diff options
| author |   Pieter Jansen van Vuuren <pieter.jansenvanvuuren@netronome.com> | 2017-10-25 11:47:05 -0700 |
|---|---|---|
| committer |   David S. Miller <davem@davemloft.net> | 2017-10-26 10:07:14 +0900 |
| commit | d309ae5c6a00648198d1932e6db483d612c2e260 (patch) | |
| tree | e0fe91c236c7271ba1f20ff62346f83eabc1f2d0 /drivers/net | |
| parent | net/unix: don't show information about sockets from other namespaces (diff) | |
| download | linux-dev-d309ae5c6a00648198d1932e6db483d612c2e260.tar.xz linux-dev-d309ae5c6a00648198d1932e6db483d612c2e260.zip | |
nfp: refuse offloading filters that redirects to upper devices
Previously we did not ensure that a netdev is a representative netdev
before dereferencing its private data. This can occur when an upper netdev
is created on a representative netdev. This patch corrects this by first
ensuring that the netdev is a representative netdev before using it.
Checking only switchdev_port_same_parent_id is not sufficient to ensure
that we can safely use the netdev. Failing to check that the netdev is also
a representative netdev would result in incorrect dereferencing.
Fixes: 1a1e586f54bf ("nfp: add basic action capabilities to flower offloads")
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Signed-off-by: Pieter Jansen van Vuuren <pieter.jansenvanvuuren@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'drivers/net')
| -rw-r--r-- | drivers/net/ethernet/netronome/nfp/flower/action.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/drivers/net/ethernet/netronome/nfp/flower/action.c b/drivers/net/ethernet/netronome/nfp/flower/action.c index db9750695dc7..8ea9320014ee 100644 --- a/drivers/net/ethernet/netronome/nfp/flower/action.c +++ b/drivers/net/ethernet/netronome/nfp/flower/action.c @@ -110,6 +110,8 @@ nfp_fl_output(struct nfp_fl_output *output, const struct tc_action *action, */ if (!switchdev_port_same_parent_id(in_dev, out_dev)) return -EOPNOTSUPP; + if (!nfp_netdev_is_nfp_repr(out_dev)) + return -EOPNOTSUPP; output->port = cpu_to_be32(nfp_repr_get_port_id(out_dev)); if (!output->port) |