From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8B8DCC64EC4 for ; Fri, 10 Mar 2023 14:37:26 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232660AbjCJOhZ (ORCPT ); Fri, 10 Mar 2023 09:37:25 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46522 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232637AbjCJOhW (ORCPT ); Fri, 10 Mar 2023 09:37:22 -0500 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0A723F6037 for ; Fri, 10 Mar 2023 06:36:56 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 95382B822BB for ; Fri, 10 Mar 2023 14:36:54 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id E5AC6C4339B; Fri, 10 Mar 2023 14:36:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1678459013; bh=TZb+Ln/vqJKypBMBTJ/WbrqzyFVVdxsMbtK+kgXNUwg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=GgqzqZBhpeg5kgOem6JyDlktHk2slPcbhNORzUr2fJDeBxE6ky2N5XZIw1TIf9YUo GiGoiJqsw4cOuAjCmrWEMkHTwoRqEJ7mAp4kT7QA0O0zq1Bzdup5IX2KGDGHCy6+Of APo13Qegqn91YpFcPDS3uX2FGR5n9EKxn7cOddco= From: Greg Kroah-Hartman To: stable@vger.kernel.org Cc: Greg Kroah-Hartman , patches@lists.linux.dev, Florian Fainelli , "David S. Miller" , Sasha Levin Subject: [PATCH 5.4 189/357] net: bcmgenet: Add a check for oversized packets Date: Fri, 10 Mar 2023 14:37:58 +0100 Message-Id: <20230310133743.077155747@linuxfoundation.org> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20230310133733.973883071@linuxfoundation.org> References: <20230310133733.973883071@linuxfoundation.org> User-Agent: quilt/0.67 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org From: Florian Fainelli [ Upstream commit 5c0862c2c962052ed5055220a00ac1cefb92fbcd ] Occasionnaly we may get oversized packets from the hardware which exceed the nomimal 2KiB buffer size we allocate SKBs with. Add an early check which drops the packet to avoid invoking skb_over_panic() and move on to processing the next packet. Signed-off-by: Florian Fainelli Signed-off-by: David S. Miller Signed-off-by: Sasha Levin --- drivers/net/ethernet/broadcom/genet/bcmgenet.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/drivers/net/ethernet/broadcom/genet/bcmgenet.c b/drivers/net/ethernet/broadcom/genet/bcmgenet.c index e03e2bfcc6a10..1b725a021455b 100644 --- a/drivers/net/ethernet/broadcom/genet/bcmgenet.c +++ b/drivers/net/ethernet/broadcom/genet/bcmgenet.c @@ -1823,6 +1823,14 @@ static unsigned int bcmgenet_desc_rx(struct bcmgenet_rx_ring *ring, __func__, p_index, ring->c_index, ring->read_ptr, dma_length_status); + if (unlikely(len > RX_BUF_LENGTH)) { + netif_err(priv, rx_status, dev, "oversized packet\n"); + dev->stats.rx_length_errors++; + dev->stats.rx_errors++; + dev_kfree_skb_any(skb); + goto next; + } + if (unlikely(!(dma_flag & DMA_EOP) || !(dma_flag & DMA_SOP))) { netif_err(priv, rx_status, dev, "dropping fragmented packet!\n"); -- 2.39.2