From patchwork Thu Oct 27 14:42:59 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steen Hegelund X-Patchwork-Id: 13022231 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 583FDFA3740 for ; Thu, 27 Oct 2022 14:45:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-ID:Date:Subject:CC:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=JoeeMpjybHMLBLz29dDoiBpP5il8o0h6CUZp81jJnGI=; b=S6HUF+U1RfB6gk QDqCOPk7/EmoZ17VkqyiwwUpaBlGe/GTw7fKiluuws9SA3BqDHiQ2Tvg6BtzrM3BZ+rT+wd9XN/6e 5/6FlL+wwuKWUhdwr/aGS1RHUcJDE55ywb8fSCiLQZTD7Q00DPKEGwcMWIIsQ1qH98t9keqMwcTVH QhU4291cdzkeyRujBsm030HQXD9i8IiyGOf7VjhR0NxdZLVWj7yaE94QcWYQ1pNc3WuYdMrZHqxZk 9+MVp9y4LrT/A1VOA9dv6MFBVzCsDGM3SMwehN+DVnNlf5TUCX88F6RGVUGlsAGWSfh7SexANxfiG sQo/43xn4tpB4YqhZFTA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1oo473-00Dq4T-Kp; Thu, 27 Oct 2022 14:44:05 +0000 Received: from esa.microchip.iphmx.com ([68.232.153.233]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1oo46V-00Dpqc-Ru for linux-arm-kernel@lists.infradead.org; Thu, 27 Oct 2022 14:43:33 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=microchip.com; i=@microchip.com; q=dns/txt; s=mchp; t=1666881811; x=1698417811; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=ra82adO9Ytf2Ct9J6Xvwy+xgtwmL2sMtcOWSaz42kuw=; b=U3OiC6VZdY6+eAsHo0KuuLtsqjyTxlchSpG1RcTNeCthGKHnvt25oMql d0/NsoGLEEmCgGRZbzVhHwHBVgDiK7s7OHyHT66bXuKldJE7oWis8BTYo 7N7cG1uue1NpecMkrqkc+wrFTmmgpbjONdS06C/QMp4xgf8/YqDD+x0ma IeH+DEkSc3OXvp1+CrPMaSqB2LpGtQN2bD8i7JLfi+UJANMDbr6f+WZjG KHCYzq2xEz1sUGk8Il/+lDQBVt++WOBws2nvYBJDM2JnsImuoZ8SbYiBx 9+Qj5gyg0U+yIQ/H6IpnR2KmoG9IQc9Txt42q9+aMbSG0ce2rWb55Wq7W A==; X-IronPort-AV: E=Sophos;i="5.95,217,1661842800"; d="scan'208";a="197302498" Received: from unknown (HELO email.microchip.com) ([170.129.1.10]) by esa1.microchip.iphmx.com with ESMTP/TLS/AES256-SHA256; 27 Oct 2022 07:43:31 -0700 Received: from chn-vm-ex03.mchp-main.com (10.10.85.151) by chn-vm-ex03.mchp-main.com (10.10.85.151) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.12; Thu, 27 Oct 2022 07:43:30 -0700 Received: from den-dk-m31857.microchip.com (10.10.115.15) by chn-vm-ex03.mchp-main.com (10.10.85.151) with Microsoft SMTP Server id 15.1.2507.12 via Frontend Transport; Thu, 27 Oct 2022 07:43:27 -0700 From: Steen Hegelund To: "David S . Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni CC: Steen Hegelund , , Randy Dunlap , "Casper Andersson" , Russell King , Wan Jiabing , "Nathan Huckleberry" , , , , "Daniel Machon" , Horatiu Vultur , Lars Povlsen Subject: [PATCH net-next 4/5] net: microchip: sparx5: Let VCAP API validate added key- and actionfields Date: Thu, 27 Oct 2022 16:42:59 +0200 Message-ID: <20221027144300.2936955-5-steen.hegelund@microchip.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20221027144300.2936955-1-steen.hegelund@microchip.com> References: <20221027144300.2936955-1-steen.hegelund@microchip.com> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20221027_074331_928279_9C83B268 X-CRM114-Status: GOOD ( 16.50 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org Add support for validating keyfields and actionfields when they are added to a VCAP rule. We need to ensure that the field is not already present and that the field is in the key- or actionset, if the client has added a key- or actionset to the rule at this point. Signed-off-by: Steen Hegelund --- .../net/ethernet/microchip/vcap/vcap_api.c | 103 +++++++++++++++++- 1 file changed, 101 insertions(+), 2 deletions(-) diff --git a/drivers/net/ethernet/microchip/vcap/vcap_api.c b/drivers/net/ethernet/microchip/vcap/vcap_api.c index 9e67ea814768..69ee34bb392a 100644 --- a/drivers/net/ethernet/microchip/vcap/vcap_api.c +++ b/drivers/net/ethernet/microchip/vcap/vcap_api.c @@ -737,6 +737,13 @@ const char *vcap_keyfield_name(struct vcap_control *vctrl, } EXPORT_SYMBOL_GPL(vcap_keyfield_name); +/* map action field id to a string with the action name */ +static const char *vcap_actionfield_name(struct vcap_control *vctrl, + enum vcap_action_field