diff options
author | Alexander Duyck <alexander.h.duyck@intel.com> | 2018-05-22 11:44:29 -0400 |
---|---|---|
committer | Jeff Kirsher <jeffrey.t.kirsher@intel.com> | 2018-06-04 10:17:55 -0700 |
commit | 4be87727d4aebe36913d9f2a6806724cb593516f (patch) | |
tree | 47fd6cbdce8da1f1eae174e23615e827b13f6c68 /samples/seccomp | |
parent | 06140c793db51476585ee9abf032845e221982cb (diff) | |
download | linux-stable-4be87727d4aebe36913d9f2a6806724cb593516f.tar.gz linux-stable-4be87727d4aebe36913d9f2a6806724cb593516f.tar.bz2 linux-stable-4be87727d4aebe36913d9f2a6806724cb593516f.zip |
ixgbevf: Fix coexistence of malicious driver detection with XDP
In the case of the VF driver it is supposed to provide a context descriptor
that allows us to provide information about the header offsets inside of
the frame. However in the case of XDP we don't really have any of that
information since the data is minimally processed. As a result we were
seeing malicious driver detection (MDD) events being triggered when the PF
had that functionality enabled.
To address this I have added a bit of new code that will "prime" the XDP
ring by providing one context descriptor that assumes the minimal setup of
an Ethernet frame which is an L2 header length of 14. With just that we can
provide enough information to make the hardware happy so that we don't
trigger MDD events.
Signed-off-by: Alexander Duyck <alexander.h.duyck@intel.com>
Tested-by: Andrew Bowers <andrewx.bowers@intel.com>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@intel.com>
Diffstat (limited to 'samples/seccomp')
0 files changed, 0 insertions, 0 deletions