NAK: [SRU][F:linux-bluefield][PATCH 00/10] Increase stability with connection tracking offload

Tim Gardner tim.gardner at canonical.com
Mon Oct 31 19:56:45 UTC 2022 

On 10/28/22 15:57, Bodong Wang wrote:
> Currently qdisc ingress handling (sch_handle_ingress()) doesn't
> set a return value and it is left to the old return value of
> the caller (__netif_receive_skb_core()) which is RX drop, so if
> the packet is consumed, caller will stop and return this value
> as if the packet was dropped.
> 
> Also, include set of patches to increase stability with connection tracking
> offload, including reduced cpu load and possible deadlock on cleanup.
> 
> Eric Dumazet (1):
>    netfilter: conntrack: annotate data-races around ct->timeout
> 
> Felix Fietkau (1):
>    netfilter: flowtable: fix excessive hw offload attempts after failure
> 
> Florian Westphal (2):
>    netfilter: conntrack: remove unneeded nf_ct_put
>    netfilter: conntrack: convert to refcount_t api
> 
> Pablo Neira Ayuso (4):
>    netfilter: flowtable: avoid possible false sharing
>    netfilter: nf_flowtable: expose nf_flow_table_gc_cleanup()
>    netfilter: flowtable: add function to invoke garbage collection
>      immediately
>    netfilter: flowtable: fix stuck flows on cleanup due to pending work
> 
> Paul Blakey (1):
>    net: Fix return value of qdisc ingress handling on success
> 
> Yinjun Zhang (1):
>    netfilter: flowtable: Make sure GC works periodically in idle system
> 
>   include/linux/netfilter/nf_conntrack_common.h |  8 +++---
>   include/net/netfilter/nf_conntrack.h          |  6 ++---
>   include/net/netfilter/nf_flow_table.h         |  5 ++++
>   net/core/dev.c                                |  4 +++
>   net/netfilter/nf_conntrack_core.c             | 39 +++++++++++++--------------
>   net/netfilter/nf_conntrack_expect.c           |  4 +--
>   net/netfilter/nf_conntrack_netlink.c          |  8 +++---
>   net/netfilter/nf_conntrack_standalone.c       |  4 +--
>   net/netfilter/nf_flow_table_core.c            | 38 ++++++++++++++++----------
>   net/netfilter/nf_flow_table_offload.c         |  8 ++++++
>   net/netfilter/nf_synproxy_core.c              |  1 -
>   net/netfilter/nft_ct.c                        |  4 +--
>   net/netfilter/xt_CT.c                         |  3 +--
>   net/openvswitch/conntrack.c                   |  1 -
>   net/sched/act_ct.c                            |  1 -
>   15 files changed, 77 insertions(+), 57 deletions(-)
> 

Patch 5 is missing the upstream SHA1. I suspect you neglected to use 
'-x' when cherry picking.

-- 
-----------
Tim Gardner
Canonical, Inc

More information about the kernel-team mailing list