[PATCH OLK-5.10 0/2] CVE-2024-46857

List overview All Threads
Download

newer

older

[PATCH OLK-6.6] cpufreq:...

[openeuler:OLK-6.6 3892/14286]...

Zhang Changzhong

9 Oct 2024 9 Oct '24

10:45 a.m.

Benjamin Poirier (1): net/mlx5: Fix bridge mode operations when there are no VFs

Chris Mi (1): net/mlx5: E-switch, Introduce flag to indicate if fdb table is created

drivers/net/ethernet/mellanox/mlx5/core/eswitch.c | 7 +++++-- drivers/net/ethernet/mellanox/mlx5/core/eswitch.h | 9 +++++++++ 2 files changed, 14 insertions(+), 2 deletions(-)

-- 2.9.5

Show replies by date

patchwork bot

9 Oct 9 Oct

10:13 a.m.

反馈：您发送到kernel@openeuler.org的补丁/补丁集，已成功转换为PR！ PR链接地址： https://gitee.com/openeuler/kernel/pulls/12062 邮件列表地址：https://mailweb.openeuler.org/hyperkitty/list/kernel@openeuler.org/message/I...

FeedBack: The patch(es) which you have sent to kernel@openeuler.org mailing list has been converted to a pull request successfully! Pull request link: https://gitee.com/openeuler/kernel/pulls/12062 Mailing list address: https://mailweb.openeuler.org/hyperkitty/list/kernel@openeuler.org/message/I...

Zhang Changzhong

10:45 a.m.

New subject: [PATCH OLK-5.10 1/2] net/mlx5: E-switch, Introduce flag to indicate if fdb table is created

From: Chris Mi cmi@nvidia.com

mainline inclusion from mainline-v6.0-rc1 commit fbd43b7259bc699e540ef8e7eb81631d57618a2e category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IAU9OW CVE: CVE-2024-46857

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i...

--------------------------------

Introduce flag to indicate if fdb table is created as a pre-step to prepare for removing dependency between sriov and eswitch mode in the downstream patches.

Signed-off-by: Chris Mi cmi@nvidia.com Reviewed-by: Mark Bloch mbloch@nvidia.com Reviewed-by: Roi Dayan roid@nvidia.com Signed-off-by: Saeed Mahameed saeedm@nvidia.com Conflicts: drivers/net/ethernet/mellanox/mlx5/core/eswitch.h [ commit 19e9bfa044f3 ("net/mlx5: Bridge, add offload infrastructure") not merged ] Signed-off-by: Zhang Changzhong zhangchangzhong@huawei.com --- drivers/net/ethernet/mellanox/mlx5/core/eswitch.c | 3 +++ drivers/net/ethernet/mellanox/mlx5/core/eswitch.h | 9 +++++++++ 2 files changed, 12 insertions(+)

diff --git a/drivers/net/ethernet/mellanox/mlx5/core/eswitch.c b/drivers/net/ethernet/mellanox/mlx5/core/eswitch.c index 3ae082c..2d2e80f 100644 --- a/drivers/net/ethernet/mellanox/mlx5/core/eswitch.c +++ b/drivers/net/ethernet/mellanox/mlx5/core/eswitch.c @@ -1630,6 +1630,8 @@ int mlx5_eswitch_enable_locked(struct mlx5_eswitch *esw, int mode, int num_vfs) if (err) goto abort;

+ esw->fdb_table.flags |= MLX5_ESW_FDB_CREATED; + mlx5_eswitch_event_handlers_register(esw);

esw_info(esw->dev, "Enable: mode(%s), nvfs(%d), active vports(%d)\n", @@ -1695,6 +1697,7 @@ void mlx5_eswitch_disable_locked(struct mlx5_eswitch *esw, bool clear_vf)

mlx5_eswitch_event_handlers_unregister(esw);

+ esw->fdb_table.flags &= ~MLX5_ESW_FDB_CREATED; if (esw->mode == MLX5_ESWITCH_LEGACY) esw_legacy_disable(esw); else if (esw->mode == MLX5_ESWITCH_OFFLOADS) diff --git a/drivers/net/ethernet/mellanox/mlx5/core/eswitch.h b/drivers/net/ethernet/mellanox/mlx5/core/eswitch.h index 59c674f1..0ff6a4a 100644 --- a/drivers/net/ethernet/mellanox/mlx5/core/eswitch.h +++ b/drivers/net/ethernet/mellanox/mlx5/core/eswitch.h @@ -241,6 +241,10 @@ enum { MLX5_ESWITCH_REG_C1_LOOPBACK_ENABLED = BIT(1), };

+enum { + MLX5_ESW_FDB_CREATED = BIT(0), +}; + struct mlx5_eswitch { struct mlx5_core_dev *dev; struct mlx5_nb nb; @@ -556,6 +560,11 @@ mlx5_esw_devlink_port_index_to_vport_num(unsigned int dl_port_index) return dl_port_index & 0xffff; }

+static inline bool mlx5_esw_is_fdb_created(struct mlx5_eswitch *esw) +{ + return esw->fdb_table.flags & MLX5_ESW_FDB_CREATED; +} + /* TODO: This mlx5e_tc function shouldn't be called by eswitch */ void mlx5e_tc_clean_fdb_peer_flows(struct mlx5_eswitch *esw);

-- 2.9.5

Zhang Changzhong

10:45 a.m.

