On 11/26/21 7:36 AM, Nicolas Dichtel wrote:
> After the below patch, the conntrack attached to skb is set to "notrack" in
> the context of vrf device, for locally generated packets.
> But this is true only when the default qdisc is set to the vrf device. When
> changing the qdisc, notrack is not set anymore.
> In fact, there is a shortcut in the vrf driver, when the default qdisc is
> set, see commit dcdd43c41e60 ("net: vrf: performance improvements for
> IPv4") for more details.
>
> This patch ensures that the behavior is always the same, whatever the qdisc
> is.
>
> To demonstrate the difference, a new test is added in conntrack_vrf.sh.
>
> Fixes: 8c9c296adfae ("vrf: run conntrack only in context of lower/physdev for locally generated packets")
> Signed-off-by: Nicolas Dichtel <nicolas.dichtel@xxxxxxxxx>
> ---
> drivers/net/vrf.c | 8 ++---
> .../selftests/netfilter/conntrack_vrf.sh | 30 ++++++++++++++++---
> 2 files changed, 30 insertions(+), 8 deletions(-)
>
Good catch. Thanks, Nicolas.
Reviewed-by: David Ahern <dsahern@xxxxxxxxxx>
