Re: [PATCH bpf-next v2] libbpf: Fix potential uninitialized tail padding with LIBBPF_OPTS_RESET

BPF List
 help / color / mirror / Atom feed

From: Martin KaFai Lau <martin.lau@linux.dev>
To: Yonghong Song <yonghong.song@linux.dev>, bpf@vger.kernel.org
Cc: Alexei Starovoitov <ast@kernel.org>,
	Andrii Nakryiko <andrii@kernel.org>,
	Daniel Borkmann <daniel@iogearbox.net>,
	kernel-team@fb.com, Martin KaFai Lau <martin.lau@kernel.org>
Subject: Re: [PATCH bpf-next v2] libbpf: Fix potential uninitialized tail padding with LIBBPF_OPTS_RESET
Date: Tue, 7 Nov 2023 10:54:47 -0800	[thread overview]
Message-ID: <9bd0b6b7-6a11-7727-e469-2e0c9cd9cb56@linux.dev> (raw)
In-Reply-To: <20231107062936.2537338-1-yonghong.song@linux.dev>

On 11/6/23 10:29 PM, Yonghong Song wrote:
> Martin reported that there is a libbpf complaining of non-zero-value tail
> padding with LIBBPF_OPTS_RESET macro if struct bpf_netkit_opts is modified
> to have a 4-byte tail padding. This only happens to clang compiler.
> The commend line is: ./test_progs -t tc_netkit_multi_links
> Martin and I did some investigation and found this indeed the case and
> the following are the investigation details.
> 
> Clang 18:
>    clang version 18.0.0
>    <I tried clang15/16/17 and they all have similar results>
> 
> tools/lib/bpf/libbpf_common.h:
>    #define LIBBPF_OPTS_RESET(NAME, ...)                                      \
>          do {                                                                \
>                  memset(&NAME, 0, sizeof(NAME));                             \
>                  NAME = (typeof(NAME)) {                                     \
>                          .sz = sizeof(NAME),                                 \
>                          __VA_ARGS__                                         \
>                  };                                                          \
>          } while (0)
> 
>    #endif
> 
> tools/lib/bpf/libbpf.h:
>    struct bpf_netkit_opts {
>          /* size of this struct, for forward/backward compatibility */
>          size_t sz;
>          __u32 flags;
>          __u32 relative_fd;
>          __u32 relative_id;
>          __u64 expected_revision;
>          size_t :0;
>    };
>    #define bpf_netkit_opts__last_field expected_revision
> In the above struct bpf_netkit_opts, there is no tail padding.
> 
> prog_tests/tc_netkit.c:
>    static void serial_test_tc_netkit_multi_links_target(int mode, int target)
>    {
>          ...
>          LIBBPF_OPTS(bpf_netkit_opts, optl);
>          ...
>          LIBBPF_OPTS_RESET(optl,
>                  .flags = BPF_F_BEFORE,
>                  .relative_fd = bpf_program__fd(skel->progs.tc1),
>          );
>          ...
>    }
> 
> Let us make the following source change, note that we have a 4-byte
> tailing padding now.
>    diff --git a/tools/lib/bpf/libbpf.h b/tools/lib/bpf/libbpf.h
>    index 6cd9c501624f..0dd83910ae9a 100644
>    --- a/tools/lib/bpf/libbpf.h
>    +++ b/tools/lib/bpf/libbpf.h
>    @@ -803,13 +803,13 @@ bpf_program__attach_tcx(const struct bpf_program *prog, int ifindex,
>     struct bpf_netkit_opts {
>          /* size of this struct, for forward/backward compatibility */
>          size_t sz;
>    -       __u32 flags;
>          __u32 relative_fd;
>          __u32 relative_id;
>          __u64 expected_revision;
>    +       __u32 flags;
>          size_t :0;
>     };
>    -#define bpf_netkit_opts__last_field expected_revision
>    +#define bpf_netkit_opts__last_field flags

The bpf_netkit_ops is in the bpf tree. If avoiding a hole in bpf_netkit_opts 
like above is preferred, probably the fix in this patch and the bpf_netkit_ops 
change should be in the same libbpf version?

Ran the test in a loop. It resolved the issue.

Tested-by: Martin KaFai Lau <martin.lau@kernel.org>

next prev parent reply	other threads:[~2023-11-07 18:54 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-11-07  6:29 [PATCH bpf-next v2] libbpf: Fix potential uninitialized tail padding with LIBBPF_OPTS_RESET Yonghong Song
2023-11-07 13:07 ` Jiri Olsa
2023-11-07 15:29   ` Yonghong Song
2023-11-07 18:23 ` Andrii Nakryiko
2023-11-07 20:07   ` Yonghong Song
2023-11-07 18:54 ` Martin KaFai Lau [this message]
2023-11-07 19:27   ` Andrii Nakryiko

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=9bd0b6b7-6a11-7727-e469-2e0c9cd9cb56@linux.dev \
    --to=martin.lau@linux.dev \
    --cc=andrii@kernel.org \
    --cc=ast@kernel.org \
    --cc=bpf@vger.kernel.org \
    --cc=daniel@iogearbox.net \
    --cc=kernel-team@fb.com \
    --cc=martin.lau@kernel.org \
    --cc=yonghong.song@linux.dev \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox