Lines Matching refs:ct
64 struct nf_conn *ct; member
154 static u32 ovs_ct_get_mark(const struct nf_conn *ct) in ovs_ct_get_mark() argument
157 return ct ? READ_ONCE(ct->mark) : 0; in ovs_ct_get_mark()
168 static void ovs_ct_get_labels(const struct nf_conn *ct, in ovs_ct_get_labels() argument
171 struct nf_conn_labels *cl = ct ? nf_ct_labels_find(ct) : NULL; in ovs_ct_get_labels()
185 key->ct.orig_tp.src = htons(orig->dst.u.icmp.type); in __ovs_ct_update_key_orig_tp()
186 key->ct.orig_tp.dst = htons(orig->dst.u.icmp.code); in __ovs_ct_update_key_orig_tp()
188 key->ct.orig_tp.src = orig->src.u.all; in __ovs_ct_update_key_orig_tp()
189 key->ct.orig_tp.dst = orig->dst.u.all; in __ovs_ct_update_key_orig_tp()
195 const struct nf_conn *ct) in __ovs_ct_update_key() argument
199 key->ct.mark = ovs_ct_get_mark(ct); in __ovs_ct_update_key()
200 ovs_ct_get_labels(ct, &key->ct.labels); in __ovs_ct_update_key()
202 if (ct) { in __ovs_ct_update_key()
206 if (ct->master) in __ovs_ct_update_key()
207 ct = ct->master; in __ovs_ct_update_key()
208 orig = &ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple; in __ovs_ct_update_key()
212 nf_ct_l3num(ct) == NFPROTO_IPV4) { in __ovs_ct_update_key()
219 nf_ct_l3num(ct) == NFPROTO_IPV6) { in __ovs_ct_update_key()
244 struct nf_conn *ct; in ovs_ct_update_key() local
247 ct = nf_ct_get(skb, &ctinfo); in ovs_ct_update_key()
248 if (ct) { in ovs_ct_update_key()
251 if (!nf_ct_is_confirmed(ct)) in ovs_ct_update_key()
256 if (ct->master) in ovs_ct_update_key()
261 if (ct->status & IPS_SRC_NAT) in ovs_ct_update_key()
263 if (ct->status & IPS_DST_NAT) in ovs_ct_update_key()
266 zone = nf_ct_zone(ct); in ovs_ct_update_key()
272 __ovs_ct_update_key(key, state, zone, ct); in ovs_ct_update_key()
296 nla_put_u32(skb, OVS_KEY_ATTR_CT_MARK, output->ct.mark)) in ovs_ct_put_key()
300 nla_put(skb, OVS_KEY_ATTR_CT_LABELS, sizeof(output->ct.labels), in ovs_ct_put_key()
301 &output->ct.labels)) in ovs_ct_put_key()
311 orig.src_port = output->ct.orig_tp.src; in ovs_ct_put_key()
312 orig.dst_port = output->ct.orig_tp.dst; in ovs_ct_put_key()
326 orig.src_port = output->ct.orig_tp.src; in ovs_ct_put_key()
327 orig.dst_port = output->ct.orig_tp.dst; in ovs_ct_put_key()
339 static int ovs_ct_set_mark(struct nf_conn *ct, struct sw_flow_key *key, in ovs_ct_set_mark() argument
345 new_mark = ct_mark | (READ_ONCE(ct->mark) & ~(mask)); in ovs_ct_set_mark()
346 if (READ_ONCE(ct->mark) != new_mark) { in ovs_ct_set_mark()
347 WRITE_ONCE(ct->mark, new_mark); in ovs_ct_set_mark()
348 if (nf_ct_is_confirmed(ct)) in ovs_ct_set_mark()
349 nf_conntrack_event_cache(IPCT_MARK, ct); in ovs_ct_set_mark()
350 key->ct.mark = new_mark; in ovs_ct_set_mark()
359 static struct nf_conn_labels *ovs_ct_get_conn_labels(struct nf_conn *ct) in ovs_ct_get_conn_labels() argument
363 cl = nf_ct_labels_find(ct); in ovs_ct_get_conn_labels()
365 nf_ct_labels_ext_add(ct); in ovs_ct_get_conn_labels()
366 cl = nf_ct_labels_find(ct); in ovs_ct_get_conn_labels()
376 static int ovs_ct_init_labels(struct nf_conn *ct, struct sw_flow_key *key, in ovs_ct_init_labels() argument
384 master_cl = ct->master ? nf_ct_labels_find(ct->master) : NULL; in ovs_ct_init_labels()
389 cl = ovs_ct_get_conn_labels(ct); in ovs_ct_init_labels()
410 nf_conntrack_event_cache(IPCT_LABEL, ct); in ovs_ct_init_labels()
412 memcpy(&key->ct.labels, cl->bits, OVS_CT_LABELS_LEN); in ovs_ct_init_labels()
417 static int ovs_ct_set_labels(struct nf_conn *ct, struct sw_flow_key *key, in ovs_ct_set_labels() argument
424 cl = ovs_ct_get_conn_labels(ct); in ovs_ct_set_labels()
428 err = nf_connlabels_replace(ct, labels->ct_labels_32, in ovs_ct_set_labels()
434 memcpy(&key->ct.labels, cl->bits, OVS_CT_LABELS_LEN); in ovs_ct_set_labels()
463 const struct nf_conn *ct = nf_ct_tuplehash_to_ctrack(h); in ovs_ct_get_info() local
468 if (test_bit(IPS_SEEN_REPLY_BIT, &ct->status)) in ovs_ct_get_info()
470 if (test_bit(IPS_EXPECTED_BIT, &ct->status)) in ovs_ct_get_info()
490 struct nf_conn *ct; in ovs_ct_find_existing() local
514 ct = nf_ct_tuplehash_to_ctrack(h); in ovs_ct_find_existing()
521 h = &ct->tuplehash[!h->tuple.dst.dir]; in ovs_ct_find_existing()
523 nf_ct_set(skb, ct, ovs_ct_get_info(h)); in ovs_ct_find_existing()
524 return ct; in ovs_ct_find_existing()
534 struct nf_conn *ct = NULL; in ovs_ct_executed() local
547 ct = ovs_ct_find_existing(net, &info->zone, info->family, skb, in ovs_ct_executed()
552 return ct; in ovs_ct_executed()
562 struct nf_conn *ct; in skb_nfct_cached() local
565 ct = nf_ct_get(skb, &ctinfo); in skb_nfct_cached()
566 if (!ct) in skb_nfct_cached()
567 ct = ovs_ct_executed(net, key, info, skb, &ct_executed); in skb_nfct_cached()
569 if (ct) in skb_nfct_cached()
574 if (!net_eq(net, read_pnet(&ct->ct_net))) in skb_nfct_cached()
576 if (!nf_ct_zone_equal_any(info->ct, nf_ct_zone(ct))) in skb_nfct_cached()
581 help = nf_ct_ext_find(ct, NF_CT_EXT_HELPER); in skb_nfct_cached()
588 timeout_ext = nf_ct_timeout_find(ct); in skb_nfct_cached()
598 if (nf_ct_is_confirmed(ct)) in skb_nfct_cached()
599 nf_ct_delete(ct, 0, 0); in skb_nfct_cached()
601 nf_ct_put(ct); in skb_nfct_cached()
664 struct sk_buff *skb, struct nf_conn *ct, in ovs_ct_nat() argument
676 err = nf_ct_nat(skb, ct, ctinfo, &action, &info->range, info->commit); in ovs_ct_nat()
688 struct sk_buff *skb, struct nf_conn *ct, in ovs_ct_nat() argument
712 struct nf_conn *ct; in __ovs_ct_lookup() local
720 struct nf_conn *tmpl = info->ct; in __ovs_ct_lookup()
