lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20231006183028.GA1213337@nvidia.com>
Date:   Fri, 6 Oct 2023 15:30:28 -0300
From:   Jason Gunthorpe <jgg@...dia.com>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     linux-rdma@...r.kernel.org, linux-kernel@...r.kernel.org,
        Leon Romanovsky <leonro@...dia.com>
Subject: [GIT PULL] Please pull RDMA subsystem changes

Hi Linus,

Accumulated RC bug fixes - seems like a more serious set of bugs this
time.

Thanks,
Jason

The following changes since commit 0bb80ecc33a8fb5a682236443c1e740d5c917d1d:

  Linux 6.6-rc1 (2023-09-10 16:28:41 -0700)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma.git tags/for-linus

for you to fetch changes up to c38d23a54445f9a8aa6831fafc9af0496ba02f9e:

  RDMA/core: Require admin capabilities to set system parameters (2023-10-05 20:01:47 +0300)

----------------------------------------------------------------
v6.6 first rc pull request

This includes a fix for a significant security miss in checking the
RDMA_NLDEV_CMD_SYS_SET operation.

- UAF in SRP

- Error unwind failure in siw connection management

- Missing error checks

- NULL/ERR_PTR confusion in erdma

- Possible string truncation in CMA configfs and mlx4

- Data ordering issue in bnxt_re

- Missing stats decrement on object destroy in bnxt_re

- Mlx5 bugs in this merge window:
  * Incorrect access_flag in the new mkey cache
  * Missing unlock on error in flow steering
  * lockdep possible deadlock on new mkey cache destruction
    Plus a fix for this too

- Don't leak kernel stack memory to userspace in the CM

- Missing permission validation for RDMA_NLDEV_CMD_SYS_SET

----------------------------------------------------------------
Artem Chernyshev (1):
      RDMA/cxgb4: Check skb value for failure to allocate

Bart Van Assche (1):
      RDMA/srp: Do not call scsi_done() from srp_abort()

Bernard Metzler (1):
      RDMA/siw: Fix connection failure handling

Cheng Xu (1):
      RDMA/erdma: Fix NULL pointer access in regmr_cmd

Christophe JAILLET (1):
      IB/mlx4: Fix the size of a buffer in add_port_entries()

Dan Carpenter (1):
      RDMA/erdma: Fix error code in erdma_create_scatter_mtt()

Hamdan Igbaria (1):
      RDMA/mlx5: Fix mutex unlocking on error flow for steering anchor creation

Konstantin Meskhidze (1):
      RDMA/uverbs: Fix typo of sizeof argument

Leon Romanovsky (3):
      RDMA/cma: Fix truncation compilation warning in make_cma_ports
      RDMA/mlx5: Remove not-used cache disable flag
      RDMA/core: Require admin capabilities to set system parameters

Mark Zhang (1):
      RDMA/cma: Initialize ib_sa_multicast structure to 0 when join

Michael Guralnik (1):
      RDMA/mlx5: Fix assigning access flags to cache mkeys

Selvin Xavier (2):
      RDMA/bnxt_re: Fix the handling of control path response data
      RDMA/bnxt_re: Decrement resource stats correctly

Shay Drory (2):
      RDMA/mlx5: Fix NULL string error
      RDMA/mlx5: Fix mkey cache possible deadlock on cleanup

 drivers/infiniband/core/cma.c              |  2 +-
 drivers/infiniband/core/cma_configfs.c     |  2 +-
 drivers/infiniband/core/nldev.c            |  1 +
 drivers/infiniband/core/uverbs_main.c      |  2 +-
 drivers/infiniband/hw/bnxt_re/ib_verbs.c   |  4 ++++
 drivers/infiniband/hw/bnxt_re/qplib_rcfw.c | 11 +++++++++--
 drivers/infiniband/hw/cxgb4/cm.c           |  3 +++
 drivers/infiniband/hw/erdma/erdma_verbs.c  |  7 +++----
 drivers/infiniband/hw/mlx4/sysfs.c         |  2 +-
 drivers/infiniband/hw/mlx5/fs.c            |  2 +-
 drivers/infiniband/hw/mlx5/main.c          |  2 +-
 drivers/infiniband/hw/mlx5/mr.c            | 14 +++++++++++---
 drivers/infiniband/sw/siw/siw_cm.c         | 16 ++++++++++++----
 drivers/infiniband/ulp/srp/ib_srp.c        | 16 +++++-----------
 14 files changed, 54 insertions(+), 30 deletions(-)

Download attachment "signature.asc" of type "application/pgp-signature" (229 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