On Thu, Oct 22, 2015 at 7:39 PM, Neal P. Murphy <neal.p.murphy@xxxxxxxxxxxx> wrote: > On Thu, 22 Oct 2015 12:53:57 -0700 > Ani Sinha <ani@xxxxxxxxxx> wrote: > >> On Thu, Oct 22, 2015 at 12:42 AM, Neal P. Murphy >> <neal.p.murphy@xxxxxxxxxxxx> wrote: >> > On Wed, 21 Oct 2015 14:26:35 -0700 >> > Ani Sinha <ani@xxxxxxxxxx> wrote: >> > >> >> On Wed, Oct 21, 2015 at 2:19 PM, Florian Westphal <fw@xxxxxxxxx> wrote: >> >> > Ani Sinha <ani@xxxxxxxxxx> wrote: >> >> >> >> > commit c6825c0976fa7893692e0e43b09740b419b23c09 >> >> >> >> > Author: Andrey Vagin <avagin@xxxxxxxxxx> >> >> >> >> > Date: Wed Jan 29 19:34:14 2014 +0100 >> >> >> >> > netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get >> >> >> >> > >> >> >> >> > and a followup patch : >> >> >> >> > >> >> >> >> > commit e53376bef2cd97d3e3f61fdc677fb8da7d03d0da >> >> >> >> > Author: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> >> >> >> >> > Date: Mon Feb 3 20:01:53 2014 +0100 >> >> >> >> > netfilter: nf_conntrack: don't release a conntrack with non-zero refcnt >> >> >> >> > >> >> >> > >> >> >> > These for instance fix such bugs. >> >> >> >> >> >> So since both these patches were not backported to 3.4 series and >> >> >> since now we have evidence of a crash that points to issues which the >> >> >> patches fix, should we consider backporting the above patches to 3.4? >> >> > >> >> > Yes. >> >> >> >> Ok cool. I will send out backport patches for 3.4 corresponding to >> >> both the above patches. >> > >> > As an FYI, Zefan Li just released 3.4.110; I didn't see the fix in the list. No surprise, of course; it does take more than 12 hours to get patches right, as I am painfully aware. >> > >> > I just bumped Smoothwall Express to 3.4.109 in Update4, and 3.4.110 contains fixes that relate to Smoothwall. May I safely assume that these patches will apply easily to 3.4.110? The obvious answer is, "Yes," but I'd like a bit of reassurance (<pat> <pat> "There, there; it'll be fine. The patches will be OK.") before I prepare and release the next update. >> >> The patches won't apply as is. There will be some work involved. For >> example, one of the patches involves modification in synproxy module. >> This isn't available in 3.4 train. So don't hold your breath. I will >> work on this as soon as I can. > > Agreed and accepted. The patches will be ready when they're ready and not a moment sooner. I'm not trying to rush the process, and certainly not trying to brace you while asking questions you cannot possibly answer (yet). > > Just for planning purposes, might you expect the changes to be confined to modules? That is, would I be able to rebuild the kernel and distribute just a few updated modules? Or might I have to release a complete kernel? At this point, "could go either way" is a good answer, too. I just sent out the patches for approval. Please have a look. > > Considering Greg K-H's recent releases, I expect a 3.4.111 release in the next couple months. > > Thanks, > Neal -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
