From 9685624a50613344ad6cc1405fa561ea86888f06 Mon Sep 17 00:00:00 2001 From: Benoît Ganne Date: Wed, 8 Sep 2021 15:36:56 +0200 Subject: vppinfra: asan: improve overflow semantic MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Type: improvement Change-Id: Ia63899b82e34f179f9efa921e4630b598f2a86cb Signed-off-by: Benoît Ganne --- src/plugins/crypto_native/aes.h | 2 +- src/vnet/l2/l2_fib.h | 4 ++-- src/vppinfra/hash.c | 28 +++++++++++++----------- src/vppinfra/sanitizer.h | 48 +++++++++++++++++++++++------------------ 4 files changed, 46 insertions(+), 36 deletions(-) diff --git a/src/plugins/crypto_native/aes.h b/src/plugins/crypto_native/aes.h index 762d528d064..24b111aea82 100644 --- a/src/plugins/crypto_native/aes.h +++ b/src/plugins/crypto_native/aes.h @@ -119,7 +119,7 @@ aes_load_partial (u8x16u * p, int n_bytes) __m128i zero = { }; return (u8x16) _mm_mask_loadu_epi8 (zero, (1 << n_bytes) - 1, p); #else - return aes_byte_mask (CLIB_MEM_OVERFLOW_LOAD (*, p), n_bytes); + return aes_byte_mask (CLIB_MEM_OVERFLOW_LOAD (p), n_bytes); #endif } diff --git a/src/vnet/l2/l2_fib.h b/src/vnet/l2/l2_fib.h index 7f7cd761e20..202e2d9a33b 100644 --- a/src/vnet/l2/l2_fib.h +++ b/src/vnet/l2/l2_fib.h @@ -251,14 +251,14 @@ l2fib_make_key (const u8 * mac_address, u16 bd_index) * Create the in-register key as F:E:D:C:B:A:H:L * In memory the key is L:H:A:B:C:D:E:F */ - temp = CLIB_MEM_OVERFLOW_LOAD (*, (u64 *) mac_address) << 16; + temp = CLIB_MEM_OVERFLOW_LOAD ((u64 *) mac_address) << 16; temp = (temp & ~0xffff) | (u64) (bd_index); #else /* * Create the in-register key as H:L:A:B:C:D:E:F * In memory the key is H:L:A:B:C:D:E:F */ - temp = CLIB_MEM_OVERFLOW_LOAD (*, (u64 *) mac_address) >> 16; + temp = CLIB_MEM_OVERFLOW_LOAD ((u64 *) mac_address) >> 16; temp = temp | (((u64) bd_index) << 48); #endif diff --git a/src/vppinfra/hash.c b/src/vppinfra/hash.c index fc6c4518048..d40083fdb5b 100644 --- a/src/vppinfra/hash.c +++ b/src/vppinfra/hash.c @@ -153,10 +153,12 @@ hash_memory64 (void *p, word n_bytes, u64 state) if (n % sizeof (u64)) { if (PREDICT_TRUE (page_boundary_crossing == 0)) - c += - zap64 (CLIB_MEM_OVERFLOW - (clib_mem_unaligned (q + 2, u64), q + 2, sizeof (u64)), - n % sizeof (u64)) << 8; + { + CLIB_MEM_OVERFLOW_PUSH (q + 2, sizeof (u64)); + c += zap64 (clib_mem_unaligned (q + 2, u64), n % sizeof (u64)) + << 8; + CLIB_MEM_OVERFLOW_POP (); + } else { clib_memcpy_fast (tmp.as_u8, q + 2, n % sizeof (u64)); @@ -170,10 +172,11 @@ hash_memory64 (void *p, word n_bytes, u64 state) if (n % sizeof (u64)) { if (PREDICT_TRUE (page_boundary_crossing == 0)) - b += - zap64 (CLIB_MEM_OVERFLOW - (clib_mem_unaligned (q + 1, u64), q + 1, sizeof (u64)), - n % sizeof (u64)); + { + CLIB_MEM_OVERFLOW_PUSH (q + 1, sizeof (u64)); + b += zap64 (clib_mem_unaligned (q + 1, u64), n % sizeof (u64)); + CLIB_MEM_OVERFLOW_POP (); + } else { clib_memcpy_fast (tmp.as_u8, q + 1, n % sizeof (u64)); @@ -186,10 +189,11 @@ hash_memory64 (void *p, word n_bytes, u64 state) if (n % sizeof (u64)) { if (PREDICT_TRUE (page_boundary_crossing == 0)) - a += - zap64 (CLIB_MEM_OVERFLOW - (clib_mem_unaligned (q + 0, u64), q + 0, sizeof (u64)), - n % sizeof (u64)); + { + CLIB_MEM_OVERFLOW_PUSH (q + 0, sizeof (u64)); + a += zap64 (clib_mem_unaligned (q + 0, u64), n % sizeof (u64)); + CLIB_MEM_OVERFLOW_POP (); + } else { clib_memcpy_fast (tmp.as_u8, q, n % sizeof (u64)); diff --git a/src/vppinfra/sanitizer.h b/src/vppinfra/sanitizer.h index 658d8281230..cf2da071225 100644 --- a/src/vppinfra/sanitizer.h +++ b/src/vppinfra/sanitizer.h @@ -76,28 +76,33 @@ sanitizer_unpoison_pop__ (const u64 *restrict shadow, const void *ptr, } } -#define CLIB_MEM_OVERFLOW(f, src, n) \ +#define CLIB_MEM_OVERFLOW_PUSH(src, n) \ + do \ + { \ + const void *clib_mem_overflow_src__ = (src); \ + size_t clib_mem_overflow_n__ = (n); \ + u64 clib_mem_overflow_shadow__; \ + sanitizer_unpoison_push__ (&clib_mem_overflow_shadow__, \ + clib_mem_overflow_src__, \ + clib_mem_overflow_n__) + +#define CLIB_MEM_OVERFLOW_POP() \ + sanitizer_unpoison_pop__ (&clib_mem_overflow_shadow__, \ + clib_mem_overflow_src__, clib_mem_overflow_n__); \ + } \ + while (0) + +#define CLIB_MEM_OVERFLOW_LOAD(src) \ ({ \ - typeof (f) clib_mem_overflow_ret__; \ - const void *clib_mem_overflow_src__ = (src); \ - size_t clib_mem_overflow_n__ = (n); \ - u64 clib_mem_overflow_shadow__[CLIB_MEM_OVERFLOW_MAX]; \ - sanitizer_unpoison_push__ (clib_mem_overflow_shadow__, \ - clib_mem_overflow_src__, \ - clib_mem_overflow_n__); \ - clib_mem_overflow_ret__ = f; \ - sanitizer_unpoison_pop__ (clib_mem_overflow_shadow__, \ - clib_mem_overflow_src__, \ - clib_mem_overflow_n__); \ - clib_mem_overflow_ret__; \ + typeof (*(src)) *clib_mem_overflow_load_src__ = (src), \ + clib_mem_overflow_load_ret__; \ + CLIB_MEM_OVERFLOW_PUSH (clib_mem_overflow_load_src__, \ + sizeof (*clib_mem_overflow_load_src__)); \ + clib_mem_overflow_load_ret__ = *clib_mem_overflow_load_src__; \ + CLIB_MEM_OVERFLOW_POP (); \ + clib_mem_overflow_load_ret__; \ }) -#define CLIB_MEM_OVERFLOW_LOAD(f, src) \ - ({ \ - typeof(src) clib_mem_overflow_load_src__ = (src); \ - CLIB_MEM_OVERFLOW(f(clib_mem_overflow_load_src__), clib_mem_overflow_load_src__, sizeof(typeof(f(clib_mem_overflow_load_src__)))); \ - }) - static_always_inline void CLIB_MEM_POISON_LEN (void *src, size_t oldlen, size_t newlen) { @@ -112,8 +117,9 @@ CLIB_MEM_POISON_LEN (void *src, size_t oldlen, size_t newlen) #define CLIB_NOSANITIZE_ADDR #define CLIB_MEM_POISON(a, s) (void)(a) #define CLIB_MEM_UNPOISON(a, s) (void)(a) -#define CLIB_MEM_OVERFLOW(a, b, c) a -#define CLIB_MEM_OVERFLOW_LOAD(f, src) f(src) +#define CLIB_MEM_OVERFLOW_PUSH(a, b) (void) (a) +#define CLIB_MEM_OVERFLOW_POP() +#define CLIB_MEM_OVERFLOW_LOAD(src) (*(src)) #define CLIB_MEM_POISON_LEN(a, b, c) #endif /* CLIB_SANITIZE_ADDR */ -- cgit 1.2.3-korg