i40e: Fix filter input checks to prevent config with invalid values

[ Upstream commit 3e48041d9820c17e0a51599d12e66c6e12a8d08d ]

Prevent VF from configuring filters with unsupported actions or use
REDIRECT action with invalid tc number. Current checks could cause
out of bounds access on PF side.

Fixes: e284fc280473 ("i40e: Add and delete cloud filter")
Reviewed-by: Andrii Staikov <andrii.staikov@intel.com>
Signed-off-by: Sudheer Mogilappagari <sudheer.mogilappagari@intel.com>
Signed-off-by: Aleksandr Loktionov <aleksandr.loktionov@intel.com>
Reviewed-by: Simon Horman <horms@kernel.org>
Tested-by: Bharathi Sreenivas <bharathi.sreenivas@intel.com>
Signed-off-by: Tony Nguyen <anthony.l.nguyen@intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c b/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
index 4441b00..220dad9 100644 (file)
--- a/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
+++ b/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
@@ -3519,16 +3519,16 @@ static int i40e_validate_cloud_filter(struct i40e_vf *vf,
        bool found = false;
        int bkt;
 
-       if (!tc_filter->action) {
+       if (tc_filter->action != VIRTCHNL_ACTION_TC_REDIRECT) {
                dev_info(&pf->pdev->dev,
-                        "VF %d: Currently ADq doesn't support Drop Action\n",
-                        vf->vf_id);
+                        "VF %d: ADQ doesn't support this action (%d)\n",
+                        vf->vf_id, tc_filter->action);
                goto err;
        }
 
        /* action_meta is TC number here to which the filter is applied */
        if (!tc_filter->action_meta ||
-           tc_filter->action_meta > I40E_MAX_VF_VSI) {
+           tc_filter->action_meta > vf->num_tc) {
                dev_info(&pf->pdev->dev, "VF %d: Invalid TC number %u\n",
                         vf->vf_id, tc_filter->action_meta);
                goto err;