Hi Kumar, On Sat, Sep 10, 2022 at 02:27:38AM +0200, Kumar Kartikeya Dwivedi wrote: > On Wed, 7 Sept 2022 at 18:41, Daniel Xu <dxu@xxxxxxxxx> wrote: > > > > Support direct writes to nf_conn:mark from TC and XDP prog types. This > > is useful when applications want to store per-connection metadata. This > > is also particularly useful for applications that run both bpf and > > iptables/nftables because the latter can trivially access this metadata. > > > > One example use case would be if a bpf prog is responsible for advanced > > packet classification and iptables/nftables is later used for routing > > due to pre-existing/legacy code. > > > > There are a couple of compile time warnings when conntrack is disabled, > > ../net/core/filter.c:8608:1: warning: symbol 'nf_conn_btf_access_lock' > was not declared. Should it be static? > ../net/core/filter.c:8611:5: warning: symbol 'nfct_bsa' was not > declared. Should it be static? > > Most likely because extern declaration is guarded by ifdefs. So just > moving those out of ifdef should work. > I guess you can send that as a follow up fix, or roll it in if you end > up respinning. Hmm, I don't see how filter.c ever #include's nf_conntrack_bpf.h. So you'd think that the warning would always be present regardless of CONFIG_NF_CONNTRACK setting. FWIW I can't reproduce the warning even with CONFIG_NF_CONNTRACK=n. Maybe the extern declarations should be in include/linux/filter.h anyways? Might be cleaner. WDYT? > Otherwise, for the series: > Acked-by: Kumar Kartikeya Dwivedi <memxor@xxxxxxxxx> Thanks! Daniel
