| Message ID | 20201207011415.463-1-ruc_zhangxiaohui@163.com (mailing list archive) |
|---|---|
| State | Awaiting Upstream |
| Delegated to: | Netdev Maintainers |
| Headers | show |
| Series | [1/1] ice: fix array overflow on receiving too many fragments for a packet | expand |
| Context | Check | Description |
|---|---|---|
| netdev/cover_letter | success | Link |
| netdev/fixes_present | success | Link |
| netdev/patch_count | success | Link |
| netdev/tree_selection | success | Guessed tree name to be net-next |
| netdev/subject_prefix | warning | Target tree name not specified in the subject |
| netdev/source_inline | success | Was 0 now: 0 |
| netdev/verify_signedoff | success | Link |
| netdev/module_param | success | Was 0 now: 0 |
| netdev/build_32bit | fail | Errors and warnings before: 0 this patch: 4 |
| netdev/kdoc | success | Errors and warnings before: 0 this patch: 0 |
| netdev/verify_fixes | success | Link |
| netdev/checkpatch | warning | CHECK: Alignment should match open parenthesis |
| netdev/build_allmodconfig_warn | fail | Errors and warnings before: 0 this patch: 5 |
| netdev/header_inline | success | Link |
| netdev/stable | success | Stable not CCed |
Hi Xiaohui,
Thank you for the patch! Perhaps something to improve:
[auto build test WARNING on tnguy-next-queue/dev-queue]
[also build test WARNING on v5.10-rc7 next-20201204]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/0day-ci/linux/commits/Xiaohui-Zhang/ice-fix-array-overflow-on-receiving-too-many-fragments-for-a-packet/20201207-141033
base: https://git.kernel.org/pub/scm/linux/kernel/git/tnguy/next-queue.git dev-queue
config: riscv-allyesconfig (attached as .config)
compiler: riscv64-linux-gcc (GCC) 9.3.0
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://github.com/0day-ci/linux/commit/b3906f69dcad641195cbf1ce9af3e9105a6f72e1
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Xiaohui-Zhang/ice-fix-array-overflow-on-receiving-too-many-fragments-for-a-packet/20201207-141033
git checkout b3906f69dcad641195cbf1ce9af3e9105a6f72e1
# save the attached .config to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-9.3.0 make.cross ARCH=riscv
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
All warnings (new ones prefixed by >>):
In file included from include/vdso/processor.h:10,
from arch/riscv/include/asm/processor.h:11,
from include/linux/prefetch.h:15,
from drivers/net/ethernet/intel/ice/ice_txrx.c:6:
arch/riscv/include/asm/vdso/processor.h: In function 'cpu_relax':
arch/riscv/include/asm/vdso/processor.h:14:2: error: implicit declaration of function 'barrier' [-Werror=implicit-function-declaration]
14 | barrier();
| ^~~~~~~
drivers/net/ethernet/intel/ice/ice_txrx.c: In function 'ice_add_rx_frag':
>> drivers/net/ethernet/intel/ice/ice_txrx.c:828:2: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement]
828 | struct skb_shared_info *shinfo = skb_shinfo(skb);
| ^~~~~~
>> drivers/net/ethernet/intel/ice/ice_txrx.c:831:24: warning: passing argument 2 of 'skb_add_rx_frag' makes integer from pointer without a cast [-Wint-conversion]
831 | skb_add_rx_frag(skb, shinfo, rx_buf->page,
| ^~~~~~
| |
| struct skb_shared_info *
In file included from include/net/net_namespace.h:39,
from include/linux/netdevice.h:37,
from include/trace/events/xdp.h:8,
from include/linux/bpf_trace.h:5,
from drivers/net/ethernet/intel/ice/ice_txrx.c:8:
include/linux/skbuff.h:2187:47: note: expected 'int' but argument is of type 'struct skb_shared_info *'
2187 | void skb_add_rx_frag(struct sk_buff *skb, int i, struct page *page, int off,
| ~~~~^
cc1: some warnings being treated as errors
vim +828 drivers/net/ethernet/intel/ice/ice_txrx.c
825
826 if (!size)
827 return;
> 828 struct skb_shared_info *shinfo = skb_shinfo(skb);
829
830 if (shinfo->nr_frags < ARRAY_SIZE(shinfo->frags)) {
> 831 skb_add_rx_frag(skb, shinfo, rx_buf->page,
832 rx_buf->page_offset, size, truesize);
833 }
834
835 /* page is being used so we must update the page offset */
836 ice_rx_buf_adjust_pg_offset(rx_buf, truesize);
837 }
838
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
diff --git a/drivers/net/ethernet/intel/ice/ice_txrx.c b/drivers/net/ethernet/intel/ice/ice_txrx.c index eae75260f..f0f034fa5 100644 --- a/drivers/net/ethernet/intel/ice/ice_txrx.c +++ b/drivers/net/ethernet/intel/ice/ice_txrx.c @@ -823,8 +823,12 @@ ice_add_rx_frag(struct ice_ring *rx_ring, struct ice_rx_buf *rx_buf, if (!size) return; - skb_add_rx_frag(skb, skb_shinfo(skb)->nr_frags, rx_buf->page, + struct skb_shared_info *shinfo = skb_shinfo(skb); + + if (shinfo->nr_frags < ARRAY_SIZE(shinfo->frags)) { + skb_add_rx_frag(skb, shinfo, rx_buf->page, rx_buf->page_offset, size, truesize); + } /* page is being used so we must update the page offset */ ice_rx_buf_adjust_pg_offset(rx_buf, truesize);