From df601ae2d16ed127a9506a7a865484632ee1afe1 Mon Sep 17 00:00:00 2001
From: Benoît Ganne <bganne@cisco.com>
Date: Tue, 20 Oct 2020 14:31:55 +0200
Subject: svm: fix ASAN annotations for external chunks
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Chunks can be allocated from another process. We need to manually
mark them as accessible for ASAN.

Type: fix

Change-Id: Ifbeef3346e9cee2c1231f80cbcf7f9673b5b54be
Signed-off-by: Benoît Ganne <bganne@cisco.com>
---
 src/svm/fifo_segment.c      | 1 +
 src/svm/svm_fifo.c          | 3 +++
 src/vlibmemory/socket_api.c | 5 +++++
 3 files changed, 9 insertions(+)

diff --git a/src/svm/fifo_segment.c b/src/svm/fifo_segment.c
index 83437183d1d..8503819f42f 100644
--- a/src/svm/fifo_segment.c
+++ b/src/svm/fifo_segment.c
@@ -781,6 +781,7 @@ fsh_slice_collect_chunks (fifo_segment_header_t * fsh,
 
   while (c)
     {
+      CLIB_MEM_UNPOISON (c, sizeof (*c));
       next = c->next;
       fl_index = fs_freelist_for_size (c->length);
       c->next = fss->free_chunks[fl_index];
diff --git a/src/svm/svm_fifo.c b/src/svm/svm_fifo.c
index 22cb64eb475..d49cbe2bf7d 100644
--- a/src/svm/svm_fifo.c
+++ b/src/svm/svm_fifo.c
@@ -70,6 +70,8 @@ CLIB_MARCH_FN (svm_fifo_copy_from_chunk, void, svm_fifo_t * f,
       c = c->next;
       while ((to_copy -= n_chunk))
 	{
+	  CLIB_MEM_UNPOISON (c, sizeof (*c));
+	  CLIB_MEM_UNPOISON (c->data, c->length);
 	  n_chunk = clib_min (c->length, to_copy);
 	  clib_memcpy_fast (dst + (len - to_copy), &c->data[0], n_chunk);
 	  c = c->length <= to_copy ? c->next : c;
@@ -1054,6 +1056,7 @@ svm_fifo_peek (svm_fifo_t * f, u32 offset, u32 len, u8 * dst)
   len = clib_min (cursize - offset, len);
   head_idx = head + offset;
 
+  CLIB_MEM_UNPOISON (f->ooo_deq, sizeof (*f->ooo_deq));
   if (!f->ooo_deq || !f_chunk_includes_pos (f->ooo_deq, head_idx))
     f_update_ooo_deq (f, head_idx, head_idx + len);
 
diff --git a/src/vlibmemory/socket_api.c b/src/vlibmemory/socket_api.c
index 51c52b43e7a..d724164d213 100644
--- a/src/vlibmemory/socket_api.c
+++ b/src/vlibmemory/socket_api.c
@@ -645,6 +645,11 @@ vl_api_sock_init_shm_t_handler (vl_api_sock_init_shm_t * mp)
   if ((rv = ssvm_server_init_memfd (memfd)))
     goto reply;
 
+  /* delete the unused heap created in ssvm_server_init_memfd and mark it
+   * accessible again for ASAN */
+  clib_mem_destroy_heap (memfd->sh->heap);
+  CLIB_MEM_UNPOISON ((void *) memfd->sh->ssvm_va, memfd->ssvm_size);
+
   /* Remember to close this fd when the socket connection goes away */
   vec_add1 (regp->additional_fds_to_close, memfd->fd);
 
-- 
cgit 1.2.3-korg