flow_offload: validate flags of filter and actions

Add process to validate flags of filter and actions when adding a tc filter. We need to prevent adding filter with flags conflicts with its actions. Signed-off-by: Baowen Zheng <baowen.zheng@corigine.com> Signed-off-by: Louis Peens <louis.peens@corigine.com> Signed-off-by: Simon Horman <simon.horman@corigine.com> Acked-by: Jamal Hadi Salim <jhs@mojatatu.com> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Baowen Zheng <baowen.zheng@corigine.com> 2021-12-17 21:16:28 +0300
committer: David S. Miller <davem@davemloft.net> 2021-12-19 17:08:48 +0300
commit: c86e0209dc7725c91583e3c0c78c3da6a28daeb4 (patch)
tree: c1898a794730eb8eaf572ada61f5367bf4021e42 /net/sched/cls_api.c
parent: 13926d19a11e303f12571df61b7bb64f17cb4561 (diff)
download: linux-c86e0209dc7725c91583e3c0c78c3da6a28daeb4.tar.xz
1 files changed, 14 insertions, 4 deletions
diff --git a/net/sched/cls_api.c b/net/sched/cls_api.c
index 353e1eed48be..e3e26d358c7f 100644
--- a/net/sched/cls_api.c
+++ b/net/sched/cls_api.c
@@ -3025,9 +3025,9 @@ void tcf_exts_destroy(struct tcf_exts *exts)
 }
 EXPORT_SYMBOL(tcf_exts_destroy);
 
-int tcf_exts_validate(struct net *net, struct tcf_proto *tp, struct nlattr **tb,
-		      struct nlattr *rate_tlv, struct tcf_exts *exts,
-		      u32 flags, struct netlink_ext_ack *extack)
+int tcf_exts_validate_ex(struct net *net, struct tcf_proto *tp, struct nlattr **tb,
+			 struct nlattr *rate_tlv, struct tcf_exts *exts,
+			 u32 flags, u32 fl_flags, struct netlink_ext_ack *extack)
 {
 #ifdef CONFIG_NET_CLS_ACT
 	{
@@ -3061,7 +3061,8 @@ int tcf_exts_validate(struct net *net, struct tcf_proto *tp, struct nlattr **tb,
 			flags |= TCA_ACT_FLAGS_BIND;
 			err = tcf_action_init(net, tp, tb[exts->action],
 					      rate_tlv, exts->actions, init_res,
-					      &attr_size, flags, extack);
+					      &attr_size, flags, fl_flags,
+					      extack);
 			if (err < 0)
 				return err;
 			exts->nr_actions = err;
@@ -3077,6 +3078,15 @@ int tcf_exts_validate(struct net *net, struct tcf_proto *tp, struct nlattr **tb,
 
 	return 0;
 }
+EXPORT_SYMBOL(tcf_exts_validate_ex);
+
+int tcf_exts_validate(struct net *net, struct tcf_proto *tp, struct nlattr **tb,
+		      struct nlattr *rate_tlv, struct tcf_exts *exts,
+		      u32 flags, struct netlink_ext_ack *extack)
+{
+	return tcf_exts_validate_ex(net, tp, tb, rate_tlv, exts,
+				    flags, 0, extack);
+}
 EXPORT_SYMBOL(tcf_exts_validate);
 
 void tcf_exts_change(struct tcf_exts *dst, struct tcf_exts *src)
author	Baowen Zheng <baowen.zheng@corigine.com>	2021-12-17 21:16:28 +0300
committer	David S. Miller <davem@davemloft.net>	2021-12-19 17:08:48 +0300
commit	c86e0209dc7725c91583e3c0c78c3da6a28daeb4 (patch)
tree	c1898a794730eb8eaf572ada61f5367bf4021e42 /net/sched/cls_api.c
parent	13926d19a11e303f12571df61b7bb64f17cb4561 (diff)
download	linux-c86e0209dc7725c91583e3c0c78c3da6a28daeb4.tar.xz