Received: by 2002:ac0:a594:0:0:0:0:0 with SMTP id m20-v6csp1961487imm; Thu, 24 May 2018 03:39:11 -0700 (PDT) X-Google-Smtp-Source: AB8JxZrurBBG8pWdcd7ec4Zg8QsUW5uA/sYvqc1sWzEAohdSE7IRELYlX5a4eEUZRMp9YYtJ4j41 X-Received: by 2002:a17:902:aa03:: with SMTP id be3-v6mr6768095plb.61.1527158351274; Thu, 24 May 2018 03:39:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527158351; cv=none; d=google.com; s=arc-20160816; b=txb0vF5gBYICDBNADuJkobi+cm3GfHZ16HVLY4qTOughjUQFs/sXNXK/3dx7hR7pjh v1RZjOvAR9svkRH6xDDlgXErg61WJQ5lzrzs9+tQ4B91tpNGqyrWQCy+As14fLNj3NOm GksqnBNLSWSFTCagrAZtZ3bOP09hWo0iZQK9aw/h0LmK6B8KR8HBzaWTG2ThXCh0IyB3 rspk/JIXQLmgsIQl7/Gwix00/rMoKDYMKAml5qSRuw/gY75A2SL9w5BO1EaBLXwQnuoH EGcJTfTsqibkX97iYCF7nnKh8oDVQ+6jcmqUFJnIZow1DJG3zRu8F4D0HwLjMTGaZ/8U BagA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature :arc-authentication-results; bh=u2LBa2T9uIuVBuDUvYGOFgknZdzUAvJIi8hXzpebKTQ=; b=xhuNYR+i8infAI9/N1DbwQjUA5YyCTt4giML30+xcBxdWnkhCmf9W959ZaWs2VLNSt 2pe5pVX2Bt79rX3glcWmnhfbCUPNcZSeD2AtaSUZ3HAx9l3LIlxrawgGgA8wDt0gNJqq ZvOfw0xUQWhnKZ8+ATAtkWZqp54nfTAnmbwMOBRd/DwHKr+O7FJWZ4ySSMt/WVUKd1Gc N/rI2EoOiqfKkPbrpjYrourqBTpcwlnYlYgOUUfke5n9L6IkAvLL4cgcBDZN+2rh4bzi BJmqG7t4NGB0ps+D3giyaATIJofZTesy8nJSLbiIxtSh9xBZkja0DXExFVKE94tlwTxB tj1A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=KOmX1NJt; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s7-v6si20084065pfm.85.2018.05.24.03.38.56; Thu, 24 May 2018 03:39:11 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=KOmX1NJt; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1030782AbeEXJ7f (ORCPT + 99 others); Thu, 24 May 2018 05:59:35 -0400 Received: from mail.kernel.org ([198.145.29.99]:40432 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1030519AbeEXJ73 (ORCPT ); Thu, 24 May 2018 05:59:29 -0400 Received: from localhost (LFbn-1-12247-202.w90-92.abo.wanadoo.fr [90.92.61.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 1773B2088E; Thu, 24 May 2018 09:59:27 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1527155968; bh=bpGLdmwUEpdVfpiPM2Z4ORjSA6DX2rn84CZM5kxyyvg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=KOmX1NJtIS4q6PN9W5AhOuxFBgCQkATN5ZEP+wAngq60pMRfTpsYeuw87oZTsoBFq /PGswnPBV8awp4td4QP3nefWRYWhb0rlKzaneLTo/C03I6YM1sPC7suuVXs0W1qvBp kP0CRWCfYXjxin5WPmiLLaTnr14Z+yVhfyfBQEuk= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Florian Fainelli , "David S. Miller" Subject: [PATCH 4.16 017/161] net: dsa: bcm_sf2: Fix IPv6 rule half deletion Date: Thu, 24 May 2018 11:37:22 +0200 Message-Id: <20180524093020.418598043@linuxfoundation.org> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20180524093018.331893860@linuxfoundation.org> References: <20180524093018.331893860@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.16-stable review patch. If anyone has any objections, please let me know. ------------------ From: Florian Fainelli [ Upstream commit 1942adf64214df370350aa46954ba27654456f68 ] It was possible to delete only one half of an IPv6, which would leave the second half still programmed and possibly in use. Instead of checking for the unused bitmap, we need to check the unique bitmap, and refuse any deletion that does not match that criteria. We also need to move that check from bcm_sf2_cfp_rule_del_one() into its caller: bcm_sf2_cfp_rule_del() otherwise we would not be able to delete second halves anymore that would not pass the first test. Fixes: ba0696c22e7c ("net: dsa: bcm_sf2: Add support for IPv6 CFP rules") Signed-off-by: Florian Fainelli Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman --- drivers/net/dsa/bcm_sf2_cfp.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) --- a/drivers/net/dsa/bcm_sf2_cfp.c +++ b/drivers/net/dsa/bcm_sf2_cfp.c @@ -790,10 +790,6 @@ static int bcm_sf2_cfp_rule_del_one(stru int ret; u32 reg; - /* Refuse deletion of unused rules, and the default reserved rule */ - if (!test_bit(loc, priv->cfp.used) || loc == 0) - return -EINVAL; - /* Indicate which rule we want to read */ bcm_sf2_cfp_rule_addr_set(priv, loc); @@ -831,6 +827,13 @@ static int bcm_sf2_cfp_rule_del(struct b u32 next_loc = 0; int ret; + /* Refuse deleting unused rules, and those that are not unique since + * that could leave IPv6 rules with one of the chained rule in the + * table. + */ + if (!test_bit(loc, priv->cfp.unique) || loc == 0) + return -EINVAL; + ret = bcm_sf2_cfp_rule_del_one(priv, port, loc, &next_loc); if (ret) return ret;