On Fri, Oct 7, 2011 at 1:03 PM, Pravin B Shelar <[email protected]> wrote:
> diff --git a/datapath/actions.c b/datapath/actions.c
> index 945c461..f619e43 100644
> --- a/datapath/actions.c
> +++ b/datapath/actions.c
> @@ -295,6 +310,12 @@ static int do_execute_actions(struct datapath *dp,
> struct sk_buff *skb,
>
> for (a = attr, rem = len; rem > 0;
> a = nla_next(a, &rem)) {
> + const struct ovs_key_8021q *q_key;
> + const struct ovs_key_tcp *tcp_port_key;
> + const struct ovs_key_udp *udp_port_key;
> + const struct ovs_key_ipv4 *ipv4_key;
> + const struct ovs_key_ethernet *eth_key;
Can we move the key extraction into the various functions instead of
doing it all here?
> diff --git a/datapath/datapath.c b/datapath/datapath.c
> index 07188ad..001f6f4 100644
> --- a/datapath/datapath.c
> +++ b/datapath/datapath.c
> -static int validate_actions(const struct nlattr *attr, int depth)
> +static int validate_actions(const struct nlattr *attr,
> + const struct sw_flow_key *key, int depth)
> {
[...]
> + case OVS_ACT_TYPE(OVS_ACTION_ATTR_SET, OVS_KEY_ATTR_UDP):
> + if (nla_len(a) != sizeof(struct ovs_key_udp))
> + return -EINVAL;
> + if (key->ip.proto != IPPROTO_UDP)
> + return -EINVAL;
You need to validate that the TCP/UDP headers are actually present,
this simply checks that the IP header indicates that there should be
an L4 header.
Otherwise, the same comments here that I made in the userspace version
of the validation function.
> @@ -635,9 +659,6 @@ static int ovs_packet_cmd_execute(struct sk_buff *skb,
> struct genl_info *info)
> nla_len(a[OVS_PACKET_ATTR_PACKET]) < ETH_HLEN)
> goto err;
>
> - err = validate_actions(a[OVS_PACKET_ATTR_ACTIONS], 0);
> - if (err)
> - goto err;
>
> len = nla_len(a[OVS_PACKET_ATTR_PACKET]);
> packet = __dev_alloc_skb(NET_IP_ALIGN + len, GFP_KERNEL);
Double blank line here.
_______________________________________________
dev mailing list
[email protected]
http://openvswitch.org/mailman/listinfo/dev
