From patchwork Fri Jan 25 02:32:34 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Marcelo Leitner <mleitner@redhat.com>
X-Patchwork-Id: 1030781
X-Patchwork-Delegate: davem@davemloft.net
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming-netdev@ozlabs.org
Delivered-To: patchwork-incoming-netdev@ozlabs.org
Authentication-Results: ozlabs.org;
	spf=none (mailfrom) smtp.mailfrom=vger.kernel.org
	(client-ip=209.132.180.67; helo=vger.kernel.org;
	envelope-from=netdev-owner@vger.kernel.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dmarc=fail (p=none dis=none) header.from=redhat.com
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 43m33j579Fz9s7h
	for <patchwork-incoming-netdev@ozlabs.org>;
	Fri, 25 Jan 2019 13:33:21 +1100 (AEDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1728739AbfAYCdO (ORCPT
	<rfc822;patchwork-incoming-netdev@ozlabs.org>);
	Thu, 24 Jan 2019 21:33:14 -0500
Received: from mx1.redhat.com ([209.132.183.28]:44812 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1728631AbfAYCdM (ORCPT <rfc822;netdev@vger.kernel.org>);
	Thu, 24 Jan 2019 21:33:12 -0500
Received: from smtp.corp.redhat.com
	(int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 4EAD9138209;
	Fri, 25 Jan 2019 02:33:12 +0000 (UTC)
Received: from localhost.localdomain (ovpn-116-7.gru2.redhat.com
	[10.97.116.7])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 554EF5EDE0;
	Fri, 25 Jan 2019 02:33:09 +0000 (UTC)
Received: by localhost.localdomain (Postfix, from userid 1000)
	id 18F71180D00; Fri, 25 Jan 2019 00:33:03 -0200 (-02)
From: Marcelo Ricardo Leitner <mleitner@redhat.com>
To: Guy Shattah <sguy@mellanox.com>, Marcelo Leitner <mleitner@redhat.com>,
	Aaron Conole <aconole@redhat.com>,
	John Hurley <john.hurley@netronome.com>,
	Simon Horman <simon.horman@netronome.com>,
	Justin Pettit <jpettit@ovn.org>, Gregory Rose <gvrose8192@gmail.com>,
	Eelco Chaudron <echaudro@redhat.com>, Flavio Leitner <fbl@redhat.com>,
	Florian Westphal <fwestpha@redhat.com>,
	Jiri Pirko <jiri@resnulli.us>, Rashid Khan <rkhan@redhat.com>,
	Sushil Kulkarni <sukulkar@redhat.com>,
	Andy Gospodarek <andrew.gospodarek@broadcom.com>,
	Roi Dayan <roid@mellanox.com>, Yossi Kuperman <yossiku@mellanox.com>,
	Or Gerlitz <ogerlitz@mellanox.com>, Rony Efraim <ronye@mellanox.com>,
	"davem@davemloft.net" <davem@davemloft.net>
Cc: netdev@vger.kernel.org
Subject: [RFC PATCH 5/6] net/sched: act_ct: add support for clear flag
Date: Fri, 25 Jan 2019 00:32:34 -0200
Message-Id: 
 <a0d180e197234bfb573394679845080083558a05.1548285996.git.mleitner@redhat.com>
In-Reply-To: <cover.1548285996.git.mleitner@redhat.com>
References: <cover.1548285996.git.mleitner@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16
	(mx1.redhat.com [10.5.110.38]);
	Fri, 25 Jan 2019 02:33:12 +0000 (UTC)
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

OvS ct action supports a 'clear' flag: it removes any ConnTrack marking in
the packet. Implement it similarly here: drop the reference and return.
Note that the packet is also marked as UNTRACKED.

Yes, parsing should ensure that clear is not used with any other flags as
they are mutually exclusive.

Signed-off-by: Marcelo Ricardo Leitner <mleitner@redhat.com>
---
 include/uapi/linux/tc_act/tc_ct.h |  1 +
 net/sched/act_ct.c                | 13 +++++++++++++
 2 files changed, 14 insertions(+)

diff --git a/include/uapi/linux/tc_act/tc_ct.h b/include/uapi/linux/tc_act/tc_ct.h
index 009e53ee83fb3125bc5c4ca86954af3bf6a0287a..636f435b86e006aa36034f86c65fd5c220ca8a13 100644
--- a/include/uapi/linux/tc_act/tc_ct.h
+++ b/include/uapi/linux/tc_act/tc_ct.h
@@ -26,6 +26,7 @@ enum {
 enum {
 	TC_CT_COMMIT,
 	TC_CT_FORCE,
+	TC_CT_CLEAR,
 	__TC_CT_MAX
 };
 #define TC_CT_MAX (__TC_CT_MAX - 1)
diff --git a/net/sched/act_ct.c b/net/sched/act_ct.c
index 8a1b5d6a7cd8360c50011d992368464db213a020..77d55c05ed95d8abc8c35a3d19f453a586139914 100644
--- a/net/sched/act_ct.c
+++ b/net/sched/act_ct.c
@@ -196,6 +196,18 @@ static int tcf_ct_act(struct sk_buff *skb, const struct tc_action *a,
 	if (unlikely(action == TC_ACT_SHOT))
 		goto drop;
 
+	if (flags & BIT(TC_CT_CLEAR)) {
+		new_ct = nf_ct_get(skb, &ctinfo);
+		if (new_ct) {
+			if (nf_ct_is_confirmed(new_ct))
+				nf_ct_delete(new_ct, 0, 0);
+
+			nf_conntrack_put(&new_ct->ct_general);
+			nf_ct_set(skb, NULL, IP_CT_UNTRACKED);
+			goto out;
+		}
+	}
+
 	/* FIXME: For when we support cloning the packet
 	orig_skb = skb;
 	skb = skb_clone(orig_skb, GFP_ATOMIC);
@@ -257,6 +269,7 @@ static int tcf_ct_act(struct sk_buff *skb, const struct tc_action *a,
 
 	skb_push(skb, nh_ofs);
 	skb_postpush_rcsum(skb, skb->data, nh_ofs);
+out:
 	return TC_ACT_PIPE;
 
 drop: