On Fri, 10 Apr 2026 14:12:59 +0100 Anatoly Burakov <[email protected]> wrote:
> Currently, each driver has their own code for action parsing, which results > in a lot of duplication and subtle mismatches in behavior between drivers. > > Add common infrastructure, based on the following assumptions: > > - All drivers support at most 4 actions at once, but usually less > - Not every action is supported by all drivers > - We can check a few common things to filter out obviously wrong actions > - Driver performs semantic checks on all valid actions > > So, the intention is to reject everything we can reasonably reject at the > outset without knowing anything about the drivers, parametrize what is > trivial to parametrize, and leave the rest for the driver to implement. > > Signed-off-by: Anatoly Burakov <[email protected]> > --- ---------------------------------------------------------------------- Patch 5/29: net/intel/common: add common flow action parsing ---------------------------------------------------------------------- Error: In __flow_action_check_rss(), the queue/queue_num consistency check has inverted logic: if ((q_num == 0) == (rss->queue == NULL)) { return rte_flow_error_set(error, ...); } This errors when q_num and queue are both absent or both present (the valid cases), and accepts when they are mismatched (the invalid cases). When q_num > 0 and queue == NULL passes this check, the subsequent contiguity loop dereferences rss->queue, which is a NULL pointer dereference. The key_len/key check immediately below correctly uses != for the same pattern. Fix: if ((q_num == 0) != (rss->queue == NULL)) { Warning: ci_flow_check_actions() returns -EINVAL at the end when parsed_actions->count is zero (all VOID actions), but does not call rte_flow_error_set(). Every other error path in that function sets the flow error. Callers may report a confusing empty error to the application.
