This series backports the netfilter/defrag-related changes made recently upstream to our compat code, which should bring conntrack.c up-to-date just prior to the NAT changes. Patch 5 introduced some breakage which is fixed in patches 6 and 7; I have left these separate to mirror the upstream commits.
Tested using kmod tests on Ubuntu 3.13.0-24, 3.16.0-70, 3.19.0-58, and 4.2.0-35, and RHEL 3.10.0-327, plus compilation against vanilla kernel targets on Travis: https://travis-ci.org/joestringer/openvswitch/builds/127290050 v2: - 3 new backport patches, bringing the series up to date with upstream prior to the NAT series. - Added a final patch to document the defrag backport strategy in v4 and v6. - Fixed upstream commit references to use the correct IDs. v1: - Initial Post Joe Stringer (9): compat: Add a struct net parameter to l4_pkt_to_tuple. compat: ipv4: Pass struct net into ip_defrag. compat: ipv6: Pass struct net into nf_ct_frag6_gather. compat: nf_defrag_ipv6: avoid/free clone operations. compat: nf_defrag_ipv6: avoid nf_iterate recursion. compat: nf_defrag_ipv6: fix NULL deref panic. datapath: Orphan skbs before IPv6 defrag datapath: Fix template leak in error cases. compat: Document nf_defrag_ipv[46] backport. acinclude.m4 | 5 + datapath/conntrack.c | 36 ++--- datapath/linux/Modules.mk | 1 + datapath/linux/compat/include/net/ip.h | 15 +- .../include/net/netfilter/ipv6/nf_defrag_ipv6.h | 21 ++- .../compat/include/net/netfilter/nf_conntrack.h | 17 ++ datapath/linux/compat/ip_fragment.c | 3 +- datapath/linux/compat/nf_conntrack_reasm.c | 172 +++++++++------------ 8 files changed, 133 insertions(+), 137 deletions(-) create mode 100644 datapath/linux/compat/include/net/netfilter/nf_conntrack.h -- 2.1.4 _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
