tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

hv_sock: Extract hvs_send_data() helper that takes only header

When building under -Warray-bounds, the compiler is especially
conservative when faced with casts from a smaller object to a larger
object. While this has found many real bugs, there are some cases that
are currently false positives (like here). With this as one of the last
few instances of the warning in the kernel before -Warray-bounds can be
enabled globally, rearrange the functions so that there is a header-only
version of hvs_send_data(). Silences this warning:

net/vmw_vsock/hyperv_transport.c: In function 'hvs_shutdown_lock_held.constprop':
net/vmw_vsock/hyperv_transport.c:231:32: warning: array subscript 'struct hvs_send_buf[0]' is partly outside array bounds of 'struct vmpipe_proto_header[1]' [-Warray-bounds]
231 | send_buf->hdr.pkt_type = 1;
| ~~~~~~~~~~~~~~~~~~~~~~~^~~
net/vmw_vsock/hyperv_transport.c:465:36: note: while referencing 'hdr'
465 | struct vmpipe_proto_header hdr;
| ^~~

This change results in no executable instruction differences.

Signed-off-by: Kees Cook <keescook@chromium.org>
Acked-by: Wei Liu <wei.liu@kernel.org>
Link: https://lore.kernel.org/r/20211207063217.2591451-1-keescook@chromium.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

authored by

Kees Cook and committed by
Jakub Kicinski c0e084e3 e44aecc7

+12 -6
+12 -6
net/vmw_vsock/hyperv_transport.c
··· 225 225 return round_down(ret, 8); 226 226 } 227 227 228 + static int __hvs_send_data(struct vmbus_channel *chan, 229 + struct vmpipe_proto_header *hdr, 230 + size_t to_write) 231 + { 232 + hdr->pkt_type = 1; 233 + hdr->data_size = to_write; 234 + return vmbus_sendpacket(chan, hdr, sizeof(*hdr) + to_write, 235 + 0, VM_PKT_DATA_INBAND, 0); 236 + } 237 + 228 238 static int hvs_send_data(struct vmbus_channel *chan, 229 239 struct hvs_send_buf *send_buf, size_t to_write) 230 240 { 231 - send_buf->hdr.pkt_type = 1; 232 - send_buf->hdr.data_size = to_write; 233 - return vmbus_sendpacket(chan, &send_buf->hdr, 234 - sizeof(send_buf->hdr) + to_write, 235 - 0, VM_PKT_DATA_INBAND, 0); 241 + return __hvs_send_data(chan, &send_buf->hdr, to_write); 236 242 } 237 243 238 244 static void hvs_channel_cb(void *ctx) ··· 474 468 return; 475 469 476 470 /* It can't fail: see hvs_channel_writable_bytes(). */ 477 - (void)hvs_send_data(hvs->chan, (struct hvs_send_buf *)&hdr, 0); 471 + (void)__hvs_send_data(hvs->chan, &hdr, 0); 478 472 hvs->fin_sent = true; 479 473 } 480 474