mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-06 16:49:22 +00:00
Code Issues Releases Wiki Activity
linux-stable/net
History
Quan Tian 6ffab754d2 net/ipv6: SKB symmetric hash should incorporate transport ports 
commit a5e2151ff9 upstream.

__skb_get_hash_symmetric() was added to compute a symmetric hash over
the protocol, addresses and transport ports, by commit eb70db8756
("packet: Use symmetric hash for PACKET_FANOUT_HASH."). It uses
flow_keys_dissector_symmetric_keys as the flow_dissector to incorporate
IPv4 addresses, IPv6 addresses and ports. However, it should not specify
the flag as FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL, which stops further
dissection when an IPv6 flow label is encountered, making transport
ports not being incorporated in such case.

As a consequence, the symmetric hash is based on 5-tuple for IPv4 but
3-tuple for IPv6 when flow label is present. It caused a few problems,
e.g. when nft symhash and openvswitch l4_sym rely on the symmetric hash
to perform load balancing as different L4 flows between two given IPv6
addresses would always get the same symmetric hash, leading to uneven
traffic distribution.

Removing the use of FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL makes sure the
symmetric hash is based on 5-tuple for both IPv4 and IPv6 consistently.

Fixes: eb70db8756 ("packet: Use symmetric hash for PACKET_FANOUT_HASH.")
Reported-by: Lars Ekman <uablrek@gmail.com>
Closes: https://github.com/antrea-io/antrea/issues/5457
Signed-off-by: Quan Tian <qtian@vmware.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2023-09-19 12:20:23 +02:00
..
6lowpan 6lowpan: iphc: Fix an off-by-one check of array index 2021-09-15 09:50:34 +02:00
9p 9p: virtio: make sure 'offs' is initialized in zc_request 2023-09-19 12:20:04 +02:00
802 mrp: introduce active flags to prevent UAF when applicant uninit 2023-01-14 10:16:18 +01:00
8021q vlan: fix a potential uninit-value in vlan_dev_hard_start_xmit() 2023-05-30 12:57:53 +01:00
appletalk
atm atm: hide unused procfs functions 2023-06-09 10:30:12 +02:00
ax25 net: ax25: Fix deadlock caused by skb_recv_datagram in ax25_recvmsg 2022-06-22 14:13:17 +02:00
batman-adv batman-adv: Hold rtnl lock during MTU update via netlink 2023-08-30 16:23:16 +02:00
bluetooth Bluetooth: Fix potential use-after-free when clear keys 2023-09-19 12:20:08 +02:00
bpf bpf: Move skb->len == 0 checks into __bpf_redirect 2023-01-14 10:15:31 +01:00
bpfilter
bridge bridge: Add extack warning when enabling STP in netns. 2023-07-27 08:44:39 +02:00
caif net: caif: Fix use-after-free in cfusbl_device_notify() 2023-03-17 08:45:11 +01:00
can can: bcm: Fix UAF in bcm_proc_show() 2023-07-27 08:44:35 +02:00
ceph libceph, rbd: ignore addr->type while comparing in some cases 2023-08-30 16:23:11 +02:00
core net/ipv6: SKB symmetric hash should incorporate transport ports 2023-09-19 12:20:23 +02:00
dcb net: dcb: choose correct policy to parse DCB_ATTR_BCN 2023-08-11 11:57:50 +02:00
dccp dccp: Fix out of bounds access in DCCP error handler 2023-09-19 12:20:22 +02:00
decnet Remove DECnet support from kernel 2023-06-21 15:45:38 +02:00
dns_resolver
dsa net: dsa: tag_sja1105: fix MAC DA patching from meta frames 2023-07-27 08:44:10 +02:00
ethernet
ethtool net/ethtool/ioctl: return -EOPNOTSUPP if we have no phy stats 2023-01-24 07:19:55 +01:00
hsr hsr: ratelimit only when errors are printed 2023-04-05 11:23:52 +02:00
ieee802154 net: ieee802154: fix error return code in dgram_bind() 2022-11-03 23:57:51 +09:00
ife
ipv4 igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU 2023-09-19 12:20:20 +02:00
