net: dsa: sja1105: flower: reject cross-chip redirect

dsa_port_from_netdev() may return a valid port from a different switch
chip. Programming another chip's port index into the local hardware
causes redirection to the wrong port, or an out-of-bounds access if the
index exceeds the local chip's port count.

Apply a minimal fix that adds a check to catch this case and adjusts the
extack message. When cls->common.skip_sw is not set, the operation could
instead redirect to the upstream port and let the software or upstream
switch(es) handle the forward, but that is not addressed here.

Signed-off-by: David Yang <mmyangfl@gmail.com>
Reviewed-by: Vladimir Oltean <olteanv@gmail.com>
Link: https://patch.msgid.link/20260530003940.2000994-1-mmyangfl@gmail.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

diff --git a/drivers/net/dsa/sja1105/sja1105_flower.c b/drivers/net/dsa/sja1105/sja1105_flower.c
index fba926f85b47453742d409008e61487d4e3f77f7..7547999a113f700e5f36eddebbe4026cd65e8e63 100644 (file)
--- a/drivers/net/dsa/sja1105/sja1105_flower.c
+++ b/drivers/net/dsa/sja1105/sja1105_flower.c
@@ -391,9 +391,9 @@ int sja1105_cls_flower_add(struct dsa_switch *ds, int port,
                        struct dsa_port *to_dp;
 
                        to_dp = dsa_port_from_netdev(act->dev);
-                       if (IS_ERR(to_dp)) {
+                       if (IS_ERR(to_dp) || to_dp->ds != ds) {
                                NL_SET_ERR_MSG_MOD(extack,
-                                                  "Destination not a switch port");
+                                                  "Destination not a local switch port");
                                return -EOPNOTSUPP;
                        }