From patchwork Wed Nov 2 16:32:50 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nathan Chancellor X-Patchwork-Id: 13028600 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 71AE9C4332F for ; Wed, 2 Nov 2022 16:38:22 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231755AbiKBQiT (ORCPT ); Wed, 2 Nov 2022 12:38:19 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34038 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231721AbiKBQh4 (ORCPT ); Wed, 2 Nov 2022 12:37:56 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9F0C431DE1; Wed, 2 Nov 2022 09:33:01 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id EDA8761A56; Wed, 2 Nov 2022 16:33:00 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 6C573C433C1; Wed, 2 Nov 2022 16:32:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1667406780; bh=X6xqT5Q+gVJ0fSUPZGCRiXKotwL6OxS8B+0WmVkabE4=; h=From:To:Cc:Subject:Date:From; b=OVWh4pJER+b69tT/lzefyIZrWEZ5hg0SPIMfoJWLTsR9bJbMocFw4sqplf61P4ZTG o0V14tacLjtPAz4u8ic5H5OYNRr6xxm9P20i1jPDXC+ksocQi2J3QBCWd4sDxKgBg0 VSJdSVkI3PdRgsbebmf06LtHYSYZp5+9xrZZv9Jzyp3gl9erOAQeAWCQmZlSBsqREX /8nR88FXpSezKRBWnpTKSweTw9QSu8EbYBP2a8ECv/uS6eBr74jBY+kk0ttipIKWWH QJU/7XSrni5lMQ0YbkB2WKjJqEEBbkX+xnETcMD/8JXHgKGEXUt0OhU0rYuTyMPWy5 308C7CV67PCgA== From: Nathan Chancellor To: Alexandra Winter , Wenjia Zhang Cc: Heiko Carstens , Vasily Gorbik , Alexander Gordeev , Christian Borntraeger , Sven Schnelle , linux-s390@vger.kernel.org, netdev@vger.kernel.org, Nick Desaulniers , Tom Rix , Kees Cook , Sami Tolvanen , llvm@lists.linux.dev, linux-kernel@vger.kernel.org, patches@lists.linux.dev, Nathan Chancellor Subject: [PATCH 1/3] s390/ctcm: Fix return type of ctc{mp,}m_tx() Date: Wed, 2 Nov 2022 09:32:50 -0700 Message-Id: <20221102163252.49175-1-nathan@kernel.org> X-Mailer: git-send-email 2.38.1 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function pointer prototype to make sure the call target is valid to help mitigate ROP attacks. If they are not identical, there is a failure at run time, which manifests as either a kernel panic or thread getting killed. A proposed warning in clang aims to catch these at compile time, which reveals: drivers/s390/net/ctcm_main.c:1064:21: error: incompatible function pointer types initializing 'netdev_tx_t (*)(struct sk_buff *, struct net_device *)' (aka 'enum netdev_tx (*)(struct sk_buff *, struct net_device *)') with an expression of type 'int (struct sk_buff *, struct net_device *)' [-Werror,-Wincompatible-function-pointer-types-strict] .ndo_start_xmit = ctcm_tx, ^~~~~~~ drivers/s390/net/ctcm_main.c:1072:21: error: incompatible function pointer types initializing 'netdev_tx_t (*)(struct sk_buff *, struct net_device *)' (aka 'enum netdev_tx (*)(struct sk_buff *, struct net_device *)') with an expression of type 'int (struct sk_buff *, struct net_device *)' [-Werror,-Wincompatible-function-pointer-types-strict] .ndo_start_xmit = ctcmpc_tx, ^~~~~~~~~ ->ndo_start_xmit() in 'struct net_device_ops' expects a return type of 'netdev_tx_t', not 'int'. Adjust the return type of ctc{mp,}m_tx() to match the prototype's to resolve the warning and potential CFI failure, should s390 select ARCH_SUPPORTS_CFI_CLANG in the future. Link: https://github.com/ClangBuiltLinux/linux/issues/1750 Signed-off-by: Nathan Chancellor Reviewed-by: Kees Cook Reviewed-by: Alexandra Winter --- drivers/s390/net/ctcm_main.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) base-commit: 9abf2313adc1ca1b6180c508c25f22f9395cc780 diff --git a/drivers/s390/net/ctcm_main.c b/drivers/s390/net/ctcm_main.c index 37b551bd43bf..4eea7d0285c1 100644 --- a/drivers/s390/net/ctcm_main.c +++ b/drivers/s390/net/ctcm_main.c @@ -834,7 +834,7 @@ static int ctcmpc_transmit_skb(struct channel *ch, struct sk_buff *skb) * the generic network layer. */ /* first merge version - leaving both functions separated */ -static int ctcm_tx(struct sk_buff *skb, struct net_device *dev) +static netdev_tx_t ctcm_tx(struct sk_buff *skb, struct net_device *dev) { struct ctcm_priv *priv = dev->ml_priv; @@ -877,7 +877,7 @@ static int ctcm_tx(struct sk_buff *skb, struct net_device *dev) } /* unmerged MPC variant of ctcm_tx */ -static int ctcmpc_tx(struct sk_buff *skb, struct net_device *dev) +static netdev_tx_t ctcmpc_tx(struct sk_buff *skb, struct net_device *dev) { int len = 0; struct ctcm_priv *priv = dev->ml_priv; From patchwork Wed Nov 2 16:32:51 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nathan Chancellor X-Patchwork-Id: 13028602 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id BF8E4C433FE for ; Wed, 2 Nov 2022 16:39:04 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231895AbiKBQjB (ORCPT ); Wed, 2 Nov 2022 12:39:01 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59702 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231171AbiKBQi2 (ORCPT ); Wed, 2 Nov 2022 12:38:28 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BED5A12754; Wed, 2 Nov 2022 09:33:28 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 46DD9B821A5; Wed, 2 Nov 2022 16:33:09 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 0FB74C433D7; Wed, 2 Nov 2022 16:33:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1667406788; bh=50kQ6owO8SzQI6+G9QUfCAtJgqi3aZcY8S6jn9Ofr0o=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=nSttuC6KSjo+IQVF76/jjjClrLvoQHgT+PX1bOq4XwGjMOLako3E74Y2OSytwTTSu ki4QDY5vd5dJrtfQDQPSIhhWAiGQNkcD6HE6ND65niRNelLkNP7x9ejmzInvlf7yuK OJCqp50qW8GUhayJIm6OAbrED/7R22a82WaEjwNrEhmwvj/spvEe6bVe/9zkBevvuW EH2BoR05PAMP263XSTMGAeJFooshLEJC1ZyVPkigcT36bJf2hnGoxGWlmSRR3ktzwo 9ZQyyrQO9HSVANaqo/8UFuYBEG/hCgrF9siFoiGiYftf8WBSNOCuQaESpTWtJqoY9A YHdQhDqyGiCnQ== From: Nathan Chancellor To: Alexandra Winter , Wenjia Zhang Cc: Heiko Carstens , Vasily Gorbik , Alexander Gordeev , Christian Borntraeger , Sven Schnelle , linux-s390@vger.kernel.org, netdev@vger.kernel.org, Nick Desaulniers , Tom Rix , Kees Cook , Sami Tolvanen , llvm@lists.linux.dev, linux-kernel@vger.kernel.org, patches@lists.linux.dev, Nathan Chancellor Subject: [PATCH 2/3] s390/netiucv: Fix return type of netiucv_tx() Date: Wed, 2 Nov 2022 09:32:51 -0700 Message-Id: <20221102163252.49175-2-nathan@kernel.org> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20221102163252.49175-1-nathan@kernel.org> References: <20221102163252.49175-1-nathan@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function pointer prototype to make sure the call target is valid to help mitigate ROP attacks. If they are not identical, there is a failure at run time, which manifests as either a kernel panic or thread getting killed. A proposed warning in clang aims to catch these at compile time, which reveals: drivers/s390/net/netiucv.c:1854:21: error: incompatible function pointer types initializing 'netdev_tx_t (*)(struct sk_buff *, struct net_device *)' (aka 'enum netdev_tx (*)(struct sk_buff *, struct net_device *)') with an expression of type 'int (struct sk_buff *, struct net_device *)' [-Werror,-Wincompatible-function-pointer-types-strict] .ndo_start_xmit = netiucv_tx, ^~~~~~~~~~ ->ndo_start_xmit() in 'struct net_device_ops' expects a return type of 'netdev_tx_t', not 'int'. Adjust the return type of netiucv_tx() to match the prototype's to resolve the warning and potential CFI failure, should s390 select ARCH_SUPPORTS_CFI_CLANG in the future. Link: https://github.com/ClangBuiltLinux/linux/issues/1750 Signed-off-by: Nathan Chancellor Reviewed-by: Kees Cook Reviewed-by: Alexandra Winter --- drivers/s390/net/netiucv.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/s390/net/netiucv.c b/drivers/s390/net/netiucv.c index 65aa0a96c21d..1a7f2bc3a87b 100644 --- a/drivers/s390/net/netiucv.c +++ b/drivers/s390/net/netiucv.c @@ -1256,7 +1256,7 @@ static int netiucv_close(struct net_device *dev) * Note: If we return !0, then the packet is free'd by * the generic network layer. */ -static int netiucv_tx(struct sk_buff *skb, struct net_device *dev) +static netdev_tx_t netiucv_tx(struct sk_buff *skb, struct net_device *dev) { struct netiucv_priv *privptr = netdev_priv(dev); int rc; From patchwork Wed Nov 2 16:32:52 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nathan Chancellor X-Patchwork-Id: 13028601 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 12AF8C4332F for ; Wed, 2 Nov 2022 16:38:37 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231442AbiKBQif (ORCPT ); Wed, 2 Nov 2022 12:38:35 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59188 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231408AbiKBQiK (ORCPT ); Wed, 2 Nov 2022 12:38:10 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2860A31ECC; Wed, 2 Nov 2022 09:33:13 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id E7F9EB821A3; Wed, 2 Nov 2022 16:33:10 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id ADFACC433D6; Wed, 2 Nov 2022 16:33:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1667406789; bh=ZaNRk9XsK/SEJ/1Ji5JmKKMuERlYmmNZ5RDlsKv/yN8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=YkVMEabLh2tHVOFpCHakFtCLP59LlHSUfhdMWu4i1Q1oy/ymN30vFMERBTMkgdtTp ymq2lbFxZGBSxqGhAKdJ2eIb4EQmAYcd2YP66adzMbb7iCa7xd3wZjEnRTetrxt732 1gxaC0PL4fvKZG0KVkxYTKo37/SVTYmmtxQG7DgvSBddVORZ/ccgUDj+RlitrmfmAo Yly3QDywW6xb+a1xY8w3fAhNkO4EwxTL/FQRrz0rQ6Cc0Z0ZP3fpn926O/J6pn/hl3 n8M/jPLP8WOu/JqkrFOqqhX49MQiUi7MZHrGzLzVb74m6Uo+LNodiPWEj0a3ZitXaH 0MvTDIz3zA8rA== From: Nathan Chancellor To: Alexandra Winter , Wenjia Zhang Cc: Heiko Carstens , Vasily Gorbik , Alexander Gordeev , Christian Borntraeger , Sven Schnelle , linux-s390@vger.kernel.org, netdev@vger.kernel.org, Nick Desaulniers , Tom Rix , Kees Cook , Sami Tolvanen , llvm@lists.linux.dev, linux-kernel@vger.kernel.org, patches@lists.linux.dev, Nathan Chancellor Subject: [PATCH 3/3] s390/lcs: Fix return type of lcs_start_xmit() Date: Wed, 2 Nov 2022 09:32:52 -0700 Message-Id: <20221102163252.49175-3-nathan@kernel.org> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20221102163252.49175-1-nathan@kernel.org> References: <20221102163252.49175-1-nathan@kernel.org> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function pointer prototype to make sure the call target is valid to help mitigate ROP attacks. If they are not identical, there is a failure at run time, which manifests as either a kernel panic or thread getting killed. A proposed warning in clang aims to catch these at compile time, which reveals: drivers/s390/net/lcs.c:2090:21: error: incompatible function pointer types initializing 'netdev_tx_t (*)(struct sk_buff *, struct net_device *)' (aka 'enum netdev_tx (*)(struct sk_buff *, struct net_device *)') with an expression of type 'int (struct sk_buff *, struct net_device *)' [-Werror,-Wincompatible-function-pointer-types-strict] .ndo_start_xmit = lcs_start_xmit, ^~~~~~~~~~~~~~ drivers/s390/net/lcs.c:2097:21: error: incompatible function pointer types initializing 'netdev_tx_t (*)(struct sk_buff *, struct net_device *)' (aka 'enum netdev_tx (*)(struct sk_buff *, struct net_device *)') with an expression of type 'int (struct sk_buff *, struct net_device *)' [-Werror,-Wincompatible-function-pointer-types-strict] .ndo_start_xmit = lcs_start_xmit, ^~~~~~~~~~~~~~ ->ndo_start_xmit() in 'struct net_device_ops' expects a return type of 'netdev_tx_t', not 'int'. Adjust the return type of lcs_start_xmit() to match the prototype's to resolve the warning and potential CFI failure, should s390 select ARCH_SUPPORTS_CFI_CLANG in the future. Link: https://github.com/ClangBuiltLinux/linux/issues/1750 Signed-off-by: Nathan Chancellor Reviewed-by: Kees Cook Reviewed-by: Alexandra Winter --- drivers/s390/net/lcs.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/s390/net/lcs.c b/drivers/s390/net/lcs.c index 84c8981317b4..4cbb9802bf22 100644 --- a/drivers/s390/net/lcs.c +++ b/drivers/s390/net/lcs.c @@ -1519,7 +1519,7 @@ lcs_txbuffer_cb(struct lcs_channel *channel, struct lcs_buffer *buffer) /* * Packet transmit function called by network stack */ -static int +static netdev_tx_t __lcs_start_xmit(struct lcs_card *card, struct sk_buff *skb, struct net_device *dev) { @@ -1582,7 +1582,7 @@ __lcs_start_xmit(struct lcs_card *card, struct sk_buff *skb, return rc; } -static int +static netdev_tx_t lcs_start_xmit(struct sk_buff *skb, struct net_device *dev) { struct lcs_card *card;