Marcelo Ricardo Leitner 8ca1b090e5 net/sched: act_ct: clear post_ct if doing ct_clear ... Invalid detection works with two distinct moments: act_ct tries to find a conntrack entry and set post_ct true, indicating that that was attempted. Then, when flow dissector tries to dissect CT info and no entry is there, it knows that it was tried and no entry was found, and synthesizes/sets key->ct_state = TCA_FLOWER_KEY_CT_FLAGS_TRACKED | TCA_FLOWER_KEY_CT_FLAGS_INVALID; mimicing what OVS does. OVS has this a bit more streamlined, as it recomputes the key after trying to find a conntrack entry for it. Issue here is, when we have 'tc action ct clear', it didn't clear post_ct, causing a subsequent match on 'ct_state -trk' to fail, due to the above. The fix, thus, is to clear it. Reproducer rules: tc filter add dev enp130s0f0np0_0 ingress prio 1 chain 0 \ protocol ip flower ip_proto tcp ct_state -trk \ action ct zone 1 pipe \ action goto chain 2 tc filter add dev enp130s0f0np0_0 ingress prio 1 chain 2 \ protocol ip flower \ action ct clear pipe \ action goto chain 4 tc filter add dev enp130s0f0np0_0 ingress prio 1 chain 4 \ protocol ip flower ct_state -trk \ action mirred egress redirect dev enp130s0f1np1_0 With the fix, the 3rd rule matches, like it does with OVS kernel datapath. Fixes: 7baf2429a1 ("net/sched: cls_flower add CT_FLAGS_INVALID flag support") Signed-off-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> Reviewed-by: wenxu <wenxu@ucloud.cn> Signed-off-by: David S. Miller <davem@davemloft.net>		2021-03-23 14:32:26 -07:00
..
Kconfig	net: sched: incorrect Kconfig dependencies on Netfilter modules	2020-12-09 15:49:29 -08:00
Makefile	net/sched: sch_frag: add generic packet fragment support.	2020-11-27 14:36:02 -08:00
act_api.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net	2021-02-16 17:51:13 -08:00
act_bpf.c	net: sched: fix misspellings using misspell-fixer tool	2020-11-10 17:00:28 -08:00
act_connmark.c	net_sched: defer tcf_idr_insert() in tcf_action_init_1()	2020-09-24 19:46:21 -07:00
act_csum.c	net_sched: defer tcf_idr_insert() in tcf_action_init_1()	2020-09-24 19:46:21 -07:00
act_ct.c	net/sched: act_ct: clear post_ct if doing ct_clear	2021-03-23 14:32:26 -07:00
act_ctinfo.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net	2020-10-05 18:40:01 -07:00
act_gact.c	net_sched: defer tcf_idr_insert() in tcf_action_init_1()	2020-09-24 19:46:21 -07:00
act_gate.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net	2020-10-05 18:40:01 -07:00
act_ife.c	net_sched: defer tcf_idr_insert() in tcf_action_init_1()	2020-09-24 19:46:21 -07:00
act_ipt.c	treewide: rename nla_strlcpy to nla_strscpy.	2020-11-16 08:08:54 -08:00
act_meta_mark.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
act_meta_skbprio.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
act_meta_skbtcindex.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
act_mirred.c	net/sched: sch_frag: add generic packet fragment support.	2020-11-27 14:36:02 -08:00
act_mpls.c	net/sched: act_mpls: ensure LSE is pullable before reading it	2020-12-03 11:13:37 -08:00
