net/sched: cbs: Fix integer overflow in cbs_set_port_rate()

The subsequent calculation of port_rate = speed * 1000 * BYTES_PER_KBIT, where the BYTES_PER_KBIT is of type LL, may cause an overflow. At least when speed = SPEED_20000, the expression to the left of port_rate will be greater than INT_MAX. Found by Linux Verification Center (linuxtesting.org) with SVACE. Signed-off-by: Elena Salomatkina <esalomatkina@ispras.ru> Link: https://patch.msgid.link/20241013124529.1043-1-esalomatkina@ispras.ru Signed-off-by: Jakub Kicinski <kuba@kernel.org>
author: Elena Salomatkina <esalomatkina@ispras.ru> 2024-10-13 15:45:29 +0300
committer: Jakub Kicinski <kuba@kernel.org> 2024-10-15 18:25:47 -0700
commit: 397006ba5d918f9b74e734867e8fddbc36dc2282 (patch)
tree: 9a30fc5fceb8fdc873bf5e2e98812ac9f70908ce
parent: 95b3120a485f77a9bb8060bf3398311e3dcb6c65 (diff)
download: linux-397006ba5d918f9b74e734867e8fddbc36dc2282.tar.gz
linux-397006ba5d918f9b74e734867e8fddbc36dc2282.tar.bz2
linux-397006ba5d918f9b74e734867e8fddbc36dc2282.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/net/sched/sch_cbs.c b/net/sched/sch_cbs.c
index 939425da1895..8c9a0400c862 100644
--- a/net/sched/sch_cbs.c
+++ b/net/sched/sch_cbs.c
@@ -310,7 +310,7 @@ static void cbs_set_port_rate(struct net_device *dev, struct cbs_sched_data *q)
 {
 	struct ethtool_link_ksettings ecmd;
 	int speed = SPEED_10;
-	int port_rate;
+	s64 port_rate;
 	int err;
 
 	err = __ethtool_get_link_ksettings(dev, &ecmd);
author	Elena Salomatkina <esalomatkina@ispras.ru>	2024-10-13 15:45:29 +0300
committer	Jakub Kicinski <kuba@kernel.org>	2024-10-15 18:25:47 -0700
commit	397006ba5d918f9b74e734867e8fddbc36dc2282 (patch)
tree	9a30fc5fceb8fdc873bf5e2e98812ac9f70908ce
parent	95b3120a485f77a9bb8060bf3398311e3dcb6c65 (diff)
download	linux-397006ba5d918f9b74e734867e8fddbc36dc2282.tar.gz linux-397006ba5d918f9b74e734867e8fddbc36dc2282.tar.bz2 linux-397006ba5d918f9b74e734867e8fddbc36dc2282.zip