Patch Detail

GET /api/patches/972072/?format=api
HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 972072,
    "url": "http://patchwork.ozlabs.org/api/patches/972072/?format=api",
    "web_url": "http://patchwork.ozlabs.org/project/intel-wired-lan/patch/20180920004308.13772-10-anirudh.venkataramanan@intel.com/",
    "project": {
        "id": 46,
        "url": "http://patchwork.ozlabs.org/api/projects/46/?format=api",
        "name": "Intel Wired Ethernet development",
        "link_name": "intel-wired-lan",
        "list_id": "intel-wired-lan.osuosl.org",
        "list_email": "intel-wired-lan@osuosl.org",
        "web_url": "",
        "scm_url": "",
        "webscm_url": "",
        "list_archive_url": "",
        "list_archive_url_format": "",
        "commit_url_format": ""
    },
    "msgid": "<20180920004308.13772-10-anirudh.venkataramanan@intel.com>",
    "list_archive_url": null,
    "date": "2018-09-20T00:43:01",
    "name": "[v2,09/16] ice: Extend malicious operations detection logic",
    "commit_ref": null,
    "pull_url": null,
    "state": "accepted",
    "archived": false,
    "hash": "7f08a927b3d293973fa79393ef208e257859f211",
    "submitter": {
        "id": 73601,
        "url": "http://patchwork.ozlabs.org/api/people/73601/?format=api",
        "name": "Anirudh Venkataramanan",
        "email": "anirudh.venkataramanan@intel.com"
    },
    "delegate": {
        "id": 68,
        "url": "http://patchwork.ozlabs.org/api/users/68/?format=api",
        "username": "jtkirshe",
        "first_name": "Jeff",
        "last_name": "Kirsher",
        "email": "jeffrey.t.kirsher@intel.com"
    },
    "mbox": "http://patchwork.ozlabs.org/project/intel-wired-lan/patch/20180920004308.13772-10-anirudh.venkataramanan@intel.com/mbox/",
    "series": [
        {
            "id": 66527,
            "url": "http://patchwork.ozlabs.org/api/series/66527/?format=api",
            "web_url": "http://patchwork.ozlabs.org/project/intel-wired-lan/list/?series=66527",
            "date": "2018-09-20T00:42:53",
            "name": "Add SR-IOV support, feature updates",
            "version": 2,
            "mbox": "http://patchwork.ozlabs.org/series/66527/mbox/"
        }
    ],
    "comments": "http://patchwork.ozlabs.org/api/patches/972072/comments/",
    "check": "pending",
    "checks": "http://patchwork.ozlabs.org/api/patches/972072/checks/",
    "tags": {},
    "related": [],
    "headers": {
        "Return-Path": "<intel-wired-lan-bounces@osuosl.org>",
        "X-Original-To": [
            "incoming@patchwork.ozlabs.org",
            "intel-wired-lan@lists.osuosl.org"
        ],
        "Delivered-To": [
            "patchwork-incoming@bilbo.ozlabs.org",
            "intel-wired-lan@lists.osuosl.org"
        ],
        "Authentication-Results": [
            "ozlabs.org;\n\tspf=pass (mailfrom) smtp.mailfrom=osuosl.org\n\t(client-ip=140.211.166.133; helo=hemlock.osuosl.org;\n\tenvelope-from=intel-wired-lan-bounces@osuosl.org;\n\treceiver=<UNKNOWN>)",
