Rebase to 21.11.2

Includes fixes for CVE-2022-2132 (#2107173) and CVE-2022-28199 (#2123616)

Resolves: #2126159
Resolves: #2107173
Resolves: #2123616
This commit is contained in:
Timothy Redaelli 2022-09-12 19:59:53 +02:00
parent 4632dddc39
commit 66901848bd
4 changed files with 42 additions and 4 deletions

1
.gitignore vendored
View File

@ -11,3 +11,4 @@
/dpdk-21.11.tar.xz /dpdk-21.11.tar.xz
/pyelftools-0.27.tar.gz /pyelftools-0.27.tar.gz
/dpdk-21.11.1.tar.xz /dpdk-21.11.1.tar.xz
/dpdk-21.11.2.tar.xz

View File

@ -0,0 +1,34 @@
From 8010a15523e896ca2f2436432602210cab793f87 Mon Sep 17 00:00:00 2001
From: David Marchand <david.marchand@redhat.com>
Date: Mon, 25 Jul 2022 22:32:03 +0200
Subject: [PATCH] vhost: fix virtqueue use after free on NUMA reallocation
[ upstream commit 0b2a2ca35037d6a5168f0832c11d9858b8ae946a ]
translate_ring_addresses (via numa_realloc) may change a virtio device and
virtio queue.
The virtqueue object must be refreshed before accessing the lock.
Fixes: 04c27cb673b9 ("vhost: fix unsafe vring addresses modifications")
Signed-off-by: David Marchand <david.marchand@redhat.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
---
lib/vhost/vhost_user.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/lib/vhost/vhost_user.c b/lib/vhost/vhost_user.c
index df780fd7d6..2b45e35d4a 100644
--- a/lib/vhost/vhost_user.c
+++ b/lib/vhost/vhost_user.c
@@ -2575,6 +2575,7 @@ vhost_user_iotlb_msg(struct virtio_net **pdev, struct VhostUserMsg *msg,
if (is_vring_iotlb(dev, vq, imsg)) {
rte_spinlock_lock(&vq->access_lock);
*pdev = dev = translate_ring_addresses(dev, i);
+ vq = dev->virtqueue[i];
rte_spinlock_unlock(&vq->access_lock);
}
}
--
2.37.3

View File

@ -8,7 +8,7 @@
#% define date 20191128 #% define date 20191128
#% define shortcommit0 %(c=%{commit0}; echo ${c:0:7}) #% define shortcommit0 %(c=%{commit0}; echo ${c:0:7})
%define ver 21.11.1 %define ver 21.11.2
%define rel 1 %define rel 1
%define srcname dpdk%(awk -F. '{ if (NF > 2) print "-stable" }' <<<%{version}) %define srcname dpdk%(awk -F. '{ if (NF > 2) print "-stable" }' <<<%{version})
@ -31,8 +31,7 @@ Source: http://fast.dpdk.org/rel/dpdk-%{ver}.tar.xz
# Only needed for creating snapshot tarballs, not used in build itself # Only needed for creating snapshot tarballs, not used in build itself
Source100: dpdk-snapshot.sh Source100: dpdk-snapshot.sh
# Patches only in dpdk package Patch1: 0001-vhost-fix-virtqueue-use-after-free-on-NUMA-reallocat.patch
Summary: Set of libraries and drivers for fast packet processing Summary: Set of libraries and drivers for fast packet processing
@ -274,6 +273,10 @@ rm -rf %{docdir}/html/.doctrees
%endif %endif
%changelog %changelog
* Mon Sep 12 2022 Timothy Redaelli <tredaelli@redhat.com> - 21.11.2-1
- Rebase to 21.11.2 (#2126159)
- Includes fixes for CVE-2022-2132 (#2107173) and CVE-2022-28199 (#2123616)
* Wed Jul 13 2022 Timothy Redaelli <tredaelli@redhat.com> - 21.11.1-1 * Wed Jul 13 2022 Timothy Redaelli <tredaelli@redhat.com> - 21.11.1-1
- Rebase to 21.11.1 (#2106856) - Rebase to 21.11.1 (#2106856)
- Includes fix for CVE-2021-3839 (#2026642) - Includes fix for CVE-2021-3839 (#2026642)

View File

@ -1,2 +1,2 @@
SHA512 (dpdk-21.11.1.tar.xz) = d7afc0c918626b1706a18a129086fcd3741b251c28fa00c5711eb85a03137e5ee6e08de7bd5ebe957e442dc9b901314042b382b223e74f0fdd5d560ac657f1b3 SHA512 (dpdk-21.11.2.tar.xz) = bd33501c309d3285f5dcb44631f759d85e2c25980cd70644259c97ab86f4b2d59402c3b214c220f872ba0c7da02f1e3f0693b6c638b99e92773e2fb286e26c8e
SHA512 (pyelftools-0.27.tar.gz) = bb0a00e5500016e3d4f64be0a728e190f84b11a805f78d668b5a74716a30400e6794946f198ef4a3f3b8f64a63deb1b5a96180b09e56b7357b988b28e25fad0a SHA512 (pyelftools-0.27.tar.gz) = bb0a00e5500016e3d4f64be0a728e190f84b11a805f78d668b5a74716a30400e6794946f198ef4a3f3b8f64a63deb1b5a96180b09e56b7357b988b28e25fad0a