Re: [Intel-wired-lan] [PATCH net-next 5/5] ice: flower: validate encapsulation control flags
From: Marcin Szycik
Date: Mon Jun 10 2024 - 05:07:32 EST
On 09.06.2024 19:33, Asbjørn Sloth Tønnesen wrote:
> Encapsulation control flags are currently not used anywhere,
> so all flags are currently unsupported by all drivers.
>
> This patch adds validation of this assumption, so that
> encapsulation flags may be used in the future.
>
> In case any encapsulation control flags are masked,
> flow_rule_match_has_enc_control_flags() sets a NL extended
> error message, and we return -EOPNOTSUPP.
>
> Only compile tested.
Reviewed-by: Marcin Szycik <marcin.szycik@xxxxxxxxxxxxxxx>
> Signed-off-by: Asbjørn Sloth Tønnesen <ast@xxxxxxxxxxx>
> ---
> drivers/net/ethernet/intel/ice/ice_tc_lib.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/drivers/net/ethernet/intel/ice/ice_tc_lib.c b/drivers/net/ethernet/intel/ice/ice_tc_lib.c
> index 8bd24b33f3a67..e6923f8121a99 100644
> --- a/drivers/net/ethernet/intel/ice/ice_tc_lib.c
> +++ b/drivers/net/ethernet/intel/ice/ice_tc_lib.c
> @@ -1353,6 +1353,7 @@ ice_parse_tunnel_attr(struct net_device *dev, struct flow_rule *rule,
> struct ice_tc_flower_fltr *fltr)
> {
> struct ice_tc_flower_lyr_2_4_hdrs *headers = &fltr->outer_headers;
> + struct netlink_ext_ack *extack = fltr->extack;
> struct flow_match_control enc_control;
>
> fltr->tunnel_type = ice_tc_tun_get_type(dev);
> @@ -1373,6 +1374,9 @@ ice_parse_tunnel_attr(struct net_device *dev, struct flow_rule *rule,
>
> flow_rule_match_enc_control(rule, &enc_control);
>
> + if (flow_rule_has_enc_control_flags(enc_control.mask->flags, extack))
> + return -EOPNOTSUPP;
> +
> if (enc_control.key->addr_type == FLOW_DISSECTOR_KEY_IPV4_ADDRS) {
> struct flow_match_ipv4_addrs match;
>