From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-9.7 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS, UNPARSEABLE_RELAY,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C6A42C2D0DB for ; Tue, 21 Jan 2020 16:17:16 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id A67AD2253D for ; Tue, 21 Jan 2020 16:17:16 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729372AbgAUQQ6 (ORCPT ); Tue, 21 Jan 2020 11:16:58 -0500 Received: from mail-il-dmz.mellanox.com ([193.47.165.129]:43513 "EHLO mellanox.co.il" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1729281AbgAUQQ5 (ORCPT ); Tue, 21 Jan 2020 11:16:57 -0500 Received: from Internal Mail-Server by MTLPINE1 (envelope-from paulb@mellanox.com) with ESMTPS (AES256-SHA encrypted); 21 Jan 2020 18:16:54 +0200 Received: from reg-r-vrt-019-120.mtr.labs.mlnx (reg-r-vrt-019-120.mtr.labs.mlnx [10.213.19.120]) by labmailer.mlnx (8.13.8/8.13.8) with ESMTP id 00LGGrX5008966; Tue, 21 Jan 2020 18:16:54 +0200 From: Paul Blakey To: Paul Blakey , Saeed Mahameed , Oz Shlomo , Jakub Kicinski , Vlad Buslov , David Miller , "netdev@vger.kernel.org" , Jiri Pirko Subject: [PATCH net-next-mlx5 10/13] net/mlx5e: Disallow inserting vxlan/vlan egress rules without decap/pop Date: Tue, 21 Jan 2020 18:16:19 +0200 Message-Id: <1579623382-6934-11-git-send-email-paulb@mellanox.com> X-Mailer: git-send-email 1.8.4.3 In-Reply-To: <1579623382-6934-1-git-send-email-paulb@mellanox.com> References: <1579623382-6934-1-git-send-email-paulb@mellanox.com> Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Currently, rules on tunnel devices can be offloaded without decap action when a vlan pop action exists. Similarly, the driver will offload rules on vlan interfaces with no pop action when a decap action exists. Disallow the faulty behavior by checking that vlan egress rules do pop or drop and vxlan egress rules do decap, as intended. Signed-off-by: Paul Blakey Reviewed-by: Oz Shlomo Reviewed-by: Mark Bloch --- drivers/net/ethernet/mellanox/mlx5/core/en_tc.c | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c b/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c index 71c4e78..af7c917 100644 --- a/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c +++ b/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c @@ -2636,6 +2636,8 @@ static bool actions_match_supported(struct mlx5e_priv *priv, struct mlx5e_tc_flow *flow, struct netlink_ext_ack *extack) { + struct net_device *filter_dev = parse_attr->filter_dev; + bool drop_action, decap_action, pop_action; u32 actions; if (mlx5e_is_eswitch_flow(flow)) @@ -2643,11 +2645,19 @@ static bool actions_match_supported(struct mlx5e_priv *priv, else actions = flow->nic_attr->action; - if (flow_flag_test(flow, EGRESS) && - !((actions & MLX5_FLOW_CONTEXT_ACTION_DECAP) || - (actions & MLX5_FLOW_CONTEXT_ACTION_VLAN_POP) || - (actions & MLX5_FLOW_CONTEXT_ACTION_DROP))) - return false; + drop_action = actions & MLX5_FLOW_CONTEXT_ACTION_DROP; + decap_action = actions & MLX5_FLOW_CONTEXT_ACTION_DECAP; + pop_action = actions & MLX5_FLOW_CONTEXT_ACTION_VLAN_POP; + + if (flow_flag_test(flow, EGRESS) && !drop_action) { + /* If no drop, we must decap (vxlan) or pop (vlan) */ + if (mlx5e_get_tc_tun(filter_dev) && !decap_action) + return false; + else if (is_vlan_dev(filter_dev) && !pop_action) + return false; + else + return false; /* Sanity */ + } if (actions & MLX5_FLOW_CONTEXT_ACTION_MOD_HDR) return modify_header_match_supported(&parse_attr->spec, -- 1.8.3.1