From mboxrd@z Thu Jan 1 00:00:00 1970 From: Rasesh Mody Subject: [PATCH 27/53] net/qede/base: prevent stop vport assert by malicious VF Date: Mon, 18 Sep 2017 18:30:07 -0700 Message-ID: <1505784633-1171-28-git-send-email-rasesh.mody@cavium.com> References: <1505784633-1171-1-git-send-email-rasesh.mody@cavium.com> Mime-Version: 1.0 Content-Type: text/plain Cc: Rasesh Mody , Dept-EngDPDKDev@cavium.com To: dev@dpdk.org, ferruh.yigit@intel.com Return-path: Received: from NAM02-CY1-obe.outbound.protection.outlook.com (mail-cys01nam02on0055.outbound.protection.outlook.com [104.47.37.55]) by dpdk.org (Postfix) with ESMTP id 64E611B1B0 for ; Tue, 19 Sep 2017 03:31:27 +0200 (CEST) In-Reply-To: <1505784633-1171-1-git-send-email-rasesh.mody@cavium.com> List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" PF checks upon stop-vport from VF whether it's legal, but if it's not it would STILL send the request to FW, which might cause it to assert. Signed-off-by: Rasesh Mody --- drivers/net/qede/base/ecore_sriov.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/net/qede/base/ecore_sriov.c b/drivers/net/qede/base/ecore_sriov.c index a70ca30..792cf75 100644 --- a/drivers/net/qede/base/ecore_sriov.c +++ b/drivers/net/qede/base/ecore_sriov.c @@ -2121,6 +2121,8 @@ static void ecore_iov_vf_mbx_stop_vport(struct ecore_hwfn *p_hwfn, "VF [%02x] - considered malicious;" " Unable to stop RX/TX queuess\n", vf->abs_vf_id); + status = PFVF_STATUS_MALICIOUS; + goto out; } rc = ecore_sp_vport_stop(p_hwfn, vf->opaque_fid, vf->vport_id); @@ -2134,6 +2136,7 @@ static void ecore_iov_vf_mbx_stop_vport(struct ecore_hwfn *p_hwfn, vf->configured_features = 0; OSAL_MEMSET(&vf->shadow_config, 0, sizeof(vf->shadow_config)); +out: ecore_iov_prepare_resp(p_hwfn, p_ptt, vf, CHANNEL_TLV_VPORT_TEARDOWN, sizeof(struct pfvf_def_resp_tlv), status); } -- 1.7.10.3