From patchwork Fri Oct 21 19:13:36 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alex Elder X-Patchwork-Id: 6945 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:4242:0:0:0:0:0 with SMTP id s2csp863855wrr; Fri, 21 Oct 2022 12:17:22 -0700 (PDT) X-Google-Smtp-Source: AMsMyM7yZTBIwcc2lD5oJe1O7XUh0QpbMa3C7g1rL1E3qHEngiL4WsRjHnZ5tvzwtG8wTll1al8T X-Received: by 2002:a17:907:6d8f:b0:78d:9b5e:1a0f with SMTP id sb15-20020a1709076d8f00b0078d9b5e1a0fmr17671794ejc.23.1666379832555; Fri, 21 Oct 2022 12:17:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666379832; cv=none; d=google.com; s=arc-20160816; b=kQ99LzIuPSQlNmIQ4nbojL3xYkqft8CpU3e4QS9KE/dYu8Db8MdkjJYcfSpWNku6bL fp1hOfZadwBLzu4MaPu8HlflGDObS6TOgXaulqDoZ9OkUoMy5J0Eyk9/pMF4HcUufkFO YA17SnvX2IR9QikX3gttAqzGAiDlnw1nylGRBCe9bbCCZiHqzGw/fZv/dWlh+7ih/PvO kXYcnrp0t6rAaF3HtJ0B6dvNnCoFgdF52OCwH92kqH2DRikCnR22Eq/2W7cI5I0WZ4Lj 9fktKC01RFEB3XoJy6qaOpNx2vkBN4U2h2UedwJRZMNykAFXqOpiPCN3Vo3b6x2Jl248 8HRw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=HDw9482diyaFwRrAaQF5T4a7oZwEPZMJMihwz/4kzSA=; b=OvexC0CI1tKdfp49cBrnie/p/62ROmRQhs4r5mONJX1JAMSQ2A9baWLnjRb06qzxxz 6xLqRhzY/7TtWMyK7Ns12LOMq8Sk/bfAQFHFh1p+YCp9wSylpVItQ/2acqoHoNZ73KLD qNHmXXmTqy/J1aca2SY4vCP6DghG2XUfJ7uvDyjScptJlvHJPvKkAA0ty4qX0bgw/ux/ zvepa4a7Eg1SG9hGAgmyRIMlol5q0SU7lzMjICL2Yjk8rYaimx0nNokl5kkXyGcL2HxK Gm4QSceNBgnyxdaWYtDWcSY5YnJsq+qNG57dCrH3Palc5w7HPPO+JwTido1E626dqo2E fGKg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=tnm4oyhA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id dp19-20020a170906c15300b0078c47b4478esi19295438ejc.106.2022.10.21.12.16.47; Fri, 21 Oct 2022 12:17:12 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=tnm4oyhA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229670AbiJUTOA (ORCPT + 99 others); Fri, 21 Oct 2022 15:14:00 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48620 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229506AbiJUTNv (ORCPT ); Fri, 21 Oct 2022 15:13:51 -0400 Received: from mail-io1-xd2e.google.com (mail-io1-xd2e.google.com [IPv6:2607:f8b0:4864:20::d2e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 08F5215A8E1 for ; Fri, 21 Oct 2022 12:13:49 -0700 (PDT) Received: by mail-io1-xd2e.google.com with SMTP id o65so3137981iof.4 for ; Fri, 21 Oct 2022 12:13:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=HDw9482diyaFwRrAaQF5T4a7oZwEPZMJMihwz/4kzSA=; b=tnm4oyhAweSGNma6/aLaMtvbzON+bEe4uWFuVld2RiGTgLSBlMxLLQnfj0q9njaG3q PREJ0hi07Wy5hr8SRHgvU7m+NMLkXaZTt/3M9FzGAMx5jYElQUbFIZY80EsRCBn/hqpk z0OVESh2QlchZmHOxaxxWq2w6i+oLg5ItHMGa8FGvSvMXhbLgu7GdfnosNTMmCEoPF3Y niq+/dvYCZuOlKGpmEzsrJXqh/KINmV0nPZcQVVVG3NWZn1BckFAgcB+MWc9bMEWFj4F M6qjzvaqOM01Edf72LTircEzFozW1vNhM4N4C/q82CHa0dHssjfu0MVAB/BYwnaqngHb A28w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=HDw9482diyaFwRrAaQF5T4a7oZwEPZMJMihwz/4kzSA=; b=p0W4TQ3jC0sy70dgBEka4rDovmtNKwpKHMQkuFsVcNZel8BXRZmx/w0PtnwShXT4RN UY2KrV8DoqMi3aBAons4ZJTFJlxquldHgqUKy9lfs523A2zh6ZkxJdjwx/iMVQWE+kz2 TLxIpqWc8qVjzQ7HlmQ9+nOd8Sanz9JQ90zsnXOOspYmtkpHm0q2ecBU6ng6vqZonI1d DuhDkdP53ZtiMzY0JKyeeCmLxOd9tcRzJXydrdhB0p3g3vF7vmG/mTkPEqAVf+JR/Myv xgriqt3uR6jDsJHkVV26EIrOkXVMb89cAj9ViX323lSQuKrSnKAZUjmUG1+2fg9IGWYn VnOw== X-Gm-Message-State: ACrzQf2YBe9L8zrmJKxKaSChfpm2I9k6NAuM6MMkE/cKkW/ilRIPhQEf mrnEsZX0teLgJJbWknZuIToJmg== X-Received: by 2002:a05:6638:490e:b0:363:c0fb:a5ea with SMTP id cx14-20020a056638490e00b00363c0fba5eamr14192375jab.285.1666379629399; Fri, 21 Oct 2022 12:13:49 -0700 (PDT) Received: from presto.localdomain ([98.61.227.136]) by smtp.gmail.com with ESMTPSA id e3-20020a022103000000b00363c68aa348sm4439362jaa.72.2022.10.21.12.13.