Commit 09bccf56 authored by Lorenzo Bianconi's avatar Lorenzo Bianconi Committed by Jakub Kicinski
Browse files

net: airoha: Validate egress gdm port in airoha_ppe_foe_entry_prepare() 



Dev pointer in airoha_ppe_foe_entry_prepare routine is not strictly
a device allocated by airoha_eth driver since it is an egress device
and the flowtable can contain even wlan, pppoe or vlan devices. E.g:

flowtable ft {
        hook ingress priority filter
        devices = { eth1, lan1, lan2, lan3, lan4, wlan0 }
        flags offload                               ^
                                                    |
                     "not allocated by airoha_eth" --
}

In this case airoha_get_dsa_port() will just return the original device
pointer and we can't assume netdev priv pointer points to an
airoha_gdm_port struct.
Fix the issue validating egress gdm port in airoha_ppe_foe_entry_prepare
routine before accessing net_device priv pointer.

Fixes: 00a76783 ("net: airoha: Introduce flowtable offload support")
Signed-off-by: default avatarLorenzo Bianconi <lorenzo@kernel.org>
Reviewed-by: default avatarSimon Horman <horms@kernel.org>
Link: https://patch.msgid.link/20250401-airoha-validate-egress-gdm-port-v4-1-c7315d33ce10@kernel.org


Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
parent a58d8828

drivers/net/ethernet/airoha/airoha_eth.c

+13 −0
Original line number Diff line number Diff line
@@ -2454,6 +2454,19 @@ static void airoha_metadata_dst_free(struct airoha_gdm_port *port) 
	}

}



bool airoha_is_valid_gdm_port(struct airoha_eth *eth,

			      struct airoha_gdm_port *port)

{

	int i;



	for (i = 0; i < ARRAY_SIZE(eth->ports); i++) {

		if (eth->ports[i] == port)

			return true;

	}



	return false;

}



static int airoha_alloc_gdm_port(struct airoha_eth *eth,

				 struct device_node *np, int index)

{

drivers/net/ethernet/airoha/airoha_eth.h

+3 −0
Original line number Diff line number Diff line
@@ -532,6 +532,9 @@ u32 airoha_rmw(void __iomem *base, u32 offset, u32 mask, u32 val); 
#define airoha_qdma_clear(qdma, offset, val)			\

	airoha_rmw((qdma)->regs, (offset), (val), 0)



bool airoha_is_valid_gdm_port(struct airoha_eth *eth,

			      struct airoha_gdm_port *port);



void airoha_ppe_check_skb(struct airoha_ppe *ppe, u16 hash);

int airoha_ppe_setup_tc_block_cb(enum tc_setup_type type, void *type_data,

				 void *cb_priv);

drivers/net/ethernet/airoha/airoha_ppe.c

+6 −2
Original line number Diff line number Diff line
@@ -197,7 +197,8 @@ static int airoha_get_dsa_port(struct net_device **dev) 
#endif

}



static int airoha_ppe_foe_entry_prepare(struct airoha_foe_entry *hwe,

static int airoha_ppe_foe_entry_prepare(struct airoha_eth *eth,

					struct airoha_foe_entry *hwe,

					struct net_device *dev, int type,

					struct airoha_flow_data *data,

					int l4proto)
@@ -225,6 +226,9 @@ static int airoha_ppe_foe_entry_prepare(struct airoha_foe_entry *hwe, 
		struct airoha_gdm_port *port = netdev_priv(dev);

		u8 pse_port;



		if (!airoha_is_valid_gdm_port(eth, port))

			return -EINVAL;



		if (dsa_port >= 0)

			pse_port = port->id == 4 ? FE_PSE_PORT_GDM4 : port->id;

		else
@@ -633,7 +637,7 @@ static int airoha_ppe_flow_offload_replace(struct airoha_gdm_port *port, 
	    !is_valid_ether_addr(data.eth.h_dest))

		return -EINVAL;



	err = airoha_ppe_foe_entry_prepare(&hwe, odev, offload_type,

	err = airoha_ppe_foe_entry_prepare(eth, &hwe, odev, offload_type,

					   &data, l4proto);

	if (err)

		return err;