michael/linux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Files
linux-6.17.y
linux/include/net
History
Fernando Fernandez Mancera 8c2da73302 netfilter: nf_conncount: rework API to use sk_buff directly 
[ Upstream commit be102eb6a0 ]

When using nf_conncount infrastructure for non-confirmed connections a
duplicated track is possible due to an optimization introduced since
commit d265929930 ("netfilter: nf_conncount: reduce unnecessary GC").

In order to fix this introduce a new conncount API that receives
directly an sk_buff struct.  It fetches the tuple and zone and the
corresponding ct from it. It comes with both existing conncount variants
nf_conncount_count_skb() and nf_conncount_add_skb(). In addition remove
the old API and adjust all the users to use the new one.

This way, for each sk_buff struct it is possible to check if there is a
ct present and already confirmed. If so, skip the add operation.

Fixes: d265929930 ("netfilter: nf_conncount: reduce unnecessary GC")
Signed-off-by: Fernando Fernandez Mancera <fmancera@suse.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2025-12-18 14:00:02 +01:00
..
9p
bluetooth
Bluetooth: hci_core: lookup hci_conn on RX path on protocol side
2025-12-07 06:27:31 +09:00
caif
caif: Remove unused cfsrvl_getphyid
2024-10-08 15:33:49 -07:00
iucv
net: reformat kdoc return statements
2024-12-09 14:44:59 -08:00
libeth
libeth: xdp: access ->pp through netmem_desc instead of page
2025-07-23 17:46:56 -07:00
mana
net: mana: Handle Reset Request from MANA NIC
2025-07-01 19:17:53 -07:00
netfilter
netfilter: nf_conncount: rework API to use sk_buff directly
2025-12-18 14:00:02 +01:00
netns
netfilter: nf_tables: place base_seq in struct net
2025-09-10 20:30:37 +02:00
nfc
net: nfc: nci: Increase NCI_DATA_TIMEOUT to 3000 ms
2025-11-13 15:37:12 -05:00
page_pool
net: page_pool: allow enabling recycling late, fix false positive warning
2025-08-08 12:54:42 -07:00
phonet
phonet: Convert phonet_routes.lock to spinlock_t.
2024-10-24 16:03:40 +02:00
sctp
sctp: Replace sockaddr with sockaddr_inet in sctp_addr union
2025-07-25 15:29:58 -07:00
tc_act
net_sched: act_skbedit: use RCU in tcf_skbedit_dump()
2025-07-11 16:01:17 -07:00
6lowpan.h
act_api.h
net_sched: act: annotate data-races in tcf_lastuse_update() and tcf_tm_dump()
2025-07-11 16:01:15 -07:00
addrconf.h
ipv6: Add __in6_dev_get_rtnl_net().
2025-01-20 12:16:04 -08:00
af_ieee802154.h
af_rxrpc.h
rxrpc: Remove deadcode
2025-04-24 17:03:45 -07:00
af_unix.h
af_unix: Introduce SO_INQ.
