* [PATCH v2 1/1] VF Resource State Inconsistency Vulnerability in Linux bnxt_en Driver
@ 2025-08-27 13:51 qianjiaru77
2025-08-30 2:02 ` Jakub Kicinski
0 siblings, 1 reply; 2+ messages in thread
From: qianjiaru77 @ 2025-08-27 13:51 UTC (permalink / raw)
To: michael.chan, pavan.chebbi, davem, edumazet, kuba, pabeni,
andrew+netdev
Cc: netdev, linux-kernel, qianjiaru
From: qianjiaru <qianjiaru77@gmail.com>
A state management vulnerability exists in the
`bnxt_hwrm_reserve_vf_rings()` function of the Linux kernel's
bnxt_en network driver. The vulnerability causes incomplete
resource state updates in SR-IOV Virtual Function (VF) environments,
potentially leading to system instability and resource allocation
failures in virtualized deployments.
Signed-off-by: qianjiaru <qianjiaru77@gmail.com>
---
drivers/net/ethernet/broadcom/bnxt/bnxt.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/drivers/net/ethernet/broadcom/bnxt/bnxt.c b/drivers/net/ethernet/broadcom/bnxt/bnxt.c
index 207a8bb36..2d06b0ddc 100644
--- a/drivers/net/ethernet/broadcom/bnxt/bnxt.c
+++ b/drivers/net/ethernet/broadcom/bnxt/bnxt.c
@@ -7801,7 +7801,13 @@ bnxt_hwrm_reserve_vf_rings(struct bnxt *bp, struct bnxt_hw_rings *hwr)
int rc;
if (!BNXT_NEW_RM(bp)) {
+ // Update all relevant resource state, not just TX rings
bp->hw_resc.resv_tx_rings = hwr->tx;
+ bp->hw_resc.resv_rx_rings = hwr->rx;
+ bp->hw_resc.resv_vnics = hwr->vnic;
+ bp->hw_resc.resv_rsscos_ctxs = hwr->rss_ctx;
+ bp->hw_resc.resv_cp_rings = hwr->cp;
+ bp->hw_resc.resv_hw_ring_grps = hwr->grp;
return 0;
}
--
2.34.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH v2 1/1] VF Resource State Inconsistency Vulnerability in Linux bnxt_en Driver
2025-08-27 13:51 [PATCH v2 1/1] VF Resource State Inconsistency Vulnerability in Linux bnxt_en Driver qianjiaru77
@ 2025-08-30 2:02 ` Jakub Kicinski
0 siblings, 0 replies; 2+ messages in thread
From: Jakub Kicinski @ 2025-08-30 2:02 UTC (permalink / raw)
To: qianjiaru77
Cc: michael.chan, pavan.chebbi, davem, edumazet, pabeni,
andrew+netdev, netdev, linux-kernel
On Wed, 27 Aug 2025 21:51:02 +0800 qianjiaru77@gmail.com wrote:
> Subject: [PATCH v2 1/1] VF Resource State Inconsistency Vulnerability in Linux bnxt_en Driver
Please look at the git history to find out what the normal subject
format is. Something like:
eth: bnxt: fix VF resource inconsistency with old FW API
is probably a good choice.
> From: qianjiaru <qianjiaru77@gmail.com>
>
> A state management vulnerability exists in the
> `bnxt_hwrm_reserve_vf_rings()` function of the Linux kernel's
> bnxt_en network driver. The vulnerability causes incomplete
> resource state updates in SR-IOV Virtual Function (VF) environments,
> potentially leading to system instability and resource allocation
> failures in virtualized deployments.
Please *succinctly* explain what the bug is, assuming the person
reading the description can also read the code. Or should I say
ask your LLM to do it, 'cause I really doubt you wrote this bloviated
slop.
> Signed-off-by: qianjiaru <qianjiaru77@gmail.com>
You must provide an appropriate Fixes tag for fixes in the Linux kernel.
--
pw-bot: cr
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-08-30 2:02 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-08-27 13:51 [PATCH v2 1/1] VF Resource State Inconsistency Vulnerability in Linux bnxt_en Driver qianjiaru77
2025-08-30 2:02 ` Jakub Kicinski
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).