All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] hv_sock: Extract hvs_send_data() helper that takes only header
@ 2021-12-07  6:32 ` Kees Cook
  0 siblings, 0 replies; 4+ messages in thread
From: Kees Cook @ 2021-12-07  6:32 UTC (permalink / raw)
  To: K. Y. Srinivasan
  Cc: Kees Cook, Haiyang Zhang, Stephen Hemminger, Wei Liu, Dexuan Cui,
	Stefano Garzarella, David S. Miller, Jakub Kicinski, linux-kernel,
	linux-hyperv, virtualization, netdev, linux-hardening

When building under -Warray-bounds, the compiler is especially
conservative when faced with casts from a smaller object to a larger
object. While this has found many real bugs, there are some cases that
are currently false positives (like here). With this as one of the last
few instances of the warning in the kernel before -Warray-bounds can be
enabled globally, rearrange the functions so that there is a header-only
version of hvs_send_data(). Silences this warning:

net/vmw_vsock/hyperv_transport.c: In function 'hvs_shutdown_lock_held.constprop':
net/vmw_vsock/hyperv_transport.c:231:32: warning: array subscript 'struct hvs_send_buf[0]' is partly outside array bounds of 'struct vmpipe_proto_header[1]' [-Warray-bounds]
  231 |         send_buf->hdr.pkt_type = 1;
      |         ~~~~~~~~~~~~~~~~~~~~~~~^~~
net/vmw_vsock/hyperv_transport.c:465:36: note: while referencing 'hdr'
  465 |         struct vmpipe_proto_header hdr;
      |                                    ^~~

This change results in no executable instruction differences.

Signed-off-by: Kees Cook <keescook@chromium.org>
---
 net/vmw_vsock/hyperv_transport.c | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/net/vmw_vsock/hyperv_transport.c b/net/vmw_vsock/hyperv_transport.c
index 19189cf30a72..e111e13b6660 100644
--- a/net/vmw_vsock/hyperv_transport.c
+++ b/net/vmw_vsock/hyperv_transport.c
@@ -225,14 +225,20 @@ static size_t hvs_channel_writable_bytes(struct vmbus_channel *chan)
 	return round_down(ret, 8);
 }
 
+static int __hvs_send_data(struct vmbus_channel *chan,
+			   struct vmpipe_proto_header *hdr,
+			   size_t to_write)
+{
+	hdr->pkt_type = 1;
+	hdr->data_size = to_write;
+	return vmbus_sendpacket(chan, hdr, sizeof(*hdr) + to_write,
+				0, VM_PKT_DATA_INBAND, 0);
+}
+
 static int hvs_send_data(struct vmbus_channel *chan,
 			 struct hvs_send_buf *send_buf, size_t to_write)
 {
-	send_buf->hdr.pkt_type = 1;
-	send_buf->hdr.data_size = to_write;
-	return vmbus_sendpacket(chan, &send_buf->hdr,
-				sizeof(send_buf->hdr) + to_write,
-				0, VM_PKT_DATA_INBAND, 0);
+	return __hvs_send_data(chan, &send_buf->hdr, to_write);
 }
 
 static void hvs_channel_cb(void *ctx)
@@ -468,7 +474,7 @@ static void hvs_shutdown_lock_held(struct hvsock *hvs, int mode)
 		return;
 
 	/* It can't fail: see hvs_channel_writable_bytes(). */
-	(void)hvs_send_data(hvs->chan, (struct hvs_send_buf *)&hdr, 0);
+	(void)__hvs_send_data(hvs->chan, &hdr, 0);
 	hvs->fin_sent = true;
 }
 
-- 
2.30.2


^ permalink raw reply related	[flat|nested] 4+ messages in thread
* [PATCH] hv_sock: Extract hvs_send_data() helper that takes only header
@ 2021-12-07  6:32 ` Kees Cook
  0 siblings, 0 replies; 4+ messages in thread
From: Kees Cook @ 2021-12-07  6:32 UTC (permalink / raw)
  To: K. Y. Srinivasan
  Cc: Wei Liu, Stephen Hemminger, Kees Cook, linux-hyperv, netdev,
	Haiyang Zhang, Dexuan Cui, linux-kernel, virtualization,
	linux-hardening, Jakub Kicinski, David S. Miller

When building under -Warray-bounds, the compiler is especially
conservative when faced with casts from a smaller object to a larger
object. While this has found many real bugs, there are some cases that
are currently false positives (like here). With this as one of the last
few instances of the warning in the kernel before -Warray-bounds can be
enabled globally, rearrange the functions so that there is a header-only
version of hvs_send_data(). Silences this warning:

net/vmw_vsock/hyperv_transport.c: In function 'hvs_shutdown_lock_held.constprop':
net/vmw_vsock/hyperv_transport.c:231:32: warning: array subscript 'struct hvs_send_buf[0]' is partly outside array bounds of 'struct vmpipe_proto_header[1]' [-Warray-bounds]
  231 |         send_buf->hdr.pkt_type = 1;
      |         ~~~~~~~~~~~~~~~~~~~~~~~^~~
net/vmw_vsock/hyperv_transport.c:465:36: note: while referencing 'hdr'
  465 |         struct vmpipe_proto_header hdr;
      |                                    ^~~

This change results in no executable instruction differences.

Signed-off-by: Kees Cook <keescook@chromium.org>
---
 net/vmw_vsock/hyperv_transport.c | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/net/vmw_vsock/hyperv_transport.c b/net/vmw_vsock/hyperv_transport.c
index 19189cf30a72..e111e13b6660 100644
--- a/net/vmw_vsock/hyperv_transport.c
+++ b/net/vmw_vsock/hyperv_transport.c
@@ -225,14 +225,20 @@ static size_t hvs_channel_writable_bytes(struct vmbus_channel *chan)
 	return round_down(ret, 8);
 }
 
+static int __hvs_send_data(struct vmbus_channel *chan,
+			   struct vmpipe_proto_header *hdr,
+			   size_t to_write)
+{
+	hdr->pkt_type = 1;
+	hdr->data_size = to_write;
+	return vmbus_sendpacket(chan, hdr, sizeof(*hdr) + to_write,
+				0, VM_PKT_DATA_INBAND, 0);
+}
+
 static int hvs_send_data(struct vmbus_channel *chan,
 			 struct hvs_send_buf *send_buf, size_t to_write)
 {
-	send_buf->hdr.pkt_type = 1;
-	send_buf->hdr.data_size = to_write;
-	return vmbus_sendpacket(chan, &send_buf->hdr,
-				sizeof(send_buf->hdr) + to_write,
-				0, VM_PKT_DATA_INBAND, 0);
+	return __hvs_send_data(chan, &send_buf->hdr, to_write);
 }
 
 static void hvs_channel_cb(void *ctx)
@@ -468,7 +474,7 @@ static void hvs_shutdown_lock_held(struct hvsock *hvs, int mode)
 		return;
 
 	/* It can't fail: see hvs_channel_writable_bytes(). */
-	(void)hvs_send_data(hvs->chan, (struct hvs_send_buf *)&hdr, 0);
+	(void)__hvs_send_data(hvs->chan, &hdr, 0);
 	hvs->fin_sent = true;
 }
 
-- 
2.30.2

_______________________________________________
Virtualization mailing list
Virtualization@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/virtualization

^ permalink raw reply related	[flat|nested] 4+ messages in thread
* Re: [PATCH] hv_sock: Extract hvs_send_data() helper that takes only header
  2021-12-07  6:32 ` Kees Cook
  (?)
@ 2021-12-07 12:03 ` Wei Liu
  -1 siblings, 0 replies; 4+ messages in thread
From: Wei Liu @ 2021-12-07 12:03 UTC (permalink / raw)
  To: Kees Cook
  Cc: K. Y. Srinivasan, Haiyang Zhang, Stephen Hemminger, Wei Liu,
	Dexuan Cui, Stefano Garzarella, David S. Miller, Jakub Kicinski,
	linux-kernel, linux-hyperv, virtualization, netdev,
	linux-hardening

On Mon, Dec 06, 2021 at 10:32:17PM -0800, Kees Cook wrote:
> When building under -Warray-bounds, the compiler is especially
> conservative when faced with casts from a smaller object to a larger
> object. While this has found many real bugs, there are some cases that
> are currently false positives (like here). With this as one of the last
> few instances of the warning in the kernel before -Warray-bounds can be
> enabled globally, rearrange the functions so that there is a header-only
> version of hvs_send_data(). Silences this warning:
> 
> net/vmw_vsock/hyperv_transport.c: In function 'hvs_shutdown_lock_held.constprop':
> net/vmw_vsock/hyperv_transport.c:231:32: warning: array subscript 'struct hvs_send_buf[0]' is partly outside array bounds of 'struct vmpipe_proto_header[1]' [-Warray-bounds]
>   231 |         send_buf->hdr.pkt_type = 1;
>       |         ~~~~~~~~~~~~~~~~~~~~~~~^~~
> net/vmw_vsock/hyperv_transport.c:465:36: note: while referencing 'hdr'
>   465 |         struct vmpipe_proto_header hdr;
>       |                                    ^~~
> 
> This change results in no executable instruction differences.
> 
> Signed-off-by: Kees Cook <keescook@chromium.org>

Acked-by: Wei Liu <wei.liu@kernel.org>

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [PATCH] hv_sock: Extract hvs_send_data() helper that takes only header
  2021-12-07  6:32 ` Kees Cook
  (?)
  (?)
@ 2021-12-08  6:10 ` patchwork-bot+netdevbpf
  -1 siblings, 0 replies; 4+ messages in thread
From: patchwork-bot+netdevbpf @ 2021-12-08  6:10 UTC (permalink / raw)
  To: Kees Cook
  Cc: kys, haiyangz, sthemmin, wei.liu, decui, sgarzare, davem, kuba,
	linux-kernel, linux-hyperv, virtualization, netdev,
	linux-hardening

Hello:

This patch was applied to netdev/net-next.git (master)
by Jakub Kicinski <kuba@kernel.org>:

On Mon,  6 Dec 2021 22:32:17 -0800 you wrote:
> When building under -Warray-bounds, the compiler is especially
> conservative when faced with casts from a smaller object to a larger
> object. While this has found many real bugs, there are some cases that
> are currently false positives (like here). With this as one of the last
> few instances of the warning in the kernel before -Warray-bounds can be
> enabled globally, rearrange the functions so that there is a header-only
> version of hvs_send_data(). Silences this warning:
> 
> [...]

Here is the summary with links:
  - hv_sock: Extract hvs_send_data() helper that takes only header
    https://git.kernel.org/netdev/net-next/c/c0e084e342a8

You are awesome, thank you!
-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html



^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-12-08  6:10 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-12-07  6:32 [PATCH] hv_sock: Extract hvs_send_data() helper that takes only header Kees Cook
2021-12-07  6:32 ` Kees Cook
2021-12-07 12:03 ` Wei Liu
2021-12-08  6:10 ` patchwork-bot+netdevbpf

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.