• Yuval Mintz's avatar
    qed: Handle malicious VFs events · 7eff82b0
    Yuval Mintz authored
    Malicious VFs might be caught in several different methods:
      - Misusing their bar permission and being blocked by hardware.
      - Misusing their fastpath logic and being blocked by firmware.
      - Misusing their interaction with their PF via hw-channel,
        and being blocked by PF driver.
    
    On the first two items, firmware would indicate to driver that
    the VF is to be considered malicious, but would sometime still
    allow the VF to communicate with the PF [depending on the exact
    nature of the malicious activity done by the VF].
    The current existing logic on the PF side lacks handling of such events,
    and might allow the PF to perform some incorrect configuration on behalf
    of a VF that was previously indicated as malicious.
    
    The new scheme is simple -
    Once the PF determines a VF is malicious it would:
     a. Ignore any further requests on behalf of the VF-driver.
     b. Prevent any configurations initiated by the hyperuser for
        the malicious VF, as firmware isn't willing to serve such.
    
    The malicious indication would be cleared upon the VF flr,
    after which it would become usable once again.
    Signed-off-by: default avatarYuval Mintz <Yuval.Mintz@caviumnetworks.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    7eff82b0
qed_sriov.h 9.38 KB