lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sun, 11 Feb 2024 18:46:40 +0000
From: Subbaraya Sundeep Bhatta <sbhatta@...vell.com>
To: Subbaraya Sundeep Bhatta <sbhatta@...vell.com>,
        "netdev@...r.kernel.org"
	<netdev@...r.kernel.org>,
        "linux-kernel@...r.kernel.org"
	<linux-kernel@...r.kernel.org>
CC: "davem@...emloft.net" <davem@...emloft.net>,
        "edumazet@...gle.com"
	<edumazet@...gle.com>,
        "kuba@...nel.org" <kuba@...nel.org>,
        "pabeni@...hat.com" <pabeni@...hat.com>,
        Sunil Kovvuri Goutham
	<sgoutham@...vell.com>,
        Linu Cherian <lcherian@...vell.com>,
        Geethasowjanya
 Akula <gakula@...vell.com>,
        Hariprasad Kelam <hkelam@...vell.com>,
        Naveen
 Mamindlapalli <naveenm@...vell.com>,
        "horms@...nel.org" <horms@...nel.org>
Subject: RE: [PATCH 1/2] octeontx2-af: Remove the PF_FUNC validation for NPC
 transmit rules

Hi,

Please ignore this patch. My bad this is single patch but sent as 1/2.

Thanks,
Sundeep

>-----Original Message-----
>From: Subbaraya Sundeep <sbhatta@...vell.com>
>Sent: Monday, February 12, 2024 12:06 AM
>To: netdev@...r.kernel.org; linux-kernel@...r.kernel.org
>Cc: davem@...emloft.net; edumazet@...gle.com; kuba@...nel.org;
>pabeni@...hat.com; Sunil Kovvuri Goutham <sgoutham@...vell.com>; Linu
>Cherian <lcherian@...vell.com>; Geethasowjanya Akula <gakula@...vell.com>;
>Hariprasad Kelam <hkelam@...vell.com>; Naveen Mamindlapalli
><naveenm@...vell.com>; horms@...nel.org; Subbaraya Sundeep Bhatta
><sbhatta@...vell.com>
>Subject: [PATCH 1/2] octeontx2-af: Remove the PF_FUNC validation for NPC
>transmit rules
>
>NPC transmit side mcam rules can use the pcifunc of transmitting
>device for mcam lookup. The commit 18603683d766 ("octeontx2-af: Remove
>channel verification while installing MCAM rules") removed the receive
>side channel verification to save hardware MCAM filters while switching
>packets across interfaces but missed removing transmit side checks.
>This patch removes transmit side rules validation.
>
>Fixes: 18603683d766 ("octeontx2-af: Remove channel verification while installing
>MCAM rules")
>Signed-off-by: Subbaraya Sundeep <sbhatta@...vell.com>
>---
> .../net/ethernet/marvell/octeontx2/af/rvu_npc.c    | 32 ----------------------
> 1 file changed, 32 deletions(-)
>
>diff --git a/drivers/net/ethernet/marvell/octeontx2/af/rvu_npc.c
>b/drivers/net/ethernet/marvell/octeontx2/af/rvu_npc.c
>index 8cfd74a..e5d6156 100644
>--- a/drivers/net/ethernet/marvell/octeontx2/af/rvu_npc.c
>+++ b/drivers/net/ethernet/marvell/octeontx2/af/rvu_npc.c
>@@ -61,28 +61,6 @@ int rvu_npc_get_tx_nibble_cfg(struct rvu *rvu, u64
>nibble_ena)
> 	return 0;
> }
>
>-static int npc_mcam_verify_pf_func(struct rvu *rvu,
>-				   struct mcam_entry *entry_data, u8 intf,
>-				   u16 pcifunc)
>-{
>-	u16 pf_func, pf_func_mask;
>-
>-	if (is_npc_intf_rx(intf))
>-		return 0;
>-
>-	pf_func_mask = (entry_data->kw_mask[0] >> 32) &
>-		NPC_KEX_PF_FUNC_MASK;
>-	pf_func = (entry_data->kw[0] >> 32) & NPC_KEX_PF_FUNC_MASK;
>-
>-	pf_func = be16_to_cpu((__force __be16)pf_func);
>-	if (pf_func_mask != NPC_KEX_PF_FUNC_MASK ||
>-	    ((pf_func & ~RVU_PFVF_FUNC_MASK) !=
>-	     (pcifunc & ~RVU_PFVF_FUNC_MASK)))
>-		return -EINVAL;
>-
>-	return 0;
>-}
>-
> void rvu_npc_set_pkind(struct rvu *rvu, int pkind, struct rvu_pfvf *pfvf)
> {
> 	int blkaddr;
>@@ -2851,12 +2829,6 @@ int rvu_mbox_handler_npc_mcam_write_entry(struct
>rvu *rvu,
> 	else
> 		nix_intf = pfvf->nix_rx_intf;
>
>-	if (!is_pffunc_af(pcifunc) &&
>-	    npc_mcam_verify_pf_func(rvu, &req->entry_data, req->intf, pcifunc)) {
>-		rc = NPC_MCAM_INVALID_REQ;
>-		goto exit;
>-	}
>-
> 	/* For AF installed rules, the nix_intf should be set to target NIX */
> 	if (is_pffunc_af(req->hdr.pcifunc))
> 		nix_intf = req->intf;
>@@ -3208,10 +3180,6 @@ int
>rvu_mbox_handler_npc_mcam_alloc_and_write_entry(struct rvu *rvu,
> 	if (!is_npc_interface_valid(rvu, req->intf))
> 		return NPC_MCAM_INVALID_REQ;
>
>-	if (npc_mcam_verify_pf_func(rvu, &req->entry_data, req->intf,
>-				    req->hdr.pcifunc))
>-		return NPC_MCAM_INVALID_REQ;
>-
> 	/* Try to allocate a MCAM entry */
> 	entry_req.hdr.pcifunc = req->hdr.pcifunc;
> 	entry_req.contig = true;
>--
>2.7.4

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