Commit 0b8d953c authored by Wentao Jia's avatar Wentao Jia Committed by Jakub Kicinski
Browse files

nfp: flower: refactor function "is_post_ct_flow" 



'ct_clear' action only or no ct action is supported for 'post_ct_flow'.
But in scenario of multiple ct zones, one non 'ct_clear' ct action or
more ct actions, including 'ct_clear action', may be present in one flow
rule. If ct state match key is 'ct_established', the flow rule is still
expected to be classified as 'post_ct_flow'. Check ct status first in
function "is_post_ct_flow" to achieve this.

Signed-off-by: default avatarWentao Jia <wentao.jia@corigine.com>
Acked-by: default avatarSimon Horman <simon.horman@corigine.com>
Signed-off-by: default avatarLouis Peens <louis.peens@corigine.com>
Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
parent cee7b339

drivers/net/ethernet/netronome/nfp/flower/conntrack.c

+12 −13
Original line number Diff line number Diff line
@@ -94,6 +94,11 @@ bool is_post_ct_flow(struct flow_cls_offload *flow) 
	struct flow_match_ct ct;

	int i;



	if (dissector->used_keys & BIT(FLOW_DISSECTOR_KEY_CT)) {

		flow_rule_match_ct(rule, &ct);

		if (ct.key->ct_state & TCA_FLOWER_KEY_CT_FLAGS_ESTABLISHED)

			return true;

	} else {

		/* post ct entry cannot contains any ct action except ct_clear. */

		flow_action_for_each(i, act, &flow->rule->action) {

			if (act->id == FLOW_ACTION_CT) {
@@ -106,12 +111,6 @@ bool is_post_ct_flow(struct flow_cls_offload *flow) 
				return false;

			}

		}



	if (dissector->used_keys & BIT(FLOW_DISSECTOR_KEY_CT)) {

		flow_rule_match_ct(rule, &ct);

		if (ct.key->ct_state & TCA_FLOWER_KEY_CT_FLAGS_ESTABLISHED)

			return true;

	} else {

		/* when do nat with ct, the post ct entry ignore the ct status,

		 * will match the nat field(sip/dip) instead. In this situation,

		 * the flow chain index is not zero and contains ct clear action.