[PATCH] net/mlx5: fix non-template sample action validation

[PATCH] net/mlx5: fix non-template sample action validation

[Gregory Etelson]

The patch validates that sample actions include terminal action

Fixes: d986f04d6529 ("net/mlx5: add functions for non-template flow sample")

Signed-off-by: Gregory Etelson <getelson@nvidia.com>
---
 drivers/net/mlx5/mlx5_flow.h       |  3 +++
 drivers/net/mlx5/mlx5_flow_hw.c    |  4 ---
 drivers/net/mlx5/mlx5_nta_sample.c | 43 +++++++++++++++++++++++++++++-
 3 files changed, 45 insertions(+), 5 deletions(-)

diff --git a/drivers/net/mlx5/mlx5_flow.h b/drivers/net/mlx5/mlx5_flow.h
index 146d547f72..d4f4d5a8ef 100644
--- a/drivers/net/mlx5/mlx5_flow.h
+++ b/drivers/net/mlx5/mlx5_flow.h
@@ -21,6 +21,9 @@
 #include "hws/mlx5dr.h"
 #include "mlx5_tx.h"
 
+#define MLX5_HW_PORT_IS_PROXY(priv) \
+	(!!((priv)->sh->esw_mode && (priv)->master))
+
 /* E-Switch Manager port, used for rte_flow_item_port_id. */
 #define MLX5_PORT_ESW_MGR UINT32_MAX
 
diff --git a/drivers/net/mlx5/mlx5_flow_hw.c b/drivers/net/mlx5/mlx5_flow_hw.c
index ff68483a40..2d80c99c18 100644
--- a/drivers/net/mlx5/mlx5_flow_hw.c
+++ b/drivers/net/mlx5/mlx5_flow_hw.c
@@ -62,10 +62,6 @@ static struct rte_flow_fp_ops mlx5_flow_hw_fp_ops;
 #define MLX5_HW_VLAN_PUSH_VID_IDX 1
 #define MLX5_HW_VLAN_PUSH_PCP_IDX 2
 
-#define MLX5_HW_PORT_IS_PROXY(priv) \
-	(!!((priv)->sh->esw_mode && (priv)->master))
-
-
 struct mlx5_indlst_legacy {
 	struct mlx5_indirect_list indirect;
 	struct rte_flow_action_handle *handle;
diff --git a/drivers/net/mlx5/mlx5_nta_sample.c b/drivers/net/mlx5/mlx5_nta_sample.c
index 938108cf4c..0b7b3d0c8e 100644
--- a/drivers/net/mlx5/mlx5_nta_sample.c
+++ b/drivers/net/mlx5/mlx5_nta_sample.c
@@ -525,6 +525,42 @@ validate_prefix_actions(const struct rte_flow_action *actions)
 	return i < MLX5_HW_MAX_ACTS - 1;
 }
 
+static bool
+validate_sample_terminal_actions(const struct rte_eth_dev *dev,
+				 const struct rte_flow_attr *flow_attr,
+				 const struct rte_flow_action *actions)
+{
+	uint32_t i;
+	const struct mlx5_priv *priv = dev->data->dev_private;
+	const struct rte_flow_action_ethdev *port = NULL;
+	bool is_proxy = MLX5_HW_PORT_IS_PROXY(priv);
+	const struct rte_flow_action *a = NULL;
+
+	for (i = 0; actions[i].type != RTE_FLOW_ACTION_TYPE_END; i++) {
+		if (actions[i].type != RTE_FLOW_ACTION_TYPE_VOID)
+			a = &actions[i];
+	}
+	if (a == NULL)
+		return false;
+	switch (a->type) {
+	case RTE_FLOW_ACTION_TYPE_JUMP:
+	case RTE_FLOW_ACTION_TYPE_QUEUE:
+	case RTE_FLOW_ACTION_TYPE_DROP:
+	case RTE_FLOW_ACTION_TYPE_REPRESENTED_PORT:
+		return true;
+	case RTE_FLOW_ACTION_TYPE_PORT_REPRESENTOR:
+		if (!is_proxy || !flow_attr->transfer)
+			return false;
+		port = a->conf;
+		if (!port || port->port_id != MLX5_REPRESENTED_PORT_ESW_MGR)
+			return false;
+		return true;
+	default:
+		break;
+	}
+	return false;
+}
+
 static void
 action_append(struct rte_flow_action *actions, const struct rte_flow_action *last)
 {
@@ -829,10 +865,15 @@ mlx5_nta_sample_flow_list_create(struct rte_eth_dev *dev,
 	}
 	mlx5_nta_parse_sample_actions(actions, &sample, prefix_actions, suffix_actions);
 	if (!validate_prefix_actions(prefix_actions)) {
-		rte_flow_error_set(error, -EINVAL, RTE_FLOW_ERROR_TYPE_ACTION,
+		rte_flow_error_set(error, EINVAL, RTE_FLOW_ERROR_TYPE_ACTION,
 				   NULL, "Too many actions");
 		return NULL;
 	}
+	if (!validate_sample_terminal_actions(dev, attr, sample)) {
+		rte_flow_error_set(error, EINVAL, RTE_FLOW_ERROR_TYPE_ACTION,
+				   NULL, "Invalid sample actions");
+		return NULL;
+	}
 	sample_conf = (const struct rte_flow_action_sample *)sample->conf;
 	sample_actions = (struct rte_flow_action *)(uintptr_t)sample_conf->actions;
 	mirror_entry = mlx5_create_nta_mirror(dev, attr, sample_actions,
-- 
2.51.0