lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 21 May 2024 12:39:52 -0700
From: Jacob Keller <jacob.e.keller@...el.com>
To: David Miller <davem@...emloft.net>, Jakub Kicinski <kuba@...nel.org>, 
 netdev <netdev@...r.kernel.org>
Cc: Jacob Keller <jacob.e.keller@...el.com>, 
 Larysa Zaremba <larysa.zaremba@...el.com>, 
 Michal Swiatkowski <michal.swiatkowski@...ux.intel.com>, 
 Chandan Kumar Rout <chandanx.rout@...el.com>, 
 Pucha Himasekhar Reddy <himasekharx.reddy.pucha@...el.com>, 
 Maciej Fijalkowski <maciej.fijalkowski@...el.com>, 
 Przemek Kitszel <przemyslaw.kitszel@...el.com>, 
 Igor Bagnucki <igor.bagnucki@...el.com>, 
 Krishneil Singh <krishneil.k.singh@...el.com>, 
 Simon Horman <horms@...nel.org>
Subject: [PATCH net v2 0/2] intel: Interpret .set_channels() input
 differently

The ice and idpf drivers can trigger a crash with AF_XDP due to incorrect
interpretation of the asymmetric Tx and Rx parameters in their
.set_channels() implementations:

1. ethtool -l <IFNAME> -> combined: 40
2. Attach AF_XDP to queue 30
3. ethtool -L <IFNAME> rx 15 tx 15
   combined number is not specified, so command becomes {rx_count = 15,
   tx_count = 15, combined_count = 40}.
4. ethnl_set_channels checks, if there are any AF_XDP of queues from the
   new (combined_count + rx_count) to the old one, so from 55 to 40, check
   does not trigger.
5. the driver interprets `rx 15 tx 15` as 15 combined channels and deletes
   the queue that AF_XDP is attached to.

This is fundamentally a problem with interpreting a request for asymmetric
queues as symmetric combined queues.

Fix the ice and idpf drivers to stop interpreting such requests as a
request for combined queues. Due to current driver design for both ice and
idpf, it is not possible to support requests of the same count of Tx and Rx
queues with independent interrupts, (i.e. ethtool -L <IFNAME> rx 15 tx 15)
so such requests are now rejected.

Signed-off-by: Jacob Keller <jacob.e.keller@...el.com>
---
Changes in v2:
- Remove the unnecessary combined_count check in the ice fix.
- Link to v1: https://lore.kernel.org/r/20240514-iwl-net-2024-05-14-set-channels-fixes-v1-0-eb18d88e30c3@intel.com

---
Larysa Zaremba (2):
      ice: Interpret .set_channels() input differently
      idpf: Interpret .set_channels() input differently

 drivers/net/ethernet/intel/ice/ice_ethtool.c   | 19 ++-----------------
 drivers/net/ethernet/intel/idpf/idpf_ethtool.c | 21 ++++++---------------
 2 files changed, 8 insertions(+), 32 deletions(-)
---
base-commit: e4a87abf588536d1cdfb128595e6e680af5cf3ed
change-id: 20240514-iwl-net-2024-05-14-set-channels-fixes-25be6f04a86d

Best regards,
-- 
Jacob Keller <jacob.e.keller@...el.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