Index: head/sys/dev/hyperv/netvsc/hv_rndis_filter.c =================================================================== --- head/sys/dev/hyperv/netvsc/hv_rndis_filter.c +++ head/sys/dev/hyperv/netvsc/hv_rndis_filter.c @@ -1179,16 +1179,16 @@ size = NDIS_OFFLOAD_SIZE; } else if (sc->hn_ndis_ver >= HN_NDIS_VERSION_6_1) { in.ndis_hdr.ndis_rev = NDIS_OFFLOAD_REV_2; - size = NDIS_OFFLOAD_SIZE_2; + size = NDIS_OFFLOAD_SIZE_6_1; } else { in.ndis_hdr.ndis_rev = NDIS_OFFLOAD_REV_1; - size = NDIS_OFFLOAD_SIZE_1; + size = NDIS_OFFLOAD_SIZE_6_0; } in.ndis_hdr.ndis_size = size; caps_len = NDIS_OFFLOAD_SIZE; error = hn_rndis_query2(sc, OID_TCP_OFFLOAD_HARDWARE_CAPABILITIES, - &in, size, caps, &caps_len, NDIS_OFFLOAD_SIZE_1); + &in, size, caps, &caps_len, NDIS_OFFLOAD_SIZE_6_0); if (error) return (error); @@ -1209,7 +1209,7 @@ if_printf(sc->hn_ifp, "invalid NDIS objsize %u, " "data size %zu\n", caps->ndis_hdr.ndis_size, caps_len); return (EINVAL); - } else if (caps->ndis_hdr.ndis_size < NDIS_OFFLOAD_SIZE_1) { + } else if (caps->ndis_hdr.ndis_size < NDIS_OFFLOAD_SIZE_6_0) { if_printf(sc->hn_ifp, "invalid NDIS objsize %u\n", caps->ndis_hdr.ndis_size); return (EINVAL); @@ -1217,7 +1217,9 @@ if (bootverbose) { /* - * Fields for NDIS 6.0 are accessable. + * NOTE: + * caps->ndis_hdr.ndis_size MUST be checked before accessing + * NDIS 6.1+ specific fields. */ if_printf(sc->hn_ifp, "hwcaps rev %u\n", caps->ndis_hdr.ndis_rev); Index: head/sys/dev/hyperv/netvsc/ndis.h =================================================================== --- head/sys/dev/hyperv/netvsc/ndis.h +++ head/sys/dev/hyperv/netvsc/ndis.h @@ -319,9 +319,9 @@ }; #define NDIS_OFFLOAD_SIZE sizeof(struct ndis_offload) -#define NDIS_OFFLOAD_SIZE_1 \ +#define NDIS_OFFLOAD_SIZE_6_0 \ __offsetof(struct ndis_offload, ndis_ipsecv2) -#define NDIS_OFFLOAD_SIZE_2 \ +#define NDIS_OFFLOAD_SIZE_6_1 \ __offsetof(struct ndis_offload, ndis_rsc) #define NDIS_OFFLOAD_REV_1 1 /* NDIS 6.0 */