From patchwork Mon Mar 18 13:03:52 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Lobakin X-Patchwork-Id: 13595362 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 72877381C5; Mon, 18 Mar 2024 13:04:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.18 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710767058; cv=none; b=GSU2GVVEt2hhmb4eN5d9OtOhsJwb8iRh/8N3bLnXUO94SGWQGlIJlx/KmeJqypTJUbFGXR++A3g+YCtZr3WWp9e17QTVl3erZ/Mtf1kq+S7L2bNxKXKCRCr73bWI4tdzB3XfRU30Q+7XuKCNR7nwWUZXSLUHYX6P5/qEgrGcjdE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710767058; c=relaxed/simple; bh=iIs+cbLa7AHztJVkWHe+vnPyRdgwFNA0Lqe5a5IwRa0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Aeqlu2R+gVbPYQOhsfwSpZh+c5+SYfRcR0AelSrf/37jN/PsHS6v6uylBacXmlMijsiPHMUb6x49vh7N5uAl7i7oPsQxI+zO96pCVZo7i6vgv6N5+5gC09/DMixBGJAwTgst98V0QW69STMUGfcd+YH3jS46T8BVn3qo4QZRtms= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=Amb6Km8x; arc=none smtp.client-ip=198.175.65.18 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="Amb6Km8x" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1710767056; x=1742303056; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=iIs+cbLa7AHztJVkWHe+vnPyRdgwFNA0Lqe5a5IwRa0=; b=Amb6Km8xI3D/TcLjyjwY8FdyJlPjqcGGd5qgyA/ir28TiE/5YS+/njgk 10M+5NTcTjIDCVwpxOnipJ0bSi55szr3SctfjX5p1ZCG6vsR0RwZKIOs+ aGCfbWyRugz9xGSQjIjZ7m1VsaZ7zh1TDMjxa9BVHnAEkR5tnk2oXsgAY mN9/AEFMv7pVUI1S/MPneN3AOwdCg2yzhUIbNxxRWTtAGRFHRIVAJ8pOp k3a+sSbfGhkXaoW6jeZR2F9iL2z/Y9xmtDUk6gJwWYen1x4Szotsq/TrP fwjt09leZPwQZz+XiM3GbtboHYp1GpEssGPew6648K8s9X3VuP6lpsSjs Q==; X-IronPort-AV: E=McAfee;i="6600,9927,11016"; a="5707142" X-IronPort-AV: E=Sophos;i="6.07,134,1708416000"; d="scan'208";a="5707142" Received: from orviesa002.jf.intel.com ([10.64.159.142]) by orvoesa110.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 18 Mar 2024 06:04:16 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.07,134,1708416000"; d="scan'208";a="44392867" Received: from newjersey.igk.intel.com ([10.102.20.203]) by orviesa002.jf.intel.com with ESMTP; 18 Mar 2024 06:04:13 -0700 From: Alexander Lobakin To: linux-hardening@vger.kernel.org Cc: Alexander Lobakin , Kees Cook , "Gustavo A. R. Silva" , Marco Elver , Jakub Kicinski , netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH RFC kspp-next 1/3] compiler_types: add Endianness-dependent __counted_by_{le,be} Date: Mon, 18 Mar 2024 14:03:52 +0100 Message-ID: <20240318130354.2713265-2-aleksander.lobakin@intel.com> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240318130354.2713265-1-aleksander.lobakin@intel.com> References: <20240318130354.2713265-1-aleksander.lobakin@intel.com> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Some structures contain flexible arrays at the end and the counter for them, but the counter has explicit Endianness and thus __counted_by() can't be used directly. To increase test coverage for potential problems without breaking anything, introduce __counted_by_{le,be} defined depending on platform's Endianness to either __counted_by() when applicable or noop otherwise. Maybe it would be a good idea to introduce such attributes on compiler level if possible, but for now let's stop on what we have. Signed-off-by: Alexander Lobakin --- include/linux/compiler_types.h | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/include/linux/compiler_types.h b/include/linux/compiler_types.h index 3e64ec0f7ac8..9506efbf2b8c 100644 --- a/include/linux/compiler_types.h +++ b/include/linux/compiler_types.h @@ -242,6 +242,17 @@ struct ftrace_likely_data { */ #define noinline_for_stack noinline +/* + * Apply __counted_by() when the Endianness matches to increase test coverage. + */ +#ifdef __LITTLE_ENDIAN +#define __counted_by_le(member) __counted_by(member) +#define __counted_by_be(member) +#else +#define __counted_by_le(member) +#define __counted_by_be(member) __counted_by(member) +#endif + /* * Sanitizer helper attributes: Because using __always_inline and * __no_sanitize_* conflict, provide helper attributes that will either expand From patchwork Mon Mar 18 13:03:53 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Lobakin X-Patchwork-Id: 13595363 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E547F38F96; Mon, 18 Mar 2024 13:04:17 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.18 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710767059; cv=none; b=ie8qTJoHA8ZvcFSAuMjEayb7ep0aP8nXH6+IvhLIXEPtbuOwUHiLNrcxAfgvHn+h4jDbDOtWPfP8zmGkLqCq4ifbva40WcZPrrnwvKo7trYWBW3ts1l0lUH5vNCnxW0OLTKuCQfhybMhr17b1By0VWSARBjmRNG3pWvGqHey8aE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710767059; c=relaxed/simple; bh=ZRL03sPQx6c/A6XYa9UfTEt3fY76GaN/+XjCyG2UFFo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=VJ4XhD5IRem/PjG3jtCthvT4Q6peA95gjnTMzUuETiSgEba/wQhdyvVc076+QYGBofyiecH+lAjieqh4cn+xdsTTD75gAd0KwPsksF99tZxRKeiNh7bYeALl/0xaqJZcnQ0le+1ePOi5yJ/QMVR43K0VDC9M+9MoaAHB0UrOgig= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=AUIw+RRe; arc=none smtp.client-ip=198.175.65.18 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="AUIw+RRe" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1710767058; x=1742303058; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=ZRL03sPQx6c/A6XYa9UfTEt3fY76GaN/+XjCyG2UFFo=; b=AUIw+RReOIXJ/LYUvdF3xvtJpQXiV1iJlfNoP1GUSLrLNKHMDE28okPC /aYonqCXPh9P9cqeoLzRDA+MMTWFDqo8EDWNAIHQ/3hAuTmpwp5jgZQo+ JUrg2VrtLzQL3rnPXJ4cx4DrWs4gnbzDbnDRtDmBfq+mEpuBZkgoHYshi 5po4LwBZ467H7HjpdNVzPq9El7TyknPz7UknfBj3NUUyFVBIfpVZNvcJH 2w5BnOBknpL1mt0aSxBl7LJon1XaW1B+QiOztqm+TSu2DcEbntoMm1Ovr OvVgUjHZJbIrFWbJDt2Mzdl/u+K2U4jD6YhjJN/iC+i8c9+Y2AAPtQT4C g==; X-IronPort-AV: E=McAfee;i="6600,9927,11016"; a="5707153" X-IronPort-AV: E=Sophos;i="6.07,134,1708416000"; d="scan'208";a="5707153" Received: from orviesa002.jf.intel.com ([10.64.159.142]) by orvoesa110.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 18 Mar 2024 06:04:18 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.07,134,1708416000"; d="scan'208";a="44392883" Received: from newjersey.igk.intel.com ([10.102.20.203]) by orviesa002.jf.intel.com with ESMTP; 18 Mar 2024 06:04:16 -0700 From: Alexander Lobakin To: linux-hardening@vger.kernel.org Cc: Alexander Lobakin , Kees Cook , "Gustavo A. R. Silva" , Marco Elver , Jakub Kicinski , netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH RFC kspp-next 2/3] idpf: make virtchnl2.h self-contained Date: Mon, 18 Mar 2024 14:03:53 +0100 Message-ID: <20240318130354.2713265-3-aleksander.lobakin@intel.com> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240318130354.2713265-1-aleksander.lobakin@intel.com> References: <20240318130354.2713265-1-aleksander.lobakin@intel.com> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 To ease maintaining of virtchnl2.h, which already is messy enough, make it self-contained by adding missing if_ether.h include due to %ETH_ALEN usage. At the same time, virtchnl2_lan_desc.h is not anywhere in the file, so remove this include to speed up preprocessing. Signed-off-by: Alexander Lobakin --- drivers/net/ethernet/intel/idpf/virtchnl2.