725 ct = nf_ct_get(skb, &ctinfo); in __ovs_ct_lookup()
726 nf_ct_put(ct); in __ovs_ct_lookup()
745 ct = nf_ct_get(skb, &ctinfo); in __ovs_ct_lookup()
746 if (ct) { in __ovs_ct_lookup()
760 (nf_ct_is_confirmed(ct) || info->commit) && in __ovs_ct_lookup()
761 ovs_ct_nat(net, key, info, skb, ct, ctinfo) != NF_ACCEPT) { in __ovs_ct_lookup()
771 if (!nf_ct_is_confirmed(ct) && info->commit && in __ovs_ct_lookup()
772 info->helper && !nfct_help(ct)) { in __ovs_ct_lookup()
773 int err = __nf_ct_try_assign_helper(ct, info->ct, in __ovs_ct_lookup()
780 if (info->nat && !nfct_seqadj(ct)) { in __ovs_ct_lookup()
781 if (!nfct_seqadj_ext_add(ct)) in __ovs_ct_lookup()
792 if ((nf_ct_is_confirmed(ct) ? !cached || add_helper : in __ovs_ct_lookup()
794 nf_ct_helper(skb, ct, ctinfo, info->family) != NF_ACCEPT) { in __ovs_ct_lookup()
798 if (nf_ct_protonum(ct) == IPPROTO_TCP && in __ovs_ct_lookup()
799 nf_ct_is_confirmed(ct) && nf_conntrack_tcp_established(ct)) { in __ovs_ct_lookup()
803 nf_ct_set_tcp_be_liberal(ct); in __ovs_ct_lookup()
806 nf_conn_act_ct_ext_fill(skb, ct, ctinfo); in __ovs_ct_lookup()
817 struct nf_conn *ct; in ovs_ct_lookup() local
824 ct = (struct nf_conn *)skb_nfct(skb); in ovs_ct_lookup()
825 if (ct) in ovs_ct_lookup()
826 nf_ct_deliver_cached_events(ct); in ovs_ct_lookup()
931 struct nf_conn *ct; in ovs_ct_commit() local
939 ct = nf_ct_get(skb, &ctinfo); in ovs_ct_commit()
940 if (!ct) in ovs_ct_commit()
945 if (!nf_ct_is_confirmed(ct)) { in ovs_ct_commit()
947 &ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple); in ovs_ct_commit()
966 struct nf_conntrack_ecache *cache = nf_ct_ecache_find(ct); in ovs_ct_commit()
977 err = ovs_ct_set_mark(ct, key, info->mark.value, in ovs_ct_commit()
982 if (!nf_ct_is_confirmed(ct)) { in ovs_ct_commit()
983 err = ovs_ct_init_labels(ct, key, &info->labels.value, in ovs_ct_commit()
988 nf_conn_act_ct_ext_add(ct); in ovs_ct_commit()
991 err = ovs_ct_set_labels(ct, key, &info->labels.value, in ovs_ct_commit()
1046 struct nf_conn *ct; in ovs_ct_clear() local
1048 ct = nf_ct_get(skb, &ctinfo); in ovs_ct_clear()
1050 nf_ct_put(ct); in ovs_ct_clear()
1374 ct_info.ct = nf_ct_tmpl_alloc(net, &ct_info.zone, GFP_KERNEL); in ovs_ct_copy_action()
1375 if (!ct_info.ct) { in ovs_ct_copy_action()
1381 if (nf_ct_set_timeout(net, ct_info.ct, family, key->ip.proto, in ovs_ct_copy_action()
1387 nf_ct_timeout_find(ct_info.ct)->timeout); in ovs_ct_copy_action()
1392 err = nf_ct_add_helper(ct_info.ct, helper, ct_info.family, in ovs_ct_copy_action()
1406 __set_bit(IPS_CONFIRMED_BIT, &ct_info.ct->status); in ovs_ct_copy_action()
1544 if (ct_info->ct) { in __ovs_ct_free_action()
1546 nf_ct_destroy_timeout(ct_info->ct); in __ovs_ct_free_action()
1547 nf_ct_tmpl_free(ct_info->ct); in __ovs_ct_free_action()