On Wed, 7 Sept 2022 at 18:41, Daniel Xu <dxu@xxxxxxxxx> wrote: > > Support direct writes to nf_conn:mark from TC and XDP prog types. This > is useful when applications want to store per-connection metadata. This > is also particularly useful for applications that run both bpf and > iptables/nftables because the latter can trivially access this metadata. > > One example use case would be if a bpf prog is responsible for advanced > packet classification and iptables/nftables is later used for routing > due to pre-existing/legacy code. > There are a couple of compile time warnings when conntrack is disabled, ../net/core/filter.c:8608:1: warning: symbol 'nf_conn_btf_access_lock' was not declared. Should it be static? ../net/core/filter.c:8611:5: warning: symbol 'nfct_bsa' was not declared. Should it be static? Most likely because extern declaration is guarded by ifdefs. So just moving those out of ifdef should work. I guess you can send that as a follow up fix, or roll it in if you end up respinning. Otherwise, for the series: Acked-by: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx>
