| Message ID | 20240619131917.331390-1-mkp@redhat.com |
|---|---|
| State | Accepted, archived |
| Commit | 6b09799f03548f0377788f18160a3d9db3eac752 |
| Delegated to: | Ilya Maximets |
| Headers | show |
| Series | [ovs-dev,v3] ofp-prop: Fix unaligned 128 bit access. | expand |
| Context | Check | Description |
|---|---|---|
| ovsrobot/apply-robot | success | apply and check: success |
| ovsrobot/github-robot-_Build_and_Test | success | github build: passed |
| ovsrobot/intel-ovs-compilation | success | test: success |
On Wed, Jun 19, 2024 at 3:19 PM Mike Pattrick <mkp@redhat.com> wrote: > When compiling with '-fsanitize=address,undefined', the "ovs-ofctl > ct-flush" test will yield the following undefined behavior flagged by > UBSan. This problem is caused by the fact that 128bit property put/parse > functions weren't adding appropriate padding before writing or reading > the value. > > This patch uses get_32aligned_* functions to copy the bytes as they are > aligned. > > lib/ofp-prop.c:277:14: runtime error: load of misaligned address > 0x60600000687c for type 'union ovs_be128', which requires 8 byte > alignment > 0x60600000687c: note: pointer points here > 00 05 00 14 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ab 00 > ^ > 0: in ofpprop_parse_u128 lib/ofp-prop.c:277 > 1: in ofp_ct_match_decode lib/ofp-ct.c:525 > 2: in ofp_print_nxt_ct_flush lib/ofp-print.c:959 > 3: in ofp_to_string__ lib/ofp-print.c:1206 > 4: in ofp_to_string lib/ofp-print.c:1264 > 5: in ofp_print lib/ofp-print.c:1308 > 6: in ofctl_ofp_print utilities/ovs-ofctl.c:4899 > 7: in ovs_cmdl_run_command__ lib/command-line.c:247 > 8: in ovs_cmdl_run_command lib/command-line.c:278 > 9: in main utilities/ovs-ofctl.c:186 > > Signed-off-by: Mike Pattrick <mkp@redhat.com> > --- > v2: removed memcpy > v3: fixed checkpatch > --- > lib/ofp-prop.c | 17 ++++++++++------- > 1 file changed, 10 insertions(+), 7 deletions(-) > > diff --git a/lib/ofp-prop.c b/lib/ofp-prop.c > index 0a685750c..0e54543bd 100644 > --- a/lib/ofp-prop.c > +++ b/lib/ofp-prop.c > @@ -21,6 +21,7 @@ > #include "openvswitch/ofp-errors.h" > #include "openvswitch/ofp-prop.h" > #include "openvswitch/vlog.h" > +#include "unaligned.h" > #include "util.h" > #include "uuid.h" > > @@ -190,11 +191,12 @@ ofpprop_parse_be64(const struct ofpbuf *property, > ovs_be64 *value) > enum ofperr > ofpprop_parse_be128(const struct ofpbuf *property, ovs_be128 *value) > { > - ovs_be128 *p = property->msg; > + ovs_32aligned_be128 *p = property->msg; > + > if (ofpbuf_msgsize(property) != sizeof *p) { > return OFPERR_OFPBPC_BAD_LEN; > } > - *value = *p; > + *value = get_32aligned_be128(p); > return 0; > } > > @@ -270,12 +272,13 @@ ofpprop_parse_u64(const struct ofpbuf *property, > uint64_t *value) > enum ofperr > ofpprop_parse_u128(const struct ofpbuf *property, ovs_u128 *value) > { > - ovs_be128 *p = property->msg; > - if (ofpbuf_msgsize(property) != sizeof *p) { > - return OFPERR_OFPBPC_BAD_LEN; > + enum ofperr error = ofpprop_parse_be128(property, (ovs_be128 *) > value); > + > + if (!error) { > + *value = ntoh128(*(ovs_be128 *) value); > } > - *value = ntoh128(*p); > - return 0; > + > + return error; > } > > /* Attempts to parse 'property' as a property containing a UUID. If > -- > 2.39.3 > > _______________________________________________ > dev mailing list > dev@openvswitch.org > https://mail.openvswitch.org/mailman/listinfo/ovs-dev > > Looks good to me, thanks. Acked-by: Ales Musil <amusil@redhat.com>
