Re: [PATCH net-next] net: Silence false field-spanning write warning in metadata_dst memcpy

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Stephen Hemminger <stephen@networkplumber.org>
To: Gal Pressman <gal@nvidia.com>
Cc: "David S. Miller" <davem@davemloft.net>,
	Jakub Kicinski <kuba@kernel.org>, <netdev@vger.kernel.org>,
	Eric Dumazet <edumazet@google.com>,
	Paolo Abeni <pabeni@redhat.com>, Cosmin Ratiu <cratiu@nvidia.com>,
	Tariq Toukan <tariqt@nvidia.com>
Subject: Re: [PATCH net-next] net: Silence false field-spanning write warning in metadata_dst memcpy
Date: Sun, 18 Aug 2024 08:09:44 -0700	[thread overview]
Message-ID: <20240818080944.4c19255e@hermes.local> (raw)
In-Reply-To: <20240818114351.3612692-1-gal@nvidia.com>

On Sun, 18 Aug 2024 14:43:51 +0300
Gal Pressman <gal@nvidia.com> wrote:

> When metadata_dst struct is allocated (using metadata_dst_alloc()), it
> reserves room for options at the end of the struct.
> 
> Change the memcpy() to unsafe_memcpy() as it is guaranteed that enough
> room (md_size bytes) was allocated and the field-spanning write is
> intentional.
> 
> This resolves the following warning:
> 	------------[ cut here ]------------
> 	memcpy: detected field-spanning write (size 104) of single field "&new_md->u.tun_info" at include/net/dst_metadata.h:166 (size 96)
> 	WARNING: CPU: 2 PID: 391470 at include/net/dst_metadata.h:166 tun_dst_unclone+0x114/0x138 [geneve]
> 	Modules linked in: act_tunnel_key geneve ip6_udp_tunnel udp_tunnel act_vlan act_mirred act_skbedit cls_matchall nfnetlink_cttimeout act_gact cls_flower sch_ingress sbsa_gwdt ipmi_devintf ipmi_msghandler xfrm_interface xfrm6_tunnel tunnel6 tunnel4 xfrm_user xfrm_algo nvme_fabrics overlay optee openvswitch nsh nf_conncount ib_srp scsi_transport_srp rpcrdma rdma_ucm ib_iser rdma_cm ib_umad iw_cm libiscsi ib_ipoib scsi_transport_iscsi ib_cm uio_pdrv_genirq uio mlxbf_pmc pwr_mlxbf mlxbf_bootctl bluefield_edac nft_chain_nat binfmt_misc xt_MASQUERADE nf_nat xt_tcpmss xt_NFLOG nfnetlink_log xt_recent xt_hashlimit xt_state xt_conntrack nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 xt_mark xt_comment ipt_REJECT nf_reject_ipv4 nft_compat nf_tables nfnetlink sch_fq_codel dm_multipath fuse efi_pstore ip_tables btrfs blake2b_generic raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor xor_neon raid6_pq raid1 raid0 nvme nvme_core mlx5_ib ib_uverbs ib_core ipv6 crc_ccitt mlx5_core crct10dif_ce mlxfw
> 	 psample i2c_mlxbf gpio_mlxbf2 mlxbf_gige mlxbf_tmfifo
> 	CPU: 2 PID: 391470 Comm: handler6 Not tainted 6.10.0-rc1 #1
> 	Hardware name: https://www.mellanox.com BlueField SoC/BlueField SoC, BIOS 4.5.0.12993 Dec  6 2023
> 	pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)
> 	pc : tun_dst_unclone+0x114/0x138 [geneve]
> 	lr : tun_dst_unclone+0x114/0x138 [geneve]
> 	sp : ffffffc0804533f0
> 	x29: ffffffc0804533f0 x28: 000000000000024e x27: 0000000000000000
> 	x26: ffffffdcfc0e8e40 x25: ffffff8086fa6600 x24: ffffff8096a0c000
> 	x23: 0000000000000068 x22: 0000000000000008 x21: ffffff8092ad7000
> 	x20: ffffff8081e17900 x19: ffffff8092ad7900 x18: 00000000fffffffd
> 	x17: 0000000000000000 x16: ffffffdcfa018488 x15: 695f6e75742e753e
