| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250827135102.5923-1-qianjiaru77@gmail.com>
Date: Wed, 27 Aug 2025 21:51:02 +0800
From: qianjiaru77@...il.com
To: michael.chan@...adcom.com,
pavan.chebbi@...adcom.com,
davem@...emloft.net,
edumazet@...gle.com,
kuba@...nel.org,
pabeni@...hat.com,
andrew+netdev@...n.ch
Cc: netdev@...r.kernel.org,
linux-kernel@...r.kernel.org,
qianjiaru <qianjiaru77@...il.com>
Subject: [PATCH v2 1/1] VF Resource State Inconsistency Vulnerability in Linux bnxt_en Driver
From: qianjiaru <qianjiaru77@...il.com>
A state management vulnerability exists in the
`bnxt_hwrm_reserve_vf_rings()` function of the Linux kernel's
bnxt_en network driver. The vulnerability causes incomplete
resource state updates in SR-IOV Virtual Function (VF) environments,
potentially leading to system instability and resource allocation
failures in virtualized deployments.
Signed-off-by: qianjiaru <qianjiaru77@...il.com>
---
drivers/net/ethernet/broadcom/bnxt/bnxt.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/drivers/net/ethernet/broadcom/bnxt/bnxt.c b/drivers/net/ethernet/broadcom/bnxt/bnxt.c
index 207a8bb36..2d06b0ddc 100644
--- a/drivers/net/ethernet/broadcom/bnxt/bnxt.c
+++ b/drivers/net/ethernet/broadcom/bnxt/bnxt.c
@@ -7801,7 +7801,13 @@ bnxt_hwrm_reserve_vf_rings(struct bnxt *bp, struct bnxt_hw_rings *hwr)
int rc;
if (!BNXT_NEW_RM(bp)) {
+ // Update all relevant resource state, not just TX rings
bp->hw_resc.resv_tx_rings = hwr->tx;
+ bp->hw_resc.resv_rx_rings = hwr->rx;
+ bp->hw_resc.resv_vnics = hwr->vnic;
+ bp->hw_resc.resv_rsscos_ctxs = hwr->rss_ctx;
+ bp->hw_resc.resv_cp_rings = hwr->cp;
+ bp->hw_resc.resv_hw_ring_grps = hwr->grp;
return 0;
}
--
2.34.1
Powered by blists - more mailing lists