aboutsummaryrefslogtreecommitdiffstats
path: root/drivers/net/ethernet/intel/ice/ice_main.c
diff options
context:
space:
mode:
authorMichal Swiatkowski <michal.swiatkowski@intel.com>2019-04-16 13:21:27 -0400
committerJeff Kirsher <jeffrey.t.kirsher@intel.com>2019-05-04 17:44:47 -0400
commit64439f8f0bc4e9da1c6cb31c2ee642e3139f5731 (patch)
treeef6c6439053b913b462517c8d06d22653bb5c917 /drivers/net/ethernet/intel/ice/ice_main.c
parent0690527014936ef70b186bcccd1a5311e9071899 (diff)
ice: Disable sniffing VF traffic on PF
Delete code that add default Tx rule on PF. With this rule PF can see Tx VF traffic that should go outside. For traffic from VF to another VF default Tx rule on PF doesn't apply because of lower priority than VF mac rule. With this change on PF in promisc mode we can see only Rx traffic that doesn't match any other rule (mac etc.). We can't see Tx traffic from other VSI. Signed-off-by: Michal Swiatkowski <michal.swiatkowski@intel.com> Signed-off-by: Anirudh Venkataramanan <anirudh.venkataramanan@intel.com> Tested-by: Andrew Bowers <andrewx.bowers@intel.com> Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Diffstat (limited to 'drivers/net/ethernet/intel/ice/ice_main.c')
-rw-r--r--drivers/net/ethernet/intel/ice/ice_main.c24
1 files changed, 2 insertions, 22 deletions
diff --git a/drivers/net/ethernet/intel/ice/ice_main.c b/drivers/net/ethernet/intel/ice/ice_main.c
index aa832d9b2458..7843abf4d44d 100644
--- a/drivers/net/ethernet/intel/ice/ice_main.c
+++ b/drivers/net/ethernet/intel/ice/ice_main.c
@@ -317,42 +317,22 @@ static int ice_vsi_sync_fltr(struct ice_vsi *vsi)
317 test_bit(ICE_VSI_FLAG_PROMISC_CHANGED, vsi->flags)) { 317 test_bit(ICE_VSI_FLAG_PROMISC_CHANGED, vsi->flags)) {
318 clear_bit(ICE_VSI_FLAG_PROMISC_CHANGED, vsi->flags); 318 clear_bit(ICE_VSI_FLAG_PROMISC_CHANGED, vsi->flags);
319 if (vsi->current_netdev_flags & IFF_PROMISC) { 319 if (vsi->current_netdev_flags & IFF_PROMISC) {
320 /* Apply Tx filter rule to get traffic from VMs */
321 status = ice_cfg_dflt_vsi(hw, vsi->idx, true,
322 ICE_FLTR_TX);
323 if (status) {
324 netdev_err(netdev, "Error setting default VSI %i tx rule\n",
325 vsi->vsi_num);
326 vsi->current_netdev_flags &= ~IFF_PROMISC;
327 err = -EIO;
328 goto out_promisc;
329 }
330 /* Apply Rx filter rule to get traffic from wire */ 320 /* Apply Rx filter rule to get traffic from wire */
331 status = ice_cfg_dflt_vsi(hw, vsi->idx, true, 321 status = ice_cfg_dflt_vsi(hw, vsi->idx, true,
332 ICE_FLTR_RX); 322 ICE_FLTR_RX);
333 if (status) { 323 if (status) {
334 netdev_err(netdev, "Error setting default VSI %i rx rule\n", 324 netdev_err(netdev, "Error setting default VSI %i Rx rule\n",
335 vsi->vsi_num); 325 vsi->vsi_num);
336 vsi->current_netdev_flags &= ~IFF_PROMISC; 326 vsi->current_netdev_flags &= ~IFF_PROMISC;
337 err = -EIO; 327 err = -EIO;
338 goto out_promisc; 328 goto out_promisc;
339 } 329 }
340 } else { 330 } else {
341 /* Clear Tx filter rule to stop traffic from VMs */
342 status = ice_cfg_dflt_vsi(hw, vsi->idx, false,
343 ICE_FLTR_TX);
344 if (status) {
345 netdev_err(netdev, "Error clearing default VSI %i tx rule\n",
346 vsi->vsi_num);
347 vsi->current_netdev_flags |= IFF_PROMISC;
348 err = -EIO;
349 goto out_promisc;
350 }
351 /* Clear Rx filter to remove traffic from wire */ 331 /* Clear Rx filter to remove traffic from wire */
352 status = ice_cfg_dflt_vsi(hw, vsi->idx, false, 332 status = ice_cfg_dflt_vsi(hw, vsi->idx, false,
353 ICE_FLTR_RX); 333 ICE_FLTR_RX);
354 if (status) { 334 if (status) {
355 netdev_err(netdev, "Error clearing default VSI %i rx rule\n", 335 netdev_err(netdev, "Error clearing default VSI %i Rx rule\n",
356 vsi->vsi_num); 336 vsi->vsi_num);
357 vsi->current_netdev_flags |= IFF_PROMISC; 337 vsi->current_netdev_flags |= IFF_PROMISC;
358 err = -EIO; 338 err = -EIO;
generated by cgit v1.2.2 (git 2.25.0) at 2025-04-27 12:25:45 -0400