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/net/ethernet/intel/idpf/virtchnl2.h b/drivers/net/ethernet/intel/idpf/virtchnl2.h index 4a3c4454d25a..29419211b3d9 100644 --- a/drivers/net/ethernet/intel/idpf/virtchnl2.h +++ b/drivers/net/ethernet/intel/idpf/virtchnl2.h @@ -4,6 +4,8 @@ #ifndef _VIRTCHNL2_H_ #define _VIRTCHNL2_H_ +#include + /* All opcodes associated with virtchnl2 are prefixed with virtchnl2 or * VIRTCHNL2. Any future opcodes, offloads/capabilities, structures, * and defines must be prefixed with virtchnl2 or VIRTCHNL2 to avoid confusion. @@ -17,8 +19,6 @@ * must remain unchanged over time, so we specify explicit values for all enums. */ -#include "virtchnl2_lan_desc.h" - /* This macro is used to generate compilation errors if a structure * is not exactly the correct length. */ From patchwork Mon Mar 18 13:03:54 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Lobakin X-Patchwork-Id: 13595364 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 94BD63BBF5; Mon, 18 Mar 2024 13:04:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.18 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710767062; cv=none; b=dELOtqsUdx9lKqDrnDD0jXUutP9FCWloobZj+l28CYns5tFHq4+46C0lMHzYvc68WrvsFJmBPQOZfXRPCgS4+/8t6VTqG/8NK95ZlaC+YyDaBeG3TL/5D/BQcOua+VP1CFCCn5r+FPFBOPO9ZxqhK6GoiVVLEY6v5GOOnAzE5Yc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710767062; c=relaxed/simple; bh=p82qphfLz+VUhriAAE/LBeA9xdMiTaxUuvgYxMmjVIs=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=WgpeivHu7BEiBmplma5hgwezzxg/s2CPVsyJq37eDnnY8+iAKBDoNcUAeXfVkj5E0vBP5o+qFo3vNkZExDWvGIWY9GpWzOdfCP+mHyOcEssVu80b51Dv9VXqZ2mAX1TSqFv60J0uBlPK7hQ/FT937E6tq92Jn3od+dEN/8eqDkI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=McsYoMts; arc=none smtp.client-ip=198.175.65.18 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="McsYoMts" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1710767060; x=1742303060; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=p82qphfLz+VUhriAAE/LBeA9xdMiTaxUuvgYxMmjVIs=; b=McsYoMtsRwLQ3xIiBM516V+roip+cmt9U2+HIxo9swSbUR9K+H28B50A rTzqmwFDLHAjhKxYsQ5LRThVV4E6RpQ3nUnXniq8PU/sJL+Q4TUF8SrUE FCvaSNu0SKiyrD7IX60W7PVes54wCOgsdzYkcxBSZtWuNeT1OqZNZ+++T p+s4V0vuLnKyrhW7YsnB6AzxdJoMBAYsP0OGydLlDXuXU/KvDTIoke+fX u/OtaJBkI63Rbga8IDcs3gnoM8hG0bQNkdbEVChb2RkCaOvoE8uBYV653 /tjSVYITHMzjiCe5YhhEz+zZq0NFk4hKsIbzM21xkUcU4Nyzjmv7QuSTm g==; X-IronPort-AV: E=McAfee;i="6600,9927,11016"; a="5707163" X-IronPort-AV: E=Sophos;i="6.07,134,1708416000"; d="scan'208";a="5707163" Received: from orviesa002.jf.intel.com ([10.64.159.142]) by orvoesa110.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 18 Mar 2024 06:04:20 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.07,134,1708416000"; d="scan'208";a="44392891" Received: from newjersey.igk.intel.com ([10.102.20.203]) by orviesa002.jf.intel.com with ESMTP; 18 Mar 2024 06:04:18 -0700 From: Alexander Lobakin To: linux-hardening@vger.kernel.org Cc: Alexander Lobakin , Kees Cook , "Gustavo A. R. Silva" , Marco Elver , Jakub Kicinski , netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH RFC kspp-next 3/3] idpf: sprinkle __counted_by{,_le}() in the virtchnl2 header Date: Mon, 18 Mar 2024 14:03:54 +0100 Message-ID: <20240318130354.2713265-4-aleksander.lobakin@intel.com> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240318130354.2713265-1-aleksander.lobakin@intel.com> References: <20240318130354.2713265-1-aleksander.lobakin@intel.com> Precedence: bulk X-Mailing-List: linux-hardening@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Both virtchnl2.h and its consumer idpf_virtchnl.c are very error-prone. There are 10 