mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2024-12-19 09:04:51 +08:00
b9edbfe1ad
Commit 3df98d7921
("lsm,selinux: pass flowi_common instead of flowi
to the LSM hooks") introduced flowi{4,6}_to_flowi_common() functions which
cause UBSAN warning when building with LLVM 11.0.1 on Ubuntu 21.04.
================================================================================
UBSAN: object-size-mismatch in ./include/net/flow.h:197:33
member access within address ffffc9000109fbd8 with insufficient space
for an object of type 'struct flowi'
CPU: 2 PID: 7410 Comm: systemd-resolve Not tainted 5.14.0 #51
Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 02/27/2020
Call Trace:
dump_stack_lvl+0x103/0x171
ubsan_type_mismatch_common+0x1de/0x390
__ubsan_handle_type_mismatch_v1+0x41/0x50
udp_sendmsg+0xda2/0x1300
? ip_skb_dst_mtu+0x1f0/0x1f0
? sock_rps_record_flow+0xe/0x200
? inet_send_prepare+0x2d/0x90
sock_sendmsg+0x49/0x80
____sys_sendmsg+0x269/0x370
__sys_sendmsg+0x15e/0x1d0
? syscall_enter_from_user_mode+0xf0/0x1b0
do_syscall_64+0x3d/0xb0
entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7f7081a50497
Code: 0c 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 89 74 24 10
RSP: 002b:00007ffc153870f8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00007f7081a50497
RDX: 0000000000000000 RSI: 00007ffc15387140 RDI: 000000000000000c
RBP: 00007ffc15387140 R08: 0000563f29a5e4fc R09: 000000000000cd28
R10: 0000563f29a68a30 R11: 0000000000000246 R12: 000000000000000c
R13: 0000000000000001 R14: 0000563f29a68a30 R15: 0000563f29a5e50c
================================================================================
I don't think we need to call flowi{4,6}_to_flowi() from these functions
because the first member of "struct flowi4" and "struct flowi6" is
struct flowi_common __fl_common;
while the first member of "struct flowi" is
union {
struct flowi_common __fl_common;
struct flowi4 ip4;
struct flowi6 ip6;
struct flowidn dn;
} u;
which should point to the same address without access to "struct flowi".
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: David S. Miller <davem@davemloft.net>
218 lines
5.5 KiB
C
218 lines
5.5 KiB
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
/*
|
|
*
|
|
* Generic internet FLOW.
|
|
*
|
|
*/
|
|
|
|
#ifndef _NET_FLOW_H
|
|
#define _NET_FLOW_H
|
|
|
|
#include <linux/socket.h>
|
|
#include <linux/in6.h>
|
|
#include <linux/atomic.h>
|
|
#include <net/flow_dissector.h>
|
|
#include <linux/uidgid.h>
|
|
|
|
/*
|
|
* ifindex generation is per-net namespace, and loopback is
|
|
* always the 1st device in ns (see net_dev_init), thus any
|
|
* loopback device should get ifindex 1
|
|
*/
|
|
|
|
#define LOOPBACK_IFINDEX 1
|
|
|
|
struct flowi_tunnel {
|
|
__be64 tun_id;
|
|
};
|
|
|
|
struct flowi_common {
|
|
int flowic_oif;
|
|
int flowic_iif;
|
|
__u32 flowic_mark;
|
|
__u8 flowic_tos;
|
|
__u8 flowic_scope;
|
|
__u8 flowic_proto;
|
|
__u8 flowic_flags;
|
|
#define FLOWI_FLAG_ANYSRC 0x01
|
|
#define FLOWI_FLAG_KNOWN_NH 0x02
|
|
#define FLOWI_FLAG_SKIP_NH_OIF 0x04
|
|
__u32 flowic_secid;
|
|
kuid_t flowic_uid;
|
|
struct flowi_tunnel flowic_tun_key;
|
|
__u32 flowic_multipath_hash;
|
|
};
|
|
|
|
union flowi_uli {
|
|
struct {
|
|
__be16 dport;
|
|
__be16 sport;
|
|
} ports;
|
|
|
|
struct {
|
|
__u8 type;
|
|
__u8 code;
|
|
} icmpt;
|
|
|
|
struct {
|
|
__le16 dport;
|
|
__le16 sport;
|
|
} dnports;
|
|
|
|
__be32 gre_key;
|
|
|
|
struct {
|
|
__u8 type;
|
|
} mht;
|
|
};
|
|
|
|
struct flowi4 {
|
|
struct flowi_common __fl_common;
|
|
#define flowi4_oif __fl_common.flowic_oif
|
|
#define flowi4_iif __fl_common.flowic_iif
|
|
#define flowi4_mark __fl_common.flowic_mark
|
|
#define flowi4_tos __fl_common.flowic_tos
|
|
#define flowi4_scope __fl_common.flowic_scope
|
|
#define flowi4_proto __fl_common.flowic_proto
|
|
#define flowi4_flags __fl_common.flowic_flags
|
|
#define flowi4_secid __fl_common.flowic_secid
|
|
#define flowi4_tun_key __fl_common.flowic_tun_key
|
|
#define flowi4_uid __fl_common.flowic_uid
|
|
#define flowi4_multipath_hash __fl_common.flowic_multipath_hash
|
|
|
|
/* (saddr,daddr) must be grouped, same order as in IP header */
|
|
__be32 saddr;
|
|
__be32 daddr;
|
|
|
|
union flowi_uli uli;
|
|
#define fl4_sport uli.ports.sport
|
|
#define fl4_dport uli.ports.dport
|
|
#define fl4_icmp_type uli.icmpt.type
|
|
#define fl4_icmp_code uli.icmpt.code
|
|
#define fl4_mh_type uli.mht.type
|
|
#define fl4_gre_key uli.gre_key
|
|
} __attribute__((__aligned__(BITS_PER_LONG/8)));
|
|
|
|
static inline void flowi4_init_output(struct flowi4 *fl4, int oif,
|
|
__u32 mark, __u8 tos, __u8 scope,
|
|
__u8 proto, __u8 flags,
|
|
__be32 daddr, __be32 saddr,
|
|
__be16 dport, __be16 sport,
|
|
kuid_t uid)
|
|
{
|
|
fl4->flowi4_oif = oif;
|
|
fl4->flowi4_iif = LOOPBACK_IFINDEX;
|
|
fl4->flowi4_mark = mark;
|
|
fl4->flowi4_tos = tos;
|
|
fl4->flowi4_scope = scope;
|
|
fl4->flowi4_proto = proto;
|
|
fl4->flowi4_flags = flags;
|
|
fl4->flowi4_secid = 0;
|
|
fl4->flowi4_tun_key.tun_id = 0;
|
|
fl4->flowi4_uid = uid;
|
|
fl4->daddr = daddr;
|
|
fl4->saddr = saddr;
|
|
fl4->fl4_dport = dport;
|
|
fl4->fl4_sport = sport;
|
|
fl4->flowi4_multipath_hash = 0;
|
|
}
|
|
|
|
/* Reset some input parameters after previous lookup */
|
|
static inline void flowi4_update_output(struct flowi4 *fl4, int oif, __u8 tos,
|
|
__be32 daddr, __be32 saddr)
|
|
{
|
|
fl4->flowi4_oif = oif;
|
|
fl4->flowi4_tos = tos;
|
|
fl4->daddr = daddr;
|
|
fl4->saddr = saddr;
|
|
}
|
|
|
|
|
|
struct flowi6 {
|
|
struct flowi_common __fl_common;
|
|
#define flowi6_oif __fl_common.flowic_oif
|
|
#define flowi6_iif __fl_common.flowic_iif
|
|
