[PATCH bpf-next v3 0/1] Avoid size mismatches in skeletons

[Delyan Kratunov <delyank@fb.com>]

As reported in [0], kernel and userspace can sometimes disagree
on the size of a type. This leads to trouble when userspace maps the memory of
a bpf program and reads/writes to it assuming a different memory layout.

With this change, the skeletons now contain size asserts to ensure the
types in userspace are compatible in size with the types in the bpf program.
In particular, we emit asserts for all top-level fields in the data/rodata/bss/etc
structs, but not recursively for the individual members inside - this strikes a
compromise between diagnostics precision and still catching all possible size
mismatches.

The generated asserts are contained within a skeleton__type_asserts function
at the end of the (l)skel.h like so:

  #ifdef __cplusplus
  #define _Static_assert static_assert
  #endif

  __attribute__((unused)) static void
  atomics_lskel__type_asserts(struct atomics_lskel *s)
  {
    _Static_assert(sizeof(s->data->skip_tests) == 1, "unexpected size of 'skip_tests'");
    _Static_assert(sizeof(s->data->add64_value) == 8, "unexpected size of 'add64_value'");
    ...
  }

  #ifdef __cplusplus
  #undef _Static_assert
  #endif


v2 -> v3:
 - group all static asserts in one function at the end of the file
 - only use macros in C++ mode

v1 -> v2:
 - drop the stdint approach in favor of static asserts right after the structs

Delyan Kratunov (1):
  bpftool: bpf skeletons assert type sizes

 tools/bpf/bpftool/gen.c | 134 +++++++++++++++++++++++++++++++++-------
 1 file changed, 112 insertions(+), 22 deletions(-)

--
2.34.1