[SRU][F:linux-bluefield][PATCH V1 00/10] Increase stability with connection tracking offload

Bodong Wang bodong at nvidia.com
Mon Oct 31 20:33:20 UTC 2022 

Currently qdisc ingress handling (sch_handle_ingress()) doesn't
set a return value and it is left to the old return value of
the caller (__netif_receive_skb_core()) which is RX drop, so if
the packet is consumed, caller will stop and return this value
as if the packet was dropped.

Also, include set of patches to increase stability with connection tracking
offload, including reduced cpu load and possible deadlock on cleanup.

V0->V1:
Fix sha number for patch "netfilter: flowtable: Make sure GC works
periodically in idle system"

Eric Dumazet (1):
  netfilter: conntrack: annotate data-races around ct->timeout

Felix Fietkau (1):
  netfilter: flowtable: fix excessive hw offload attempts after failure

Florian Westphal (2):
  netfilter: conntrack: remove unneeded nf_ct_put
  netfilter: conntrack: convert to refcount_t api

Pablo Neira Ayuso (4):
  netfilter: flowtable: avoid possible false sharing
  netfilter: nf_flowtable: expose nf_flow_table_gc_cleanup()
  netfilter: flowtable: add function to invoke garbage collection
    immediately
  netfilter: flowtable: fix stuck flows on cleanup due to pending work

Paul Blakey (1):
  net: Fix return value of qdisc ingress handling on success

Yinjun Zhang (1):
  netfilter: flowtable: Make sure GC works periodically in idle system

 include/linux/netfilter/nf_conntrack_common.h |  8 +++---
 include/net/netfilter/nf_conntrack.h          |  6 ++---
 include/net/netfilter/nf_flow_table.h         |  5 ++++
 net/core/dev.c                                |  4 +++
 net/netfilter/nf_conntrack_core.c             | 39 +++++++++++++--------------
 net/netfilter/nf_conntrack_expect.c           |  4 +--
 net/netfilter/nf_conntrack_netlink.c          |  8 +++---
 net/netfilter/nf_conntrack_standalone.c       |  4 +--
 net/netfilter/nf_flow_table_core.c            | 38 ++++++++++++++++----------
 net/netfilter/nf_flow_table_offload.c         |  8 ++++++
 net/netfilter/nf_synproxy_core.c              |  1 -
 net/netfilter/nft_ct.c                        |  4 +--
 net/netfilter/xt_CT.c                         |  3 +--
 net/openvswitch/conntrack.c                   |  1 -
 net/sched/act_ct.c                            |  1 -
 15 files changed, 77 insertions(+), 57 deletions(-)

-- 
1.8.3.1

More information about the kernel-team mailing list