| From foo@baz Sat 16 May 2020 02:04:40 PM CEST |
| From: Dan Carpenter <dan.carpenter@oracle.com> |
| Date: Fri, 8 May 2020 17:37:20 +0300 |
| Subject: dpaa2-eth: prevent array underflow in update_cls_rule() |
| |
| From: Dan Carpenter <dan.carpenter@oracle.com> |
| |
| [ Upstream commit 6d32a5119811d2e9b5caa284181944c6f1f192ed ] |
| |
| The "location" is controlled by the user via the ethtool_set_rxnfc() |
| function. This update_cls_rule() function checks for array overflows |
| but it doesn't check if the value is negative. I have changed the type |
| to unsigned to prevent array underflows. |
| |
| Fixes: afb90dbb5f78 ("dpaa2-eth: Add ethtool support for flow classification") |
| Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> |
| Signed-off-by: Jakub Kicinski <kuba@kernel.org> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| --- |
| drivers/net/ethernet/freescale/dpaa2/dpaa2-ethtool.c | 2 +- |
| 1 file changed, 1 insertion(+), 1 deletion(-) |
| |
| --- a/drivers/net/ethernet/freescale/dpaa2/dpaa2-ethtool.c |
| +++ b/drivers/net/ethernet/freescale/dpaa2/dpaa2-ethtool.c |
| @@ -625,7 +625,7 @@ static int num_rules(struct dpaa2_eth_pr |
| |
| static int update_cls_rule(struct net_device *net_dev, |
| struct ethtool_rx_flow_spec *new_fs, |
| - int location) |
| + unsigned int location) |
| { |
| struct dpaa2_eth_priv *priv = netdev_priv(net_dev); |
| struct dpaa2_eth_cls_rule *rule; |
