[PATCH 2/2] i40e/i40evf: add virtchnl flag to indicate trusted VF

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Stefan Assmann <sassmann@kpanic.de>
To: intel-wired-lan@lists.osuosl.org
Cc: netdev@vger.kernel.org, davem@davemloft.net,
	jeffrey.t.kirsher@intel.com, sassmann@kpanic.de
Subject: [PATCH 2/2] i40e/i40evf: add virtchnl flag to indicate trusted VF
Date: Thu, 29 Jun 2017 15:12:25 +0200	[thread overview]
Message-ID: <20170629131225.9251-3-sassmann@kpanic.de> (raw)
In-Reply-To: <20170629131225.9251-1-sassmann@kpanic.de>

Give the VF a hint whether it runs in trusted mode or not. This allows
the VF to decide if it should allow changing the MAC address.
Currently the VF returns -EPERM in i40evf_set_mac when an
administratively set MAC has been set. However this prevents overriding
the administratively set MAC in trusted mode. Simply removing the EPERM
check is not an option, as that would bring the VF in an inconsistent
state when the PF decides to deny adding the appropriate filter.

Due to the fact that the communication between PF and VF is async the VF
driver cannot decide whether to deny or allow a MAC address change
without the VF trust hint.

Signed-off-by: Stefan Assmann <sassmann@kpanic.de>
---
 drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 3 +++
 drivers/net/ethernet/intel/i40evf/i40evf_main.c    | 3 ++-
 include/linux/avf/virtchnl.h                       | 1 +
 3 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c b/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
index 057c77b..9e872b1 100644
--- a/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
+++ b/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
@@ -1579,6 +1579,9 @@ static int i40e_vc_get_vf_resources_msg(struct i40e_vf *vf, u8 *msg)
 					VIRTCHNL_VF_OFFLOAD_WB_ON_ITR;
 	}
 
+	if (test_bit(I40E_VIRTCHNL_VF_CAP_PRIVILEGE, &vf->vf_caps))
+		vfres->vf_cap_flags |= VIRTCHNL_VF_TRUSTED;
+
 	vfres->num_vsis = num_vsis;
 	vfres->num_queue_pairs = vf->num_queue_pairs;
 	vfres->max_vectors = pf->hw.func_caps.num_msix_vectors_vf;
diff --git a/drivers/net/ethernet/intel/i40evf/i40evf_main.c b/drivers/net/ethernet/intel/i40evf/i40evf_main.c
index 21103bb..8822062 100644
--- a/drivers/net/ethernet/intel/i40evf/i40evf_main.c
+++ b/drivers/net/ethernet/intel/i40evf/i40evf_main.c
@@ -2649,7 +2649,8 @@ static void i40evf_init_task(struct work_struct *work)
 		eth_hw_addr_random(netdev);
 		ether_addr_copy(adapter->hw.mac.addr, netdev->dev_addr);
 	} else {
-		adapter->flags |= I40EVF_FLAG_ADDR_SET_BY_PF;
+		if (!(adapter->vf_res->vf_cap_flags & VIRTCHNL_VF_TRUSTED))
+			adapter->flags |= I40EVF_FLAG_ADDR_SET_BY_PF;
 		ether_addr_copy(netdev->dev_addr, adapter->hw.mac.addr);
 		ether_addr_copy(netdev->perm_addr, adapter->hw.mac.addr);
 	}
diff --git a/include/linux/avf/virtchnl.h b/include/linux/avf/virtchnl.h
index becfca2..6d74453 100644
--- a/include/linux/avf/virtchnl.h
+++ b/include/linux/avf/virtchnl.h
@@ -240,6 +240,7 @@ VIRTCHNL_CHECK_STRUCT_LEN(16, virtchnl_vsi_resource);
 #define VIRTCHNL_VF_OFFLOAD_ENCAP		0X00100000
 #define VIRTCHNL_VF_OFFLOAD_ENCAP_CSUM		0X00200000
 #define VIRTCHNL_VF_OFFLOAD_RX_ENCAP_CSUM	0X00400000
+#define VIRTCHNL_VF_TRUSTED			0X00800000
 
 #define VF_BASE_MODE_OFFLOADS (VIRTCHNL_VF_OFFLOAD_L2 | \
 			       VIRTCHNL_VF_OFFLOAD_VLAN | \
-- 
2.9.4

     prev parent reply	other threads:[~2017-06-29 13:13 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-06-29 13:12 [PATCH 0/2] i40e/i40evf: fix override of administratively set MAC address in trusted mode Stefan Assmann
2017-06-29 13:12 ` [PATCH 1/2] i40e/i40evf: rename vf_offload_flags to vf_cap_flags in struct virtchnl_vf_resource Stefan Assmann
2017-07-05 21:15   ` [Intel-wired-lan] " Wyborny, Carolyn
2017-07-06 14:24     ` Greg Rose
2017-07-06 15:26       ` Wyborny, Carolyn
2017-07-07  8:18         ` Greg Rose
2017-06-29 13:12 ` Stefan Assmann [this message]

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:057c77b dfblob:9e872b1 dfblob:21103bb dfblob:8822062
dfblob:becfca2 dfblob:6d74453 )
 OR (
bs:"[PATCH 2/2] i40e/i40evf: add virtchnl flag to indicate trusted VF" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20170629131225.9251-3-sassmann@kpanic.de \
    --to=sassmann@kpanic.de \
    --cc=davem@davemloft.net \
    --cc=intel-wired-lan@lists.osuosl.org \
    --cc=jeffrey.t.kirsher@intel.com \
    --cc=netdev@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).