Skip to content

Commit e8baa63

Browse files
kuba-mookuba-moo
committed
Merge tag 'nf-24-04-25' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf
Pablo Neira Ayuso says: ==================== Netfilter/IPVS fixes for net The following patchset contains two Netfilter/IPVS fixes for net: Patch #1 fixes SCTP checksumming for IPVS with gso packets, from Ismael Luceno. Patch #2 honor dormant flag from netdev event path to fix a possible double hook unregistration. * tag 'nf-24-04-25' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf: netfilter: nf_tables: honor table dormant flag from netdev release event path ipvs: Fix checksumming on GSO of SCTP packets ==================== Link: https://lore.kernel.org/r/[email protected] Signed-off-by: Jakub Kicinski <[email protected]>
2 parents 1971d13 + 8e30abc commit e8baa63

File tree

2 files changed

+7
-3
lines changed

2 files changed

+7
-3
lines changed

net/netfilter/ipvs/ip_vs_proto_sctp.c

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -126,7 +126,8 @@ sctp_snat_handler(struct sk_buff *skb, struct ip_vs_protocol *pp,
126126
if (sctph->source != cp->vport || payload_csum ||
127127
skb->ip_summed == CHECKSUM_PARTIAL) {
128128
sctph->source = cp->vport;
129-
sctp_nat_csum(skb, sctph, sctphoff);
129+
if (!skb_is_gso(skb) || !skb_is_gso_sctp(skb))
130+
sctp_nat_csum(skb, sctph, sctphoff);
130131
} else {
131132
skb->ip_summed = CHECKSUM_UNNECESSARY;
132133
}
@@ -174,7 +175,8 @@ sctp_dnat_handler(struct sk_buff *skb, struct ip_vs_protocol *pp,
174175
(skb->ip_summed == CHECKSUM_PARTIAL &&
175176
!(skb_dst(skb)->dev->features & NETIF_F_SCTP_CRC))) {
176177
sctph->dest = cp->dport;
177-
sctp_nat_csum(skb, sctph, sctphoff);
178+
if (!skb_is_gso(skb) || !skb_is_gso_sctp(skb))
179+
sctp_nat_csum(skb, sctph, sctphoff);
178180
} else if (skb->ip_summed != CHECKSUM_PARTIAL) {
179181
skb->ip_summed = CHECKSUM_UNNECESSARY;
180182
}

net/netfilter/nft_chain_filter.c

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -338,7 +338,9 @@ static void nft_netdev_event(unsigned long event, struct net_device *dev,
338338
return;
339339

340340
if (n > 1) {
341-
nf_unregister_net_hook(ctx->net, &found->ops);
341+
if (!(ctx->chain->table->flags & NFT_TABLE_F_DORMANT))
342+
nf_unregister_net_hook(ctx->net, &found->ops);
343+
342344
list_del_rcu(&found->list);
343345
kfree_rcu(found, rcu);
344346
return;

0 commit comments

Comments
 (0)