Commit b2430304 authored by Ido Schimmel's avatar Ido Schimmel Committed by David S. Miller
Browse files

mlxsw: spectrum_matchall: Perform priority checks earlier 



Perform the priority check earlier in the function instead of repeating
it for every action. This fixes a bug that allowed matchall rules with
sample action to be added in front of flower rules on egress.

Fixes: 54d0e963 ("mlxsw: spectrum_matchall: Add support for egress sampling")
Signed-off-by: default avatarIdo Schimmel <idosch@nvidia.com>
Reviewed-by: default avatarJiri Pirko <jiri@nvidia.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 50401f29

drivers/net/ethernet/mellanox/mlxsw/spectrum_matchall.c

+13 −18
Original line number Diff line number Diff line
@@ -250,10 +250,6 @@ int mlxsw_sp_mall_replace(struct mlxsw_sp *mlxsw_sp, 
	mall_entry->priority = f->common.prio;

	mall_entry->ingress = mlxsw_sp_flow_block_is_ingress_bound(block);



	act = &f->rule->action.entries[0];



	switch (act->id) {

	case FLOW_ACTION_MIRRED:

	if (flower_prio_valid && mall_entry->ingress &&

	    mall_entry->priority >= flower_min_prio) {

		NL_SET_ERR_MSG(f->common.extack, "Failed to add behind existing flower rules");
@@ -266,16 +262,15 @@ int mlxsw_sp_mall_replace(struct mlxsw_sp *mlxsw_sp, 
		err = -EOPNOTSUPP;

		goto errout;

	}



	act = &f->rule->action.entries[0];



	switch (act->id) {

	case FLOW_ACTION_MIRRED:

		mall_entry->type = MLXSW_SP_MALL_ACTION_TYPE_MIRROR;

		mall_entry->mirror.to_dev = act->dev;

		break;

	case FLOW_ACTION_SAMPLE:

		if (flower_prio_valid &&

		    mall_entry->priority >= flower_min_prio) {

			NL_SET_ERR_MSG(f->common.extack, "Failed to add behind existing flower rules");

			err = -EOPNOTSUPP;

			goto errout;

		}

		mall_entry->type = MLXSW_SP_MALL_ACTION_TYPE_SAMPLE;

		mall_entry->sample.params.psample_group = act->sample.psample_group;

		mall_entry->sample.params.truncate = act->sample.truncate;