svn commit: r366862 - in head: share/man/man4 sys/dev/cxgbe

Navdeep Parhar np at FreeBSD.org
Mon Oct 19 21:11:50 UTC 2020 

Author: np
Date: Mon Oct 19 21:11:49 2020
New Revision: 366862
URL: https://svnweb.freebsd.org/changeset/base/366862

Log:
  cxgbe(4): Updates to the drop features from r366532.
  
  MFC after:	1 week
  Sponsored by:	Chelsio Communications

Modified:
  head/share/man/man4/cxgbe.4
  head/sys/dev/cxgbe/t4_main.c

Modified: head/share/man/man4/cxgbe.4
==============================================================================
--- head/share/man/man4/cxgbe.4	Mon Oct 19 20:43:29 2020	(r366861)
+++ head/share/man/man4/cxgbe.4	Mon Oct 19 21:11:49 2020	(r366862)
@@ -31,7 +31,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd October 8, 2020
+.Dd October 19, 2020
 .Dt CXGBE 4
 .Os
 .Sh NAME
@@ -369,6 +369,7 @@ The attack filter will drop an incoming frame if any o
 true: src ip/ip6 == dst ip/ip6; tcp and src/dst ip is not unicast; src/dst ip is
 loopback (127.x.y.z); src ip6 is not unicast; src/dst ip6 is loopback (::1/128)
 or unspecified (::/128); tcp and src/dst ip6 is mcast (ff00::/8).
+This facility is available on T4 and T5 based cards only.
 .It Va hw.cxgbe.drop_ip_fragments
 Set to 1 to drop all incoming IP fragments.
 Default is 0.
@@ -378,9 +379,11 @@ Set to 1 to drop incoming frames with Layer 2 length o
 Default is 1.
 .It Va hw.cxgbe.drop_pkts_with_l3_errors
 Set to 1 to drop incoming frames with IP version, length, or checksum errors.
+The IP checksum is validated for TCP or UDP packets only.
 Default is 0.
 .It Va hw.cxgbe.drop_pkts_with_l4_errors
-Set to 1 to drop incoming frames with Layer 4 length, checksum, or other errors.
+Set to 1 to drop incoming frames with Layer 4 (TCP or UDP) length,
+checksum, or other errors.
 Default is 0.
 .El
 .Sh SUPPORT

Modified: head/sys/dev/cxgbe/t4_main.c
==============================================================================
--- head/sys/dev/cxgbe/t4_main.c	Mon Oct 19 20:43:29 2020	(r366861)
+++ head/sys/dev/cxgbe/t4_main.c	Mon Oct 19 21:11:49 2020	(r366862)
@@ -4823,7 +4823,7 @@ set_params__post_init(struct adapter *sc)
 	    F_DROPERRORIPHDRLEN | F_DROPERRORTCPHDRLEN | F_DROPERRORPKTLEN |
 	    F_DROPERRORTCPOPT | F_DROPERRORCSUMIP | F_DROPERRORCSUM;
 	val = 0;
-	if (t4_attack_filter != 0) {
+	if (chip_id(sc) < CHELSIO_T6 && t4_attack_filter != 0) {
 		t4_set_reg_field(sc, A_TP_GLOBAL_CONFIG, F_ATTACKFILTERENABLE,
 		    F_ATTACKFILTERENABLE);
 		val |= F_DROPERRORATTACK;

More information about the svn-src-all mailing list