[ovs-dev] [PATCH branch-2.5 1/2] datapath: backport: Set mark and labels before confirming.

Jarno Rajahalme jarno at ovn.org
Wed Jul 6 07:35:24 UTC 2016 

Acked-by: Jarno Rajahalme <jarno at ovn.org>

> On Jul 1, 2016, at 11:37 AM, Pravin B Shelar <pshelar at ovn.org> wrote:
> 
> Upstream commit:
>    commit 1c1779fa54b2a9d4e1de990095d790d64b9e00a1
>    Author: Jarno Rajahalme <jarno at ovn.org>
>    Date:   Tue Jun 21 14:59:37 2016 -0700
> 
>    openvswitch: Set mark and labels before confirming.
> 
>    Set conntrack mark and labels right before committing so that
>    the initial conntrack NEW event has the mark and labels.
> 
>    Signed-off-by: Jarno Rajahalme <jarno at ovn.org>
>    Acked-by: Joe Stringer <joe at ovn.org>
>    Signed-off-by: David S. Miller <davem at davemloft.net>
> 
> Signed-off-by: Pravin B Shelar <pshelar at ovn.org>
> ---
> datapath/conntrack.c | 19 +++++++++++++++----
> 1 file changed, 15 insertions(+), 4 deletions(-)
> 
> diff --git a/datapath/conntrack.c b/datapath/conntrack.c
> index 795ed91..1ef6828 100644
> --- a/datapath/conntrack.c
> +++ b/datapath/conntrack.c
> @@ -484,9 +484,6 @@ static int ovs_ct_commit(struct net *net, struct sw_flow_key *key,
> 	err = __ovs_ct_lookup(net, key, info, skb);
> 	if (err)
> 		return err;
> -	if (nf_conntrack_confirm(skb) != NF_ACCEPT)
> -		return -EINVAL;
> -
> 	return 0;
> }
> 
> @@ -528,15 +525,29 @@ int ovs_ct_execute(struct net *net, struct sk_buff *skb,
> 	if (err)
> 		goto err;
> 
> +	/* Apply changes before confirming the connection so that the initial
> +	 * conntrack NEW netlink event carries the values given in the CT
> +	 * action.
> +	 */
> +
> 	if (info->mark.mask) {
> 		err = ovs_ct_set_mark(skb, key, info->mark.value,
> 				      info->mark.mask);
> 		if (err)
> 			goto err;
> 	}
> -	if (labels_nonzero(&info->labels.mask))
> +	if (labels_nonzero(&info->labels.mask)) {
> 		err = ovs_ct_set_labels(skb, key, &info->labels.value,
> 					&info->labels.mask);
> +		if (err)
> +			goto err;
> +	}
> +	/* This will take care of sending queued events even if the connection
> +	 * is already confirmed.
> +	 */
> +	if (info->commit && nf_conntrack_confirm(skb) != NF_ACCEPT)
> +		err = -EINVAL;
> +
> err:
> 	skb_push(skb, nh_ofs);
> 	if (err)
> -- 
> 1.8.3.1
> 
> _______________________________________________
> dev mailing list
> dev at openvswitch.org
> http://openvswitch.org/mailman/listinfo/dev

More information about the dev mailing list