Received: by 2002:ab2:2994:0:b0:1ef:ca3e:3cd5 with SMTP id n20csp34023lqb; Thu, 14 Mar 2024 04:58:40 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCV545p7Qkwume1ySRU2oV2D6WlxB5EC14vBuJ3ZUtvy314HQT7MlfLojOF5ojpYeqN8LjYpoyrqFoBVZg5R+C33gb7aB5avFViunKH9nQ== X-Google-Smtp-Source: AGHT+IEicBFVs+9cfmoNHk1MHDrM9K7JQE/GzkWaxHxCp+VtrPgDKQBnPV8JSIjTQbVz2s1QWUx1 X-Received: by 2002:a05:6358:2799:b0:17b:f11f:5cc3 with SMTP id l25-20020a056358279900b0017bf11f5cc3mr1561876rwb.18.1710417520183; Thu, 14 Mar 2024 04:58:40 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1710417520; cv=pass; d=google.com; s=arc-20160816; b=mhUlcmJLhQm8HyRaP6lM87Gr/V3qZNPAYoqPAG1g4Y7ifd6L9FprwVr3CM1LvCQtwV GBNRkDEu3GxfyzA0/Jp3IBt/metrquJryUyFaovS8pOObL4oIq3ipRRgZtJagAaN6fND 7P4UVEWGL28IxH5SKt3QOO+AvtKR+k+PdYOvw9bZQcfZddz3GOpBXZva2yQNOuS0i9/4 U1IxZwssdcbsgYzBU6fX4SArbbRSlK/NV0eZg+d8O9/fyuDzAR+xCuz5pUfsodFtIEcg NYeM1ZnKJCwQBephWkNVD+yieSfm1mKZKtlnF5ecdZqLhcs5PxYlThr5nZmaWyP+ZvQM uiZQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:list-unsubscribe:list-subscribe :list-id:precedence:dkim-signature; bh=W6Yj68QAc/GDKe4pAWzzjDhY33mBI0iwde75NIqen9o=; fh=qUoLGwojT1iTrpERFwSvx+/SzIQ1crx7BdfQ/w+XH9k=; b=aj1x5kf7onBIFz6agUuHyb7PzxB7WwVnG8XkWGlQyaSKUG3Wi+U2rjTOB1QOnOGrRY CGkYgeE832ADHtRZZRWkq+HmdH+ieGBlri4gNuEXRn80BtvyrRqkMJAqs7PgZiOVtRMw 8xDlH3GV/JmyXl0f3ZwvzFJ4OMEhFmYm55AwgatMq8c7HI4/efOJ0nvf7LvKLo0D/2r4 hs69JUHkL8a8VjCp52yfnN6Q0/P+RJDskORFSBkJTxVhxOM+l8vAMmgk0bWI56Wf5jYY hVVp2DdwyM5v0AoxE8yDdKRPZwwl2CyThVwib+p9+XWu7p/DAtQ+ZZ37D5DaCgKKItAt +FhQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=jMys2HMY; arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com); spf=pass (google.com: domain of linux-kernel+bounces-103206-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-103206-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id w3-20020a631603000000b005e49cd906d6si440868pgl.97.2024.03.14.04.58.39 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 14 Mar 2024 04:58:40 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-103206-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=jMys2HMY; arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com); spf=pass (google.com: domain of linux-kernel+bounces-103206-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-103206-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 4FA4A283999 for ; Thu, 14 Mar 2024 11:57:37 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id A27FE6F08B; Thu, 14 Mar 2024 11:57:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="jMys2HMY" Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 26FE75CDD3 for ; Thu, 14 Mar 2024 11:57:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710417447; cv=none; b=SWkIlqnnOn439tSGtRH4k5XH6Aiw52LNtiShOt7G/ek/PMXftcctJAP2X2NY1dXhSp27hHl6x7WdsiyG1qLs5yvwYyQCYCBCNpa37IGdD7p+6s+RH3H7qUyOIdnCPiIrea4eS/HajAyV0a/Sz+H0/jbXgR9ZLN1mO12Rfmjrh8w= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710417447; c=relaxed/simple; bh=AdMsm2idLYumEp0ZXOMFAz1fRELSXatQYvEc+3tGX+A=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=JoOgEGYeyuSOR5An723NCIryya9eTtGOxN7pTdeWrU7ICsDl0lkbfvw6+Re8GP0oNM9g7PbCn0ENsR1uj0XrJWJDxB7TGaWzMtaRhHDjBZq377sErdADYNG4uysZJS5eVWRH6e0YHWkOhtXrz9kBLZ52kWkwudVZUudNHQLMJ9g= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=jMys2HMY; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1710417444; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=W6Yj68QAc/GDKe4pAWzzjDhY33mBI0iwde75NIqen9o=; b=jMys2HMY/MvXLzTQhxJ+915FM5DBMAQlf9xMznLkJrBRX3LNfuIqdLM6BK0r2FL3UgjTzA DHb+kmh+BvT2BhzomLvJ8aHXVCbwRkQMzu1PYCdxMrnu0IibqrTrDouEn1wDe5wLlWPL8y 2bkG63iT6L/ffE3f42V+9G5mWSbbWg4= Received: from mail-ej1-f69.google.com (mail-ej1-f69.google.com [209.85.218.