mlxsw: spectrum_flower: Forbid to offload match on reserved TCP flags bits

Matching on reserved TCP flags bits is only supported using custom parser. Since the usecase for that is not known now, just forbid to offload rules that match on these bits. Reported-by: N Alex Kushnarov <alexanderk@mellanox.com> Signed-off-by: N Jiri Pirko <jiri@mellanox.com> Signed-off-by: N Ido Schimmel <idosch@mellanox.com> Signed-off-by: N David S. Miller <davem@davemloft.net>

mlxsw: spectrum_flower: Forbid to offload match on reserved TCP flags bits
Matching on reserved TCP flags bits is only supported using custom parser. Since the usecase for that is not known now, just forbid to offload rules that match on these bits. Reported-by: N Alex Kushnarov <alexanderk@mellanox.com> Signed-off-by: N Jiri Pirko <jiri@mellanox.com> Signed-off-by: N Ido Schimmel <idosch@mellanox.com> Signed-off-by: N David S. Miller <davem@davemloft.net>
7079676d · Jiri Pirko · David S. Miller · c9588e28 · 7079676d
隐藏空白更改
内联并排

Showing with 6 addition and 0 deletion

drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c +6 -0

未找到文件。
--- a/drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c
+++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c
@@ -267,6 +267,12 @@ static int mlxsw_sp_flower_parse_tcp(struct mlxsw_sp *mlxsw_sp,

 	flow_rule_match_tcp(rule, &match);

+	if (match.mask->flags & htons(0x0E00)) {
+		NL_SET_ERR_MSG_MOD(f->common.extack, "TCP flags match not supported on reserved bits");
+		dev_err(mlxsw_sp->bus_info->dev, "TCP flags match not supported on reserved bits\n");
+		return -EINVAL;
+	}
+
 	mlxsw_sp_acl_rulei_keymask_u32(rulei, MLXSW_AFK_ELEMENT_TCP_FLAGS,
 				       ntohs(match.key->flags),
 				       ntohs(match.mask->flags));