Implement granular VF trust flags feature in the igb driver. See
known limitations and gaps in cover message.
Signed-off-by: Carolyn Wyborny <carolyn.wybo...@intel.com>
---
drivers/net/ethernet/intel/igb/igb.h | 2 +-
drivers/net/ethernet/intel/igb/igb_main.c | 21 +++++++++++----------
2 files changed, 12 insertions(+), 11 deletions(-)
diff --git a/drivers/net/ethernet/intel/igb/igb.h
b/drivers/net/ethernet/intel/igb/igb.h
index 2f015b60a995..073a3f764f3f 100644
--- a/drivers/net/ethernet/intel/igb/igb.h
+++ b/drivers/net/ethernet/intel/igb/igb.h
@@ -89,7 +89,7 @@ struct vf_data_storage {
u16 pf_qos;
u16 tx_rate;
bool spoofchk_enabled;
- bool trusted;
+ vf_trust_flags_t trust_flags;
};
/* Number of unicast MAC filters reserved for the PF in the RAR registers */
diff --git a/drivers/net/ethernet/intel/igb/igb_main.c
b/drivers/net/ethernet/intel/igb/igb_main.c
index 4f05f6efe6af..63a2df986f90 100644
--- a/drivers/net/ethernet/intel/igb/igb_main.c
+++ b/drivers/net/ethernet/intel/igb/igb_main.c
@@ -164,7 +164,7 @@ static int igb_ndo_set_vf_bw(struct net_device *, int, int,
int);
static int igb_ndo_set_vf_spoofchk(struct net_device *netdev, int vf,
bool setting);
static int igb_ndo_set_vf_trust(struct net_device *netdev, int vf,
- bool setting);
+ vf_trust_flags_t flags);
static int igb_ndo_get_vf_config(struct net_device *netdev, int vf,
struct ifla_vf_info *ivi);
static void igb_check_vf_rate_limit(struct igb_adapter *);
@@ -6756,7 +6756,7 @@ static int igb_vf_configure(struct igb_adapter *adapter,
int vf)
adapter->vf_data[vf].spoofchk_enabled = true;
/* By default VFs are not trusted */
- adapter->vf_data[vf].trusted = false;
+ adapter->vf_data[vf].trust_flags = 0;
return 0;
}
@@ -7397,7 +7397,7 @@ static int igb_set_vf_mac_filter(struct igb_adapter
*adapter, const int vf,
break;
case E1000_VF_MAC_FILTER_ADD:
if ((vf_data->flags & IGB_VF_FLAG_PF_SET_MAC) &&
- !vf_data->trusted) {
+ !(vf_data->trust_flags & VF_TRUST_F_ADV_FLOW)) {
dev_warn(&pdev->dev,
"VF %d requested MAC filter but is
administratively denied\n",
vf);
@@ -7455,7 +7455,7 @@ static int igb_set_vf_mac_addr(struct igb_adapter
*adapter, u32 *msg, int vf)
if (!info) {
if ((vf_data->flags & IGB_VF_FLAG_PF_SET_MAC) &&
- !vf_data->trusted) {
+ !(vf_data->trust_flags & VF_TRUST_F_MACADDR_CHANGE)) {
dev_warn(&pdev->dev,
"VF %d attempted to override administratively
set MAC address\nReload the VF driver to resume operations\n",
vf);
@@ -9333,19 +9333,20 @@ static int igb_ndo_set_vf_spoofchk(struct net_device
*netdev, int vf,
return 0;
}
-static int igb_ndo_set_vf_trust(struct net_device *netdev, int vf, bool
setting)
+static int igb_ndo_set_vf_trust(struct net_device *netdev, int vf,
+ vf_trust_flags_t flags)
{
struct igb_adapter *adapter = netdev_priv(netdev);
if (vf >= adapter->vfs_allocated_count)
return -EINVAL;
- if (adapter->vf_data[vf].trusted == setting)
+ if (adapter->vf_data[vf].trust_flags == flags)
return 0;
- adapter->vf_data[vf].trusted = setting;
+ adapter->vf_data[vf].trust_flags = flags;
- dev_info(&adapter->pdev->dev, "VF %u is %strusted\n",
- vf, setting ? "" : "not ");
+ dev_info(&adapter->pdev->dev, "VF %u trust_flags=%x\n",
+ vf, flags);
return 0;
}
@@ -9362,7 +9363,7 @@ static int igb_ndo_get_vf_config(struct net_device
*netdev,
ivi->vlan = adapter->vf_data[vf].pf_vlan;
ivi->qos = adapter->vf_data[vf].pf_qos;
ivi->spoofchk = adapter->vf_data[vf].spoofchk_enabled;
- ivi->trusted = adapter->vf_data[vf].trusted;
+ ivi->trust_flags = adapter->vf_data[vf].trust_flags;
return 0;
}
