git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Xin Long <lucien.xin@gmail.com>
	Sat, 8 Mar 2025 18:05:43 +0000 (13:05 -0500)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Sat, 22 Mar 2025 19:54:13 +0000 (12:54 -0700)
commit	9e79fdabd52cfce1a021640a81256878a2c516a2
tree	f86b9beab32ec9ae8a474a5b19fd8da6b41e9905	tree
parent	e6610f9c08b4c04cf7949c10fc246c071d00e935	commit \| diff

Revert "openvswitch: switch to per-action label counting in conntrack"

[ Upstream commit 1063ae07383c0ddc5bcce170260c143825846b03 ]

Currently, ovs_ct_set_labels() is only called for confirmed conntrack
entries (ct) within ovs_ct_commit(). However, if the conntrack entry
does not have the labels_ext extension, attempting to allocate it in
ovs_ct_get_conn_labels() for a confirmed entry triggers a warning in
nf_ct_ext_add():

WARN_ON(nf_ct_is_confirmed(ct));

This happens when the conntrack entry is created externally before OVS
increments net->ct.labels_used. The issue has become more likely since
commit fcb1aa5163b1 ("openvswitch: switch to per-action label counting
in conntrack"), which changed to use per-action label counting and
increment net->ct.labels_used when a flow with ct action is added.

Since there’s no straightforward way to fully resolve this issue at the
moment, this reverts the commit to avoid breaking existing use cases.

Fixes: fcb1aa5163b1 ("openvswitch: switch to per-action label counting in conntrack")
Reported-by: Jianbo Liu <jianbol@nvidia.com>
Signed-off-by: Xin Long <lucien.xin@gmail.com>
Acked-by: Aaron Conole <aconole@redhat.com>
Link: https://patch.msgid.link/1bdeb2f3a812bca016a225d3de714427b2cd4772.1741457143.git.lucien.xin@gmail.com
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>

net/openvswitch/conntrack.c		diff \| blob \| blame \| history
net/openvswitch/datapath.h		diff \| blob \| blame \| history