lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <1465067829-1875-7-git-send-email-andrew@lunn.ch> Date: Sat, 4 Jun 2016 21:16:56 +0200 From: Andrew Lunn <andrew@...n.ch> To: David Miller <davem@...emloft.net>, Vivien Didelot <vivien.didelot@...oirfairelinux.com>, Florian Fainelli <f.fainelli@...il.com> Cc: netdev <netdev@...r.kernel.org>, Shawn Guo <shawnguo@...nel.org>, Andrew Lunn <andrew@...n.ch> Subject: [PATCHv2 net-next 04/17] net: dsa: tag_{e}dsa.c: Remove dependency on platform data The platform data nr_chips is used when validating a received packet, to ensure it comes from a know switch chip. The number of possible switches is limited to DSA_MAX_SWITCHES, so use this as the first validation step. The new binding allows holes in the dst->ds[] array, so also ensure ensure there is a valid dsa_switch for this packet. Signed-off-by: Andrew Lunn <andrew@...n.ch> Reviewed-by: Florian Fainelli <f.fainelli@...il.com> Reviewed-by: Vivien Didelot <vivien.didelot@...oirfairelinux.com> --- net/dsa/tag_dsa.c | 6 +++++- net/dsa/tag_edsa.c | 6 +++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/net/dsa/tag_dsa.c b/net/dsa/tag_dsa.c index aa780e4ac0bd..f9832f097681 100644 --- a/net/dsa/tag_dsa.c +++ b/net/dsa/tag_dsa.c @@ -107,9 +107,13 @@ static int dsa_rcv(struct sk_buff *skb, struct net_device *dev, * Check that the source device exists and that the source * port is a registered DSA port. */ - if (source_device >= dst->pd->nr_chips) + if (source_device >= DSA_MAX_SWITCHES) goto out_drop; + ds = dst->ds[source_device]; + if (!ds) + goto out_drop; + if (source_port >= DSA_MAX_PORTS || ds->ports[source_port] == NULL) goto out_drop; diff --git a/net/dsa/tag_edsa.c b/net/dsa/tag_edsa.c index 2288c8098c42..3890aac8190f 100644 --- a/net/dsa/tag_edsa.c +++ b/net/dsa/tag_edsa.c @@ -120,9 +120,13 @@ static int edsa_rcv(struct sk_buff *skb, struct net_device *dev, * Check that the source device exists and that the source * port is a registered DSA port. */ - if (source_device >= dst->pd->nr_chips) + if (source_device >= DSA_MAX_SWITCHES) goto out_drop; + ds = dst->ds[source_device]; + if (!ds) + goto out_drop; + if (source_port >= DSA_MAX_PORTS || ds->ports[source_port] == NULL) goto out_drop; -- 2.8.1
Powered by blists - more mailing lists