From nobody Thu Oct 9 02:53:20 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C786278F4A; Fri, 20 Jun 2025 11:22:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750418568; cv=none; b=t5tkmqP2Zfji1FRnOaki40aF25Ox6SUoJtMpfaAMY2G4eTjww9xB/k8iXyS+SbkSbKPUri7P7wkcVph/gjrwq8O0pPKINfLNc5DbTTsqwRPSgOiRfrN7wsYBWlXGVRWYZruAoI+cnzXiXsPxatlbVnjh5x1XOk6b3vlpfeLtrUQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750418568; c=relaxed/simple; bh=QBFJzVVrfVoyGIEd3fk1LqSlNLHOElDjvujD8eKPQIw=; h=From:To:Cc:Subject:Date:Message-Id:MIME-Version; b=eZB99bqX+6prafH1fsfZE67Oi+jsnOa6UAwCoSly6BGhT0G5AHX35JIuCBTWnoytLUt4ZRq/n4xsYRT1IEFXUykmm8OFz2J3lIJH49e4kNUe2IzsIHRZbrzuV+KgcVaub7+6LTGRUHGiBnlw/fg4VCw7Tin9yO044cTwtRrPQzg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=H+2tHfKb; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="H+2tHfKb" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 0BC88C4CEE3; Fri, 20 Jun 2025 11:22:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1750418568; bh=QBFJzVVrfVoyGIEd3fk1LqSlNLHOElDjvujD8eKPQIw=; h=From:To:Cc:Subject:Date:From; b=H+2tHfKbk0CjhBzyiqzIoioVXNchfu684gcdExNICGG0E8f9LWlKIwb/PD2xKkMhP NpeGKwOYqpIKscYKovXrO1h0TY7rTFS+5pcY79bZOxkXLXt2xec6cIpIj+zIUn98H9 q39XaAPds05Lm2Ey2FcE/UQyYOBacES9fXQuAy5BzsqvNlhvRDN3VNEI1Trgi8Qm9d jxno7LYJxiWYFGDZftxZKwl3/bgCn8hV1Hy3Y9/n2qwIj9RkCUke2eiCzRgzmfb8al l188xmUF8JPUgmBcPRs5FWOAf1yWii7elT1K32xAp1kTYK4B1/lIcOwIZLDLNVQ5Hz eAJskdotPxunw== From: Arnd Bergmann To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Arnd Bergmann Cc: Simon Horman , netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH] caif: reduce stack size, again Date: Fri, 20 Jun 2025 13:22:39 +0200 Message-Id: <20250620112244.3425554-1-arnd@kernel.org> X-Mailer: git-send-email 2.39.5 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Arnd Bergmann I tried to fix the stack usage in this function a couple of years ago, but there is still a problem with the latest gcc versions in some configurations: net/caif/cfctrl.c:553:1: error: the frame size of 1296 bytes is larger than= 1280 bytes [-Werror=3Dframe-larger-than=3D] Reduce this once again, with a separate cfctrl_link_setup() function that holds the bulk of all the local variables. It also turns out that the param[] array that takes up a large portion of the stack is write-only and can be left out here. Fixes: ce6289661b14 ("caif: reduce stack size with KASAN") Signed-off-by: Arnd Bergmann --- net/caif/cfctrl.c | 294 +++++++++++++++++++++++----------------------- 1 file changed, 144 insertions(+), 150 deletions(-) diff --git a/net/caif/cfctrl.c b/net/caif/cfctrl.c index 20139fa1be1f..06b604cf9d58 100644 --- a/net/caif/cfctrl.c +++ b/net/caif/cfctrl.c @@ -351,17 +351,154 @@ int cfctrl_cancel_req(struct cflayer *layr, struct c= flayer *adap_layer) return found; } =20 +static int cfctrl_link_setup(struct cfctrl *cfctrl, struct cfpkt *pkt, u8 = cmdrsp) +{ + u8 len; + u8 linkid =3D 0; + enum cfctrl_srv serv; + enum cfctrl_srv servtype; + u8 endpoint; + u8 physlinkid; + u8 prio; + u8 tmp; + u8 *cp; + int i; + struct cfctrl_link_param linkparam; + struct cfctrl_request_info rsp, *req; + + memset(&linkparam, 0, sizeof(linkparam)); + + tmp =3D cfpkt_extr_head_u8(pkt); + + serv =3D tmp & CFCTRL_SRV_MASK; + linkparam.linktype =3D serv; + + servtype =3D tmp >> 4; + linkparam.chtype =3D servtype; + + tmp =3D cfpkt_extr_head_u8(pkt); + physlinkid =3D tmp & 0x07; + prio =3D tmp >> 3; + + linkparam.priority =3D prio; + linkparam.phyid =3D