cxgb3: Use struct_group() for memcpy() region

In preparation for FORTIFY_SOURCE performing compile-time and run-time
field bounds checking for memcpy(), memmove(), and memset(), avoid
intentionally writing across neighboring fields.

Use struct_group() in struct rss_hdr around members imm_data and intr_gen,
so they can be referenced together. This will allow memcpy() and sizeof()
to more easily reason about sizes, improve readability, and avoid future
warnings about writing beyond the end of imm_data.

"pahole" shows no size nor member offset changes to struct rss_hdr.
"objdump -d" shows no object code changes.

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/drivers/net/ethernet/chelsio/cxgb3/sge.c b/drivers/net/ethernet/chelsio/cxgb3/sge.c
index c3afec1..70f528a 100644 (file)
--- a/drivers/net/ethernet/chelsio/cxgb3/sge.c
+++ b/drivers/net/ethernet/chelsio/cxgb3/sge.c
@@ -126,8 +126,10 @@ struct rsp_desc {          /* response queue descriptor */
        struct rss_header rss_hdr;
        __be32 flags;
        __be32 len_cq;
-       u8 imm_data[47];
-       u8 intr_gen;
+       struct_group(immediate,
+               u8 imm_data[47];
+               u8 intr_gen;
+       );
 };
 
 /*
@@ -925,7 +927,8 @@ static inline struct sk_buff *get_imm_packet(const struct rsp_desc *resp)
 
        if (skb) {
                __skb_put(skb, IMMED_PKT_SIZE);
-               skb_copy_to_linear_data(skb, resp->imm_data, IMMED_PKT_SIZE);
+               BUILD_BUG_ON(IMMED_PKT_SIZE != sizeof(resp->immediate));
+               skb_copy_to_linear_data(skb, &resp->immediate, IMMED_PKT_SIZE);
        }
        return skb;
 }