#define flowi6_mark __fl_common.flowic_mark
|
|
#define flowi6_scope __fl_common.flowic_scope
|
|
#define flowi6_proto __fl_common.flowic_proto
|
|
#define flowi6_flags __fl_common.flowic_flags
|
|
#define flowi6_secid __fl_common.flowic_secid
|
|
#define flowi6_tun_key __fl_common.flowic_tun_key
|
|
#define flowi6_uid __fl_common.flowic_uid
|
|
struct in6_addr daddr;
|
|
struct in6_addr saddr;
|
|
/* Note: flowi6_tos is encoded in flowlabel, too. */
|
|
__be32 flowlabel;
|
|
union flowi_uli uli;
|
|
#define fl6_sport uli.ports.sport
|
|
#define fl6_dport uli.ports.dport
|
|
#define fl6_icmp_type uli.icmpt.type
|
|
#define fl6_icmp_code uli.icmpt.code
|
|
#define fl6_mh_type uli.mht.type
|
|
#define fl6_gre_key uli.gre_key
|
|
__u32 mp_hash;
|
|
} __attribute__((__aligned__(BITS_PER_LONG/8)));
|
|
|
|
struct flowidn {
|
|
struct flowi_common __fl_common;
|
|
#define flowidn_oif __fl_common.flowic_oif
|
|
#define flowidn_iif __fl_common.flowic_iif
|
|
#define flowidn_mark __fl_common.flowic_mark
|
|
#define flowidn_scope __fl_common.flowic_scope
|
|
#define flowidn_proto __fl_common.flowic_proto
|
|
#define flowidn_flags __fl_common.flowic_flags
|
|
__le16 daddr;
|
|
__le16 saddr;
|
|
union flowi_uli uli;
|
|
#define fld_sport uli.ports.sport
|
|
#define fld_dport uli.ports.dport
|
|
} __attribute__((__aligned__(BITS_PER_LONG/8)));
|
|
|
|
struct flowi {
|
|
union {
|
|
struct flowi_common __fl_common;
|
|
struct flowi4 ip4;
|
|
struct flowi6 ip6;
|
|
struct flowidn dn;
|
|
} u;
|
|
#define flowi_oif u.__fl_common.flowic_oif
|
|
#define flowi_iif u.__fl_common.flowic_iif
|
|
#define flowi_mark u.__fl_common.flowic_mark
|
|
#define flowi_tos u.__fl_common.flowic_tos
|
|
#define flowi_scope u.__fl_common.flowic_scope
|
|
#define flowi_proto u.__fl_common.flowic_proto
|
|
#define flowi_flags u.__fl_common.flowic_flags
|
|
#define flowi_secid u.__fl_common.flowic_secid
|
|
#define flowi_tun_key u.__fl_common.flowic_tun_key
|
|
#define flowi_uid u.__fl_common.flowic_uid
|
|
} __attribute__((__aligned__(BITS_PER_LONG/8)));
|
|
|
|
static inline struct flowi *flowi4_to_flowi(struct flowi4 *fl4)
|
|
{
|
|
return container_of(fl4, struct flowi, u.ip4);
|
|
}
|
|
|
|
static inline struct flowi_common *flowi4_to_flowi_common(struct flowi4 *fl4)
|
|
{
|
|
return &(fl4->__fl_common);
|
|
}
|
|
|
|
static inline struct flowi *flowi6_to_flowi(struct flowi6 *fl6)
|
|
{
|
|
return container_of(fl6, struct flowi, u.ip6);
|
|
}
|
|
|
|
static inline struct flowi_common *flowi6_to_flowi_common(struct flowi6 *fl6)
|
|
{
|
|
return &(fl6->__fl_common);
|
|
}
|
|
|
|
static inline struct flowi *flowidn_to_flowi(struct flowidn *fldn)
|
|
{
|
|
return container_of(fldn, struct flowi, u.dn);
|
|
}
|
|
|
|
__u32 __get_hash_from_flowi6(const struct flowi6 *fl6, struct flow_keys *keys);
|
|
|
|
#endif
|