From owner-freebsd-virtualization@freebsd.org Tue Nov 20 15:56:04 2018 Return-Path: Delivered-To: freebsd-virtualization@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DD04D1133C50 for ; Tue, 20 Nov 2018 15:56:03 +0000 (UTC) (envelope-from ixbug@riseup.net) Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.riseup.net", Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 12291732DC for ; Tue, 20 Nov 2018 15:56:03 +0000 (UTC) (envelope-from ixbug@riseup.net) Received: from cotinga.riseup.net (cotinga-pn.riseup.net [10.0.1.164]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client CN "*.riseup.net", Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK)) by mx1.riseup.net (Postfix) with ESMTPS id ED0BE1A01F5 for ; Tue, 20 Nov 2018 07:55:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1542729356; bh=5lPERYAPU4ZMkzTqOTd33nh2jBoBj1lVjORUO1Y/pcU=; h=To:From:Subject:Date:From; b=krzPo+GPkRv4Ee0Lp0/RJ4MEZlvoyftohjsGJNb1AqRctELdK1LkF1Fg+LD9ANwY+ GIPO+Xu2KWrNohjenl+MeYsCu4C/0AY8l0sL7g2qtt8Vbphiw/HDHLp9HgdQFR8f4R 1w9je6yLBSfcMzbib7BNBWHx1p56vPLZdeVBICpo= X-Riseup-User-ID: DE170292ED389999FBBBBD67240A9F2A5778165F0DADCEC83909D72A53DDCEC5 Received: from [127.0.0.1] (localhost [127.0.0.1]) by cotinga.riseup.net with ESMTPSA id D5939E7AA9 for ; Tue, 20 Nov 2018 07:55:54 -0800 (PST) To: freebsd-virtualization@freebsd.org From: Finn Enok Subject: bhyve passthru: Malicious Driver Detection event Message-ID: <219c98cf-7774-315f-0fe5-a38f6dacb5f6@riseup.net> Date: Tue, 20 Nov 2018 15:55:00 +0000 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 12291732DC X-Spamd-Result: default: False [-3.30 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[riseup.net]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-virtualization@freebsd.org]; TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-0.99)[-0.991,0]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[riseup.net:+]; MX_GOOD(-0.01)[mx1.riseup.net]; DMARC_POLICY_ALLOW(-0.50)[riseup.net,none]; NEURAL_HAM_SHORT(-0.18)[-0.177,0]; RCVD_IN_DNSWL_LOW(-0.10)[129.153.252.198.list.dnswl.org : 127.0.5.1]; FROM_EQ_ENVFROM(0.00)[]; IP_SCORE(-0.02)[country: US(-0.09)]; ASN(0.00)[asn:16652, ipnet:198.252.153.0/24, country:US]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Nov 2018 15:56:04 -0000 Hi, I'd like to setup passthru for an Intel NIC using SR-IOV Virtual Functions (VFs): 4 VFs: - 3 VFs for VMs (passthru) - 1 VF for the host ixlv0 on the host works fine until I boot the first VM, which causes the host to loose connectivity. /var/log/messages gets filled with these entries when starting the VM which has one of the VFs assigned: kernel: ixl1: Malicious Driver Detection event 0 on TX queue 777, pf number 1 kernel: ixl1: MDD TX event is for this function! kernel: ixl1: Malicious Driver Detection event 1 on RX queue 776, pf number 64 kernel: ixl1: MDD RX event is for this function! Is this a driver bug or configuration issue on my side? thanks! Finn FreeBSD 11.2 NIC: Intel X710-DA2 "vm passthru" output shows the 3 ppt devices as "READY Yes" from the log during bootup: --------------------------- kernel: pci3: at device 0.81 (no driver attached) kernel: pci3: at device 0.82 (no driver attached) kernel: pci3: at device 0.83 (no driver attached) /etc/iov/ixl1.conf ------------------- PF { device : "ixl1"; num_vfs : 4; } DEFAULT { passthrough : true; } #VF for use by host VF-0 { passthrough : false; } debian vm config: ------------- loader="grub" cpu=1 memory=512M disk0_type="ahci-hd" disk0_name="disk0.img" grub_run_partition="1" grub_run_dir="/boot/grub" passthru0="2/0/81" uuid=... ixl1 related log entries when booting: --------------------------------------- kernel: ixl1: mem 0xf8800000-0xf8ffffff,0xf9800000-0xf9807fff irq 32 at device 0.1 numa-domain 0 on pci3 kernel: ixl1: using 1024 tx descriptors and 1024 rx descriptors kernel: ixl1: fw 6.0.48442 api 1.7 nvm 6.01 etid 800035cf oem 1.262.0 kernel: ixl1: PF-ID[1]: VFs 64, MSIX 129, VF MSIX 5, QPs 768, I2C kernel: ixl1: Using MSIX interrupts with 9 vectors kernel: ixl1: Allocating 8 queues for PF LAN VSI; 8 queues active kernel: ixl1: PCI Express Bus: Speed 8.0GT/s Width x8 kernel: ixl1: SR-IOV ready kernel: ixl1: netmap queues/slots: TX 8/1024, RX 8/1024 kernel: ixl1: The device is not iWARP enabled ixl0 should not be relevant but I'm including the log lines here as well (from bootup): kernel: ixl0: mem 0xf9000000-0xf97fffff,0xf9808000-0xf980ffff irq 32 at device 0.0 numa-domain 0 on pci3 kernel: ixl0: using 1024 tx descriptors and 1024 rx descriptors kernel: ixl0: fw 6.0.48442 api 1.7 nvm 6.01 etid 800035cf oem 1.262.0 kernel: ixl0: PF-ID[0]: VFs 64, MSIX 129, VF MSIX 5, QPs 768, I2C kernel: ixl0: Using MSIX interrupts with 9 vectors kernel: ixl0: Allocating 8 queues for PF LAN VSI; 8 queues active kernel: ixl0: PCI Express Bus: Speed 8.0GT/s Width x8 kernel: ixl0: SR-IOV ready