2025-07-08 18:05:25 -07:00
af_vsock.h
vsock: fix vsock_proto declaration
2025-07-07 16:55:54 -07:00
ah.h
aligned_data.h
udp: move udp_memory_allocated into net_aligned_data
2025-07-02 14:22:02 -07:00
amt.h
arp.h
atmclip.h
ax25.h
ax25: Remove broken autobind
2025-03-24 10:26:53 +00:00
ax88796.h
bareudp.h
bond_3ad.h
bonding: update LACP activity flag after setting lacp_active
2025-08-21 09:35:20 +02:00
bond_alb.h
bond_options.h
net: bonding: add broadcast_neighbor option for 802.3ad
2025-07-08 10:59:41 +02:00
bonding.h
bonding: fix xfrm offload feature setup on active-backup mode
2025-10-15 12:04:13 +02:00
bpf_sk_storage.h
busy_poll.h
net: gro: decouple GRO from the NAPI layer
2025-02-27 14:03:14 +01:00
calipso.h
move asm/unaligned.h to linux/unaligned.h
2024-10-02 17:23:23 -04:00
cfg80211-wext.h
cfg80211.h
wifi: cfg80211: add an hrtimer based delayed work item
2025-11-13 15:37:45 -05:00
cfg802154.h
checksum.h
net: Fix checksum update for ILA adj-transport
2025-05-30 19:53:51 -07:00
cipso_ipv4.h
move asm/unaligned.h to linux/unaligned.h
2024-10-02 17:23:23 -04:00
cls_cgroup.h
net/cls_cgroup: Fix task_get_classid() during qdisc run
2025-11-13 15:37:21 -05:00
codel_impl.h
codel_qdisc.h
codel.h
compat.h
datalink.h
dcbevent.h
dcbnl.h
devlink.h
devlink: let driver opt out of automatic phys_port_name generation
2025-08-12 13:23:39 -07:00
dropreason-core.h
sched: Add enqueue/dequeue of dualpi2 qdisc
2025-07-23 17:52:07 -07:00
dropreason.h
wifi: mac80211: Drop cooked monitor support
2025-02-11 11:58:17 +01:00
dsa_stubs.h
dsa.h
net: dsa: tag_brcm: add support for legacy FCS tags
2025-06-17 17:52:01 -07:00
dscp.h
dsfield.h
dst_cache.h
dst_metadata.h
net: dst_metadata: fix IP_DF bit not extracted from tunnel headers
2025-09-14 14:28:12 -07:00
dst_ops.h
dst.h
net: dst: introduce dst->dev_rcu
2025-10-15 12:03:48 +02:00
eee.h
net: simplify eeecfg_mac_can_tx_lpi
2024-11-13 18:49:50 -08:00
erspan.h
esp.h
espintcp.h
ethoc.h
failover.h
fib_notifier.h
net: do not acquire rtnl in fib_seq_sum()
2024-10-11 15:35:05 -07:00
fib_rules.h
net: fib_rules: Fix iif / oif matching on L3 master device
2025-04-15 17:54:56 -07:00
firewire.h
flow_dissector.h
flow_offload.h
net: sched: propagate "skip_sw" flag to struct flow_cls_common_offload
2024-10-30 17:33:53 -07:00
flow.h
ip: load balance tcp connections to single dst addr and port
2025-04-29 16:22:25 +02:00
fou.h
fq_impl.h
fq.h
garp.h
gen_stats.h
genetlink.h
net: reformat kdoc return statements
2024-12-09 14:44:59 -08:00
geneve.h
gre.h
gro_cells.h
gro.h
net: Create separate gro_flush_normal function
2025-07-24 18:34:55 -07:00
gso.h
gtp.h
gue.h
handshake.h
hotdata.h
net: introduce per netns packet chains
2025-03-24 13:58:22 -07:00
hwbm.h
icmp.h
ieee8021q.h
ieee80211_radiotap.h
Merge tag 'wireless-2024-10-21' of git://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless
2024-10-25 10:44:41 +01:00
ieee802154_netdev.h
if_inet6.h
ife.h
inet6_connection_sock.h
tcp/dccp: Remove inet_connection_sock_af_ops.addr2sockaddr().
2025-03-24 12:10:13 -07:00
inet6_hashtables.h
ipv6: adopt skb_dst_dev() and skb_dst_dev_net[_rcu]() helpers
2025-07-02 14:32:30 -07:00
inet_common.h
inet_connection_sock.h
tcp: Update bind bucket state on port release
2025-11-13 15:37:29 -05:00
inet_dscp.h
inet_ecn.h
inet_frag.h
inet: frags: change inet_frag_kill() to defer refcount updates
2025-03-18 13:18:36 +01:00
inet_hashtables.h
tcp: Update bind bucket state on port release
2025-11-13 15:37:29 -05:00
inet_sock.h
sctp: Prepare sctp_v4_get_dst() to dscp_t conversion.
2025-01-06 13:49:38 -08:00
inet_timewait_sock.h
tcp: Update bind bucket state on port release
2025-11-13 15:37:29 -05:00
inetpeer.h
inetpeer: remove create argument of inet_getpeer()
2024-12-17 19:37:00 -08:00
ioam6.h
ip6_checksum.h
ip6_fib.h
ipv6: Defer fib6_purge_rt() in fib6_add_rt2node() to fib6_add().
