Merge branch 'next' into for-linus

Prepare input updates for 4.19 merge window.
author: Dmitry Torokhov <dmitry.torokhov@gmail.com> 2018-08-16 21:10:56 +0300
committer: Dmitry Torokhov <dmitry.torokhov@gmail.com> 2018-08-16 21:10:56 +0300
commit: 13fe7056bebb4015c6231a07a1be4d3aebbfe979 (patch)
tree: 8aefa59a61c081c402bc85f2b47c17e1374eabdd /net/netfilter/nf_conntrack_proto_tcp.c
parent: ed9800100f1a70154c11cfa0ccc0b9ff51e3436a (diff)
parent: 100294cee9a98bfd4d6cb2d1c8a8aef0e959b0c4 (diff)
download: linux-13fe7056bebb4015c6231a07a1be4d3aebbfe979.tar.xz
1 files changed, 11 insertions, 0 deletions
diff --git a/net/netfilter/nf_conntrack_proto_tcp.c b/net/netfilter/nf_conntrack_proto_tcp.c
index e97cdc1cf98c..8e67910185a0 100644
--- a/net/netfilter/nf_conntrack_proto_tcp.c
+++ b/net/netfilter/nf_conntrack_proto_tcp.c
@@ -981,6 +981,17 @@ static int tcp_packet(struct nf_conn *ct,
 			return NF_ACCEPT; /* Don't change state */
 		}
 		break;
+	case TCP_CONNTRACK_SYN_SENT2:
+		/* tcp_conntracks table is not smart enough to handle
+		 * simultaneous open.
+		 */
+		ct->proto.tcp.last_flags |= IP_CT_TCP_SIMULTANEOUS_OPEN;
+		break;
+	case TCP_CONNTRACK_SYN_RECV:
+		if (dir == IP_CT_DIR_REPLY && index == TCP_ACK_SET &&
+		    ct->proto.tcp.last_flags & IP_CT_TCP_SIMULTANEOUS_OPEN)
+			new_state = TCP_CONNTRACK_ESTABLISHED;
+		break;
 	case TCP_CONNTRACK_CLOSE:
 		if (index == TCP_RST_SET
 		    && (ct->proto.tcp.seen[!dir].flags & IP_CT_TCP_FLAG_MAXACK_SET)
author	Dmitry Torokhov <dmitry.torokhov@gmail.com>	2018-08-16 21:10:56 +0300
committer	Dmitry Torokhov <dmitry.torokhov@gmail.com>	2018-08-16 21:10:56 +0300
commit	13fe7056bebb4015c6231a07a1be4d3aebbfe979 (patch)
tree	8aefa59a61c081c402bc85f2b47c17e1374eabdd /net/netfilter/nf_conntrack_proto_tcp.c
parent	ed9800100f1a70154c11cfa0ccc0b9ff51e3436a (diff)
parent	100294cee9a98bfd4d6cb2d1c8a8aef0e959b0c4 (diff)
download	linux-13fe7056bebb4015c6231a07a1be4d3aebbfe979.tar.xz