Dirk Morris <dmorris@xxxxxxxxxxxx> wrote:
> Change ct id hash calculation to only use invariants.
>
> Currently the ct id hash calculation is based on some fields that can
> change in the lifetime on a conntrack entry in some corner cases. This
> results on the ct id change after the conntrack has been confirmed.
> This changes the hash to be based on attributes which should never
> change. Now the ct id hash is also consistent from initialization to
> conntrack confirmation either even though it is unconfirmed.
Looks good, but can you also fix up the comment at the top of this
function? (Alternatively, delete those things that are not relevant
anymore).
Also, please add following Tag:
Fixes: 3c79107631db1f7 ("netfilter: ctnetlink: don't use conntrack/expect object addresses as id")
perhaps also mention that hashing the full tuplehash includes
the hlist pointer address, which will change when a conntrack is placed
on the dying list -- this affects reliable delete event delivery --
on redelivery, the id will be different, so your commit is not
just an improvement, it also fixes a bug.
Thanks!
