Received: by 2002:a05:6a10:2726:0:0:0:0 with SMTP id ib38csp702606pxb; Tue, 5 Apr 2022 19:27:09 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxGJCmgXFgb9cfhlAFgwgzyjg0UWq5a97zyZz42dzdPVVDYb4jSFUmKreN/LAyerk2uPR6c X-Received: by 2002:a17:906:3ad3:b0:6cd:382b:86e5 with SMTP id z19-20020a1709063ad300b006cd382b86e5mr6016237ejd.145.1649212028795; Tue, 05 Apr 2022 19:27:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1649212028; cv=none; d=google.com; s=arc-20160816; b=LegghdumWH//Gv96r+OI0XVAMPlWJZhqRIAYjc/XAHd0zvY5iw89LgtKKIXDKbT1QO KZHyqp3jhfnKlGE3M73b00QAYCOdBESph2ehNDJ3wJBLJDc061b0M2+pzVSn09x88hds kp4Rk0ZYWYwxuHZhaMBPVzeXed+QIqpG5Qu/HOuciRJToYy18zWgjCoJwWzSVXOS/9yL lyBeiAwxBI/0e6Wxp4hrybhzg2HMuHqxu8Ux0yQW6Hh7nbIlzW/5Nk/Aj98zdKtXtt++ 3tt8GG0NM839HZVQP/pHsR28xm4k3X+Mk5YAm0jGXXCmtxa+VEg0ubw7yQtlwsOO/vET sWNg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=Zxjzp7AQV2i/2RlwdMwGqDaem7CUf8qiGT53P6ngBRg=; b=Kt8k9UahN5IjDNYFvn57YDBlJPJjnFkDWNSV3dfuUk2+TwKzVJvaggjNiBjahaYy6R lOK9ce+OwKEI+4CQ1845TAoP2/6LTob3k67/JuRdwls8MztA5+sWTEaTl72D+wzSjShA YJT07m3JEaFehMe7DBFmDHu0HRbHuOauME+5BpUzKjFuZcC3FxkXvqwmGnerrBXO7G43 8ZRNZE7znIn2PuRYjOimB3XFeGuwNFnGw55kYJS+G7xajpX+d6BMl8izjrDBCTk19S8S UE10YO9d+HH6JWOoZX4GijS06wEPBrEpB2HiB9ebTvKfjwfWU9cxMTJqpODG/Hdpo5Ap nWWg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b="DrnPZUZ/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id b15-20020a50be8f000000b00418ebb984ffsi11034829edk.66.2022.04.05.19.26.44; Tue, 05 Apr 2022 19:27:08 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b="DrnPZUZ/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232527AbiDEHvR (ORCPT + 99 others); Tue, 5 Apr 2022 03:51:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47162 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232632AbiDEHrB (ORCPT ); Tue, 5 Apr 2022 03:47:01 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 437D195A18; Tue, 5 Apr 2022 00:42:39 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 56EBBB81B18; Tue, 5 Apr 2022 07:42:38 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id B94E6C340EE; Tue, 5 Apr 2022 07:42:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1649144557; bh=u2nGEvtwicBX4OYSzCM0UB7N5/sxr44UItVD1FL1gQw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=DrnPZUZ/lE1hNIEFOQ/h0x1njq3VztXvRflcaX+srBm2crouUYwfqYOqblgxWkk9G HAPTnJohnzd4rxKQ4Du2vXvUkTHfQN1INtlHkuQx4lA6ozowlrleVhlRg5H5duGlz9 qYHoK71c/8dUQOjPp/eJ6N4Zj52LXVqDBmxa0vqE= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Manish Chopra , Ariel Elior , "David S. Miller" Subject: [PATCH 5.17 0086/1126] qed: validate and restrict untrusted VFs vlan promisc mode Date: Tue, 5 Apr 2022 09:13:53 +0200 Message-Id: <20220405070410.093539189@linuxfoundation.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220405070407.513532867@linuxfoundation.org> References: <20220405070407.513532867@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Manish Chopra commit cbcc44db2cf7b836896733acc0e5ea966136ed22 upstream. Today when VFs are put in promiscuous mode, they can request PF to configure device for them to receive all VLANs traffic regardless of what vlan is configured by the PF (via ip link) and PF allows this config request regardless of whether VF is trusted or not. >From security POV, when VLAN is configured for VF through PF (via ip link), honour such config requests from VF only when they are configured to be trusted, otherwise restrict such VFs vlan promisc mode config. Cc: stable@vger.kernel.org Fixes: f990c82c385b ("qed*: Add support for ndo_set_vf_trust") Signed-off-by: Manish Chopra Signed-off-by: Ariel Elior Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman --- drivers/net/ethernet/qlogic/qed/qed_sriov.c | 28 ++++++++++++++++++++++++++-- drivers/net/ethernet/qlogic/qed/qed_sriov.h | 1 + 2 files changed, 27 insertions(+), 2 deletions(-) --- a/drivers/net/ethernet/qlogic/qed/qed_sriov.c +++ b/drivers/net/ethernet/qlogic/qed/qed_sriov.c @@ -2984,12 +2984,16 @@ static int qed_iov_pre_update_vport(stru u8 mask = QED_ACCEPT_UCAST_UNMATCHED | QED_ACCEPT_MCAST_UNMATCHED; struct qed_filter_accept_flags *flags = ¶ms->accept_flags; struct qed_public_vf_info *vf_info; + u16 tlv_mask; + + tlv_mask = BIT(QED_IOV_VP_UPDATE_ACCEPT_PARAM) | + BIT(QED_IOV_VP_UPDATE_ACCEPT_ANY_VLAN); /* Untrusted VFs can't even be trusted to know that fact. * Simply indicate everything is configured fine, and trace * configuration 'behind their back'. */ - if (!(*tlvs & BIT(QED_IOV_VP_UPDATE_ACCEPT_PARAM))) + if (!(*tlvs & tlv_mask)) return 0; vf_info = qed_iov_get_public_vf_info(hwfn, vfid, true); @@ -3006,6 +3010,13 @@ static int qed_iov_pre_update_vport(stru flags->tx_accept_filter &= ~mask; } + if (params->update_accept_any_vlan_flg) { + vf_info->accept_any_vlan = params->accept_any_vlan; + + if (vf_info->forced_vlan && !vf_info->is_trusted_configured) + params->accept_any_vlan = false; + } + return 0; } @@ -5150,6 +5161,12 @@ static void qed_iov_handle_trust_change( params.update_ctl_frame_check = 1; params.mac_chk_en = !vf_info->is_trusted_configured; + params.update_accept_any_vlan_flg = 0; + + if (vf_info->accept_any_vlan && vf_info->forced_vlan) { + params.update_accept_any_vlan_flg = 1; + params.accept_any_vlan = vf_info->accept_any_vlan; + } if (vf_info->rx_accept_mode & mask) { flags->update_rx_mode_config = 1; @@ -5165,13 +5182,20 @@ static void qed_iov_handle_trust_change( if (!vf_info->is_trusted_configured) { flags->rx_accept_filter &= ~mask; flags->tx_accept_filter &= ~mask; + params.accept_any_vlan = false; } if (flags->update_rx_mode_config || flags->update_tx_mode_config || - params.update_ctl_frame_check) + params.update_ctl_frame_check || + params.update_accept_any_vlan_flg) { + DP_VERBOSE(hwfn, QED_MSG_IOV, + "vport update config for %s VF[abs 0x%x rel 0x%x]\n", + vf_info->is_trusted_configured ? "trusted" : "untrusted", + vf->abs_vf_id, vf->relative_vf_id); qed_sp_vport_update(hwfn, ¶ms, QED_SPQ_MODE_EBLOCK, NULL); + } } } --- a/drivers/net/ethernet/qlogic/qed/qed_sriov.h +++ b/drivers/net/ethernet/qlogic/qed/qed_sriov.h @@ -62,6 +62,7 @@ struct qed_public_vf_info { bool is_trusted_request; u8 rx_accept_mode; u8 tx_accept_mode; + bool accept_any_vlan; }; struct qed_iov_vf_init_params {