[SRU F/OEM-5.14/J/OEM-5.17 PATCH 0/3] CVE-2021-33061

[Cengiz Can]

[Impact]
Insufficient control flow management for the Intel(R) 82599 Ethernet
Controllers and Adapters may allow an authenticated user to potentially
enable denial of service via local access.

[Fix]
Patches were first introduced to net-next and were pulled to upstream.

Break commit has not been clearly identified so it's assumed that
it existed for a while.

"ixgbe: add improvement for MDD response functionality" is the actual
fix to the issue. Last patch in the series checks a flag that was
renamed in 5.17. After discussions, I decided to put an alias into the 
header and keep the fragments untouched.

[Test case]
Compile and boot tested on KVM only. Since I don't have access to the
target ethernet chip, testing scope was limited.

[Potential regression]
The checks that were added by the author are new and target specific
hardware IDs. Regression potential should be minimal.

The alias lines added to `mbx.h` (for < 5.17) should be removed if
commit 0edbecd57057 ever lands in on our kernels.

Slawomir Mrozowicz (3):
  ixgbe: add the ability for the PF to disable VF link state
  ixgbe: add improvement for MDD response functionality
  ixgbevf: add disable link state

 drivers/net/ethernet/intel/ixgbe/ixgbe.h      |   6 +
 .../net/ethernet/intel/ixgbe/ixgbe_ethtool.c  |  21 ++
 drivers/net/ethernet/intel/ixgbe/ixgbe_main.c |  39 +++-
 drivers/net/ethernet/intel/ixgbe/ixgbe_mbx.h  |   2 +
 .../net/ethernet/intel/ixgbe/ixgbe_sriov.c    | 207 ++++++++++++++----
 .../net/ethernet/intel/ixgbe/ixgbe_sriov.h    |   4 +-
 drivers/net/ethernet/intel/ixgbevf/ixgbevf.h  |   2 +
 .../net/ethernet/intel/ixgbevf/ixgbevf_main.c |  11 +-
 drivers/net/ethernet/intel/ixgbevf/mbx.h      |  12 +
 drivers/net/ethernet/intel/ixgbevf/vf.c       |  42 ++++
 drivers/net/ethernet/intel/ixgbevf/vf.h       |   1 +
 11 files changed, 301 insertions(+), 46 deletions(-)

-- 
2.34.1