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 21 Oct 2022 12:13:48 -0700 (PDT) From: Alex Elder To: davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com Cc: mka@chromium.org, evgreen@chromium.org, andersson@kernel.org, quic_cpratapa@quicinc.com, quic_avuyyuru@quicinc.com, quic_jponduru@quicinc.com, quic_subashab@quicinc.com, elder@kernel.org, netdev@vger.kernel.org, linux-arm-msm@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH net-next 3/7] net: ipa: validate IPA table memory earlier Date: Fri, 21 Oct 2022 14:13:36 -0500 Message-Id: <20221021191340.4187935-4-elder@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20221021191340.4187935-1-elder@linaro.org> References: <20221021191340.4187935-1-elder@linaro.org> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1747325899454335842?= X-GMAIL-MSGID: =?utf-8?q?1747325899454335842?= Add checks in ipa_table_init() to ensure the memory regions defined for IPA filter and routing tables are valid. For routing tables, the checks ensure: - The non-hashed IPv4 and IPv6 routing tables are defined - The non-hashed IPv4 and IPv6 routing tables are the same size - The number entries in the non-hashed IPv4 routing table is enough to hold the number entries available to the modem, plus at least one usable by the AP. For filter tables, the checks ensure: - The non-hashed IPv4 and IPv6 filter tables are defined - The non-hashed IPv4 and IPv6 filter tables are the same size - The number entries in the non-hashed IPv4 filter table is enough to hold the endpoint bitmap, plus an entry for each defined endpoint that supports filtering. In addition, for both routing and filter tables: - If hashing isn't supported (IPA v4.2), hashed tables are zero size - If hashing *is* supported, all hashed tables are the same size as their non-hashed counterparts. When validating the size of routing tables, require the AP to have at least one entry (in addition to those used by the modem). Signed-off-by: Alex Elder --- drivers/net/ipa/ipa_table.c | 98 +++++++++++++++++++++++++++++++++++-- 1 file changed, 94 insertions(+), 4 deletions(-) diff --git a/drivers/net/ipa/ipa_table.c b/drivers/net/ipa/ipa_table.c index 74d7082b3c5aa..222362a7a2a8c 100644 --- a/drivers/net/ipa/ipa_table.c +++ b/drivers/net/ipa/ipa_table.c @@ -134,9 +134,25 @@ static void ipa_table_validate_build(void) BUILD_BUG_ON(IPA_ROUTE_COUNT_MAX > 32); /* The modem must be allotted at least one route table entry */ BUILD_BUG_ON(!IPA_ROUTE_MODEM_COUNT); - /* But it can't have more than what is available */ - BUILD_BUG_ON(IPA_ROUTE_MODEM_COUNT > IPA_ROUTE_COUNT_MAX); + /* AP must too, but we can't use more than what is available */ + BUILD_BUG_ON(IPA_ROUTE_MODEM_COUNT >= IPA_ROUTE_COUNT_MAX); +} +static