ixgbe: add improvement for MDD response functionality (CVE-2021-33061)

author: Salvatore Bonaccorso <carnil@debian.org> 2022-05-26 17:03:07 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-05-26 17:03:29 +0200
commit: 1be71e246c5564a650cf22f1d0721981b6abc7d2 (patch)
tree: c9992c97dd24a6b029bd1accffac2669c900cf45 /debian/patches
parent: 48e14745e3054c52d14538ddf7e32cba06f86aff (diff)
download: linux-debian-1be71e246c5564a650cf22f1d0721981b6abc7d2.tar.gz
2 files changed, 163 insertions, 0 deletions
diff --git a/debian/patches/bugfix/all/ixgbe-add-improvement-for-MDD-response-functionality.patch b/debian/patches/bugfix/all/ixgbe-add-improvement-for-MDD-response-functionality.patch
new file mode 100644
index 000000000..2302c2aa9
--- /dev/null
+++ b/debian/patches/bugfix/all/ixgbe-add-improvement-for-MDD-response-functionality.patch
@@ -0,0 +1,162 @@
+From: Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>
+Date: Tue, 1 Mar 2022 11:40:09 +0000
+Subject: ixgbe: add improvement for MDD response functionality
+Origin: https://git.kernel.org/linus/008ca35f6e87be1d60b6af3d1ae247c6d5c2531d
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2021-33061
+
+The 82599 PF driver disable VF driver after a special MDD event occurs.
+Adds the option for administrators to control whether VFs are
+automatically disabled after several MDD events.
+The automatically disabling is now the default mode for 82599 PF driver,
+as it is more reliable.
+
+This addresses CVE-2021-33061.
+
+Signed-off-by: Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>
+Tested-by: Konrad Jankowski <konrad0.jankowski@intel.com>
+Signed-off-by: Tony Nguyen <anthony.l.nguyen@intel.com>
+---
+ drivers/net/ethernet/intel/ixgbe/ixgbe.h      |  4 +++
+ .../net/ethernet/intel/ixgbe/ixgbe_ethtool.c  | 21 ++++++++++++++
+ drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 28 ++++++++++++++++++-
+ 3 files changed, 52 insertions(+), 1 deletion(-)
+
+diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe.h b/drivers/net/ethernet/intel/ixgbe/ixgbe.h
+index c9bf18086d9c..921a4d977d65 100644
+--- a/drivers/net/ethernet/intel/ixgbe/ixgbe.h
++++ b/drivers/net/ethernet/intel/ixgbe/ixgbe.h
+@@ -184,6 +184,7 @@ struct vf_data_storage {
+ 	u8 trusted;
+ 	int xcast_mode;
+ 	unsigned int vf_api;
++	u8 primary_abort_count;
+ };
+ 
+ enum ixgbevf_xcast_modes {
+@@ -558,6 +559,8 @@ struct ixgbe_mac_addr {
+ #define IXGBE_TRY_LINK_TIMEOUT (4 * HZ)
+ #define IXGBE_SFP_POLL_JIFFIES (2 * HZ)	/* SFP poll every 2 seconds */
+ 
++#define IXGBE_PRIMARY_ABORT_LIMIT	5
++
+ /* board specific private data structure */
+ struct ixgbe_adapter {
+ 	unsigned long active_vlans[BITS_TO_LONGS(VLAN_N_VID)];
+@@ -616,6 +619,7 @@ struct ixgbe_adapter {
+ #define IXGBE_FLAG2_RX_LEGACY			BIT(16)
+ #define IXGBE_FLAG2_IPSEC_ENABLED		BIT(17)
+ #define IXGBE_FLAG2_VF_IPSEC_ENABLED		BIT(18)
++#define IXGBE_FLAG2_AUTO_DISABLE_VF		BIT(19)
+ 
+ 	/* Tx fast path data */
+ 	int num_tx_queues;
+diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_ethtool.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_ethtool.c
+index f70967c32116..628d0eb0599f 100644
+--- a/drivers/net/ethernet/intel/ixgbe/ixgbe_ethtool.c
++++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_ethtool.c
+@@ -138,6 +138,8 @@ static const char ixgbe_priv_flags_strings[][ETH_GSTRING_LEN] = {
+ 	"legacy-rx",
+ #define IXGBE_PRIV_FLAGS_VF_IPSEC_EN	BIT(1)
+ 	"vf-ipsec",
++#define IXGBE_PRIV_FLAGS_AUTO_DISABLE_VF	BIT(2)
++	"mdd-disable-vf",
+ };
+ 
+ #define IXGBE_PRIV_FLAGS_STR_LEN ARRAY_SIZE(ixgbe_priv_flags_strings)
+@@ -3510,6 +3512,9 @@ static u32 ixgbe_get_priv_flags(struct net_device *netdev)
+ 	if (adapter->flags2 & IXGBE_FLAG2_VF_IPSEC_ENABLED)
+ 		priv_flags |= IXGBE_PRIV_FLAGS_VF_IPSEC_EN;
+ 
++	if (adapter->flags2 & IXGBE_FLAG2_AUTO_DISABLE_VF)
++		priv_flags |= IXGBE_PRIV_FLAGS_AUTO_DISABLE_VF;
++
+ 	return priv_flags;
+ }
+ 
