ice: warn about potentially malicious VFs - kernel/linux.git

diff options

author	Vignesh Sridhar <vignesh.sridhar@intel.com>	2021-03-02 21:12:00 +0300
committer	Tony Nguyen <anthony.l.nguyen@intel.com>	2021-04-22 19:26:22 +0300
commit	0891c89674e8d39eb47310e7c0646c2b07228fe7 (patch)
tree	b101c8d30b5ffcaaccbe2c0513003e76e02ac885 /include
parent	5d869070569a23aa909c6e7e9d010fc438a492ef (diff)
download	linux-0891c89674e8d39eb47310e7c0646c2b07228fe7.tar.xz

ice: warn about potentially malicious VFs

Attempt to detect malicious VFs and, if suspected, log the information but keep going to allow the user to take any desired actions. Potentially malicious VFs are identified by checking if the VFs are transmitting too many messages via the PF-VF mailbox which could cause an overflow of this channel resulting in denial of service. This is done by creating a snapshot or static capture of the mailbox buffer which can be traversed and in which the messages sent by VFs are tracked. Co-developed-by: Yashaswini Raghuram Prathivadi Bhayankaram <yashaswini.raghuram.prathivadi.bhayankaram@intel.com> Signed-off-by: Yashaswini Raghuram Prathivadi Bhayankaram <yashaswini.raghuram.prathivadi.bhayankaram@intel.com> Co-developed-by: Paul M Stillwell Jr <paul.m.stillwell.jr@intel.com> Signed-off-by: Paul M Stillwell Jr <paul.m.stillwell.jr@intel.com> Co-developed-by: Brett Creeley <brett.creeley@intel.com> Signed-off-by: Brett Creeley <brett.creeley@intel.com> Signed-off-by: Vignesh Sridhar <vignesh.sridhar@intel.com> Tested-by: Konrad Jankowski <konrad0.jankowski@intel.com> Signed-off-by: Tony Nguyen <anthony.l.nguyen@intel.com>

Diffstat (limited to 'include')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: