[SRU Jammy 0/9] CVE-2023-25775

Cengiz Can cengiz.can at canonical.com
Sat Oct 28 03:47:45 UTC 2023 

[Impact]
Improper access control in the Intel(R) Ethernet Controller RDMA driver for
linux before version 1.9.30 may allow an unauthenticated user to potentially
enable escalation of privilege via network access.

[Fix]
8 clean cherry picks and 1 simple context adjusted backport.

commit 2c4b14ea9507 ("RDMA/irdma: Remove enum irdma_status_code") was required
for a clean cherry pick of the fix commit but since we already had a stable
backport of commit 6f6dbb819dfc ("RDMA/irdma: Prevent some integer underflows")
in the tree, there was a context conflict.

[Test case]
Since it requires a 100Gbit NIC, compile and boot tested only.

[Potential regression]
Medium regression potential. Due to newly introduced older patches.

Christopher Bednarz (1):
  RDMA/irdma: Prevent zero-length STAG registration

Shiraz Saleem (2):
  RDMA/irdma: Remove enum irdma_status_code
  RDMA/irdma: Remove excess error variables

Zhu Yanjun (6):
  RDMA/irdma: Remove irdma_uk_mw_bind()
  RDMA/irdma: Remove irdma_sc_send_lsmm_nostag()
  RDMA/irdma: Remove irdma_cqp_up_map_cmd()
  RDMA/irdma: Remove irdma_get_hw_addr()
  RDMA/irdma: Make irdma_uk_cq_init() return a void
  RDMA/irdma: optimize rx path by removing unnecessary copy

 drivers/infiniband/hw/irdma/cm.c       |  44 +-
 drivers/infiniband/hw/irdma/ctrl.c     | 602 +++++++++++--------------
 drivers/infiniband/hw/irdma/defs.h     |   8 +-
 drivers/infiniband/hw/irdma/hmc.c      | 105 ++---
 drivers/infiniband/hw/irdma/hmc.h      |  53 +--
 drivers/infiniband/hw/irdma/hw.c       | 190 ++++----
 drivers/infiniband/hw/irdma/i40iw_hw.c |   1 -
 drivers/infiniband/hw/irdma/main.c     |   6 +-
 drivers/infiniband/hw/irdma/main.h     |  42 +-
 drivers/infiniband/hw/irdma/osdep.h    |  41 +-
 drivers/infiniband/hw/irdma/pble.c     |  77 ++--
 drivers/infiniband/hw/irdma/pble.h     |  25 +-
 drivers/infiniband/hw/irdma/protos.h   |  92 ++--
 drivers/infiniband/hw/irdma/puda.c     | 132 +++---
 drivers/infiniband/hw/irdma/puda.h     |  43 +-
 drivers/infiniband/hw/irdma/status.h   |  71 ---
 drivers/infiniband/hw/irdma/type.h     | 113 +++--
 drivers/infiniband/hw/irdma/uda.c      |  35 +-
 drivers/infiniband/hw/irdma/uda.h      |  46 +-
 drivers/infiniband/hw/irdma/uk.c       | 223 ++++-----
 drivers/infiniband/hw/irdma/user.h     |  91 ++--
 drivers/infiniband/hw/irdma/utils.c    | 244 ++++------
 drivers/infiniband/hw/irdma/verbs.c    | 176 +++-----
 drivers/infiniband/hw/irdma/ws.c       |  19 +-
 drivers/infiniband/hw/irdma/ws.h       |   2 +-
 25 files changed, 1011 insertions(+), 1470 deletions(-)
 delete mode 100644 drivers/infiniband/hw/irdma/status.h

-- 
2.39.2

More information about the kernel-team mailing list