On 1/22/26 11:21 AM, Michael S. Tsirkin wrote: > On Wed, Jan 21, 2026 at 04:06:49PM -0600, Daniel Jurgens wrote: >> Add support for IP_USER type rules from ethtool. >> >> Example: >> $ ethtool -U ens9 flow-type ip4 src-ip 192.168.51.101 action -1 >> Added rule with ID 1 >> >> The example rule will drop packets with the source IP specified. >> >> Signed-off-by: Daniel Jurgens <[email protected]> >> Reviewed-by: Parav Pandit <[email protected]> >> Reviewed-by: Shahar Shitrit <[email protected]> >> Reviewed-by: Xuan Zhuo <[email protected]> >> --- >> v4: >> - Fixed bug in protocol check of parse_ip4 >> - (u8 *) to (void *) casting. >> - Alignment issues. >> >> v12 >> - refactor calculate_flow_sizes to remove goto. MST >> - refactor build_and_insert to remove goto validate. MST >> - Move parse_ip4 l3_mask check to TCP/UDP patch. MST >> - Check saddr/daddr mask before copying in parse_ip4. MST >> - Remove tos check in setup_ip_key_mask. >> - check l4_4_bytes mask is 0 in setup_ip_key_mask. MST >> - changed return of setup_ip_key_mask to -EINVAL. >> - BUG_ON if key overflows u8 size in calculate_flow_sizes. MST >> >> v13: >> - Set tos field if applicable in parse_ip4. MST >> - Check tos in validate_ip4_mask. MST >> - check l3_mask before setting addr and mask in parse_ip4. MST >> - use has_ipv4 vs numhdrs for branching in build_and_insert. MST >> --- >> --- >> drivers/net/virtio_net.c | 129 +++++++++++++++++++++++++++++++++++++-- >> 1 file changed, 123 insertions(+), 6 deletions(-) >> >> diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c >> index ba231f10b803..7ce120baeb41 100644 >> --- a/drivers/net/virtio_net.c >> +++ b/drivers/net/virtio_net.c >> @@ -5818,6 +5818,39 @@ static bool validate_eth_mask(const struct virtnet_ff >> *ff, >> return true; >> } >> >> +static bool validate_ip4_mask(const struct virtnet_ff *ff, >> + const struct virtio_net_ff_selector *sel, >> + const struct virtio_net_ff_selector *sel_cap) >> +{ >> + bool partial_mask = !!(sel_cap->flags & >> VIRTIO_NET_FF_MASK_F_PARTIAL_MASK); >> + struct iphdr *cap, *mask; >> + >> + cap = (struct iphdr *)&sel_cap->mask; >> + mask = (struct iphdr *)&sel->mask; > > > this cast is only portable if sel and sel_cap are properly aligned. > > > > Because if not then at least saddr/daddr accesses below are > not portable and need > Documentation/core-api/unaligned-memory-access.rst >
I'll fix this here, and in the next 2 patches.
