tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

ovs: allow nl 'flow set' to use ufid without flow key

When we want to change a flow using netlink, we have to identify it to
be able to perform a lookup. Both the flow key and unique flow ID
(ufid) are valid identifiers, but we always have to specify the flow
key in the netlink message. When both attributes are there, the ufid
is used. The flow key is used to validate the actions provided by
the userland.

This commit allows to use the ufid without having to provide the flow
key, as it is already done in the netlink 'flow get' and 'flow del'
path. The flow key remains mandatory when an action is provided.

Signed-off-by: Samuel Gauthier <samuel.gauthier@6wind.com>
Reviewed-by: Simon Horman <simon.horman@netronome.com>
Acked-by: Pravin B Shelar <pshelar@ovn.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

Samuel Gauthier and committed by
David S. Miller 6f15cdbf 6bdaa5e9

+17 -11
+17 -11
net/openvswitch/datapath.c
··· 1096 1096 struct sw_flow_match match; 1097 1097 struct sw_flow_id sfid; 1098 1098 u32 ufid_flags = ovs_nla_get_ufid_flags(a[OVS_FLOW_ATTR_UFID_FLAGS]); 1099 - int error; 1099 + int error = 0; 1100 1100 bool log = !a[OVS_FLOW_ATTR_PROBE]; 1101 1101 bool ufid_present; 1102 1102 1103 - /* Extract key. */ 1104 - error = -EINVAL; 1105 - if (!a[OVS_FLOW_ATTR_KEY]) { 1106 - OVS_NLERR(log, "Flow key attribute not present in set flow."); 1107 - goto error; 1108 - } 1109 - 1110 1103 ufid_present = ovs_nla_get_ufid(&sfid, a[OVS_FLOW_ATTR_UFID], log); 1111 - ovs_match_init(&match, &key, &mask); 1112 - error = ovs_nla_get_match(net, &match, a[OVS_FLOW_ATTR_KEY], 1113 - a[OVS_FLOW_ATTR_MASK], log); 1104 + if (a[OVS_FLOW_ATTR_KEY]) { 1105 + ovs_match_init(&match, &key, &mask); 1106 + error = ovs_nla_get_match(net, &match, a[OVS_FLOW_ATTR_KEY], 1107 + a[OVS_FLOW_ATTR_MASK], log); 1108 + } else if (!ufid_present) { 1109 + OVS_NLERR(log, 1110 + "Flow set message rejected, Key attribute missing."); 1111 + error = -EINVAL; 1112 + } 1114 1113 if (error) 1115 1114 goto error; 1116 1115 1117 1116 /* Validate actions. */ 1118 1117 if (a[OVS_FLOW_ATTR_ACTIONS]) { 1118 + if (!a[OVS_FLOW_ATTR_KEY]) { 1119 + OVS_NLERR(log, 1120 + "Flow key attribute not present in set flow."); 1121 + error = -EINVAL; 1122 + goto error; 1123 + } 1124 + 1119 1125 acts = get_flow_actions(net, a[OVS_FLOW_ATTR_ACTIONS], &key, 1120 1126 &mask, log); 1121 1127 if (IS_ERR(acts)) {