From: Hyong Youb Kim <hyonkim@cisco.com>
To: Ferruh Yigit <ferruh.yigit@intel.com>
Cc: dev@dpdk.org, John Daley <johndale@cisco.com>,
Hyong Youb Kim <hyonkim@cisco.com>,
stable@dpdk.org
Subject: [PATCH 03/15] net/enic: fix SCTP match for flow API
Date: Wed, 27 Feb 2019 23:03:05 -0800 [thread overview]
Message-ID: <20190228070317.17002-4-hyonkim@cisco.com> (raw)
In-Reply-To: <20190228070317.17002-1-hyonkim@cisco.com>
The driver needs to explicitly set the protocol number (132) in the IP
header pattern, as the current firmware filter API lacks "match SCTP
packet" flag. Otherwise, the resulting NIC filter may lead to false
positives (i.e. NIC reporting non-SCTP packets as SCTP packets). The
flow director handler does the same (enic_clsf.c).
Fixes: 6ced137607d0 ("net/enic: flow API for NICs with advanced filters enabled")
Cc: stable@dpdk.org
Signed-off-by: Hyong Youb Kim <hyonkim@cisco.com>
Reviewed-by: John Daley <johndale@cisco.com>
---
drivers/net/enic/enic_flow.c | 28 ++++++++++++++++++++++++++--
1 file changed, 26 insertions(+), 2 deletions(-)
diff --git a/drivers/net/enic/enic_flow.c b/drivers/net/enic/enic_flow.c
index bb9ed037a..55d8d50a1 100644
--- a/drivers/net/enic/enic_flow.c
+++ b/drivers/net/enic/enic_flow.c
@@ -70,7 +70,6 @@ static enic_copy_item_fn enic_copy_item_ipv6_v2;
static enic_copy_item_fn enic_copy_item_udp_v2;
static enic_copy_item_fn enic_copy_item_tcp_v2;
static enic_copy_item_fn enic_copy_item_sctp_v2;
-static enic_copy_item_fn enic_copy_item_sctp_v2;
static enic_copy_item_fn enic_copy_item_vxlan_v2;
static copy_action_fn enic_copy_action_v1;
static copy_action_fn enic_copy_action_v2;
@@ -237,7 +236,7 @@ static const struct enic_items enic_items_v3[] = {
},
[RTE_FLOW_ITEM_TYPE_SCTP] = {
.copy_item = enic_copy_item_sctp_v2,
- .valid_start_item = 1,
+ .valid_start_item = 0,
.prev_items = (const enum rte_flow_item_type[]) {
RTE_FLOW_ITEM_TYPE_IPV4,
RTE_FLOW_ITEM_TYPE_IPV6,
@@ -819,12 +818,37 @@ enic_copy_item_sctp_v2(const struct rte_flow_item *item,
const struct rte_flow_item_sctp *spec = item->spec;
const struct rte_flow_item_sctp *mask = item->mask;
struct filter_generic_1 *gp = &enic_filter->u.generic_1;
+ uint8_t *ip_proto_mask = NULL;
+ uint8_t *ip_proto = NULL;
FLOW_TRACE();
if (*inner_ofst)
return ENOTSUP;
+ /*
+ * The NIC filter API has no flags for "match sctp", so explicitly set
+ * the protocol number in the IP pattern.
+ */
+ if (gp->val_flags & FILTER_GENERIC_1_IPV4) {
+ struct ipv4_hdr *ip;
+ ip = (struct ipv4_hdr *)gp->layer[FILTER_GENERIC_1_L3].mask;
+ ip_proto_mask = &ip->next_proto_id;
+ ip = (struct ipv4_hdr *)gp->layer[FILTER_GENERIC_1_L3].val;
+ ip_proto = &ip->next_proto_id;
+ } else if (gp->val_flags & FILTER_GENERIC_1_IPV6) {
+ struct ipv6_hdr *ip;
+ ip = (struct ipv6_hdr *)gp->layer[FILTER_GENERIC_1_L3].mask;
+ ip_proto_mask = &ip->proto;
+ ip = (struct ipv6_hdr *)gp->layer[FILTER_GENERIC_1_L3].val;
+ ip_proto = &ip->proto;
+ } else {
+ /* Need IPv4/IPv6 pattern first */
+ return EINVAL;
+ }
+ *ip_proto = IPPROTO_SCTP;
+ *ip_proto_mask = 0xff;
+
/* Match all if no spec */
if (!spec)
return 0;
--
2.16.2
next prev parent reply other threads:[~2019-02-28 7:03 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-28 7:03 [PATCH 00/15] net/enic: 19.05 updates Hyong Youb Kim
2019-02-28 7:03 ` [PATCH 01/15] net/enic: remove unused code Hyong Youb Kim
2019-02-28 7:03 ` [PATCH 02/15] net/enic: fix flow director SCTP matching Hyong Youb Kim
2019-02-28 7:03 ` Hyong Youb Kim [this message]
2019-02-28 7:03 ` [PATCH 04/15] net/enic: allow flow mark ID 0 Hyong Youb Kim
2019-02-28 7:03 ` [PATCH 05/15] net/enic: check for unsupported flow item types Hyong Youb Kim
2019-02-28 7:03 ` [PATCH 06/15] net/enic: enable limited RSS flow action Hyong Youb Kim
2019-02-28 7:03 ` [PATCH 07/15] net/enic: enable limited PASSTHRU " Hyong Youb Kim
2019-02-28 7:03 ` [PATCH 08/15] net/enic: move arguments into struct Hyong Youb Kim
2019-02-28 7:03 ` [PATCH 09/15] net/enic: enable limited support for RAW flow item Hyong Youb Kim
2019-02-28 7:03 ` [PATCH 10/15] net/enic: initialize VXLAN port regardless of overlay offload Hyong Youb Kim
2019-02-28 7:03 ` [PATCH 11/15] net/enic: fix a couple issues with VXLAN match Hyong Youb Kim
2019-02-28 7:03 ` [PATCH 12/15] net/enic: fix an endian bug in VLAN match Hyong Youb Kim
2019-02-28 7:03 ` [PATCH 13/15] net/enic: fix several issues with inner packet matching Hyong Youb Kim
2019-02-28 7:03 ` [PATCH 14/15] doc: update enic guide Hyong Youb Kim
2019-02-28 7:03 ` [PATCH 15/15] doc: update release notes for enic Hyong Youb Kim
2019-03-01 14:26 ` [PATCH 00/15] net/enic: 19.05 updates Thomas Monjalon
2019-03-01 14:56 ` Hyong Youb Kim
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190228070317.17002-4-hyonkim@cisco.com \
--to=hyonkim@cisco.com \
--cc=dev@dpdk.org \
--cc=ferruh.yigit@intel.com \
--cc=johndale@cisco.com \
--cc=stable@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.