ipv6 lwt: Check LWTUNNEL_XMIT_CONTINUE strictly 2023-09-19 12:20:09 +02:00
iucv net/iucv: Fix size of interrupt data 2023-03-22 13:30:00 +01:00
kcm kcm: close race conditions on sk_receive_queue 2022-11-25 17:45:56 +01:00
key net: af_key: fix sadb_x_filter validation 2023-08-26 15:26:51 +02:00
l2tp inet6: Remove inet6_destroy_sock() in sk->sk_prot->destroy(). 2023-04-26 11:27:41 +02:00
l3mdev l3mdev: l3mdev_master_upper_ifindex_by_index_rcu should be using netdev_master_upper_dev_get_rcu 2022-04-27 13:53:50 +02:00
lapb
llc llc: Don't drop packet from non-root netns. 2023-07-27 08:44:40 +02:00
mac80211 wifi: mac80211: fix min center freq offset tracing 2023-05-30 12:57:53 +01:00
mac802154 mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add() 2022-12-14 11:32:01 +01:00
mpls net: mpls: fix stale pointer if allocation fails during device rename 2023-02-22 12:55:58 +01:00
mptcp inet6: Remove inet6_destroy_sock() in sk->sk_prot->destroy(). 2023-04-26 11:27:41 +02:00
ncsi net/ncsi: clear Tx enable mode when handling a Config required AEN 2023-05-17 11:48:10 +02:00
netfilter netfilter: xt_sctp: validate the flag_info count 2023-09-19 12:20:20 +02:00
netlabel netlabel: fix shift wrapping bug in netlbl_catmap_setlong() 2023-09-19 12:20:05 +02:00
netlink netlink: Add __sock_i_ino() for __netlink_diag_dump(). 2023-07-27 08:43:43 +02:00
netrom netrom: Deny concurrent connect(). 2023-09-19 12:20:10 +02:00
nfc net: nfc: Fix use-after-free caused by nfc_llcp_find_local 2023-07-27 08:43:43 +02:00
nsh net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() 2023-05-30 12:57:52 +01:00
openvswitch net: openvswitch: fix possible memory leak in ovs_meter_cmd_set() 2023-02-22 12:55:57 +01:00
packet net/packet: annotate data-races around tp->status 2023-08-16 18:21:01 +02:00
phonet phonet: refcount leak in pep_sock_accep 2022-01-11 15:25:01 +01:00
psample
qrtr net: qrtr: Fix an uninit variable access bug in qrtr_tx_resume() 2023-04-20 12:10:26 +02:00
rds rds: rds_rm_zerocopy_callback() correct order for list_add_tail() 2023-03-11 16:39:26 +01:00
rfkill
rose net/rose: Fix to not accept on connected socket 2023-02-22 12:55:53 +01:00
rxrpc rxrpc: Fix hard call timeout units 2023-05-17 11:48:11 +02:00
sched net/sched: sch_hfsc: Ensure inner classes have fsc curve 2023-09-19 12:20:10 +02:00
sctp sctp: handle invalid error codes without calling BUG() 2023-09-19 12:20:06 +02:00
smc net/smc: Avoid to access invalid RMBs' MRs in SMCRv1 ADD LINK CONT 2023-06-14 11:09:39 +02:00
strparser bpf: sockmap, strparser, and tls are reusing qdisc_skb_cb and colliding 2021-11-18 14:04:27 +01:00
sunrpc xprtrdma: Remap Receive buffers after a reconnect 2023-08-30 16:23:09 +02:00
switchdev
tipc tipc: stop tipc crypto on failure in tipc_node_create 2023-08-11 11:57:37 +02:00
tls net: deal with most data-races in sk_wait_event() 2023-05-30 12:57:46 +01:00
unix af_unix: Fix null-ptr-deref in unix_stream_sendpage(). 2023-08-26 15:26:56 +02:00
vmw_vsock vsock: avoid to close connected socket after the timeout 2023-05-30 12:57:52 +01:00
wimax
wireless wifi: cfg80211: Fix return value in scan logic 2023-08-11 11:57:47 +02:00
x25 net/x25: Fix to not accept on connected socket 2023-02-15 17:22:15 +01:00
xdp xsk: Honor SO_BINDTODEVICE on bind 2023-07-27 08:44:09 +02:00
xfrm xfrm: add forgotten nla_policy for XFRMA_MTIMER_THRESH 2023-08-26 15:26:52 +02:00
compat.c
devres.c
Kconfig Remove DECnet support from kernel 2023-06-21 15:45:38 +02:00
Makefile Remove DECnet support from kernel 2023-06-21 15:45:38 +02:00
socket.c net: Avoid address overwrite in kernel_connect 2023-09-19 12:20:06 +02:00
sysctl_net.c