summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBenoît Ganne <bganne@cisco.com>2021-09-08 15:36:56 +0200
committerDamjan Marion <dmarion@me.com>2021-10-07 15:36:04 +0000
commit9685624a50613344ad6cc1405fa561ea86888f06 (patch)
treee6c473c77117ea8f775743d489c4b8d39bc5cc22
parent9888fdad4170627b0b26c902cc22d9df23ba56c2 (diff)
vppinfra: asan: improve overflow semantic
Type: improvement Change-Id: Ia63899b82e34f179f9efa921e4630b598f2a86cb Signed-off-by: Benoît Ganne <bganne@cisco.com>
-rw-r--r--src/plugins/crypto_native/aes.h2
-rw-r--r--src/vnet/l2/l2_fib.h4
-rw-r--r--src/vppinfra/hash.c28
-rw-r--r--src/vppinfra/sanitizer.h48
4 files changed, 46 insertions, 36 deletions
diff --git a/src/plugins/crypto_native/aes.h b/src/plugins/crypto_native/aes.h
index 762d528d064..24b111aea82 100644
--- a/src/plugins/crypto_native/aes.h
+++ b/src/plugins/crypto_native/aes.h
@@ -119,7 +119,7 @@ aes_load_partial (u8x16u * p, int n_bytes)
__m128i zero = { };
return (u8x16) _mm_mask_loadu_epi8 (zero, (1 << n_bytes) - 1, p);
#else
- return aes_byte_mask (CLIB_MEM_OVERFLOW_LOAD (*, p), n_bytes);
+ return aes_byte_mask (CLIB_MEM_OVERFLOW_LOAD (p), n_bytes);
#endif
}
diff --git a/src/vnet/l2/l2_fib.h b/src/vnet/l2/l2_fib.h
index 7f7cd761e20..202e2d9a33b 100644
--- a/src/vnet/l2/l2_fib.h
+++ b/src/vnet/l2/l2_fib.h
@@ -251,14 +251,14 @@ l2fib_make_key (const u8 * mac_address, u16 bd_index)
* Create the in-register key as F:E:D:C:B:A:H:L
* In memory the key is L:H:A:B:C:D:E:F
*/
- temp = CLIB_MEM_OVERFLOW_LOAD (*, (u64 *) mac_address) << 16;
+ temp = CLIB_MEM_OVERFLOW_LOAD ((u64 *) mac_address) << 16;
temp = (temp & ~0xffff) | (u64) (bd_index);
#else
/*
* Create the in-register key as H:L:A:B:C:D:E:F
* In memory the key is H:L:A:B:C:D:E:F
*/
- temp = CLIB_MEM_OVERFLOW_LOAD (*, (u64 *) mac_address) >> 16;
+ temp = CLIB_MEM_OVERFLOW_LOAD ((u64 *) mac_address) >> 16;
temp = temp | (((u64) bd_index) << 48);
#endif
diff --git a/src/vppinfra/hash.c b/src/vppinfra/hash.c
index fc6c4518048..d40083fdb5b 100644
--- a/src/vppinfra/hash.c
+++ b/src/vppinfra/hash.c
@@ -153,10 +153,12 @@ hash_memory64 (void *p, word n_bytes, u64 state)
if (n % sizeof (u64))
{
if (PREDICT_TRUE (page_boundary_crossing == 0))
- c +=
- zap64 (CLIB_MEM_OVERFLOW
- (clib_mem_unaligned (q + 2, u64), q + 2, sizeof (u64)),
- n % sizeof (u64)) << 8;
+ {
+ CLIB_MEM_OVERFLOW_PUSH (q + 2, sizeof (u64));
+ c += zap64 (clib_mem_unaligned (q + 2, u64), n % sizeof (u64))
+ << 8;
+ CLIB_MEM_OVERFLOW_POP ();
+ }
else
{
clib_memcpy_fast (tmp.as_u8, q + 2, n % sizeof (u64));
@@ -170,10 +172,11 @@ hash_memory64 (void *p, word n_bytes, u64 state)
if (n % sizeof (u64))
{
if (PREDICT_TRUE (page_boundary_crossing == 0))
- b +=
- zap64 (CLIB_MEM_OVERFLOW
- (clib_mem_unaligned (q + 1, u64), q + 1, sizeof (u64)),
- n % sizeof (u64));
+ {
+ CLIB_MEM_OVERFLOW_PUSH (q + 1, sizeof (u64));
+ b += zap64 (clib_mem_unaligned (q + 1, u64), n % sizeof (u64));
+ CLIB_MEM_OVERFLOW_POP ();
+ }
else
{
clib_memcpy_fast (tmp.as_u8, q + 1, n % sizeof (u64));
@@ -186,10 +189,11 @@ hash_memory64 (void *p, word n_bytes, u64 state)
if (n % sizeof (u64))
{
if (PREDICT_TRUE (page_boundary_crossing == 0))
- a +=
- zap64 (CLIB_MEM_OVERFLOW
- (clib_mem_unaligned (q + 0, u64), q + 0, sizeof (u64)),
- n % sizeof (u64));
+ {
+ CLIB_MEM_OVERFLOW_PUSH (q + 0, sizeof (u64));
+ a += zap64 (clib_mem_unaligned (q + 0, u64), n % sizeof (u64));
+ CLIB_MEM_OVERFLOW_POP ();
+ }
else
{
clib_memcpy_fast (tmp.as_u8, q, n % sizeof (u64));
diff --git a/src/vppinfra/sanitizer.h b/src/vppinfra/sanitizer.h
index 658d8281230..cf2da071225 100644
--- a/src/vppinfra/sanitizer.h
+++ b/src/vppinfra/sanitizer.h
@@ -76,28 +76,33 @@ sanitizer_unpoison_pop__ (const u64 *restrict shadow, const void *ptr,
}
}
-#define CLIB_MEM_OVERFLOW(f, src, n) \
+#define CLIB_MEM_OVERFLOW_PUSH(src, n) \
+ do \
+ { \
+ const void *clib_mem_overflow_src__ = (src); \
+ size_t clib_mem_overflow_n__ = (n); \
+ u64 clib_mem_overflow_shadow__; \
+ sanitizer_unpoison_push__ (&clib_mem_overflow_shadow__, \
+ clib_mem_overflow_src__, \
+ clib_mem_overflow_n__)
+
+#define CLIB_MEM_OVERFLOW_POP() \
+ sanitizer_unpoison_pop__ (&clib_mem_overflow_shadow__, \
+ clib_mem_overflow_src__, clib_mem_overflow_n__); \
+ } \
+ while (0)
+
+#define CLIB_MEM_OVERFLOW_LOAD(src) \
({ \
- typeof (f) clib_mem_overflow_ret__; \
- const void *clib_mem_overflow_src__ = (src); \
- size_t clib_mem_overflow_n__ = (n); \
- u64 clib_mem_overflow_shadow__[CLIB_MEM_OVERFLOW_MAX]; \
- sanitizer_unpoison_push__ (clib_mem_overflow_shadow__, \
- clib_mem_overflow_src__, \
- clib_mem_overflow_n__); \
- clib_mem_overflow_ret__ = f; \
- sanitizer_unpoison_pop__ (clib_mem_overflow_shadow__, \
- clib_mem_overflow_src__, \
- clib_mem_overflow_n__); \
- clib_mem_overflow_ret__; \
+ typeof (*(src)) *clib_mem_overflow_load_src__ = (src), \
+ clib_mem_overflow_load_ret__; \
+ CLIB_MEM_OVERFLOW_PUSH (clib_mem_overflow_load_src__, \
+ sizeof (*clib_mem_overflow_load_src__)); \
+ clib_mem_overflow_load_ret__ = *clib_mem_overflow_load_src__; \
+ CLIB_MEM_OVERFLOW_POP (); \
+ clib_mem_overflow_load_ret__; \
})
-#define CLIB_MEM_OVERFLOW_LOAD(f, src) \
- ({ \
- typeof(src) clib_mem_overflow_load_src__ = (src); \
- CLIB_MEM_OVERFLOW(f(clib_mem_overflow_load_src__), clib_mem_overflow_load_src__, sizeof(typeof(f(clib_mem_overflow_load_src__)))); \
- })
-
static_always_inline void
CLIB_MEM_POISON_LEN (void *src, size_t oldlen, size_t newlen)
{
@@ -112,8 +117,9 @@ CLIB_MEM_POISON_LEN (void *src, size_t oldlen, size_t newlen)
#define CLIB_NOSANITIZE_ADDR
#define CLIB_MEM_POISON(a, s) (void)(a)
#define CLIB_MEM_UNPOISON(a, s) (void)(a)
-#define CLIB_MEM_OVERFLOW(a, b, c) a
-#define CLIB_MEM_OVERFLOW_LOAD(f, src) f(src)
+#define CLIB_MEM_OVERFLOW_PUSH(a, b) (void) (a)
+#define CLIB_MEM_OVERFLOW_POP()
+#define CLIB_MEM_OVERFLOW_LOAD(src) (*(src))
#define CLIB_MEM_POISON_LEN(a, b, c)
#endif /* CLIB_SANITIZE_ADDR */