diff mbox series

[iproute2/master,08/11] {f,m}_bpf: don't allow specifying multiple bpf programs

Message ID 20171124021208.13419-9-jakub.kicinski@netronome.com
State Accepted, archived
Delegated to: stephen hemminger
Headers show
Series bpf: pass ifindex for bpf offload | expand

Commit Message

Jakub Kicinski Nov. 24, 2017, 2:12 a.m. UTC 
Both BPF filter and action will allow users to specify run
multiple times, and only the last one will be considered by
the kernel.  Explicitly refuse such command lines.

Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Reviewed-by: Quentin Monnet <quentin.monnet@netronome.com>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
---
 tc/f_bpf.c | 3 +++
 tc/m_bpf.c | 3 +++
 2 files changed, 6 insertions(+)
diff mbox series

Patch

diff --git a/tc/f_bpf.c b/tc/f_bpf.c
index 21ba759c4b01..f598784e8b08 100644
--- a/tc/f_bpf.c
+++ b/tc/f_bpf.c
@@ -101,6 +101,9 @@  static int bpf_parse_opt(struct filter_util *qu, char *handle,
 	while (argc > 0) {
 		if (matches(*argv, "run") == 0) {
 			NEXT_ARG();
+
+			if (seen_run)
+				duparg("run", *argv);
 opt_bpf:
 			seen_run = true;
 			cfg.type = bpf_type;
diff --git a/tc/m_bpf.c b/tc/m_bpf.c
index e275afd01fb3..1c1f71cdb83f 100644
--- a/tc/m_bpf.c
+++ b/tc/m_bpf.c
@@ -96,6 +96,9 @@  static int bpf_parse_opt(struct action_util *a, int *ptr_argc, char ***ptr_argv,
 	while (argc > 0) {
 		if (matches(*argv, "run") == 0) {
 			NEXT_ARG();
+
+			if (seen_run)
+				duparg("run", *argv);
 opt_bpf:
 			seen_run = true;
 			cfg.type = bpf_type;