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-641-oWFeemsEM6eckFfgX47SZg-1; Thu, 14 Mar 2024 07:57:20 -0400 X-MC-Unique: oWFeemsEM6eckFfgX47SZg-1 Received: by mail-ej1-f69.google.com with SMTP id a640c23a62f3a-a4531df8727so25396966b.2 for ; Thu, 14 Mar 2024 04:57:20 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710417439; x=1711022239; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=W6Yj68QAc/GDKe4pAWzzjDhY33mBI0iwde75NIqen9o=; b=QVKDbUsogj0e9YNh9mbKNBIcvGleuO/+BpnliUTyXkznyBljSqZt3EaCxRK92IS1g5 sdFNIavyxhtaP451xgISFu7ZLv6a64nzb5iLPsUwMXOHukRgGrNyHPy038pUFDot6G5A fFr4Fg4vOzSZwMrO7eq0hWg4eJA1iOJKm4hX8AiBkOsC1sseKWVqy66U1R4Xi3sDb2ci Jy9886Gz5VKWirX8KJSRNibp/Duobfhk7osiwpBjzyfYx6rahTPhIIwLf89P1tZ/riYX iHKex9ZFHEkW+l2S8QYkC3nsIUTH5WxXnK2ReG999xihgYtcQ4Nfm/sy1azJKcIS2Huw rX3A== X-Forwarded-Encrypted: i=1; AJvYcCV9ITuJO5uVO2F9sYqPMichelnhXHvfuB4e2L5bvq7cI7C382bHa1MoMbBWQw47q/rSqjOT186fJAjODWlsxIwkslM4JiaThHKWCtPA X-Gm-Message-State: AOJu0YzCVtFJuCnqBJyh/06TvFCorGC2cJQ9E3il5St2qjKIzhQo884v C58BXwnz5ZdX0fl2nEDFi7mDrXhowt9hMawgbiLQA/yhithxXr+OxDeY8RYZxMHBOxxY4de4str Vs+oYBQGYErR+PVwDhhJ5sYSCDnpn9Tc2jw6urvCp7VR+mwhx/nQsSOkZPM4aNRDWpHF/NqRZKQ bHsU1UpTjKfrFHo6+qXkZpxHSnXhJJWOyVa4yT X-Received: by 2002:a17:906:1194:b0:a45:c1a0:5c07 with SMTP id n20-20020a170906119400b00a45c1a05c07mr908085eja.17.1710417439451; Thu, 14 Mar 2024 04:57:19 -0700 (PDT) X-Received: by 2002:a17:906:1194:b0:a45:c1a0:5c07 with SMTP id n20-20020a170906119400b00a45c1a05c07mr908069eja.17.1710417439108; Thu, 14 Mar 2024 04:57:19 -0700 (PDT) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240313135618.20930-1-ivecera@redhat.com> In-Reply-To: <20240313135618.20930-1-ivecera@redhat.com> From: Michal Schmidt Date: Thu, 14 Mar 2024 12:57:07 +0100 Message-ID: Subject: Re: [PATCH net] i40e: Fix VF MAC filter removal To: Ivan Vecera Cc: netdev@vger.kernel.org, aleksandr.loktionov@intel.com, horms@kernel.org, Jesse Brandeburg , Tony Nguyen , "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , "moderated list:INTEL ETHERNET DRIVERS" , open list Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Wed, Mar 13, 2024 at 2:56=E2=80=AFPM Ivan Vecera wr= ote: > Commit 73d9629e1c8c ("i40e: Do not allow untrusted VF to remove > administratively set MAC") fixed an issue where untrusted VF was > allowed to remove its own MAC address although this was assigned > administratively from PF. Unfortunately the introduced check > is wrong because it causes that MAC filters for other MAC addresses > including multi-cast ones are not removed. > > > if (ether_addr_equal(addr, vf->default_lan_addr.addr) && > i40e_can_vf_change_mac(vf)) > was_unimac_deleted =3D true; > else > continue; > > if (i40e_del_mac_filter(vsi, al->list[i].addr)) { > ... > > > The else path with `continue` effectively skips any MAC filter > removal except one for primary MAC addr when VF is allowed to do so. > Fix the check condition so the `continue` is only done for primary > MAC address. > > Fixes: 73d9629e1c8c ("i40e: Do not allow untrusted VF to remove administr= atively set MAC") > Signed-off-by: Ivan Vecera > --- > drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c | 11 ++++++----- > 1 file changed, 6 insertions(+), 5 deletions(-) > > diff --git a/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c b/drivers= /net/ethernet/intel/i40e/i40e_virtchnl_pf.c > index b34c71770887..10267a300770 100644 > --- a/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c > +++ b/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c > @@ -3143,11 +3143,12 @@ static int i40e_vc_del_mac_addr_msg(struct i40e_v= f *vf, u8 *msg) > /* Allow to delete VF primary MAC only if it was not set > * administratively by PF or if VF is trusted. > */ > - if (ether_addr_equal(addr, vf->default_lan_addr.addr) && > - i40e_can_vf_change_mac(vf)) > - was_unimac_deleted =3D true; > - else > - continue; > + if (ether_addr_equal(addr, vf->default_lan_addr.addr)) { > + if (i40e_can_vf_change_mac(vf)) > + was_unimac_deleted =3D true; > + else > + continue; > + } > > if (i40e_del_mac_filter(vsi, al->list[i].addr)) { > ret =3D -EINVAL; > -- > 2.43.0 Reviewed-by: Michal Schmidt