[PATCH net] net/sched: act_ct: Fix ct template allocation for zone 0

From: Ariel Levkovich <lariel@nvidia.com>
To: <netdev@vger.kernel.org>
Cc: <marcelo.leitner@gmail.com>, <paulb@nvidia.com>,
	<jiri@resnulli.us>, "Ariel Levkovich" <lariel@nvidia.com>
Subject: [PATCH net] net/sched: act_ct: Fix ct template allocation for zone 0
Date: Wed, 26 May 2021 20:01:10 +0300	[thread overview]
Message-ID: <20210526170110.54864-1-lariel@nvidia.com> (raw)

Fix current behavior of skipping template allocation in case the
ct action is in zone 0.

Skipping the allocation may cause the datapath ct code to ignore the
entire ct action with all its attributes (commit, nat) in case the ct
action in zone 0 was preceded by a ct clear action.

The ct clear action sets the ct_state to untracked and resets the
skb->_nfct pointer. Under these conditions and without an allocated
ct template, the skb->_nfct pointer will remain NULL which will
cause the tc ct action handler to exit without handling commit and nat
actions, if such exist.

For example, the following rule in OVS dp:
recirc_id(0x2),ct_state(+new-est-rel-rpl+trk),ct_label(0/0x1), \
in_port(eth0),actions:ct_clear,ct(commit,nat(src=10.11.0.12)), \
recirc(0x37a)

Will result in act_ct skipping the commit and nat actions in zone 0.

The change removes the skipping of template allocation for zone 0 and
treats it the same as any other zone.

Fixes: b57dc7c13ea9 ("net/sched: Introduce action ct")
Signed-off-by: Ariel Levkovich <lariel@nvidia.com>
---
 net/sched/act_ct.c | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/net/sched/act_ct.c b/net/sched/act_ct.c
index ec7a1c438df9..dfdfb677e6a9 100644
--- a/net/sched/act_ct.c
+++ b/net/sched/act_ct.c
@@ -1202,9 +1202,6 @@ static int tcf_ct_fill_params(struct net *net,
 				   sizeof(p->zone));
 	}
 
-	if (p->zone == NF_CT_DEFAULT_ZONE_ID)
-		return 0;
-
 	nf_ct_zone_init(&zone, p->zone, NF_CT_DEFAULT_ZONE_DIR, 0);
 	tmpl = nf_ct_tmpl_alloc(net, &zone, GFP_KERNEL);
 	if (!tmpl) {
-- 
2.25.2

