Message ID | 1566432854-35880-1-git-send-email-yihung.wei@gmail.com |
---|---|
State | Superseded |
Delegated to: | David Miller |
Headers | show |
Series | [net] openvswitch: Fix conntrack cache with timeout | expand |
On Thu, Aug 22, 2019 at 11:12 AM kbuild test robot <lkp@intel.com> wrote: > > Hi Yi-Hung, > > Thank you for the patch! Perhaps something to improve: > > [auto build test WARNING on net/master] > > url: https://github.com/0day-ci/linux/commits/Yi-Hung-Wei/openvswitch-Fix-conntrack-cache-with-timeout/20190822-212539 > reproduce: > # apt-get install sparse > # sparse version: v0.6.1-rc1-7-g2b96cd8-dirty > make ARCH=x86_64 allmodconfig > make C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__' > > If you fix the issue, kindly add following tag > Reported-by: kbuild test robot <lkp@intel.com> > > > sparse warnings: (new ones prefixed by >>) > > include/linux/sched.h:609:43: sparse: sparse: bad integer constant expression > include/linux/sched.h:609:73: sparse: sparse: invalid named zero-width bitfield `value' > include/linux/sched.h:610:43: sparse: sparse: bad integer constant expression > include/linux/sched.h:610:67: sparse: sparse: invalid named zero-width bitfield `bucket_id' > >> net/openvswitch/conntrack.c:706:41: sparse: sparse: incompatible types in comparison expression (different address spaces): > >> net/openvswitch/conntrack.c:706:41: sparse: struct nf_ct_timeout * > >> net/openvswitch/conntrack.c:706:41: sparse: struct nf_ct_timeout [noderef] <asn:4> * My v1 does not take care of the rcu pointer properly. I will fix the reported issue and send v2. Thanks, -Yi-Hung
diff --git a/net/openvswitch/conntrack.c b/net/openvswitch/conntrack.c index 848c6eb55064..45498fcf540d 100644 --- a/net/openvswitch/conntrack.c +++ b/net/openvswitch/conntrack.c @@ -67,6 +67,7 @@ struct ovs_conntrack_info { struct md_mark mark; struct md_labels labels; char timeout[CTNL_TIMEOUT_NAME_MAX]; + struct nf_ct_timeout *nf_ct_timeout; #if IS_ENABLED(CONFIG_NF_NAT) struct nf_nat_range2 range; /* Only present for SRC NAT and DST NAT. */ #endif @@ -697,6 +698,14 @@ static bool skb_nfct_cached(struct net *net, if (help && rcu_access_pointer(help->helper) != info->helper) return false; } + if (info->nf_ct_timeout) { + struct nf_conn_timeout *timeout_ext; + + timeout_ext = nf_ct_timeout_find(ct); + if (!timeout_ext || + info->nf_ct_timeout != timeout_ext->timeout) + return false; + } /* Force conntrack entry direction to the current packet? */ if (info->force && CTINFO2DIR(ctinfo) != IP_CT_DIR_ORIGINAL) { /* Delete the conntrack entry if confirmed, else just release @@ -1657,6 +1666,10 @@ int ovs_ct_copy_action(struct net *net, const struct nlattr *attr, ct_info.timeout)) pr_info_ratelimited("Failed to associated timeout " "policy `%s'\n", ct_info.timeout); + else + ct_info.nf_ct_timeout = + nf_ct_timeout_find(ct_info.ct)->timeout; + } if (helper) {
This patch addresses a conntrack cache issue with timeout policy. Currently, we do not check if the timeout extension is set properly in the cached conntrack entry. Thus, after packet recirculate from conntrack action, the timeout policy is not applied properly. This patch fixes the aforementioned issue. Fixes: 06bd2bdf19d2 ("openvswitch: Add timeout support to ct action") Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> --- net/openvswitch/conntrack.c | 13 +++++++++++++ 1 file changed, 13 insertions(+)