Re: Backporting of security patches for Intel i40e drivers required?

Home Messages Hashtags Subgroups

#5518

Re: Backporting of security patches for Intel i40e drivers required?

masashi.kudo@cybertrust.co.jp <masashi.kudo@...> #5518 Hi, Jan-san, Thanks for your response. Best regards, -- M. Kudo toggle quoted message Show quoted text -----Original Message----- From: cip-dev@... <cip-dev@...> On Behalf Of Jan Kiszka Sent: Friday, October 9, 2020 4:24 PM To: nobuhiro1.iwamatsu@...; cip-dev@... Subject: Re: [cip-dev] Backporting of security patches for Intel i40e drivers required? Hi all, given the exposure of such a device but also the fact that I can't tell for sure if/where it's used (not only by us), I would recommend backporting. Jan On 09.10.20 02:23, nobuhiro1.iwamatsu@... wrote: Hi, I have some comment for this issue. https://lists.osuosl.org/pipermail/intel-wired-lan/Week-of-Mon-20200810/021 006.html https://lore.kernel.org/stable/20200807205517.1740307-1-jesse.brandebu rg@.../ There are multiple patches fixed for 4.19, which can be separated by feature. - i40e: add num_vectors checker in iwarp handler This issue has been produced by e3219ce6a7754 ("i40e: Add support for client interface for IWARP driver"). e3219ce6a7754 is not included in 4.4.y and can be ignored. - i40e: Wrong truncation from u16 to u8 This can be apply in 4.4.y. - i40e: Fix of memory leak and integer truncation in i40e_virtchnl.c This issue has been produced by e284fc280473b ("i40e: Add and delete cloud filter"). It is not included in 4.4.y. However, this patch has several different fixes, so some patches need to be applied. --- a/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c +++ b/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c @@ -181,7 +181,7 @@ static inline bool i40e_vc_isvalid_vsi_id(struct i40e_vf vf, u16 vsi_id) check for the valid queue id */ static inline bool i40e_vc_isvalid_queue_id(struct i40e_vf vf, u16 vsi_id, - u8 qid) + u16 qid) { struct i40e_pf pf = vf->pf; struct i40e_vsi vsi = i40e_find_vsi_from_id(pf, vsi_id); - i40e: Memory leak in i40e_config_iwarp_qvlist This issue has been produced by e3219ce6a7754 ("i40e: Add support for client interface for IWARP driver"). e3219ce6a7754 is not included in 4.4.y and can be ignored. Best regards, Nobuhiro -----Original Message----- From: cip-dev@... [mailto:cip-dev@...] On Behalf Of masashi.kudo@... Sent: Thursday, October 8, 2020 6:43 PM To: cip-dev@... Cc: jan.kiszka@... Subject: [cip-dev] Backporting of security patches for Intel i40e drivers required? Hi, Jan-san, All, At the IRC meeting today, we identified the following new CVEs are not in LTS4.4 yet. - CVE-2019-0145, CVE-2019-0147, CVE-2019-0148 [net/i40e] - Fixed for mainline and 4.19+ These are for i40e driver for Intel. The kernel team would like to know whether their backporting is needed or not. For details of those CVE checking results, please see the following. https://gitlab.com/cip-project/cip-kernel/cip-kernel-sec/-/merge_requ ests/75/diffs Regarding the discussion of the IRC meeting, please see the following. https://irclogs.baserock.org/meetings/cip/2020/10/cip.2020-10-08-09.0 0.log.html Best regards, -- M. Kudo -- Siemens AG, T RDA IOT Corporate Competence Center Embedded Linux
More All Messages By This Member

View All 9 Messages In Topic

#5518

Join {cip-dev@lists.cip-project.org to automatically receive all group messages.

Home Hashtags Subgroups Terms