Dirk Morris <dmorris@xxxxxxxxxxxx> wrote:
> Change ct id hash calculation to only use invariants.
>
> Currently the ct id hash calculation is based on some fields that can
> change in the lifetime on a conntrack entry in some corner cases. The
> current hash uses the whole tuple which contains an hlist pointer
> which will change when the conntrack is placed on the dying list
> resulting in a ct id change.
>
> This patch also removes the reply-side tuple and extension pointer
> from the hash calculation so that the ct id will will not change from
> initialization until confirmation.
>
> Fixes: 3c79107631db1f7 ("netfilter: ctnetlink: don't use conntrack/expect object addresses as id")
> Signed-off-by: Dirk Morris <dmorris@xxxxxxxxxxxx>
Looks good, thanks Dirk.
Acked-by: Florian Westphal <fw@xxxxxxxxx>
