On Fri, Dec 15, 2023 at 01:29:39PM -0600, Shiraz Saleem wrote:
> From: Christopher Bednarz <christopher.n.bednarz@xxxxxxxxx>
>
> [Upstream commit bb6d73d9add68ad270888db327514384dfa44958]
>
> Currently irdma allows zero-length STAGs to be programmed in HW during
> the kernel mode fast register flow. Zero-length MR or STAG registration
> disable HW memory length checks.
>
> Improve gaps in bounds checking in irdma by preventing zero-length STAG or
> MR registrations except if the IB_PD_UNSAFE_GLOBAL_RKEY is set.
>
> This addresses the disclosure CVE-2023-25775.
>
> The kernel version to apply this patch is 5.15.x.
>
> Fixes: b48c24c2d710 ("RDMA/irdma: Implement device supported verb APIs")
> Signed-off-by: Christopher Bednarz <christopher.n.bednarz@xxxxxxxxx>
> Signed-off-by: Shiraz Saleem <shiraz.saleem@xxxxxxxxx>
> ---
> drivers/infiniband/hw/irdma/ctrl.c | 6 ++++++
> drivers/infiniband/hw/irdma/type.h | 2 ++
> drivers/infiniband/hw/irdma/verbs.c | 10 ++++++++--
> 3 files changed, 16 insertions(+), 2 deletions(-)
Now queued up, thanks.
greg k-h
