From d21a7713464c7d35b2cce1fe7f7d87928d6a047e Mon Sep 17 00:00:00 2001 From: Jonas Gorski Date: Tue, 18 Sep 2012 14:09:08 +0200 Subject: MIPS: BCM63XX: Properly handle mac address octet overflow While calculating the mac address the pointer for the current octet was never reset back to the least significant one after being decremented because of an octet overflow. This resulted in the code continuing to increment at the current octet, potentially generating duplicate or invalid mac addresses. As a second issue the pointer was allowed to advance up to the most significant octet, modifying the OUI, and potentially changing the type of mac address. Rewrite the code so it resets the pointer to the least significant in each outer loop step, and bails out when the least significant octet of the OUI is reached. Signed-off-by: Jonas Gorski Cc: linux-mips@linux-mips.org Cc: Maxime Bizon Cc: Florian Fainelli Cc: Sergei Shtylyov Patchwork: https://patchwork.linux-mips.org/patch/4348/ Signed-off-by: Ralf Baechle --- arch/mips/bcm63xx/boards/board_bcm963xx.c | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/arch/mips/bcm63xx/boards/board_bcm963xx.c b/arch/mips/bcm63xx/boards/board_bcm963xx.c index ea4ea77c6297..442ba96d4004 100644 --- a/arch/mips/bcm63xx/boards/board_bcm963xx.c +++ b/arch/mips/bcm63xx/boards/board_bcm963xx.c @@ -720,7 +720,7 @@ const char *board_get_name(void) */ static int board_get_mac_address(u8 *mac) { - u8 *p; + u8 *oui; int count; if (mac_addr_used >= nvram.mac_addr_count) { @@ -729,21 +729,23 @@ static int board_get_mac_address(u8 *mac) } memcpy(mac, nvram.mac_addr_base, ETH_ALEN); - p = mac + ETH_ALEN - 1; + oui = mac + ETH_ALEN/2 - 1; count = mac_addr_used; while (count--) { + u8 *p = mac + ETH_ALEN - 1; + do { (*p)++; if (*p != 0) break; p--; - } while (p != mac); - } + } while (p != oui); - if (p == mac) { - printk(KERN_ERR PFX "unable to fetch mac address\n"); - return -ENODEV; + if (p == oui) { + printk(KERN_ERR PFX "unable to fetch mac address\n"); + return -ENODEV; + } } mac_addr_used++; -- cgit v1.2.3