On Thu, 2018-05-31 at 23:21 +0200, Ondřej Hlavatý wrote: > The previous code was optimistic, accepting the offload of whole > action > chain when there was a single known action (drop/redirect). This > results > in offloading a rule which should not be offloaded, because its > behavior > cannot be reproduced in the hardware. > > For example: > > $ tc filter add dev eno1 parent ffff: protocol ip \ > u32 ht 800: order 1 match tcp src 42 FFFF \ > action mirred egress mirror dev enp1s16 pipe \ > drop > > The controller is unable to mirror the packet to a VF, but still > offloads the rule by dropping the packet. > > Change the approach of the function to a pessimistic one, rejecting > the > chain when an unknown action is found. This is better suited for > future > extensions. > > Note that both recognized actions always return TC_ACT_SHOT, > therefore > it is safe to ignore actions behind them. > > Signed-off-by: Ondřej Hlavatý <ohlav...@redhat.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirs...@intel.com> Note- I am having our validation move to testing with GCC 8.1.1 or later so that we can catch warnings like Dave found in the future. Dave- Please go ahead and pick this up.
signature.asc
Description: This is a digitally signed message part