On Wed, Feb 02, 2022 at 12:00:56PM +0100, Florian Westphal wrote: > When userspace, e.g. conntrackd, inserts an entry with a specified helper, > its possible that the helper is lost immediately after its added: > > ctnetlink_create_conntrack > -> nf_ct_helper_ext_add + assign helper > -> ctnetlink_setup_nat > -> ctnetlink_parse_nat_setup > -> parse_nat_setup -> nfnetlink_parse_nat_setup > -> nf_nat_setup_info > -> nf_conntrack_alter_reply > -> __nf_ct_try_assign_helper > > ... and __nf_ct_try_assign_helper will zero the helper again. > > Set IPS_HELPER bit to bypass auto-assign logic, its unwanted, just like > when helper is assigned via ruleset. > > Dropped old 'not strictly necessary' comment, it referred to use of > rcu_assign_pointer() before it got replaced by RCU_INIT_POINTER(). > > NB: Fixes tag intentionally incorrect, this extends the referenced commit, > but this change won't build without IPS_HELPER introduced there. Applied.
