> From: Cao, Yahui <yahui.cao@xxxxxxxxx> > Sent: Tuesday, November 21, 2023 10:51 AM > > + /* Read the beginning two bytes of message for VSI id */ > + u16 *vsi_id = (u16 *)msg; > + > + /* For VM runtime stage, vsi_id in the virtual channel > message > + * should be equal to the PF logged vsi_id and vsi_id is > + * replaced by VF's VSI id to guarantee that messages are > + * processed successfully. If vsi_id is not equal to the PF > + * logged vsi_id, then this message must be sent by malicious > + * VF and no replacement is needed. Just let virtual channel > + * handler to fail this message. > + * > + * For virtual channel replaying stage, all of the PF logged > + * virtual channel messages are trusted and vsi_id is replaced > + * anyway to guarantee the messages are processed > successfully. > + */ > + if (*vsi_id == vf->vm_vsi_num || > + test_bit(ICE_VF_STATE_REPLAYING_VC, vf->vf_states)) > + *vsi_id = vf->lan_vsi_num; The second check is redundant. As long as vf->vm_vsi_num is restored before replaying vc messages, there shouldn't be mismatch in the replay phase.
