| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CACKFLi=d68RC-1d_i_E1eduVbOpdZFdJYwgj7YBYOwRanZVgKg@mail.gmail.com>
Date: Wed, 27 Aug 2025 15:15:30 -0700
From: Michael Chan <michael.chan@...adcom.com>
To: qianjiaru77@...il.com
Cc: pavan.chebbi@...adcom.com, davem@...emloft.net, edumazet@...gle.com,
kuba@...nel.org, pabeni@...hat.com, andrew+netdev@...n.ch,
netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 1/1] RFS Capability Bypass Vulnerability in Linux
bnxt_en Driver
On Wed, Aug 27, 2025 at 6:50 AM <qianjiaru77@...il.com> wrote:
> diff --git a/drivers/net/ethernet/broadcom/bnxt/bnxt.c b/drivers/net/ethernet/broadcom/bnxt/bnxt.c
> index 207a8bb36..b59ce7f45 100644
> --- a/drivers/net/ethernet/broadcom/bnxt/bnxt.c
> +++ b/drivers/net/ethernet/broadcom/bnxt/bnxt.c
> @@ -13610,8 +13610,11 @@ bool bnxt_rfs_capable(struct bnxt *bp, bool new_rss_ctx)
> return false;
> }
>
> - if (!BNXT_NEW_RM(bp))
> - return true;
> + // FIXED: Apply consistent validation for all firmware versions
> + if (!BNXT_NEW_RM(bp)) {
> + // Basic validation even for old firmware
> + return (hwr.vnic <= max_vnics && hwr.rss_ctx <= max_rss_ctxs);
This added logic makes no difference. We already did the same check a
few lines above and would have returned false if the opposite was
true.
Download attachment "smime.p7s" of type "application/pkcs7-signature" (4196 bytes)
Powered by blists - more mailing lists