dsa_port_from_netdev() may return a valid port from a different switch
chip. Programming another chip's port index into the local hardware
causes redirection to the wrong port, or an out-of-bounds access if the
index exceeds the local chip's port count.
Apply a minimal fix that adds a check to catch this case and adjusts the
extack message. When cls->common.skip_sw is not set, the operation could
instead redirect to the upstream port and let the software or upstream
switch(es) handle the forward, but that is not addressed here.
Signed-off-by: David Yang <mmyangfl@gmail.com>
Reviewed-by: Vladimir Oltean <olteanv@gmail.com>
---
v1: https://lore.kernel.org/r/20260528203549.1918040-1-mmyangfl@gmail.com
- rewrite commit message
drivers/net/dsa/sja1105/sja1105_flower.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/net/dsa/sja1105/sja1105_flower.c b/drivers/net/dsa/sja1105/sja1105_flower.c
index fba926f85b47..7547999a113f 100644
--- a/drivers/net/dsa/sja1105/sja1105_flower.c
+++ b/drivers/net/dsa/sja1105/sja1105_flower.c
@@ -391,9 +391,9 @@ int sja1105_cls_flower_add(struct dsa_switch *ds, int port,
struct dsa_port *to_dp;
to_dp = dsa_port_from_netdev(act->dev);
- if (IS_ERR(to_dp)) {
+ if (IS_ERR(to_dp) || to_dp->ds != ds) {
NL_SET_ERR_MSG_MOD(extack,
- "Destination not a switch port");
+ "Destination not a local switch port");
return -EOPNOTSUPP;
}
--
2.53.0