_control->flags & FLOW_DIS_IS_FRAGMENT)) { key_ports = skb_flow_dissector_target(flow_dissector, FLOW_DISSECTOR_KEY_PORTS, target_container);