From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Nathan Chancellor <natechancellor@gmail.com>,
Haiyang Zhang <haiyangz@microsoft.com>,
"David S . Miller" <davem@davemloft.net>,
Sasha Levin <sashal@kernel.org>,
linux-hyperv@vger.kernel.org, netdev@vger.kernel.org,
clang-built-linux@googlegroups.com
Subject: [PATCH AUTOSEL 5.6 29/62] hv_netvsc: Fix netvsc_start_xmit's return type
Date: Thu, 14 May 2020 14:51:14 -0400 [thread overview]
Message-ID: <20200514185147.19716-29-sashal@kernel.org> (raw)
In-Reply-To: <20200514185147.19716-1-sashal@kernel.org>
From: Nathan Chancellor <natechancellor@gmail.com>
[ Upstream commit 7fdc66debebc6a7170a37c8c9b0d9585a9788fb4 ]
netvsc_start_xmit is used as a callback function for the ndo_start_xmit
function pointer. ndo_start_xmit's return type is netdev_tx_t but
netvsc_start_xmit's return type is int.
This causes a failure with Control Flow Integrity (CFI), which requires
function pointer prototypes and callback function definitions to match
exactly. When CFI is in enforcing, the kernel panics. When booting a
CFI kernel with WSL 2, the VM is immediately terminated because of this.
The splat when CONFIG_CFI_PERMISSIVE is used:
[ 5.916765] CFI failure (target: netvsc_start_xmit+0x0/0x10):
[ 5.916771] WARNING: CPU: 8 PID: 0 at kernel/cfi.c:29 __cfi_check_fail+0x2e/0x40
[ 5.916772] Modules linked in:
[ 5.916774] CPU: 8 PID: 0 Comm: swapper/8 Not tainted 5.7.0-rc3-next-20200424-microsoft-cbl-00001-ged4eb37d2c69-dirty #1
[ 5.916776] RIP: 0010:__cfi_check_fail+0x2e/0x40
[ 5.916777] Code: 48 c7 c7 70 98 63 a9 48 c7 c6 11 db 47 a9 e8 69 55 59 00 85 c0 75 02 5b c3 48 c7 c7 73 c6 43 a9 48 89 de 31 c0 e8 12 2d f0 ff <0f> 0b 5b c3 00 00 cc cc 00 00 cc cc 00 00 cc cc 00 00 85 f6 74 25
[ 5.916778] RSP: 0018:ffffa803c0260b78 EFLAGS: 00010246
[ 5.916779] RAX: 712a1af25779e900 RBX: ffffffffa8cf7950 RCX: ffffffffa962cf08
[ 5.916779] RDX: ffffffffa9c36b60 RSI: 0000000000000082 RDI: ffffffffa9c36b5c
[ 5.916780] RBP: ffff8ffc4779c2c0 R08: 0000000000000001 R09: ffffffffa9c3c300
[ 5.916781] R10: 0000000000000151 R11: ffffffffa9c36b60 R12: ffff8ffe39084000
[ 5.916782] R13: ffffffffa8cf7950 R14: ffffffffa8d12cb0 R15: ffff8ffe39320140
[ 5.916784] FS: 0000000000000000(0000) GS:ffff8ffe3bc00000(0000) knlGS:0000000000000000
[ 5.916785] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 5.916786] CR2: 00007ffef5749408 CR3: 00000002f4f5e000 CR4: 0000000000340ea0
[ 5.916787] Call Trace:
[ 5.916788] <IRQ>
[ 5.916790] __cfi_check+0x3ab58/0x450e0
[ 5.916793] ? dev_hard_start_xmit+0x11f/0x160
[ 5.916795] ? sch_direct_xmit+0xf2/0x230
[ 5.916796] ? __dev_queue_xmit.llvm.11471227737707190958+0x69d/0x8e0
[ 5.916797] ? neigh_resolve_output+0xdf/0x220
[ 5.916799] ? neigh_connected_output.cfi_jt+0x8/0x8
[ 5.916801] ? ip6_finish_output2+0x398/0x4c0
[ 5.916803] ? nf_nat_ipv6_out+0x10/0xa0
[ 5.916804] ? nf_hook_slow+0x84/0x100
[ 5.916807] ? ip6_input_finish+0x8/0x8
[ 5.916807] ? ip6_output+0x6f/0x110
[ 5.916808] ? __ip6_local_out.cfi_jt+0x8/0x8
[ 5.916810] ? mld_sendpack+0x28e/0x330
[ 5.916811] ? ip_rt_bug+0x8/0x8
[ 5.916813] ? mld_ifc_timer_expire+0x2db/0x400
[ 5.916814] ? neigh_proxy_process+0x8/0x8
[ 5.916816] ? call_timer_fn+0x3d/0xd0
[ 5.916817] ? __run_timers+0x2a9/0x300
[ 5.916819] ? rcu_core_si+0x8/0x8
[ 5.916820] ? run_timer_softirq+0x14/0x30
[ 5.916821] ? __do_softirq+0x154/0x262
[ 5.916822] ? native_x2apic_icr_write+0x8/0x8
[ 5.916824] ? irq_exit+0xba/0xc0
[ 5.916825] ? hv_stimer0_vector_handler+0x99/0xe0
[ 5.916826] ? hv_stimer0_callback_vector+0xf/0x20
[ 5.916826] </IRQ>
[ 5.916828] ? hv_stimer_global_cleanup.cfi_jt+0x8/0x8
[ 5.916829] ? raw_setsockopt+0x8/0x8
[ 5.916830] ? default_idle+0xe/0x10
[ 5.916832] ? do_idle.llvm.10446269078108580492+0xb7/0x130
[ 5.916833] ? raw_setsockopt+0x8/0x8
[ 5.916833] ? cpu_startup_entry+0x15/0x20
[ 5.916835] ? cpu_hotplug_enable.cfi_jt+0x8/0x8
[ 5.916836] ? start_secondary+0x188/0x190
[ 5.916837] ? secondary_startup_64+0xa5/0xb0
[ 5.916838] ---[ end trace f2683fa869597ba5 ]---
Avoid this by using the right return type for netvsc_start_xmit.
Fixes: fceaf24a943d8 ("Staging: hv: add the Hyper-V virtual network driver")
Link: https://github.com/ClangBuiltLinux/linux/issues/1009
Signed-off-by: Nathan Chancellor <natechancellor@gmail.com>
Reviewed-by: Haiyang Zhang <haiyangz@microsoft.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
drivers/net/hyperv/netvsc_drv.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/net/hyperv/netvsc_drv.c b/drivers/net/hyperv/netvsc_drv.c
index 2c0a24c606fc7..28a5d46ad5266 100644
--- a/drivers/net/hyperv/netvsc_drv.c
+++ b/drivers/net/hyperv/netvsc_drv.c
@@ -710,7 +710,8 @@ static int netvsc_xmit(struct sk_buff *skb, struct net_device *net, bool xdp_tx)
goto drop;
}
-static int netvsc_start_xmit(struct sk_buff *skb, struct net_device *ndev)
+static netdev_tx_t netvsc_start_xmit(struct sk_buff *skb,
+ struct net_device *ndev)
{
return netvsc_xmit(skb, ndev, false);
}
--
2.20.1
next prev parent reply other threads:[~2020-05-14 19:10 UTC|newest]
Thread overview: 66+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-14 18:50 [PATCH AUTOSEL 5.6 01/62] kbuild: avoid concurrency issue in parallel building dtbs and dtbs_check Sasha Levin
2020-05-14 18:50 ` [PATCH AUTOSEL 5.6 02/62] net: drop_monitor: use IS_REACHABLE() to guard net_dm_hw_report() Sasha Levin
2020-05-14 18:50 ` [PATCH AUTOSEL 5.6 03/62] Makefile: disallow data races on gcc-10 as well Sasha Levin
2020-05-14 18:50 ` [PATCH AUTOSEL 5.6 04/62] gcc-common.h: Update for GCC 10 Sasha Levin
2020-05-14 18:50 ` [PATCH AUTOSEL 5.6 05/62] HID: multitouch: add eGalaxTouch P80H84 support Sasha Levin
2020-05-14 18:50 ` [PATCH AUTOSEL 5.6 06/62] HID: logitech: Add support for Logitech G11 extra keys Sasha Levin
2020-05-14 18:50 ` [PATCH AUTOSEL 5.6 07/62] HID: alps: Add AUI1657 device ID Sasha Levin
2020-05-14 18:50 ` [PATCH AUTOSEL 5.6 08/62] HID: alps: ALPS_1657 is too specific; use U1_UNICORN_LEGACY instead Sasha Levin
2020-05-14 18:50 ` [PATCH AUTOSEL 5.6 09/62] phy: tegra: Select USB_COMMON for usb_get_maximum_speed() Sasha Levin
2020-05-14 18:50 ` [PATCH AUTOSEL 5.6 10/62] scsi: qla2xxx: Fix hang when issuing nvme disconnect-all in NPIV Sasha Levin
2020-05-14 18:50 ` [PATCH AUTOSEL 5.6 11/62] scsi: qla2xxx: Delete all sessions before unregister local nvme port Sasha Levin
2020-05-14 18:50 ` [PATCH AUTOSEL 5.6 12/62] configfs: fix config_item refcnt leak in configfs_rmdir() Sasha Levin
2020-05-14 18:50 ` [PATCH AUTOSEL 5.6 13/62] vhost/vsock: fix packet delivery order to monitoring devices Sasha Levin
2020-05-14 18:50 ` [PATCH AUTOSEL 5.6 14/62] aquantia: Fix the media type of AQC100 ethernet controller in the driver Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 15/62] net/sonic: Fix a resource leak in an error handling path in 'jazz_sonic_probe()' Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 16/62] most: core: use function subsys_initcall() Sasha Levin
2020-05-15 6:59 ` Greg Kroah-Hartman
2020-05-21 0:24 ` Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 17/62] component: Silence bind error on -EPROBE_DEFER Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 18/62] net/ena: Fix build warning in ena_xdp_set() Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 19/62] scsi: ibmvscsi: Fix WARN_ON during event pool release Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 20/62] HID: i2c-hid: reset Synaptics SYNA2393 on resume Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 21/62] ibmvnic: Skip fatal error reset after passive init Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 22/62] soc: qcom: ipa: IPA endpoints Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 23/62] net: ipa: fix a bug in ipa_endpoint_stop() Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 24/62] net: moxa: Fix a potential double 'free_irq()' Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 25/62] ftrace/selftests: workaround cgroup RT scheduling issues Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 26/62] ftrace/selftest: make unresolved cases cause failure if --fail-unresolved set Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 27/62] selftests: fix kvm relocatable native/cross builds and installs Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 28/62] x86/apic: Move TSC deadline timer debug printk Sasha Levin
2020-05-14 18:51 ` Sasha Levin [this message]
