| Message ID | 20230728155207.10042-1-aleksander.lobakin@intel.com |
|---|---|
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a59:918b:0:b0:3e4:2afc:c1 with SMTP id s11csp540412vqg;
Fri, 28 Jul 2023 09:12:30 -0700 (PDT)
X-Google-Smtp-Source:
APBJJlGcs7k9ZDFmK5pWWn9bBzbix/nG++Q6wAPyBnqcKGoE/F/VC2AnP2DHbdR5ld2cHsf4RPyq
X-Received: by 2002:a2e:9050:0:b0:2b9:bf49:901b with SMTP id
n16-20020a2e9050000000b002b9bf49901bmr2149927ljg.6.1690560749758;
Fri, 28 Jul 2023 09:12:29 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1690560749; cv=none;
d=google.com; s=arc-20160816;
b=kgC1xTU+311+vvCb8B8IcqDZisONPBwyiU9st+YvUgmp1X3NXXAOBrox/865DvDCDw
llvmO6uoXs69JdANPDWV/wmpQtiP4JRQrd7czjvFXNtI3D2bEew1UMz2ipw3OxbMayHs
hfX7wODoVJoBC02xFNFIMLnWBNR8pUus2i6Yi4xDYpIia7VsfVqFxHdtDB6u2mETp5EM
7Gqi5HHjz5NqtgjzZ4LrofdZOhqzc+BhB92J8SucC0Kz5YVq7r66zrhYLdLHAd1YjB6v
OiF+lLkmKColjcIzbF6eK9wMpVXIoSapcdcVYh8fx82v5zluNwSml0GTQJiYb/ypX0aC
T9jA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:message-id:date:subject:cc:to:from:dkim-signature;
bh=YnpGBMVHXhcbRsFN6lzwlv5jrI6AI3qSp0TDtK/COy0=;
fh=/1N7BRYbU2hkv7JAXTNCzxKvBRGP2uRHvjUmf4WteXo=;
b=ah6uLjhGOlMaOAj/k1u7XbkPSaRbcwZ4N8yGus9iTfjM80EMYOyON4CtQiNCOtnZ1Y
fxrZtCP8zxPnXlMFR7QbzznNP55CfPtFZNflfoip7Or7QzRqxE7cdan8/Vs9nFDbKy+t
qXivbu2fa5R8GQdph0X6CplyqQUuWg13362GnUN+5k6ZjNDHrenEpCltPP1FmzqTYeVp
2fdDqw9Au4BtIm3chpYyuCFoSL72aDBL5+f4Sq7JWcuxIWc08V9ndCtjwiCMlTzchK/R
3dTqItbUdi4B8sZRHovRlzbmV1fo+Odtqt8WLUfUXR3lU2W9STu9Zy/9h8JrrvVg63vm
K+XQ==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@intel.com header.s=Intel header.b="gVFBZB/X";
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
xo24-20020a170907bb9800b0099316721725si2914196ejc.1044.2023.07.28.09.11.58;
Fri, 28 Jul 2023 09:12:29 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
dkim=pass header.i=@intel.com header.s=Intel header.b="gVFBZB/X";
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S235875AbjG1Pxk (ORCPT <rfc822;hanasaki@gmail.com> + 99 others);
Fri, 28 Jul 2023 11:53:40 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40850 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S234437AbjG1Pxg (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Fri, 28 Jul 2023 11:53:36 -0400
Received: from mgamail.intel.com (unknown [134.134.136.65])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 54D17F2;
Fri, 28 Jul 2023 08:53:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
t=1690559615; x=1722095615;
h=from:to:cc:subject:date:message-id:mime-version:
content-transfer-encoding;
bh=oQf/S1ueoDews0oxh0qBtYpU3yruH6wicxcwWAyEZqk=;
b=gVFBZB/X8H1uLZyvAUHfGo6g8D13bqlScUwaMXO0mp1na1vAcC8mbaPO
BNBcZtTVE1+lSkWHwQ/di/Zb9q8aT6LG/8UIC1NT55Yi5EUDPmkKJ6kkd
9yZorTFHaRXxsArLVYdIS6Rozm/kGE+TdWSanzKubcj0+XUGKEY0iGlLl
9pAMMgc2AzFLfBcuB4bqFGRFGjyVKJTYQEl4pK05UHIYnOsYXkOq/9vR9
h/u7EtQ2ZJSsBvu7DlkRRhx0QCTdGn1xCkisLUWdBT5/L3zZKMf45QW9d
mH3gfCEH7eZWvQ/OczCromcW0ooPrqiw2Ch4lz0Oilwf9L7cvdEFwS3rp
w==;
X-IronPort-AV: E=McAfee;i="6600,9927,10784"; a="372246655"
X-IronPort-AV: E=Sophos;i="6.01,237,1684825200";
d="scan'208";a="372246655"
