mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2024-12-27 21:14:44 +08:00
0891c89674
Attempt to detect malicious VFs and, if suspected, log the information but keep going to allow the user to take any desired actions. Potentially malicious VFs are identified by checking if the VFs are transmitting too many messages via the PF-VF mailbox which could cause an overflow of this channel resulting in denial of service. This is done by creating a snapshot or static capture of the mailbox buffer which can be traversed and in which the messages sent by VFs are tracked. Co-developed-by: Yashaswini Raghuram Prathivadi Bhayankaram <yashaswini.raghuram.prathivadi.bhayankaram@intel.com> Signed-off-by: Yashaswini Raghuram Prathivadi Bhayankaram <yashaswini.raghuram.prathivadi.bhayankaram@intel.com> Co-developed-by: Paul M Stillwell Jr <paul.m.stillwell.jr@intel.com> Signed-off-by: Paul M Stillwell Jr <paul.m.stillwell.jr@intel.com> Co-developed-by: Brett Creeley <brett.creeley@intel.com> Signed-off-by: Brett Creeley <brett.creeley@intel.com> Signed-off-by: Vignesh Sridhar <vignesh.sridhar@intel.com> Tested-by: Konrad Jankowski <konrad0.jankowski@intel.com> Signed-off-by: Tony Nguyen <anthony.l.nguyen@intel.com>
53 lines
1.7 KiB
C
53 lines
1.7 KiB
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
/* Copyright (c) 2018, Intel Corporation. */
|
|
|
|
#ifndef _ICE_SRIOV_H_
|
|
#define _ICE_SRIOV_H_
|
|
|
|
#include "ice_type.h"
|
|
#include "ice_controlq.h"
|
|
|
|
/* Defining the mailbox message threshold as 63 asynchronous
|
|
* pending messages. Normal VF functionality does not require
|
|
* sending more than 63 asynchronous pending message.
|
|
*/
|
|
#define ICE_ASYNC_VF_MSG_THRESHOLD 63
|
|
|
|
#ifdef CONFIG_PCI_IOV
|
|
enum ice_status
|
|
ice_aq_send_msg_to_vf(struct ice_hw *hw, u16 vfid, u32 v_opcode, u32 v_retval,
|
|
u8 *msg, u16 msglen, struct ice_sq_cd *cd);
|
|
|
|
u32 ice_conv_link_speed_to_virtchnl(bool adv_link_support, u16 link_speed);
|
|
enum ice_status
|
|
ice_mbx_vf_state_handler(struct ice_hw *hw, struct ice_mbx_data *mbx_data,
|
|
u16 vf_id, bool *is_mal_vf);
|
|
enum ice_status
|
|
ice_mbx_clear_malvf(struct ice_mbx_snapshot *snap, unsigned long *all_malvfs,
|
|
u16 bitmap_len, u16 vf_id);
|
|
enum ice_status ice_mbx_init_snapshot(struct ice_hw *hw, u16 vf_count);
|
|
void ice_mbx_deinit_snapshot(struct ice_hw *hw);
|
|
enum ice_status
|
|
ice_mbx_report_malvf(struct ice_hw *hw, unsigned long *all_malvfs,
|
|
u16 bitmap_len, u16 vf_id, bool *report_malvf);
|
|
#else /* CONFIG_PCI_IOV */
|
|
static inline enum ice_status
|
|
ice_aq_send_msg_to_vf(struct ice_hw __always_unused *hw,
|
|
u16 __always_unused vfid, u32 __always_unused v_opcode,
|
|
u32 __always_unused v_retval, u8 __always_unused *msg,
|
|
u16 __always_unused msglen,
|
|
struct ice_sq_cd __always_unused *cd)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
static inline u32
|
|
ice_conv_link_speed_to_virtchnl(bool __always_unused adv_link_support,
|
|
u16 __always_unused link_speed)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
#endif /* CONFIG_PCI_IOV */
|
|
#endif /* _ICE_SRIOV_H_ */
|