We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-56649

net: enetc: Do not configure preemptible TCs if SIs do not support



Description

In the Linux kernel, the following vulnerability has been resolved: net: enetc: Do not configure preemptible TCs if SIs do not support Both ENETC PF and VF drivers share enetc_setup_tc_mqprio() to configure MQPRIO. And enetc_setup_tc_mqprio() calls enetc_change_preemptible_tcs() to configure preemptible TCs. However, only PF is able to configure preemptible TCs. Because only PF has related registers, while VF does not have these registers. So for VF, its hw->port pointer is NULL. Therefore, VF will access an invalid pointer when accessing a non-existent register, which will cause a crash issue. The simplified log is as follows. root@ls1028ardb:~# tc qdisc add dev eno0vf0 parent root handle 100: \ mqprio num_tc 4 map 0 0 1 1 2 2 3 3 queues 1@0 1@1 1@2 1@3 hw 1 [ 187.290775] Unable to handle kernel paging request at virtual address 0000000000001f00 [ 187.424831] pc : enetc_mm_commit_preemptible_tcs+0x1c4/0x400 [ 187.430518] lr : enetc_mm_commit_preemptible_tcs+0x30c/0x400 [ 187.511140] Call trace: [ 187.513588] enetc_mm_commit_preemptible_tcs+0x1c4/0x400 [ 187.518918] enetc_setup_tc_mqprio+0x180/0x214 [ 187.523374] enetc_vf_setup_tc+0x1c/0x30 [ 187.527306] mqprio_enable_offload+0x144/0x178 [ 187.531766] mqprio_init+0x3ec/0x668 [ 187.535351] qdisc_create+0x15c/0x488 [ 187.539023] tc_modify_qdisc+0x398/0x73c [ 187.542958] rtnetlink_rcv_msg+0x128/0x378 [ 187.547064] netlink_rcv_skb+0x60/0x130 [ 187.550910] rtnetlink_rcv+0x18/0x24 [ 187.554492] netlink_unicast+0x300/0x36c [ 187.558425] netlink_sendmsg+0x1a8/0x420 [ 187.606759] ---[ end trace 0000000000000000 ]--- In addition, some PFs also do not support configuring preemptible TCs, such as eno1 and eno3 on LS1028A. It won't crash like it does for VFs, but we should prevent these PFs from accessing these unimplemented registers.

Reserved 2024-12-27 | Published 2024-12-27 | Updated 2025-01-20 | Assigner Linux

Product status

Default status
unaffected

827145392a4aad635b93e5235b7d7fecc2fa31c7 before 66127f0d1ecf00604aeab71132bde398fd9ec7c9
affected

827145392a4aad635b93e5235b7d7fecc2fa31c7 before b718b68a9964181e24d15138a09ce95785a19002
affected

827145392a4aad635b93e5235b7d7fecc2fa31c7 before b2420b8c81ec674552d00c55d46245e5c184b260
affected

Default status
affected

6.4
affected

Any version before 6.4
unaffected

6.6.66
unaffected

6.12.5
unaffected

6.13
unaffected

References

git.kernel.org/...c/66127f0d1ecf00604aeab71132bde398fd9ec7c9

git.kernel.org/...c/b718b68a9964181e24d15138a09ce95785a19002

git.kernel.org/...c/b2420b8c81ec674552d00c55d46245e5c184b260

cve.org (CVE-2024-56649)

nvd.nist.gov (CVE-2024-56649)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-56649

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.