Linux Kernel OcteonTX2 Sticky Mode Vulnerability Workaround

A vulnerability in the Linux kernel's handling of the OcteonTX2 NIX SQ manager's sticky mode has been addressed. This mode can cause stalls when multiple send queues (SQs) share a single shared memory queue (SMQ) and transmit simultaneously. Additionally, transitions between sticky and non-sticky transmissions can lead to deadlocks in the Packet Service Engine (PSE). There is also a credit drop issue when certain condition clocks are gated. The vulnerability has been mitigated by disabling the sticky operation, preventing problematic transitions, and addressing the credit drop issue by keeping the control-flow clock enabled. These changes are applied through the NIX_AF_SQM_DBG_CTL_STATUS control register.

Impact

The workaround maintains forward progress under load without losing credits, but at the expense of disabling sticky optimizations, which could affect performance in certain scenarios.

Reproduction

The vulnerability can be reproduced by enabling the NIX SQ manager's sticky mode operation, which is known to cause stalls when multiple SQs are mapped to the same SMQ and transmit packets simultaneously. This can be done by configuring the SQs to share an SMQ and then initiating concurrent transmissions. The resulting stalls can be observed in the network performance, along with potential deadlocks in the PSE when transitioning between sticky and non-sticky transmissions.

Remediation

Users can apply the available workaround by disabling the SQ manager's sticky operation, clearing the appropriate bits in the NIX_AF_SQM_DBG_CTL_STATUS register, and enabling the control-flow clock to prevent credit drops.