const struct ipa_mem * +ipa_table_mem(struct ipa *ipa, bool filter, bool hashed, bool ipv6) +{ + enum ipa_mem_id mem_id; + + mem_id = filter ? hashed ? ipv6 ? IPA_MEM_V6_FILTER_HASHED + : IPA_MEM_V4_FILTER_HASHED + : ipv6 ? IPA_MEM_V6_FILTER + : IPA_MEM_V4_FILTER + : hashed ? ipv6 ? IPA_MEM_V6_ROUTE_HASHED + : IPA_MEM_V4_ROUTE_HASHED + : ipv6 ? IPA_MEM_V6_ROUTE + : IPA_MEM_V4_ROUTE; + + return ipa_mem_find(ipa, mem_id); } static bool @@ -604,8 +620,77 @@ void ipa_table_config(struct ipa *ipa) ipa_route_config(ipa, true); } -/* - * Initialize a coherent DMA allocation containing initialized filter and +/* Zero modem_route_count means filter table memory check */ +static bool ipa_table_mem_valid(struct ipa *ipa, bool modem_route_count) +{ + bool hash_support = ipa_table_hash_support(ipa); + bool filter = !modem_route_count; + const struct ipa_mem *mem_hashed; + const struct ipa_mem *mem_ipv4; + const struct ipa_mem *mem_ipv6; + u32 count; + + /* IPv4 and IPv6 non-hashed tables are expected to be defined and + * have the same size. Both must have at least two entries (and + * would normally have more than that). + */ + mem_ipv4 = ipa_table_mem(ipa, filter, false, false); + if (!mem_ipv4) + return false; + + mem_ipv6 = ipa_table_mem(ipa, filter, false, true); + if (!mem_ipv6) + return false; + + if (mem_ipv4->size != mem_ipv6->size) + return false; + + /* Make sure the regions are big enough */ + count = mem_ipv4->size / sizeof(__le64); + if (count < 2) + return false; + if (filter) { + /* Filter tables must able to hold the endpoint bitmap plus + * an entry for each endpoint that supports filtering + */ + if (count < 1 + hweight32(ipa->filter_map)) + return false; + } else { + /* Routing tables must be able to hold all modem entries, + * plus at least one entry for the AP. + */ + if (count < modem_route_count + 1) + return false; + } + + /* If hashing is supported, hashed tables are expected to be defined, + * and have the same size as non-hashed tables. If hashing is not + * supported, hashed tables are expected to have zero size (or not + * be defined). + */ + mem_hashed = ipa_table_mem(ipa, filter, true, false); + if (hash_support) { + if (!mem_hashed || mem_hashed->size != mem_ipv4->size) + return false; + } else { + if (mem_hashed && mem_hashed->size) + return false; + } + + /* Same check for IPv6 tables */ + mem_hashed = ipa_table_mem(ipa, filter, true, true); + if (hash_support) { + if (!mem_hashed || mem_hashed->size != mem_ipv6->size) + return false; + } else { + if (mem_hashed && mem_hashed->size) + return false; + } + + return true; +} + +/* Initialize a coherent DMA allocation containing initialized filter and * route table data. This is used when initializing or resetting the IPA * filter or route table. * @@ -653,6 +738,11 @@ int ipa_table_init(struct ipa *ipa) ipa_table_validate_build(); + if (!ipa_table_mem_valid(ipa, 0)) + return -EINVAL; + if (!ipa_table_mem_valid(ipa, IPA_ROUTE_MODEM_COUNT)) + return -EINVAL; + /* The IPA hardware requires route and filter table rules to be * aligned on a 128-byte boundary. We put the "zero rule" at the * base of the table area allocated here. The DMA address returned