CVE-2023-54166

In the Linux kernel, the following vulnerability has been resolved:

igc: Fix Kernel Panic during ndotxtimeout callback

The Xeon validation group has been carrying out some loaded tests with various HW configurations, and they have seen some transmit queue time out happening during the test. This will cause the reset adapter function to be called by igctxtimeout(). Similar race conditions may arise when the interface is being brought down and up in igcreinitlocked(), an interrupt being generated, and igccleantx_irq() being called to complete the TX.

When the igctxtimeout() function is invoked, this patch will turn off all TX ring HW queues during igcdown() process. TX ring HW queues will be activated again during the igcconfiguretxring() process when performing the igc_up() procedure later.

This patch also moved existing igcdisabletxringhw() to avoid using forward declaration.

Kernel trace: [ 7678.747813] ------------[ cut here ]------------ [ 7678.757914] NETDEV WATCHDOG: enp1s0 (igc): transmit queue 2 timed out [ 7678.770117] WARNING: CPU: 0 PID: 13 at net/sched/schgeneric.c:525 devwatchdog+0x1ae/0x1f0 [ 7678.784459] Modules linked in: xtconntrack nftchainnat xtMASQUERADE xtaddrtype nftcompat nftables nfnetlink brnetfilter bridge stp llc overlay dmmod emrcha(PO) emriio(PO) rktpm(PO) cegbufmod(PO) patchupdate(PO) se(PO) sgxtgts(PO) mktme(PO) keylocker(PO) svtdx(PO) svfspcihotplug(PO) vtdmod(PO) davemem(PO) svmabort(PO) svindexio(PO) usbx2(PO) ehcisched(PO) svheartbeat(PO) ioapic(PO) sv8259(PO) svintr(PO) lt(PO) pcierootport(PO) enginefwmod(PO) ata(PO) smbus(PO) spiflashcdf(PO) arden(PO) dsaiax(PO) oobmsmpunit(PO) cpm(PO) svkdb(PO) ebgpch(PO) pch(PO) sviotargets(PO) svbdf(PO) svmem(PO) svbios(PO) dram(PO) svtsc(PO) targets(PO) superio(PO) svkernel(PO) cswitch(PO) mcf(PO) pentiumIIImod(PO) fssvfs(PO) mdevdefdb(PO) svfsosservices(O) ixgbe mdio mdiodevres libphy emeraldrapidssvdefs(PO) regsupport(O) libnvdimm nlscp437 sndhdacodecrealtek sndhdacodecgeneric ledtrigaudio sndhdaintel sndinteldspcfg sndhdacodec sndhwdep x86pkgtempthermal sndhdacore sndpcm sndtimer isstifmboxpci [ 7678.784496] inputleds isstifmmio sg snd isstifcommon soundcore wmi button sad9(O) drm fuse backlight configfs efivarfs iptables xtables vmd sdhci ledclass rtl8150 r8152 hidgeneric pegasus mmcblock usbhid mmccore hid megaraidsas ixgb igb i2calgobit ice i40e hpsa scsitransportsas e1000e e1000 e100 ax88179178a usbnet xhcipci sdmod xhcihcd t10pi crc32cintel crc64rocksoft igc crc64 crct10dif usbcore crct10difgeneric ptp crct10difcommon usbcommon ppscore [ 7679.200403] RIP: 0010:devwatchdog+0x1ae/0x1f0 [ 7679.210201] Code: 28 e9 53 ff ff ff 4c 89 e7 c6 05 06 42 b9 00 01 e8 17 d1 fb ff 44 89 e9 4c 89 e6 48 c7 c7 40 ad fb 81 48 89 c2 e8 52 62 82 ff <0f> 0b e9 72 ff ff ff 65 8b 05 80 7d 7c 7e 89 c0 48 0f a3 05 0a c1 [ 7679.245438] RSP: 0018:ffa00000001f7d90 EFLAGS: 00010282 [ 7679.256021] RAX: 0000000000000000 RBX: ff11000109938440 RCX: 0000000000000000 [ 7679.268710] RDX: ff11000361e26cd8 RSI: ff11000361e1b880 RDI: ff11000361e1b880 [ 7679.281314] RBP: ffa00000001f7da8 R08: ff1100035f8fffe8 R09: 0000000000027ffb [ 7679.293840] R10: 0000000000001f0a R11: ff1100035f840000 R12: ff11000109938000 [ 7679.306276] R13: 0000000000000002 R14: dead000000000122 R15: ffa00000001f7e18 [ 7679.318648] FS: 0000000000000000(0000) GS:ff11000361e00000(0000) knlGS:0000000000000000 [ 7679.332064] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 7679.342757] CR2: 00007ffff7fca168 CR3: 000000013b08a006 CR4: 0000000000471ef8 [ 7679.354984] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 7679.367207] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400 [ 7679.379370] PKRU: 55555554 [ 7679.386446] Call Trace: [ 7679.393152] <TASK> [ 7679.399363] ? _pfxdevwatchdog+0x10/0x10 [ 7679.407870] calltimerfn+0x31/0x110 [ 7679.415698] e ---truncated---