act_nat.c	net_sched: defer tcf_idr_insert() in tcf_action_init_1()	2020-09-24 19:46:21 -07:00
act_pedit.c	net_sched: defer tcf_idr_insert() in tcf_action_init_1()	2020-09-24 19:46:21 -07:00
act_police.c	net_sched: defer tcf_idr_insert() in tcf_action_init_1()	2020-09-24 19:46:21 -07:00
act_sample.c	net_sched: defer tcf_idr_insert() in tcf_action_init_1()	2020-09-24 19:46:21 -07:00
act_simple.c	treewide: rename nla_strlcpy to nla_strscpy.	2020-11-16 08:08:54 -08:00
act_skbedit.c	net_sched: defer tcf_idr_insert() in tcf_action_init_1()	2020-09-24 19:46:21 -07:00
act_skbmod.c	net_sched: defer tcf_idr_insert() in tcf_action_init_1()	2020-09-24 19:46:21 -07:00
act_tunnel_key.c	net/sched: act_tunnel_key: fix OOB write in case of IPv6 ERSPAN tunnels	2020-10-20 21:10:41 -07:00
act_vlan.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net	2020-10-05 18:40:01 -07:00
cls_api.c	net/sched: act_api: fix miss set post_ct for ovs after do conntrack in act_ct	2021-03-16 15:22:18 -07:00
cls_basic.c	net_sched: fix ops->bind_class() implementations	2020-01-27 10:51:43 +01:00
cls_bpf.c	net_sched: fix ops->bind_class() implementations	2020-01-27 10:51:43 +01:00
cls_cgroup.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
cls_flow.c	Remove uninitialized_var() macro for v5.9-rc1	2020-08-04 13:49:43 -07:00
cls_flower.c	net/sched: cls_flower: fix only mask bit check in the validate_ct_state	2021-03-17 11:56:25 -07:00
cls_fw.c	net_sched: fix ops->bind_class() implementations	2020-01-27 10:51:43 +01:00
cls_matchall.c	net: qos offload add flow status with dropped count	2020-06-19 12:53:30 -07:00
cls_route.c	net_sched: cls_route: remove the right filter from hashtable	2020-03-16 01:59:32 -07:00
cls_rsvp.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
cls_rsvp.h	net: sched: fix misspellings using misspell-fixer tool	2020-11-10 17:00:28 -08:00
cls_rsvp6.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
cls_tcindex.c	net_sched: avoid shift-out-of-bounds in tcindex_set_parms()	2021-01-15 18:11:10 -08:00
cls_u32.c	net/sched: cls_u32: simplify the return expression of u32_reoffload_knode()	2020-12-08 16:22:53 -08:00
em_canid.c	net: sched: kerneldoc fixes	2020-07-13 17:20:40 -07:00
em_cmp.c	net: sched: fix misspellings using misspell-fixer tool	2020-11-10 17:00:28 -08:00
em_ipset.c	sched: consistently handle layer3 header accesses in the presence of VLANs	2020-07-03 14:34:53 -07:00
em_ipt.c	sched: consistently handle layer3 header accesses in the presence of VLANs	2020-07-03 14:34:53 -07:00
em_meta.c	sched: consistently handle layer3 header accesses in the presence of VLANs	2020-07-03 14:34:53 -07:00
em_nbyte.c	net: sched: Return the correct errno code	2021-02-06 11:15:28 -08:00
em_text.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
em_u32.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
ematch.c	net: sched: kerneldoc fixes	2020-07-13 17:20:40 -07:00
sch_api.c	net: sched: avoid duplicates in classes dump	2021-03-04 14:27:47 -08:00
sch_atm.c	net: sched: Add extack to Qdisc_class_ops.delete	2021-01-22 20:41:29 -08:00
sch_blackhole.c	Revert "net: sched: Pass root lock to Qdisc_ops.enqueue"	2020-07-16 16:48:34 -07:00
