linux-stable/net
Vlad Buslov d5a116dbe7 net/sched: act_ct: Always fill offloading tuple iifidx
[ Upstream commit 9bc64bd0cd ]

Referenced commit doesn't always set iifidx when offloading the flow to
hardware. Fix the following cases:

- nf_conn_act_ct_ext_fill() is called before extension is created with
nf_conn_act_ct_ext_add() in tcf_ct_act(). This can cause rule offload with
unspecified iifidx when connection is offloaded after only single
original-direction packet has been processed by tc data path. Always fill
the new nf_conn_act_ct_ext instance after creating it in
nf_conn_act_ct_ext_add().

- Offloading of unidirectional UDP NEW connections is now supported, but ct
flow iifidx field is not updated when connection is promoted to
bidirectional which can result reply-direction iifidx to be zero when
refreshing the connection. Fill in the extension and update flow iifidx
before calling flow_offload_refresh().

Fixes: 9795ded7f9 ("net/sched: act_ct: Fill offloading tuple iifidx")
Reviewed-by: Paul Blakey <paulb@nvidia.com>
Signed-off-by: Vlad Buslov <vladbu@nvidia.com>
Reviewed-by: Simon Horman <horms@kernel.org>
Fixes: 6a9bad0069 ("net/sched: act_ct: offload UDP NEW connections")
Link: https://lore.kernel.org/r/20231103151410.764271-1-vladbu@nvidia.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2023-11-20 11:59:37 +01:00
..
6lowpan
9p 9p/net: fix possible memory leak in p9_check_errors() 2023-11-20 11:59:29 +01:00
802
8021q
appletalk
atm
ax25 ax25: Kconfig: Update link for linux-ax25.org 2023-09-18 12:56:58 +01:00
batman-adv
bluetooth Bluetooth: hci_sync: Fix Opcode prints in bt_dev_dbg/err 2023-11-20 11:59:03 +01:00
bpf bpf: Prevent inlining of bpf_fentry_test7() 2023-08-30 08:36:17 +02:00
bpfilter
bridge neighbour: fix data-races around n->output 2023-10-01 17:14:37 +01:00
caif
can can: isotp: isotp_sendmsg(): fix TX state detection and wait behavior 2023-10-06 12:54:33 +02:00
ceph libceph: use kernel_connect() 2023-10-09 13:35:24 +02:00
core net: page_pool: add missing free_percpu when page_pool_init fail 2023-11-20 11:59:34 +01:00
dcb
dccp dccp/tcp: Call security_inet_conn_request() after setting IPv6 addresses. 2023-11-20 11:59:35 +01:00
devlink devlink: Hold devlink lock on health reporter dump get 2023-10-06 15:56:46 -07:00
dns_resolver
dsa
ethernet
ethtool Revert "ethtool: Fix mod state of verbose no_mask bitset" 2023-10-19 09:27:12 -07:00
handshake net/handshake: fix file ref count in handshake_nl_accept_doit() 2023-10-23 10:19:33 -07:00
hsr hsr: Prevent use after free in prp_create_tagged_frame() 2023-11-20 11:59:34 +01:00
ieee802154 sysctl-6.6-rc1 2023-08-29 17:39:15 -07:00
ife
ipv4 tcp: fix cookie_init_timestamp() overflows 2023-11-20 11:59:01 +01:00
ipv6 dccp/tcp: Call security_inet_conn_request() after setting IPv6 addresses. 2023-11-20 11:59:35 +01:00
iucv
kcm kcm: Fix error handling for SOCK_DGRAM in kcm_sendmsg(). 2023-09-14 10:43:51 +02:00
key
l2tp udp: annotate data-races around udp->encap_type 2023-11-20 11:58:56 +01:00
l3mdev
lapb
llc llc: verify mac len before reading mac header 2023-11-20 11:59:34 +01:00
mac80211 wifi: mac80211: Fix setting vif links 2023-11-20 11:59:02 +01:00
mac802154
mctp mctp: perform route lookups under a RCU read-side lock 2023-10-10 19:43:22 -07:00
mpls
mptcp mptcp: properly account fastopen data 2023-11-20 11:59:03 +01:00
ncsi ncsi: Propagate carrier gain/loss events to the NCSI controller 2023-09-18 07:06:05 +01:00
netfilter netfilter: nat: fix ipv6 nat redirect with mapped and scoped addresses 2023-11-20 11:59:37 +01:00
netlabel
netlink netlink: annotate data-races around sk->sk_err 2023-10-04 17:32:54 -07:00
netrom netrom: Deny concurrent connect(). 2023-08-28 06:58:46 +01:00
nfc nfc: nci: fix possible NULL pointer dereference in send_acknowledge() 2023-10-16 17:34:53 -07:00
nsh
openvswitch net/sched: act_ct: Always fill offloading tuple iifidx 2023-11-20 11:59:37 +01:00
packet af_packet: Fix fortified memcpy() without flex array. 2023-10-12 09:15:15 +02:00
phonet
psample
qrtr
rds net: prevent address rewrite in kernel_bind() 2023-10-01 19:31:29 +01:00
rfkill net: rfkill: reduce data->mtx scope in rfkill_fop_open 2023-10-11 16:55:10 +02:00
rose
rxrpc rxrpc: Fix two connection reaping bugs 2023-11-20 11:59:34 +01:00
sched net/sched: act_ct: Always fill offloading tuple iifidx 2023-11-20 11:59:37 +01:00
sctp sctp: update hb timer immediately after users change hb_interval 2023-10-04 17:29:58 -07:00
smc net/smc: put sk reference if close work was canceled 2023-11-20 11:59:35 +01:00
strparser
sunrpc SUNRPC/TLS: Lock the lower_xprt during the tls handshake 2023-09-27 15:16:40 -04:00
switchdev
tipc tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING 2023-11-20 11:59:34 +01:00
tls tls: Use size_add() in call to struct_size() 2023-11-20 11:58:57 +01:00
unix Including fixes from netfilter and bpf. 2023-09-07 18:33:07 -07:00
vmw_vsock virtio/vsock: Fix uninit-value in virtio_transport_recv_pkt() 2023-11-20 11:59:36 +01:00
wireless wifi: cfg80211: fix off-by-one in element defrag 2023-11-20 11:58:55 +01:00
x25
xdp xdp: Fix zero-size allocation warning in xskq_create() 2023-10-09 16:13:29 +02:00
xfrm ipsec-2023-10-17 2023-10-17 18:21:13 -07:00
compat.c
devres.c
Kconfig
Kconfig.debug
Makefile
socket.c net: prevent address rewrite in kernel_bind() 2023-10-01 19:31:29 +01:00
sysctl_net.c