Hello:
This patch was applied to netdev/net.git (main)
by Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>:
On Thu, 17 Apr 2025 12:28:47 +0200 you wrote:
> From: Florian Westphal <fw@xxxxxxxxx>
>
> The blamed commit exposes a possible issue with flow_offload_teardown():
> We might remove the offload bit of a conntrack entry that has been
> offloaded again.
>
> 1. conntrack entry c1 is offloaded via flow f1 (f1->ct == c1).
> 2. f1 times out and is pushed back to slowpath, c1 offload bit is
> removed. Due to bug, f1 is not unlinked from rhashtable right away.
> 3. a new packet arrives for the flow and re-offload is triggered, i.e.
> f2->ct == c1. This is because lookup in flowtable skip entries with
> teardown bit set.
> 4. Next flowtable gc cycle finds f1 again
> 5. flow_offload_teardown() is called again for f1 and c1 offload bit is
> removed again, even though we have f2 referencing the same entry.
>
> [...]
Here is the summary with links:
- [net,1/1] netfilter: conntrack: fix erronous removal of offload bit
https://git.kernel.org/netdev/net/c/d2d31ea8cd80
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
