tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

sfc: fix NULL dereferences in ef100_process_design_param()

Since cited commit, ef100_probe_main() and hence also
ef100_check_design_params() run before efx->net_dev is created;
consequently, we cannot netif_set_tso_max_size() or _segs() at this
point.
Move those netif calls to ef100_probe_netdev(), and also replace
netif_err within the design params code with pci_err.

Reported-by: Kyungwook Boo <bookyungwook@gmail.com>
Fixes: 98ff4c7c8ac7 ("sfc: Separate netdev probe/remove from PCI probe/remove")
Signed-off-by: Edward Cree <ecree.xilinx@gmail.com>
Reviewed-by: Michal Swiatkowski <michal.swiatkowski@linux.intel.com>
Link: https://patch.msgid.link/20250401225439.2401047-1-edward.cree@amd.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

authored by

Edward Cree and committed by
Jakub Kicinski 8241ecec 15970e1b

+24 -29
+3 -3
drivers/net/ethernet/sfc/ef100_netdev.c
··· 450 450 net_dev->hw_enc_features |= efx->type->offload_features; 451 451 net_dev->vlan_features |= NETIF_F_HW_CSUM | NETIF_F_SG | 452 452 NETIF_F_HIGHDMA | NETIF_F_ALL_TSO; 453 - netif_set_tso_max_segs(net_dev, 454 - ESE_EF100_DP_GZ_TSO_MAX_HDR_NUM_SEGS_DEFAULT); 453 + nic_data = efx->nic_data; 454 + netif_set_tso_max_size(efx->net_dev, nic_data->tso_max_payload_len); 455 + netif_set_tso_max_segs(efx->net_dev, nic_data->tso_max_payload_num_segs); 455 456 456 457 rc = efx_ef100_init_datapath_caps(efx); 457 458 if (rc < 0) ··· 478 477 /* Don't fail init if RSS setup doesn't work. */ 479 478 efx_mcdi_push_default_indir_table(efx, efx->n_rx_channels); 480 479 481 - nic_data = efx->nic_data; 482 480 rc = ef100_get_mac_address(efx, net_dev->perm_addr, CLIENT_HANDLE_SELF, 483 481 efx->type->is_vf); 484 482 if (rc)
+21 -26
drivers/net/ethernet/sfc/ef100_nic.c
··· 887 887 case ESE_EF100_DP_GZ_TSO_MAX_HDR_NUM_SEGS: 888 888 /* We always put HDR_NUM_SEGS=1 in our TSO descriptors */ 889 889 if (!reader->value) { 890 - netif_err(efx, probe, efx->net_dev, 891 - "TSO_MAX_HDR_NUM_SEGS < 1\n"); 890 + pci_err(efx->pci_dev, "TSO_MAX_HDR_NUM_SEGS < 1\n"); 892 891 return -EOPNOTSUPP; 893 892 } 894 893 return 0; ··· 900 901 */ 901 902 if (!reader->value || reader->value > EFX_MIN_DMAQ_SIZE || 902 903 EFX_MIN_DMAQ_SIZE % (u32)reader->value) { 903 - netif_err(efx, probe, efx->net_dev, 904 - "%s size granularity is %llu, can't guarantee safety\n", 905 - reader->type == ESE_EF100_DP_GZ_RXQ_SIZE_GRANULARITY ? "RXQ" : "TXQ", 906 - reader->value); 904 + pci_err(efx->pci_dev, 905 + "%s size granularity is %llu, can't guarantee safety\n", 906 + reader->type == ESE_EF100_DP_GZ_RXQ_SIZE_GRANULARITY ? "RXQ" : "TXQ", 907 + reader->value); 907 908 return -EOPNOTSUPP; 908 909 } 909 910 return 0; 910 911 case ESE_EF100_DP_GZ_TSO_MAX_PAYLOAD_LEN: 911 912 nic_data->tso_max_payload_len = min_t(u64, reader->value, 912 913 GSO_LEGACY_MAX_SIZE); 913 - netif_set_tso_max_size(efx->net_dev, 914 - nic_data->tso_max_payload_len); 915 914 return 0; 916 915 case ESE_EF100_DP_GZ_TSO_MAX_PAYLOAD_NUM_SEGS: 917 916 nic_data->tso_max_payload_num_segs = min_t(u64, reader->value, 0xffff); 918 - netif_set_tso_max_segs(efx->net_dev, 919 - nic_data->tso_max_payload_num_segs); 920 917 return 0; 921 918 case ESE_EF100_DP_GZ_TSO_MAX_NUM_FRAMES: 922 919 nic_data->tso_max_frames = min_t(u64, reader->value, 0xffff); 923 920 return 0; 924 921 case ESE_EF100_DP_GZ_COMPAT: 925 922 if (reader->value) { 926 - netif_err(efx, probe, efx->net_dev, 927 - "DP_COMPAT has unknown bits %#llx, driver not compatible with this hw\n", 928 - reader->value); 923 + pci_err(efx->pci_dev, 924 + "DP_COMPAT has unknown bits %#llx, driver not compatible with this hw\n", 925 + reader->value); 929 926 return -EOPNOTSUPP; 930 927 } 931 928 return 0; ··· 941 946 * So the value of this shouldn't matter. 942 947 */ 943 948 if (reader->value != ESE_EF100_DP_GZ_VI_STRIDES_DEFAULT) 944 - netif_dbg(efx, probe, efx->net_dev, 945 - "NIC has other than default VI_STRIDES (mask " 946 - "%#llx), early probing might use wrong one\n", 947 - reader->value); 949 + pci_dbg(efx->pci_dev, 950 + "NIC has other than default VI_STRIDES (mask " 951 + "%#llx), early probing might use wrong one\n", 952 + reader->value); 948 953 return 0; 949 954 case ESE_EF100_DP_GZ_RX_MAX_RUNT: 950 955 /* Driver doesn't look at L2_STATUS:LEN_ERR bit, so we don't ··· 956 961 /* Host interface says "Drivers should ignore design parameters 957 962 * that they do not recognise." 958 963 */ 959 - netif_dbg(efx, probe, efx->net_dev, 960 - "Ignoring unrecognised design parameter %u\n", 961 - reader->type); 964 + pci_dbg(efx->pci_dev, 965 + "Ignoring unrecognised design parameter %u\n", 966 + reader->type); 962 967 return 0; 963 968 } 964 969 } ··· 994 999 */ 995 1000 if (reader.state != EF100_TLV_TYPE) { 996 1001 if (reader.state == EF100_TLV_TYPE_CONT) 997 - netif_err(efx, probe, efx->net_dev, 998 - "truncated design parameter (incomplete type %u)\n", 999 - reader.type); 1002 + pci_err(efx->pci_dev, 1003 + "truncated design parameter (incomplete type %u)\n", 1004 + reader.type); 1000 1005 else 1001 - netif_err(efx, probe, efx->net_dev, 1002 - "truncated design parameter %u\n", 1003 - reader.type); 1006 + pci_err(efx->pci_dev, 1007 + "truncated design parameter %u\n", 1008 + reader.type); 1004 1009 rc = -EIO; 1005 1010 } 1006 1011 out: