openvswitch: Reject ct_state unsupported bits
authorJoe Stringer <joestringer@nicira.com>
Tue, 6 Oct 2015 17:59:59 +0000 (10:59 -0700)
committerDavid S. Miller <davem@davemloft.net>
Wed, 7 Oct 2015 12:03:05 +0000 (05:03 -0700)
commit6f225952461b5e9b5520d0dc6e2ff0af57874fbb
tree640b5ffa111825c21aa8ff7847e3d466b1922005
parentec0d043d05e6e3c0c2fac5de922c800c027c6386
openvswitch: Reject ct_state unsupported bits

Previously, if userspace specified ct_state bits in the flow key which
are currently undefined (and therefore unsupported), then they would be
ignored. This could cause unexpected behaviour in future if userspace is
extended to support additional bits but attempts to communicate with the
current version of the kernel. This patch rectifies the situation by
rejecting such ct_state bits.

Fixes: 7f8a436eaa2c "openvswitch: Add conntrack action"
Signed-off-by: Joe Stringer <joestringer@nicira.com>
Acked-by: Pravin B Shelar <pshelar@nicira.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/openvswitch/conntrack.h
net/openvswitch/flow_netlink.c