git.ipfire.org Git - thirdparty/linux.git/commit

author	Jakub Kicinski <kuba@kernel.org>
	Tue, 26 May 2026 15:35:33 +0000 (08:35 -0700)
committer	Jakub Kicinski <kuba@kernel.org>
	Thu, 28 May 2026 00:42:09 +0000 (17:42 -0700)
commit	67cfdd9210b99f260b3e0afeb9525e0acc7be31e
tree	5e68dab613ef2f1d5a977c6760f3e474f7be0ce2	tree \| snapshot
parent	2376586f85f972fefe701f095bb37dcfe7405d21	commit \| diff

ethtool: eeprom: add more safeties to EEPROM Netlink fallback

The Netlink fallback path for reading module EEPROM
(fallback_set_params()) validates that offset < eeprom_len,
but does not check that offset + length stays within eeprom_len.
The ioctl equivalent (ethtool_get_any_eeprom() in ioctl.c) has
always enforced both bounds:

if (eeprom.offset + eeprom.len > total_len)
return -EINVAL;

This could lead to surprises in both drivers and device FW.
Add the missing offset + length validation to fallback_set_params(),
mirroring the ioctl.

Similarly - ethtool core in general, and ethtool_get_any_eeprom()
in particular tries to zero-init all buffers passed to the drivers
to avoid any extra work of zeroing things out. eeprom_fallback()
uses a plain kmalloc(), change it to zalloc.

Fixes: 96d971e307cc ("ethtool: Add fallback to get_module_eeprom from netlink command")
Reviewed-by: Maxime Chevallier <maxime.chevallier@bootlin.com>
Link: https://patch.msgid.link/20260526153533.2779187-11-kuba@kernel.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>