| Message ID | 1642186652-10799-1-git-send-email-bodong@nvidia.com |
|---|---|
| Headers | show
Return-Path: <kernel-team-bounces@lists.ubuntu.com> X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=<UNKNOWN>) Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4Jb9Xn5yy4z9sXM for <incoming@patchwork.ozlabs.org>; Sat, 15 Jan 2022 05:57:45 +1100 (AEDT) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from <kernel-team-bounces@lists.ubuntu.com>) id 1n8Rla-0005hC-Lf; Fri, 14 Jan 2022 18:57:38 +0000 Received: from mail-il-dmz.mellanox.com ([193.47.165.129] helo=mellanox.co.il) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from <bodong@nvidia.com>) id 1n8RlX-0005h5-CK for kernel-team@lists.ubuntu.com; Fri, 14 Jan 2022 18:57:35 +0000 Received: from Internal Mail-Server by MTLPINE1 (envelope-from bodong@nvidia.com) with SMTP; 14 Jan 2022 20:57:34 +0200 Received: from sw-mtx-016.mtx.labs.mlnx. (sw-mtx-016.mtx.labs.mlnx [10.9.150.102]) by labmailer.mlnx (8.13.8/8.13.8) with ESMTP id 20EIvWWp015716; Fri, 14 Jan 2022 20:57:33 +0200 From: Bodong Wang <bodong@nvidia.com> To: kernel-team@lists.ubuntu.com Subject: [SRU][F:linux-bluefield][PATCH V2 0/5] Fix ct_state nat matching and nat action not being executed Date: Fri, 14 Jan 2022 12:57:27 -0600 Message-Id: <1642186652-10799-1-git-send-email-bodong@nvidia.com> X-Mailer: git-send-email 1.8.3.1 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions <kernel-team.lists.ubuntu.com> List-Unsubscribe: <https://lists.ubuntu.com/mailman/options/kernel-team>, <mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe> List-Archive: <https://lists.ubuntu.com/archives/kernel-team> List-Post: <mailto:kernel-team@lists.ubuntu.com> List-Help: <mailto:kernel-team-request@lists.ubuntu.com?subject=help> List-Subscribe: <https://lists.ubuntu.com/mailman/listinfo/kernel-team>, <mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe> Cc: vlad@nvidia.com, paulb@nvidia.com, majd@nvidia.com MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com> |
| Series |
Fix ct_state nat matching and nat action not being executed
|
expand
|
Netfilter conntrack maintains NAT flags per connection indicating whether NAT was configured for the connection. Openvswitch maintains NAT flags on the per packet flow key ct_state field, indicating whether NAT was actually executed on the packet. When a packet misses from tc to ovs the conntrack NAT flags are set. However, NAT was not necessarily executed on the packet because the connection's state might still be in NEW state. As such, openvswitch wrongly assumes that NAT was executed and sets an incorrect flow key NAT flags. This can lead to incorrect matching on ct_state nat flags, and nat not being executed by ovs. This patch series fixed the bug above. V1->v2: Fix upstream commit SHA for patch "net/sched: Extend qdisc control block with tc control block" Paul Blakey (4): net/sched: Extend qdisc control block with tc control block net/sched: flow_dissector: Fix matching on zone id for invalid conns net: openvswitch: Fix matching zone id for invalid conns arriving from tc UBUNTU: SAUCE: net: openvswitch: Fix ct_state nat flags for conns arriving from tc Vlad Buslov (1): net: zero-initialize tc skb extension on allocation drivers/net/ethernet/mellanox/mlx5/core/en_tc.c | 2 +- include/linux/skbuff.h | 7 +++++-- include/net/pkt_cls.h | 11 +++++++++++ include/net/pkt_sched.h | 18 ++++++++++++++++++ include/net/sch_generic.h | 2 -- net/core/dev.c | 8 ++++---- net/core/flow_dissector.c | 3 ++- net/openvswitch/flow.c | 20 ++++++++++++++++++-- net/sched/act_ct.c | 21 ++++++++++++++------- net/sched/cls_api.c | 11 ++++++++--- net/sched/cls_flower.c | 6 ++++-- net/sched/sch_frag.c | 3 ++- 12 files changed, 87 insertions(+), 25 deletions(-)