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 30/62] net: Make PTP-specific drivers depend on PTP_1588_CLOCK Sasha Levin
2020-05-14 21:40 ` Arnd Bergmann
2020-05-15 12:07 ` Grygorii Strashko
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 31/62] gtp: set NLM_F_MULTI flag in gtp_genl_dump_pdp() Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 32/62] virtio-blk: handle block_device_operations callbacks after hot unplug Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 33/62] HID: quirks: Add HID_QUIRK_NO_INIT_REPORTS quirk for Dell K12A keyboard-dock Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 34/62] sun6i: dsi: fix gcc-4.8 Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 35/62] ceph: fix double unlock in handle_cap_export() Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 36/62] stmmac: fix pointer check after utilization in stmmac_interrupt Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 37/62] net: stmmac: gmac5+: fix potential integer overflow on 32 bit multiply Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 38/62] USB: core: Fix misleading driver bug report Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 39/62] platform/x86: asus-nb-wmi: Do not load on Asus T100TA and T200TA Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 40/62] iommu/amd: Fix race in increase_address_space()/fetch_pte() Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 41/62] iommu/amd: Do not loop forever when trying to increase address space Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 42/62] iommu/amd: Call domain_flush_complete() in update_domain() Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 43/62] iommu/amd: Update Device Table in increase_address_space() Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 44/62] drm/amd/display: Update DCN2.1 DV Code Revision Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 45/62] drm/amd/display: fix counter in wait_for_no_pipes_pending Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 46/62] drm/amd/display: Prevent dpcd reads with passive dongles Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 47/62] KVM: selftests: Fix build for evmcs.h Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 48/62] ARM: futex: Address build warning Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 49/62] net: dsa: ocelot: the MAC table on Felix is twice as large Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 50/62] net: mscc: ocelot: ANA_AUTOAGE_AGE_PERIOD holds a value in seconds, not ms Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 51/62] wireguard: selftests: initalize ipv6 members to NULL to squelch clang warning Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 52/62] tools/bootconfig: Fix resource leak in apply_xbc() Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 53/62] scripts/gdb: repair rb_first() and rb_last() Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 54/62] Stop the ad-hoc games with -Wno-maybe-initialized Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 55/62] gcc-10: disable 'zero-length-bounds' warning for now Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 56/62] gcc-10: disable 'array-bounds' " Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 57/62] gcc-10: disable 'stringop-overflow' " Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 58/62] gcc-10: disable 'restrict' " Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 59/62] gcc-10: mark more functions __init to avoid section mismatch warnings Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 60/62] crypto: lrw - simplify error handling in create() Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 61/62] crypto: xts - simplify error handling in ->create() Sasha Levin
2020-05-14 18:51 ` [PATCH AUTOSEL 5.6 62/62] gcc-10: avoid shadowing standard library 'free()' in crypto Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200514185147.19716-29-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=clang-built-linux@googlegroups.com \
--cc=davem@davemloft.net \
--cc=haiyangz@microsoft.com \
--cc=linux-hyperv@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=natechancellor@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).