On Sun, Nov 13, 2022 at 9:45 PM Eli Cohen <elic at nvidia.com>
wrote:>
> Set the VLAN id to the header values field instead of overwriting the
> headers criteria field.
>
> Before this fix, VLAN filtering would not really work and tagged packets
> would be forwarded unfiltered to the TIR.
>
> In addition modify the logic so that VLAN filtering is enforced only
> when VIRTIO_NET_F_CTRL_VLAN is negotiated. When not negotiated, all
> incoming traffic is accepted as long as it is targeting the net
device's
> MAC address.
>
> Fixes: baf2ad3f6a98 ("vdpa/mlx5: Add RX MAC VLAN filter support")
>
> Signed-off-by: Eli Cohen <elic at nvidia.com>
> ---
> drivers/vdpa/mlx5/net/mlx5_vnet.c | 11 ++++++++---
> 1 file changed, 8 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/vdpa/mlx5/net/mlx5_vnet.c
b/drivers/vdpa/mlx5/net/mlx5_vnet.c
> index 90913365def4..ea95081eca0c 100644
> --- a/drivers/vdpa/mlx5/net/mlx5_vnet.c
> +++ b/drivers/vdpa/mlx5/net/mlx5_vnet.c
> @@ -1468,11 +1468,13 @@ static int mlx5_vdpa_add_mac_vlan_rules(struct
mlx5_vdpa_net *ndev, u8 *mac,
> dmac_v = MLX5_ADDR_OF(fte_match_param, headers_v,
outer_headers.dmac_47_16);
> eth_broadcast_addr(dmac_c);
> ether_addr_copy(dmac_v, mac);
> - MLX5_SET(fte_match_set_lyr_2_4, headers_c, cvlan_tag, 1);
> + if (ndev->mvdev.actual_features & VIRTIO_NET_F_CTRL_VLAN) {
> + MLX5_SET(fte_match_set_lyr_2_4, headers_c, cvlan_tag, 1);
> + MLX5_SET_TO_ONES(fte_match_set_lyr_2_4, headers_c,
first_vid);
> + }
> if (tagged) {
> MLX5_SET(fte_match_set_lyr_2_4, headers_v, cvlan_tag, 1);
> - MLX5_SET_TO_ONES(fte_match_set_lyr_2_4, headers_c,
first_vid);
> - MLX5_SET(fte_match_set_lyr_2_4, headers_c, first_vid, vid);
> + MLX5_SET(fte_match_set_lyr_2_4, headers_v, first_vid, vid);
> }
> flow_act.action = MLX5_FLOW_CONTEXT_ACTION_FWD_DEST;
> dest.type = MLX5_FLOW_DESTINATION_TYPE_TIR;
> @@ -1821,6 +1823,9 @@ static virtio_net_ctrl_ack handle_ctrl_vlan(struct
mlx5_vdpa_dev *mvdev, u8 cmd)
> size_t read;
> u16 id;
>
> + if (!(ndev->mvdev.actual_features &
BIT_ULL(VIRTIO_NET_F_CTRL_VLAN)))
> + return status;
Nit: this seems unrelated to the patch.
Other than this.
Acked-by: Jason Wang <jasowang at redhat.com>
> +
> switch (cmd) {
> case VIRTIO_NET_CTRL_VLAN_ADD:
> read = vringh_iov_pull_iotlb(&cvq->vring,
&cvq->riov, &vlan, sizeof(vlan));
> --
> 2.38.1
>