physlinkid; + endpoint =3D cfpkt_extr_head_u8(pkt); + linkparam.endpoint =3D endpoint & 0x03; + + switch (serv) { + case CFCTRL_SRV_VEI: + case CFCTRL_SRV_DBG: + if (CFCTRL_ERR_BIT & cmdrsp) + break; + /* Link ID */ + linkid =3D cfpkt_extr_head_u8(pkt); + break; + case CFCTRL_SRV_VIDEO: + tmp =3D cfpkt_extr_head_u8(pkt); + linkparam.u.video.connid =3D tmp; + if (CFCTRL_ERR_BIT & cmdrsp) + break; + /* Link ID */ + linkid =3D cfpkt_extr_head_u8(pkt); + break; + + case CFCTRL_SRV_DATAGRAM: + linkparam.u.datagram.connid =3D cfpkt_extr_head_u32(pkt); + if (CFCTRL_ERR_BIT & cmdrsp) + break; + /* Link ID */ + linkid =3D cfpkt_extr_head_u8(pkt); + break; + case CFCTRL_SRV_RFM: + /* Construct a frame, convert + * DatagramConnectionID + * to network format long and copy it out... + */ + linkparam.u.rfm.connid =3D cfpkt_extr_head_u32(pkt); + cp =3D (u8 *) linkparam.u.rfm.volume; + for (tmp =3D cfpkt_extr_head_u8(pkt); + cfpkt_more(pkt) && tmp !=3D '\0'; + tmp =3D cfpkt_extr_head_u8(pkt)) + *cp++ =3D tmp; + *cp =3D '\0'; + + if (CFCTRL_ERR_BIT & cmdrsp) + break; + /* Link ID */ + linkid =3D cfpkt_extr_head_u8(pkt); + + break; + case CFCTRL_SRV_UTIL: + /* Construct a frame, convert + * DatagramConnectionID + * to network format long and copy it out... + */ + /* Fifosize KB */ + linkparam.u.utility.fifosize_kb =3D cfpkt_extr_head_u16(pkt); + /* Fifosize bufs */ + linkparam.u.utility.fifosize_bufs =3D cfpkt_extr_head_u16(pkt); + /* name */ + cp =3D (u8 *) linkparam.u.utility.name; + caif_assert(sizeof(linkparam.u.utility.name) + >=3D UTILITY_NAME_LENGTH); + for (i =3D 0; i < UTILITY_NAME_LENGTH && cfpkt_more(pkt); i++) { + tmp =3D cfpkt_extr_head_u8(pkt); + *cp++ =3D tmp; + } + /* Length */ + len =3D cfpkt_extr_head_u8(pkt); + linkparam.u.utility.paramlen =3D len; + /* Param Data */ + cp =3D linkparam.u.utility.params; + while (cfpkt_more(pkt) && len--) { + tmp =3D cfpkt_extr_head_u8(pkt); + *cp++ =3D tmp; + } + if (CFCTRL_ERR_BIT & cmdrsp) + break; + /* Link ID */ + linkid =3D cfpkt_extr_head_u8(pkt); + /* Length */ + len =3D cfpkt_extr_head_u8(pkt); + /* Param Data */ + cfpkt_extr_head(pkt, NULL, len); + break; + default: + pr_warn("Request setup, invalid type (%d)\n", serv); + return -1; + } + + rsp.cmd =3D CFCTRL_CMD_LINK_SETUP; + rsp.param =3D linkparam; + spin_lock_bh(&cfctrl->info_list_lock); + req =3D cfctrl_remove_req(cfctrl, &rsp); + + if (CFCTRL_ERR_BIT =3D=3D (CFCTRL_ERR_BIT & cmdrsp) || + cfpkt_erroneous(pkt)) { + pr_err("Invalid O/E bit or parse error " + "on CAIF control channel\n"); + cfctrl->res.reject_rsp(cfctrl->serv.layer.up, 0, + req ? req->client_layer : NULL); + } else { + cfctrl->res.linksetup_rsp(cfctrl->serv.layer.up, linkid, + serv, physlinkid, + req ? req->client_layer : NULL); + } + + kfree(req); + + spin_unlock_bh(&cfctrl->info_list_lock); + + return 0; +} + static int cfctrl_recv(struct cflayer *layer, struct cfpkt *pkt) { u8 cmdrsp; u8 cmd; - int ret =3D -1; - u8 len; - u8 param[255]; + int ret =3D 0; u8 linkid =3D 0; struct cfctrl *cfctrl =3D container_obj(layer); - struct cfctrl_request_info rsp, *req; - =20 cmdrsp =3D cfpkt_extr_head_u8(pkt); cmd =3D cmdrsp & CFCTRL_CMD_MASK; @@ -374,150 +511,7 @@ static int cfctrl_recv(struct cflayer *layer, struct = cfpkt *pkt) =20 switch (cmd) { case CFCTRL_CMD_LINK_SETUP: - { - enum cfctrl_srv serv; - enum cfctrl_srv servtype; - u8 endpoint; - u8 physlinkid; - u8 prio; - u8 tmp; - u8 *cp; - int i; - struct cfctrl_link_param linkparam; - memset(&linkparam, 0, sizeof(linkparam)); - - tmp =3D cfpkt_extr_head_u8(pkt); - - serv =3D tmp & CFCTRL_SRV_MASK; - linkparam.linktype =3D serv; - - servtype =3D tmp >> 4; - linkparam.chtype =3D servtype; - - tmp =3D cfpkt_extr_head_u8(pkt); - physlinkid =3D tmp & 0x07; - prio =3D tmp >> 3; - - linkparam.priority =3D prio; - linkparam.phyid =3D physlinkid; - endpoint =3D cfpkt_extr_head_u8(pkt); - linkparam.endpoint =3D endpoint & 0x03; - - switch (serv) { - case CFCTRL_SRV_VEI: - case CFCTRL_SRV_DBG: - if (CFCTRL_ERR_BIT & cmdrsp) - break; - /* Link ID */ - linkid =3D cfpkt_extr_head_u8(pkt); - break; - case CFCTRL_SRV_VIDEO: - tmp =3D cfpkt_extr_head_u8(pkt); - linkparam.u.video.connid =3D tmp; - if (CFCTRL_ERR_BIT & cmdrsp) - break; - /* Link ID */ - linkid =3D cfpkt_extr_head_u8(pkt); - break; - - case CFCTRL_SRV_DATAGRAM: - linkparam.u.datagram.connid =3D - cfpkt_extr_head_u32(pkt); - if (CFCTRL_ERR_BIT & cmdrsp) - break; - /* Link ID */ - linkid =3D cfpkt_extr_head_u8(pkt); - break; - case CFCTRL_SRV_RFM: - /* Construct a frame, convert - * DatagramConnectionID - * to network format long and copy it out... - */ - linkparam.u.rfm.connid =3D - cfpkt_extr_head_u32(pkt); - cp =3D (u8 *) linkparam.u.rfm.volume; - for (tmp =3D cfpkt_extr_head_u8(pkt); - cfpkt_more(pkt) && tmp !=3D '\0'; - tmp =3D cfpkt_extr_head_u8(pkt)) - *cp++ =3D tmp; - *cp =3D '\0'; - - if (CFCTRL_ERR_BIT & cmdrsp) - break; - /* Link ID */ - linkid =3D cfpkt_extr_head_u8(pkt); - - break; - case CFCTRL_SRV_UTIL: - /* Construct a frame, convert - * DatagramConnectionID - * to network format long and copy it out... - */ - /* Fifosize KB */ - linkparam.u.utility.fifosize_kb =3D - cfpkt_extr_head_u16(pkt); - /* Fifosize bufs */ - linkparam.u.utility.fifosize_bufs =3D - cfpkt_extr_head_u16(pkt); - /* name */ - cp =3D (u8 *) linkparam.u.utility.name; - caif_assert(sizeof(linkparam.u.utility.name) - >=3D UTILITY_NAME_LENGTH); - for (i =3D 0; - i < UTILITY_NAME_LENGTH - && cfpkt_more(pkt); i++) { - tmp =3D cfpkt_extr_head_u8(pkt); - *cp++ =3D tmp; - } - /* Length */ - len =3D cfpkt_extr_head_u8(pkt); - linkparam.u.utility.paramlen =3D len; - /* Param Data */ - cp =3D linkparam.u.utility.params; - while (cfpkt_more(pkt) && len--) { - tmp =3D cfpkt_extr_head_u8(pkt); - *cp++ =3D tmp; - } - if (CFCTRL_ERR_BIT & cmdrsp) - break; - /* Link ID */ - linkid =3D cfpkt_extr_head_u8(pkt); - /* Length */ - len =3D cfpkt_extr_head_u8(pkt); - /* Param Data */ - cfpkt_extr_head(pkt, ¶m, len); - break; - default: - pr_warn("Request setup, invalid type (%d)\n", - serv); - goto error; - } - - rsp.cmd =3D cmd; - rsp.param =3D linkparam; - spin_lock_bh(&cfctrl->info_list_lock); - req =3D cfctrl_remove_req(cfctrl, &rsp); - - if (CFCTRL_ERR_BIT =3D=3D (CFCTRL_ERR_BIT & cmdrsp) || - cfpkt_erroneous(pkt)) { - pr_err("Invalid O/E bit or parse error " - "on CAIF control channel\n"); - cfctrl->res.reject_rsp(cfctrl->serv.layer.up, - 0, - req ? req->client_layer - : NULL); - } else { - cfctrl->res.linksetup_rsp(cfctrl->serv. - layer.up, linkid, - serv, physlinkid, - req ? req-> - client_layer : NULL); - } - - kfree(req); - - spin_unlock_bh(&cfctrl->info_list_lock); - } + ret =3D cfctrl_link_setup(cfctrl, pkt, cmdrsp); break; case CFCTRL_CMD_LINK_DESTROY: linkid =3D cfpkt_extr_head_u8(pkt); @@ -544,9 +538,9 @@ static int cfctrl_recv(struct cflayer *layer, struct cf= pkt *pkt) break; default: pr_err("Unrecognized Control Frame\n"); + ret =3D -1; goto error; } - ret =3D 0; error: cfpkt_destroy(pkt); return ret; --=20 2.39.5