action) +{ + return vctrl->stats->actionfield_names[action]; +} + /* Return the keyfield that matches a key in a keyset */ static const struct vcap_field * vcap_find_keyset_keyfield(struct vcap_control *vctrl, @@ -1109,14 +1116,60 @@ static void vcap_copy_from_client_keyfield(struct vcap_rule *rule, memcpy(&field->data, data, sizeof(field->data)); } +/* Check if the keyfield is already in the rule */ +static bool vcap_keyfield_unique(struct vcap_rule *rule, + enum vcap_key_field key) +{ + struct vcap_rule_internal *ri = to_intrule(rule); + const struct vcap_client_keyfield *ckf; + + list_for_each_entry(ckf, &ri->data.keyfields, ctrl.list) + if (ckf->ctrl.key == key) + return false; + return true; +} + +/* Check if the keyfield is in the keyset */ +static bool vcap_keyfield_match_keyset(struct vcap_rule *rule, + enum vcap_key_field key) +{ + struct vcap_rule_internal *ri = to_intrule(rule); + enum vcap_keyfield_set keyset = rule->keyset; + enum vcap_type vt = ri->admin->vtype; + const struct vcap_field *fields; + + /* the field is accepted if the rule has no keyset yet */ + if (keyset == VCAP_KFS_NO_VALUE) + return true; + fields = vcap_keyfields(ri->vctrl, vt, keyset); + if (!fields) + return false; + /* if there is a width there is a way */ + return fields[key].width > 0; +} + static int vcap_rule_add_key(struct vcap_rule *rule, enum vcap_key_field key, enum vcap_field_type ftype, struct vcap_client_keyfield_data *data) { + struct vcap_rule_internal *ri = to_intrule(rule); struct vcap_client_keyfield *field; - /* More validation will be added here later */ + if (!vcap_keyfield_unique(rule, key)) { + pr_warn("%s:%d: keyfield %s is already in the rule\n", + __func__, __LINE__, + vcap_keyfield_name(ri->vctrl, key)); + return -EINVAL; + } + + if (!vcap_keyfield_match_keyset(rule, key)) { + pr_err("%s:%d: keyfield %s does not belong in the rule keyset\n", + __func__, __LINE__, + vcap_keyfield_name(ri->vctrl, key)); + return -EINVAL; + } + field = kzalloc(sizeof(*field), GFP_KERNEL); if (!field) return -ENOMEM; @@ -1209,14 +1262,60 @@ static void vcap_copy_from_client_actionfield(struct vcap_rule *rule, memcpy(&field->data, data, sizeof(field->data)); } +/* Check if the actionfield is already in the rule */ +static bool vcap_actionfield_unique(struct vcap_rule *rule, + enum vcap_action_field act) +{ + struct vcap_rule_internal *ri = to_intrule(rule); + const struct vcap_client_actionfield *caf; + + list_for_each_entry(caf, &ri->data.actionfields, ctrl.list) + if (caf->ctrl.action == act) + return false; + return true; +} + +/* Check if the actionfield is in the actionset */ +static bool vcap_actionfield_match_actionset(struct vcap_rule *rule, + enum vcap_action_field action) +{ + enum vcap_actionfield_set actionset = rule->actionset; + struct vcap_rule_internal *ri = to_intrule(rule); + enum vcap_type vt = ri->admin->vtype; + const struct vcap_field *fields; + + /* the field is accepted if the rule has no actionset yet */ + if (actionset == VCAP_AFS_NO_VALUE) + return true; + fields = vcap_actionfields(ri->vctrl, vt, actionset); + if (!fields) + return false; + /* if there is a width there is a way */ + return fields[action].width > 0; +} + static int vcap_rule_add_action(struct vcap_rule *rule, enum vcap_action_field action, enum vcap_field_type ftype, struct vcap_client_actionfield_data *data) { + struct vcap_rule_internal *ri = to_intrule(rule); struct vcap_client_actionfield *field; - /* More validation will be added here later */ + if (!vcap_actionfield_unique(rule, action)) { + pr_warn("%s:%d: actionfield %s is already in the rule\n", + __func__, __LINE__, + vcap_actionfield_name(ri->vctrl, action)); + return -EINVAL; + } + + if (!vcap_actionfield_match_actionset(rule, action)) { + pr_err("%s:%d: actionfield %s does not belong in the rule actionset\n", + __func__, __LINE__, + vcap_actionfield_name(ri->vctrl, action)); + return -EINVAL; + } + field = kzalloc(sizeof(*field), GFP_KERNEL); if (!field) return -ENOMEM;