From: Eric Dumazet <dada1@cosmosbay.com>
To: David Miller <davem@davemloft.net>
Cc: netdev@vger.kernel.org
Subject: [RFC] Question about potential problem in net/ipv4/route.c
Date: Wed, 11 Oct 2006 15:11:18 +0200 [thread overview]
Message-ID: <200610111511.19028.dada1@cosmosbay.com> (raw)
In-Reply-To: <20061011.022015.63051509.davem@davemloft.net>
Hi David
While browsing net/ipv4/route.c I discovered compare_keys() function, and a
potential bug in it.
static inline int compare_keys(struct flowi *fl1, struct flowi *fl2)
{
return memcmp(&fl1->nl_u.ip4_u, &fl2->nl_u.ip4_u,
sizeof(fl1->nl_u.ip4_u)) == 0 &&
fl1->oif == fl2->oif &&
fl1->iif == fl2->iif;
}
Using memcmp(ptr1, ptr2, sizeof(SOMEFIELD)) is dangerous because
sizeof(SOMEFIELD) can be larger than the underlying object, because of
alignment constraints.
In this case, sizeof(fl1->nl_u.ip4_u) is 16, while fl1->nl_u.ip4_u is :
struct {
__u32 daddr;
__u32 saddr;
__u32 fwmark;
__u8 tos;
__u8 scope;
} ip4_u;
So 14 bytes are really initialized, and 2 padding bytes might contain random
values...
So at the very minimum, we should avoid doing the memcmp() including those
last two bytes : It would be less bugy, and faster too... (But to get really
fast comparison, we should do some clever long/int XOR operations to avoid
many test/branches, like the optim we did in compare_ether_addr())
As shown in profiles, "repz cmpsb" is really a dog... (and its use of
esi/edi/ecx registers a high pressure for the compiler/optimizer)
Eric
next prev parent reply other threads:[~2006-10-11 13:11 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-10-09 17:47 Dropping NETIF_F_SG since no checksum feature Michael S. Tsirkin
2006-10-09 16:50 ` Stephen Hemminger
2006-10-10 14:43 ` Michael S. Tsirkin
2006-10-10 17:43 ` Stephen Hemminger
2006-10-11 0:13 ` Michael S. Tsirkin
2006-10-11 0:15 ` Roland Dreier
2006-10-11 0:26 ` Michael S. Tsirkin
2006-10-11 3:33 ` Roland Dreier
2006-10-11 3:36 ` David Miller
2006-10-11 3:42 ` Roland Dreier
2006-10-11 3:45 ` David Miller
2006-10-11 3:49 ` Roland Dreier
2006-10-11 3:50 ` David Miller
2006-10-11 2:15 ` David Miller
2006-10-11 9:05 ` Michael S. Tsirkin
2006-10-11 9:09 ` Steven Whitehouse
2006-10-11 15:01 ` Michael S. Tsirkin
2006-10-11 20:11 ` Steven Whitehouse
2006-10-11 20:52 ` Michael S. Tsirkin
2006-10-11 20:57 ` Stephen Hemminger
2006-10-11 21:23 ` Michael S. Tsirkin
2006-10-11 21:29 ` Stephen Hemminger
2006-10-11 21:42 ` Michael S. Tsirkin
2006-10-11 21:41 ` David Miller
2006-10-12 19:12 ` Michael S. Tsirkin
2006-10-13 4:22 ` David Miller
2006-10-13 6:17 ` Michael S. Tsirkin
2006-10-11 20:52 ` David Miller
2006-10-11 21:11 ` Michael S. Tsirkin
2006-10-11 9:20 ` David Miller
2006-10-11 9:46 ` Michael S. Tsirkin
2006-10-11 18:21 ` [openib-general] " Michael Krause
2006-10-11 13:11 ` Eric Dumazet [this message]
2006-10-12 5:05 ` [RFC] Question about potential problem in net/ipv4/route.c David Miller
2006-10-12 5:31 ` Patrick McHardy
2006-10-12 5:54 ` David Miller
2006-10-12 5:48 ` Eric Dumazet
2006-10-12 6:02 ` David Miller
2006-10-12 6:10 ` Patrick McHardy
2006-10-12 6:25 ` David Miller
2006-10-12 6:35 ` Eric Dumazet
2006-10-12 7:48 ` David Miller
2006-10-16 9:00 ` [PATCH] NET : Suspicious locking in reqsk_queue_hash_req() Eric Dumazet
2006-10-16 9:07 ` Eric Dumazet
2006-10-16 16:16 ` Arnaldo Carvalho de Melo
2006-10-16 16:56 ` Eric Dumazet
2006-10-16 17:39 ` Eric Dumazet
2006-10-16 20:41 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200610111511.19028.dada1@cosmosbay.com \
--to=dada1@cosmosbay.com \
--cc=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).