[v8] net/i40e: add PF MDD event handler

64823 diff mbox series

From: Zhu Tao <taox.zhu@intel.com>

Add warning and counter to handle the malicious driver detection event.
When the hardware determines that a malicious driver on VF,
this VF will become unworkable, the PF records and gives a warning message.

Signed-off-by: Zhu Tao <taox.zhu@intel.com>
Acked-by: Qiming Yang <qiming.yang@intel.com>
---
 doc/guides/nics/i40e.rst               |  1 +
 doc/guides/rel_notes/release_20_02.rst |  4 +-
 drivers/net/i40e/i40e_ethdev.c         | 94 +++++++++++++++++++++++++-
 drivers/net/i40e/i40e_ethdev.h         |  1 +
 4 files changed, 97 insertions(+), 3 deletions(-)

v8:
- Replace magic number with macros.
v7:
- fix subject patch version
v6:
- Change commit message
v5:
- Change commit message
v4:
- Change commit message
- Rebase doc/guides/rel_notes/release_20_02.rst
v3:
- Change commit message

On 01/17, taox.zhu@intel.com wrote:
>From: Zhu Tao <taox.zhu@intel.com>
>
>Add warning and counter to handle the malicious driver detection event.
>When the hardware determines that a malicious driver on VF,
>this VF will become unworkable, the PF records and gives a warning message.
>
>Signed-off-by: Zhu Tao <taox.zhu@intel.com>
>Acked-by: Qiming Yang <qiming.yang@intel.com>
>---
> doc/guides/nics/i40e.rst               |  1 +
> doc/guides/rel_notes/release_20_02.rst |  4 +-
> drivers/net/i40e/i40e_ethdev.c         | 94 +++++++++++++++++++++++++-
> drivers/net/i40e/i40e_ethdev.h         |  1 +
> 4 files changed, 97 insertions(+), 3 deletions(-)
>
>v8:
>- Replace magic number with macros.
>v7:
>- fix subject patch version
>v6:
>- Change commit message
>v5:
>- Change commit message
>v4:
>- Change commit message
>- Rebase doc/guides/rel_notes/release_20_02.rst
>v3:
>- Change commit message
>
>diff --git a/doc/guides/nics/i40e.rst b/doc/guides/nics/i40e.rst
>index c7c34b62f..2bf11e8ca 100644
>--- a/doc/guides/nics/i40e.rst
>+++ b/doc/guides/nics/i40e.rst
>@@ -43,6 +43,7 @@ Features of the i40e PMD are:
> - Dynamic Device Personalization (DDP)
> - Queue region configuration
> - Virtual Function Port Representors
>+- Malicious Device Drive event catch and notify
> 
> Prerequisites
> -------------
>diff --git a/doc/guides/rel_notes/release_20_02.rst b/doc/guides/rel_notes/release_20_02.rst
>index 1e83e659a..a39f22221 100644
>--- a/doc/guides/rel_notes/release_20_02.rst
>+++ b/doc/guides/rel_notes/release_20_02.rst
>@@ -66,11 +66,13 @@ New Features
> 
>   * Added support for RSS using L3/L4 source/destination only.
> 
>-* **Updated i40e driver to support L2TPv3 over IP flows.**
>+* **Updated i40e driver.**
> 
>   Updated the i40e PMD to support L2TPv3 over IP profiles which can be