Received: from orsmga002.jf.intel.com ([10.7.209.21])
by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
28 Jul 2023 08:53:34 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10784"; a="727512158"
X-IronPort-AV: E=Sophos;i="6.01,237,1684825200";
d="scan'208";a="727512158"
Received: from newjersey.igk.intel.com ([10.102.20.203])
by orsmga002.jf.intel.com with ESMTP; 28 Jul 2023 08:53:31 -0700
From: Alexander Lobakin <aleksander.lobakin@intel.com>
To: "David S. Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Jakub Kicinski <kuba@kernel.org>,
Paolo Abeni <pabeni@redhat.com>
Cc: Alexander Lobakin <aleksander.lobakin@intel.com>,
Larysa Zaremba <larysa.zaremba@intel.com>,
Andy Shevchenko <andriy.shevchenko@linux.intel.com>,
"Gustavo A. R. Silva" <gustavoars@kernel.org>,
Kees Cook <keescook@chromium.org>, netdev@vger.kernel.org,
linux-hardening@vger.kernel.org, intel-wired-lan@lists.osuosl.org,
linux-kernel@vger.kernel.org
Subject: [PATCH net-next 0/3] virtchnl: fix fake 1-elem arrays
Date: Fri, 28 Jul 2023 17:52:04 +0200
Message-ID: <20230728155207.10042-1-aleksander.lobakin@intel.com>
X-Mailer: git-send-email 2.41.0
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,
SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED
autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1772681428860514411
X-GMAIL-MSGID: 1772681428860514411
|
| Series |
virtchnl: fix fake 1-elem arrays
|
|
Message
Alexander Lobakin
July 28, 2023, 3:52 p.m. UTC
6.5-rc1 started spitting warning splats when composing virtchnl
messages, precisely on virtchnl_rss_key and virtchnl_lut:
[ 84.167709] memcpy: detected field-spanning write (size 52) of single
field "vrk->key" at drivers/net/ethernet/intel/iavf/iavf_virtchnl.c:1095
(size 1)
[ 84.169915] WARNING: CPU: 3 PID: 11 at drivers/net/ethernet/intel/
iavf/iavf_virtchnl.c:1095 iavf_set_rss_key+0x123/0x140 [iavf]
...
[ 84.191982] Call Trace:
[ 84.192439] <TASK>
[ 84.192900] ? __warn+0xc9/0x1a0
[ 84.193353] ? iavf_set_rss_key+0x123/0x140 [iavf]
[ 84.193818] ? report_bug+0x12c/0x1b0
[ 84.194266] ? handle_bug+0x42/0x70
[ 84.194714] ? exc_invalid_op+0x1a/0x50
[ 84.195149] ? asm_exc_invalid_op+0x1a/0x20
[ 84.195592] ? iavf_set_rss_key+0x123/0x140 [iavf]
[ 84.196033] iavf_watchdog_task+0xb0c/0xe00 [iavf]
...
[ 84.225476] memcpy: detected field-spanning write (size 64) of single
field "vrl->lut" at drivers/net/ethernet/intel/iavf/iavf_virtchnl.c:1127
(size 1)
[ 84.227190] WARNING: CPU: 27 PID: 1044 at drivers/net/ethernet/intel/
iavf/iavf_virtchnl.c:1127 iavf_set_rss_lut+0x123/0x140 [iavf]
...
[ 84.246601] Call Trace:
[ 84.247228] <TASK>
[ 84.247840] ? __warn+0xc9/0x1a0
[ 84.248263] ? iavf_set_rss_lut+0x123/0x140 [iavf]
[ 84.248698] ? report_bug+0x12c/0x1b0
[ 84.249122] ? handle_bug+0x42/0x70
[ 84.249549] ? exc_invalid_op+0x1a/0x50
[ 84.249970] ? asm_exc_invalid_op+0x1a/0x20
[ 84.250390] ? iavf_set_rss_lut+0x123/0x140 [iavf]
[ 84.250820] iavf_watchdog_task+0xb16/0xe00 [iavf]
Gustavo already tried to fix those back in 2021[0][1]. Unfortunately,
a VM can run a different kernel than the host, meaning that those
structures are sorta ABI.
