From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id D40AAA0352; Thu, 16 Jan 2020 03:38:56 +0100 (CET) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 0564F1C00D; Thu, 16 Jan 2020 03:38:56 +0100 (CET) Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by dpdk.org (Postfix) with ESMTP id 6BD1B1BFFF for ; Thu, 16 Jan 2020 03:38:53 +0100 (CET) X-Amp-Result: UNKNOWN X-Amp-Original-Verdict: FILE UNKNOWN X-Amp-File-Uploaded: False Received: from orsmga007.jf.intel.com ([10.7.209.58]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 15 Jan 2020 18:38:52 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.70,324,1574150400"; d="scan'208";a="213921701" Received: from yexl-server.sh.intel.com (HELO localhost) ([10.67.117.17]) by orsmga007.jf.intel.com with ESMTP; 15 Jan 2020 18:38:50 -0800 Date: Thu, 16 Jan 2020 10:38:42 +0800 From: Ye Xiaolong To: taox.zhu@intel.com Cc: beilei.xing@intel.com, qi.z.zhang@intel.com, dev@dpdk.org, qiming.yang@intel.com Message-ID: <20200116023842.GG33538@intel.com> References: <20191209135928.31697-1-taox.zhu@intel.com> <20200115184711.65888-1-taox.zhu@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200115184711.65888-1-taox.zhu@intel.com> User-Agent: Mutt/1.9.4 (2018-02-28) Subject: Re: [dpdk-dev] [PATCH v4] net/i40e: add PF MDD event handler X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" On 01/15, taox.zhu@intel.com wrote: >From: Zhu Tao > >add warning and counter to handle the maliciouse >driver detection event. Better to have more descriptions about the motivation about this patch. >update doc/guides/nics/i40e.rst >update doc/guides/rel_notes/release_20_02.rst Above 2 lines are not needed. > >Signed-off-by: Zhu Tao >--- > doc/guides/nics/i40e.rst | 1 + > doc/guides/rel_notes/release_20_02.rst | 4 +- > drivers/net/i40e/i40e_ethdev.c | 89 +++++++++++++++++++++++++- > drivers/net/i40e/i40e_ethdev.h | 1 + > 4 files changed, 92 insertions(+), 3 deletions(-) > >diff --git a/doc/guides/nics/i40e.rst b/doc/guides/nics/i40e.rst >index c7c34b62f..2bf11e8ca 100644 >--- a/doc/guides/nics/i40e.rst >+++ b/doc/guides/nics/i40e.rst >@@ -43,6 +43,7 @@ Features of the i40e PMD are: > - Dynamic Device Personalization (DDP) > - Queue region configuration > - Virtual Function Port Representors >+- Malicious Device Drive event catch and notify > > Prerequisites > ------------- >diff --git a/doc/guides/rel_notes/release_20_02.rst b/doc/guides/rel_notes/release_20_02.rst >index 1e83e659a..a39f22221 100644 >--- a/doc/guides/rel_notes/release_20_02.rst >+++ b/doc/guides/rel_notes/release_20_02.rst >@@ -66,11 +66,13 @@ New Features > > * Added support for RSS using L3/L4 source/destination only. > >-* **Updated i40e driver to support L2TPv3 over IP flows.** >+* **Updated i40e driver.** > > Updated the i40e PMD to support L2TPv3 over IP profiles which can be > programmed by the dynamic device personalization (DDP) process. > >+ Added PF support Malicious Device Drive event catch and notify. >+ > * **Updated testpmd to support L2TPv3 over IP flows.** > > Added support for L2TPv3 over IP rte_flow patterns to the testpmd >diff --git a/drivers/net/i40e/i40e_ethdev.c b/drivers/net/i40e/i40e_ethdev.c >index afb6f554b..95bfed4d9 100644 >--- a/drivers/net/i40e/i40e_ethdev.c >+++ b/drivers/net/i40e/i40e_ethdev.c >@@ -6760,6 +6760,87 @@ i40e_dev_handle_aq_msg(struct rte_eth_dev *dev) > rte_free(info.msg_buf); > } > >+static void >+i40e_handle_mdd_event(struct rte_eth_dev *dev) >+{ >+ struct i40e_hw *hw = I40E_DEV_PRIVATE_TO_HW(dev->data->dev_private); >+ struct i40e_pf *pf = I40E_DEV_PRIVATE_TO_PF(dev->data->dev_private); >+ bool mdd_detected = false; >+ struct i40e_pf_vf *vf; >+ uint32_t reg; >+ int i; >+ >+ /* find what triggered the MDD event */ >+ reg = I40E_READ_REG(hw, I40E_GL_MDET_TX); >+ if (reg & I40E_GL_MDET_TX_VALID_MASK) { >+ uint8_t pf_num = (reg & I40E_GL_MDET_TX_PF_NUM_MASK) >> >+ I40E_GL_MDET_TX_PF_NUM_SHIFT; >+ uint16_t vf_num = (reg & I40E_GL_MDET_TX_VF_NUM_MASK) >> >+ I40E_GL_MDET_TX_VF_NUM_SHIFT; >+ uint8_t event = (reg & I40E_GL_MDET_TX_EVENT_MASK) >> >+ I40E_GL_MDET_TX_EVENT_SHIFT; >+ uint16_t queue = ((reg & I40E_GL_MDET_TX_QUEUE_MASK) >> >+ I40E_GL_MDET_TX_QUEUE_SHIFT) - >+ hw->func_caps.base_queue; >+ PMD_DRV_LOG(WARNING, "Malicious Driver Detection event 0x%02x on TX " >+ "queue %d PF number 0x%02x VF number 0x%02x device %s\n", >+ event, queue, pf_num, vf_num, dev->data->name); >+ I40E_WRITE_REG(hw, I40E_GL_MDET_TX, 0xffffffff); Use Macros for 0xffffffff and below 0xFFFF. >+ mdd_detected = true; >+ } >+ reg = I40E_READ_REG(hw, I40E_GL_MDET_RX); >+ if (reg & I40E_GL_MDET_RX_VALID_MASK) { >+ uint8_t func = (reg & I40E_GL_MDET_RX_FUNCTION_MASK) >> >+ I40E_GL_MDET_RX_FUNCTION_SHIFT; >+ uint8_t event = (reg & I40E_GL_MDET_RX_EVENT_MASK) >> >+ I40E_GL_MDET_RX_EVENT_SHIFT; >+ uint16_t queue = ((reg & I40E_GL_MDET_RX_QUEUE_MASK) >> >+ I40E_GL_MDET_RX_QUEUE_SHIFT) - >+ hw->func_caps.base_queue; >+ >+ PMD_DRV_LOG(WARNING, "Malicious Driver Detection event 0x%02x on RX " >+ "queue %d of function 0x%02x device %s\n", >+ event, queue, func, dev->data->name); >+ I40E_WRITE_REG(hw, I40E_GL_MDET_RX, 0xffffffff); >+ mdd_detected = true; >+ } >+ >+ if (mdd_detected) { >+ reg = I40E_READ_REG(hw, I40E_PF_MDET_TX); >+ if (reg & I40E_PF_MDET_TX_VALID_MASK) { >+ I40E_WRITE_REG(hw, I40E_PF_MDET_TX, 0xFFFF); >+ PMD_DRV_LOG(WARNING, "TX driver issue detected on PF\n"); >+ } >+ reg = I40E_READ_REG(hw, I40E_PF_MDET_RX); >+ if (reg & I40E_PF_MDET_RX_VALID_MASK) { >+ I40E_WRITE_REG(hw, I40E_PF_MDET_RX, 0xFFFF); >+ PMD_DRV_LOG(WARNING, "RX driver issue detected on PF\n"); >+ } >+ } >+ >+ /* see if one of the VFs needs its hand slapped */ >+ for (i = 0; i < pf->vf_num && mdd_detected; i++) { >+ vf = &pf->vfs[i]; >+ reg = I40E_READ_REG(hw, I40E_VP_MDET_TX(i)); >+ if (reg & I40E_VP_MDET_TX_VALID_MASK) { >+ I40E_WRITE_REG(hw, I40E_VP_MDET_TX(i), 0xFFFF); >+ vf->num_mdd_events++; >+ PMD_DRV_LOG(WARNING, "TX driver issue detected on VF %d %-" >+ PRIu64 "times\n", >+ i, vf->num_mdd_events); >+ } >+ >+ reg = I40E_READ_REG(hw, I40E_VP_MDET_RX(i)); >+ if (reg & I40E_VP_MDET_RX_VALID_MASK) { >+ I40E_WRITE_REG(hw, I40E_VP_MDET_RX(i), 0xFFFF); >+ vf->num_mdd_events++; >+ PMD_DRV_LOG(WARNING, "RX driver issue detected on VF %d %-" >+ PRIu64 "times\n", >+ i, vf->num_mdd_events); >+ } >+ } >+} >+ > /** > * Interrupt handler triggered by NIC for handling > * specific interrupt. >@@ -6792,8 +6873,10 @@ i40e_dev_interrupt_handler(void *param) > } > if (icr0 & I40E_PFINT_ICR0_ECC_ERR_MASK) > PMD_DRV_LOG(ERR, "ICR0: unrecoverable ECC error"); >- if (icr0 & I40E_PFINT_ICR0_MAL_DETECT_MASK) >+ if (icr0 & I40E_PFINT_ICR0_MAL_DETECT_MASK) { > PMD_DRV_LOG(ERR, "ICR0: malicious programming detected"); >+ i40e_handle_mdd_event(dev); >+ } > if (icr0 & I40E_PFINT_ICR0_GRST_MASK) > PMD_DRV_LOG(INFO, "ICR0: global reset requested"); > if (icr0 & I40E_PFINT_ICR0_PCI_EXCEPTION_MASK) >@@ -6837,8 +6920,10 @@ i40e_dev_alarm_handler(void *param) > goto done; > if (icr0 & I40E_PFINT_ICR0_ECC_ERR_MASK) > PMD_DRV_LOG(ERR, "ICR0: unrecoverable ECC error"); >- if (icr0 & I40E_PFINT_ICR0_MAL_DETECT_MASK) >+ if (icr0 & I40E_PFINT_ICR0_MAL_DETECT_MASK) { > PMD_DRV_LOG(ERR, "ICR0: malicious programming detected"); >+ i40e_handle_mdd_event(dev); >+ } > if (icr0 & I40E_PFINT_ICR0_GRST_MASK) > PMD_DRV_LOG(INFO, "ICR0: global reset requested"); > if (icr0 & I40E_PFINT_ICR0_PCI_EXCEPTION_MASK) >diff --git a/drivers/net/i40e/i40e_ethdev.h b/drivers/net/i40e/i40e_ethdev.h >index bba2b83b4..370e6298f 100644 >--- a/drivers/net/i40e/i40e_ethdev.h >+++ b/drivers/net/i40e/i40e_ethdev.h >@@ -426,6 +426,7 @@ struct i40e_pf_vf { > /* version of the virtchnl from VF */ > struct virtchnl_version_info version; > uint32_t request_caps; /* offload caps requested from VF */ >+ uint64_t num_mdd_events; /* num of mdd events detected */ > > /* > * Variables for store the arrival timestamp of VF messages. >-- >2.17.1 >