CVE-2021-47619

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> i40e: Fix queues reservation for XDP<br /> <br /> When XDP was configured on a system with large number of CPUs<br /> and X722 NIC there was a call trace with NULL pointer dereference.<br /> <br /> i40e 0000:87:00.0: failed to get tracking for 256 queues for VSI 0 err -12<br /> i40e 0000:87:00.0: setup of MAIN VSI failed<br /> <br /> BUG: kernel NULL pointer dereference, address: 0000000000000000<br /> RIP: 0010:i40e_xdp+0xea/0x1b0 [i40e]<br /> Call Trace:<br /> ? i40e_reconfig_rss_queues+0x130/0x130 [i40e]<br /> dev_xdp_install+0x61/0xe0<br /> dev_xdp_attach+0x18a/0x4c0<br /> dev_change_xdp_fd+0x1e6/0x220<br /> do_setlink+0x616/0x1030<br /> ? ahci_port_stop+0x80/0x80<br /> ? ata_qc_issue+0x107/0x1e0<br /> ? lock_timer_base+0x61/0x80<br /> ? __mod_timer+0x202/0x380<br /> rtnl_setlink+0xe5/0x170<br /> ? bpf_lsm_binder_transaction+0x10/0x10<br /> ? security_capable+0x36/0x50<br /> rtnetlink_rcv_msg+0x121/0x350<br /> ? rtnl_calcit.isra.0+0x100/0x100<br /> netlink_rcv_skb+0x50/0xf0<br /> netlink_unicast+0x1d3/0x2a0<br /> netlink_sendmsg+0x22a/0x440<br /> sock_sendmsg+0x5e/0x60<br /> __sys_sendto+0xf0/0x160<br /> ? __sys_getsockname+0x7e/0xc0<br /> ? _copy_from_user+0x3c/0x80<br /> ? __sys_setsockopt+0xc8/0x1a0<br /> __x64_sys_sendto+0x20/0x30<br /> do_syscall_64+0x33/0x40<br /> entry_SYSCALL_64_after_hwframe+0x44/0xae<br /> RIP: 0033:0x7f83fa7a39e0<br /> <br /> This was caused by PF queue pile fragmentation due to<br /> flow director VSI queue being placed right after main VSI.<br /> Because of this main VSI was not able to resize its<br /> queue allocation for XDP resulting in no queues allocated<br /> for main VSI when XDP was turned on.<br /> <br /> Fix this by always allocating last queue in PF queue pile<br /> for a flow director VSI.