bpf.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Jakob Koschel <jakobkoschel@gmail.com>
To: "David S. Miller" <davem@davemloft.net>
Cc: Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com>,
	Andrew Lunn <andrew@lunn.ch>,
	Vivien Didelot <vivien.didelot@gmail.com>,
	Florian Fainelli <f.fainelli@gmail.com>,
	Vladimir Oltean <olteanv@gmail.com>,
	Lars Povlsen <lars.povlsen@microchip.com>,
	Steen Hegelund <Steen.Hegelund@microchip.com>,
	UNGLinuxDriver@microchip.com, Ariel Elior <aelior@marvell.com>,
	Manish Chopra <manishc@marvell.com>,
	Edward Cree <ecree.xilinx@gmail.com>,
	Martin Habets <habetsm.xilinx@gmail.com>,
	Michael Ellerman <mpe@ellerman.id.au>,
	Benjamin Herrenschmidt <benh@kernel.crashing.org>,
	Paul Mackerras <paulus@samba.org>, Jiri Pirko <jiri@resnulli.us>,
	Alexei Starovoitov <ast@kernel.org>,
	Daniel Borkmann <daniel@iogearbox.net>,
	Andrii Nakryiko <andrii@kernel.org>,
	Martin KaFai Lau <kafai@fb.com>, Song Liu <songliubraving@fb.com>,
	Yonghong Song <yhs@fb.com>,
	John Fastabend <john.fastabend@gmail.com>,
	KP Singh <kpsingh@kernel.org>,
	Casper Andersson <casper.casan@gmail.com>,
	Jakob Koschel <jakobkoschel@gmail.com>,
	Arnd Bergmann <arnd@arndb.de>, Jason Gunthorpe <jgg@ziepe.ca>,
	Christophe JAILLET <christophe.jaillet@wanadoo.fr>,
	Colin Ian King <colin.king@intel.com>,
	Eric Dumazet <edumazet@google.com>, Xu Wang <vulab@iscas.ac.cn>,
	netdev@vger.kernel.org, linux-kernel@vger.kernel.org,
	linux-arm-kernel@lists.infradead.org,
	linuxppc-dev@lists.ozlabs.org, bpf@vger.kernel.org,
	Mike Rapoport <rppt@kernel.org>,
	"Brian Johannesmeyer" <bjohannesmeyer@gmail.com>,
	Cristiano Giuffrida <c.giuffrida@vu.nl>,
	"Bos, H.J." <h.j.bos@vu.nl>,
	Vladimir Oltean <vladimir.oltean@nxp.com>
Subject: [PATCH net-next v5 06/18] net: dsa: mv88e6xxx: refactor mv88e6xxx_port_vlan()
Date: Wed, 27 Apr 2022 18:06:23 +0200	[thread overview]
Message-ID: <20220427160635.420492-7-jakobkoschel@gmail.com> (raw)
In-Reply-To: <20220427160635.420492-1-jakobkoschel@gmail.com>

From: Vladimir Oltean <vladimir.oltean@nxp.com>

To avoid bugs and speculative execution exploits due to type-confused
pointers at the end of a list_for_each_entry() loop, one measure is to
restrict code to not use the iterator variable outside the loop block.

In the case of mv88e6xxx_port_vlan(), this isn't a problem, as we never
let the loops exit through "natural causes" anyway, by using a "found"
variable and then using the last "dp" iterator prior to the break, which
is a safe thing to do.

Nonetheless, with the expected new syntax, this pattern will no longer
be possible.

Profit off of the occasion and break the two port finding methods into
smaller sub-functions. Somehow, returning a copy of the iterator pointer
is still accepted.

This change makes it redundant to have a "bool found", since the "dp"
from mv88e6xxx_port_vlan() now holds NULL if we haven't found what we
were looking for.

Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
Signed-off-by: Jakob Koschel <jakobkoschel@gmail.com>
Reviewed-by: Florian Fainelli <f.fainelli@gmail.com>
---
 drivers/net/dsa/mv88e6xxx/chip.c | 54 ++++++++++++++++++--------------
 1 file changed, 31 insertions(+), 23 deletions(-)

diff --git a/drivers/net/dsa/mv88e6xxx/chip.c b/drivers/net/dsa/mv88e6xxx/chip.c
index b3aa0e5bc842..1f35e89053e6 100644
--- a/drivers/net/dsa/mv88e6xxx/chip.c
+++ b/drivers/net/dsa/mv88e6xxx/chip.c
@@ -1378,42 +1378,50 @@ static int mv88e6xxx_set_mac_eee(struct dsa_switch *ds, int port,
 	return 0;
 }
 
+static struct dsa_port *mv88e6xxx_find_port(struct dsa_switch_tree *dst,
+					    int sw_index, int port)
+{
+	struct dsa_port *dp;
+
+	list_for_each_entry(dp, &dst->ports, list)
+		if (dp->ds->index == sw_index && dp->index == port)
+			return dp;
+
+	return NULL;
+}
+
+static struct dsa_port *
+mv88e6xxx_find_port_by_bridge_num(struct dsa_switch_tree *dst,
+				  unsigned int bridge_num)
+{
+	struct dsa_port *dp;
+
+	list_for_each_entry(dp, &dst->ports, list)
+		if (dsa_port_bridge_num_get(dp) == bridge_num)
+			return dp;
+
+	return NULL;
+}
+
 /* Mask of the local ports allowed to receive frames from a given fabric port */
 static u16 mv88e6xxx_port_vlan(struct mv88e6xxx_chip *chip, int dev, int port)
 {
 	struct dsa_switch *ds = chip->ds;
 	struct dsa_switch_tree *dst = ds->dst;
 	struct dsa_port *dp, *other_dp;
-	bool found = false;
 	u16 pvlan;
 
-	/* dev is a physical switch */
 	if (dev <= dst->last_switch) {
-		list_for_each_entry(dp, &dst->ports, list) {
-			if (dp->ds->index == dev && dp->index == port) {
-				/* dp might be a DSA link or a user port, so it
-				 * might or might not have a bridge.
-				 * Use the "found" variable for both cases.
-				 */
-				found = true;
-				break;
-			}
-		}
-	/* dev is a virtual bridge */
+		/* dev is a physical switch */
+		dp = mv88e6xxx_find_port(dst, dev, port);
 	} else {
-		list_for_each_entry(dp, &dst->ports, list) {
-			unsigned int bridge_num = dsa_port_bridge_num_get(dp);
-
-			if (bridge_num + dst->last_switch != dev)
-				continue;
-
-			found = true;
-			break;
-		}
+		/* dev is a virtual bridge */
+		dp = mv88e6xxx_find_port_by_bridge_num(dst,
+						       dev - dst->last_switch);
 	}
 
 	/* Prevent frames from unknown switch or virtual bridge */
-	if (!found)
+	if (!dp)
 		return 0;
 
 	/* Frames from DSA links and CPU ports can egress any local port */
-- 
2.25.1


  parent reply	other threads:[~2022-04-27 16:09 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-04-27 16:06 [PATCH net-next v5 00/18] Remove use of list iterator after loop body Jakob Koschel
2022-04-27 16:06 ` [PATCH net-next v5 01/18] connector: Replace usage of found with dedicated list iterator variable Jakob Koschel
2022-04-27 16:06 ` [PATCH net-next v5 02/18] net: dsa: sja1105: remove use of iterator after list_for_each_entry() loop Jakob Koschel
2022-04-27 16:06 ` [PATCH net-next v5 03/18] net: dsa: sja1105: reorder sja1105_first_entry_longer_than with memory allocation Jakob Koschel
2022-04-27 16:06 ` [PATCH net-next v5 04/18] net: dsa: sja1105: use list_add_tail(pos) instead of list_add(pos->prev) Jakob Koschel
2022-04-27 16:06 ` [PATCH net-next v5 05/18] net: dsa: mv88e6xxx: remove redundant check in mv88e6xxx_port_vlan() Jakob Koschel
2022-04-27 16:06 ` Jakob Koschel [this message]
2022-04-27 16:06 ` [PATCH net-next v5 07/18] net: dsa: Replace usage of found with dedicated list iterator variable Jakob Koschel
2022-04-27 16:06 ` [PATCH net-next v5 08/18] net: sparx5: " Jakob Koschel
2022-04-28  9:32   ` Paolo Abeni
2022-04-27 16:06 ` [PATCH net-next v5 09/18] qed: Use " Jakob Koschel
2022-04-27 16:06 ` [PATCH net-next v5 10/18] qed: Replace usage of found with " Jakob Koschel
2022-04-27 16:06 ` [PATCH net-next v5 11/18] qed: Remove usage of list iterator variable after the loop Jakob Koschel
2022-04-27 16:06 ` [PATCH net-next v5 12/18] net: qede: Replace usage of found with dedicated list iterator variable Jakob Koschel
2022-04-27 16:06 ` [PATCH net-next v5 13/18] net: qede: Remove check of list iterator against head past the loop body Jakob Koschel
2022-04-27 16:06 ` [PATCH net-next v5 14/18] sfc: Remove usage of list iterator for list_add() after " Jakob Koschel
2022-04-27 16:06 ` [PATCH net-next v5 15/18] net: netcp: Remove usage of list iterator for list_add() after " Jakob Koschel
2022-04-27 16:06 ` [PATCH net-next v5 16/18] ps3_gelic: Replace usage of found with dedicated list iterator variable Jakob Koschel
2022-04-27 16:06 ` [PATCH net-next v5 17/18] ipvlan: Remove usage of list iterator variable for the loop body Jakob Koschel
2022-04-27 16:06 ` [PATCH net-next v5 18/18] team: Remove use of list iterator variable for list_for_each_entry_from() Jakob Koschel

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220427160635.420492-7-jakobkoschel@gmail.com \
    --to=jakobkoschel@gmail.com \
    --cc=Steen.Hegelund@microchip.com \
    --cc=UNGLinuxDriver@microchip.com \
    --cc=aelior@marvell.com \
    --cc=andrew@lunn.ch \
    --cc=andrii@kernel.org \
    --cc=arnd@arndb.de \
    --cc=ast@kernel.org \
    --cc=benh@kernel.crashing.org \
    --cc=bjohannesmeyer@gmail.com \
    --cc=bpf@vger.kernel.org \
    --cc=c.giuffrida@vu.nl \
    --cc=casper.casan@gmail.com \
    --cc=christophe.jaillet@wanadoo.fr \
    --cc=colin.king@intel.com \
    --cc=daniel@iogearbox.net \
    --cc=davem@davemloft.net \
    --cc=ecree.xilinx@gmail.com \
    --cc=edumazet@google.com \
    --cc=f.fainelli@gmail.com \
    --cc=h.j.bos@vu.nl \
    --cc=habetsm.xilinx@gmail.com \
    --cc=jgg@ziepe.ca \
    --cc=jiri@resnulli.us \
    --cc=john.fastabend@gmail.com \
    --cc=kafai@fb.com \
    --cc=kpsingh@kernel.org \
    --cc=kuba@kernel.org \
    --cc=lars.povlsen@microchip.com \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linuxppc-dev@lists.ozlabs.org \
    --cc=manishc@marvell.com \
    --cc=mpe@ellerman.id.au \
    --cc=netdev@vger.kernel.org \
    --cc=olteanv@gmail.com \
    --cc=pabeni@redhat.com \
    --cc=paulus@samba.org \
    --cc=rppt@kernel.org \
    --cc=songliubraving@fb.com \
    --cc=vivien.didelot@gmail.com \
    --cc=vladimir.oltean@nxp.com \
    --cc=vulab@iscas.ac.cn \
    --cc=yhs@fb.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).