stuartl/linux-mainline
1
0
Fork 0
mirror of https://kernel.googlesource.com/pub/scm/linux/kernel/git/torvalds/linux synced 2025-09-18 18:48:10 +10:00
Code Issues Releases Wiki Activity
0ff41df1cb
linux-mainline/net/ethtool
History
Damodharam Ammepalli f3fdd4fba1 ethtool: cmis_cdb: use correct rpl size in ethtool_cmis_module_poll() 
rpl is passed as a pointer to ethtool_cmis_module_poll(), so the correct
size of rpl is sizeof(*rpl) which should be just 1 byte.  Using the
pointer size instead can cause stack corruption:

Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: ethtool_cmis_wait_for_cond+0xf4/0x100
CPU: 72 UID: 0 PID: 4440 Comm: kworker/72:2 Kdump: loaded Tainted: G           OE      6.11.0 #24
Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE
Hardware name: Dell Inc. PowerEdge R760/04GWWM, BIOS 1.6.6 09/20/2023
Workqueue: events module_flash_fw_work
Call Trace:
 <TASK>
 panic+0x339/0x360
 ? ethtool_cmis_wait_for_cond+0xf4/0x100
 ? __pfx_status_success+0x10/0x10
 ? __pfx_status_fail+0x10/0x10
 __stack_chk_fail+0x10/0x10
 ethtool_cmis_wait_for_cond+0xf4/0x100
 ethtool_cmis_cdb_execute_cmd+0x1fc/0x330
 ? __pfx_status_fail+0x10/0x10
 cmis_cdb_module_features_get+0x6d/0xd0
 ethtool_cmis_cdb_init+0x8a/0xd0
 ethtool_cmis_fw_update+0x46/0x1d0
 module_flash_fw_work+0x17/0xa0
 process_one_work+0x179/0x390
 worker_thread+0x239/0x340
 ? __pfx_worker_thread+0x10/0x10
 kthread+0xcc/0x100
 ? __pfx_kthread+0x10/0x10
 ret_from_fork+0x2d/0x50
 ? __pfx_kthread+0x10/0x10
 ret_from_fork_asm+0x1a/0x30
 </TASK>

Fixes: a39c84d796 ("ethtool: cmis_cdb: Add a layer for supporting CDB commands")
Reviewed-by: Andy Gospodarek <andrew.gospodarek@broadcom.com>
Reviewed-by: Simon Horman <horms@kernel.org>
Reviewed-by: Ido Schimmel <idosch@nvidia.com>
Signed-off-by: Damodharam Ammepalli <damodharam.ammepalli@broadcom.com>
Signed-off-by: Michael Chan <michael.chan@broadcom.com>
Link: https://patch.msgid.link/20250409173312.733012-1-michael.chan@broadcom.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2025-04-11 18:41:19 -07:00
..
bitset.c
bitset.h
cabletest.c
channels.c
cmis_cdb.c ethtool: cmis_cdb: use correct rpl size in ethtool_cmis_module_poll() 2025-04-11 18:41:19 -07:00
cmis_fw_update.c
cmis.h ethtool: cmis_cdb: Fix incorrect read / write length extension 2025-04-10 14:32:43 +02:00
coalesce.c
common.c net: ethtool: fix ethtool_ringparam_get_cfg() returns a hds_thresh value always as 0. 2025-04-07 11:00:00 -07:00
common.h net: ethtool: Export the link_mode_params definitions 2025-03-18 09:03:11 +01:00
debug.c
eee.c
eeprom.c
features.c
fec.c
ioctl.c net: hold instance lock during NETDEV_CHANGE 2025-04-07 11:13:39 -07:00
linkinfo.c
linkmodes.c
linkstate.c
Makefile
mm.c
module_fw.h
module.c
netlink.c net: ethtool: Don't call .cleanup_data when prepare_data fails 2025-04-08 15:34:15 +02:00
netlink.h
pause.c
phc_vclocks.c
phy.c
plca.c
privflags.c
pse-pd.c
rings.c
rss.c
stats.c
strset.c
ts.h
tsconfig.c
tsinfo.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2025-03-13 23:08:11 +01:00
tunnels.c
wol.c