[net-next 14/16] net/mlx5e: Reject tc rules which redirect from a VF to itself

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Saeed Mahameed <saeed@kernel.org>
To: "David S. Miller" <davem@davemloft.net>,
	Jakub Kicinski <kuba@kernel.org>
Cc: netdev@vger.kernel.org, Tariq Toukan <tariqt@nvidia.com>,
	Ariel Levkovich <lariel@nvidia.com>,
	Saeed Mahameed <saeedm@nvidia.com>
Subject: [net-next 14/16] net/mlx5e: Reject tc rules which redirect from a VF to itself
Date: Sat,  3 Apr 2021 21:19:52 -0700	[thread overview]
Message-ID: <20210404041954.146958-15-saeed@kernel.org> (raw)
In-Reply-To: <20210404041954.146958-1-saeed@kernel.org>

From: Ariel Levkovich <lariel@nvidia.com>

Since there are self loopback prevention mechanisms at the
VF level, offloading such rules which redirect from a VF
to itself in the eswitch will break the datapath since the
packets will be dropped once they go back to the vport they
came from.

Therefore, offloading such rules will be rejected and left to
be handled by SW.

Signed-off-by: Ariel Levkovich <lariel@nvidia.com>
Signed-off-by: Saeed Mahameed <saeedm@nvidia.com>
---
 drivers/net/ethernet/mellanox/mlx5/core/en_tc.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c b/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c
index dbc06c71c170..a4a4cdecbdea 100644
--- a/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en_tc.c
@@ -3111,6 +3111,13 @@ static bool same_hw_devs(struct mlx5e_priv *priv, struct mlx5e_priv *peer_priv)
 	return (fsystem_guid == psystem_guid);
 }
 
+static bool same_vf_reps(struct mlx5e_priv *priv,
+			 struct net_device *out_dev)
+{
+	return mlx5e_eswitch_vf_rep(priv->netdev) &&
+	       priv->netdev == out_dev;
+}
+
 static int add_vlan_rewrite_action(struct mlx5e_priv *priv, int namespace,
 				   const struct flow_action_entry *act,
 				   struct mlx5e_tc_flow_parse_attr *parse_attr,
@@ -3796,6 +3803,12 @@ static int parse_tc_fdb_actions(struct mlx5e_priv *priv,
 					return -EOPNOTSUPP;
 				}
 
+				if (same_vf_reps(priv, out_dev)) {
+					NL_SET_ERR_MSG_MOD(extack,
+							   "can't forward from a VF to itself");
+					return -EOPNOTSUPP;
+				}
+
 				out_priv = netdev_priv(out_dev);
 				rpriv = out_priv->ppriv;
 				esw_attr->dests[esw_attr->out_count].rep = rpriv->rep;
-- 
2.30.2

next prev parent reply	other threads:[~2021-04-04  4:20 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-04-04  4:19 [pull request][net-next 00/16] mlx5 updates 2021-04-02 Saeed Mahameed
2021-04-04  4:19 ` [net-next 01/16] net/mlx5: CT: Add support for matching on ct_state inv and rel flags Saeed Mahameed
2021-04-04  8:50   ` patchwork-bot+netdevbpf
2021-04-04  4:19 ` [net-next 02/16] net/mlx5: E-Switch, cut down mlx5_vport_info structure size by 8 bytes Saeed Mahameed
2021-04-04  4:19 ` [net-next 03/16] net/mlx5: E-Switch, move QoS specific fields to existing qos struct Saeed Mahameed
2021-04-04  4:19 ` [net-next 04/16] net/mlx5: Use unsigned int for free_count Saeed Mahameed
2021-04-04  4:19 ` [net-next 05/16] net/mlx5: Pack mlx5_rl_entry structure Saeed Mahameed
2021-04-04  4:19 ` [net-next 06/16] net/mlx5: Do not hold mutex while reading table constants Saeed Mahameed
2021-04-04  4:19 ` [net-next 07/16] net/mlx5: Use helpers to allocate and free rl table entries Saeed Mahameed
2021-04-04  4:19 ` [net-next 08/16] net/mlx5: Use helper to increment, decrement rate entry refcount Saeed Mahameed
2021-04-04  4:19 ` [net-next 09/16] net/mlx5: Allocate rate limit table when rate is configured Saeed Mahameed
2021-04-04  4:19 ` [net-next 10/16] net/mlx5: Pair mutex_destory with mutex_init for rate limit table Saeed Mahameed
2021-04-04  4:19 ` [net-next 11/16] net/mlx5: E-Switch, cut down mlx5_vport_info structure size by 8 bytes Saeed Mahameed
2021-04-04  4:19 ` [net-next 12/16] net/mlx5: E-Switch, move QoS specific fields to existing qos struct Saeed Mahameed
2021-04-04  4:19 ` [net-next 13/16] net/mlx5: Use ida_alloc_range() instead of ida_simple_alloc() Saeed Mahameed
2021-04-04  4:19 ` Saeed Mahameed [this message]
2021-04-04  4:19 ` [net-next 15/16] net/mlx5e: Dynamic alloc arfs table for netdev when needed Saeed Mahameed
2021-04-04  4:19 ` [net-next 16/16] net/mlx5e: Dynamic alloc vlan " Saeed Mahameed

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:dbc06c71c17 dfblob:a4a4cdecbde )
 OR (
bs:"[net-next 14/16] net/mlx5e: Reject tc rules which redirect from a VF to itself" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210404041954.146958-15-saeed@kernel.org \
    --to=saeed@kernel.org \
    --cc=davem@davemloft.net \
    --cc=kuba@kernel.org \
    --cc=lariel@nvidia.com \
    --cc=netdev@vger.kernel.org \
    --cc=saeedm@nvidia.com \
    --cc=tariqt@nvidia.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).