]> www.infradead.org Git - users/jedix/linux-maple.git/commit
projects / users / jedix / linux-maple.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 5f2f8d8) | patch
net/mlx5: HWS, Harden IP version definer checks
authorVlad Dogaru <vdogaru@nvidia.com>
Tue, 22 Apr 2025 09:25:39 +0000 (12:25 +0300)
committerJakub Kicinski <kuba@kernel.org>
Thu, 24 Apr 2025 01:48:11 +0000 (18:48 -0700)
commit6991a975e416154576b0f5f06256aec13e23b0a7
tree47cd623a5679f908dc128f405bbcb8c85e799032tree
parent5f2f8d8b6800e4fc760c2eccec9b2bd2cacf80cfcommit | diff
net/mlx5: HWS, Harden IP version definer checks

Replicate some sanity checks that firmware does, since hardware steering
does not go through firmware.

When creating a definer, disallow matching on IP addresses without also
matching on IP version. The latter can be satisfied by matching either
on the version field in the IP header, or on the ethertype field.

Also refuse to match IPv4 IHL alongside IPv6.

Signed-off-by: Vlad Dogaru <vdogaru@nvidia.com>
Reviewed-by: Yevgeny Kliteynik <kliteyn@nvidia.com>
Signed-off-by: Mark Bloch <mbloch@nvidia.com>
Link: https://patch.msgid.link/20250422092540.182091-3-mbloch@nvidia.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
drivers/net/ethernet/mellanox/mlx5/core/steering/hws/definer.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.