diff mbox series

[intel-next,09/14] ice: always report VF overflowing mailbox even without PF VSI

Message ID 20230222170920.1629293-10-jacob.e.keller@intel.com
State Accepted
Delegated to: Anthony Nguyen
Headers show
Series ice: refactor mailbox overflow detection | expand

Commit Message

Jacob Keller Feb. 22, 2023, 5:09 p.m. UTC 
In ice_is_malicious_vf we report a message warning the system administrator
when a VF is potentially spamming the PF with asynchronous messages that
could overflow the PF mailbox.

The specific message was requested by our customer support team to include
the VF and PF MAC address. In some cases we may not be able to locate the
PF VSI to obtain the MAC address for the PF. The current implementation
discards the message entirely in this case. Fix this to instead print a
zero address in that case so that we always print something here. Note that
dev_warn will also include the PCI device information allowing another
mechanism for determining on which PF the potentially malicious VF belongs.

Signed-off-by: Jacob Keller <jacob.e.keller@intel.com>
Reviewed-by: Michal Swiatkowski <michal.swiatkowski@linux.intel.com>
---
 drivers/net/ethernet/intel/ice/ice_sriov.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

Comments

Szlosek, Marek March 10, 2023, 1:17 p.m. UTC | #1 
> -----Original Message-----
> From: Intel-wired-lan <intel-wired-lan-bounces@osuosl.org> On Behalf Of
> Jacob Keller
> Sent: środa, 22 lutego 2023 18:09
> To: Intel Wired LAN <intel-wired-lan@lists.osuosl.org>
> Cc: Nguyen, Anthony L <anthony.l.nguyen@intel.com>; Brandeburg, Jesse
> <jesse.brandeburg@intel.com>
> Subject: [Intel-wired-lan] [intel-next PATCH 09/14] ice: always report VF
> overflowing mailbox even without PF VSI
> 
> In ice_is_malicious_vf we report a message warning the system
> administrator when a VF is potentially spamming the PF with asynchronous
> messages that could overflow the PF mailbox.
> 
> The specific message was requested by our customer support team to
> include the VF and PF MAC address. In some cases we may not be able to
> locate the PF VSI to obtain the MAC address for the PF. The current
> implementation discards the message entirely in this case. Fix this to instead
> print a zero address in that case so that we always print something here.
> Note that dev_warn will also include the PCI device information allowing
> another mechanism for determining on which PF the potentially malicious VF
> belongs.
> 
> Signed-off-by: Jacob Keller <jacob.e.keller@intel.com>
> Reviewed-by: Michal Swiatkowski <michal.swiatkowski@linux.intel.com>
> ---
>  drivers/net/ethernet/intel/ice/ice_sriov.c | 8 ++++----
>  1 file changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/drivers/net/ethernet/intel/ice/ice_sriov.c
> b/drivers/net/ethernet/intel/ice/ice_sriov.c
> index 6764e677a345..185673afb781 100644
> --- a/drivers/net/ethernet/intel/ice/ice_sriov.c
> +++ b/drivers/net/ethernet/intel/ice/ice_sriov.c

Tested-by: Marek Szlosek <marek.szlosek@intel.com>
diff mbox series

Patch

diff --git a/drivers/net/ethernet/intel/ice/ice_sriov.c b/drivers/net/ethernet/intel/ice/ice_sriov.c
index 6764e677a345..185673afb781 100644
--- a/drivers/net/ethernet/intel/ice/ice_sriov.c
+++ b/drivers/net/ethernet/intel/ice/ice_sriov.c
@@ -1817,11 +1817,11 @@  ice_is_malicious_vf(struct ice_pf *pf, struct ice_rq_event_info *event,
 
 	if (report_malvf) {
 		struct ice_vsi *pf_vsi = ice_get_main_vsi(pf);
+		u8 zero_addr[ETH_ALEN] = {};
 
-		if (pf_vsi)
-			dev_warn(dev, "VF MAC %pM on PF MAC %pM is generating asynchronous messages and may be overflowing the PF message queue. Please see the Adapter User Guide for more information\n",
-					&vf->dev_lan_addr[0],
-					pf_vsi->netdev->dev_addr);
+		dev_warn(dev, "VF MAC %pM on PF MAC %pM is generating asynchronous messages and may be overflowing the PF message queue. Please see the Adapter User Guide for more information\n",
+			 &vf->dev_lan_addr[0],
+			 pf_vsi ? pf_vsi->netdev->dev_addr : zero_addr);
 	}
 
 out_put_vf: