From patchwork Thu Oct 26 08:57:05 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ye Yin <hustcat@gmail.com>
X-Patchwork-Id: 830536
X-Patchwork-Delegate: davem@davemloft.net
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming@ozlabs.org
Delivered-To: patchwork-incoming@ozlabs.org
Authentication-Results: ozlabs.org;
	spf=none (mailfrom) smtp.mailfrom=vger.kernel.org
	(client-ip=209.132.180.67; helo=vger.kernel.org;
	envelope-from=netdev-owner@vger.kernel.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org; dkim=pass (2048-bit key;
	unprotected) header.d=gmail.com header.i=@gmail.com
	header.b="gRgu3bpd"; dkim-atps=neutral
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 3yN19L1mcrz9t3n
	for <patchwork-incoming@ozlabs.org>;
	Thu, 26 Oct 2017 19:57:26 +1100 (AEDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1751620AbdJZI5Y (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);
	Thu, 26 Oct 2017 04:57:24 -0400
Received: from mail-pf0-f193.google.com ([209.85.192.193]:54733 "EHLO
	mail-pf0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1751009AbdJZI5W (ORCPT
	<rfc822;netdev@vger.kernel.org>); Thu, 26 Oct 2017 04:57:22 -0400
Received: by mail-pf0-f193.google.com with SMTP id n89so2015111pfk.11;
	Thu, 26 Oct 2017 01:57:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gmail.com; s=20161025;
	h=from:to:cc:subject:date:message-id;
	bh=51dzim1URbTKPNM7mwRI9B1bGdDheMIZvsSZA6JLJvs=;
	b=gRgu3bpdrKMpG4/FDH8QFmEEAxGW2qC5RCY4pztlJvvdHfNmAnxwzvY7ZjDIuHruSC
	Tj4qyy7/YAIH+LCkvbCZHxYMSLfFmmaWwfpqw5rSnO4T1YYN6xHJc3fQst4S2DckBtih
	pamTUqWdJXpCSG6n6JHTqz07e60BYy1s1lhmuKPIb83ZXqTYuyFDyZxlwGhE7OINDSUG
	mHjSHffKJ9jE7Rqj94Cwf7RFOpY46AK11Ad3iVYEaQrPqj14vxc1za+AJHphdIDZdYKk
	J+W/1u0n04GCVb20aML6QUt7gslARZxwfmOFy/3dHDzjpbwWcQPU8GM1jJZz3muV4LbP
	i9Ng==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id;
	bh=51dzim1URbTKPNM7mwRI9B1bGdDheMIZvsSZA6JLJvs=;
	b=Sf4U2/54Yo1t5pASxMVu8VeAXjwlrbW8JjD/SVqycDr2xJT/Gl0yJs8iTbYkrS52bj
	ZIKgdOclozb65DWr3dufM+rlddH71j9ewvDrB0plgIc1vjc7nAbrKCXlO9Y54sEkgn6L
	IcGVk66Fw6LngGgb30w1bZ1B9pzU+GSmYdSM5i/VWcZPKtEH+RUTWwWSKyP0M9Z571E2
	ByfsJ1TAlgWt3lLl7rG2IhuQ6ufuBzLST/FxXAgxxnwLVO8ryxZtkZyPeARm0+mRbXtF
	ybMeW5E2zu3khjiPA5DmQY5c6ZJGvQpT36qqe1LR4RwvHQy8Ba4ZrgiBoq+A9aTJaIFq
	Z+iw==
X-Gm-Message-State: AMCzsaXq8p/qIuWJXMq0KoxTzSEQzlQOnZWfgdxLzyWPSeQNvK4n1qPu
	ZPK/61qIFSpg0arlwqHyIBk=
X-Google-Smtp-Source: 
 ABhQp+SuCA6bxqO13tBkST7jBLpUhH9dIAYAT134aXuRBQ0bZ9Y9dchLkD3DlUuMpV96rjFwlpkowA==
X-Received: by 10.98.69.145 with SMTP id n17mr4623484pfi.310.1509008241942;
	Thu, 26 Oct 2017 01:57:21 -0700 (PDT)
Received: from localhost.localdomain ([103.7.29.171])
	by smtp.gmail.com with ESMTPSA id
	m17sm8144099pfh.28.2017.10.26.01.57.17
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Thu, 26 Oct 2017 01:57:20 -0700 (PDT)
From: Ye Yin <hustcat@gmail.com>
To: davem@davemloft.net
Cc: willemb@google.com, edumazet@google.com, johannes.berg@intel.com,
	dcaratti@redhat.com, pabeni@redhat.com, f.fainelli@gmail.com,
	fw@strlen.de, soheil@google.com, dwindsor@gmail.com,
	elena.reshetova@intel.com, tom@quantonium.net, Jason@zx2c4.com,
	linux-kernel@vger.kernel.org, netdev@vger.kernel.org,
	Ye Yin <hustcat@gmail.com>, Wei Zhou <chouryzhou@gmail.com>
Subject: [PATCH] netfilter/ipvs: clear ipvs_property flag when SKB net
	namespace changed
Date: Thu, 26 Oct 2017 16:57:05 +0800
Message-Id: <1509008225-19614-1-git-send-email-hustcat@gmail.com>
X-Mailer: git-send-email 1.7.12.4
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

When run ipvs in two different network namespace at the same host, and one
ipvs transport network traffic to the other network namespace ipvs.
'ipvs_property' flag will make the second ipvs take no effect. So we should
clear 'ipvs_property' when SKB network namespace changed.

Signed-off-by: Ye Yin <hustcat@gmail.com>
Signed-off-by: Wei Zhou <chouryzhou@gmail.com>
Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Simon Horman <horms@verge.net.au>
---
 include/linux/skbuff.h | 7 +++++++
 net/core/skbuff.c      | 1 +
 2 files changed, 8 insertions(+)

diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h
index 72299ef..d448a48 100644
--- a/include/linux/skbuff.h
+++ b/include/linux/skbuff.h
@@ -3770,6 +3770,13 @@ static inline void nf_reset_trace(struct sk_buff *skb)
 #endif
 }
 
+static inline void ipvs_reset(struct sk_buff *skb)
+{
+#if IS_ENABLED(CONFIG_IP_VS)
+	skb->ipvs_property = 0;
+#endif
+}
+
 /* Note: This doesn't put any conntrack and bridge info in dst. */
 static inline void __nf_copy(struct sk_buff *dst, const struct sk_buff *src,
 			     bool copy)
diff --git a/net/core/skbuff.c b/net/core/skbuff.c
index 2465607..e140ba4 100644
--- a/net/core/skbuff.c
+++ b/net/core/skbuff.c
@@ -4864,6 +4864,7 @@ void skb_scrub_packet(struct sk_buff *skb, bool xnet)
 	if (!xnet)
 		return;
 
+	ipvs_reset(skb);
 	skb_orphan(skb);
 	skb->mark = 0;
 }