structures with flexible arrays at the end, but 9 of them has flex member counter in Little Endian. Make the code a bit more robust by applying __counted_by_le() to those 9. LE platforms is the main target for this driver, so they would receive additional protection. While we're here, add __counted_by() to virtchnl2_ptype::proto_id, as its counter is `u8` regardless of the Endianness. Compile test on x86_64 (LE) didn't reveal any new issues after applying the attributes. Signed-off-by: Alexander Lobakin --- drivers/net/ethernet/intel/idpf/virtchnl2.h | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/drivers/net/ethernet/intel/idpf/virtchnl2.h b/drivers/net/ethernet/intel/idpf/virtchnl2.h index 29419211b3d9..63deb120359c 100644 --- a/drivers/net/ethernet/intel/idpf/virtchnl2.h +++ b/drivers/net/ethernet/intel/idpf/virtchnl2.h @@ -555,7 +555,7 @@ VIRTCHNL2_CHECK_STRUCT_LEN(32, virtchnl2_queue_reg_chunk); struct virtchnl2_queue_reg_chunks { __le16 num_chunks; u8 pad[6]; - struct virtchnl2_queue_reg_chunk chunks[]; + struct virtchnl2_queue_reg_chunk chunks[] __counted_by_le(num_chunks); }; VIRTCHNL2_CHECK_STRUCT_LEN(8, virtchnl2_queue_reg_chunks); @@ -703,7 +703,7 @@ struct virtchnl2_config_tx_queues { __le32 vport_id; __le16 num_qinfo; u8 pad[10]; - struct virtchnl2_txq_info qinfo[]; + struct virtchnl2_txq_info qinfo[] __counted_by_le(num_qinfo); }; VIRTCHNL2_CHECK_STRUCT_LEN(16, virtchnl2_config_tx_queues); @@ -782,7 +782,7 @@ struct virtchnl2_config_rx_queues { __le32 vport_id; __le16 num_qinfo; u8 pad[18]; - struct virtchnl2_rxq_info qinfo[]; + struct virtchnl2_rxq_info qinfo[] __counted_by_le(num_qinfo); }; VIRTCHNL2_CHECK_STRUCT_LEN(24, virtchnl2_config_rx_queues); @@ -868,7 +868,7 @@ VIRTCHNL2_CHECK_STRUCT_LEN(32, virtchnl2_vector_chunk); struct virtchnl2_vector_chunks { __le16 num_vchunks; u8 pad[14]; - struct virtchnl2_vector_chunk vchunks[]; + struct virtchnl2_vector_chunk vchunks[] __counted_by_le(num_vchunks); }; VIRTCHNL2_CHECK_STRUCT_LEN(16, virtchnl2_vector_chunks); @@ -912,7 +912,7 @@ struct virtchnl2_rss_lut { __le16 lut_entries_start; __le16 lut_entries; u8 pad[4]; - __le32 lut[]; + __le32 lut[] __counted_by_le(lut_entries); }; VIRTCHNL2_CHECK_STRUCT_LEN(12, virtchnl2_rss_lut); @@ -977,7 +977,7 @@ struct virtchnl2_ptype { u8 ptype_id_8; u8 proto_id_count; __le16 pad; - __le16 proto_id[]; + __le16 proto_id[] __counted_by(proto_id_count); } __packed __aligned(2); VIRTCHNL2_CHECK_STRUCT_LEN(6, virtchnl2_ptype); @@ -1104,7 +1104,7 @@ struct virtchnl2_rss_key { __le32 vport_id; __le16 key_len; u8 pad; - u8 key_flex[]; + u8 key_flex[] __counted_by_le(key_len); } __packed; VIRTCHNL2_CHECK_STRUCT_LEN(7, virtchnl2_rss_key); @@ -1131,7 +1131,7 @@ VIRTCHNL2_CHECK_STRUCT_LEN(16, virtchnl2_queue_chunk); struct virtchnl2_queue_chunks { __le16 num_chunks; u8 pad[6]; - struct virtchnl2_queue_chunk chunks[]; + struct virtchnl2_queue_chunk chunks[] __counted_by_le(num_chunks); }; VIRTCHNL2_CHECK_STRUCT_LEN(8, virtchnl2_queue_chunks); @@ -1195,7 +1195,7 @@ struct virtchnl2_queue_vector_maps { __le32 vport_id; __le16 num_qv_maps; u8 pad[10]; - struct virtchnl2_queue_vector qv_maps[]; + struct virtchnl2_queue_vector qv_maps[] __counted_by_le(num_qv_maps); }; VIRTCHNL2_CHECK_STRUCT_LEN(16, virtchnl2_queue_vector_maps); @@ -1247,7 +1247,7 @@ struct virtchnl2_mac_addr_list { __le32 vport_id; __le16 num_mac_addr; u8 pad[2]; - struct virtchnl2_mac_addr mac_addr_list[]; + struct virtchnl2_mac_addr mac_addr_list[] __counted_by_le(num_mac_addr); }; VIRTCHNL2_CHECK_STRUCT_LEN(8, virtchnl2_mac_addr_list);