net: bcmgenet: Add a check for oversized packets

Occasionnaly we may get oversized packets from the hardware which exceed the nomimal 2KiB buffer size we allocate SKBs with. Add an early check which drops the packet to avoid invoking skb_over_panic() and move on to processing the next packet. Signed-off-by: Florian Fainelli <f.fainelli@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Florian Fainelli <f.fainelli@gmail.com> 2023-01-27 03:08:19 +0300
committer: David S. Miller <davem@davemloft.net> 2023-01-30 10:23:16 +0300
commit: 5c0862c2c962052ed5055220a00ac1cefb92fbcd (patch)
tree: f7424bfea5f59cc9b8263984a3fe1121dd172de0
parent: 468ba54bd616db995514f9671ac116eb4b62e0ea (diff)
download: linux-5c0862c2c962052ed5055220a00ac1cefb92fbcd.tar.xz
1 files changed, 8 insertions, 0 deletions
diff --git a/drivers/net/ethernet/broadcom/genet/bcmgenet.c b/drivers/net/ethernet/broadcom/genet/bcmgenet.c
index 21973046b12b..d937daa8ee88 100644
--- a/drivers/net/ethernet/broadcom/genet/bcmgenet.c
+++ b/drivers/net/ethernet/broadcom/genet/bcmgenet.c
@@ -2316,6 +2316,14 @@ static unsigned int bcmgenet_desc_rx(struct bcmgenet_rx_ring *ring,
 			  __func__, p_index, ring->c_index,
 			  ring->read_ptr, dma_length_status);
 
+		if (unlikely(len > RX_BUF_LENGTH)) {
+			netif_err(priv, rx_status, dev, "oversized packet\n");
+			dev->stats.rx_length_errors++;
+			dev->stats.rx_errors++;
+			dev_kfree_skb_any(skb);
+			goto next;
+		}
+
 		if (unlikely(!(dma_flag & DMA_EOP) || !(dma_flag & DMA_SOP))) {
 			netif_err(priv, rx_status, dev,
 				  "dropping fragmented packet!\n");
author	Florian Fainelli <f.fainelli@gmail.com>	2023-01-27 03:08:19 +0300
committer	David S. Miller <davem@davemloft.net>	2023-01-30 10:23:16 +0300
commit	5c0862c2c962052ed5055220a00ac1cefb92fbcd (patch)
tree	f7424bfea5f59cc9b8263984a3fe1121dd172de0
parent	468ba54bd616db995514f9671ac116eb4b62e0ea (diff)
download	linux-5c0862c2c962052ed5055220a00ac1cefb92fbcd.tar.xz