> 	x14: 2d646d5f77656e26 x13: 6d5f77656e262220 x12: 646c65696620656c
> 	x11: ffffffdcfbe33ae8 x10: ffffffdcfbe1baa8 x9 : ffffffdcfa0a4c10
> 	x8 : 0000000000017fe8 x7 : c0000000ffffefff x6 : 0000000000000001
> 	x5 : ffffff83fdeeb010 x4 : 0000000000000000 x3 : 0000000000000027
> 	x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffffff80913f6780
> 	Call trace:
> 	 tun_dst_unclone+0x114/0x138 [geneve]
> 	 geneve_xmit+0x214/0x10e0 [geneve]
> 	 dev_hard_start_xmit+0xc0/0x220
> 	 __dev_queue_xmit+0xa14/0xd38
> 	 dev_queue_xmit+0x14/0x28 [openvswitch]
> 	 ovs_vport_send+0x98/0x1c8 [openvswitch]
> 	 do_output+0x80/0x1a0 [openvswitch]
> 	 do_execute_actions+0x172c/0x1958 [openvswitch]
> 	 ovs_execute_actions+0x64/0x1a8 [openvswitch]
> 	 ovs_packet_cmd_execute+0x258/0x2d8 [openvswitch]
> 	 genl_family_rcv_msg_doit+0xc8/0x138
> 	 genl_rcv_msg+0x1ec/0x280
> 	 netlink_rcv_skb+0x64/0x150
> 	 genl_rcv+0x40/0x60
> 	 netlink_unicast+0x2e4/0x348
> 	 netlink_sendmsg+0x1b0/0x400
> 	 __sock_sendmsg+0x64/0xc0
> 	 ____sys_sendmsg+0x284/0x308
> 	 ___sys_sendmsg+0x88/0xf0
> 	 __sys_sendmsg+0x70/0xd8
> 	 __arm64_sys_sendmsg+0x2c/0x40
> 	 invoke_syscall+0x50/0x128
> 	 el0_svc_common.constprop.0+0x48/0xf0
> 	 do_el0_svc+0x24/0x38
> 	 el0_svc+0x38/0x100
> 	 el0t_64_sync_handler+0xc0/0xc8
> 	 el0t_64_sync+0x1a4/0x1a8
> 	---[ end trace 0000000000000000 ]---
> 
> Reviewed-by: Cosmin Ratiu <cratiu@nvidia.com>
> Reviewed-by: Tariq Toukan <tariqt@nvidia.com>
> Signed-off-by: Gal Pressman <gal@nvidia.com>
> ---
>  include/net/dst_metadata.h | 7 +++++--
>  1 file changed, 5 insertions(+), 2 deletions(-)
> 
> diff --git a/include/net/dst_metadata.h b/include/net/dst_metadata.h
> index 4160731dcb6e..84c15402931c 100644
> --- a/include/net/dst_metadata.h
> +++ b/include/net/dst_metadata.h
> @@ -163,8 +163,11 @@ static inline struct metadata_dst *tun_dst_unclone(struct sk_buff *skb)
>  	if (!new_md)
>  		return ERR_PTR(-ENOMEM);
>  
> -	memcpy(&new_md->u.tun_info, &md_dst->u.tun_info,
> -	       sizeof(struct ip_tunnel_info) + md_size);
> +	unsafe_memcpy(&new_md->u.tun_info, &md_dst->u.tun_info,
> +		      sizeof(struct ip_tunnel_info) + md_size,
> +		      /* metadata_dst_alloc() reserves room (md_size bytes) for
> +		       * options right after the ip_tunnel_info struct.
> +		       */);

This is an awkward /* midsentence */ place to put a comment.

next prev parent reply	other threads:[~2024-08-18 15:09 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-08-18 11:43 [PATCH net-next] net: Silence false field-spanning write warning in metadata_dst memcpy Gal Pressman
2024-08-18 15:09 ` Stephen Hemminger [this message]
2024-08-18 15:15   ` Gal Pressman
2024-08-20 22:30 ` patchwork-bot+netdevbpf

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20240818080944.4c19255e@hermes.local \
    --to=stephen@networkplumber.org \
    --cc=cratiu@nvidia.com \
    --cc=davem@davemloft.net \
    --cc=edumazet@google.com \
    --cc=gal@nvidia.com \
    --cc=kuba@kernel.org \
    --cc=netdev@vger.kernel.org \
    --cc=pabeni@redhat.com \
    --cc=tariqt@nvidia.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.