APPLIED: [SRU][F:linux-bluefield][PATCH 0/4] Fix ignoring ct state match of OVS offload to TC/HW
Luke Nowakowski-Krijger
luke.nowakowskikrijger at canonical.com
Wed Oct 13 18:32:53 UTC 2021
On Thu, Sep 30, 2021 at 1:51 PM Bodong Wang <bodong at nvidia.com> wrote:
> When using OVS with tc to offload connection tracking flows, if user
> matches on
> ct_state other then trk and est, such as ct_state +rpl, it will be silently
> ignored by TC/HW and might result in wrong actions being executed.
>
> This series from upstream fixed the bug.
>
> Jakub Kicinski (1):
> netlink: add mask validation
>
> wenxu (3):
> net/sched: cls_flower: Reject invalid ct_state flags rules
> net/sched: cls_flower: validate ct_state for invalid and reply flags
> net/sched: cls_flower: fix only mask bit check in the
> validate_ct_state
>
> include/net/netlink.h | 16 +++++++++++++
> include/uapi/linux/pkt_cls.h | 2 ++
> lib/nlattr.c | 36 +++++++++++++++++++++++++++++
> net/sched/cls_flower.c | 54
> ++++++++++++++++++++++++++++++++++++++++++--
> 4 files changed, 106 insertions(+), 2 deletions(-)
>
> --
> 1.8.3.1
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20211013/81732d5a/attachment-0001.html>
More information about the kernel-team
mailing list