From patchwork Tue Feb 23 07:11:55 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: wenxu <wenxu@ucloud.cn>
X-Patchwork-Id: 386587
Return-Path: <netdev-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
 aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-16.7 required=3.0 tests=BAYES_00,
 HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH,
 MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED,
 USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
 by smtp.lore.kernel.org (Postfix) with ESMTP id A9C7BC433E0
 for <netdev@archiver.kernel.org>;
 Tue, 23 Feb 2021 07:13:08 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
 by mail.kernel.org (Postfix) with ESMTP id 6D66864E31
 for <netdev@archiver.kernel.org>;
 Tue, 23 Feb 2021 07:13:08 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
 id S231740AbhBWHNH (ORCPT <rfc822;netdev@archiver.kernel.org>);
 Tue, 23 Feb 2021 02:13:07 -0500
Received: from m97179.mail.qiye.163.com ([220.181.97.179]:61527 "EHLO
 m97179.mail.qiye.163.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
 with ESMTP id S231517AbhBWHND (ORCPT
 <rfc822;netdev@vger.kernel.org>); Tue, 23 Feb 2021 02:13:03 -0500
Received: from localhost.localdomain (unknown [123.59.132.129])
 by m97179.mail.qiye.163.com (Hmail) with ESMTPA id 7557EE02A91;
 Tue, 23 Feb 2021 15:11:55 +0800 (CST)
From: wenxu@ucloud.cn
To: kuba@kernel.org, mleitner@redhat.com
Cc: netdev@vger.kernel.org, jhs@mojatatu.com
Subject: [PATCH net-next v2] net/sched: cls_flower: validate ct_state for
 invalid and reply flags
Date: Tue, 23 Feb 2021 15:11:55 +0800
Message-Id: <1614064315-364-1-git-send-email-wenxu@ucloud.cn>
X-Mailer: git-send-email 1.8.3.1
X-HM-Spam-Status: e1kfGhgUHx5ZQUtXWQgYFAkeWUFZS1VLWVdZKFlBSUI3V1ktWUFJV1kPCR
 oVCBIfWUFZGksdHU1DSU1LHk1OVkpNSk9LTU9ISk5OTUJVGRETFhoSFyQUDg9ZV1kWGg8SFR0UWU
 FZT0tIVUpKS0JITVVLWQY+
X-HM-Sender-Digest: e1kMHhlZQR0aFwgeV1kSHx4VD1lBWUc6OhA6Igw6TT0zKT43LEg1HQw3
 ETMKCxhVSlVKTUpPS01PSEpOTElJVTMWGhIXVQweFQMOOw4YFxQOH1UYFUVZV1kSC1lBWUpJSFVO
 QlVKSElVSklCWVdZCAFZQUpMSko3Bg++
X-HM-Tid: 0a77cdbaec7520bdkuqy7557ee02a91
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

From: wenxu <wenxu@ucloud.cn>

Add invalid and reply flags validate in the fl_validate_ct_state.
This makes the checking complete if compared to ovs'
validate_ct_state().

Signed-off-by: wenxu <wenxu@ucloud.cn>
---
 net/sched/cls_flower.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/net/sched/cls_flower.c b/net/sched/cls_flower.c
index 2409e52..18430db 100644
--- a/net/sched/cls_flower.c
+++ b/net/sched/cls_flower.c
@@ -1417,6 +1417,21 @@ static int fl_validate_ct_state(u16 state, struct nlattr *tb,
 		return -EINVAL;
 	}
 
+	if (state & TCA_FLOWER_KEY_CT_FLAGS_INVALID &&
+	    state & ~(TCA_FLOWER_KEY_CT_FLAGS_TRACKED |
+		      TCA_FLOWER_KEY_CT_FLAGS_INVALID)) {
+		NL_SET_ERR_MSG_ATTR(extack, tb,
+				    "when inv is set, only trk may be set");
+		return -EINVAL;
+	}
+
+	if (state & TCA_FLOWER_KEY_CT_FLAGS_NEW &&
+	    state & TCA_FLOWER_KEY_CT_FLAGS_REPLY) {
+		NL_SET_ERR_MSG_ATTR(extack, tb,
+				    "new and rpl are mutually exclusive");
+		return -EINVAL;
+	}
+
 	return 0;
 }