sch_cake.c	treewide: Use fallthrough pseudo-keyword	2020-08-23 17:36:59 -05:00
sch_cbq.c	net: sched: Add extack to Qdisc_class_ops.delete	2021-01-22 20:41:29 -08:00
sch_cbs.c	net: don't include ethtool.h from netdevice.h	2020-11-23 17:27:04 -08:00
sch_choke.c	net: sched: validate stab values	2021-03-10 15:47:52 -08:00
sch_codel.c	Revert "net: sched: Pass root lock to Qdisc_ops.enqueue"	2020-07-16 16:48:34 -07:00
sch_drr.c	net: sched: Add extack to Qdisc_class_ops.delete	2021-01-22 20:41:29 -08:00
sch_dsmark.c	net: sched: Add extack to Qdisc_class_ops.delete	2021-01-22 20:41:29 -08:00
sch_etf.c	Revert "net: sched: Pass root lock to Qdisc_ops.enqueue"	2020-07-16 16:48:34 -07:00
sch_ets.c	Revert "net: sched: Pass root lock to Qdisc_ops.enqueue"	2020-07-16 16:48:34 -07:00
sch_fifo.c	Revert "net: sched: Pass root lock to Qdisc_ops.enqueue"	2020-07-16 16:48:34 -07:00
sch_fq.c	Revert "net: sched: Pass root lock to Qdisc_ops.enqueue"	2020-07-16 16:48:34 -07:00
sch_fq_codel.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next	2020-08-05 20:13:21 -07:00
sch_fq_pie.c	net/sched: fq_pie: initialize timer earlier in fq_pie_init()	2020-12-04 14:15:01 -08:00
sch_frag.c	net/sched: sch_frag: add generic packet fragment support.	2020-11-27 14:36:02 -08:00
sch_generic.c	net/sched: get rid of qdisc->padded	2020-10-09 08:08:08 -07:00
sch_gred.c	net: sched: validate stab values	2021-03-10 15:47:52 -08:00
sch_hfsc.c	net: sched: Add extack to Qdisc_class_ops.delete	2021-01-22 20:41:29 -08:00
sch_hhf.c	Revert "net: sched: Pass root lock to Qdisc_ops.enqueue"	2020-07-16 16:48:34 -07:00
sch_htb.c	sch_htb: Fix offload cleanup in htb_destroy on htb_init failure	2021-03-11 18:30:32 -08:00
sch_ingress.c	net: sched: Pass ingress block to tcf_classify_ingress	2020-02-19 17:49:48 -08:00
sch_mq.c	net: sched: fix dump qlen for sch_mq/sch_mqprio with NOLOCK subqueues	2019-12-03 11:53:55 -08:00
sch_mqprio.c	mqprio: Fix out-of-bounds access in mqprio_dump	2019-12-06 11:58:45 -08:00
sch_multiq.c	Revert "net: sched: Pass root lock to Qdisc_ops.enqueue"	2020-07-16 16:48:34 -07:00
sch_netem.c	netem: fix zero division in tabledist	2020-10-29 11:45:47 -07:00
sch_pie.c	net: sched: fix misspellings using misspell-fixer tool	2020-11-10 17:00:28 -08:00
sch_plug.c	Revert "net: sched: Pass root lock to Qdisc_ops.enqueue"	2020-07-16 16:48:34 -07:00
sch_prio.c	Revert "net: sched: Pass root lock to Qdisc_ops.enqueue"	2020-07-16 16:48:34 -07:00
sch_qfq.c	net: sched: Add extack to Qdisc_class_ops.delete	2021-01-22 20:41:29 -08:00
sch_red.c	net: sched: validate stab values	2021-03-10 15:47:52 -08:00
sch_sfb.c	net: sched: Add extack to Qdisc_class_ops.delete	2021-01-22 20:41:29 -08:00
sch_sfq.c	net: sched: validate stab values	2021-03-10 15:47:52 -08:00
sch_skbprio.c	Revert "net: sched: Pass root lock to Qdisc_ops.enqueue"	2020-07-16 16:48:34 -07:00
sch_taprio.c	taprio: boolean values to a bool variable	2021-01-19 17:43:48 -08:00
sch_tbf.c	Revert "net: sched: Pass root lock to Qdisc_ops.enqueue"	2020-07-16 16:48:34 -07:00
sch_teql.c	Revert "net: sched: Pass root lock to Qdisc_ops.enqueue"	2020-07-16 16:48:34 -07:00