lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAL3LdT4udpCqSrh8=9zeSQLF_hB9fj-Ocwc3Yxf1Nk64U09BrQ@mail.gmail.com>
Date:	Thu, 5 Feb 2015 22:52:42 -0800
From:	Jeff Kirsher <jeffrey.t.kirsher@...el.com>
To:	Vlad Zolotarov <vladz@...udius-systems.com>
Cc:	netdev <netdev@...r.kernel.org>,
	Gleb Natapov <gleb@...udius-systems.com>,
	Avi Kivity <avi@...udius-systems.com>
Subject: Re: [PATCH net-next v5 0/7]: ixgbevf: Allow querying VFs RSS
 indirection table and key

On Wed, Jan 7, 2015 at 12:03 PM, Jeff Kirsher
<jeffrey.t.kirsher@...el.com> wrote:
> On Wed, 2015-01-07 at 21:26 +0200, Vlad Zolotarov wrote:
>> Add the ethtool ops to VF driver to allow querying the RSS indirection
>> table
>> and RSS Random Key.
>>
>> On some devices VFs share the RSS Redirection Table and Hash Key with
>> a PF and letting
>> the VF query this information may introduce some security risks.
>> Therefore we disable this
>> feature by default for such devices (e.g. 82599) and allow it for
>> those where there isn't any
>> possible risk (e.g. on x550). The new netdev op is going to allow a
>> system administrator to
>> change the default behaviour with "ip link set" command.
>>
>>  - netdev: Add a new netdev op to allow/block VF from querying RSS
>> Indirection Table and
>>    RSS Hash Key.
>>  - PF driver: Add new VF-PF channel commands.
>>  - VF driver: Utilize these new commands and add the corresponding
>>               ethtool callbacks.
>>
>> New in v5:
>>    - Added a new netdev op to allow/block VF from querying RSS
>> Indirection Table and
>>      RSS Hash Key.
>>    - Let VF query the RSS info only if VF is allowed to.
>>
>> New in v4:
>>    - Forgot to run checkpatch on v3 and there were a few styling
>> things to fix. ;)
>>
>> New in v3:
>>    - Added a missing support for x550 devices.
>>    - Mask the indirection table values according to PSRTYPE[n].RQPL.
>>    - Minimized the number of added VF-PF commands.
>>
>> New in v2:
>>    - Added a detailed description to patches 4 and 5.
>>
>> New in v1 (compared to RFC):
>>    - Use "if-else" statement instead of a "switch-case" for a single
>> option case.
>>      More specifically: in cases where the newly added API version is
>> the only one
>>      allowed. We may consider using a "switch-case" back again when
>> the list of
>>      allowed API versions in these specific places grows up.
>>
>> Vlad Zolotarov (7):
>>   if_link: Add an additional parameter to ifla_vf_info for RSS
>> querying
>>   ixgbe: Add a new netdev op to allow/prevent a VF from querying an
>> RSS
>>     info
>>   ixgbe: Add a RETA query command to VF-PF channel API
>>   ixgbevf: Add a RETA query code
>>   ixgbe: Add GET_RSS_KEY command to VF-PF channel commands set
>>   ixgbevf: Add RSS Key query code
>>   ixgbevf: Add the appropriate ethtool ops to query RSS indirection
>>     table and key
>>
>>  drivers/net/ethernet/intel/ixgbe/ixgbe.h          |   1 +
>>  drivers/net/ethernet/intel/ixgbe/ixgbe_main.c     |   7 ++
>>  drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.h      |  10 ++
>>  drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.c    | 119
>> +++++++++++++++++++
>>  drivers/net/ethernet/intel/ixgbe/ixgbe_sriov.h    |   2 +
>>  drivers/net/ethernet/intel/ixgbevf/ethtool.c      |  42 +++++++
>>  drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c |   4 +-
>>  drivers/net/ethernet/intel/ixgbevf/mbx.h          |  10 ++
>>  drivers/net/ethernet/intel/ixgbevf/vf.c           | 132
>> ++++++++++++++++++++++
>>  drivers/net/ethernet/intel/ixgbevf/vf.h           |   2 +
>>  include/linux/if_link.h                           |   1 +
>>  include/linux/netdevice.h                         |   8 ++
>>  include/uapi/linux/if_link.h                      |   8 ++
>>  net/core/rtnetlink.c                              |  33 +++++-
>>  14 files changed, 372 insertions(+), 7 deletions(-)
>
> Thanks Vlad, I will add your patches to my queue.

Validation ran into issues with your patch series, they reported the following:
Ethtool has "Cannot get RX ring count: Operation not supported" errors
when trying to access RSS flow hash table.

So I am dropping the series for now and will await a v6.

-- 
Cheers,
Jeff
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