From patchwork Mon Jun 19 20:45:14 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: William Tu X-Patchwork-Id: 1796797 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=Nvidia.com header.i=@Nvidia.com header.a=rsa-sha256 header.s=selector2 header.b=rOWDT3Pn; dkim-atps=neutral Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QlMH40yzTz20Wk for ; Tue, 20 Jun 2023 06:45:50 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1qBLkn-0001jw-I8; Mon, 19 Jun 2023 20:45:37 +0000 Received: from mail-dm6nam12on2050.outbound.protection.outlook.com ([40.107.243.50] helo=NAM12-DM6-obe.outbound.protection.outlook.com) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1qBLkl-0001jh-CJ for kernel-team@lists.ubuntu.com; Mon, 19 Jun 2023 20:45:35 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=JGWiqCBAivWy9nKM48P6isXig4052591mUDi7DpsMUhlQZuKMhGNgzJkWgQMfO121jtpmPJY+LZHo5yBmGwVIbhUjfaujaSApfICJfLkvd5KjU3n/gaaBLlDN1knN7xle5dy1M6SjJ9w2Oh+vJk4eOhbDxvqTx+nvwxo24NB5Y2uB5HCTyGEZxV8WXsbaFzW/UBUQukn/7+u3fzQslvJEN5zTTFl7P7OE49gFLk+4/JXbcu5kFhUIYwz45kzg5Up5FBL2saCqsEgO1BgAw60/qaS0AY3OWxFWxFY8imF/omiJM7DWbdMkljbO60qQ58J2Tx1paKuJXcOLdDzDZBsKg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2kw7zJ+063fBLnTakeqDjJaqu5NlOGAgTBnTWU75u/E=; b=PUDeu1fmSc0Ql8vbBKx0Zynlu4W0iHUTzGUi+L49OVqbTP1anGIgqCW7hXcvwShfRdADwtuTx0z4CdMim0zSDzJsi9Y6Xak9ePYr4kz4hhW7jIGNMut1rjCbEsS7oc/jJAm3AnJ5rJKAcwv3TzZ80hmWxFZQPYbG1B/iJCIgYmYK2KLhmX9FLmv20hJnwxnmjLyXNwcCIc/WYHmtzavt3WxdixCf0V8eS/jyk1kHtVyuzkHK1wbwint0OnTHoITVWNp7xS0CTxvIvuQWA5SKdpUcDZAEr2qrMt68bLDROx5Z7IlZvTrtza8n1iuTV5SwdRDb6TeUPBtstpeeeANYmQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.160) smtp.rcpttodomain=canonical.com smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2kw7zJ+063fBLnTakeqDjJaqu5NlOGAgTBnTWU75u/E=; b=rOWDT3PnNUnNz0mniTrA6zvfD5nElgY6zmqrYiiuvLPM1MyNfG+ilG/fmyhqRl/Ns/C8kpV6AK1UdnvhGJtPc2DADkB/ojUefqVBlBP3stg3ZoczNgZ4FLNrcWZNF5CnTUo7WFoL5hhVw4Gu/BNGDmcL8q46vT9WwtM1BGPfkU7nUsbnx4w14ZZkPqlK7lE1kv4xJtDdUnxvPRYi5CRQjHQT2N7wMHhj50CPfiLlHdhY+dxl8XobbZs9PQWH2sJ62UrSmQOlreLpj1GQB1+Stw/FiPIvxpaH6jm/XLalJTbtVWI/ZigStkPDBTSphxFZevoczmoZOWERVn9nIg4aqw== Received: from SN7P222CA0006.NAMP222.PROD.OUTLOOK.COM (2603:10b6:806:124::19) by CY8PR12MB8298.namprd12.prod.outlook.com (2603:10b6:930:7c::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6500.37; Mon, 19 Jun 2023 20:45:32 +0000 Received: from SA2PEPF00001504.namprd04.prod.outlook.com (2603:10b6:806:124:cafe::a6) by SN7P222CA0006.outlook.office365.com (2603:10b6:806:124::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6477.44 via Frontend Transport; Mon, 19 Jun 2023 20:45:29 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.160) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.160 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.160; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.160) by SA2PEPF00001504.mail.protection.outlook.com (10.167.242.36) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6521.17 via Frontend Transport; Mon, 19 Jun 2023 20:45:31 +0000 Received: from rnnvmail203.nvidia.com (10.129.68.9) by mail.nvidia.com (10.129.200.66) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.5; Mon, 19 Jun 2023 13:45:16 -0700 Received: from rnnvmail201.nvidia.com (10.129.68.8) by rnnvmail203.nvidia.com (10.129.68.9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.37; Mon, 19 Jun 2023 13:45:16 -0700 Received: from mtl123.mtl.labs.mlnx (10.127.8.10) by mail.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.37 via Frontend Transport; Mon, 19 Jun 2023 13:45:16 -0700 Received: from c-237-147-20-023.vagrant-libvirt (c-237-147-20-023.mtl.labs.mlnx [10.237.147.23]) by mtl123.mtl.labs.mlnx (8.14.4/8.14.4) with ESMTP id 35JKjETB028142; Mon, 19 Jun 2023 23:45:14 +0300 From: William Tu To: Subject: [SRU][J:linux-bluefield][PATCH 1/1] netfilter: ctnetlink: Support offloaded conntrack entry deletion Date: Mon, 19 Jun 2023 23:45:14 +0300 Message-ID: <20230619204514.276471-2-witu@nvidia.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230619204514.276471-1-witu@nvidia.com> References: <20230619204514.276471-1-witu@nvidia.com> MIME-Version: 1.0 X-NV-OnPremToCloud: ExternallySecured X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SA2PEPF00001504:EE_|CY8PR12MB8298:EE_ X-MS-Office365-Filtering-Correlation-Id: a5d37056-3bd1-4a0b-20ca-08db71061fb2 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: cjUFuxqNuroDJFhLFBOacQJR/G3DJAhvxLZzSk2HlpS0kxWr98wybVWSLwBnh+RN+0T1DlpaZusDF4YwJ5qggY7tpNWnwf0CLhB+rXzgDpgznhCbifEU4eG3Elt1BJo5ph7cyZqCdqo3oAl0/O98d8belp7i6sJXmcbJmto99idI6mBeyWKq5hrbGLri5wzhm3cVqzq/mQSpwih7RXgilLje/1euzA9UNgYj96jlsIgOk7UwL6gxgutrWRqivTqMKMRMCLtUOdWpKUsLTCo+CfISnszX+P7EYL2HQfqNvqqpbGsKtfmOW88vn8HwlseWOslM24ciWaN2TNHGr0a6WUl5z32pMX8Zfnbf3soLI6ENZH7fbsdoJkAS1rzvoYxnAaa36Rdnm6iZZzUkVjKM2Gi1scoOCFCw8v3bUVucqONA5ADmCLdu6MCRmwTGGqLmqdW2+Y0rNG9srtNHDTxq86M/8Sg08iM5A7Wi/7UUR/V5w+VT8jF3RVE2aJizBu8QJZvPDz3HQDI/jPhvQzdnU1xSGbz3+jypbjM4dzRvJpcF++UwsXU258uzs/d1rfIhfLmmwTdWjaBQ6QvfGKZ789/Wf0ArZTvMJkROlNNGLPUnYDMh+txUJOVa6efi7vXW7X7t6yQ/iDkHUtJwLiKKcb2R7lIfZa1xKrVRzXw+Qp1o8Lff0QmJKsY0U+Nn+JwTi0th6eFoBoNE0jPpYNFgK6EY6j/6xy2zfYwjgofDMZucCH8TIdzgOkWhGK8df4I43cwVGlXhqpaVacQAQ5RdK39BZjrO5Ti8Hxv/McRSG1M= X-Forefront-Antispam-Report: CIP:216.228.117.160; CTRY:US; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:mail.nvidia.com; PTR:dc6edge1.nvidia.com; CAT:NONE; SFS:(13230028)(4636009)(376002)(396003)(346002)(39860400002)(136003)(451199021)(40470700004)(36840700001)(46966006)(478600001)(40480700001)(2906002)(966005)(40460700003)(54906003)(7636003)(356005)(2616005)(47076005)(336012)(86362001)(107886003)(36756003)(26005)(186003)(1076003)(70586007)(8676002)(8936002)(70206006)(82310400005)(5660300002)(4326008)(316002)(36860700001)(6916009)(82740400003)(83380400001)(41300700001); DIR:OUT; SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Jun 2023 20:45:31.7004 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: a5d37056-3bd1-4a0b-20ca-08db71061fb2 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a; Ip=[216.228.117.160]; Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: SA2PEPF00001504.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR12MB8298 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: dann.frazier@canonical.com, paulb@nvidia.com, vlad@nvidia.com, yifeid@nvidia.com, bodong@nvidia.com Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Paul Blakey BugLink: https://bugs.launchpad.net/bugs/2015293 Currently, offloaded conntrack entries (flows) can only be deleted after they are removed from offload, which is either by timeout, tcp state change or tc ct rule deletion. This can cause issues for users wishing to manually delete or flush existing entries. Support deletion of offloaded conntrack entries. Example usage: # Delete all offloaded (and non offloaded) conntrack entries # whose source address is 1.2.3.4 $ conntrack -D -s 1.2.3.4 # Delete all entries $ conntrack -F Signed-off-by: Paul Blakey Reviewed-by: Simon Horman Acked-by: Pablo Neira Ayuso Signed-off-by: Florian Westphal (cherry picked from commit 9b7c68b3911aef84afa4cbfc31bce20f10570d51) Signed-off-by: Paul Blakey Signed-off-by: William Tu --- net/netfilter/nf_conntrack_netlink.c | 8 -------- 1 file changed, 8 deletions(-) diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c index 2d0bce25bddd..c335c06db240 100644 --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c @@ -1556,9 +1556,6 @@ static const struct nla_policy ct_nla_policy[CTA_MAX+1] = { static int ctnetlink_flush_iterate(struct nf_conn *ct, void *data) { - if (test_bit(IPS_OFFLOAD_BIT, &ct->status)) - return 0; - return ctnetlink_filter_match(ct, data); } @@ -1622,11 +1619,6 @@ static int ctnetlink_del_conntrack(struct sk_buff *skb, ct = nf_ct_tuplehash_to_ctrack(h); - if (test_bit(IPS_OFFLOAD_BIT, &ct->status)) { - nf_ct_put(ct); - return -EBUSY; - } - if (cda[CTA_ID]) { __be32 id = nla_get_be32(cda[CTA_ID]);