From: Eli Britstein <elibr@mellanox.com>
Date: Thu, 14 Mar 2019 14:41:40 +0000 (+0000)
Subject: net/mlx5e: Deny VLAN rewrite if there is no VLAN header match
X-Git-Url: http://git.cdn.openwrt.org/?a=commitdiff_plain;h=bf2f3bca1c5dee845e436d8af96ca3811f2aa2f9;p=openwrt%2Fstaging%2Fblogic.git

net/mlx5e: Deny VLAN rewrite if there is no VLAN header match

Rewrite of the packet in the VLAN offset may corrupt the packet if it's
not VLAN tagged. Deny the rewrite in this case.

Fixes: 37410902874c ("net/mlx5e: Support VLAN modify action")
Signed-off-by: Eli Britstein <elibr@mellanox.com>
Reviewed-by: Roi Dayan <roid@mellanox.com>
Signed-off-by: Saeed Mahameed <saeedm@mellanox.com>
---

diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c b/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c
index 81f8ac569a0e..3a0854fbcfd4 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c
@@ -2292,8 +2292,19 @@ static int add_vlan_rewrite_action(struct mlx5e_priv *priv, int namespace,
 		.mangle.mask = ~(u32)be16_to_cpu(*(__be16 *)&mask16),
 		.mangle.val = (u32)be16_to_cpu(*(__be16 *)&val16),
 	};
+	void *headers_c, *headers_v;
 	int err;
 
+	headers_c = get_match_headers_criteria(*action, &parse_attr->spec);
+	headers_v = get_match_headers_value(*action, &parse_attr->spec);
+
+	if (!(MLX5_GET(fte_match_set_lyr_2_4, headers_c, cvlan_tag) &&
+	      MLX5_GET(fte_match_set_lyr_2_4, headers_v, cvlan_tag))) {
+		NL_SET_ERR_MSG_MOD(extack,
+				   "VLAN rewrite action must have VLAN protocol match");
+		return -EOPNOTSUPP;
+	}
+
 	if (act->vlan.prio) {
 		NL_SET_ERR_MSG_MOD(extack, "Setting VLAN prio is not supported");
 		return -EOPNOTSUPP;