On 6/20/24 07:21, Ales Musil wrote: > On Wed, Jun 19, 2024 at 3:19 PM Mike Pattrick <mkp@redhat.com> wrote: > >> When compiling with '-fsanitize=address,undefined', the "ovs-ofctl >> ct-flush" test will yield the following undefined behavior flagged by >> UBSan. This problem is caused by the fact that 128bit property put/parse >> functions weren't adding appropriate padding before writing or reading >> the value. >> >> This patch uses get_32aligned_* functions to copy the bytes as they are >> aligned. >> >> lib/ofp-prop.c:277:14: runtime error: load of misaligned address >> 0x60600000687c for type 'union ovs_be128', which requires 8 byte >> alignment >> 0x60600000687c: note: pointer points here >> 00 05 00 14 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ab 00 >> ^ >> 0: in ofpprop_parse_u128 lib/ofp-prop.c:277 >> 1: in ofp_ct_match_decode lib/ofp-ct.c:525 >> 2: in ofp_print_nxt_ct_flush lib/ofp-print.c:959 >> 3: in ofp_to_string__ lib/ofp-print.c:1206 >> 4: in ofp_to_string lib/ofp-print.c:1264 >> 5: in ofp_print lib/ofp-print.c:1308 >> 6: in ofctl_ofp_print utilities/ovs-ofctl.c:4899 >> 7: in ovs_cmdl_run_command__ lib/command-line.c:247 >> 8: in ovs_cmdl_run_command lib/command-line.c:278 >> 9: in main utilities/ovs-ofctl.c:186 >> >> Signed-off-by: Mike Pattrick <mkp@redhat.com> >> --- >> v2: removed memcpy >> v3: fixed checkpatch >> --- >> lib/ofp-prop.c | 17 ++++++++++------- >> 1 file changed, 10 insertions(+), 7 deletions(-) >> > Looks good to me, thanks. > > Acked-by: Ales Musil <amusil@redhat.com> > Thanks, Mike and Ales! I added the missing Fixes tag and applied the change. Also backported to 3.3. Best regards, Ilya Maximets.
diff --git a/lib/ofp-prop.c b/lib/ofp-prop.c index 0a685750c..0e54543bd 100644 --- a/lib/ofp-prop.c +++ b/lib/ofp-prop.c @@ -21,6 +21,7 @@ #include "openvswitch/ofp-errors.h" #include "openvswitch/ofp-prop.h" #include "openvswitch/vlog.h" +#include "unaligned.h" #include "util.h" #include "uuid.h" @@ -190,11 +191,12 @@ ofpprop_parse_be64(const struct ofpbuf *property, ovs_be64 *value) enum ofperr ofpprop_parse_be128(const struct ofpbuf *property, ovs_be128 *value) { - ovs_be128 *p = property->msg; + ovs_32aligned_be128 *p = property->msg; + if (ofpbuf_msgsize(property) != sizeof *p) { return OFPERR_OFPBPC_BAD_LEN; } - *value = *p; + *value = get_32aligned_be128(p); return 0; } @@ -270,12 +272,13 @@ ofpprop_parse_u64(const struct ofpbuf *property, uint64_t *value) enum ofperr ofpprop_parse_u128(const struct ofpbuf *property, ovs_u128 *value) { - ovs_be128 *p = property->msg; - if (ofpbuf_msgsize(property) != sizeof *p) { - return OFPERR_OFPBPC_BAD_LEN; + enum ofperr error = ofpprop_parse_be128(property, (ovs_be128 *) value); + + if (!error) { + *value = ntoh128(*(ovs_be128 *) value); } - *value = ntoh128(*p); - return 0; + + return error; } /* Attempts to parse 'property' as a property containing a UUID. If
When compiling with '-fsanitize=address,undefined', the "ovs-ofctl ct-flush" test will yield the following undefined behavior flagged by UBSan. This problem is caused by the fact that 128bit property put/parse functions weren't adding appropriate padding before writing or reading the value. This patch uses get_32aligned_* functions to copy the bytes as they are aligned. lib/ofp-prop.c:277:14: runtime error: load of misaligned address 0x60600000687c for type 'union ovs_be128', which requires 8 byte alignment 0x60600000687c: note: pointer points here 00 05 00 14 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ab 00 ^ 0: in ofpprop_parse_u128 lib/ofp-prop.c:277 1: in ofp_ct_match_decode lib/ofp-ct.c:525 2: in ofp_print_nxt_ct_flush lib/ofp-print.c:959 3: in ofp_to_string__ lib/ofp-print.c:1206 4: in ofp_to_string lib/ofp-print.c:1264 5: in ofp_print lib/ofp-print.c:1308 6: in ofctl_ofp_print utilities/ovs-ofctl.c:4899 7: in ovs_cmdl_run_command__ lib/command-line.c:247 8: in ovs_cmdl_run_command lib/command-line.c:278 9: in main utilities/ovs-ofctl.c:186 Signed-off-by: Mike Pattrick <mkp@redhat.com> --- v2: removed memcpy v3: fixed checkpatch --- lib/ofp-prop.c | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-)