CVE-2026-43296: octeontx2-af: Workaround SQM/PSE stalls by disabling sticky

[Greg Kroah-Hartman <gregkh@linuxfoundation.org>]

From: Greg Kroah-Hartman <gregkh@kernel.org>

Description
===========

In the Linux kernel, the following vulnerability has been resolved:

octeontx2-af: Workaround SQM/PSE stalls by disabling sticky

NIX SQ manager sticky mode is known to cause stalls when multiple SQs
share an SMQ and transmit concurrently. Additionally, PSE may deadlock
on transitions between sticky and non-sticky transmissions. There is
also a credit drop issue observed when certain condition clocks are
gated.

work around these hardware errata by:
- Disabling SQM sticky operation:
  - Clear TM6 (bit 15)
  - Clear TM11 (bit 14)
- Disabling sticky → non-sticky transition path that can deadlock PSE:
  - Clear TM5 (bit 23)
- Preventing credit drops by keeping the control-flow clock enabled:
  - Set TM9 (bit 21)

These changes are applied via NIX_AF_SQM_DBG_CTL_STATUS. With this
configuration the SQM/PSE maintain forward progress under load without
credit loss, at the cost of disabling sticky optimizations.

The Linux kernel CVE team has assigned CVE-2026-43296 to this issue.


Affected and fixed versions
===========================

	Fixed in 5.10.252 with commit 9a3fd301329474f449e75f86d8a4f6b9c603fd6c
	Fixed in 5.15.202 with commit d0b3c8a80336029d9356f429151eb27922d80a3c
	Fixed in 6.1.165 with commit 36cc5a5e0178d5fb79e04173b8aa623b0108819a
	Fixed in 6.6.128 with commit d9b549b6951ba178ec14339a031cae65f4e43fe1
	Fixed in 6.12.75 with commit cec2ceb35ce7bc874c43812bb39200d6cf691b87
	Fixed in 6.18.16 with commit 8052d0587fb14b85539c3a14a226586c0c3d6b4c
	Fixed in 6.19.6 with commit b7eba260a34e854e2487b8363c11976f082df00d
	Fixed in 7.0 with commit 70e9a5760abfb6338d63994d4de6b0778ec795d6

Please see https://www.kernel.org for a full list of currently supported
kernel versions by the kernel community.

Unaffected versions might change over time as fixes are backported to
older supported kernel versions.  The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2026-43296
will be updated if fixes are backported, please check that for the most
up to date information about this issue.


Affected files
==============

The file(s) affected by this issue are:
	drivers/net/ethernet/marvell/octeontx2/af/rvu_nix.c


Mitigation
==========

The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes.  Individual
changes are never tested alone, but rather are part of a larger kernel
release.  Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all.  If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
	https://git.kernel.org/stable/c/9a3fd301329474f449e75f86d8a4f6b9c603fd6c
	https://git.kernel.org/stable/c/d0b3c8a80336029d9356f429151eb27922d80a3c
	https://git.kernel.org/stable/c/36cc5a5e0178d5fb79e04173b8aa623b0108819a
	https://git.kernel.org/stable/c/d9b549b6951ba178ec14339a031cae65f4e43fe1
	https://git.kernel.org/stable/c/cec2ceb35ce7bc874c43812bb39200d6cf691b87
	https://git.kernel.org/stable/c/8052d0587fb14b85539c3a14a226586c0c3d6b4c
	https://git.kernel.org/stable/c/b7eba260a34e854e2487b8363c11976f082df00d
	https://git.kernel.org/stable/c/70e9a5760abfb6338d63994d4de6b0778ec795d6