From: Petr Machata Date: Mon, 8 Jul 2024 14:23:40 +0000 (+0200) Subject: mlxsw: Warn about invalid accesses to array fields X-Git-Tag: v6.11-rc1~163^2~61^2~2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b45c76e5f43fa66868e874a42a29bd0288a5ddce;p=thirdparty%2Fkernel%2Flinux.git mlxsw: Warn about invalid accesses to array fields A forgotten or buggy variable initialization can cause out-of-bounds access to a register or other item array field. For an overflow, such access would mangle adjacent parts of the register payload. For an underflow, due to all variables being unsigned, the access would likely trample unrelated memory. Since neither is correct, replace these accesses with accesses at the index of 0, and warn about the issue. Suggested-by: Ido Schimmel Signed-off-by: Petr Machata Reviewed-by: Ido Schimmel Reviewed-by: Przemek Kitszel Link: https://patch.msgid.link/b988fb265c2f6c1206fe12d5bfdcfa188b7672d1.1720447210.git.petrm@nvidia.com Signed-off-by: Jakub Kicinski --- diff --git a/drivers/net/ethernet/mellanox/mlxsw/item.h b/drivers/net/ethernet/mellanox/mlxsw/item.h index cfafbeb425863..a619a0736bd15 100644 --- a/drivers/net/ethernet/mellanox/mlxsw/item.h +++ b/drivers/net/ethernet/mellanox/mlxsw/item.h @@ -218,6 +218,10 @@ __mlxsw_item_bit_array_offset(const struct mlxsw_item *item, } max_index = (item->size.bytes << 3) / item->element_size - 1; + if (WARN_ONCE(index > max_index, + "name=%s,index=%u,max_index=%u\n", item->name, index, + max_index)) + index = 0; be_index = max_index - index; offset = be_index * item->element_size >> 3; in_byte_index = index % (BITS_PER_BYTE / item->element_size);