www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Yuval Mintz <Yuval.Mintz@caviumnetworks.com>
	Fri, 14 Oct 2016 09:19:22 +0000 (05:19 -0400)
committer	Chuck Anderson <chuck.anderson@oracle.com>
	Mon, 6 Mar 2017 04:59:59 +0000 (20:59 -0800)
commit	84920e30595dc43a8f16b7d512d53fd1ef99c40c
tree	04ae2be20d5f1d1c14aee6ab0a987771b76005bd	tree
parent	cee0c83a13b20733a943731daa3bbaf802a4c3c6	commit \| diff

qed: Handle malicious VFs events

Orabug: 25477939

Malicious VFs might be caught in several different methods:
  - Misusing their bar permission and being blocked by hardware.
  - Misusing their fastpath logic and being blocked by firmware.
  - Misusing their interaction with their PF via hw-channel,
    and being blocked by PF driver.

On the first two items, firmware would indicate to driver that
the VF is to be considered malicious, but would sometime still
allow the VF to communicate with the PF [depending on the exact
nature of the malicious activity done by the VF].
The current existing logic on the PF side lacks handling of such events,
and might allow the PF to perform some incorrect configuration on behalf
of a VF that was previously indicated as malicious.

The new scheme is simple -
Once the PF determines a VF is malicious it would:
a. Ignore any further requests on behalf of the VF-driver.
b. Prevent any configurations initiated by the hyperuser for
    the malicious VF, as firmware isn't willing to serve such.

The malicious indication would be cleared upon the VF flr,
after which it would become usable once again.

Signed-off-by: Yuval Mintz <Yuval.Mintz@caviumnetworks.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
(cherry picked from commit 7eff82b0fc26937d23e59d3de8a1930b25d4738c)
Signed-off-by: Brian Maly <brian.maly@oracle.com>

drivers/net/ethernet/qlogic/qed/qed_sriov.c		diff \| blob \| history
drivers/net/ethernet/qlogic/qed/qed_sriov.h		diff \| blob \| history
drivers/net/ethernet/qlogic/qed/qed_vf.h		diff \| blob \| history