[Intel-wired-lan] [PATCH net v1] i40e: Fix not showing opcode msg on unsuccessful VF MAC change
Nguyen, Anthony L
anthony.l.nguyen at intel.com
Thu Feb 11 02:46:53 UTC 2021
On Tue, 2021-02-09 at 12:17 +0000, Mateusz Palczewski wrote:
> Hide i40e opcode information sent during response to VF in case when
> untrusted VF tried to change MAC on the VF interface.
The title and description seem to contradict.
"Fix not showing opcode" and "Hide i40e opcode information"
> This is implemented by adding an additional parameter 'hide' to the
> response sent to VF function that hides the display of error
> information, but forwards the error code to VF.
>
> Previously it was not possible to send response with some error code
> to VF without displaying opcode information.
>
> Fixes: 5c3c48ac6bf5("i40e:implement virtual device interface")
nit: There's a missing space
Fixes: 5c3c48ac6bf5("i40e: implement virtual device interface")
It's not clear to me what the bug is.
> Signed-off-by: Grzegorz Szczurek <grzegorzx.szczurek at intel.com>
> Reviewed-by: Paul M Stillwell Jr <paul.m.stillwell.jr at intel.com>
> Reviewed-by: Aleksandr Loktionov <aleksandr.loktionov at intel.com>
> ---
> .../ethernet/intel/i40e/i40e_virtchnl_pf.c | 44 +++++++++++++++
> ----
> 1 file changed, 35 insertions(+), 9 deletions(-)
>
> diff --git a/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
> b/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
> index b40ce62..b47159a 100644
> --- a/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
> +++ b/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
> @@ -1792,17 +1792,18 @@ sriov_configure_out:
> /***********************virtual channel routines******************/
>
> /**
> - * i40e_vc_send_msg_to_vf
> + * i40e_vc_send_msg_to_vf_ex
> * @vf: pointer to the VF info
> * @v_opcode: virtual channel opcode
> * @v_retval: virtual channel return value
> * @msg: pointer to the msg buffer
> * @msglen: msg length
> - *
> + * @is_quiet: true for not printing unsuccessful return values,
> false otherwise
> * send msg to VF
> **/
> -static int i40e_vc_send_msg_to_vf(struct i40e_vf *vf, u32 v_opcode,
> - u32 v_retval, u8 *msg, u16 msglen)
> +static int i40e_vc_send_msg_to_vf_ex(struct i40e_vf *vf, u32
> v_opcode,
> + u32 v_retval, u8 *msg, u16 msglen,
> + bool is_quiet)
> {
> struct i40e_pf *pf;
> struct i40e_hw *hw;
> @@ -1818,7 +1819,7 @@ static int i40e_vc_send_msg_to_vf(struct
> i40e_vf *vf, u32 v_opcode,
> abs_vf_id = vf->vf_id + hw->func_caps.vf_base_id;
>
> /* single place to detect unsuccessful return values */
> - if (v_retval) {
> + if (v_retval && !is_quiet) {
> vf->num_invalid_msgs++;
> dev_info(&pf->pdev->dev, "VF %d failed opcode %d,
> retval: %d\n",
> vf->vf_id, v_opcode, v_retval);
> @@ -1848,6 +1849,23 @@ static int i40e_vc_send_msg_to_vf(struct
> i40e_vf *vf, u32 v_opcode,
> return 0;
> }
>
> +/**
> + * i40e_vc_send_msg_to_vf
> + * @vf: pointer to the VF info
> + * @v_opcode: virtual channel opcode
> + * @v_retval: virtual channel return value
> + * @msg: pointer to the msg buffer
> + * @msglen: msg length
> + *
> + * send msg to VF
> + **/
> +static int i40e_vc_send_msg_to_vf(struct i40e_vf *vf, u32 v_opcode,
> + u32 v_retval, u8 *msg, u16 msglen)
> +{
> + return i40e_vc_send_msg_to_vf_ex(vf, v_opcode, v_retval,
> + msg, msglen, false);
> +}
> +
> /**
> * i40e_vc_send_resp_to_vf
> * @vf: pointer to the VF info
> @@ -2591,6 +2609,7 @@ error_param:
> * i40e_check_vf_permission
> * @vf: pointer to the VF info
> * @al: MAC address list from virtchnl
> + * @is_quiet: set true for printing msg without opcode info, false
> otherwise
> *
> * Check that the given list of MAC addresses is allowed. Will
> return -EPERM
> * if any address in the list is not valid. Checks the following
> conditions:
> @@ -2605,13 +2624,18 @@ error_param:
> * addresses might not be accurate.
> **/
> static inline int i40e_check_vf_permission(struct i40e_vf *vf,
> - struct
> virtchnl_ether_addr_list *al)
> + struct
> virtchnl_ether_addr_list *al,
> + bool *is_quiet)
> {
> struct i40e_pf *pf = vf->pf;
> struct i40e_vsi *vsi = pf->vsi[vf->lan_vsi_idx];
> int mac2add_cnt = 0;
> int i;
>
> + if (!is_quiet)
> + return -EINVAL;
> +
> + *is_quiet = false;
> for (i = 0; i < al->num_elements; i++) {
> struct i40e_mac_filter *f;
> u8 *addr = al->list[i].addr;
> @@ -2635,6 +2659,7 @@ static inline int
> i40e_check_vf_permission(struct i40e_vf *vf,
> !ether_addr_equal(addr, vf->default_lan_addr.addr))
> {
> dev_err(&pf->pdev->dev,
> "VF attempting to override
> administratively set MAC address, bring down and up the VF interface
> to resume normal operation\n");
> + *is_quiet = true;
> return -EPERM;
> }
>
> @@ -2671,6 +2696,7 @@ static int i40e_vc_add_mac_addr_msg(struct
> i40e_vf *vf, u8 *msg)
> (struct virtchnl_ether_addr_list *)msg;
> struct i40e_pf *pf = vf->pf;
> struct i40e_vsi *vsi = NULL;
> + bool is_quiet = false;
> i40e_status ret = 0;
> int i;
>
> @@ -2687,7 +2713,7 @@ static int i40e_vc_add_mac_addr_msg(struct
> i40e_vf *vf, u8 *msg)
> */
> spin_lock_bh(&vsi->mac_filter_hash_lock);
>
> - ret = i40e_check_vf_permission(vf, al);
> + ret = i40e_check_vf_permission(vf, al, &is_quiet);
> if (ret) {
> spin_unlock_bh(&vsi->mac_filter_hash_lock);
> goto error_param;
> @@ -2725,8 +2751,8 @@ static int i40e_vc_add_mac_addr_msg(struct
> i40e_vf *vf, u8 *msg)
>
> error_param:
> /* send the response to the VF */
> - return i40e_vc_send_resp_to_vf(vf, VIRTCHNL_OP_ADD_ETH_ADDR,
> - ret);
> + return i40e_vc_send_msg_to_vf_ex(vf, VIRTCHNL_OP_ADD_ETH_ADDR,
> + ret, NULL, 0, is_quiet);
> }
>
> /**
More information about the Intel-wired-lan
mailing list