From patchwork Thu May 11 17:38:56 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: William Tu X-Patchwork-Id: 1780225 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=Nvidia.com header.i=@Nvidia.com header.a=rsa-sha256 header.s=selector2 header.b=ZXbbxKo1; dkim-atps=neutral Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4QHK0c3qTpz214S for ; Fri, 12 May 2023 03:40:00 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1pxAGh-0005ie-A6; Thu, 11 May 2023 17:39:55 +0000 Received: from mail-dm6nam04on2075.outbound.protection.outlook.com ([40.107.102.75] helo=NAM04-DM6-obe.outbound.protection.outlook.com) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1pxAGe-0005fE-DF for kernel-team@lists.ubuntu.com; Thu, 11 May 2023 17:39:52 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=d3Jxur2qAG0NxVf2KWcKIEiBdMEfmUBdPyJ/ToKHhHaBBp+JKSOvdS8egM2vUGPE5pd7NNCNvokx6AJMq9I2TJZM4ALBj7+08S7HllIXDxPHQIEsh546M4x6Mp9lZEgDD0Dtxyal8rojT6zy9u0EDwuuieLzqalCCZOtvoxMWB8q3jevvvlfPoP2VDz2Gkv+lFXHS5lXSGDOy/AAeOtCR5/kDZ8pvEB4/jd2H5FO1c69V6kPnYHr6iSBgcOIK2DkIT5bsFRVXAYolEDtfTfUyi5ZlgCxmZLiLJ7TYQEFk+zf0sPJAvIBbj0OW8qvQJUuaQNv+o8sNIqyr7cED6pTJw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xSkUklq/SWhXCgn9wLxx96k/SGvt2K4ocBQwiWaqDzM=; b=lAc60grgfqN4ta3wQTVSMveKCITKZYSS2gHRT23CEuijhJ65Rk+sYiXsrPKCS8oIwLfW9+nxND4ZF+Y8hjhYWcn05/9bMxvZ60yb23nxpZ1aXWcCWAZlEWM5vZWNcEItLXexeSD0XgioT7458Wb4jWJACBgxSWgki+3MT2hmYC+50ue3ZKs6nmx7BuoAqfSv1dhsivvR5UKkyeF0rJ5OnauGiaiShNY/E7wqRA2RcZuy1n5aDsgG3t9rAdjwkvem8ImTP7nXEwz7Y0WswA/kWpfnxl7fNvZYdEd3fLEac//cZ1b1n3FRiuMcV63pCpfPFhtiBlm+qI2vEicIK3hQgQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=canonical.com smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xSkUklq/SWhXCgn9wLxx96k/SGvt2K4ocBQwiWaqDzM=; b=ZXbbxKo1kYlHNCNe2yiFskCGXn/+zF6pS7h8FLnaHWpEo0ecQbAr1oWW4iTEEhjbHP6l9r8lhJtA5cu0+6+uZXTl2Y2lXHMxgrAQoEAN3rwKKmRcYRVdLGiasaNvCk6cgHMuNIx3IS+EjyklE4zba3pLxLPtHRMxkp8cpdNn9zBZF8WUAbNuY4Az1TOamnEbg+v0qx/npzwDOwbawgo5bTnGyfr40GBEumFN1UDXGsXdRRJXGlSMv5ggesKOU36xS/aFssAub+NZgOA1K8lvBxHX7TlBPE3lzdDgTgYlSBmfM4xaxcdI20A+t+fJKh3ybDqqX/9TGTRzV+44Z9yKPg== Received: from BYAPR11CA0055.namprd11.prod.outlook.com (2603:10b6:a03:80::32) by SN7PR12MB7022.namprd12.prod.outlook.com (2603:10b6:806:261::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6387.22; Thu, 11 May 2023 17:39:50 +0000 Received: from CO1PEPF000042AB.namprd03.prod.outlook.com (2603:10b6:a03:80:cafe::87) by BYAPR11CA0055.outlook.office365.com (2603:10b6:a03:80::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6387.21 via Frontend Transport; Thu, 11 May 2023 17:39:49 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by CO1PEPF000042AB.mail.protection.outlook.com (10.167.243.40) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6387.20 via Frontend Transport; Thu, 11 May 2023 17:39:49 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.5; Thu, 11 May 2023 10:39:11 -0700 Received: from rnnvmail202.nvidia.com (10.129.68.7) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.37; Thu, 11 May 2023 10:39:10 -0700 Received: from mtl123.mtl.labs.mlnx (10.127.8.10) by mail.nvidia.com (10.129.68.7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.37 via Frontend Transport; Thu, 11 May 2023 10:39:10 -0700 Received: from sw-mtx-002.mtx.labs.mlnx (sw-mtx-002.mtx.labs.mlnx [10.9.151.106]) by mtl123.mtl.labs.mlnx (8.14.4/8.14.4) with ESMTP id 34BHcvs9018109; Thu, 11 May 2023 20:39:07 +0300 From: William Tu To: Subject: [SRU][J:linux-bluefield][PATCH v1 5/5] netfilter: ctnetlink: Support offloaded conntrack entry deletion Date: Thu, 11 May 2023 20:38:56 +0300 Message-ID: <20230511173856.706923-6-witu@nvidia.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230511173856.706923-1-witu@nvidia.com> References: <20230511173856.706923-1-witu@nvidia.com> MIME-Version: 1.0 X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000042AB:EE_|SN7PR12MB7022:EE_ X-MS-Office365-Filtering-Correlation-Id: cff418dd-0ad1-400d-3a05-08db5246b838 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: i5BHCNSEe/qOGXW2oUdbrYDovzDfsFSjFKAqt/yxIlsmIrRrekjqP6LRvx5qqm7hgxkp7y3KJDVOvAvYO82rvVzbJxVqv9ScWJfwMq/BtkfY7wfxRzK+UtCAQb99wPDC96aj8Owyw893M8L0bqp6k67Hk4XGTSLGgbASOxyUHN0hmrZU9AuPYh9worb4cy4u4Jz1ynxKqLd4SyEhrH3nttz1E/i1kltDqj3bR4ZKRiAkezfWOUypODHDLqfy2GufREtJGYoQBp1NLLTGBd6Jo+fEb/nleUvpndpYTA0iZ+VR3sRotD9N03FPBMmOdHAeKvYOhqiHaQb+LBMdN4x4/HdlsG7SAip0nifLa8h+I/KjaFRgyUl8V+arW9gky5hhYPrudYP6Q0E7G+CrRT6uHTOZ2XLePMKdYbA0zD351PxMDXthq2Vrch9Bw22Wq3VbFqm5/AfI2Vc4tqbpVs4/MbOAit1V41pyqu0CkhVQBKwdYXIQ2tByoZMLa4BaV0ZFu4cFudHMQDdzbiUU5WTIZGDk1aFeBvPMdUeUF8f6Y9s79DoefrZget3KNP2Zwp/Xcqd0TUtNJoElKLAPQCpDEAqNJfxy1vYAV45YSPipNqZdbQEbFicSSeh12zZk1arcPFm0FXL4CWdJX1hbwbPvTiw1jPyp6BYAiYy5yn7Jc143RtowTPJ1vMRdkitnbDZiirX8rmOdGSBUxjR0nmHFRD0Bw/ubkeXuSGmMftkP9OT1X4qvosaS0fESHkr+LLY8vggdbksKviNLWQraElKyTAo8FglsV5w8i0ujwmgLkco= X-Forefront-Antispam-Report: CIP:216.228.117.161; CTRY:US; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:mail.nvidia.com; PTR:dc6edge2.nvidia.com; CAT:NONE; SFS:(13230028)(4636009)(376002)(136003)(39860400002)(346002)(396003)(451199021)(36840700001)(40470700004)(46966006)(86362001)(2616005)(2906002)(336012)(6666004)(41300700001)(7636003)(356005)(36860700001)(47076005)(26005)(1076003)(83380400001)(186003)(107886003)(54906003)(8676002)(5660300002)(966005)(8936002)(40460700003)(82310400005)(478600001)(36756003)(82740400003)(316002)(4326008)(70586007)(6916009)(40480700001)(70206006); DIR:OUT; SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 May 2023 17:39:49.3531 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: cff418dd-0ad1-400d-3a05-08db5246b838 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a; Ip=[216.228.117.161]; Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000042AB.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB7022 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: dann.frazier@canonical.com, paulb@nvidia.com, vlad@nvidia.com, yifeid@nvidia.com, bodong@nvidia.com Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Paul Blakey BugLink: https://bugs.launchpad.net/bugs/2015293 Currently, offloaded conntrack entries (flows) can only be deleted after they are removed from offload, which is either by timeout, tcp state change or tc ct rule deletion. This can cause issues for users wishing to manually delete or flush existing entries. Support deletion of offloaded conntrack entries. Example usage: # Delete all offloaded (and non offloaded) conntrack entries # whose source address is 1.2.3.4 $ conntrack -D -s 1.2.3.4 # Delete all entries $ conntrack -F Signed-off-by: Paul Blakey Reviewed-by: Simon Horman Acked-by: Pablo Neira Ayuso Signed-off-by: Florian Westphal (cherry picked from commit 9b7c68b3911aef84afa4cbfc31bce20f10570d51 linux-next) Signed-off-by: Paul Blakey Signed-off-by: William Tu Acked-by: Bartlomiej Zolnierkiewicz Acked-by: Andrei Gherzan [bzolnier: mention linux-next in the cherry-pick line] Signed-off-by: Bartlomiej Zolnierkiewicz --- net/netfilter/nf_conntrack_netlink.c | 8 -------- 1 file changed, 8 deletions(-) diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c index 2d0bce25bddd..c335c06db240 100644 --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c @@ -1556,9 +1556,6 @@ static const struct nla_policy ct_nla_policy[CTA_MAX+1] = { static int ctnetlink_flush_iterate(struct nf_conn *ct, void *data) { - if (test_bit(IPS_OFFLOAD_BIT, &ct->status)) - return 0; - return ctnetlink_filter_match(ct, data); } @@ -1622,11 +1619,6 @@ static int ctnetlink_del_conntrack(struct sk_buff *skb, ct = nf_ct_tuplehash_to_ctrack(h); - if (test_bit(IPS_OFFLOAD_BIT, &ct->status)) { - nf_ct_put(ct); - return -EBUSY; - } - if (cda[CTA_ID]) { __be32 id = nla_get_be32(cda[CTA_ID]);