diff options
| author | Nir Dotan <nird@mellanox.com> | 2018-08-09 10:59:07 +0200 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2018-08-09 19:36:10 +0200 |
| commit | 903fcf734f468afb5a3f153f870f58e4c1d5e525 (patch) | |
| tree | a03797ce9fd5546ef90c77d339767df3134d8940 | |
| parent | Merge branch 'mlx5-next' (diff) | |
| download | linux-903fcf734f468afb5a3f153f870f58e4c1d5e525.tar.xz linux-903fcf734f468afb5a3f153f870f58e4c1d5e525.zip | |
mlxsw: spectrum_flower: Disallow usage of vlan_id key on egress
As recent spectrum FW imposes a limitation on using vlan_id key for
egress ACL, disallow the usage of that key accordingly and return a
proper extack message.
Signed-off-by: Nir Dotan <nird@mellanox.com>
Reviewed-by: Jiri Pirko <jiri@mellanox.com>
Signed-off-by: Ido Schimmel <idosch@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
| -rw-r--r-- | drivers/net/ethernet/mellanox/mlxsw/spectrum.h | 1 | ||||
| -rw-r--r-- | drivers/net/ethernet/mellanox/mlxsw/spectrum_acl.c | 11 | ||||
| -rw-r--r-- | drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c | 5 |
3 files changed, 17 insertions, 0 deletions
diff --git a/drivers/net/ethernet/mellanox/mlxsw/spectrum.h b/drivers/net/ethernet/mellanox/mlxsw/spectrum.h index 13eca1a79d52..0e02cfeba70d 100644 --- a/drivers/net/ethernet/mellanox/mlxsw/spectrum.h +++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum.h @@ -538,6 +538,7 @@ int mlxsw_sp_acl_block_unbind(struct mlxsw_sp *mlxsw_sp, struct mlxsw_sp_acl_block *block, struct mlxsw_sp_port *mlxsw_sp_port, bool ingress); +bool mlxsw_sp_acl_block_is_egress_bound(struct mlxsw_sp_acl_block *block); struct mlxsw_sp_acl_ruleset * mlxsw_sp_acl_ruleset_lookup(struct mlxsw_sp *mlxsw_sp, struct mlxsw_sp_acl_block *block, u32 chain_index, diff --git a/drivers/net/ethernet/mellanox/mlxsw/spectrum_acl.c b/drivers/net/ethernet/mellanox/mlxsw/spectrum_acl.c index 6a38763ad261..87f7433b004a 100644 --- a/drivers/net/ethernet/mellanox/mlxsw/spectrum_acl.c +++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum_acl.c @@ -158,6 +158,17 @@ bool mlxsw_sp_acl_block_disabled(struct mlxsw_sp_acl_block *block) return block->disable_count; } +bool mlxsw_sp_acl_block_is_egress_bound(struct mlxsw_sp_acl_block *block) +{ + struct mlxsw_sp_acl_block_binding *binding; + + list_for_each_entry(binding, &block->binding_list, list) { + if (!binding->ingress) + return true; + } + return false; +} + static bool mlxsw_sp_acl_ruleset_is_singular(const struct mlxsw_sp_acl_ruleset *ruleset) { diff --git a/drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c b/drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c index 8213cb7190fa..8f3e0066dd53 100644 --- a/drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c +++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum_flower.c @@ -386,6 +386,11 @@ static int mlxsw_sp_flower_parse(struct mlxsw_sp *mlxsw_sp, skb_flow_dissector_target(f->dissector, FLOW_DISSECTOR_KEY_VLAN, f->mask); + + if (mlxsw_sp_acl_block_is_egress_bound(block)) { + NL_SET_ERR_MSG_MOD(f->common.extack, "vlan_id key is not supported on egress"); + return -EOPNOTSUPP; + } if (mask->vlan_id != 0) mlxsw_sp_acl_rulei_keymask_u32(rulei, MLXSW_AFK_ELEMENT_VID, |