From mboxrd@z Thu Jan  1 00:00:00 1970
From: David Miller <davem@davemloft.net>
Subject: Re: [PATCH 1/2] IPv6: conntrack: Use protocol-related
 initialization routine to initial queues of IPv6 connection track
Date: Mon, 25 Jan 2010 23:32:54 -0800 (PST)
Message-ID: <20100125.233254.35824860.davem@davemloft.net>
References: <4B5E53EE.9010703@cn.fujitsu.com>
Mime-Version: 1.0
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Cc: kaber@trash.net, yasuyuki.kozakai@toshiba.co.jp,
	netfilter-devel@vger.kernel.org, netdev@vger.kernel.org
To: shanwei@cn.fujitsu.com
Return-path: <netfilter-devel-owner@vger.kernel.org>
Received: from 74-93-104-97-Washington.hfc.comcastbusiness.net ([74.93.104.97]:47296
	"EHLO sunset.davemloft.net" rhost-flags-OK-OK-OK-OK)
	by vger.kernel.org with ESMTP id S1751174Ab0AZHcn (ORCPT
	<rfc822;netfilter-devel@vger.kernel.org>);
	Tue, 26 Jan 2010 02:32:43 -0500
In-Reply-To: <4B5E53EE.9010703@cn.fujitsu.com>
Sender: netfilter-devel-owner@vger.kernel.org
List-ID: <netfilter-devel.vger.kernel.org>

From: Shan Wei <shanwei@cn.fujitsu.com>
Date: Tue, 26 Jan 2010 10:31:10 +0800

> IPv6 connection track and IPv6 stack separately use a different queue to 
> manage received fragments. The former uses nf_ct_frag6_queue structure, 
> the latter uses frag_queue structure.
> 
> When creating new queue for IPv6 connection track, ip6_frag_init() 
> that belongs to IPv6 stack is called to initial nf_ct_frag6_queue structure. 
> This broken the saddr&daddr member in nf_ct_frag6_queue, and then hash value 
> generated by nf_hashfn() is not equal with that generated by fq_find(). 
> So, a new received fragment can't be inserted to right queue.
>  
> The patch fixes the bug with protocol-related initialization routine.
> The patch-set have been tested.
> 
> Signed-off-by: Shan Wei <shanwei@cn.fujitsu.com>

This breakage was recently introduced by:

commit 0b5ccb2ee250136dd7385b1c7da28417d0d4d32d
Author: Patrick McHardy <kaber@trash.net>
Date:   Tue Dec 15 16:59:18 2009 +0100

    ipv6: reassembly: use seperate reassembly queues for conntrack and local delivery
    
    Currently the same reassembly queue might be used for packets reassembled
    by conntrack in different positions in the stack (PREROUTING/LOCAL_OUT),
    as well as local delivery. This can cause "packet jumps" when the fragment
    completing a reassembled packet is queued from a different position in the
    stack than the previous ones.
    
    Add a "user" identifier to the reassembly queue key to seperate the queues
    of each caller, similar to what we do for IPv4.
    
    Signed-off-by: Patrick McHardy <kaber@trash.net>