From: Greg Kroah-Hartman Date: Wed, 8 Mar 2023 07:29:01 +0000 (+0100) Subject: 5.15-stable patches X-Git-Tag: v6.2.3~23 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=572f299e3d7d109857b7eaf1e03a2f602ec698c4;p=thirdparty%2Fkernel%2Fstable-queue.git 5.15-stable patches added patches: qede-avoid-uninitialized-entries-in-coal_entry-array.patch --- diff --git a/queue-5.15/qede-avoid-uninitialized-entries-in-coal_entry-array.patch b/queue-5.15/qede-avoid-uninitialized-entries-in-coal_entry-array.patch new file mode 100644 index 00000000000..06e2dc34696 --- /dev/null +++ b/queue-5.15/qede-avoid-uninitialized-entries-in-coal_entry-array.patch @@ -0,0 +1,77 @@ +From aaa3c08ee0653beaa649d4adfb27ad562641cfd8 Mon Sep 17 00:00:00 2001 +From: Michal Schmidt +Date: Fri, 24 Feb 2023 01:41:45 +0100 +Subject: qede: avoid uninitialized entries in coal_entry array + +From: Michal Schmidt + +commit aaa3c08ee0653beaa649d4adfb27ad562641cfd8 upstream. + +Even after commit 908d4bb7c54c ("qede: fix interrupt coalescing +configuration"), some entries of the coal_entry array may theoretically +be used uninitialized: + + 1. qede_alloc_fp_array() allocates QEDE_MAX_RSS_CNT entries for + coal_entry. The initial allocation uses kcalloc, so everything is + initialized. + 2. The user sets a small number of queues (ethtool -L). + coal_entry is reallocated for the actual small number of queues. + 3. The user sets a bigger number of queues. + coal_entry is reallocated bigger. The added entries are not + necessarily initialized. + +In practice, the reallocations will actually keep using the originally +allocated region of memory, but we should not rely on it. + +The reallocation is unnecessary. coal_entry can always have +QEDE_MAX_RSS_CNT entries. + +Fixes: 908d4bb7c54c ("qede: fix interrupt coalescing configuration") +Signed-off-by: Michal Schmidt +Nacked-by: Manish Chopra +Acked-by: Manish Chopra +Signed-off-by: David S. Miller +Signed-off-by: Greg Kroah-Hartman +--- + drivers/net/ethernet/qlogic/qede/qede_main.c | 21 +++++++-------------- + 1 file changed, 7 insertions(+), 14 deletions(-) + +--- a/drivers/net/ethernet/qlogic/qede/qede_main.c ++++ b/drivers/net/ethernet/qlogic/qede/qede_main.c +@@ -899,7 +899,6 @@ static int qede_alloc_fp_array(struct qe + { + u8 fp_combined, fp_rx = edev->fp_num_rx; + struct qede_fastpath *fp; +- void *mem; + int i; + + edev->fp_array = kcalloc(QEDE_QUEUE_CNT(edev), +@@ -910,21 +909,15 @@ static int qede_alloc_fp_array(struct qe + } + + if (!edev->coal_entry) { +- mem = kcalloc(QEDE_MAX_RSS_CNT(edev), +- sizeof(*edev->coal_entry), GFP_KERNEL); +- } else { +- mem = krealloc(edev->coal_entry, +- QEDE_QUEUE_CNT(edev) * sizeof(*edev->coal_entry), +- GFP_KERNEL); ++ edev->coal_entry = kcalloc(QEDE_MAX_RSS_CNT(edev), ++ sizeof(*edev->coal_entry), ++ GFP_KERNEL); ++ if (!edev->coal_entry) { ++ DP_ERR(edev, "coalesce entry allocation failed\n"); ++ goto err; ++ } + } + +- if (!mem) { +- DP_ERR(edev, "coalesce entry allocation failed\n"); +- kfree(edev->coal_entry); +- goto err; +- } +- edev->coal_entry = mem; +- + fp_combined = QEDE_QUEUE_CNT(edev) - fp_rx - edev->fp_num_tx; + + /* Allocate the FP elements for Rx queues followed by combined and then diff --git a/queue-5.15/series b/queue-5.15/series index 78ac770dde7..9794c7cfc6d 100644 --- a/queue-5.15/series +++ b/queue-5.15/series @@ -564,3 +564,4 @@ drm-radeon-fix-edp-for-single-display-imac11-2.patch drm-i915-don-t-use-bar-mappings-for-ring-buffers-with-llc.patch drm-edid-fix-avi-infoframe-aspect-ratio-handling.patch perf-intel-pt-pkt-decoder-add-cfe-and-evd-packets.patch +qede-avoid-uninitialized-entries-in-coal_entry-array.patch