diff options
author | Greg Rose <gregory.v.rose@intel.com> | 2010-11-06 02:08:26 +0000 |
---|---|---|
committer | Jeff Kirsher <jeffrey.t.kirsher@intel.com> | 2010-12-24 21:36:51 -0800 |
commit | 13800469d40bf4dc9fbed17f4692b2ebe94d4526 (patch) | |
tree | d14fda8702cb36ca4039941b254e462b31f32f1c /drivers/net/igb/igb_main.c | |
parent | 1b5dda331ff8646a70d247cace45a60035937a9b (diff) |
igb: Add Anti-spoofing feature support
Add support for the anti-spoofing feature in the HW. Packets from
VF devices with spoofed MAC addresses or VLAN tags will be blocked
and an event generated. When the watchdog task runs it will call a
function to check if any spoof events occurred. If an event was
detected then a warning message is dumped to the system log.
Signed-off-by: Greg Rose <gregory.v.rose@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Diffstat (limited to 'drivers/net/igb/igb_main.c')
-rw-r--r-- | drivers/net/igb/igb_main.c | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/drivers/net/igb/igb_main.c b/drivers/net/igb/igb_main.c index a364ae69ab3..58c665b7513 100644 --- a/drivers/net/igb/igb_main.c +++ b/drivers/net/igb/igb_main.c @@ -3366,6 +3366,45 @@ static void igb_set_rx_mode(struct net_device *netdev) igb_restore_vf_multicasts(adapter); } +static void igb_check_wvbr(struct igb_adapter *adapter) +{ + struct e1000_hw *hw = &adapter->hw; + u32 wvbr = 0; + + switch (hw->mac.type) { + case e1000_82576: + case e1000_i350: + if (!(wvbr = rd32(E1000_WVBR))) + return; + break; + default: + break; + } + + adapter->wvbr |= wvbr; +} + +#define IGB_STAGGERED_QUEUE_OFFSET 8 + +static void igb_spoof_check(struct igb_adapter *adapter) +{ + int j; + + if (!adapter->wvbr) + return; + + for(j = 0; j < adapter->vfs_allocated_count; j++) { + if (adapter->wvbr & (1 << j) || + adapter->wvbr & (1 << (j + IGB_STAGGERED_QUEUE_OFFSET))) { + dev_warn(&adapter->pdev->dev, + "Spoof event(s) detected on VF %d\n", j); + adapter->wvbr &= + ~((1 << j) | + (1 << (j + IGB_STAGGERED_QUEUE_OFFSET))); + } + } +} + /* Need to wait a few seconds after link up to get diagnostic information from * the phy */ static void igb_update_phy_info(unsigned long data) @@ -3525,6 +3564,8 @@ static void igb_watchdog_task(struct work_struct *work) wr32(E1000_ICS, E1000_ICS_RXDMT0); } + igb_spoof_check(adapter); + /* Reset the timer */ if (!test_bit(__IGB_DOWN, &adapter->state)) mod_timer(&adapter->watchdog_timer, @@ -4521,6 +4562,10 @@ static irqreturn_t igb_msix_other(int irq, void *data) if (icr & E1000_ICR_DOUTSYNC) { /* HW is reporting DMA is out of sync */ adapter->stats.doosync++; + /* The DMA Out of Sync is also indication of a spoof event + * in IOV mode. Check the Wrong VM Behavior register to + * see if it is really a spoof event. */ + igb_check_wvbr(adapter); } /* Check for a mailbox event */ @@ -6595,6 +6640,8 @@ static void igb_vmm_control(struct igb_adapter *adapter) if (adapter->vfs_allocated_count) { igb_vmdq_set_loopback_pf(hw, true); igb_vmdq_set_replication_pf(hw, true); + igb_vmdq_set_anti_spoofing_pf(hw, true, + adapter->vfs_allocated_count); } else { igb_vmdq_set_loopback_pf(hw, false); igb_vmdq_set_replication_pf(hw, false); |