All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] scsi: elx: libefc: Fix second parameter type in state callbacks
@ 2022-11-02 16:19 Nathan Chancellor
  2022-11-02 19:08 ` Kees Cook
                   ` (2 more replies)
  0 siblings, 3 replies; 5+ messages in thread
From: Nathan Chancellor @ 2022-11-02 16:19 UTC (permalink / raw)
  To: James Smart, Ram Vegesna, James E.J. Bottomley, Martin K. Petersen
  Cc: linux-scsi, target-devel, Nick Desaulniers, Tom Rix, Kees Cook,
	Sami Tolvanen, llvm, linux-kernel, patches, Nathan Chancellor

With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG),
indirect call targets are validated against the expected function
pointer prototype to make sure the call target is valid to help mitigate
ROP attacks. If they are not identical, there is a failure at run time,
which manifests as either a kernel panic or thread getting killed. A
proposed warning in clang aims to catch these at compile time, which
reveals:

  drivers/scsi/elx/libefc/efc_node.c:811:22: error: incompatible function pointer types assigning to 'void (*)(struct efc_sm_ctx *, u32, void *)' (aka 'void (*)(struct efc_sm_ctx *, unsigned int, void *)') from 'void (*)(struct efc_sm_ctx *, enum efc_sm_event, void *)' [-Werror,-Wincompatible-function-pointer-types-strict]
                  ctx->current_state = state;
                                    ^ ~~~~~
  drivers/scsi/elx/libefc/efc_node.c:878:21: error: incompatible function pointer types assigning to 'void (*)(struct efc_sm_ctx *, u32, void *)' (aka 'void (*)(struct efc_sm_ctx *, unsigned int, void *)') from 'void (*)(struct efc_sm_ctx *, enum efc_sm_event, void *)' [-Werror,-Wincompatible-function-pointer-types-strict]
          node->nodedb_state = state;
                            ^ ~~~~~
  drivers/scsi/elx/libefc/efc_node.c:905:6: error: incompatible function pointer types assigning to 'void (*)(struct efc_sm_ctx *, enum efc_sm_event, void *)' from 'void (*)(struct efc_sm_ctx *, u32, void *)' (aka 'void (*)(struct efc_sm_ctx *, unsigned int, void *)') [-Werror,-Wincompatible-function-pointer-types-strict]
                  pf = node->nodedb_state;
                    ^ ~~~~~~~~~~~~~~~~~~

  drivers/scsi/elx/libefc/efc_device.c:455:22: error: incompatible function pointer types assigning to 'void (*)(struct efc_sm_ctx *, u32, void *)' (aka 'void (*)(struct efc_sm_ctx *, unsigned int, void *)') from 'void (struct efc_sm_ctx *, enum efc_sm_event, void *)' [-Werror,-Wincompatible-function-pointer-types-strict]
                  node->nodedb_state = __efc_d_init;
                                    ^ ~~~~~~~~~~~~

  drivers/scsi/elx/libefc/efc_sm.c:41:22: error: incompatible function pointer types assigning to 'void (*)(struct efc_sm_ctx *, u32, void *)' (aka 'void (*)(struct efc_sm_ctx *, unsigned int, void *)') from 'void (*)(struct efc_sm_ctx *, enum efc_sm_event, void *)' [-Werror,-Wincompatible-function-pointer-types-strict]
                  ctx->current_state = state;
                                    ^ ~~~~~

The type of the second parameter in the prototypes of ->current_state()
and ->nodedb_state() ('u32') does not match the implementations, which
have a second parameter type of 'enum efc_sm_event'. Update the
prototypes to have the correct second parameter type, clearing up all
the warnings and CFI failures.

Link: https://github.com/ClangBuiltLinux/linux/issues/1750
Reported-by: Sami Tolvanen <samitolvanen@google.com>
Signed-off-by: Nathan Chancellor <nathan@kernel.org>
---
 drivers/scsi/elx/libefc/efclib.h | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/drivers/scsi/elx/libefc/efclib.h b/drivers/scsi/elx/libefc/efclib.h
index dde20891c2dd..57e338612812 100644
--- a/drivers/scsi/elx/libefc/efclib.h
+++ b/drivers/scsi/elx/libefc/efclib.h
@@ -58,10 +58,12 @@ enum efc_node_send_ls_acc {
 #define EFC_LINK_STATUS_UP		0
 #define EFC_LINK_STATUS_DOWN		1
 
+enum efc_sm_event;
+
 /* State machine context header  */
 struct efc_sm_ctx {
 	void (*current_state)(struct efc_sm_ctx *ctx,
-			      u32 evt, void *arg);
+			      enum efc_sm_event evt, void *arg);
 
 	const char	*description;
 	void		*app;
@@ -365,7 +367,7 @@ struct efc_node {
 	int			prev_evt;
 
 	void (*nodedb_state)(struct efc_sm_ctx *ctx,
-			     u32 evt, void *arg);
+			     enum efc_sm_event evt, void *arg);
 	struct timer_list	gidpt_delay_timer;
 	u64			time_last_gidpt_msec;
 

base-commit: 9abf2313adc1ca1b6180c508c25f22f9395cc780
-- 
2.38.1


^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [PATCH] scsi: elx: libefc: Fix second parameter type in state callbacks
  2022-11-02 16:19 [PATCH] scsi: elx: libefc: Fix second parameter type in state callbacks Nathan Chancellor
@ 2022-11-02 19:08 ` Kees Cook
  2022-11-03 11:32   ` Ram Kishore Vegesna
  2022-11-08  3:05 ` Martin K. Petersen
  2022-11-17 18:29 ` Martin K. Petersen
  2 siblings, 1 reply; 5+ messages in thread
From: Kees Cook @ 2022-11-02 19:08 UTC (permalink / raw)
  To: Nathan Chancellor
  Cc: James Smart, Ram Vegesna, James E.J. Bottomley,
	Martin K. Petersen, linux-scsi, target-devel, Nick Desaulniers,
	Tom Rix, Sami Tolvanen, llvm, linux-kernel, patches

On Wed, Nov 02, 2022 at 09:19:06AM -0700, Nathan Chancellor wrote:
> With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG),
> indirect call targets are validated against the expected function
> pointer prototype to make sure the call target is valid to help mitigate
> ROP attacks. If they are not identical, there is a failure at run time,
> which manifests as either a kernel panic or thread getting killed. A
> proposed warning in clang aims to catch these at compile time, which
> reveals:
> 
>   drivers/scsi/elx/libefc/efc_node.c:811:22: error: incompatible function pointer types assigning to 'void (*)(struct efc_sm_ctx *, u32, void *)' (aka 'void (*)(struct efc_sm_ctx *, unsigned int, void *)') from 'void (*)(struct efc_sm_ctx *, enum efc_sm_event, void *)' [-Werror,-Wincompatible-function-pointer-types-strict]
>                   ctx->current_state = state;
>                                     ^ ~~~~~
>   drivers/scsi/elx/libefc/efc_node.c:878:21: error: incompatible function pointer types assigning to 'void (*)(struct efc_sm_ctx *, u32, void *)' (aka 'void (*)(struct efc_sm_ctx *, unsigned int, void *)') from 'void (*)(struct efc_sm_ctx *, enum efc_sm_event, void *)' [-Werror,-Wincompatible-function-pointer-types-strict]
>           node->nodedb_state = state;
>                             ^ ~~~~~
>   drivers/scsi/elx/libefc/efc_node.c:905:6: error: incompatible function pointer types assigning to 'void (*)(struct efc_sm_ctx *, enum efc_sm_event, void *)' from 'void (*)(struct efc_sm_ctx *, u32, void *)' (aka 'void (*)(struct efc_sm_ctx *, unsigned int, void *)') [-Werror,-Wincompatible-function-pointer-types-strict]
>                   pf = node->nodedb_state;
>                     ^ ~~~~~~~~~~~~~~~~~~
> 
>   drivers/scsi/elx/libefc/efc_device.c:455:22: error: incompatible function pointer types assigning to 'void (*)(struct efc_sm_ctx *, u32, void *)' (aka 'void (*)(struct efc_sm_ctx *, unsigned int, void *)') from 'void (struct efc_sm_ctx *, enum efc_sm_event, void *)' [-Werror,-Wincompatible-function-pointer-types-strict]
>                   node->nodedb_state = __efc_d_init;
>                                     ^ ~~~~~~~~~~~~
> 
>   drivers/scsi/elx/libefc/efc_sm.c:41:22: error: incompatible function pointer types assigning to 'void (*)(struct efc_sm_ctx *, u32, void *)' (aka 'void (*)(struct efc_sm_ctx *, unsigned int, void *)') from 'void (*)(struct efc_sm_ctx *, enum efc_sm_event, void *)' [-Werror,-Wincompatible-function-pointer-types-strict]
>                   ctx->current_state = state;
>                                     ^ ~~~~~
> 
> The type of the second parameter in the prototypes of ->current_state()
> and ->nodedb_state() ('u32') does not match the implementations, which
> have a second parameter type of 'enum efc_sm_event'. Update the
> prototypes to have the correct second parameter type, clearing up all
> the warnings and CFI failures.
> 
> Link: https://github.com/ClangBuiltLinux/linux/issues/1750
> Reported-by: Sami Tolvanen <samitolvanen@google.com>
> Signed-off-by: Nathan Chancellor <nathan@kernel.org>

