Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5079b853 authored by Akeem G Abodunrin's avatar Akeem G Abodunrin Committed by Jeff Kirsher
Browse files

ice: Fix issue when adding more than allowed VLANs 



This patch fixes issue with non trusted VFs being able to add more than
permitted number of VLANs by adding a check in ice_vc_process_vlan_msg.
Also don't return an error in this case as the VF does not need to know
that it is not trusted.

Also rework ice_vsi_kill_vlan to use the right types.

Signed-off-by: default avatarAkeem G Abodunrin <akeem.g.abodunrin@intel.com>
Signed-off-by: default avatarAnirudh Venkataramanan <anirudh.venkataramanan@intel.com>
Tested-by: default avatarAndrew Bowers <andrewx.bowers@intel.com>
Signed-off-by: default avatarJeff Kirsher <jeffrey.t.kirsher@intel.com>
parent acd1751a

drivers/net/ethernet/intel/ice/ice_lib.c

+9 −6
Original line number Diff line number Diff line
@@ -1598,7 +1598,8 @@ int ice_vsi_kill_vlan(struct ice_vsi *vsi, u16 vid) 
	struct ice_fltr_list_entry *list;

	struct ice_pf *pf = vsi->back;

	LIST_HEAD(tmp_add_list);

	int status = 0;

	enum ice_status status;

	int err = 0;



	list = devm_kzalloc(&pf->pdev->dev, sizeof(*list), GFP_KERNEL);

	if (!list)
@@ -1614,14 +1615,16 @@ int ice_vsi_kill_vlan(struct ice_vsi *vsi, u16 vid) 
	INIT_LIST_HEAD(&list->list_entry);

	list_add(&list->list_entry, &tmp_add_list);



	if (ice_remove_vlan(&pf->hw, &tmp_add_list)) {

		dev_err(&pf->pdev->dev, "Error removing VLAN %d on vsi %i\n",

			vid, vsi->vsi_num);

		status = -EIO;

	status = ice_remove_vlan(&pf->hw, &tmp_add_list);

	if (status) {

		dev_err(&pf->pdev->dev,

			"Error removing VLAN %d on vsi %i error: %d\n",

			vid, vsi->vsi_num, status);

		err = -EIO;

	}



	ice_free_fltr_list(&pf->pdev->dev, &tmp_add_list);

	return status;

	return err;

}



/**

drivers/net/ethernet/intel/ice/ice_virtchnl_pf.c

+12 −1
Original line number Diff line number Diff line
@@ -2329,7 +2329,6 @@ static int ice_vc_process_vlan_msg(struct ice_vf *vf, u8 *msg, bool add_v) 
		/* There is no need to let VF know about being not trusted,

		 * so we can just return success message here

		 */

		v_ret = VIRTCHNL_STATUS_ERR_PARAM;

		goto error_param;

	}
@@ -2370,6 +2369,18 @@ static int ice_vc_process_vlan_msg(struct ice_vf *vf, u8 *msg, bool add_v) 
		for (i = 0; i < vfl->num_elements; i++) {

			u16 vid = vfl->vlan_id[i];



			if (!ice_is_vf_trusted(vf) &&

			    vf->num_vlan >= ICE_MAX_VLAN_PER_VF) {

				dev_info(&pf->pdev->dev,

					 "VF-%d is not trusted, switch the VF to trusted mode, in order to add more VLAN addresses\n",

					 vf->vf_id);

				/* There is no need to let VF know about being

				 * not trusted, so we can just return success

				 * message here as well.

				 */

				goto error_param;

			}



			if (ice_vsi_add_vlan(vsi, vid)) {

				v_ret = VIRTCHNL_STATUS_ERR_PARAM;

				goto error_param;