            "ozlabs.org;\n\tdmarc=fail (p=none dis=none) header.from=intel.com"
        ],
        "Received": [
            "from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256\n\tbits)) (No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 42FydR3XZxz9sBs\n\tfor <incoming@patchwork.ozlabs.org>;\n\tThu, 20 Sep 2018 10:43:23 +1000 (AEST)",
            "from localhost (localhost [127.0.0.1])\n\tby hemlock.osuosl.org (Postfix) with ESMTP id C6B4D88AEE;\n\tThu, 20 Sep 2018 00:43:21 +0000 (UTC)",
            "from hemlock.osuosl.org ([127.0.0.1])\n\tby localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)\n\twith ESMTP id 2FkU6WslN9mB; Thu, 20 Sep 2018 00:43:21 +0000 (UTC)",
            "from ash.osuosl.org (ash.osuosl.org [140.211.166.34])\n\tby hemlock.osuosl.org (Postfix) with ESMTP id 3143E88AF1;\n\tThu, 20 Sep 2018 00:43:21 +0000 (UTC)",
            "from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133])\n\tby ash.osuosl.org (Postfix) with ESMTP id 3ECAF1C08AF\n\tfor <intel-wired-lan@lists.osuosl.org>;\n\tThu, 20 Sep 2018 00:43:14 +0000 (UTC)",
            "from localhost (localhost [127.0.0.1])\n\tby hemlock.osuosl.org (Postfix) with ESMTP id 3CBF388ADB\n\tfor <intel-wired-lan@lists.osuosl.org>;\n\tThu, 20 Sep 2018 00:43:14 +0000 (UTC)",
            "from hemlock.osuosl.org ([127.0.0.1])\n\tby localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)\n\twith ESMTP id WrGJZm5A74Bw for <intel-wired-lan@lists.osuosl.org>;\n\tThu, 20 Sep 2018 00:43:11 +0000 (UTC)",
            "from mga11.intel.com (mga11.intel.com [192.55.52.93])\n\tby hemlock.osuosl.org (Postfix) with ESMTPS id E459F88AE0\n\tfor <intel-wired-lan@lists.osuosl.org>;\n\tThu, 20 Sep 2018 00:43:10 +0000 (UTC)",
            "from orsmga004.jf.intel.com ([10.7.209.38])\n\tby fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;\n\t19 Sep 2018 17:43:10 -0700",
            "from shasta.jf.intel.com ([10.166.241.11])\n\tby orsmga004.jf.intel.com with ESMTP; 19 Sep 2018 17:43:09 -0700"
        ],
        "X-Virus-Scanned": [
            "amavisd-new at osuosl.org",
            "amavisd-new at osuosl.org"
        ],
        "X-Greylist": "domain auto-whitelisted by SQLgrey-1.7.6",
        "X-Amp-Result": "SKIPPED(no attachment in message)",
        "X-Amp-File-Uploaded": "False",
        "X-ExtLoop1": "1",
        "X-IronPort-AV": "E=Sophos;i=\"5.53,396,1531810800\"; d=\"scan'208\";a=\"234371599\"",
        "From": "Anirudh Venkataramanan <anirudh.venkataramanan@intel.com>",
        "To": "intel-wired-lan@lists.osuosl.org",
        "Date": "Wed, 19 Sep 2018 17:43:01 -0700",
        "Message-Id": "<20180920004308.13772-10-anirudh.venkataramanan@intel.com>",
        "X-Mailer": "git-send-email 2.14.3",
        "In-Reply-To": "<20180920004308.13772-1-anirudh.venkataramanan@intel.com>",
        "References": "<20180920004308.13772-1-anirudh.venkataramanan@intel.com>",
        "Subject": "[Intel-wired-lan] [PATCH v2 09/16] ice: Extend malicious operations\n\tdetection logic",