>   programmed by the dynamic device personalization (DDP) process.
> 
>+  Added PF support Malicious Device Drive event catch and notify.
>+
> * **Updated testpmd to support L2TPv3 over IP flows.**
> 
>   Added support for L2TPv3 over IP rte_flow patterns to the testpmd
>diff --git a/drivers/net/i40e/i40e_ethdev.c b/drivers/net/i40e/i40e_ethdev.c
>index afb6f554b..caca3e88f 100644
>--- a/drivers/net/i40e/i40e_ethdev.c
>+++ b/drivers/net/i40e/i40e_ethdev.c
>@@ -6760,6 +6760,92 @@ i40e_dev_handle_aq_msg(struct rte_eth_dev *dev)
> 	rte_free(info.msg_buf);
> }
> 
>+static void
>+i40e_handle_mdd_event(struct rte_eth_dev *dev)
>+{
>+#define I40E_MDD_CLEAR32 0xFFFFFFFF
>+#define I40E_MDD_CLEAR16 0xFFFF
>+	struct i40e_hw *hw = I40E_DEV_PRIVATE_TO_HW(dev->data->dev_private);
>+	struct i40e_pf *pf = I40E_DEV_PRIVATE_TO_PF(dev->data->dev_private);
>+	bool mdd_detected = false;
>+	struct i40e_pf_vf *vf;
>+	uint32_t reg;
>+	int i;
>+
>+	/* find what triggered the MDD event */
>+	reg = I40E_READ_REG(hw, I40E_GL_MDET_TX);
>+	if (reg & I40E_GL_MDET_TX_VALID_MASK) {
>+		uint8_t pf_num = (reg & I40E_GL_MDET_TX_PF_NUM_MASK) >>
>+				I40E_GL_MDET_TX_PF_NUM_SHIFT;
>+		uint16_t vf_num = (reg & I40E_GL_MDET_TX_VF_NUM_MASK) >>
>+				I40E_GL_MDET_TX_VF_NUM_SHIFT;
>+		uint8_t event = (reg & I40E_GL_MDET_TX_EVENT_MASK) >>
>+				I40E_GL_MDET_TX_EVENT_SHIFT;
>+		uint16_t queue = ((reg & I40E_GL_MDET_TX_QUEUE_MASK) >>
>+				I40E_GL_MDET_TX_QUEUE_SHIFT) -
>+					hw->func_caps.base_queue;
>+		PMD_DRV_LOG(WARNING, "Malicious Driver Detection event 0x%02x on TX "
>+			"queue %d PF number 0x%02x VF number 0x%02x device %s\n",
>+				event, queue, pf_num, vf_num, dev->data->name);
>+		I40E_WRITE_REG(hw, I40E_GL_MDET_TX, I40E_MDD_CLEAR32);
>+		mdd_detected = true;
>+	}
>+	reg = I40E_READ_REG(hw, I40E_GL_MDET_RX);
>+	if (reg & I40E_GL_MDET_RX_VALID_MASK) {
>+		uint8_t func = (reg & I40E_GL_MDET_RX_FUNCTION_MASK) >>
>+				I40E_GL_MDET_RX_FUNCTION_SHIFT;
>+		uint8_t event = (reg & I40E_GL_MDET_RX_EVENT_MASK) >>
>+				I40E_GL_MDET_RX_EVENT_SHIFT;
>+		uint16_t queue = ((reg & I40E_GL_MDET_RX_QUEUE_MASK) >>
>+				I40E_GL_MDET_RX_QUEUE_SHIFT) -
>+					hw->func_caps.base_queue;
>+
>+		PMD_DRV_LOG(WARNING, "Malicious Driver Detection event 0x%02x on RX "
>+				"queue %d of function 0x%02x device %s\n",
>+					event, queue, func, dev->data->name);
>+		I40E_WRITE_REG(hw, I40E_GL_MDET_RX, I40E_MDD_CLEAR32);
>+		mdd_detected = true;
>+	}
>+
>+	if (mdd_detected) {
>+		reg = I40E_READ_REG(hw, I40E_PF_MDET_TX);
>+		if (reg & I40E_PF_MDET_TX_VALID_MASK) {
>+			I40E_WRITE_REG(hw, I40E_PF_MDET_TX, I40E_MDD_CLEAR16);
>+			PMD_DRV_LOG(WARNING, "TX driver issue detected on PF\n");
>+		}
>+		reg = I40E_READ_REG(hw, I40E_PF_MDET_RX);
