blob: 27b1acb057ffdf25daf878c9ca0608dc372bf2cc (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
|
#!/usr/bin/env bash
# Copyright (c) 2021 Cisco and/or its affiliates.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at:
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# CSIT SRIOV VF initialization and isolation.
set -euo pipefail
SCRIPT_DIR="$(dirname $(readlink -e "${BASH_SOURCE[0]}"))"
source "${SCRIPT_DIR}/csit-initialize-vfs-data.sh"
# Initilize whitelisted NICs with maximum number of VFs.
pci_idx=0
for pci_addr in ${PCI_WHITELIST[@]}; do
if ! [[ ${PCI_BLACKLIST[*]} =~ "${pci_addr}" ]]; then
pci_path="/sys/bus/pci/devices/${pci_addr}"
# SR-IOV initialization
case "${1:-start}" in
"start" )
sriov_totalvfs=$(< "${pci_path}"/sriov_totalvfs)
;;
"stop" )
sriov_totalvfs=0
;;
esac
echo ${sriov_totalvfs} > "${pci_path}"/sriov_numvfs
# SR-IOV 802.1Q isolation
case "${1:-start}" in
"start" )
pf=$(basename "${pci_path}"/net/*)
for vf in $(seq "${sriov_totalvfs}"); do
# PCI address index in array (pairing siblings).
if [[ -n ${PF_INDICES[@]} ]]
then
vlan_pf_idx=${PF_INDICES[$pci_addr]}
else
vlan_pf_idx=$(( pci_idx % (${#PCI_WHITELIST[@]} / 2) ))
fi
# 802.1Q base offset.
vlan_bs_off=1100
# 802.1Q PF PCI address offset.
vlan_pf_off=$(( vlan_pf_idx * 100 + vlan_bs_off ))
# 802.1Q VF PCI address offset.
vlan_vf_off=$(( vlan_pf_off + vf - 1 ))
# VLAN string.
vlan_str="vlan ${vlan_vf_off}"
# MAC string.
mac5="$(printf '%x' ${pci_idx})"
mac6="$(printf '%x' $(( vf - 1 )))"
mac_str="mac ba:dc:0f:fe:${mac5}:${mac6}"
# Set 802.1Q VLAN id and MAC address
ip link set ${pf} vf $(( vf - 1 )) ${mac_str} ${vlan_str}
ip link set ${pf} vf $(( vf - 1 )) trust on
ip link set ${pf} vf $(( vf - 1 )) spoof off
done
pci_idx=$(( pci_idx + 1 ))
;;
esac
fi
done
|