        "X-BeenThere": "intel-wired-lan@osuosl.org",
        "X-Mailman-Version": "2.1.24",
        "Precedence": "list",
        "List-Id": "Intel Wired Ethernet Linux Kernel Driver Development\n\t<intel-wired-lan.osuosl.org>",
        "List-Unsubscribe": "<https://lists.osuosl.org/mailman/options/intel-wired-lan>, \n\t<mailto:intel-wired-lan-request@osuosl.org?subject=unsubscribe>",
        "List-Archive": "<http://lists.osuosl.org/pipermail/intel-wired-lan/>",
        "List-Post": "<mailto:intel-wired-lan@osuosl.org>",
        "List-Help": "<mailto:intel-wired-lan-request@osuosl.org?subject=help>",
        "List-Subscribe": "<https://lists.osuosl.org/mailman/listinfo/intel-wired-lan>, \n\t<mailto:intel-wired-lan-request@osuosl.org?subject=subscribe>",
        "MIME-Version": "1.0",
        "Content-Type": "text/plain; charset=\"us-ascii\"",
        "Content-Transfer-Encoding": "7bit",
        "Errors-To": "intel-wired-lan-bounces@osuosl.org",
        "Sender": "\"Intel-wired-lan\" <intel-wired-lan-bounces@osuosl.org>"
    },
    "content": "This patch extends the existing malicious driver operation detection\nlogic to cover malicious operations by the VF driver as well.\n\nSigned-off-by: Anirudh Venkataramanan <anirudh.venkataramanan@intel.com>\n---\n drivers/net/ethernet/intel/ice/ice_hw_autogen.h  |  8 +++++\n drivers/net/ethernet/intel/ice/ice_main.c        | 46 ++++++++++++++++++++++++\n drivers/net/ethernet/intel/ice/ice_virtchnl_pf.h |  8 +++--\n 3 files changed, 60 insertions(+), 2 deletions(-)",
    "diff": "diff --git a/drivers/net/ethernet/intel/ice/ice_hw_autogen.h b/drivers/net/ethernet/intel/ice/ice_hw_autogen.h\nindex 5a4fa22d0a83..a6679a9bfd3a 100644\n--- a/drivers/net/ethernet/intel/ice/ice_hw_autogen.h\n+++ b/drivers/net/ethernet/intel/ice/ice_hw_autogen.h\n@@ -219,6 +219,14 @@\n #define PF_MDET_TX_PQM_VALID_M\t\t\tBIT(0)\n #define PF_MDET_TX_TCLAN\t\t\t0x000FC000\n #define PF_MDET_TX_TCLAN_VALID_M\t\tBIT(0)\n+#define VP_MDET_RX(_VF)\t\t\t\t(0x00294400 + ((_VF) * 4))\n+#define VP_MDET_RX_VALID_M\t\t\tBIT(0)\n+#define VP_MDET_TX_PQM(_VF)\t\t\t(0x002D2000 + ((_VF) * 4))\n+#define VP_MDET_TX_PQM_VALID_M\t\t\tBIT(0)\n+#define VP_MDET_TX_TCLAN(_VF)\t\t\t(0x000FB800 + ((_VF) * 4))\n+#define VP_MDET_TX_TCLAN_VALID_M\t\tBIT(0)\n+#define VP_MDET_TX_TDPU(_VF)\t\t\t(0x00040000 + ((_VF) * 4))\n+#define VP_MDET_TX_TDPU_VALID_M\t\t\tBIT(0)\n #define GLNVM_FLA\t\t\t\t0x000B6108\n #define GLNVM_FLA_LOCKED_M\t\t\tBIT(6)\n #define GLNVM_GENS\t\t\t\t0x000B6100\ndiff --git a/drivers/net/ethernet/intel/ice/ice_main.c b/drivers/net/ethernet/intel/ice/ice_main.c\nindex 28f6d9f63a18..3e254281da63 100644\n--- a/drivers/net/ethernet/intel/ice/ice_main.c\n+++ b/drivers/net/ethernet/intel/ice/ice_main.c\n@@ -951,6 +951,7 @@ static void ice_handle_mdd_event(struct ice_pf *pf)\n \tstruct ice_hw *hw = &pf->hw;\n \tbool mdd_detected = false;\n \tu32 reg;\n+\tint i;\n \n \tif (!test_bit(__ICE_MDD_EVENT_PENDING, pf->state))\n \t\treturn;\n@@ -1040,6 +1041,51 @@ static void