From: Ido Schimmel Date: Mon, 8 Sep 2025 07:51:41 +0000 (+0300) Subject: vxlan: Make vxlan_fdb_find_uc() more robust against NPDs X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=ce6adea19ad93b957190d1a04192519f748bae7b;p=users%2Fhch%2Fmisc.git vxlan: Make vxlan_fdb_find_uc() more robust against NPDs first_remote_rcu() can return NULL if the FDB entry points to an FDB nexthop group instead of a remote destination. However, unlike other users of first_remote_rcu(), NPD cannot currently happen in vxlan_fdb_find_uc() as it is only invoked by one driver which vetoes the creation of FDB nexthops. Make the function more robust by making sure the remote destination is only dereferenced if it is not NULL. Reviewed-by: Petr Machata Signed-off-by: Ido Schimmel Reviewed-by: Wang Liang Reviewed-by: Nikolay Aleksandrov Link: https://patch.msgid.link/20250908075141.125087-1-idosch@nvidia.com Signed-off-by: Jakub Kicinski --- diff --git a/drivers/net/vxlan/vxlan_core.c b/drivers/net/vxlan/vxlan_core.c index dab864bc733c..a5c55e7e4d79 100644 --- a/drivers/net/vxlan/vxlan_core.c +++ b/drivers/net/vxlan/vxlan_core.c @@ -446,7 +446,7 @@ int vxlan_fdb_find_uc(struct net_device *dev, const u8 *mac, __be32 vni, { struct vxlan_dev *vxlan = netdev_priv(dev); u8 eth_addr[ETH_ALEN + 2] = { 0 }; - struct vxlan_rdst *rdst; + struct vxlan_rdst *rdst = NULL; struct vxlan_fdb *f; int rc = 0; @@ -459,12 +459,13 @@ int vxlan_fdb_find_uc(struct net_device *dev, const u8 *mac, __be32 vni, rcu_read_lock(); f = vxlan_find_mac_rcu(vxlan, eth_addr, vni); - if (!f) { + if (f) + rdst = first_remote_rcu(f); + if (!rdst) { rc = -ENOENT; goto out; } - rdst = first_remote_rcu(f); vxlan_fdb_switchdev_notifier_info(vxlan, f, rdst, NULL, fdb_info); out: