From patchwork Thu Apr  2 11:37:16 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>
X-Patchwork-Id: 1265539
Return-Path: <kernel-team-bounces@lists.ubuntu.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org; spf=none (no SPF record)
	smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19;
	helo=huckleberry.canonical.com;
	envelope-from=kernel-team-bounces@lists.ubuntu.com;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none)
	header.from=canonical.com
Received: from huckleberry.canonical.com (huckleberry.canonical.com
	[91.189.94.19])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 48tLdy3v4fz9sQt;
	Thu,  2 Apr 2020 22:37:42 +1100 (AEDT)
Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com)
	by huckleberry.canonical.com with esmtp (Exim 4.86_2)
	(envelope-from <kernel-team-bounces@lists.ubuntu.com>)
	id 1jJyAE-0002MC-KT; Thu, 02 Apr 2020 11:37:38 +0000
Received: from youngberry.canonical.com ([91.189.89.112])
	by huckleberry.canonical.com with esmtps
	(TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2)
	(envelope-from <marcelo.cerri@canonical.com>) id 1jJyAA-0002Iz-P4
	for kernel-team@lists.ubuntu.com; Thu, 02 Apr 2020 11:37:34 +0000
Received: from mail-qk1-f198.google.com ([209.85.222.198])
	by youngberry.canonical.com with esmtps
	(TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2)
	(envelope-from <marcelo.cerri@canonical.com>) id 1jJyAA-00060u-E1
	for kernel-team@lists.ubuntu.com; Thu, 02 Apr 2020 11:37:34 +0000
Received: by mail-qk1-f198.google.com with SMTP id p8so2754688qkp.4
	for <kernel-team@lists.ubuntu.com>;
	Thu, 02 Apr 2020 04:37:34 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to
	:references:mime-version:content-transfer-encoding;
	bh=9Y1pQpQzdgDEOA687p46butyfvF7j9dp4rbIXcfrQhA=;
	b=Jp9BbeQmyaGnO4LsblGs0CYUSWme2tErEfJ4wXAU4Eu9ZSDtQ66TjcHqq+yF8ahGeD
	Trs9bV86dWxCByEepQLZUaLgdk2Uhi+eoXdYOLTl6vY5BZ0lZeIKSCbDW/CHPuDUvsEJ
	Lz4qtRDoPfdQjQLH8Kbc07smG/i4S5kVM4J01CS1dD+Bskqa6TwE0NCZaKSMYIJ5gUjC
	LmfWm+uBNWJtC76Ad+3EGy1iZFMJ7xTKnADTxrYOCPKLmh1YfJwiTUWOOsEdV/VTw+WS
	uwYhFMu4QkdfnxqzDl84+0eI/+PoJEOeLItAzfjmii3PicNNnx9jaTwj+NHheL4OQXhl
	H3uw==
X-Gm-Message-State: AGi0PuYtZQBmknKVYn/ydunuh0D5PjRrY3se+XQuwWdIhm5Fuo6/59a/
	VKWYhwo5XoxE3UYoKw1DnyRDbVoZYnHdakWYT8rWyKPa84W1KmLCIF0GwIews5SDueis496Go8C
	l8NFUzCx/fA05hbiJYMAtYzEZj2ZjWX0mD5kDBFuG
X-Received: by 2002:ac8:7293:: with SMTP id
	v19mr2456849qto.133.1585827453134;
	Thu, 02 Apr 2020 04:37:33 -0700 (PDT)
X-Google-Smtp-Source: 
 APiQypJqBdys2D5mPPSHCmpGzukdFAmyptkaQClP5QfgdF++kPlInMxjUcx+2Sj/xnDld54KxvHVag==
X-Received: by 2002:ac8:7293:: with SMTP id
	v19mr2456816qto.133.1585827452771;
	Thu, 02 Apr 2020 04:37:32 -0700 (PDT)
Received: from gallifrey.lan ([2804:14c:4e6:352:b906:503c:ddec:3d6e])
	by smtp.gmail.com with ESMTPSA id
	f13sm3579353qte.53.2020.04.02.04.37.31
	for <kernel-team@lists.ubuntu.com>
	(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
	Thu, 02 Apr 2020 04:37:32 -0700 (PDT)
From: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>
To: kernel-team@lists.ubuntu.com
Subject: [xenial:linux-azure][PATCH 6/6] hv_netvsc: Fix send_table offset in
	case of a host bug
Date: Thu,  2 Apr 2020 08:37:16 -0300
Message-Id: <20200402113716.20490-7-marcelo.cerri@canonical.com>
X-Mailer: git-send-email 2.20.1
In-Reply-To: <20200402113716.20490-1-marcelo.cerri@canonical.com>
References: <20200402113716.20490-1-marcelo.cerri@canonical.com>
MIME-Version: 1.0
X-BeenThere: kernel-team@lists.ubuntu.com
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Kernel team discussions <kernel-team.lists.ubuntu.com>
List-Unsubscribe: <https://lists.ubuntu.com/mailman/options/kernel-team>,
	<mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>
List-Archive: <https://lists.ubuntu.com/archives/kernel-team>
List-Post: <mailto:kernel-team@lists.ubuntu.com>
List-Help: <mailto:kernel-team-request@lists.ubuntu.com?subject=help>
List-Subscribe: <https://lists.ubuntu.com/mailman/listinfo/kernel-team>,
	<mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>
Errors-To: kernel-team-bounces@lists.ubuntu.com
Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>

From: Haiyang Zhang <haiyangz@microsoft.com>

BugLink: http://bugs.launchpad.net/bugs/1864233

If negotiated NVSP version <= NVSP_PROTOCOL_VERSION_6, the offset may
be wrong (too small) due to a host bug. This can cause missing the
end of the send indirection table, and add multiple zero entries from
leading zeros before the data region. This bug adds extra burden on
channel 0.

So fix the offset by computing it from the data structure sizes. This
will ensure netvsc driver runs normally on unfixed hosts, and future
fixed hosts.

Fixes: 5b54dac856cb ("hyperv: Add support for virtual Receive Side Scaling (vRSS)")
Signed-off-by: Haiyang Zhang <haiyangz@microsoft.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
(cherry picked from commit 171c1fd98df3d5948d9a9eb755274850fa5e59c6)
Signed-off-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>
---
 drivers/net/hyperv/netvsc.c | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/drivers/net/hyperv/netvsc.c b/drivers/net/hyperv/netvsc.c
index ee7bc5e14fca..b08643f6e16f 100644
--- a/drivers/net/hyperv/netvsc.c
+++ b/drivers/net/hyperv/netvsc.c
@@ -1166,6 +1166,7 @@ static int netvsc_receive(struct net_device *ndev,
 }
 
 static void netvsc_send_table(struct net_device *ndev,
+			      struct netvsc_device *nvscdev,
 			      const struct nvsp_message *nvmsg,
 			      u32 msglen)
 {
@@ -1181,6 +1182,16 @@ static void netvsc_send_table(struct net_device *ndev,
 		return;
 	}
 
+	/* If negotiated version <= NVSP_PROTOCOL_VERSION_6, the offset may be
+	 * wrong due to a host bug. So fix the offset here.
+	 */
+	if (nvscdev->nvsp_version <= NVSP_PROTOCOL_VERSION_6 &&
+	    msglen >= sizeof(struct nvsp_message_header) +
+	    sizeof(union nvsp_6_message_uber) + count * sizeof(u32))
+		offset = sizeof(struct nvsp_message_header) +
+			 sizeof(union nvsp_6_message_uber);
+
+	/* Boundary check for all versions */
 	if (offset > msglen - count * sizeof(u32)) {
 		netdev_err(ndev, "Received send-table offset too big:%u\n",
 			   offset);
@@ -1203,12 +1214,13 @@ static void netvsc_send_vf(struct net_device *ndev,
 }
 
 static void netvsc_receive_inband(struct net_device *ndev,
+				  struct netvsc_device *nvscdev,
 				  const struct nvsp_message *nvmsg,
 				  u32 msglen)
 {
 	switch (nvmsg->hdr.msg_type) {
 	case NVSP_MSG5_TYPE_SEND_INDIRECTION_TABLE:
-		netvsc_send_table(ndev, nvmsg, msglen);
+		netvsc_send_table(ndev, nvscdev, nvmsg, msglen);
 		break;
 
 	case NVSP_MSG4_TYPE_SEND_VF_ASSOCIATION:
@@ -1239,7 +1251,7 @@ static int netvsc_process_raw_pkt(struct hv_device *device,
 		break;
 
 	case VM_PKT_DATA_INBAND:
-		netvsc_receive_inband(ndev, nvmsg, msglen);
+		netvsc_receive_inband(ndev, net_device, nvmsg, msglen);
 		break;
 
 	default: