]> www.infradead.org Git - users/jedix/linux-maple.git/commit
projects / users / jedix / linux-maple.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 375f222) | patch
netfilter: nft_flow_offload: clear tcp MAXACK flag before moving to slowpath
authorFlorian Westphal <fw@strlen.de>
Mon, 13 Jan 2025 23:50:33 +0000 (00:50 +0100)
committerPablo Neira Ayuso <pablo@netfilter.org>
Sun, 19 Jan 2025 15:41:54 +0000 (16:41 +0100)
commitd9d7b489416d18ba696c32a93623ecb0176b374e
treef94ad9c934d2a03e61c80f4c4a6267608d374cfbtree
parent375f222800bc001bb9cbd2baa1daec006430aebacommit | diff
netfilter: nft_flow_offload: clear tcp MAXACK flag before moving to slowpath

This state reset is racy, no locks are held here.

Since commit
8437a6209f76 ("netfilter: nft_flow_offload: set liberal tracking mode for tcp"),
the window checks are disabled for normal data packets, but MAXACK flag
is checked when validating TCP resets.

Clear the flag so tcp reset validation checks are ignored.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nf_flow_table_core.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.