From c75b8ebed51891fcd56b495f5aad5fa3203918e9 Mon Sep 17 00:00:00 2001 From: Danny Lin Date: Mon, 6 Jul 2020 14:49:32 -0700 Subject: [PATCH] rmnet_perf: Fix CFI violation in packet deaggregation This fixes the following CFI violation when the rmnet_perf module is loaded: CFI failure (target: [] rmnet_perf_core_deaggregate+0x0/0x2c4): ------------[ cut here ]------------ WARNING: CPU: 1 PID: 0 at rmnet_rx_handler+0x240/0x270 CPU: 1 PID: 0 Comm: swapper/1 Tainted: G S W 4.14.186 #1 Hardware name: Qualcomm Technologies, Inc. SM8150 V2 PM8150 MTP 18865 19863 14 15 (DT) task: 0000000098c067f6 task.stack: 00000000289c42de pc : rmnet_rx_handler+0x240/0x270 lr : rmnet_rx_handler+0x240/0x270 sp : ffffff801000bd00 pstate : 60400145 x29: ffffff801000bd00 x28: ffffff9cdc68e798 x27: ffffffe5ed28e090 x26: 0000000000000000 x25: ffffff9cdc68e9cc x24: ffffffe42fd6b900 x23: ffffff9cde829f30 x22: ffffff9cddd181a4 x21: ffffffe5f40fd100 x20: ffffffe5dfb95000 x19: ffffffe42fd6b900 x18: 0000000000010000 x17: 0000000000000008 x16: 0000000000000000 x15: 0000000000000008 x14: ffffff9cde85d990 x13: 0000000005000000 x12: 00ff00ff00000000 x11: ffffffffffffffff x10: 0000000000000008 x9 : 99d99e2e2d2e1900 x8 : 99d99e2e2d2e1900 x7 : 0000000000000000 x6 : ffffffe5f52091f1 x5 : 0000000000000000 x4 : 0000000000000000 x3 : fffffffffffffffc x2 : 0000000000000000 x1 : 0000000000000008 x0 : 0000000000000051 \x0aPC: 0xffffff9cdd12b8bc: b8bc f900051f aa1503e0 aa1403e1 940001f9 b4fffe60 aa0003f6 aa1403e1 94000015 b8dc eb1602bf 54ffff01 17ffffef 900091e0 91188000 aa1603e1 aa1603e2 97d8aa73 b8fc d4210000 17ffffcb aa1503e0 97d9465c 17ffffd2 aa1503e0 97d94659 17ffffdd b91c aa1303e0 528001c1 aa1503e2 94303be3 d10183ff a9027bfd f9001bf7 a90457f6 \x0aLR: 0xffffff9cdd12b8bc: b8bc f900051f aa1503e0 aa1403e1 940001f9 b4fffe60 aa0003f6 aa1403e1 94000015 b8dc eb1602bf 54ffff01 17ffffef 900091e0 91188000 aa1603e1 aa1603e2 97d8aa73 b8fc d4210000 17ffffcb aa1503e0 97d9465c 17ffffd2 aa1503e0 97d94659 17ffffdd b91c aa1303e0 528001c1 aa1503e2 94303be3 d10183ff a9027bfd f9001bf7 a90457f6 \x0aSP: 0xffffff801000bcc0: bcc0 dd12b8fc ffffff9c 60400145 00000000 1000bca8 ffffff80 dd12b828 ffffff9c bce0 ffffffff 0000007f 2d2e1900 99d99e2e 1000bd00 ffffff80 dd12b8fc ffffff9c bd00 1000bd60 ffffff80 ddd4eafc ffffff9c 2fd6b900 ffffffe4 de84eec0 ffffff9c bd20 00000000 00000000 ed28e000 ffffffe5 00000000 00000001 00000000 00000000 Call trace: rmnet_rx_handler+0x240/0x270 __netif_receive_skb_core+0x50c/0xba0 process_backlog+0x1e4/0x3d0 net_rx_action+0x134/0x4f4 __do_softirq+0x16c/0x344 irq_exit+0x16c/0x178 handle_IPI+0x220/0x2e0 gic_handle_irq.16379+0xa8/0x180 el1_irq+0xb0/0x124 lpm_cpuidle_enter+0x33c/0x358 cpuidle_enter_state+0x220/0x400 do_idle+0x430/0x5f0 cpu_startup_entry+0x74/0x78 __cpu_disable+0x0/0xf0 ---[ end trace 6e7b287874dec53e ]--- Reported-by: Adam W. Willis Signed-off-by: Danny Lin Signed-off-by: Adam W. Willis Signed-off-by: Carlos Ayrton Lopez Arroyo <15030201@itcelaya.edu.mx> --- drivers/net/ethernet/qualcomm/rmnet/rmnet_handlers.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/net/ethernet/qualcomm/rmnet/rmnet_handlers.c b/drivers/net/ethernet/qualcomm/rmnet/rmnet_handlers.c index 92138322366b..083c8d6bc403 100644 --- a/drivers/net/ethernet/qualcomm/rmnet/rmnet_handlers.c +++ b/drivers/net/ethernet/qualcomm/rmnet/rmnet_handlers.c @@ -285,8 +285,8 @@ __rmnet_map_ingress_handler(struct sk_buff *skb, kfree_skb(skb); } -int (*rmnet_perf_deag_entry)(struct sk_buff *skb, - struct rmnet_port *port) __rcu __read_mostly; +void (*rmnet_perf_deag_entry)(struct sk_buff *skb, + struct rmnet_port *port) __rcu __read_mostly; EXPORT_SYMBOL(rmnet_perf_deag_entry); static void @@ -294,8 +294,8 @@ rmnet_map_ingress_handler(struct sk_buff *skb, struct rmnet_port *port) { struct sk_buff *skbn; - int (*rmnet_perf_core_deaggregate)(struct sk_buff *skb, - struct rmnet_port *port); + void (*rmnet_perf_core_deaggregate)(struct sk_buff *skb, + struct rmnet_port *port); if (skb->dev->type == ARPHRD_ETHER) { if (pskb_expand_head(skb, ETH_HLEN, 0, GFP_KERNEL)) {