This is a note to let you know that I've just added the patch titled
net: avoid build bug in skb extension length calculation
to the 6.6-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
net-avoid-build-bug-in-skb-extension-length-calculation.patch
and it can be found in the queue-6.6 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From d6e5794b06c0fab74fe6e4fa55d508a5ceb14735 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= <linux@xxxxxxxxxxxxxx>
Date: Mon, 18 Dec 2023 18:06:54 +0100
Subject: net: avoid build bug in skb extension length calculation
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
From: Thomas Weißschuh <linux@xxxxxxxxxxxxxx>
commit d6e5794b06c0fab74fe6e4fa55d508a5ceb14735 upstream.
GCC seems to incorrectly fail to evaluate skb_ext_total_length() at
compile time under certain conditions.
The issue even occurs if all values in skb_ext_type_len[] are "0",
ruling out the possibility of an actual overflow.
As the patch has been in mainline since v6.6 without triggering the
problem it seems to be a very uncommon occurrence.
As the issue only occurs when -fno-tree-loop-im is specified as part of
CFLAGS_GCOV, disable the BUILD_BUG_ON() only when building with coverage
reporting enabled.
Reported-by: kernel test robot <lkp@xxxxxxxxx>
Closes: https://lore.kernel.org/oe-kbuild-all/202312171924.4FozI5FG-lkp@xxxxxxxxx/
Suggested-by: Arnd Bergmann <arnd@xxxxxxxx>
Link: https://lore.kernel.org/lkml/487cfd35-fe68-416f-9bfd-6bb417f98304@xxxxxxxxxxxxxxxx/
Fixes: 5d21d0a65b57 ("net: generalize calculation of skb extensions length")
Cc: <stable@xxxxxxxxxxxxxxx>
Signed-off-by: Thomas Weißschuh <linux@xxxxxxxxxxxxxx>
Acked-by: Arnd Bergmann <arnd@xxxxxxxx>
Link: https://lore.kernel.org/r/20231218-net-skbuff-build-bug-v1-1-eefc2fb0a7d3@xxxxxxxxxxxxxx
Signed-off-by: Paolo Abeni <pabeni@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
net/core/skbuff.c | 2 ++
1 file changed, 2 insertions(+)
--- a/net/core/skbuff.c
+++ b/net/core/skbuff.c
@@ -4810,7 +4810,9 @@ static __always_inline unsigned int skb_
static void skb_extensions_init(void)
{
BUILD_BUG_ON(SKB_EXT_NUM >= 8);
+#if !IS_ENABLED(CONFIG_KCOV_INSTRUMENT_ALL)
BUILD_BUG_ON(skb_ext_total_length() > 255);
+#endif
skbuff_ext_cache = kmem_cache_create("skbuff_ext_cache",
SKB_EXT_ALIGN_VALUE * skb_ext_total_length(),
Patches currently in stable-queue which might be from linux@xxxxxxxxxxxxxx are
queue-6.6/net-avoid-build-bug-in-skb-extension-length-calculation.patch
