diff options
Diffstat (limited to 'src/vnet/classify')
| -rw-r--r-- | src/vnet/classify/classify.api | 15 | ||||
| -rw-r--r-- | src/vnet/classify/classify_api.c | 28 |
2 files changed, 36 insertions, 7 deletions
diff --git a/src/vnet/classify/classify.api b/src/vnet/classify/classify.api index 7320d5ffa90..c5e81fdd093 100644 --- a/src/vnet/classify/classify.api +++ b/src/vnet/classify/classify.api @@ -13,7 +13,7 @@ * limitations under the License. */ -option version = "1.0.0"; +option version = "2.0.0"; /** \brief Add/Delete classification table request @param client_index - opaque cookie to identify the sender @@ -37,7 +37,8 @@ option version = "1.0.0"; can be accessible by configuring current_data_offset to -14 if there is no vlan tag. This is valid only if current_data_flag is set to 1. - @param mask[] - match mask + @param mask_len - length of match mask, should be equal to match_n_vectors * sizeof (u32x4) + @param mask - match mask */ define classify_add_del_table { @@ -54,7 +55,8 @@ define classify_add_del_table u32 miss_next_index; u32 current_data_flag; i32 current_data_offset; - u8 mask[0]; + u32 mask_len; + u8 mask[mask_len]; }; /** \brief Add/Delete classification table response @@ -97,7 +99,9 @@ define classify_add_del_table_reply @param metadata - valid only if action != 0 VRF id if action is 1 or 2. sr policy index if action is 3. - @param match[] - for add, match value for session, required + @param match_len - length of match, should be equal to skip_n_vectors plus match_n_vectors + of target table times sizeof (u32x4) + @param match - for add, match value for session, required */ autoreply define classify_add_del_session { @@ -110,7 +114,8 @@ autoreply define classify_add_del_session i32 advance; u8 action; u32 metadata; - u8 match[0]; + u32 match_len; + u8 match[match_len]; }; /** \brief Set/unset policer classify interface diff --git a/src/vnet/classify/classify_api.c b/src/vnet/classify/classify_api.c index 2cf79f3875d..6397b10fbd6 100644 --- a/src/vnet/classify/classify_api.c +++ b/src/vnet/classify/classify_api.c @@ -72,7 +72,8 @@ _(match_n_vectors) \ _(next_table_index) \ _(miss_next_index) \ _(current_data_flag) \ -_(current_data_offset) +_(current_data_offset) \ +_(mask_len) static void vl_api_classify_add_del_table_t_handler (vl_api_classify_add_del_table_t * mp) @@ -90,6 +91,12 @@ static void vl_api_classify_add_del_table_t_handler foreach_classify_add_del_table_field; #undef _ + if (mask_len != match_n_vectors * sizeof (u32x4)) + { + rv = VNET_API_ERROR_INVALID_VALUE; + goto out; + } + /* The underlying API fails silently, on purpose, so check here */ if (mp->is_add == 0) /* delete */ { @@ -138,9 +145,10 @@ static void vl_api_classify_add_del_session_t_handler vnet_classify_main_t *cm = &vnet_classify_main; vl_api_classify_add_del_session_reply_t *rmp; int rv; - u32 table_index, hit_next_index, opaque_index, metadata; + u32 table_index, hit_next_index, opaque_index, metadata, match_len; i32 advance; u8 action; + vnet_classify_table_t *t; table_index = ntohl (mp->table_index); hit_next_index = ntohl (mp->hit_next_index); @@ -148,11 +156,27 @@ static void vl_api_classify_add_del_session_t_handler advance = ntohl (mp->advance); action = mp->action; metadata = ntohl (mp->metadata); + match_len = ntohl (mp->match_len); + + if (pool_is_free_index (cm->tables, table_index)) + { + rv = VNET_API_ERROR_NO_SUCH_TABLE; + goto out; + } + + t = pool_elt_at_index (cm->tables, table_index); + + if (match_len != (t->skip_n_vectors + t->match_n_vectors) * sizeof (u32x4)) + { + rv = VNET_API_ERROR_INVALID_VALUE; + goto out; + } rv = vnet_classify_add_del_session (cm, table_index, mp->match, hit_next_index, opaque_index, advance, action, metadata, mp->is_add); +out: REPLY_MACRO (VL_API_CLASSIFY_ADD_DEL_SESSION_REPLY); } |