2025-04-24 09:29:56 +02:00
ip6_route.h
net: use dst_dev_rcu() in sk_setup_caps()
2025-10-15 12:03:49 +02:00
ip6_tunnel.h
ipv6: adopt skb_dst_dev() and skb_dst_dev_net[_rcu]() helpers
2025-07-02 14:32:30 -07:00
ip_fib.h
ipv4: prefer multipath nexthop that matches source address
2025-04-29 16:22:25 +02:00
ip_tunnels.h
net/ip6_tunnel: Prevent perpetual tunnel growth
2025-10-23 16:24:29 +02:00
ip_vs.h
ipvs: Fix estimator kthreads preferred affinity
2025-08-13 08:34:33 +02:00
ip.h
ipv6: snmp: do not use SNMP_MIB_SENTINEL anymore
2025-10-15 12:03:54 +02:00
ipcomp.h
xfrm: ipcomp: Use crypto_acomp interface
2025-03-21 17:36:49 +08:00
ipconfig.h
ipv6_frag.h
inet: frags: change inet_frag_kill() to defer refcount updates
2025-03-18 13:18:36 +01:00
ipv6_stubs.h
ipv6.h
ipv6: fix _DEVADD() and _DEVUPD() macros
2025-03-25 07:31:24 -07:00
iw_handler.h
Revert "wifi: cfg80211: unexport wireless_nlevent_flush()"
2024-10-09 08:53:01 +02:00
kcm.h
net: kcm: Fix race condition in kcm_unattach()
2025-08-13 18:18:33 -07:00
l3mdev.h
net: fib_rules: Fix iif / oif matching on L3 master device
2025-04-15 17:54:56 -07:00
lag.h
lapb.h
net: lapb: increase LAPB_HEADER_LEN
2024-12-06 17:43:08 -08:00
llc_c_ac.h
llc_c_ev.h
llc_c_st.h
llc_conn.h
llc_if.h
llc_pdu.h
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc_sap.h
llc.h
lwtunnel.h
net: dst: annotate data-races around dst->output
2025-07-02 14:32:30 -07:00
mac80211.h
wifi: mac80211: don't require cipher and keylen in gtk rekey
2025-07-22 10:43:19 +02:00
mac802154.h
move asm/unaligned.h to linux/unaligned.h
2024-10-02 17:23:23 -04:00
macsec.h
net: macsec: Add endianness annotations in salt struct
2025-01-20 12:20:42 +00:00
mctp.h
net: mctp: Allow limiting binds to a peer address
2025-07-15 12:08:39 +02:00
mctpdevice.h
net: mctp: Expose transport binding identifier via IFLA attribute
2024-11-09 09:04:54 -08:00
mip6.h
mld.h
mpls_iptunnel.h
mpls.h
mptcp.h
mptcp: sched: remove mptcp_sched_data
2025-04-15 08:21:46 -07:00
mrp.h
ncsi.h
ndisc.h
net: replace ND_PRINTK with dynamic debug
2025-07-10 15:27:32 -07:00
neighbour_tables.h
neighbour: Create netdev->neighbour association
2024-11-09 13:22:57 -08:00
neighbour.h
neighbour: Update pneigh_entry in pneigh_create().
2025-07-17 16:25:22 -07:00
net_debug.h
Merge tag 'kbuild-v6.13' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild
2024-11-30 13:41:50 -08:00
net_failover.h
net_namespace.h
net: Remove ->exit_batch_rtnl().
2025-04-14 17:08:45 -07:00
net_ratelimit.h
net_shaper.h
net-shapers: implement NL get operation
2024-10-10 08:30:22 -07:00
net_trackers.h
netdev_lock.h
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2025-05-22 09:42:41 -07:00
netdev_netlink.h
net: add granular lock for the netdev netlink socket
2025-03-12 13:32:35 -07:00
netdev_queues.h
queue_api: add subqueue variant netif_subqueue_sent
2025-06-10 15:27:18 -07:00
netdev_rx_queue.h
net: designate XSK pool pointers in queues as "ops protected"
2025-04-09 17:01:51 -07:00
netevent.h
netkit.h
netlabel.h
Merge tag 'net-next-6.13' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next
2024-11-21 08:28:08 -08:00
netlink.h
netlink: introduce type-checking attribute iteration for nlmsg
2025-07-02 15:39:04 -07:00
netmem.h
netmem, mlx4: access ->pp_ref_count through netmem_desc instead of page
2025-07-23 17:46:54 -07:00
netprio_cgroup.h
netrom.h
nexthop.h
ipv6: Protect nh->f6i_list with spinlock and flag.
