From: Rasesh Mody <rasesh.mody@cavium.com>
To: dev@dpdk.org, ferruh.yigit@intel.com
Cc: Rasesh Mody <rasesh.mody@cavium.com>, Dept-EngDPDKDev@cavium.com
Subject: [dpdk-dev] [PATCH 27/53] net/qede/base: prevent stop vport assert by malicious VF
Date: Mon, 18 Sep 2017 18:30:07 -0700 [thread overview]
Message-ID: <1505784633-1171-28-git-send-email-rasesh.mody@cavium.com> (raw)
In-Reply-To: <1505784633-1171-1-git-send-email-rasesh.mody@cavium.com>
PF checks upon stop-vport from VF whether it's legal, but if it's not it
would STILL send the request to FW, which might cause it to assert.
Signed-off-by: Rasesh Mody <rasesh.mody@cavium.com>
---
drivers/net/qede/base/ecore_sriov.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/net/qede/base/ecore_sriov.c b/drivers/net/qede/base/ecore_sriov.c
index a70ca30..792cf75 100644
--- a/drivers/net/qede/base/ecore_sriov.c
+++ b/drivers/net/qede/base/ecore_sriov.c
@@ -2121,6 +2121,8 @@ static void ecore_iov_vf_mbx_stop_vport(struct ecore_hwfn *p_hwfn,
"VF [%02x] - considered malicious;"
" Unable to stop RX/TX queuess\n",
vf->abs_vf_id);
+ status = PFVF_STATUS_MALICIOUS;
+ goto out;
}
rc = ecore_sp_vport_stop(p_hwfn, vf->opaque_fid, vf->vport_id);
@@ -2134,6 +2136,7 @@ static void ecore_iov_vf_mbx_stop_vport(struct ecore_hwfn *p_hwfn,
vf->configured_features = 0;
OSAL_MEMSET(&vf->shadow_config, 0, sizeof(vf->shadow_config));
+out:
ecore_iov_prepare_resp(p_hwfn, p_ptt, vf, CHANNEL_TLV_VPORT_TEARDOWN,
sizeof(struct pfvf_def_resp_tlv), status);
}
--
1.7.10.3
next prev parent reply other threads:[~2017-09-19 1:31 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-19 1:29 [dpdk-dev] [PATCH 00/53] net/qede/base: update PMD to 2.6.0.1 Rasesh Mody
2017-09-19 1:29 ` [dpdk-dev] [PATCH 01/53] net/qede/base: add NVM config options Rasesh Mody
2017-09-19 1:29 ` [dpdk-dev] [PATCH 02/53] net/qede/base: update management FW supported features Rasesh Mody
2017-09-19 1:29 ` [dpdk-dev] [PATCH 03/53] net/qede/base: use crc32 OSAL macro Rasesh Mody
2017-09-19 1:29 ` [dpdk-dev] [PATCH 04/53] net/qede/base: allocate VF queues before PF Rasesh Mody
2017-09-19 1:29 ` [dpdk-dev] [PATCH 05/53] net/qede/base: convert device type to enum Rasesh Mody
2017-09-19 1:29 ` [dpdk-dev] [PATCH 06/53] net/qede/base: changes for VF queue zone Rasesh Mody
2017-09-19 1:29 ` [dpdk-dev] [PATCH 07/53] net/qede/base: interchangeably use SB between PF and VF Rasesh Mody
2017-09-19 1:29 ` [dpdk-dev] [PATCH 08/53] net/qede/base: add API to configure coalescing for VF queues Rasesh Mody
2017-09-19 1:29 ` [dpdk-dev] [PATCH 09/53] net/qede/base: restrict cache line size register padding Rasesh Mody
2017-09-19 1:29 ` [dpdk-dev] [PATCH 10/53] net/qede/base: fix to use a passed ptt handle Rasesh Mody
2017-09-19 1:29 ` [dpdk-dev] [PATCH 11/53] net/qede/base: add a sanity check Rasesh Mody
2017-09-19 1:29 ` [dpdk-dev] [PATCH 12/53] net/qede/base: add SmartAN support Rasesh Mody
2017-09-19 1:29 ` [dpdk-dev] [PATCH 13/53] net/qede/base: alter driver's force load behavior Rasesh Mody
2017-09-19 1:29 ` [dpdk-dev] [PATCH 14/53] net/qede/base: add mdump sub-commands Rasesh Mody
2017-09-19 1:29 ` [dpdk-dev] [PATCH 15/53] net/qede/base: add EEE support Rasesh Mody
2017-09-19 1:29 ` [dpdk-dev] [PATCH 16/53] net/qede/base: use passed ptt handler Rasesh Mody
2017-09-19 1:29 ` [dpdk-dev] [PATCH 17/53] net/qede/base: prevent re-assertions of parity errors Rasesh Mody
2017-09-19 1:29 ` [dpdk-dev] [PATCH 18/53] net/qede/base: avoid possible race condition Rasesh Mody
2017-09-19 1:29 ` [dpdk-dev] [PATCH 19/53] net/qede/base: revise management FW mbox access scheme Rasesh Mody
2017-09-19 1:30 ` [dpdk-dev] [PATCH 20/53] net/qede/base: remove helper functions/structures Rasesh Mody
2017-09-19 1:30 ` [dpdk-dev] [PATCH 21/53] net/qede/base: initialize resc lock/unlock params Rasesh Mody
2017-09-19 1:30 ` [dpdk-dev] [PATCH 22/53] net/qede/base: rename MFW get/set field defines Rasesh Mody
2017-09-19 1:30 ` [dpdk-dev] [PATCH 23/53] net/qede/base: allow clients to override VF MSI-X table size Rasesh Mody
2017-09-19 1:30 ` [dpdk-dev] [PATCH 24/53] net/qede/base: add API to send STAG config update to FW Rasesh Mody
2017-09-19 1:30 ` [dpdk-dev] [PATCH 25/53] net/qede/base: add support for doorbell overflow recovery Rasesh Mody
2017-09-19 1:30 ` [dpdk-dev] [PATCH 26/53] net/qede/base: block mbox command to unresponsive MFW Rasesh Mody
2017-09-19 1:30 ` Rasesh Mody [this message]
2017-09-19 1:30 ` [dpdk-dev] [PATCH 28/53] net/qede/base: remove unused parameters Rasesh Mody
2017-09-19 1:30 ` [dpdk-dev] [PATCH 29/53] net/qede/base: fix macros to check chip revision/metal Rasesh Mody
2017-09-20 11:00 ` [dpdk-dev] [PATCH 00/53] net/qede/base: update PMD to 2.6.0.1 Ferruh Yigit
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1505784633-1171-28-git-send-email-rasesh.mody@cavium.com \
--to=rasesh.mody@cavium.com \
--cc=Dept-EngDPDKDev@cavium.com \
--cc=dev@dpdk.org \
--cc=ferruh.yigit@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).