4.14-stable patches

author Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Sat, 7 Oct 2023 11:29:47 +0000 (13:29 +0200)

committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Sat, 7 Oct 2023 11:29:47 +0000 (13:29 +0200)
author Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Sat, 7 Oct 2023 11:29:47 +0000 (13:29 +0200)
committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Sat, 7 Oct 2023 11:29:47 +0000 (13:29 +0200)
diff --git a/queue-4.14/net-sched-sch_hfsc-ensure-inner-classes-have-fsc-curve.patch b/queue-4.14/net-sched-sch_hfsc-ensure-inner-classes-have-fsc-curve.patch

new file mode 100644 (file)

index 0000000..cc73be5
--- /dev/null
+++ b/queue-4.14/net-sched-sch_hfsc-ensure-inner-classes-have-fsc-curve.patch
@@ -0,0 +1,39 @@
+From b3d26c5702c7d6c45456326e56d2ccf3f103e60f Mon Sep 17 00:00:00 2001
+From: Budimir Markovic <markovicbudimir@gmail.com>
+Date: Thu, 24 Aug 2023 01:49:05 -0700
+Subject: net/sched: sch_hfsc: Ensure inner classes have fsc curve
+
+From: Budimir Markovic <markovicbudimir@gmail.com>
+
+commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f upstream.
+
+HFSC assumes that inner classes have an fsc curve, but it is currently
+possible for classes without an fsc curve to become parents. This leads
+to bugs including a use-after-free.
+
+Don't allow non-root classes without HFSC_FSC to become parents.
+
+Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
+Reported-by: Budimir Markovic <markovicbudimir@gmail.com>
+Signed-off-by: Budimir Markovic <markovicbudimir@gmail.com>
+Acked-by: Jamal Hadi Salim <jhs@mojatatu.com>
+Link: https://lore.kernel.org/r/20230824084905.422-1-markovicbudimir@gmail.com
+Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+[ v4.14: Delete NL_SET_ERR_MSG because extack is not added to hfsc_change_class ]
+Signed-off-by: Shaoying Xu <shaoyi@amazon.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ net/sched/sch_hfsc.c |    2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/net/sched/sch_hfsc.c
++++ b/net/sched/sch_hfsc.c
+@@ -1020,6 +1020,8 @@ hfsc_change_class(struct Qdisc *sch, u32
+               if (parent == NULL)
+                       return -ENOENT;
+       }
++      if (!(parent->cl_flags & HFSC_FSC) && parent != &q->root)
++              return -EINVAL;
+ 
+       if (classid == 0 || TC_H_MAJ(classid ^ sch->handle) != 0)
+               return -EINVAL;
diff --git a/queue-4.14/series b/queue-4.14/series

index 4fc3377f6b73c1f02209997c723c91990452a6fd..c916a9eb21c02cbac9755b7d90d7e47909b39dfb 100644 (file)
--- a/queue-4.14/series
+++ b/queue-4.14/series
@@ -30,3 +30,4 @@ ata-libata-sata-increase-pmp-srst-timeout-to-10s.patch
  fs-binfmt_elf_efpic-fix-personality-for-elf-fdpic.patch
  vc_screen-reload-load-of-struct-vc_data-pointer-in-vcs_write-to-avoid-uaf.patch
  ext4-fix-rec_len-verify-error.patch
+net-sched-sch_hfsc-ensure-inner-classes-have-fsc-curve.patch
author	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Sat, 7 Oct 2023 11:29:47 +0000 (13:29 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Sat, 7 Oct 2023 11:29:47 +0000 (13:29 +0200)
queue-4.14/net-sched-sch_hfsc-ensure-inner-classes-have-fsc-curve.patch	[new file with mode: 0644]	patch \| blob
queue-4.14/series		patch \| blob \| blame \| history