Re: [PATCH net-next 07/13] dpaa2-switch: check early if an FDB entry should be added
From: Ioana Ciornei
Date: Fri May 08 2026 - 10:35:06 EST
On Wed, May 06, 2026 at 06:15:34PM +0300, Ioana Ciornei wrote:
> Instead of waiting until the last moment to check if an FDB entry should
> be added to HW, move the check earlier (before even scheduling the work
> item) so that we don't just waste time.
>
> Signed-off-by: Ioana Ciornei <ioana.ciornei@xxxxxxx>
> ---
> drivers/net/ethernet/freescale/dpaa2/dpaa2-switch.c | 7 +++----
> 1 file changed, 3 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/net/ethernet/freescale/dpaa2/dpaa2-switch.c b/drivers/net/ethernet/freescale/dpaa2/dpaa2-switch.c
> index 476ee8b46921..a057fd85bd27 100644
(...)
> if (!dpaa2_switch_port_dev_check(dev))
> return NOTIFY_DONE;
>
> + if (!fdb_info->added_by_user || fdb_info->is_local)
> + return NOTIFY_DONE;
> +
Sashiko notes:
This problem wasn't introduced by this patch, but looking at the
surrounding context in this function, is there a pre-existing
out-of-bounds read issue?
Could reading port_priv->ethsw_data happen before ensuring the
device belongs to the dpaa2-switch driver?
Since switchdev notifiers are called globally for all network
devices, an event on a device with zero private data (like a
dummy interface) would cause netdev_priv(dev) to point to the
end of the device allocation.
If the allocation ends at a page boundary, would accessing
ethsw_data trigger a KASAN panic or a page fault when an
unprivileged user creates a dummy interface in a network
namespace and adds an FDB entry?
I don't think that can happen since dpaa2_switch_port_fdb_event() is
called using switchdev_handle_fdb_event_to_device() which checks if the
interface is a dpaa2-switch one using the dpaa2_switch_port_dev_check()
callback.