summaryrefslogtreecommitdiff
path: root/target/linux/mediatek/patches-4.9/0055-net-ethernet-mediatek-avoid-potential-invalid-memory.patch
diff options
context:
space:
mode:
Diffstat (limited to 'target/linux/mediatek/patches-4.9/0055-net-ethernet-mediatek-avoid-potential-invalid-memory.patch')
-rw-r--r--target/linux/mediatek/patches-4.9/0055-net-ethernet-mediatek-avoid-potential-invalid-memory.patch31
1 files changed, 31 insertions, 0 deletions
diff --git a/target/linux/mediatek/patches-4.9/0055-net-ethernet-mediatek-avoid-potential-invalid-memory.patch b/target/linux/mediatek/patches-4.9/0055-net-ethernet-mediatek-avoid-potential-invalid-memory.patch
new file mode 100644
index 0000000..6598e82
--- /dev/null
+++ b/target/linux/mediatek/patches-4.9/0055-net-ethernet-mediatek-avoid-potential-invalid-memory.patch
@@ -0,0 +1,31 @@
+From a3360b3543b9fb833ba691019e396e72293a313f Mon Sep 17 00:00:00 2001
+From: John Crispin <john@phrozen.org>
+Date: Thu, 10 Aug 2017 16:31:45 +0200
+Subject: [PATCH 55/57] net: ethernet: mediatek: avoid potential invalid memory
+ access
+
+Potential dangerous invalid memory might be accessed if invalid mac value
+reflected from the forward port field in rxd4 caused by possible potential
+hardware defects. So added a simple sanity checker to avoid the kind of
+situation happening.
+
+Signed-off-by: Sean Wang <sean.wang@mediatek.com>
+Acked-by: John Crispin <john@phrozen.org>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+---
+ drivers/net/ethernet/mediatek/mtk_eth_soc.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+--- a/drivers/net/ethernet/mediatek/mtk_eth_soc.c
++++ b/drivers/net/ethernet/mediatek/mtk_eth_soc.c
+@@ -964,6 +964,10 @@ static int mtk_poll_rx(struct napi_struc
+ mac--;
+ }
+
++ if (unlikely(mac < 0 || mac >= MTK_MAC_COUNT ||
++ !eth->netdev[mac]))
++ goto release_desc;
++
+ netdev = eth->netdev[mac];
+
+ if (unlikely(test_bit(MTK_RESETTING, &eth->state)))