2025-04-24 09:29:56 +02:00
nl802154.h
nsh.h
pfcp.h
net: pfcp: fix typo in message_priority field name
2025-06-13 18:17:08 -07:00
pie.h
ping.h
pkt_cls.h
net: sched: refine software bypass handling in tc_run
2025-01-20 09:21:27 +00:00
pkt_sched.h
net/sched: sch_qfq: Fix null-deref in agg_dequeue
2025-07-10 11:08:35 +02:00
pptp.h
proto_memory.h
protocol.h
psample.h
psnap.h
raw.h
rawv6.h
red.h
regulatory.h
request_sock.h
tcp: remove inet_rtx_syn_ack()
2025-06-27 15:34:19 -07:00
rose.h
net: rose: convert 'use' field to refcount_t
2025-08-27 07:43:08 -07:00
route.h
net: use dst_dev_rcu() in sk_setup_caps()
2025-10-15 12:03:49 +02:00
rpl.h
rps.h
net: Prevent RPS table overwrite of active flows
2025-11-13 15:37:08 -05:00
rsi_91x.h
rstreason.h
net: Retire DCCP socket.
2025-04-11 18:58:10 -07:00
rtnetlink.h
rtnetlink: Remove "net" from newlink params
2025-02-21 15:28:03 -08:00
rtnh.h
sch_generic.h
net/sched: Fix backlog accounting in qdisc_dequeue_internal
2025-08-14 17:52:29 -07:00
scm.h
af_unix/scm: fix whitespace errors
2025-07-04 09:32:35 +02:00
secure_seq.h
net: Retire DCCP socket.
2025-04-11 18:58:10 -07:00
seg6_hmac.h
seg6_local.h
seg6.h
selftests.h
slhc_vj.h
smc.h
snmp.h
percpu: use TYPEOF_UNQUAL() in variable declarations
2025-03-16 22:05:53 -07:00
sock_reuseport.h
sock.h
inet: Avoid ehash lookup race in inet_ehash_insert()
2025-12-18 13:59:19 +01:00
Space.h
stp.h
strparser.h
strparser: Remove unused __strp_unpause
2025-05-05 16:48:12 -07:00
switchdev.h
tc_wrapper.h
tcp_ao.h
net/tcp: Add missing lockdep annotations for TCP-AO hlist traversals
2024-11-03 12:10:11 -08:00
tcp_states.h
tcp.h
Merge tag 'kbuild-v6.17-2' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild
2025-08-06 07:32:52 +03:00
tcx.h
bpf: Remove location field in tcx_link
2025-07-11 11:00:57 -07:00
timewait_sock.h
tipc.h
tls_prot.h
tls_toe.h
tls.h
net: tls: Cancel RX async resync request on rcd_delta overflow
2025-12-01 11:46:04 +01:00
transp_v6.h
tso.h
tun_proto.h
udp_tunnel.h
udp_tunnel: fix deadlock in udp_tunnel_nic_set_port_priv()
2025-06-24 16:31:36 -07:00
udp.h
net: drop UFO packets in udp_rcv_segment()
2025-08-01 15:14:51 -07:00
udplite.h
vsock_addr.h
vxlan.h
vxlan: Support MC routing in the underlay
2025-06-17 18:18:46 -07:00
wext.h
x25.h
net/x25: Remove unused x25_terminate_link()
2025-07-14 17:19:13 -07:00
x25device.h
xdp_priv.h
xdp_sock_drv.h
xsk: Add launch time hardware offload support to XDP Tx metadata
2025-02-20 15:13:45 -08:00
xdp_sock.h
net: xsk: introduce XDP_MAX_TX_SKB_BUDGET setsockopt
2025-07-10 14:48:29 +02:00
xdp.h
bpf: Clear pfmemalloc flag when freeing all fragments
2025-11-13 15:36:53 -05:00
xfrm.h
xfrm: Determine inner GSO type from packet inner protocol
2025-12-01 11:45:51 +01:00
xsk_buff_pool.h
xsk: Fix offset calculation in unaligned mode
2025-04-24 17:11:52 -07:00