Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bpf: overlay: restore bpf_clear_meta() in from-overlay #30343

Merged
merged 1 commit into from
Jan 22, 2024
Merged

bpf: overlay: restore bpf_clear_meta() in from-overlay #30343

merged 1 commit into from
Jan 22, 2024

Conversation

julianwiedmann
Copy link
Member

Prior to 8ea31e0 ("bpf: Decapsulate traffic encapsulated with pod IPs") we were clearing the skb->cb on entry of from-overlay.

For hs-ipcache this wasn't possible anymore, as from-netdev manually strips the tunnel encap and transfers its content via skb->cb. But we should still clear the skb->cb when hs-ipcache is disabled, and thus avoid handling stale data.

Reported-by: Gray Lian gray.liang@isovalent.com

@julianwiedmann
bpf: overlay: restore bpf_clear_meta() in from-overlay
87f3718 
Prior to 8ea31e0 ("bpf: Decapsulate traffic encapsulated with pod IPs")
we were clearing the skb->cb on entry of from-overlay.

For hs-ipcache this wasn't possible anymore, as from-netdev manually strips
the tunnel encap and transfers its content via skb->cb. But we should still
clear the skb->cb when hs-ipcache is disabled, and thus avoid handling
stale data.

Reported-by: Gray Lian <gray.liang@isovalent.com>
Signed-off-by: Julian Wiedmann <jwi@isovalent.com>
@julianwiedmann julianwiedmann added kind/bug This is a bug in the Cilium logic. sig/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages. release-note/misc This PR makes changes that have no direct user impact. needs-backport/1.14 This PR / issue needs backporting to the v1.14 branch needs-backport/1.15 This PR / issue needs backporting to the v1.15 branch labels Jan 22, 2024
@julianwiedmann julianwiedmann requested a review from a team as a code owner January 22, 2024 08:02
@maintainer-s-little-helper maintainer-s-little-helper bot added this to Needs backport from main in v1.15.0-rc.1 Jan 22, 2024
@julianwiedmann julianwiedmann requested review from jschwinger233 and removed request for jibi January 22, 2024 08:02
@julianwiedmann
Copy link
Member Author

/test

jschwinger233
jschwinger233 approved these changes Jan 22, 2024
View reviewed changes
Copy link
Member

@jschwinger233 jschwinger233 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes! Thanks! A bit surprised this hasn't been realized until today. Several CI flakes on "north-south-loadbalancing/outside-to-nodeport" and "no-policies-extra/pod-to-remote-nodeport" can definitely be fixed by this.

@maintainer-s-little-helper maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Jan 22, 2024
@julianwiedmann julianwiedmann added this pull request to the merge queue Jan 22, 2024
@julianwiedmann
Copy link
Member Author

Yes! Thanks! A bit surprised this hasn't been realized until today. Several CI flakes on "north-south-loadbalancing/outside-to-nodeport" and "no-policies-extra/pod-to-remote-nodeport" can definitely be fixed by this.

ah, very cool :)

Merged via the queue into cilium:main with commit 1ab043d Jan 22, 2024
62 of 63 checks passed
@julianwiedmann julianwiedmann deleted the 1.16-bpf-overlay-meta branch January 22, 2024 10:23
@giorio94 giorio94 mentioned this pull request Jan 22, 2024
Merged
12 tasks
@giorio94 giorio94 added backport-pending/1.15 The backport for Cilium 1.15.x for this PR is in progress. and removed needs-backport/1.15 This PR / issue needs backporting to the v1.15 branch labels Jan 22, 2024
@maintainer-s-little-helper maintainer-s-little-helper bot moved this from Needs backport from main to Backport pending to v1.15 in v1.15.0-rc.1 Jan 22, 2024
@giorio94 giorio94 mentioned this pull request Jan 22, 2024
Merged
11 tasks
@giorio94 giorio94 added backport-pending/1.14 The backport for Cilium 1.14.x for this PR is in progress. and removed needs-backport/1.14 This PR / issue needs backporting to the v1.14 branch labels Jan 22, 2024
@github-actions github-actions bot added backport-done/1.14 The backport for Cilium 1.14.x for this PR is done. and removed backport-pending/1.14 The backport for Cilium 1.14.x for this PR is in progress. labels Jan 25, 2024
@giorio94 giorio94 added backport-done/1.15 The backport for Cilium 1.15.x for this PR is done. and removed backport-pending/1.15 The backport for Cilium 1.15.x for this PR is in progress. labels Jan 29, 2024
@maintainer-s-little-helper maintainer-s-little-helper bot moved this from Backport pending to v1.15 to Backport done to v1.15 in v1.15.0-rc.1 Jan 29, 2024
@michi-covalent michi-covalent mentioned this pull request Feb 13, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jschwinger233 jschwinger233 jschwinger233 approved these changes

Assignees
No one assigned
Labels
backport-done/1.14 The backport for Cilium 1.14.x for this PR is done. backport-done/1.15 The backport for Cilium 1.15.x for this PR is done. kind/bug This is a bug in the Cilium logic. ready-to-merge This PR has passed all tests and received consensus from code owners to merge. release-note/misc This PR makes changes that have no direct user impact. sig/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages.
Projects
No open projects
v1.15.0-rc.1
Backport done to v1.15
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@julianwiedmann @jschwinger233 @giorio94