ACK: [SRU Jammy 0/9] CVE-2023-25775

Roxana Nicolescu roxana.nicolescu at canonical.com
Mon Oct 30 09:09:31 UTC 2023 

On 28/10/2023 05:47, Cengiz Can wrote:
> [Impact]
> Improper access control in the Intel(R) Ethernet Controller RDMA driver for
> linux before version 1.9.30 may allow an unauthenticated user to potentially
> enable escalation of privilege via network access.
>
> [Fix]
> 8 clean cherry picks and 1 simple context adjusted backport.
>
> commit 2c4b14ea9507 ("RDMA/irdma: Remove enum irdma_status_code") was required
> for a clean cherry pick of the fix commit but since we already had a stable
> backport of commit 6f6dbb819dfc ("RDMA/irdma: Prevent some integer underflows")
> in the tree, there was a context conflict.
>
> [Test case]
> Since it requires a 100Gbit NIC, compile and boot tested only.
>
> [Potential regression]
> Medium regression potential. Due to newly introduced older patches.
>
> Christopher Bednarz (1):
>    RDMA/irdma: Prevent zero-length STAG registration
>
> Shiraz Saleem (2):
>    RDMA/irdma: Remove enum irdma_status_code
>    RDMA/irdma: Remove excess error variables
>
> Zhu Yanjun (6):
>    RDMA/irdma: Remove irdma_uk_mw_bind()
>    RDMA/irdma: Remove irdma_sc_send_lsmm_nostag()
>    RDMA/irdma: Remove irdma_cqp_up_map_cmd()
>    RDMA/irdma: Remove irdma_get_hw_addr()
>    RDMA/irdma: Make irdma_uk_cq_init() return a void
>    RDMA/irdma: optimize rx path by removing unnecessary copy
>
>   drivers/infiniband/hw/irdma/cm.c       |  44 +-
>   drivers/infiniband/hw/irdma/ctrl.c     | 602 +++++++++++--------------
>   drivers/infiniband/hw/irdma/defs.h     |   8 +-
>   drivers/infiniband/hw/irdma/hmc.c      | 105 ++---
>   drivers/infiniband/hw/irdma/hmc.h      |  53 +--
>   drivers/infiniband/hw/irdma/hw.c       | 190 ++++----
>   drivers/infiniband/hw/irdma/i40iw_hw.c |   1 -
>   drivers/infiniband/hw/irdma/main.c     |   6 +-
>   drivers/infiniband/hw/irdma/main.h     |  42 +-
>   drivers/infiniband/hw/irdma/osdep.h    |  41 +-
>   drivers/infiniband/hw/irdma/pble.c     |  77 ++--
>   drivers/infiniband/hw/irdma/pble.h     |  25 +-
>   drivers/infiniband/hw/irdma/protos.h   |  92 ++--
>   drivers/infiniband/hw/irdma/puda.c     | 132 +++---
>   drivers/infiniband/hw/irdma/puda.h     |  43 +-
>   drivers/infiniband/hw/irdma/status.h   |  71 ---
>   drivers/infiniband/hw/irdma/type.h     | 113 +++--
>   drivers/infiniband/hw/irdma/uda.c      |  35 +-
>   drivers/infiniband/hw/irdma/uda.h      |  46 +-
>   drivers/infiniband/hw/irdma/uk.c       | 223 ++++-----
>   drivers/infiniband/hw/irdma/user.h     |  91 ++--
>   drivers/infiniband/hw/irdma/utils.c    | 244 ++++------
>   drivers/infiniband/hw/irdma/verbs.c    | 176 +++-----
>   drivers/infiniband/hw/irdma/ws.c       |  19 +-
>   drivers/infiniband/hw/irdma/ws.h       |   2 +-
>   25 files changed, 1011 insertions(+), 1470 deletions(-)
>   delete mode 100644 drivers/infiniband/hw/irdma/status.h
>
Acked-by: Roxana Nicolescu <roxana.nicolescu at canonical.com>

More information about the kernel-team mailing list