| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 08 Oct 2014 15:29:15 -0700
From: Jeff Kirsher <jeffrey.t.kirsher@...el.com>
To: Alexander Graf <agraf@...e.de>
Cc: "David S. Miller" <davem@...emloft.net>, netdev@...r.kernel.org,
Mitch Williams <mitch.a.williams@...el.com>,
Andy Gospodarek <andy@...yhouse.net>,
Stefan Assmann <sassmann@...nic.de>,
Aaron Brown <aaron.f.brown@...el.com>,
Greg Rose <gregory.v.rose@...el.com>,
John Ronciak <john.ronciak@...el.com>
Subject: Re: [PATCH] igb: Indicate failure on vf reset for empty mac address
On Wed, 2014-10-08 at 23:23 +0200, Alexander Graf wrote:
> Commit 5ac6f91d changed the igb driver to expose a zero (empty) mac
> address to the VF on reset rather than a random one.
>
> However, that behavioral change also requires igbvf driver changes
> which can be hard especially when we want to talk to proprietary
> guest OSs.
>
> Looking at the code previous to the commit in Linux that made igbvf
> work with empty mac addresses (8d56b6d), we can see that on reset
> failure the driver will try to generate a new mac address with both
> the old and the new code.
>
> Furthermore, ixgbe does send reset failure when it detects an empty
> mac address (35055928c).
>
> So I think it's safe to make igb behave the same. With this patch I
> can successfully run a Windows 8.1 guest with an empty mac address
> and an assigned igbvf device that has no mac address set by the host.
>
> If anyone is aware of a guest driver that chokes on NACK returns of
> VF RESET commands, please speak up.
>
> Signed-off-by: Alexander Graf <agraf@...e.de>
> ---
> drivers/net/ethernet/intel/igb/igb_main.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
Actually after further review of this patch and the reported bug in
SuSE's bugzilla, we are NACK'ing this patch.
If the reset has not failed, why are we indicating that it has? We
originally supplied the VF with a NULL MAC, so we should supply it
again. That way, the VF can choose to either regenerate a new random
MAC or keep using the one that it had.
The current method was a fix that was requested by the community in the
first place, also we cannot take into account "proprietary guest OS's".
>
> diff --git a/drivers/net/ethernet/intel/igb/igb_main.c b/drivers/net/ethernet/intel/igb/igb_main.c
> index cb14bbd..e8c53b6 100644
> --- a/drivers/net/ethernet/intel/igb/igb_main.c
> +++ b/drivers/net/ethernet/intel/igb/igb_main.c
> @@ -6024,8 +6024,12 @@ static void igb_vf_reset_msg(struct igb_adapter *adapter, u32 vf)
> adapter->vf_data[vf].flags |= IGB_VF_FLAG_CTS;
>
> /* reply to reset with ack and vf mac address */
> - msgbuf[0] = E1000_VF_RESET | E1000_VT_MSGTYPE_ACK;
> - memcpy(addr, vf_mac, ETH_ALEN);
> + if (!is_zero_ether_addr(vf_mac)) {
> + msgbuf[0] = E1000_VF_RESET | E1000_VT_MSGTYPE_ACK;
> + memcpy(addr, vf_mac, ETH_ALEN);
> + } else {
> + msgbuf[0] = E1000_VF_RESET | E1000_VT_MSGTYPE_NACK;
> + }
> igb_write_mbx(hw, msgbuf, 3, vf);
> }
>
Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)
Powered by blists - more mailing lists