From patchwork Mon Feb 22 06:09:50 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: wenxu X-Patchwork-Id: 12097925 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-16.7 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 93379C433DB for ; Mon, 22 Feb 2021 06:10:56 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 4750664DD3 for ; Mon, 22 Feb 2021 06:10:56 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229907AbhBVGKz (ORCPT ); Mon, 22 Feb 2021 01:10:55 -0500 Received: from m97179.mail.qiye.163.com ([220.181.97.179]:25180 "EHLO m97179.mail.qiye.163.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229532AbhBVGKu (ORCPT ); Mon, 22 Feb 2021 01:10:50 -0500 Received: from localhost.localdomain (unknown [123.59.132.129]) by m97179.mail.qiye.163.com (Hmail) with ESMTPA id 1D546E0284E; Mon, 22 Feb 2021 14:09:51 +0800 (CST) From: wenxu@ucloud.cn To: kuba@kernel.org, mleitner@redhat.com Cc: netdev@vger.kernel.org, jhs@mojatatu.com Subject: [PATCH net-next] net/sched: cls_flower: validate ct_state for invalid and reply flags Date: Mon, 22 Feb 2021 14:09:50 +0800 Message-Id: <1613974190-12108-1-git-send-email-wenxu@ucloud.cn> X-Mailer: git-send-email 1.8.3.1 X-HM-Spam-Status: e1kfGhgUHx5ZQUtXWQgYFAkeWUFZS1VLWVdZKFlBSUI3V1ktWUFJV1kPCR oVCBIfWUFZSRkdSB1NS0hLGExJVkpNSkhCTE9KQkpJS0lVGRETFhoSFyQUDg9ZV1kWGg8SFR0UWU FZT0tIVUpKS0JITVVLWQY+ X-HM-Sender-Digest: e1kMHhlZQR0aFwgeV1kSHx4VD1lBWUc6Myo6GBw6Gj02IT9LPCwwNDUe E1FPCy9VSlVKTUpIQkxPSkJKT01JVTMWGhIXVQweFQMOOw4YFxQOH1UYFUVZV1kSC1lBWUpJSFVO QlVKSElVSklCWVdZCAFZQUpNSE83Bg++ X-HM-Tid: 0a77c85bbc2720bdkuqy1d546e0284e Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org From: wenxu Add invalid and reply flags validate in the fl_validate_ct_state. Signed-off-by: wenxu --- net/sched/cls_flower.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/net/sched/cls_flower.c b/net/sched/cls_flower.c index 2409e52..18430db 100644 --- a/net/sched/cls_flower.c +++ b/net/sched/cls_flower.c @@ -1417,6 +1417,21 @@ static int fl_validate_ct_state(u16 state, struct nlattr *tb, return -EINVAL; } + if (state & TCA_FLOWER_KEY_CT_FLAGS_INVALID && + state & ~(TCA_FLOWER_KEY_CT_FLAGS_TRACKED | + TCA_FLOWER_KEY_CT_FLAGS_INVALID)) { + NL_SET_ERR_MSG_ATTR(extack, tb, + "when inv is set, only trk also be set"); + return -EINVAL; + } + + if (state & TCA_FLOWER_KEY_CT_FLAGS_NEW && + state & TCA_FLOWER_KEY_CT_FLAGS_REPLY) { + NL_SET_ERR_MSG_ATTR(extack, tb, + "new and rpl are mutually exclusive"); + return -EINVAL; + } + return 0; }