git.maquefel.me Git - linux.git/commit

author	Paul Blakey <paulb@nvidia.com>
	Tue, 14 Dec 2021 17:24:34 +0000 (19:24 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Thu, 27 Jan 2022 10:04:02 +0000 (11:04 +0100)
commit	a006c84824634fd13f442cd57c1217cc2b1aedbd
tree	81db8e33d58e109a667d2c258ed8f18b474831d5	tree \| snapshot
parent	3a4ecdfc0cf49f5d5536cd244052b251f8c63365	commit \| diff

net/sched: flow_dissector: Fix matching on zone id for invalid conns

[ Upstream commit 3849595866166b23bf6a0cb9ff87e06423167f67 ]

If ct rejects a flow, it removes the conntrack info from the skb.
act_ct sets the post_ct variable so the dissector will see this case
as an +tracked +invalid state, but the zone id is lost with the
conntrack info.

To restore the zone id on such cases, set the last executed zone,
via the tc control block, when passing ct, and read it back in the
dissector if there is no ct info on the skb (invalid connection).

Fixes: 7baf2429a1a9 ("net/sched: cls_flower add CT_FLAGS_INVALID flag support")
Signed-off-by: Paul Blakey <paulb@nvidia.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>

include/linux/skbuff.h		diff \| blob \| history
include/net/pkt_sched.h		diff \| blob \| history
net/core/flow_dissector.c		diff \| blob \| history
net/sched/act_ct.c		diff \| blob \| history
net/sched/cls_flower.c		diff \| blob \| history