On 06/26/2018 05:29 PM, Cong Wang wrote: > On Tue, Jun 26, 2018 at 4:33 PM Flavio Leitner <fbl@xxxxxxxxxx> wrote: >> >> It is still isolated, the sk carries the netns info and it is >> orphaned when it re-enters the stack. > > Then what difference does your patch make? > > Before your patch: > veth orphans skb in its xmit > > After your patch: > RX orphans it when re-entering stack (as you claimed, I don't know) > > And for veth pair: > xmit from one side is RX for the other side > > So, where is the queueing? Where is the buffer bloat? GRO list?? > By re-entering the stack, Flavio probably meant storing this skb in a socket receive queue, or anything that should already modify skb->destructor (and thus call skb_orphan() before the modification) If skb sits in some qdisc, like fq on ipvlan master device, we do not want skb->sk to be scrubbed, just because ipvlan slave and master might be in different netns. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