However, it is possible to have proper flex arrays + struct_size()
calculations and still send the very same messages with the same sizes.
The common rule is:
elem[1] -> elem[]
size = struct_size() + <difference between the old and the new msg size>
The "old" size in the current code is calculated 3 different ways for
10 virtchnl structures total. Each commit addresses one of the ways
cumulatively instead of per-structure.
I was planning to send it to -net initially, but given that virtchnl was
renamed from i40evf and got some fat style cleanup commits in the past,
it's not very straightforward to even pick appropriate SHAs, not
speaking of automatic portability. I may send manual backports for
a couple of the latest supported kernels later on if anyone needs it
at all.
[0] https://lore.kernel.org/all/20210525230912.GA175802@embeddedor
[1] https://lore.kernel.org/all/20210525231851.GA176647@embeddedor
Alexander Lobakin (3):
virtchnl: fix fake 1-elem arrays in structs allocated as `nents + 1` -
1
virtchnl: fix fake 1-elem arrays in structures allocated as `nents +
1`
virtchnl: fix fake 1-elem arrays for structures allocated as `nents`
.../ethernet/intel/i40e/i40e_virtchnl_pf.c | 9 +-
drivers/net/ethernet/intel/iavf/iavf.h | 6 +-
drivers/net/ethernet/intel/iavf/iavf_client.c | 4 +-
drivers/net/ethernet/intel/iavf/iavf_client.h | 2 +-
.../net/ethernet/intel/iavf/iavf_virtchnl.c | 75 +++++------
drivers/net/ethernet/intel/ice/ice_virtchnl.c | 2 +-
include/linux/avf/virtchnl.h | 127 +++++++++++-------
7 files changed, 124 insertions(+), 101 deletions(-)
Comments
From: Alexander Lobakin <aleksander.lobakin@intel.com> Date: Fri, 28 Jul 2023 17:52:04 +0200 > 6.5-rc1 started spitting warning splats when composing virtchnl > messages, precisely on virtchnl_rss_key and virtchnl_lut: > > [ 84.167709] memcpy: detected field-spanning write (size 52) of single > field "vrk->key" at drivers/net/ethernet/intel/iavf/iavf_virtchnl.c:1095 > (size 1) > [ 84.169915] WARNING: CPU: 3 PID: 11 at drivers/net/ethernet/intel/ > iavf/iavf_virtchnl.c:1095 iavf_set_rss_key+0x123/0x140 [iavf] (tender ping :D) Thanks, Olek
From: Alexander Lobakin <aleksander.lobakin@intel.com> Date: Fri, 28 Jul 2023 17:52:04 +0200 > 6.5-rc1 started spitting warning splats when composing virtchnl > messages, precisely on virtchnl_rss_key and virtchnl_lut: > > [ 84.167709] memcpy: detected field-spanning write (size 52) of single > field "vrk->key" at drivers/net/ethernet/intel/iavf/iavf_virtchnl.c:1095 > (size 1) > [ 84.169915] WARNING: CPU: 3 PID: 11 at drivers/net/ethernet/intel/ > iavf/iavf_virtchnl.c:1095 iavf_set_rss_key+0x123/0x140 [iavf] [...] > .../ethernet/intel/i40e/i40e_virtchnl_pf.c | 9 +- > drivers/net/ethernet/intel/iavf/iavf.h | 6 +- > drivers/net/ethernet/intel/iavf/iavf_client.c | 4 +- > drivers/net/ethernet/intel/iavf/iavf_client.h | 2 +- > .../net/ethernet/intel/iavf/iavf_virtchnl.c | 75 +++++------ > drivers/net/ethernet/intel/ice/ice_virtchnl.c | 2 +- > include/linux/avf/virtchnl.h | 127 +++++++++++------- > 7 files changed, 124 insertions(+), 101 deletions(-) > Tony, could you please take it via your next tree? I'd like the validation to make sure more different host <-> guest pairs work. (with Kees' tags, assuming he reviewed and approved the whole series, I asked about #2 already) Thanks, Olek