ice_handle_mdd_event(struct ice_pf *pf)\n \t\t}\n \t}\n \n+\t/* see if one of the VFs needs to be reset */\n+\tfor (i = 0; i < pf->num_alloc_vfs && mdd_detected; i++) {\n+\t\tstruct ice_vf *vf = &pf->vf[i];\n+\n+\t\treg = rd32(hw, VP_MDET_TX_PQM(i));\n+\t\tif (reg & VP_MDET_TX_PQM_VALID_M) {\n+\t\t\twr32(hw, VP_MDET_TX_PQM(i), 0xFFFF);\n+\t\t\tvf->num_mdd_events++;\n+\t\t\tdev_info(&pf->pdev->dev, \"TX driver issue detected on VF %d\\n\",\n+\t\t\t\t i);\n+\t\t}\n+\n+\t\treg = rd32(hw, VP_MDET_TX_TCLAN(i));\n+\t\tif (reg & VP_MDET_TX_TCLAN_VALID_M) {\n+\t\t\twr32(hw, VP_MDET_TX_TCLAN(i), 0xFFFF);\n+\t\t\tvf->num_mdd_events++;\n+\t\t\tdev_info(&pf->pdev->dev, \"TX driver issue detected on VF %d\\n\",\n+\t\t\t\t i);\n+\t\t}\n+\n+\t\treg = rd32(hw, VP_MDET_TX_TDPU(i));\n+\t\tif (reg & VP_MDET_TX_TDPU_VALID_M) {\n+\t\t\twr32(hw, VP_MDET_TX_TDPU(i), 0xFFFF);\n+\t\t\tvf->num_mdd_events++;\n+\t\t\tdev_info(&pf->pdev->dev, \"TX driver issue detected on VF %d\\n\",\n+\t\t\t\t i);\n+\t\t}\n+\n+\t\treg = rd32(hw, VP_MDET_RX(i));\n+\t\tif (reg & VP_MDET_RX_VALID_M) {\n+\t\t\twr32(hw, VP_MDET_RX(i), 0xFFFF);\n+\t\t\tvf->num_mdd_events++;\n+\t\t\tdev_info(&pf->pdev->dev, \"RX driver issue detected on VF %d\\n\",\n+\t\t\t\t i);\n+\t\t}\n+\n+\t\tif (vf->num_mdd_events > ICE_DFLT_NUM_MDD_EVENTS_ALLOWED) {\n+\t\t\tdev_info(&pf->pdev->dev,\n+\t\t\t\t \"Too many MDD events on VF %d, disabled\\n\", i);\n+\t\t\tdev_info(&pf->pdev->dev,\n+\t\t\t\t \"Use PF Control I/F to re-enable the VF\\n\");\n+\t\t\tset_bit(ICE_VF_STATE_DIS, vf->vf_states);\n+\t\t}\n+\t}\n+\n \t/* re-enable MDD interrupt cause */\n \tclear_bit(__ICE_MDD_EVENT_PENDING, pf->state);\n \treg = rd32(hw, PFINT_OICR_ENA);\ndiff --git a/drivers/net/ethernet/intel/ice/ice_virtchnl_pf.h b/drivers/net/ethernet/intel/ice/ice_virtchnl_pf.h\nindex 94295fb779df..11a35cb990e2 100644\n--- a/drivers/net/ethernet/intel/ice/ice_virtchnl_pf.h\n+++ b/drivers/net/ethernet/intel/ice/ice_virtchnl_pf.h\n@@ -9,10 +9,13 @@\n #define ICE_VLAN_PRIORITY_S\t\t12\n #define ICE_VLAN_M\t\t\t0xFFF\n #define ICE_PRIORITY_M\t\t\t0x7000\n-#define ICE_MAX_VLAN_PER_VF\t\t8 /* restriction for non-trusted VF */\n \n-/* Restrict number of MACs a non-trusted VF can program */\n+/* Restrict number of MAC Addr and VLAN that non-trusted VF can programmed */\n+#define ICE_MAX_VLAN_PER_VF\t\t8\n #define ICE_MAX_MACADDR_PER_VF\t\t12\n+\n+/* Malicious Driver Detection */\n+#define ICE_DFLT_NUM_MDD_EVENTS_ALLOWED\t\t3\n #define ICE_DFLT_NUM_INVAL_MSGS_ALLOWED\t\t10\n \n /* Static VF transaction/status register def */\n@@ -56,6 +59,7 @@ struct ice_vf {\n \tu8 trusted;\n \tu16 lan_vsi_idx;\t\t/* index into PF struct */\n \tu16 lan_vsi_num;\t\t/* ID as used by firmware */\n+\tu64 num_mdd_events;\t\t/* number of mdd events detected */\n \tu64 num_inval_msgs;\t\t/* number of continuous invalid msgs */\n \tu64 num_valid_msgs;\t\t/* number of valid msgs detected */\n \tunsigned long vf_caps;\t\t/* vf's adv. capabilities */\n",
    "prefixes": [
        "v2",
        "09/16"
    ]
}