+@@ -3517,6 +3522,7 @@ static int ixgbe_set_priv_flags(struct net_device *netdev, u32 priv_flags)
+ {
+ 	struct ixgbe_adapter *adapter = netdev_priv(netdev);
+ 	unsigned int flags2 = adapter->flags2;
++	unsigned int i;
+ 
+ 	flags2 &= ~IXGBE_FLAG2_RX_LEGACY;
+ 	if (priv_flags & IXGBE_PRIV_FLAGS_LEGACY_RX)
+@@ -3526,6 +3532,21 @@ static int ixgbe_set_priv_flags(struct net_device *netdev, u32 priv_flags)
+ 	if (priv_flags & IXGBE_PRIV_FLAGS_VF_IPSEC_EN)
+ 		flags2 |= IXGBE_FLAG2_VF_IPSEC_ENABLED;
+ 
++	flags2 &= ~IXGBE_FLAG2_AUTO_DISABLE_VF;
++	if (priv_flags & IXGBE_PRIV_FLAGS_AUTO_DISABLE_VF) {
++		if (adapter->hw.mac.type == ixgbe_mac_82599EB) {
++			/* Reset primary abort counter */
++			for (i = 0; i < adapter->num_vfs; i++)
++				adapter->vfinfo[i].primary_abort_count = 0;
++
++			flags2 |= IXGBE_FLAG2_AUTO_DISABLE_VF;
++		} else {
++			e_info(probe,
++			       "Cannot set private flags: Operation not supported\n");
++			return -EOPNOTSUPP;
++		}
++	}
++
+ 	if (flags2 != adapter->flags2) {
+ 		adapter->flags2 = flags2;
+ 
+diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c
+index 13df4e0f3796..c4a4954aa317 100644
+--- a/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c
++++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c
+@@ -7613,6 +7613,27 @@ static void ixgbe_watchdog_flush_tx(struct ixgbe_adapter *adapter)
+ }
+ 
+ #ifdef CONFIG_PCI_IOV
++static void ixgbe_bad_vf_abort(struct ixgbe_adapter *adapter, u32 vf)
++{
++	struct ixgbe_hw *hw = &adapter->hw;
++
++	if (adapter->hw.mac.type == ixgbe_mac_82599EB &&
++	    adapter->flags2 & IXGBE_FLAG2_AUTO_DISABLE_VF) {
++		adapter->vfinfo[vf].primary_abort_count++;
++		if (adapter->vfinfo[vf].primary_abort_count ==
++		    IXGBE_PRIMARY_ABORT_LIMIT) {
++			ixgbe_set_vf_link_state(adapter, vf,
++						IFLA_VF_LINK_STATE_DISABLE);
++			adapter->vfinfo[vf].primary_abort_count = 0;
++
++			e_info(drv,
++			       "Malicious Driver Detection event detected on PF %d VF %d MAC: %pM mdd-disable-vf=on",
++			       hw->bus.func, vf,
++			       adapter->vfinfo[vf].vf_mac_addresses);
++		}
++	}
++}
++
+ static void ixgbe_check_for_bad_vf(struct ixgbe_adapter *adapter)
+ {
+ 	struct ixgbe_hw *hw = &adapter->hw;
+@@ -7644,8 +7665,10 @@ static void ixgbe_check_for_bad_vf(struct ixgbe_adapter *adapter)
+ 			continue;
+ 		pci_read_config_word(vfdev, PCI_STATUS, &status_reg);
+ 		if (status_reg != IXGBE_FAILED_READ_CFG_WORD &&
+-		    status_reg & PCI_STATUS_REC_MASTER_ABORT)
++		    status_reg & PCI_STATUS_REC_MASTER_ABORT) {
++			ixgbe_bad_vf_abort(adapter, vf);
+ 			pcie_flr(vfdev);
++		}
+ 	}
+ }
+ 
+@@ -10746,6 +10769,9 @@ static int ixgbe_probe(struct pci_dev *pdev, const struct pci_device_id *ent)
+ 	if (err)
+ 		goto err_sw_init;
+ 
++	if (adapter->hw.mac.type == ixgbe_mac_82599EB)
++		adapter->flags2 |= IXGBE_FLAG2_AUTO_DISABLE_VF;
++
+ 	switch (adapter->hw.mac.type) {
+ 	case ixgbe_mac_X550:
+ 	case ixgbe_mac_X550EM_x:
+-- 
+2.36.1
+
diff --git a/debian/patches/series b/debian/patches/series
index 82bf77791..2ef3cd439 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -100,6 +100,7 @@ features/all/db-mok-keyring/KEYS-Make-use-of-platform-keyring-for-module-signatu
 debian/i386-686-pae-pci-set-pci-nobios-by-default.patch
 debian/ntfs-mark-it-as-broken.patch
 bugfix/x86/KVM-x86-mmu-fix-NULL-pointer-dereference-on-guest-IN.patch
+bugfix/all/ixgbe-add-improvement-for-MDD-response-functionality.patch
 
 # Fix exported symbol versions
 bugfix/all/module-disable-matching-missing-version-crc.patch
author	Salvatore Bonaccorso <carnil@debian.org>	2022-05-26 17:03:07 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-05-26 17:03:29 +0200
commit	1be71e246c5564a650cf22f1d0721981b6abc7d2 (patch)
tree	c9992c97dd24a6b029bd1accffac2669c900cf45 /debian/patches
parent	48e14745e3054c52d14538ddf7e32cba06f86aff (diff)
download	linux-debian-1be71e246c5564a650cf22f1d0721981b6abc7d2.tar.gz