On Fri, 12 Aug 2022 09:34:14 -0400 Neal Cardwell wrote: > This first commit is an important bug fix for a serious bug that causes > TCP connection hangs for users of TCP fast open and nf_conntrack: > > c7aab4f17021b netfilter: nf_conntrack_tcp: re-init for syn packets only > > We are continuing to get reports about the bug that this commit fixes. > > It seems this fix was only backported to v5.17 stable release, and not further, > due to a cherry-pick conflict, because this fix implicitly depends on a > slightly earlier v5.17 fix in the same spot: > > 82b72cb94666 netfilter: conntrack: re-init state for retransmitted syn-ack > > I manually verified that the fix c7aab4f17021b can be cleanly cherry-picked > into the oldest (v4.9.325) and newest (v5.15.60) longterm release kernels as > long as we first cherry-pick that related fix that it implicitly depends on: > > 82b72cb94666b3dbd7152bb9f441b068af7a921b > netfilter: conntrack: re-init state for retransmitted syn-ack > > c7aab4f17021b636a0ee75bcf28e06fb7c94ab48 > netfilter: nf_conntrack_tcp: re-init for syn packets only > > So would it be possible to backport both of those fixes with the following > cherry-picks, to all LTS stable releases? > > git cherry-pick 82b72cb94666b3dbd7152bb9f441b068af7a921b > git cherry-pick c7aab4f17021b636a0ee75bcf28e06fb7c94ab48 Thanks a lot Neal! FWIW we have recently changed our process and no longer handle stable submissions ourselves, so in the future feel free to talk directly to stable@ (and add CC: stable@ tags to patches). I'm adding stable@, let's see if Greg & team can pick things up based on your instructions :)