New subject: [PATCH OLK-5.10 2/2] net/mlx5: Fix bridge mode operations when there are no VFs

From: Benjamin Poirier bpoirier@nvidia.com

mainline inclusion from mainline-v6.11 commit b1d305abef4640af1b4f1b4774d513cd81b10cfc category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IAU9OW CVE: CVE-2024-46857

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i...

--------------------------------

Currently, trying to set the bridge mode attribute when numvfs=0 leads to a crash:

bridge link set dev eth2 hwmode vepa

[ 168.967392] BUG: kernel NULL pointer dereference, address: 0000000000000030 [...] [ 168.969989] RIP: 0010:mlx5_add_flow_rules+0x1f/0x300 [mlx5_core] [...] [ 168.976037] Call Trace: [ 168.976188] <TASK> [ 168.978620] _mlx5_eswitch_set_vepa_locked+0x113/0x230 [mlx5_core] [ 168.979074] mlx5_eswitch_set_vepa+0x7f/0xa0 [mlx5_core] [ 168.979471] rtnl_bridge_setlink+0xe9/0x1f0 [ 168.979714] rtnetlink_rcv_msg+0x159/0x400 [ 168.980451] netlink_rcv_skb+0x54/0x100 [ 168.980675] netlink_unicast+0x241/0x360 [ 168.980918] netlink_sendmsg+0x1f6/0x430 [ 168.981162] ____sys_sendmsg+0x3bb/0x3f0 [ 168.982155] ___sys_sendmsg+0x88/0xd0 [ 168.985036] __sys_sendmsg+0x59/0xa0 [ 168.985477] do_syscall_64+0x79/0x150 [ 168.987273] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 168.987773] RIP: 0033:0x7f8f7950f917

(esw->fdb_table.legacy.vepa_fdb is null)

The bridge mode is only relevant when there are multiple functions per port. Therefore, prevent setting and getting this setting when there are no VFs.

Note that after this change, there are no settings to change on the PF interface using `bridge link` when there are no VFs, so the interface no longer appears in the `bridge link` output.

Fixes: 4b89251de024 ("net/mlx5: Support ndo bridge_setlink and getlink") Signed-off-by: Benjamin Poirier bpoirier@nvidia.com Reviewed-by: Cosmin Ratiu cratiu@nvidia.com Signed-off-by: Saeed Mahameed saeedm@nvidia.com Conflicts: drivers/net/ethernet/mellanox/mlx5/core/eswitch.c [ commit b1d305abef46 ("net/mlx5: Fix bridge mode operations when there are no VFs") not merged ] Signed-off-by: Zhang Changzhong zhangchangzhong@huawei.com --- drivers/net/ethernet/mellanox/mlx5/core/eswitch.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/net/ethernet/mellanox/mlx5/core/eswitch.c b/drivers/net/ethernet/mellanox/mlx5/core/eswitch.c index 2d2e80f..afd3e4d 100644 --- a/drivers/net/ethernet/mellanox/mlx5/core/eswitch.c +++ b/drivers/net/ethernet/mellanox/mlx5/core/eswitch.c @@ -2177,7 +2177,7 @@ int mlx5_eswitch_set_vepa(struct mlx5_eswitch *esw, u8 setting) return -EPERM;

mutex_lock(&esw->state_lock); - if (esw->mode != MLX5_ESWITCH_LEGACY) { + if (esw->mode != MLX5_ESWITCH_LEGACY || !mlx5_esw_is_fdb_created(esw)) { err = -EOPNOTSUPP; goto out; } @@ -2197,7 +2197,7 @@ int mlx5_eswitch_get_vepa(struct mlx5_eswitch *esw, u8 *setting) if (!ESW_ALLOWED(esw)) return -EPERM;

- if (esw->mode != MLX5_ESWITCH_LEGACY) + if (esw->mode != MLX5_ESWITCH_LEGACY || !mlx5_esw_is_fdb_created(esw)) return -EOPNOTSUPP;

*setting = esw->fdb_table.legacy.vepa_uplink_rule ? 1 : 0;

-- 2.9.5

Age (days ago)

Last active (days ago)

kernel@openeuler.org

3 comments

2 participants

tags (0)

participants (2)

patchwork bot
Zhang Changzhong