Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d9a8d6a1 authored by David S. Miller's avatar David S. Miller
Browse files

Merge branch 'bnx2x-Fix-malicious-VFs-indication' 



Yuval Mintz says:

====================
bnx2x: Fix malicious VFs indication

It was discovered that for a VF there's a simple [yet uncommon] scenario
which would cause device firmware to declare that VF as malicious -
Add a vlan interface on top of a VF and disable txvlan offloading for
that VF [causing VF to transmit packets where vlan is on payload].

Patch #1 corrects driver transmission to prevent this issue.
Patch #2 is a by-product correcting PF behavior once a VF is declared
malicious.
====================

Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parents f6d4c713 35238822

drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c

+15 −4
Original line number Diff line number Diff line
@@ -3883,15 +3883,26 @@ netdev_tx_t bnx2x_start_xmit(struct sk_buff *skb, struct net_device *dev) 
		/* when transmitting in a vf, start bd must hold the ethertype

		 * for fw to enforce it

		 */

		u16 vlan_tci = 0;

#ifndef BNX2X_STOP_ON_ERROR

		if (IS_VF(bp))

		if (IS_VF(bp)) {

#endif

			/* Still need to consider inband vlan for enforced */

			if (__vlan_get_tag(skb, &vlan_tci)) {

				tx_start_bd->vlan_or_ethertype =

					cpu_to_le16(ntohs(eth->h_proto));

			} else {

				tx_start_bd->bd_flags.as_bitfield |=

					(X_ETH_INBAND_VLAN <<

					 ETH_TX_BD_FLAGS_VLAN_MODE_SHIFT);

				tx_start_bd->vlan_or_ethertype =

					cpu_to_le16(vlan_tci);

			}

#ifndef BNX2X_STOP_ON_ERROR

		else

		} else {

			/* used by FW for packet accounting */

			tx_start_bd->vlan_or_ethertype = cpu_to_le16(pkt_prod);

		}

#endif

	}

drivers/net/ethernet/broadcom/bnx2x/bnx2x_sriov.c

+12 −1
Original line number Diff line number Diff line
@@ -901,6 +901,8 @@ static void bnx2x_vf_flr(struct bnx2x *bp, struct bnx2x_virtf *vf) 
	/* release VF resources */

	bnx2x_vf_free_resc(bp, vf);



	vf->malicious = false;



	/* re-open the mailbox */

	bnx2x_vf_enable_mbx(bp, vf->abs_vfid);

	return;
@@ -1822,9 +1824,11 @@ int bnx2x_iov_eq_sp_event(struct bnx2x *bp, union event_ring_elem *elem) 
		   vf->abs_vfid, qidx);

		bnx2x_vf_handle_rss_update_eqe(bp, vf);

	case EVENT_RING_OPCODE_VF_FLR:

	case EVENT_RING_OPCODE_MALICIOUS_VF:

		/* Do nothing for now */

		return 0;

	case EVENT_RING_OPCODE_MALICIOUS_VF:

		vf->malicious = true;

		return 0;

	}



	return 0;
@@ -1905,6 +1909,13 @@ void bnx2x_iov_adjust_stats_req(struct bnx2x *bp) 
			continue;

		}



		if (vf->malicious) {

			DP_AND((BNX2X_MSG_IOV | BNX2X_MSG_STATS),

			       "vf %d malicious so no stats for it\n",

			       vf->abs_vfid);

			continue;

		}



		DP_AND((BNX2X_MSG_IOV | BNX2X_MSG_STATS),

		       "add addresses for vf %d\n", vf->abs_vfid);

		for_each_vfq(vf, j) {

drivers/net/ethernet/broadcom/bnx2x/bnx2x_sriov.h

+1 −0
Original line number Diff line number Diff line
@@ -141,6 +141,7 @@ struct bnx2x_virtf { 
#define VF_RESET	3	/* VF FLR'd, pending cleanup */



	bool flr_clnup_stage;	/* true during flr cleanup */

	bool malicious;		/* true if FW indicated so, until FLR */



	/* dma */

	dma_addr_t fw_stat_map;