lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 17 Mar 2020 19:47:16 -0700
From:   Saeed Mahameed <saeedm@...lanox.com>
To:     "David S. Miller" <davem@...emloft.net>
Cc:     netdev@...r.kernel.org, kuba@...nel.org,
        Roi Dayan <roid@...lanox.com>, Oz Shlomo <ozsh@...lanox.com>,
        Vlad Buslov <vladbu@...lanox.com>,
        Saeed Mahameed <saeedm@...lanox.com>
Subject: [net-next 08/14] net/mlx5e: Fix rejecting all egress rules not on vlan

From: Roi Dayan <roid@...lanox.com>

The original condition rejected all egress rules that
are not on tunnel device.
Also, the whole point of this egress reject was to disallow bad
rules because of egdev which doesn't exists today, so remove
this check entirely.

Fixes: 0a7fcb78cc21 ("net/mlx5e: Support inner header rewrite with goto action")
Signed-off-by: Roi Dayan <roid@...lanox.com>
Reviewed-by: Oz Shlomo <ozsh@...lanox.com>
Reviewed-by: Vlad Buslov <vladbu@...lanox.com>
Signed-off-by: Saeed Mahameed <saeedm@...lanox.com>
---
 drivers/net/ethernet/mellanox/mlx5/core/en_tc.c | 15 +--------------
 1 file changed, 1 insertion(+), 14 deletions(-)

diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c b/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c
index a2ff7df67b46..db1aee1d48e3 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c
@@ -3044,8 +3044,7 @@ static bool actions_match_supported(struct mlx5e_priv *priv,
 				    struct mlx5e_tc_flow *flow,
 				    struct netlink_ext_ack *extack)
 {
-	struct net_device *filter_dev = parse_attr->filter_dev;
-	bool drop_action, pop_action, ct_flow;
+	bool ct_flow;
 	u32 actions;
 
 	ct_flow = flow_flag_test(flow, CT);
@@ -3064,18 +3063,6 @@ static bool actions_match_supported(struct mlx5e_priv *priv,
 		actions = flow->nic_attr->action;
 	}
 
-	drop_action = actions & MLX5_FLOW_CONTEXT_ACTION_DROP;
-	pop_action = actions & MLX5_FLOW_CONTEXT_ACTION_VLAN_POP;
-
-	if (flow_flag_test(flow, EGRESS) && !drop_action) {
-		/* We only support filters on tunnel device, or on vlan
-		 * devices if they have pop/drop action
-		 */
-		if (!mlx5e_get_tc_tun(filter_dev) ||
-		    (is_vlan_dev(filter_dev) && !pop_action))
-			return false;
-	}
-
 	if (actions & MLX5_FLOW_CONTEXT_ACTION_MOD_HDR)
 		return modify_header_match_supported(&parse_attr->spec,
 						     flow_action, actions,
-- 
2.24.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