2021-08-05 10:17:59

by Grygorii Strashko

Subject: [PATCH] net: ethernet: ti: am65-cpsw: fix crash in am65_cpsw_port_offload_fwd_mark_update()

The am65_cpsw_port_offload_fwd_mark_update() causes NULL exception crash
when there is at least one disabled port and any other port added to the
bridge first time.

Unable to handle kernel NULL pointer dereference at virtual address 0000000000000858
pc : am65_cpsw_port_offload_fwd_mark_update+0x54/0x68
lr : am65_cpsw_netdevice_event+0x8c/0xf0
Call trace:
am65_cpsw_port_offload_fwd_mark_update+0x54/0x68
notifier_call_chain+0x54/0x98
raw_notifier_call_chain+0x14/0x20
call_netdevice_notifiers_info+0x34/0x78
__netdev_upper_dev_link+0x1c8/0x290
netdev_master_upper_dev_link+0x1c/0x28
br_add_if+0x3f0/0x6d0 [bridge]

Fix it by adding proper check for port->ndev != NULL.

Fixes: 2934db9bcb30 ("net: ti: am65-cpsw-nuss: Add netdevice notifiers")
Signed-off-by: Grygorii Strashko <[email protected]>
---
drivers/net/ethernet/ti/am65-cpsw-nuss.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/drivers/net/ethernet/ti/am65-cpsw-nuss.c b/drivers/net/ethernet/ti/am65-cpsw-nuss.c
index 718539cdd2f2..67a08cbba859 100644
--- a/drivers/net/ethernet/ti/am65-cpsw-nuss.c
+++ b/drivers/net/ethernet/ti/am65-cpsw-nuss.c
@@ -2060,8 +2060,12 @@ static void am65_cpsw_port_offload_fwd_mark_update(struct am65_cpsw_common *comm

for (i = 1; i <= common->port_num; i++) {
struct am65_cpsw_port *port = am65_common_get_port(common, i);
- struct am65_cpsw_ndev_priv *priv = am65_ndev_to_priv(port->ndev);
+ struct am65_cpsw_ndev_priv *priv;

+ if (!port->ndev)
+ continue;
+
+ priv = am65_ndev_to_priv(port->ndev);
priv->offload_fwd_mark = set_val;
}
}
--
2.17.1

2021-08-05 14:00:56

by patchwork-bot+netdevbpf

Subject: Re: [PATCH] net: ethernet: ti: am65-cpsw: fix crash in am65_cpsw_port_offload_fwd_mark_update()

Hello:

This patch was applied to netdev/net.git (refs/heads/master):

On Thu, 5 Aug 2021 13:14:09 +0300 you wrote:
> The am65_cpsw_port_offload_fwd_mark_update() causes NULL exception crash
> when there is at least one disabled port and any other port added to the
> bridge first time.
>
> Unable to handle kernel NULL pointer dereference at virtual address 0000000000000858
> pc : am65_cpsw_port_offload_fwd_mark_update+0x54/0x68
> lr : am65_cpsw_netdevice_event+0x8c/0xf0
> Call trace:
> am65_cpsw_port_offload_fwd_mark_update+0x54/0x68
> notifier_call_chain+0x54/0x98
> raw_notifier_call_chain+0x14/0x20
> call_netdevice_notifiers_info+0x34/0x78
> __netdev_upper_dev_link+0x1c8/0x290
> netdev_master_upper_dev_link+0x1c/0x28
> br_add_if+0x3f0/0x6d0 [bridge]
>
> [...]

Here is the summary with links:
- net: ethernet: ti: am65-cpsw: fix crash in am65_cpsw_port_offload_fwd_mark_update()
https://git.kernel.org/netdev/net/c/ae03d189bae3

You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html