| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250204115111.1652453-1-larysa.zaremba@intel.com> Date: Tue, 4 Feb 2025 12:50:50 +0100 From: Larysa Zaremba <larysa.zaremba@...el.com> To: Tony Nguyen <anthony.l.nguyen@...el.com>, intel-wired-lan@...ts.osuosl.org Cc: Larysa Zaremba <larysa.zaremba@...el.com>, Przemek Kitszel <przemyslaw.kitszel@...el.com>, Andrew Lunn <andrew+netdev@...n.ch>, "David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, netdev@...r.kernel.org, linux-kernel@...r.kernel.org, Michal Swiatkowski <michal.swiatkowski@...ux.intel.com>, Mateusz Pacuszka <mateuszx.pacuszka@...el.com> Subject: [PATCH iwl-next v2 0/6] ice: LLDP support for VFs Allow to: * receive LLDP packets on a VF in legacy mode * receive LLDP packets on a VF in switchdev mode * transmit LLDP from a VF in switchdev mode Many VSIs can receive LLDP packets, but only one VSI per port can transmit LLDP, therefore LLDP TX from VF requires adding an egress drop rule to the PF, this is implemented in these series too. There are no patches that explicitly address LLDP RX in switchdev mode, because it just works after adding support in legacy mode. Usage To receive LLDP packets on VF in legacy mode: On host: ip link set dev <pf_ifname> vf <n> trust on On VM: service lldpd restart To receive LLDP packets on VF in switchdev mode (host config): tc qdisc add dev <pf_ifname> clsact tc filter add dev <pf_ifname> protocol lldp ingress \\ flower skip_sw action mirred egress mirror dev <repr_ifname> To transmit LLDP packets from VF (host config): tc qdisc add dev <pf_ifname> clsact tc qdisc add dev <repr_ifname> clsact tc filter add dev <pf_ifname> egress protocol lldp \\ flower skip_sw action drop tc filter add dev <repr_ifname> ingress protocol lldp \\ flower skip_sw action mirred egress redirect dev <pf_ifname> For all abovementioned functionalities to work, private flag fw-lldp-agent must be off. v1->v2: * get rid of sysfs control * require switchdev for VF LLDP Tx * in legacy mode, for VF LLDP Rx rely on configured MAC addresses Larysa Zaremba (4): ice: do not add LLDP-specific filter if not necessary ice: remove headers argument from ice_tc_count_lkups ice: support egress drop rules on PF ice: enable LLDP TX for VFs through tc Mateusz Pacuszka (2): ice: fix check for existing switch rule ice: receive LLDP on trusted VFs drivers/net/ethernet/intel/ice/ice.h | 1 + drivers/net/ethernet/intel/ice/ice_common.c | 10 +- drivers/net/ethernet/intel/ice/ice_common.h | 3 +- drivers/net/ethernet/intel/ice/ice_dcb_lib.c | 2 +- drivers/net/ethernet/intel/ice/ice_eswitch.c | 6 + drivers/net/ethernet/intel/ice/ice_ethtool.c | 2 +- drivers/net/ethernet/intel/ice/ice_lib.c | 71 ++++- drivers/net/ethernet/intel/ice/ice_lib.h | 3 +- drivers/net/ethernet/intel/ice/ice_main.c | 56 +++- drivers/net/ethernet/intel/ice/ice_repr.c | 10 +- drivers/net/ethernet/intel/ice/ice_sriov.c | 4 + drivers/net/ethernet/intel/ice/ice_switch.c | 4 +- drivers/net/ethernet/intel/ice/ice_tc_lib.c | 243 ++++++++++++++++-- drivers/net/ethernet/intel/ice/ice_tc_lib.h | 4 +- drivers/net/ethernet/intel/ice/ice_txrx.c | 17 +- drivers/net/ethernet/intel/ice/ice_vf_lib.c | 26 ++ drivers/net/ethernet/intel/ice/ice_vf_lib.h | 12 + drivers/net/ethernet/intel/ice/ice_virtchnl.c | 48 +++- 18 files changed, 449 insertions(+), 73 deletions(-) -- 2.43.0
Powered by blists - more mailing lists