On Thu, Oct 22, 2015 at 12:42 AM, Neal P. Murphy <neal.p.murphy@xxxxxxxxxxxx> wrote: > On Wed, 21 Oct 2015 14:26:35 -0700 > Ani Sinha <ani@xxxxxxxxxx> wrote: > >> On Wed, Oct 21, 2015 at 2:19 PM, Florian Westphal <fw@xxxxxxxxx> wrote: >> > Ani Sinha <ani@xxxxxxxxxx> wrote: >> >> >> > commit c6825c0976fa7893692e0e43b09740b419b23c09 >> >> >> > Author: Andrey Vagin <avagin@xxxxxxxxxx> >> >> >> > Date: Wed Jan 29 19:34:14 2014 +0100 >> >> >> > netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get >> >> >> > >> >> >> > and a followup patch : >> >> >> > >> >> >> > commit e53376bef2cd97d3e3f61fdc677fb8da7d03d0da >> >> >> > Author: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> >> >> >> > Date: Mon Feb 3 20:01:53 2014 +0100 >> >> >> > netfilter: nf_conntrack: don't release a conntrack with non-zero refcnt >> >> >> > >> >> > >> >> > These for instance fix such bugs. >> >> >> >> So since both these patches were not backported to 3.4 series and >> >> since now we have evidence of a crash that points to issues which the >> >> patches fix, should we consider backporting the above patches to 3.4? >> > >> > Yes. >> >> Ok cool. I will send out backport patches for 3.4 corresponding to >> both the above patches. > > As an FYI, Zefan Li just released 3.4.110; I didn't see the fix in the list. No surprise, of course; it does take more than 12 hours to get patches right, as I am painfully aware. > > I just bumped Smoothwall Express to 3.4.109 in Update4, and 3.4.110 contains fixes that relate to Smoothwall. May I safely assume that these patches will apply easily to 3.4.110? The obvious answer is, "Yes," but I'd like a bit of reassurance (<pat> <pat> "There, there; it'll be fine. The patches will be OK.") before I prepare and release the next update. The patches won't apply as is. There will be some work involved. For example, one of the patches involves modification in synproxy module. This isn't available in 3.4 train. So don't hold your breath. I will work on this as soon as I can. Ani > > Neal -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
