Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[ upstream commit 4445a0f ] Inner packet matching is currently buggy in many cases. 1. Mishandling null spec ("match any"). The copy_item functions do nothing if spec is null. This is incorrect, as all patterns should be appended to the L5 pattern buffer even for null spec (treated as all zeros). 2. Accessing null spec causing segfault. 3. Not setting protocol fields. The NIC filter API currently has no flags for "match inner IPv4, IPv6, UDP, TCP, and so on". So, the driver needs to explicitly set EtherType and IP protocol fields in the L5 pattern buffer to avoid false positives (e.g. reporting IPv6 as IPv4). Instead of keep adding "if inner, do something differently" cases to the existing copy_item functions, introduce separate functions for inner packet patterns and address the above issues in those functions. The changes to the previous outer-packet copy_item functions are mechanical, due to reduced indentation. Fixes: 6ced137 ("net/enic: flow API for NICs with advanced filters enabled") Signed-off-by: Hyong Youb Kim <hyonkim@cisco.com>
- Loading branch information
1 parent
d6b635a
commit 858ffc6