Commit 7079676d authored by Jiri Pirko's avatar Jiri Pirko Committed by David S. Miller

mlxsw: spectrum_flower: Forbid to offload match on reserved TCP flags bits

Matching on reserved TCP flags bits is only supported using custom
parser. Since the usecase for that is not known now, just forbid to
offload rules that match on these bits.
Reported-by: default avatarAlex Kushnarov <alexanderk@mellanox.com>
Signed-off-by: default avatarJiri Pirko <jiri@mellanox.com>
Signed-off-by: default avatarIdo Schimmel <idosch@mellanox.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent c9588e28
...@@ -267,6 +267,12 @@ static int mlxsw_sp_flower_parse_tcp(struct mlxsw_sp *mlxsw_sp, ...@@ -267,6 +267,12 @@ static int mlxsw_sp_flower_parse_tcp(struct mlxsw_sp *mlxsw_sp,
flow_rule_match_tcp(rule, &match); flow_rule_match_tcp(rule, &match);
if (match.mask->flags & htons(0x0E00)) {
NL_SET_ERR_MSG_MOD(f->common.extack, "TCP flags match not supported on reserved bits");
dev_err(mlxsw_sp->bus_info->dev, "TCP flags match not supported on reserved bits\n");
return -EINVAL;
}
mlxsw_sp_acl_rulei_keymask_u32(rulei, MLXSW_AFK_ELEMENT_TCP_FLAGS, mlxsw_sp_acl_rulei_keymask_u32(rulei, MLXSW_AFK_ELEMENT_TCP_FLAGS,
ntohs(match.key->flags), ntohs(match.key->flags),
ntohs(match.mask->flags)); ntohs(match.mask->flags));
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment