Dirk Morris <dmor...@metaloft.com> wrote:
> Change ct id hash calculation to only use invariants.
>
> Currently the ct id hash calculation is based on some fields that can
> change in the lifetime on a conntrack entry in some corner cases. The
> current hash uses the whole tuple which contains an hlist pointer
> which will change when the conntrack is placed on the dying list
> resulting in a ct id change.
>
> This patch also removes the reply-side tuple and extension pointer
> from the hash calculation so that the ct id will will not change from
> initialization until confirmation.
>
> Fixes: 3c79107631db1f7 ("netfilter: ctnetlink: don't use conntrack/expect
> object addresses as id")
> Signed-off-by: Dirk Morris <dmor...@metaloft.com>
Looks good, thanks Dirk.
Acked-by: Florian Westphal <f...@strlen.de>
