Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp5607351imu; Mon, 26 Nov 2018 02:56:12 -0800 (PST) X-Google-Smtp-Source: AFSGD/XjtHwHP6bUxLlZ7cxs/TpL/L6wBNtNvbNQZ5M41qc2qmGSOTCX9GJ3HF3uZR0uW7Mz6RvF X-Received: by 2002:a63:101:: with SMTP id 1mr24359319pgb.152.1543229772837; Mon, 26 Nov 2018 02:56:12 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1543229772; cv=none; d=google.com; s=arc-20160816; b=odMKRkSqbcahvDs21fbB+XXm2oFDTxzqQd8RrDsTemDrpvFlqqquGYdAfqJBmEsium vdQ6Y1Js8Km/tdsNdTLEawk7iR79eBIY8WdbiIRLxbaLdpjdTm2FmwG33p8mzj1SIpKb cTl3BGoLAVTcsPF2nmoAyvsNXr+cWVyTvfAigfoICz1W4Za+bPY2G1SOBnMpnuVs1wlf MgzdcuIIPU0zikbPcuRX7LFpaetv74WEVd6phNpUFTFudkv1R9sj8KhFtZ6YtyPiBgp8 K5jA/Z9tcO8j0l6XZEm2K7Ub3T+na3qlXgbLmXPZToZC2ILe+jboNEXfB+iZM8oVB1Bc aFSw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=CcUTdT2B1ri2VZyO6oqtZWezNWDMWtQlB6ddvX2GPtY=; b=scRP35KlCbX9bUOO32bDwRlrQEAUSTp7Y+yjt1wgvVDbZzpKrZs/npUHZzj248ddVU ajMVQcArIFGPEBFEPhm21T1yE6dS2h8WF2uBZQEMZy2AYNMxtH0lvDZ1x0YD1xUHKWEI ZYhZsu4277BPja8KJoyY+6YupaSqnCBZr9lnRwrxptx8bts88kqgwFNCcs8jDJB16Uda z0zr1mvI3PiWw/t7GcntUeqZ6mIm8yWSEu9epAQWQOHw/2XGfXBAkGllLc6GY2E0lvlY pPuJ+M6UG3+58CG0AnddnXPaPRY/V12l2/TXckeRYijpvpqUwcd9fMQ9dDF1/Oavfz3T Ax/w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=ZmVTpv2N; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id e63si59560721pgc.239.2018.11.26.02.55.58; Mon, 26 Nov 2018 02:56:12 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=ZmVTpv2N; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727015AbeKZVr0 (ORCPT + 99 others); Mon, 26 Nov 2018 16:47:26 -0500 Received: from mail.kernel.org ([198.145.29.99]:55622 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726138AbeKZVr0 (ORCPT ); Mon, 26 Nov 2018 16:47:26 -0500 Received: from localhost (5356596B.cm-6-7b.dynamic.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 1DA9E2089F; Mon, 26 Nov 2018 10:53:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1543229622; bh=zct57Nzi0/6IrqHbQW2JJKFcpWjLjH5fVz2xk/6ocxU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=ZmVTpv2N89g/TAKnKDt6qKtNyhownHwTzHlpBYQLVa53WFiXP/0ySvcEHCKLV4mxM yWPALQz8l/Kt+BYepavNoieJ+rUL52L5YA36dsPLlbSU+tY3jadHWNokqjNhD7JeNY 9CMnFzx8G7gVT7emlQ3gRS6UisRreu9QHTPAZzkU= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, =?UTF-8?q?=EB=B0=B0=EC=84=9D=EC=A7=84?= , Eric Dumazet , "David S. Miller" Subject: [PATCH 4.4 01/70] flow_dissector: do not dissect l4 ports for fragments Date: Mon, 26 Nov 2018 11:50:16 +0100 Message-Id: <20181126105046.915034200@linuxfoundation.org> X-Mailer: git-send-email 2.19.2 In-Reply-To: <20181126105046.722096341@linuxfoundation.org> References: <20181126105046.722096341@linuxfoundation.org> User-Agent: quilt/0.65 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.4-stable review patch. If anyone has any objections, please let me know. ------------------ From: 배석진 [ Upstream commit 62230715fd2453b3ba948c9d83cfb3ada9169169 ] Only first fragment has the sport/dport information, not the following ones. If we want consistent hash for all fragments, we need to ignore ports even for first fragment. This bug is visible for IPv6 traffic, if incoming fragments do not have a flow label, since skb_get_hash() will give different results for first fragment and following ones. It is also visible if any routing rule wants dissection and sport or dport. See commit 5e5d6fed3741 ("ipv6: route: dissect flow in input path if fib rules need it") for details. [edumazet] rewrote the changelog completely. Fixes: 06635a35d13d ("flow_dissect: use programable dissector in skb_flow_dissect and friends") Signed-off-by: 배석진 Signed-off-by: Eric Dumazet Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman --- net/core/flow_dissector.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) --- a/net/core/flow_dissector.c +++ b/net/core/flow_dissector.c @@ -480,8 +480,8 @@ ip_proto_again: break; } - if (dissector_uses_key(flow_dissector, - FLOW_DISSECTOR_KEY_PORTS)) { + if (dissector_uses_key(flow_dissector, FLOW_DISSECTOR_KEY_PORTS) && + !(key_control->flags & FLOW_DIS_IS_FRAGMENT)) { key_ports = skb_flow_dissector_target(flow_dissector, FLOW_DISSECTOR_KEY_PORTS, target_container);