On 8/4/2023 9:38 AM, Alexander Lobakin wrote: > From: Alexander Lobakin <aleksander.lobakin@intel.com> > Date: Fri, 28 Jul 2023 17:52:04 +0200 > >> 6.5-rc1 started spitting warning splats when composing virtchnl >> messages, precisely on virtchnl_rss_key and virtchnl_lut: >> >> [ 84.167709] memcpy: detected field-spanning write (size 52) of single >> field "vrk->key" at drivers/net/ethernet/intel/iavf/iavf_virtchnl.c:1095 >> (size 1) >> [ 84.169915] WARNING: CPU: 3 PID: 11 at drivers/net/ethernet/intel/ >> iavf/iavf_virtchnl.c:1095 iavf_set_rss_key+0x123/0x140 [iavf] > > [...] > >> .../ethernet/intel/i40e/i40e_virtchnl_pf.c | 9 +- >> drivers/net/ethernet/intel/iavf/iavf.h | 6 +- >> drivers/net/ethernet/intel/iavf/iavf_client.c | 4 +- >> drivers/net/ethernet/intel/iavf/iavf_client.h | 2 +- >> .../net/ethernet/intel/iavf/iavf_virtchnl.c | 75 +++++------ >> drivers/net/ethernet/intel/ice/ice_virtchnl.c | 2 +- >> include/linux/avf/virtchnl.h | 127 +++++++++++------- >> 7 files changed, 124 insertions(+), 101 deletions(-) >> > > Tony, could you please take it via your next tree? I'd like the > validation to make sure more different host <-> guest pairs work. > > (with Kees' tags, assuming he reviewed and approved the whole series, I > asked about #2 already) > > Thanks, > Olek Ok, will apply it today. For the future if you want it through IWL, can you tag it with the iwl-* target (and have IWL in the To)? Since this had 'net-next' and was 'To' netdev maintainers, I took it that you wanted it taken through netdev. Thanks, Tony
From: Tony Nguyen <anthony.l.nguyen@intel.com> Date: Fri, 4 Aug 2023 11:07:14 -0700 > On 8/4/2023 9:38 AM, Alexander Lobakin wrote: >> From: Alexander Lobakin <aleksander.lobakin@intel.com> >> Date: Fri, 28 Jul 2023 17:52:04 +0200 >> >>> 6.5-rc1 started spitting warning splats when composing virtchnl >>> messages, precisely on virtchnl_rss_key and virtchnl_lut: >>> >>> [ 84.167709] memcpy: detected field-spanning write (size 52) of single >>> field "vrk->key" at drivers/net/ethernet/intel/iavf/iavf_virtchnl.c:1095 >>> (size 1) >>> [ 84.169915] WARNING: CPU: 3 PID: 11 at drivers/net/ethernet/intel/ >>> iavf/iavf_virtchnl.c:1095 iavf_set_rss_key+0x123/0x140 [iavf] >> >> [...] >> >>> .../ethernet/intel/i40e/i40e_virtchnl_pf.c | 9 +- >>> drivers/net/ethernet/intel/iavf/iavf.h | 6 +- >>> drivers/net/ethernet/intel/iavf/iavf_client.c | 4 +- >>> drivers/net/ethernet/intel/iavf/iavf_client.h | 2 +- >>> .../net/ethernet/intel/iavf/iavf_virtchnl.c | 75 +++++------ >>> drivers/net/ethernet/intel/ice/ice_virtchnl.c | 2 +- >>> include/linux/avf/virtchnl.h | 127 +++++++++++------- >>> 7 files changed, 124 insertions(+), 101 deletions(-) >>> >> >> Tony, could you please take it via your next tree? I'd like the >> validation to make sure more different host <-> guest pairs work. >> >> (with Kees' tags, assuming he reviewed and approved the whole series, I >> asked about #2 already) >> >> Thanks, >> Olek > > Ok, will apply it today. For the future if you want it through IWL, can Great, thanks! > you tag it with the iwl-* target (and have IWL in the To)? Since this > had 'net-next' and was 'To' netdev maintainers, I took it that you > wanted it taken through netdev. Sure, I know, just for some reason targeted this directly to net at first, but then realized it would be better for this to go via IWL :clownface: > > Thanks, > Tony Thanks, Olek