kernel: port upstream nft_flow_offload changes to xt_FLOWOFFLOAD and fix routing...
[librecmc/librecmc.git] / target / linux / generic / pending-4.14 / 645-netfilter-nf_flow_table-rework-hardware-offload-time.patch
1 From: Felix Fietkau <nbd@nbd.name>
2 Date: Sun, 25 Mar 2018 21:10:55 +0200
3 Subject: [PATCH] netfilter: nf_flow_table: rework hardware offload timeout
4  handling
5
6 Some offload implementations send keepalive packets + explicit
7 notifications of TCP FIN/RST packets. In this case it is more convenient
8 to simply let the driver update flow->timeout handling and use the
9 regular flow offload gc step.
10
11 For drivers that manage their own lifetime, a separate flag can be set
12 to avoid gc timeouts.
13
14 Signed-off-by: Felix Fietkau <nbd@nbd.name>
15 ---
16
17 --- a/include/net/netfilter/nf_flow_table.h
18 +++ b/include/net/netfilter/nf_flow_table.h
19 @@ -76,6 +76,7 @@ struct flow_offload_tuple_rhash {
20  #define FLOW_OFFLOAD_DYING     0x4
21  #define FLOW_OFFLOAD_TEARDOWN  0x8
22  #define FLOW_OFFLOAD_HW                0x10
23 +#define FLOW_OFFLOAD_KEEP      0x20
24  
25  struct flow_offload {
26         struct flow_offload_tuple_rhash         tuplehash[FLOW_OFFLOAD_DIR_MAX];
27 --- a/net/netfilter/nf_flow_table_core.c
28 +++ b/net/netfilter/nf_flow_table_core.c
29 @@ -359,7 +359,7 @@ static int nf_flow_offload_gc_step(struc
30                 if (!teardown)
31                         nf_ct_offload_timeout(flow);
32  
33 -               if (nf_flow_in_hw(flow) && !teardown)
34 +               if ((flow->flags & FLOW_OFFLOAD_KEEP) && !teardown)
35                         continue;
36  
37                 if (nf_flow_has_expired(flow) || teardown)