Reviewed-by: Kees Cook <keescook@chromium.org>

-- 
Kees Cook

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] scsi: elx: libefc: Fix second parameter type in state callbacks
  2022-11-02 19:08 ` Kees Cook
@ 2022-11-03 11:32   ` Ram Kishore Vegesna
  0 siblings, 0 replies; 5+ messages in thread
From: Ram Kishore Vegesna @ 2022-11-03 11:32 UTC (permalink / raw)
  To: Kees Cook
  Cc: Nathan Chancellor, James Smart, James E.J. Bottomley,
	Martin K. Petersen, linux-scsi, target-devel, Nick Desaulniers,
	Tom Rix, Sami Tolvanen, llvm, linux-kernel, patches


[-- Attachment #1.1: Type: text/plain, Size: 4208 bytes --]

On Thu, Nov 3, 2022 at 12:38 AM Kees Cook <keescook@chromium.org> wrote:

> On Wed, Nov 02, 2022 at 09:19:06AM -0700, Nathan Chancellor wrote:
> > With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG),
> > indirect call targets are validated against the expected function
> > pointer prototype to make sure the call target is valid to help mitigate
> > ROP attacks. If they are not identical, there is a failure at run time,
> > which manifests as either a kernel panic or thread getting killed. A
> > proposed warning in clang aims to catch these at compile time, which
> > reveals:
> >
> >   drivers/scsi/elx/libefc/efc_node.c:811:22: error: incompatible
> function pointer types assigning to 'void (*)(struct efc_sm_ctx *, u32,
> void *)' (aka 'void (*)(struct efc_sm_ctx *, unsigned int, void *)') from
> 'void (*)(struct efc_sm_ctx *, enum efc_sm_event, void *)'
> [-Werror,-Wincompatible-function-pointer-types-strict]
> >                   ctx->current_state = state;
> >                                     ^ ~~~~~
> >   drivers/scsi/elx/libefc/efc_node.c:878:21: error: incompatible
> function pointer types assigning to 'void (*)(struct efc_sm_ctx *, u32,
> void *)' (aka 'void (*)(struct efc_sm_ctx *, unsigned int, void *)') from
> 'void (*)(struct efc_sm_ctx *, enum efc_sm_event, void *)'
> [-Werror,-Wincompatible-function-pointer-types-strict]
> >           node->nodedb_state = state;
> >                             ^ ~~~~~
> >   drivers/scsi/elx/libefc/efc_node.c:905:6: error: incompatible function
> pointer types assigning to 'void (*)(struct efc_sm_ctx *, enum
> efc_sm_event, void *)' from 'void (*)(struct efc_sm_ctx *, u32, void *)'
> (aka 'void (*)(struct efc_sm_ctx *, unsigned int, void *)')
> [-Werror,-Wincompatible-function-pointer-types-strict]
> >                   pf = node->nodedb_state;
> >                     ^ ~~~~~~~~~~~~~~~~~~
> >
> >   drivers/scsi/elx/libefc/efc_device.c:455:22: error: incompatible
> function pointer types assigning to 'void (*)(struct efc_sm_ctx *, u32,
> void *)' (aka 'void (*)(struct efc_sm_ctx *, unsigned int, void *)') from
> 'void (struct efc_sm_ctx *, enum efc_sm_event, void *)'
> [-Werror,-Wincompatible-function-pointer-types-strict]
> >                   node->nodedb_state = __efc_d_init;
> >                                     ^ ~~~~~~~~~~~~
> >
> >   drivers/scsi/elx/libefc/efc_sm.c:41:22: error: incompatible function
> pointer types assigning to 'void (*)(struct efc_sm_ctx *, u32, void *)'
> (aka 'void (*)(struct efc_sm_ctx *, unsigned int, void *)') from 'void
> (*)(struct efc_sm_ctx *, enum efc_sm_event, void *)'
> [-Werror,-Wincompatible-function-pointer-types-strict]
> >                   ctx->current_state = state;
> >                                     ^ ~~~~~
> >
> > The type of the second parameter in the prototypes of ->current_state()
> > and ->nodedb_state() ('u32') does not match the implementations, which
> > have a second parameter type of 'enum efc_sm_event'. Update the
> > prototypes to have the correct second parameter type, clearing up all
> > the warnings and CFI failures.
> >
> > Link: https://github.com/ClangBuiltLinux/linux/issues/1750
> > Reported-by: Sami Tolvanen <samitolvanen@google.com>
> > Signed-off-by: Nathan Chancellor <nathan@kernel.org>
>
> Reviewed-by: Kees Cook <keescook@chromium.org>
>
> --
> Kees Cook
>

Looks good.

Reviewed-by: Ram Vegesna<ram.vegesna@broadcom.com>

-- 
This electronic communication and the information and any files transmitted 
with it, or attached to it, are confidential and are intended solely for 
the use of the individual or entity to whom it is addressed and may contain 
information that is confidential, legally privileged, protected by privacy 
laws, or otherwise restricted from disclosure to anyone else. If you are 
not the intended recipient or the person responsible for delivering the 
e-mail to the intended recipient, you are hereby notified that any use, 
copying, distributing, dissemination, forwarding, printing, or copying of 
this e-mail is strictly prohibited. If you received this e-mail in error, 
please return the e-mail to the sender, delete it from your computer, and 
destroy any printed copy of it.

[-- Attachment #1.2: Type: text/html, Size: 5438 bytes --]

[-- Attachment #2: S/MIME Cryptographic Signature --]
[-- Type: application/pkcs7-signature, Size: 4214 bytes --]

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] scsi: elx: libefc: Fix second parameter type in state callbacks
  2022-11-02 16:19 [PATCH] scsi: elx: libefc: Fix second parameter type in state callbacks Nathan Chancellor
  2022-11-02 19:08 ` Kees Cook
@ 2022-11-08  3:05 ` Martin K. Petersen
  2022-11-17 18:29 ` Martin K. Petersen
  2 siblings, 0 replies; 5+ messages in thread
From: Martin K. Petersen @ 2022-11-08  3:05 UTC (permalink / raw)
  To: Nathan Chancellor
  Cc: James Smart, Ram Vegesna, James E.J. Bottomley,
	Martin K. Petersen, linux-scsi, target-devel, Nick Desaulniers,
	Tom Rix, Kees Cook, Sami Tolvanen, llvm, linux-kernel, patches


Nathan,

> With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG),
> indirect call targets are validated against the expected function
> pointer prototype to make sure the call target is valid to help
> mitigate ROP attacks. If they are not identical, there is a failure at
> run time, which manifests as either a kernel panic or thread getting
> killed. A proposed warning in clang aims to catch these at compile
> time, which reveals:

Applied to 6.2/scsi-staging, thanks!

-- 
Martin K. Petersen	Oracle Linux Engineering

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] scsi: elx: libefc: Fix second parameter type in state callbacks
  2022-11-02 16:19 [PATCH] scsi: elx: libefc: Fix second parameter type in state callbacks Nathan Chancellor
  2022-11-02 19:08 ` Kees Cook
  2022-11-08  3:05 ` Martin K. Petersen
@ 2022-11-17 18:29 ` Martin K. Petersen
  2 siblings, 0 replies; 5+ messages in thread
From: Martin K. Petersen @ 2022-11-17 18:29 UTC (permalink / raw)
  To: Nathan Chancellor, James Smart, Ram Vegesna, James E.J. Bottomley
  Cc: Martin K . Petersen, Tom Rix, linux-kernel, target-devel,
	Sami Tolvanen, patches, linux-scsi, Nick Desaulniers, Kees Cook,
	llvm

On Wed, 2 Nov 2022 09:19:06 -0700, Nathan Chancellor wrote:

> With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG),
> indirect call targets are validated against the expected function
> pointer prototype to make sure the call target is valid to help mitigate
> ROP attacks. If they are not identical, there is a failure at run time,
> which manifests as either a kernel panic or thread getting killed. A
> proposed warning in clang aims to catch these at compile time, which
> reveals:
> 
> [...]

Applied to 6.2/scsi-queue, thanks!

[1/1] scsi: elx: libefc: Fix second parameter type in state callbacks
      https://git.kernel.org/mkp/scsi/c/3d75e766b58a

-- 
Martin K. Petersen	Oracle Linux Engineering

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2022-11-17 18:30 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-11-02 16:19 [PATCH] scsi: elx: libefc: Fix second parameter type in state callbacks Nathan Chancellor
2022-11-02 19:08 ` Kees Cook
2022-11-03 11:32   ` Ram Kishore Vegesna
2022-11-08  3:05 ` Martin K. Petersen
2022-11-17 18:29 ` Martin K. Petersen

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.