2226986 – [BCM57504] [rhel9]vf kernel vlan with spoofchk off and trust off, ipv4 traffic shouldn't be captured

Bug 2226986 - [BCM57504] [rhel9]vf kernel vlan with spoofchk off and trust off, ipv4 traffic shouldn't be captured

Summary: [BCM57504] [rhel9]vf kernel vlan with spoofchk off and trust off, ipv4 traffi...

Keywords:
Status:	NEW
Alias:	None
Product:	Red Hat Enterprise Linux 9
Classification:	Red Hat
Component:	dpdk
Sub Component:
Version:	9.2
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	rc
Target Release:	---
Assignee:	Maxime Coquelin
QA Contact:	Hekai Wang
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2023-07-27 09:50 UTC by Jiying Qiu
Modified:	2023-08-15 07:14 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Type:	Bug
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	RHELPLAN-163666	0	None	None	None	2023-07-27 09:54:07 UTC

Description Jiying Qiu 2023-07-27 09:50:09 UTC

Description of problem:
Server create vfs ,and set vlan to vfs. set spoofchk off and trust off.  bind vfs to testpmd, send ipv4 traffic from Client,  captured packets in client nic2 port.

Version-Release number of selected component (if applicable):
kernel-5.14.0-284.18.1.el9_2.x86_64
dpdk-22.11-4.el9.x86_64

5e:00.2 Ethernet controller: Broadcom Inc. and subsidiaries BCM57504 NetXtreme-E 10Gb/25Gb/40Gb/50Gb/100Gb/200Gb Ethernet (rev 11)
5e:00.3 Ethernet controller: Broadcom Inc. and subsidiaries BCM57504 NetXtreme-E 10Gb/25Gb/40Gb/50Gb/100Gb/200Gb Ethernet (rev 11)

# ethtool -i ens2f2np2
driver: bnxt_en
version: 5.14.0-284.18.1.el9_2.x86_64
firmware-version: 225.0.144.0/pkg 225.1.95.0
expansion-rom-version: 
bus-info: 0000:5e:00.2
supports-statistics: yes
supports-test: yes
supports-eeprom-access: yes
supports-register-dump: yes
supports-priv-flags: no

How reproducible:
always

Steps to Reproduce:
Server and Client is connected back to back
Server side : 
1. create 1 vf on each PF
5f:02.0 Ethernet controller: Broadcom Inc. and subsidiaries BCM5750X NetXtreme-E Ethernet Virtual Function (rev 11)
5f:03.0 Ethernet controller: Broadcom Inc. and subsidiaries BCM5750X NetXtreme-E Ethernet Virtual Function (rev 11)

2. set vlan ,spoofchk off , trust off on vfs
#ip li set ens2f2np2 vf 0 spoofchk off
#ip li set ens2f3np3 vf 0 spoofchk off
#ip li set ens2f2np2 vf 0 trust off
#ip li set ens2f3np3 vf 0 trust off
#ip li set ens2f2np2 vf 0 vlan 2
#ip li set ens2f3np3 vf 0 vlan 2
#ip link
113: ens2f2np2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
    link/ether 5c:6f:69:82:8f:62 brd ff:ff:ff:ff:ff:ff
    vf 0     link/ether c6:aa:3c:5e:68:dc brd ff:ff:ff:ff:ff:ff, vlan 2, spoof checking off, link-state auto, trust off
    altname enp94s0f2np2
114: ens2f3np3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
    link/ether 5c:6f:69:82:8f:63 brd ff:ff:ff:ff:ff:ff
    vf 0     link/ether f6:4b:e7:c1:23:96 brd ff:ff:ff:ff:ff:ff, vlan 2, spoof checking off, link-state auto, trust off
    altname enp94s0f3np3



3.bind vf to vfio-pci, then start testpmd ,and set verbose 9 inside testpmd
#driverctl set-override 0000:5f:02.0 vfio-pci
#driverctl set-override 0000:5f:03.0 vfio-pci
#dpdk-testpmd -a 0000:5f:02.0 -a 0000:5f:03.0 -- -i --auto-start
testpmd> set verbose 9

Client side:
send ipv4 traffic with scapy
send_pkt_num = 10
size = 64
pkt = Ether()/Dot1Q(type=0x8100,vlan=2)
pkt.dst = Server_nic2_mac  ## pf mac
payload = max(0, size - len(pkt)) * 'x'
pkt.add_payload(payload.encode())
log(pkt.show())
sendp(pkt,count=send_pkt_num,inter=1,iface='Client_nic1_name')

Actual results:
there are packets captured in testpmd.
And on client nic2, packets captured

Expected results:
On client nic2, shouldn't have packets captured

Additional info:
https://beaker.engineering.redhat.com/recipes/14300246#task163614963
case
dpdk-sriov-vf-kernel-vlan-test-spoofchk-disabled-vf-trust-off-without-max-tx-rate-without-qos-IPV4-packets-check
dpdk-sriov-vf-kernel-vlan-test-spoofchk-disabled-vf-trust-off-with-max-tx-rate-without-qos-IPV4-packets-check
dpdk-sriov-vf-kernel-vlan-test-spoofchk-disabled-vf-trust-off-without-max-tx-rate-with-qos-IPV4-packets-check
dpdk-sriov-vf-kernel-vlan-test-spoofchk-disabled-vf-trust-off-with-max-tx-rate-with-qos-IPV4-packets-check

Note You need to log in before you can comment on or make changes to this bug.