Commit 07cc1a94 authored by Jacob Keller's avatar Jacob Keller Committed by Tony Nguyen

ice: merge ice_mbx_report_malvf with ice_mbx_vf_state_handler

The ice_mbx_report_malvf function is used to update the
ice_mbx_vf_info.malicious member after we detect a malicious VF. This is
done by calling ice_mbx_report_malvf after ice_mbx_vf_state_handler sets
its "is_malvf" return parameter true.

Instead of requiring two steps, directly update the malicious bit in the
state handler, and remove the need for separately calling
ice_mbx_report_malvf.
Signed-off-by: default avatarJacob Keller <jacob.e.keller@intel.com>
Reviewed-by: default avatarMichal Swiatkowski <michal.swiatkowski@linux.intel.com>
Tested-by: default avatarMarek Szlosek <marek.szlosek@intel.com>
Signed-off-by: default avatarTony Nguyen <anthony.l.nguyen@intel.com>
parent 4bdf5f25
...@@ -1794,7 +1794,7 @@ ice_is_malicious_vf(struct ice_pf *pf, struct ice_rq_event_info *event, ...@@ -1794,7 +1794,7 @@ ice_is_malicious_vf(struct ice_pf *pf, struct ice_rq_event_info *event,
s16 vf_id = le16_to_cpu(event->desc.retval); s16 vf_id = le16_to_cpu(event->desc.retval);
struct device *dev = ice_pf_to_dev(pf); struct device *dev = ice_pf_to_dev(pf);
struct ice_mbx_data mbxdata; struct ice_mbx_data mbxdata;
bool malvf = false; bool report_malvf = false;
struct ice_vf *vf; struct ice_vf *vf;
int status; int status;
...@@ -1811,23 +1811,13 @@ ice_is_malicious_vf(struct ice_pf *pf, struct ice_rq_event_info *event, ...@@ -1811,23 +1811,13 @@ ice_is_malicious_vf(struct ice_pf *pf, struct ice_rq_event_info *event,
#define ICE_MBX_OVERFLOW_WATERMARK 64 #define ICE_MBX_OVERFLOW_WATERMARK 64
mbxdata.async_watermark_val = ICE_MBX_OVERFLOW_WATERMARK; mbxdata.async_watermark_val = ICE_MBX_OVERFLOW_WATERMARK;
/* check to see if we have a malicious VF */ /* check to see if we have a newly malicious VF */
status = ice_mbx_vf_state_handler(&pf->hw, &mbxdata, &vf->mbx_info, &malvf); status = ice_mbx_vf_state_handler(&pf->hw, &mbxdata, &vf->mbx_info,
&report_malvf);
if (status) if (status)
goto out_put_vf; goto out_put_vf;
if (malvf) { if (report_malvf) {
bool report_vf = false;
/* if the VF is malicious and we haven't let the user
* know about it, then let them know now
*/
status = ice_mbx_report_malvf(&pf->hw, &vf->mbx_info,
&report_vf);
if (status)
dev_dbg(dev, "Error reporting malicious VF\n");
if (report_vf) {
struct ice_vsi *pf_vsi = ice_get_main_vsi(pf); struct ice_vsi *pf_vsi = ice_get_main_vsi(pf);
if (pf_vsi) if (pf_vsi)
...@@ -1835,9 +1825,9 @@ ice_is_malicious_vf(struct ice_pf *pf, struct ice_rq_event_info *event, ...@@ -1835,9 +1825,9 @@ ice_is_malicious_vf(struct ice_pf *pf, struct ice_rq_event_info *event,
&vf->dev_lan_addr[0], &vf->dev_lan_addr[0],
pf_vsi->netdev->dev_addr); pf_vsi->netdev->dev_addr);
} }
}
out_put_vf: out_put_vf:
ice_put_vf(vf); ice_put_vf(vf);
return malvf;
return vf->mbx_info.malicious;
} }
...@@ -215,7 +215,7 @@ ice_mbx_detect_malvf(struct ice_hw *hw, struct ice_mbx_vf_info *vf_info, ...@@ -215,7 +215,7 @@ ice_mbx_detect_malvf(struct ice_hw *hw, struct ice_mbx_vf_info *vf_info,
* @hw: pointer to the HW struct * @hw: pointer to the HW struct
* @mbx_data: pointer to structure containing mailbox data * @mbx_data: pointer to structure containing mailbox data
* @vf_info: mailbox tracking structure for the VF in question * @vf_info: mailbox tracking structure for the VF in question
* @is_malvf: boolean output to indicate if VF is malicious * @report_malvf: boolean output to indicate whether VF should be reported
* *
* The function serves as an entry point for the malicious VF * The function serves as an entry point for the malicious VF
* detection algorithm by handling the different states and state * detection algorithm by handling the different states and state
...@@ -234,25 +234,24 @@ ice_mbx_detect_malvf(struct ice_hw *hw, struct ice_mbx_vf_info *vf_info, ...@@ -234,25 +234,24 @@ ice_mbx_detect_malvf(struct ice_hw *hw, struct ice_mbx_vf_info *vf_info,
* the static snapshot and look for a malicious VF. * the static snapshot and look for a malicious VF.
*/ */
int int
ice_mbx_vf_state_handler(struct ice_hw *hw, ice_mbx_vf_state_handler(struct ice_hw *hw, struct ice_mbx_data *mbx_data,
struct ice_mbx_data *mbx_data, struct ice_mbx_vf_info *vf_info, bool *report_malvf)
struct ice_mbx_vf_info *vf_info,
bool *is_malvf)
{ {
struct ice_mbx_snapshot *snap = &hw->mbx_snapshot; struct ice_mbx_snapshot *snap = &hw->mbx_snapshot;
struct ice_mbx_snap_buffer_data *snap_buf; struct ice_mbx_snap_buffer_data *snap_buf;
struct ice_ctl_q_info *cq = &hw->mailboxq; struct ice_ctl_q_info *cq = &hw->mailboxq;
enum ice_mbx_snapshot_state new_state; enum ice_mbx_snapshot_state new_state;
bool is_malvf = false;
int status = 0; int status = 0;
if (!is_malvf || !mbx_data) if (!report_malvf || !mbx_data || !vf_info)
return -EINVAL; return -EINVAL;
*report_malvf = false;
/* When entering the mailbox state machine assume that the VF /* When entering the mailbox state machine assume that the VF
* is not malicious until detected. * is not malicious until detected.
*/ */
*is_malvf = false;
/* Checking if max messages allowed to be processed while servicing current /* Checking if max messages allowed to be processed while servicing current
* interrupt is not less than the defined AVF message threshold. * interrupt is not less than the defined AVF message threshold.
*/ */
...@@ -301,8 +300,7 @@ ice_mbx_vf_state_handler(struct ice_hw *hw, ...@@ -301,8 +300,7 @@ ice_mbx_vf_state_handler(struct ice_hw *hw,
if (snap_buf->num_pending_arq >= if (snap_buf->num_pending_arq >=
mbx_data->async_watermark_val) { mbx_data->async_watermark_val) {
new_state = ICE_MAL_VF_DETECT_STATE_DETECT; new_state = ICE_MAL_VF_DETECT_STATE_DETECT;
status = ice_mbx_detect_malvf(hw, vf_info, &new_state, status = ice_mbx_detect_malvf(hw, vf_info, &new_state, &is_malvf);
is_malvf);
} else { } else {
new_state = ICE_MAL_VF_DETECT_STATE_TRAVERSE; new_state = ICE_MAL_VF_DETECT_STATE_TRAVERSE;
ice_mbx_traverse(hw, &new_state); ice_mbx_traverse(hw, &new_state);
...@@ -316,8 +314,7 @@ ice_mbx_vf_state_handler(struct ice_hw *hw, ...@@ -316,8 +314,7 @@ ice_mbx_vf_state_handler(struct ice_hw *hw,
case ICE_MAL_VF_DETECT_STATE_DETECT: case ICE_MAL_VF_DETECT_STATE_DETECT:
new_state = ICE_MAL_VF_DETECT_STATE_DETECT; new_state = ICE_MAL_VF_DETECT_STATE_DETECT;
status = ice_mbx_detect_malvf(hw, vf_info, &new_state, status = ice_mbx_detect_malvf(hw, vf_info, &new_state, &is_malvf);
is_malvf);
break; break;
default: default:
...@@ -327,31 +324,13 @@ ice_mbx_vf_state_handler(struct ice_hw *hw, ...@@ -327,31 +324,13 @@ ice_mbx_vf_state_handler(struct ice_hw *hw,
snap_buf->state = new_state; snap_buf->state = new_state;
return status; /* Only report VFs as malicious the first time we detect it */
} if (is_malvf && !vf_info->malicious) {
/**
* ice_mbx_report_malvf - Track and note malicious VF
* @hw: pointer to the HW struct
* @vf_info: the mailbox tracking info structure for a VF
* @report_malvf: boolean to indicate if malicious VF must be reported
*
* This function updates the malicious indicator bit in the VF mailbox
* tracking structure. A malicious VF must be reported only once if discovered
* between VF resets or loading so the function first checks if the VF has
* already been detected in any previous mailbox iterations.
*/
int
ice_mbx_report_malvf(struct ice_hw *hw, struct ice_mbx_vf_info *vf_info,
bool *report_malvf)
{
if (!report_malvf)
return -EINVAL;
*report_malvf = !vf_info->malicious;
vf_info->malicious = 1; vf_info->malicious = 1;
*report_malvf = true;
}
return 0; return status;
} }
/** /**
......
...@@ -21,13 +21,10 @@ ice_aq_send_msg_to_vf(struct ice_hw *hw, u16 vfid, u32 v_opcode, u32 v_retval, ...@@ -21,13 +21,10 @@ ice_aq_send_msg_to_vf(struct ice_hw *hw, u16 vfid, u32 v_opcode, u32 v_retval,
u32 ice_conv_link_speed_to_virtchnl(bool adv_link_support, u16 link_speed); u32 ice_conv_link_speed_to_virtchnl(bool adv_link_support, u16 link_speed);
int int
ice_mbx_vf_state_handler(struct ice_hw *hw, struct ice_mbx_data *mbx_data, ice_mbx_vf_state_handler(struct ice_hw *hw, struct ice_mbx_data *mbx_data,
struct ice_mbx_vf_info *vf_info, bool *is_mal_vf); struct ice_mbx_vf_info *vf_info, bool *report_malvf);
void ice_mbx_clear_malvf(struct ice_mbx_vf_info *vf_info); void ice_mbx_clear_malvf(struct ice_mbx_vf_info *vf_info);
void ice_mbx_init_vf_info(struct ice_hw *hw, struct ice_mbx_vf_info *vf_info); void ice_mbx_init_vf_info(struct ice_hw *hw, struct ice_mbx_vf_info *vf_info);
void ice_mbx_init_snapshot(struct ice_hw *hw); void ice_mbx_init_snapshot(struct ice_hw *hw);
int
ice_mbx_report_malvf(struct ice_hw *hw, struct ice_mbx_vf_info *vf_info,
bool *report_malvf);
#else /* CONFIG_PCI_IOV */ #else /* CONFIG_PCI_IOV */
static inline int static inline int
ice_aq_send_msg_to_vf(struct ice_hw __always_unused *hw, ice_aq_send_msg_to_vf(struct ice_hw __always_unused *hw,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment