From patchwork Mon Jul  8 15:21:22 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Bethany Jamison <bethany.jamison@canonical.com>
X-Patchwork-Id: 1958007
Return-Path: <kernel-team-bounces@lists.ubuntu.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com
 (client-ip=185.125.189.65; helo=lists.ubuntu.com;
 envelope-from=kernel-team-bounces@lists.ubuntu.com;
 receiver=patchwork.ozlabs.org)
Received: from lists.ubuntu.com (lists.ubuntu.com [185.125.189.65])
	(using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by legolas.ozlabs.org (Postfix) with ESMTPS id 4WHnsK3B01z1yP2
	for <incoming@patchwork.ozlabs.org>; Tue,  9 Jul 2024 01:21:40 +1000 (AEST)
Received: from localhost ([127.0.0.1] helo=lists.ubuntu.com)
	by lists.ubuntu.com with esmtp (Exim 4.86_2)
	(envelope-from <kernel-team-bounces@lists.ubuntu.com>)
	id 1sQqBG-0002E3-Od; Mon, 08 Jul 2024 15:21:30 +0000
Received: from smtp-relay-internal-1.internal ([10.131.114.114]
 helo=smtp-relay-internal-1.canonical.com)
 by lists.ubuntu.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.86_2) (envelope-from <bethany.jamison@canonical.com>)
 id 1sQqBF-0002Dc-6r
 for kernel-team@lists.ubuntu.com; Mon, 08 Jul 2024 15:21:29 +0000
Received: from mail-io1-f69.google.com (mail-io1-f69.google.com
 [209.85.166.69])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
 SHA256)
 (No client certificate requested)
 by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 05E413F0DE
 for <kernel-team@lists.ubuntu.com>; Mon,  8 Jul 2024 15:21:29 +0000 (UTC)
Received: by mail-io1-f69.google.com with SMTP id
 ca18e2360f4ac-7f664993edbso520889739f.2
 for <kernel-team@lists.ubuntu.com>; Mon, 08 Jul 2024 08:21:28 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1720452087; x=1721056887;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=7ZqmnOB8cyRfqphU97AYlw/+jIWQrOUFrq0H6zD/5QI=;
 b=t9wTcrbTjABwIkVeKle8YkCPjp/uFUFuGL/4eyUlH+ON0KZ1II1TtSyhX2GOFziPYS
 DrhWC5rY16VKCwB68NcdtFEkYdaW/GYUtxfpl63O4ALxYPKSV9KZMeGBtInzCh58128x
 uDcVAcx0n+HO/dKVs4zwk4AnzlC7IkFLUINKutahafUuzcQoluMhEOUkmmkbbOL7akeu
 WTquBDCQ43PYSl8jNE+r1wE8guzzu4Oc58tdyBX9UUhrIAux1eIy2b8x7Qg9H/Ptnhny
 U3mB7f+OJCZwJQ74irEKxHl6rsppTQky98oExPJ9ar2RvbKmEaWruHF9Dmo9LCLqoTWJ
 bZzg==
X-Gm-Message-State: AOJu0YwjY9wUeAI5iwvxU2EtLlp+75Jf4+q+Ol56CJIGn86ZfMeFEnZt
 YpIvh8IC6e7TozFiqE4ByTjHCWPv+iBGS1zIc0fIWFSKWXFNP922Hq7eu0jThouHlF56nZjUISc
 XtCup27is9iYehlKucwjTqL3TYJgekhJ45hqRr0AlZrX2Iw9jLlWDqogHzRSjcTb+9rnJJ7kUrn
 oQpSoEr3UWaQ==
X-Received: by 2002:a5d:9311:0:b0:7eb:9a46:c743 with SMTP id
 ca18e2360f4ac-7f66deb1218mr1479197839f.7.1720452087688;
 Mon, 08 Jul 2024 08:21:27 -0700 (PDT)
X-Google-Smtp-Source: 
 AGHT+IGidlDWt/b22KaDqaGRB/OhvPFQO1IghopVxy1ixoAw6FoQOfhXdTa44VOFrf31FWCl9FVHcA==
X-Received: by 2002:a5d:9311:0:b0:7eb:9a46:c743 with SMTP id
 ca18e2360f4ac-7f66deb1218mr1479195439f.7.1720452087266;
 Mon, 08 Jul 2024 08:21:27 -0700 (PDT)
Received: from smtp.gmail.com
 (167-248-51-36.oa02.lnk04.ne.dynamic.allophone.net. [167.248.51.36])
 by smtp.gmail.com with ESMTPSA id
 8926c6da1cb9f-4bb742b887bsm6049725173.133.2024.07.08.08.21.26
 for <kernel-team@lists.ubuntu.com>
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 08 Jul 2024 08:21:27 -0700 (PDT)
From: Bethany Jamison <bethany.jamison@canonical.com>
To: kernel-team@lists.ubuntu.com
Subject: [SRU][F][PATCH 1/3] i40e: Refactoring VF MAC filters counting to make
 more reliable
Date: Mon,  8 Jul 2024 10:21:22 -0500
Message-Id: <20240708152124.14807-3-bethany.jamison@canonical.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20240708152124.14807-1-bethany.jamison@canonical.com>
References: <20240708152124.14807-1-bethany.jamison@canonical.com>
MIME-Version: 1.0
X-BeenThere: kernel-team@lists.ubuntu.com
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Kernel team discussions <kernel-team.lists.ubuntu.com>
List-Unsubscribe: <https://lists.ubuntu.com/mailman/options/kernel-team>,
 <mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>
List-Archive: <https://lists.ubuntu.com/archives/kernel-team>
List-Post: <mailto:kernel-team@lists.ubuntu.com>
List-Help: <mailto:kernel-team-request@lists.ubuntu.com?subject=help>
List-Subscribe: <https://lists.ubuntu.com/mailman/listinfo/kernel-team>,
 <mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>
Errors-To: kernel-team-bounces@lists.ubuntu.com
Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>

From: Aleksandr Loktionov <aleksandr.loktionov@intel.com>

This patch prepares ground for the next VF MAC address change fix.
It lets untrusted VF to delete any VF mac filter, but it still
doesn't let untrusted VF to add mac filter not setup by PF.
It removes information duplication in num_mac mac filters counter.
And improves exact h/w mac filters usage checking in the
i40e_check_vf_permission() function by counting mac2add_cnt.
It also improves logging because now all mac addresses will be validated
first and corresponding messages will be logged.

Signed-off-by: Aleksandr Loktionov <aleksandr.loktionov@intel.com>
Tested-by: Andrew Bowers <andrewx.bowers@intel.com>
(cherry picked from commit 621650cabee54886291c4fa59544b9e30b016f92)
CVE-2024-26830
Signed-off-by: Bethany Jamison <bethany.jamison@canonical.com>
---
 drivers/net/ethernet/intel/i40e/i40e.h        |  1 +
 drivers/net/ethernet/intel/i40e/i40e_main.c   | 19 ++++++++
 .../ethernet/intel/i40e/i40e_virtchnl_pf.c    | 45 ++++++++-----------
 .../ethernet/intel/i40e/i40e_virtchnl_pf.h    |  1 -
 4 files changed, 39 insertions(+), 27 deletions(-)

diff --git a/drivers/net/ethernet/intel/i40e/i40e.h b/drivers/net/ethernet/intel/i40e/i40e.h
index 4c8c31692e9e0..73800ae08a945 100644
--- a/drivers/net/ethernet/intel/i40e/i40e.h
+++ b/drivers/net/ethernet/intel/i40e/i40e.h
@@ -1123,6 +1123,7 @@ struct i40e_mac_filter *i40e_add_mac_filter(struct i40e_vsi *vsi,
 					    const u8 *macaddr);
 int i40e_del_mac_filter(struct i40e_vsi *vsi, const u8 *macaddr);
 bool i40e_is_vsi_in_vlan(struct i40e_vsi *vsi);
+int i40e_count_filters(struct i40e_vsi *vsi);
 struct i40e_mac_filter *i40e_find_mac(struct i40e_vsi *vsi, const u8 *macaddr);
 void i40e_vlan_stripping_enable(struct i40e_vsi *vsi);
 #ifdef CONFIG_I40E_DCB
diff --git a/drivers/net/ethernet/intel/i40e/i40e_main.c b/drivers/net/ethernet/intel/i40e/i40e_main.c
index dfa06737ff05e..900bf359ddd3c 100644
--- a/drivers/net/ethernet/intel/i40e/i40e_main.c
+++ b/drivers/net/ethernet/intel/i40e/i40e_main.c
@@ -1152,6 +1152,25 @@ void i40e_update_stats(struct i40e_vsi *vsi)
 	i40e_update_vsi_stats(vsi);
 }
 
+/**
+ * i40e_count_filters - counts VSI mac filters
+ * @vsi: the VSI to be searched
+ *
+ * Returns count of mac filters
+ **/
+int i40e_count_filters(struct i40e_vsi *vsi)
+{
+	struct i40e_mac_filter *f;
+	struct hlist_node *h;
+	int bkt;
+	int cnt = 0;
+
+	hash_for_each_safe(vsi->mac_filter_hash, bkt, h, f, hlist)
+		++cnt;
+
+	return cnt;
+}
+
 /**
  * i40e_find_filter - Search VSI filter list for specific mac/vlan filter
  * @vsi: the VSI to be searched
diff --git a/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c b/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
index 81f428d0b7a4c..dd3fa9be04fda 100644
--- a/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
+++ b/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
@@ -990,7 +990,6 @@ static void i40e_free_vf_res(struct i40e_vf *vf)
 		i40e_vsi_release(pf->vsi[vf->lan_vsi_idx]);
 		vf->lan_vsi_idx = 0;
 		vf->lan_vsi_id = 0;
-		vf->num_mac = 0;
 	}
 
 	/* do the accounting and remove additional ADq VSI's */
@@ -2784,20 +2783,12 @@ static inline int i40e_check_vf_permission(struct i40e_vf *vf,
 					   struct virtchnl_ether_addr_list *al)
 {
 	struct i40e_pf *pf = vf->pf;
+	struct i40e_vsi *vsi = pf->vsi[vf->lan_vsi_idx];
+	int mac2add_cnt = 0;
 	int i;
 
-	/* If this VF is not privileged, then we can't add more than a limited
-	 * number of addresses. Check to make sure that the additions do not
-	 * push us over the limit.
-	 */
-	if (!test_bit(I40E_VIRTCHNL_VF_CAP_PRIVILEGE, &vf->vf_caps) &&
-	    (vf->num_mac + al->num_elements) > I40E_VC_MAX_MAC_ADDR_PER_VF) {
-		dev_err(&pf->pdev->dev,
-			"Cannot add more MAC addresses, VF is not trusted, switch the VF to trusted to add more functionality\n");
-		return -EPERM;
-	}
-
 	for (i = 0; i < al->num_elements; i++) {
+		struct i40e_mac_filter *f;
 		u8 *addr = al->list[i].addr;
 
 		if (is_broadcast_ether_addr(addr) ||
@@ -2821,8 +2812,24 @@ static inline int i40e_check_vf_permission(struct i40e_vf *vf,
 				"VF attempting to override administratively set MAC address, bring down and up the VF interface to resume normal operation\n");
 			return -EPERM;
 		}
+
+		/*count filters that really will be added*/
+		f = i40e_find_mac(vsi, addr);
+		if (!f)
+			++mac2add_cnt;
 	}
 
+	/* If this VF is not privileged, then we can't add more than a limited
+	 * number of addresses. Check to make sure that the additions do not
+	 * push us over the limit.
+	 */
+	if (!test_bit(I40E_VIRTCHNL_VF_CAP_PRIVILEGE, &vf->vf_caps) &&
+	    (i40e_count_filters(vsi) + mac2add_cnt) >
+		    I40E_VC_MAX_MAC_ADDR_PER_VF) {
+		dev_err(&pf->pdev->dev,
+			"Cannot add more MAC addresses, VF is not trusted, switch the VF to trusted to add more functionality\n");
+		return -EPERM;
+	}
 	return 0;
 }
 
@@ -2876,8 +2883,6 @@ static int i40e_vc_add_mac_addr_msg(struct i40e_vf *vf, u8 *msg)
 				ret = I40E_ERR_PARAM;
 				spin_unlock_bh(&vsi->mac_filter_hash_lock);
 				goto error_param;
-			} else {
-				vf->num_mac++;
 			}
 		}
 	}
@@ -2925,16 +2930,6 @@ static int i40e_vc_del_mac_addr_msg(struct i40e_vf *vf, u8 *msg)
 			ret = I40E_ERR_INVALID_MAC_ADDR;
 			goto error_param;
 		}
-
-		if (vf->pf_set_mac &&
-		    ether_addr_equal(al->list[i].addr,
-				     vf->default_lan_addr.addr)) {
-			dev_err(&pf->pdev->dev,
-				"MAC addr %pM has been set by PF, cannot delete it for VF %d, reset VF to change MAC addr\n",
-				vf->default_lan_addr.addr, vf->vf_id);
-			ret = I40E_ERR_PARAM;
-			goto error_param;
-		}
 	}
 	vsi = pf->vsi[vf->lan_vsi_idx];
 
@@ -2945,8 +2940,6 @@ static int i40e_vc_del_mac_addr_msg(struct i40e_vf *vf, u8 *msg)
 			ret = I40E_ERR_INVALID_MAC_ADDR;
 			spin_unlock_bh(&vsi->mac_filter_hash_lock);
 			goto error_param;
-		} else {
-			vf->num_mac--;
 		}
 
 	spin_unlock_bh(&vsi->mac_filter_hash_lock);
diff --git a/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h b/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h
index 75d916714ad8a..fbff11f061ebb 100644
--- a/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h
+++ b/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.h
@@ -103,7 +103,6 @@ struct i40e_vf {
 	bool link_forced;
 	bool link_up;		/* only valid if VF link is forced */
 	bool spoofchk;
-	u16 num_mac;
 	u16 num_vlan;
 
 	/* ADq related variables */

From patchwork Mon Jul  8 15:21:23 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Bethany Jamison <bethany.jamison@canonical.com>
X-Patchwork-Id: 1958006
Return-Path: <kernel-team-bounces@lists.ubuntu.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com
 (client-ip=185.125.189.65; helo=lists.ubuntu.com;
 envelope-from=kernel-team-bounces@lists.ubuntu.com;
 receiver=patchwork.ozlabs.org)
Received: from lists.ubuntu.com (lists.ubuntu.com [185.125.189.65])
	(using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by legolas.ozlabs.org (Postfix) with ESMTPS id 4WHnsK34tcz1xpP
	for <incoming@patchwork.ozlabs.org>; Tue,  9 Jul 2024 01:21:40 +1000 (AEST)
Received: from localhost ([127.0.0.1] helo=lists.ubuntu.com)
	by lists.ubuntu.com with esmtp (Exim 4.86_2)
	(envelope-from <kernel-team-bounces@lists.ubuntu.com>)
	id 1sQqBL-0002Gs-Gi; Mon, 08 Jul 2024 15:21:35 +0000
Received: from smtp-relay-internal-1.internal ([10.131.114.114]
 helo=smtp-relay-internal-1.canonical.com)
 by lists.ubuntu.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.86_2) (envelope-from <bethany.jamison@canonical.com>)
 id 1sQqBG-0002Dw-40
 for kernel-team@lists.ubuntu.com; Mon, 08 Jul 2024 15:21:30 +0000
Received: from mail-io1-f72.google.com (mail-io1-f72.google.com
 [209.85.166.72])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
 SHA256)
 (No client certificate requested)
 by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id C13393F0DE
 for <kernel-team@lists.ubuntu.com>; Mon,  8 Jul 2024 15:21:29 +0000 (UTC)
Received: by mail-io1-f72.google.com with SMTP id
 ca18e2360f4ac-7f12ee1959cso517155339f.1
 for <kernel-team@lists.ubuntu.com>; Mon, 08 Jul 2024 08:21:29 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1720452088; x=1721056888;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=sraaAJN34Ly3ZXwlo9hAEoRw2XZres2vp5X4IBa1uDc=;
 b=CG9H6ZA1ttxhRIUdr54JzVKZxP0C4ky2psmJJ2PVHptbsB1osc7juGNTUjitlDdakm
 v8rIW2JjFObcimy6K1q7z+ch0x4dwVq0Yajen/cg0GiPGYyhj1PFqujrOEDRhGrJJvYq
 wZ4zURe2dLNvubgiaf7Mzss1PihkrofsPBtd7LeRp+4asCUZlZHFJnX5bOOdcKe1maR/
 KXFt9q2twLB8Kn7lUkh23UeGJAXu+n0zJDzTjNmd/4lI98Fj+YTeU5uNr6qOI49txTrE
 2o1sJ+ycUeaCs9wW6mm7RrSEOXAOKxAKs0BxjIZIglObRMkOazp/D1VQuzzJRjoPbGBz
 SjaQ==
X-Gm-Message-State: AOJu0Yw0dXMnB6EacQF9gLpVMKQsJ/cxU6whPiy1TKfyb8PReBJq/7wP
 4J6yp4BoTWjNeix6bkfFkqtid2B+pDJ8wVvcdREBbJP0ysXfI19Z65KTSmwQMSQ0j1XEuageGjL
 Gxu5y88cGTTu7Bl+vvg9AkHaP5CqcUV0wY4o8Cs+VyjoHOpkpVQYDbl2BAFDF9SLYVCn8iVIl8e
 hZeeSiECD2EQ==
X-Received: by 2002:a5d:8187:0:b0:7f6:294a:98db with SMTP id
 ca18e2360f4ac-7f66df1ee3dmr1366016239f.15.1720452088362;
 Mon, 08 Jul 2024 08:21:28 -0700 (PDT)
X-Google-Smtp-Source: 
 AGHT+IE9pArhGExv72ghYiyn1z+sua6jxKjz27Mloj8GqYQgpt3+XJKm4dfIC9pAFX1dTQM31j8chw==
X-Received: by 2002:a5d:8187:0:b0:7f6:294a:98db with SMTP id
 ca18e2360f4ac-7f66df1ee3dmr1366014339f.15.1720452088023;
 Mon, 08 Jul 2024 08:21:28 -0700 (PDT)
Received: from smtp.gmail.com
 (167-248-51-36.oa02.lnk04.ne.dynamic.allophone.net. [167.248.51.36])
 by smtp.gmail.com with ESMTPSA id
 8926c6da1cb9f-4bb742b887bsm6049725173.133.2024.07.08.08.21.27
 for <kernel-team@lists.ubuntu.com>
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 08 Jul 2024 08:21:27 -0700 (PDT)
From: Bethany Jamison <bethany.jamison@canonical.com>
To: kernel-team@lists.ubuntu.com
Subject: [SRU][F][PATCH 2/3] i40e: Fix MAC address setting for a VF via
 Host/VM
Date: Mon,  8 Jul 2024 10:21:23 -0500
Message-Id: <20240708152124.14807-4-bethany.jamison@canonical.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20240708152124.14807-1-bethany.jamison@canonical.com>
References: <20240708152124.14807-1-bethany.jamison@canonical.com>
MIME-Version: 1.0
X-BeenThere: kernel-team@lists.ubuntu.com
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Kernel team discussions <kernel-team.lists.ubuntu.com>
List-Unsubscribe: <https://lists.ubuntu.com/mailman/options/kernel-team>,
 <mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>
List-Archive: <https://lists.ubuntu.com/archives/kernel-team>
List-Post: <mailto:kernel-team@lists.ubuntu.com>
List-Help: <mailto:kernel-team-request@lists.ubuntu.com?subject=help>
List-Subscribe: <https://lists.ubuntu.com/mailman/listinfo/kernel-team>,
 <mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>
Errors-To: kernel-team-bounces@lists.ubuntu.com
Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>

From: Slawomir Laba <slawomirx.laba@intel.com>

Fix MAC setting flow for the PF driver.

Update the unicast VF's MAC address in VF structure if it is
a new setting in i40e_vc_add_mac_addr_msg.

When unicast MAC address gets deleted, record that and
set the new unicast MAC address that is already waiting in the filter
list. This logic is based on the order of messages arriving to
the PF driver.

Without this change the MAC address setting was interpreted
incorrectly in the following use cases:
1) Print incorrect VF MAC or zero MAC
ip link show dev $pf
2) Don't preserve MAC between driver reload
rmmod iavf; modprobe iavf
3) Update VF MAC when macvlan was set
ip link add link $vf address $mac $vf.1 type macvlan
4) Failed to update mac address when VF was trusted
ip link set dev $vf address $mac

This includes all other configurations including above commands.

Fixes: f657a6e1313b ("i40e: Fix VF driver MAC address configuration")
Signed-off-by: Slawomir Laba <slawomirx.laba@intel.com>
Tested-by: Konrad Jankowski <konrad0.jankowski@intel.com>
Signed-off-by: Tony Nguyen <anthony.l.nguyen@intel.com>
(cherry picked from commit 3a7001788fed0311d6fb77ed0dabe7bed3567bc0)
CVE-2024-26830
Signed-off-by: Bethany Jamison <bethany.jamison@canonical.com>
---
 .../ethernet/intel/i40e/i40e_virtchnl_pf.c    | 26 +++++++++++++++++--
 1 file changed, 24 insertions(+), 2 deletions(-)

diff --git a/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c b/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
index dd3fa9be04fda..8bc4774d797e4 100644
--- a/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
+++ b/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
@@ -2884,6 +2884,10 @@ static int i40e_vc_add_mac_addr_msg(struct i40e_vf *vf, u8 *msg)
 				spin_unlock_bh(&vsi->mac_filter_hash_lock);
 				goto error_param;
 			}
+			if (is_valid_ether_addr(al->list[i].addr) &&
+			    is_zero_ether_addr(vf->default_lan_addr.addr))
+				ether_addr_copy(vf->default_lan_addr.addr,
+						al->list[i].addr);
 		}
 	}
 	spin_unlock_bh(&vsi->mac_filter_hash_lock);
@@ -2911,6 +2915,7 @@ static int i40e_vc_del_mac_addr_msg(struct i40e_vf *vf, u8 *msg)
 {
 	struct virtchnl_ether_addr_list *al =
 	    (struct virtchnl_ether_addr_list *)msg;
+	bool was_unimac_deleted = false;
 	struct i40e_pf *pf = vf->pf;
 	struct i40e_vsi *vsi = NULL;
 	i40e_status ret = 0;
@@ -2930,6 +2935,8 @@ static int i40e_vc_del_mac_addr_msg(struct i40e_vf *vf, u8 *msg)
 			ret = I40E_ERR_INVALID_MAC_ADDR;
 			goto error_param;
 		}
+		if (ether_addr_equal(al->list[i].addr, vf->default_lan_addr.addr))
+			was_unimac_deleted = true;
 	}
 	vsi = pf->vsi[vf->lan_vsi_idx];
 
@@ -2950,10 +2957,25 @@ static int i40e_vc_del_mac_addr_msg(struct i40e_vf *vf, u8 *msg)
 		dev_err(&pf->pdev->dev, "Unable to program VF %d MAC filters, error %d\n",
 			vf->vf_id, ret);
 
+	if (vf->trusted && was_unimac_deleted) {
+		struct i40e_mac_filter *f;
+		struct hlist_node *h;
+		u8 *macaddr = NULL;
+		int bkt;
+
+		/* set last unicast mac address as default */
+		spin_lock_bh(&vsi->mac_filter_hash_lock);
+		hash_for_each_safe(vsi->mac_filter_hash, bkt, h, f, hlist) {
+			if (is_valid_ether_addr(f->macaddr))
+				macaddr = f->macaddr;
+		}
+		if (macaddr)
+			ether_addr_copy(vf->default_lan_addr.addr, macaddr);
+		spin_unlock_bh(&vsi->mac_filter_hash_lock);
+	}
 error_param:
 	/* send the response to the VF */
-	return i40e_vc_send_resp_to_vf(vf, VIRTCHNL_OP_DEL_ETH_ADDR,
-				       ret);
+	return i40e_vc_send_resp_to_vf(vf, VIRTCHNL_OP_DEL_ETH_ADDR, ret);
 }
 
 /**

From patchwork Mon Jul  8 15:21:24 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Bethany Jamison <bethany.jamison@canonical.com>
X-Patchwork-Id: 1958010
Return-Path: <kernel-team-bounces@lists.ubuntu.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com
 (client-ip=185.125.189.65; helo=lists.ubuntu.com;
 envelope-from=kernel-team-bounces@lists.ubuntu.com;
 receiver=patchwork.ozlabs.org)
Received: from lists.ubuntu.com (lists.ubuntu.com [185.125.189.65])
	(using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by legolas.ozlabs.org (Postfix) with ESMTPS id 4WHnsK73CKz1ySg
	for <incoming@patchwork.ozlabs.org>; Tue,  9 Jul 2024 01:21:41 +1000 (AEST)
Received: from localhost ([127.0.0.1] helo=lists.ubuntu.com)
	by lists.ubuntu.com with esmtp (Exim 4.86_2)
	(envelope-from <kernel-team-bounces@lists.ubuntu.com>)
	id 1sQqBL-0002H5-M2; Mon, 08 Jul 2024 15:21:35 +0000
Received: from smtp-relay-internal-1.internal ([10.131.114.114]
 helo=smtp-relay-internal-1.canonical.com)
 by lists.ubuntu.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.86_2) (envelope-from <bethany.jamison@canonical.com>)
 id 1sQqBG-0002E9-V1
 for kernel-team@lists.ubuntu.com; Mon, 08 Jul 2024 15:21:30 +0000
Received: from mail-io1-f71.google.com (mail-io1-f71.google.com
 [209.85.166.71])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
 SHA256)
 (No client certificate requested)
 by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id A5D5A3F0DE
 for <kernel-team@lists.ubuntu.com>; Mon,  8 Jul 2024 15:21:30 +0000 (UTC)
Received: by mail-io1-f71.google.com with SMTP id
 ca18e2360f4ac-7f93f0d6ab2so139816139f.1
 for <kernel-team@lists.ubuntu.com>; Mon, 08 Jul 2024 08:21:30 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1720452089; x=1721056889;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=Lj7Yy4xBNxOgJOl+1mmJo7kQWNA2gQKJSLZbXKOFg/0=;
 b=Np4ybLwFJEXORjGSxp8uYwNPrCAVAFd/1aZA+l991+S72VaBEL2TWGNGxWZz6K/9jD
 e+rAu5wpw23+k1CEo/5UuOklFOYENegzVzJdPFtoS1tvDaiNf79zK68mKKfvAB5NZZBB
 rJsCvm8Hl/kL3wmjhLQEgz2GxGuuc4iWxsO0ZVG/r6BV0Dc7swdQWI0VmMKMKIHdDtE6
 BX9BaRrqhrAneWeNiwmh9t5Hv1sk026LG5xdqB5zPrZ7CpUqsMI3EWGTRkOUIUG7DnyE
 qG8/r5PkenOEZKOu1bT2AXUcm8D3rjof0uzL/cY9CC5M8QqPsrHwrqhbpcBo91N3fjCY
 EeQg==
X-Gm-Message-State: AOJu0YxlFGt6XCE6t0cLL2aqu4aPiVtT3bJcyOMjwZPr3Tj1vU3E4fJX
 jhesDEKaWogpmC762cbpsWAmZeHK4obS+9yTfHCwNbLriNm5I+6vaLCK2tMaOvpWKUBEJn4dSgk
 FD1KysHI7LalFsMVB4QcmOwYawKXDGjxIcPCUnBxndMFFlkRv4u1saR47w0bMjHQx1tomSIbUmC
 5lefhVTactcg==
X-Received: by 2002:a5d:85cc:0:b0:7f9:ef9b:92a0 with SMTP id
 ca18e2360f4ac-7f9efba248amr260216639f.10.1720452089271;
 Mon, 08 Jul 2024 08:21:29 -0700 (PDT)
X-Google-Smtp-Source: 
 AGHT+IF0uVsOrfI6RRfu5hBcCOoEGhUuGA21z8OlyeBrzXfq9zZdqvv/kfcs165xunM5KbFXVgWaHg==
X-Received: by 2002:a5d:85cc:0:b0:7f9:ef9b:92a0 with SMTP id
 ca18e2360f4ac-7f9efba248amr260215339f.10.1720452088828;
 Mon, 08 Jul 2024 08:21:28 -0700 (PDT)
Received: from smtp.gmail.com
 (167-248-51-36.oa02.lnk04.ne.dynamic.allophone.net. [167.248.51.36])
 by smtp.gmail.com with ESMTPSA id
 8926c6da1cb9f-4bb742b887bsm6049725173.133.2024.07.08.08.21.28
 for <kernel-team@lists.ubuntu.com>
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 08 Jul 2024 08:21:28 -0700 (PDT)
From: Bethany Jamison <bethany.jamison@canonical.com>
To: kernel-team@lists.ubuntu.com
Subject: [SRU][F][PATCH 3/3] i40e: Do not allow untrusted VF to remove
 administratively set MAC
Date: Mon,  8 Jul 2024 10:21:24 -0500
Message-Id: <20240708152124.14807-5-bethany.jamison@canonical.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20240708152124.14807-1-bethany.jamison@canonical.com>
References: <20240708152124.14807-1-bethany.jamison@canonical.com>
MIME-Version: 1.0
X-BeenThere: kernel-team@lists.ubuntu.com
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Kernel team discussions <kernel-team.lists.ubuntu.com>
List-Unsubscribe: <https://lists.ubuntu.com/mailman/options/kernel-team>,
 <mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>
List-Archive: <https://lists.ubuntu.com/archives/kernel-team>
List-Post: <mailto:kernel-team@lists.ubuntu.com>
List-Help: <mailto:kernel-team-request@lists.ubuntu.com?subject=help>
List-Subscribe: <https://lists.ubuntu.com/mailman/listinfo/kernel-team>,
 <mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>
Errors-To: kernel-team-bounces@lists.ubuntu.com
Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>

From: Ivan Vecera <ivecera@redhat.com>

Currently when PF administratively sets VF's MAC address and the VF
is put down (VF tries to delete all MACs) then the MAC is removed
from MAC filters and primary VF MAC is zeroed.

Do not allow untrusted VF to remove primary MAC when it was set
administratively by PF.

Reproducer:
1) Create VF
2) Set VF interface up
3) Administratively set the VF's MAC
4) Put VF interface down

[root@host ~]# echo 1 > /sys/class/net/enp2s0f0/device/sriov_numvfs
[root@host ~]# ip link set enp2s0f0v0 up
[root@host ~]# ip link set enp2s0f0 vf 0 mac fe:6c:b5:da:c7:7d
[root@host ~]# ip link show enp2s0f0
23: enp2s0f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
    link/ether 3c:ec:ef:b7:dd:04 brd ff:ff:ff:ff:ff:ff
    vf 0     link/ether fe:6c:b5:da:c7:7d brd ff:ff:ff:ff:ff:ff, spoof checking on, link-state auto, trust off
[root@host ~]# ip link set enp2s0f0v0 down
[root@host ~]# ip link show enp2s0f0
23: enp2s0f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
    link/ether 3c:ec:ef:b7:dd:04 brd ff:ff:ff:ff:ff:ff
    vf 0     link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff, spoof checking on, link-state auto, trust off

Fixes: 700bbf6c1f9e ("i40e: allow VF to remove any MAC filter")
Fixes: ceb29474bbbc ("i40e: Add support for VF to specify its primary MAC address")
Signed-off-by: Ivan Vecera <ivecera@redhat.com>
Reviewed-by: Simon Horman <horms@kernel.org>
Tested-by: Rafal Romanowski <rafal.romanowski@intel.com>
Signed-off-by: Tony Nguyen <anthony.l.nguyen@intel.com>
Link: https://lore.kernel.org/r/20240208180335.1844996-1-anthony.l.nguyen@intel.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
(backported from commit 73d9629e1c8c1982f13688c4d1019c3994647ccc)
[bjamison: ignored context conflict from neighboring line]
CVE-2024-26830
Signed-off-by: Bethany Jamison <bethany.jamison@canonical.com>
---
 .../ethernet/intel/i40e/i40e_virtchnl_pf.c    | 38 ++++++++++++++++---
 1 file changed, 33 insertions(+), 5 deletions(-)

diff --git a/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c b/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
index 8bc4774d797e4..cd32f1f7da974 100644
--- a/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
+++ b/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
@@ -2756,6 +2756,24 @@ static int i40e_vc_get_stats_msg(struct i40e_vf *vf, u8 *msg)
 				      (u8 *)&stats, sizeof(stats));
 }
 
+/**
+ * i40e_can_vf_change_mac
+ * @vf: pointer to the VF info
+ *
+ * Return true if the VF is allowed to change its MAC filters, false otherwise
+ */
+static bool i40e_can_vf_change_mac(struct i40e_vf *vf)
+{
+	/* If the VF MAC address has been set administratively (via the
+	 * ndo_set_vf_mac command), then deny permission to the VF to
+	 * add/delete unicast MAC addresses, unless the VF is trusted
+	 */
+	if (vf->pf_set_mac && !vf->trusted)
+		return false;
+
+	return true;
+}
+
 /* If the VF is not trusted restrict the number of MAC/VLAN it can program
  * MAC filters: 16 for multicast, 1 for MAC, 1 for broadcast
  */
@@ -2805,8 +2823,8 @@ static inline int i40e_check_vf_permission(struct i40e_vf *vf,
 		 * The VF may request to set the MAC address filter already
 		 * assigned to it so do not return an error in that case.
 		 */
-		if (!test_bit(I40E_VIRTCHNL_VF_CAP_PRIVILEGE, &vf->vf_caps) &&
-		    !is_multicast_ether_addr(addr) && vf->pf_set_mac &&
+		if (!i40e_can_vf_change_mac(vf) &&
+		    !is_multicast_ether_addr(addr) &&
 		    !ether_addr_equal(addr, vf->default_lan_addr.addr)) {
 			dev_err(&pf->pdev->dev,
 				"VF attempting to override administratively set MAC address, bring down and up the VF interface to resume normal operation\n");
@@ -2935,19 +2953,29 @@ static int i40e_vc_del_mac_addr_msg(struct i40e_vf *vf, u8 *msg)
 			ret = I40E_ERR_INVALID_MAC_ADDR;
 			goto error_param;
 		}
-		if (ether_addr_equal(al->list[i].addr, vf->default_lan_addr.addr))
-			was_unimac_deleted = true;
 	}
 	vsi = pf->vsi[vf->lan_vsi_idx];
 
 	spin_lock_bh(&vsi->mac_filter_hash_lock);
 	/* delete addresses from the list */
-	for (i = 0; i < al->num_elements; i++)
+	for (i = 0; i < al->num_elements; i++) {
+		const u8 *addr = al->list[i].addr;
+
+		/* Allow to delete VF primary MAC only if it was not set
+		 * administratively by PF or if VF is trusted.
+		 */
+		if (ether_addr_equal(addr, vf->default_lan_addr.addr) &&
+		    i40e_can_vf_change_mac(vf))
+			was_unimac_deleted = true;
+		else
+			continue;
+
 		if (i40e_del_mac_filter(vsi, al->list[i].addr)) {
 			ret = I40E_ERR_INVALID_MAC_ADDR;
 			spin_unlock_bh(&vsi->mac_filter_hash_lock);
 			goto error_param;
 		}
+	}
 
 	spin_unlock_bh(&vsi->mac_filter_hash_lock);