summaryrefslogtreecommitdiff
path: root/drivers/net/ixgbe/ixgbe_main.c
diff options
context:
space:
mode:
authorGreg Rose <gregory.v.rose@intel.com>2010-11-18 06:02:52 +0300
committerJeff Kirsher <jeffrey.t.kirsher@intel.com>2010-12-25 08:41:06 +0300
commita985b6c31ff230a1246d921afbfc0f6a1386be83 (patch)
tree74ec1479b9f28e055c45a8a636f86b537d959b37 /drivers/net/ixgbe/ixgbe_main.c
parent3377eba79e15671799876f82d30446e656aac5ad (diff)
downloadlinux-a985b6c31ff230a1246d921afbfc0f6a1386be83.tar.xz
ixgbe: Add anti-spoofing feature support
Add support for the anti-spoofing feature in the HW. Packets from VF devices with spoofed MAC addresses or VLAN tags will be blocked and a counter incremented. During the watchdog timer the spoofed packet dropped counter is read and if it is non-zero then a warning message is displayed on the host VMM's console. Signed-off-by: Greg Rose <gregory.v.rose@intel.com> Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Diffstat (limited to 'drivers/net/ixgbe/ixgbe_main.c')
-rw-r--r--drivers/net/ixgbe/ixgbe_main.c24
1 files changed, 24 insertions, 0 deletions
diff --git a/drivers/net/ixgbe/ixgbe_main.c b/drivers/net/ixgbe/ixgbe_main.c
index c90562530202..38ab4f3f8197 100644
--- a/drivers/net/ixgbe/ixgbe_main.c
+++ b/drivers/net/ixgbe/ixgbe_main.c
@@ -3132,6 +3132,9 @@ static void ixgbe_configure_virtualization(struct ixgbe_adapter *adapter)
/* enable Tx loopback for VF/PF communication */
IXGBE_WRITE_REG(hw, IXGBE_PFDTXGSWC, IXGBE_PFDTXGSWC_VT_LBEN);
+ /* Enable MAC Anti-Spoofing */
+ hw->mac.ops.set_mac_anti_spoofing(hw, (adapter->num_vfs != 0),
+ adapter->num_vfs);
}
static void ixgbe_set_rx_buffer_len(struct ixgbe_adapter *adapter)
@@ -5960,6 +5963,26 @@ static void ixgbe_fdir_reinit_task(struct work_struct *work)
netif_tx_start_all_queues(adapter->netdev);
}
+static void ixgbe_spoof_check(struct ixgbe_adapter *adapter)
+{
+ u32 ssvpc;
+
+ /* Do not perform spoof check for 82598 */
+ if (adapter->hw.mac.type == ixgbe_mac_82598EB)
+ return;
+
+ ssvpc = IXGBE_READ_REG(&adapter->hw, IXGBE_SSVPC);
+
+ /*
+ * ssvpc register is cleared on read, if zero then no
+ * spoofed packets in the last interval.
+ */
+ if (!ssvpc)
+ return;
+
+ e_warn(drv, "%d Spoofed packets detected\n", ssvpc);
+}
+
static DEFINE_MUTEX(ixgbe_watchdog_lock);
/**
@@ -6080,6 +6103,7 @@ static void ixgbe_watchdog_task(struct work_struct *work)
}
}
+ ixgbe_spoof_check(adapter);
ixgbe_update_stats(adapter);
mutex_unlock(&ixgbe_watchdog_lock);
}