Merge "Prevent configuring the Dell Minerva NIC VFs"
This commit is contained in:
commit
a396dff37c
|
@ -1455,6 +1455,11 @@ def _check_interface_data(op, interface, ihost, existing_interface,
|
||||||
return interface
|
return interface
|
||||||
|
|
||||||
|
|
||||||
|
def _is_port_sriov_restricted(port):
|
||||||
|
return port.pvendor in constants.SRIOV_RESTRICTED_NET_DEVICES and \
|
||||||
|
port.pdevice in constants.SRIOV_RESTRICTED_NET_DEVICES[port.pvendor]
|
||||||
|
|
||||||
|
|
||||||
def _check_ports(op, interface, ihost, ports):
|
def _check_ports(op, interface, ihost, ports):
|
||||||
port_list = []
|
port_list = []
|
||||||
|
|
||||||
|
@ -1474,10 +1479,17 @@ def _check_ports(op, interface, ihost, ports):
|
||||||
raise wsme.exc.ClientSideError(_(
|
raise wsme.exc.ClientSideError(_(
|
||||||
"For Ethernet, select a single port."))
|
"For Ethernet, select a single port."))
|
||||||
|
|
||||||
# Make sure that no other interface is currently using these ports
|
# Make sure that the port is not in the SR-IOV restricted list and
|
||||||
|
# that no other interface is currently using these ports
|
||||||
host_ports = pecan.request.dbapi.ethernet_port_get_all(hostid=ihost['id'])
|
host_ports = pecan.request.dbapi.ethernet_port_get_all(hostid=ihost['id'])
|
||||||
for p in host_ports:
|
for p in host_ports:
|
||||||
if p.name in port_list or p.uuid in port_list:
|
if p.name in port_list or p.uuid in port_list:
|
||||||
|
if (interface['ifclass'] == constants.INTERFACE_CLASS_PCI_SRIOV and
|
||||||
|
_is_port_sriov_restricted(p)):
|
||||||
|
pif = pecan.request.dbapi.iinterface_get(p.interface_id)
|
||||||
|
msg = _("Cannot use port. PCI vendor '%s' and device '%s' is not allowed."
|
||||||
|
% (p.pvendor, p.pdevice))
|
||||||
|
raise wsme.exc.ClientSideError(msg)
|
||||||
if p.interface_id and p.interface_id != this_interface_id:
|
if p.interface_id and p.interface_id != this_interface_id:
|
||||||
pif = pecan.request.dbapi.iinterface_get(p.interface_id)
|
pif = pecan.request.dbapi.iinterface_get(p.interface_id)
|
||||||
msg = _("Another interface %s is already using this port"
|
msg = _("Another interface %s is already using this port"
|
||||||
|
|
|
@ -2276,6 +2276,14 @@ DRIVERS_UP_BEFORE_SRIOV = [DRIVER_BNXT_EN]
|
||||||
# become operational
|
# become operational
|
||||||
DRIVERS_NOT_IMMEDIATELY_OPERATIONAL = [DRIVER_BNXT_EN]
|
DRIVERS_NOT_IMMEDIATELY_OPERATIONAL = [DRIVER_BNXT_EN]
|
||||||
|
|
||||||
|
# SR-IOV restricted network devices (cannot be used to create VFs)
|
||||||
|
# Marvell (Cavium) CNF105xx family (CNF10KA and CNF10KB):
|
||||||
|
PVENDOR_CAVIUM = 'Cavium, Inc. [177d]'
|
||||||
|
PDEVICE_CAVIUM_BA00 = 'Device [ba00]'
|
||||||
|
PDEVICE_CAVIUM_BC00 = 'Device [bc00]'
|
||||||
|
SRIOV_RESTRICTED_NET_DEVICES = {PVENDOR_CAVIUM: (PDEVICE_CAVIUM_BA00,
|
||||||
|
PDEVICE_CAVIUM_BC00)}
|
||||||
|
|
||||||
# Traffic control
|
# Traffic control
|
||||||
TRAFFIC_CONTROL_SCRIPT = '/usr/local/bin/tc_setup.sh'
|
TRAFFIC_CONTROL_SCRIPT = '/usr/local/bin/tc_setup.sh'
|
||||||
|
|
||||||
|
|
|
@ -1938,6 +1938,38 @@ class TestPostMixin(object):
|
||||||
self.assertEqual(http_client.OK, patch_result.status_code)
|
self.assertEqual(http_client.OK, patch_result.status_code)
|
||||||
self.assertEqual(0, patch_result.json['max_tx_rate'])
|
self.assertEqual(0, patch_result.json['max_tx_rate'])
|
||||||
|
|
||||||
|
def test_modify_sriov_restricted_port(self):
|
||||||
|
pvendor = constants.PVENDOR_CAVIUM
|
||||||
|
pdevice = constants.PDEVICE_CAVIUM_BA00
|
||||||
|
interface = dbutils.create_test_interface(forihostid=self.worker.id,
|
||||||
|
datanetworks='group0-data0')
|
||||||
|
dbutils.create_test_ethernet_port(
|
||||||
|
id=1, name='enp81s0f0', host_id=self.worker.id,
|
||||||
|
interface_id=interface.id,
|
||||||
|
pciaddr='0000:51:00.0', dev_id=0, sriov_totalvfs=32, sriov_numvfs=0,
|
||||||
|
driver='octeon_ep',
|
||||||
|
pvendor=pvendor,
|
||||||
|
pdevice=pdevice)
|
||||||
|
# ifclass to pci-passthrough is allowed
|
||||||
|
patch_result = self.patch_dict_json(
|
||||||
|
'%s' % self._get_path(interface['uuid']),
|
||||||
|
ifname='sriov0',
|
||||||
|
ifclass=constants.INTERFACE_CLASS_PCI_PASSTHROUGH,
|
||||||
|
expect_errors=True)
|
||||||
|
self.assertEqual('application/json', patch_result.content_type)
|
||||||
|
self.assertEqual(http_client.OK, patch_result.status_code)
|
||||||
|
# ifclass to pci-sriov is not allowed
|
||||||
|
patch_result = self.patch_dict_json(
|
||||||
|
'%s' % self._get_path(interface['uuid']),
|
||||||
|
ifclass=constants.INTERFACE_CLASS_PCI_SRIOV,
|
||||||
|
sriov_numvfs=8,
|
||||||
|
expect_errors=True)
|
||||||
|
self.assertEqual(http_client.BAD_REQUEST, patch_result.status_int)
|
||||||
|
self.assertTrue(patch_result.json['error_message'])
|
||||||
|
self.assertIn(f"Cannot use port. PCI vendor '{pvendor}' and "
|
||||||
|
f"device '{pdevice}' is not allowed.",
|
||||||
|
patch_result.json['error_message'])
|
||||||
|
|
||||||
|
|
||||||
class TestAIOPost(InterfaceTestCase):
|
class TestAIOPost(InterfaceTestCase):
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
|
|
Loading…
Reference in New Issue