>+		if (reg & I40E_PF_MDET_RX_VALID_MASK) {
>+			I40E_WRITE_REG(hw, I40E_PF_MDET_RX,
>+					I40E_MDD_CLEAR16);
>+			PMD_DRV_LOG(WARNING, "RX driver issue detected on PF\n");
>+		}
>+	}
>+
>+	/* see if one of the VFs needs its hand slapped */
>+	for (i = 0; i < pf->vf_num && mdd_detected; i++) {
>+		vf = &pf->vfs[i];
>+		reg = I40E_READ_REG(hw, I40E_VP_MDET_TX(i));
>+		if (reg & I40E_VP_MDET_TX_VALID_MASK) {
>+			I40E_WRITE_REG(hw, I40E_VP_MDET_TX(i),
>+					I40E_MDD_CLEAR16);
>+			vf->num_mdd_events++;
>+			PMD_DRV_LOG(WARNING, "TX driver issue detected on VF %d %-"
>+					PRIu64 "times\n",
>+					i, vf->num_mdd_events);
>+		}
>+
>+		reg = I40E_READ_REG(hw, I40E_VP_MDET_RX(i));
>+		if (reg & I40E_VP_MDET_RX_VALID_MASK) {
>+			I40E_WRITE_REG(hw, I40E_VP_MDET_RX(i),
>+					I40E_MDD_CLEAR16);
>+			vf->num_mdd_events++;
>+			PMD_DRV_LOG(WARNING, "RX driver issue detected on VF %d %-"
>+					PRIu64 "times\n",
>+					i, vf->num_mdd_events);
>+		}
>+	}
>+}
>+
> /**
>  * Interrupt handler triggered by NIC  for handling
>  * specific interrupt.
>@@ -6792,8 +6878,10 @@ i40e_dev_interrupt_handler(void *param)
> 	}
> 	if (icr0 & I40E_PFINT_ICR0_ECC_ERR_MASK)
> 		PMD_DRV_LOG(ERR, "ICR0: unrecoverable ECC error");
>-	if (icr0 & I40E_PFINT_ICR0_MAL_DETECT_MASK)
>+	if (icr0 & I40E_PFINT_ICR0_MAL_DETECT_MASK) {
> 		PMD_DRV_LOG(ERR, "ICR0: malicious programming detected");
>+		i40e_handle_mdd_event(dev);
>+	}
> 	if (icr0 & I40E_PFINT_ICR0_GRST_MASK)
> 		PMD_DRV_LOG(INFO, "ICR0: global reset requested");
> 	if (icr0 & I40E_PFINT_ICR0_PCI_EXCEPTION_MASK)
>@@ -6837,8 +6925,10 @@ i40e_dev_alarm_handler(void *param)
> 		goto done;
> 	if (icr0 & I40E_PFINT_ICR0_ECC_ERR_MASK)
> 		PMD_DRV_LOG(ERR, "ICR0: unrecoverable ECC error");
>-	if (icr0 & I40E_PFINT_ICR0_MAL_DETECT_MASK)
>+	if (icr0 & I40E_PFINT_ICR0_MAL_DETECT_MASK) {
> 		PMD_DRV_LOG(ERR, "ICR0: malicious programming detected");
>+		i40e_handle_mdd_event(dev);
>+	}
> 	if (icr0 & I40E_PFINT_ICR0_GRST_MASK)
> 		PMD_DRV_LOG(INFO, "ICR0: global reset requested");
> 	if (icr0 & I40E_PFINT_ICR0_PCI_EXCEPTION_MASK)
>diff --git a/drivers/net/i40e/i40e_ethdev.h b/drivers/net/i40e/i40e_ethdev.h
>index bba2b83b4..370e6298f 100644
>--- a/drivers/net/i40e/i40e_ethdev.h
>+++ b/drivers/net/i40e/i40e_ethdev.h
>@@ -426,6 +426,7 @@ struct i40e_pf_vf {
> 	/* version of the virtchnl from VF */
> 	struct virtchnl_version_info version;
> 	uint32_t request_caps; /* offload caps requested from VF */
>+	uint64_t num_mdd_events; /* num of mdd events detected */
> 
> 	/*
> 	 * Variables for store the arrival timestamp of VF messages.
>-- 
>2.17.1
>

Acked-by: Xiaolong Ye <xiaolong.ye@intel.com>

Applied to dpdk-next-net-intel, Thanks.