From patchwork Wed Jan 10 19:26:33 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mark Michelson X-Patchwork-Id: 1885084 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=LGcDIWDg; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=2605:bc80:3010::133; helo=smtp2.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=patchwork.ozlabs.org) Received: from smtp2.osuosl.org (smtp2.osuosl.org [IPv6:2605:bc80:3010::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4T9Hq83Q6sz1xqk for ; Thu, 11 Jan 2024 06:26:44 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id 45F0843735; Wed, 10 Jan 2024 19:26:42 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 45F0843735 Authentication-Results: smtp2.osuosl.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=LGcDIWDg X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jYR80Ch-UyNV; Wed, 10 Jan 2024 19:26:41 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [IPv6:2605:bc80:3010:104::8cd3:938]) by smtp2.osuosl.org (Postfix) with ESMTPS id E358C4015F; Wed, 10 Jan 2024 19:26:39 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org E358C4015F Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id AB462C0072; Wed, 10 Jan 2024 19:26:39 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp4.osuosl.org (smtp4.osuosl.org [IPv6:2605:bc80:3010::137]) by lists.linuxfoundation.org (Postfix) with ESMTP id 4C436C0037 for ; Wed, 10 Jan 2024 19:26:38 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 27725420AF for ; Wed, 10 Jan 2024 19:26:38 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 27725420AF Authentication-Results: smtp4.osuosl.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=LGcDIWDg X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fcbj72TDmas3 for ; Wed, 10 Jan 2024 19:26:37 +0000 (UTC) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by smtp4.osuosl.org (Postfix) with ESMTPS id D6A04420A0 for ; Wed, 10 Jan 2024 19:26:36 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org D6A04420A0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1704914795; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=1v0cuBej5uUhg9VdI/fkquvlK5vje9XbexO7zIyVbAc=; b=LGcDIWDgViqx4rwsXoQeGPcuNMV+i1zYHvCx4m2O6La5c//B4Nq/N9NHDfrUxdQQ3QHEcT TwuMdqaZsx1RN0v3xhdonIrokQIfRLFhB6NR+UzWevFxl+uzW6ALoux2rKpiRfml0hGNtq esanbarB8UZMdbC6WTOtGxd9yNbw1VM= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-324-0VEyeStaNz6jobG8-BFBgg-1; Wed, 10 Jan 2024 14:26:34 -0500 X-MC-Unique: 0VEyeStaNz6jobG8-BFBgg-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 3CD2F811E9E for ; Wed, 10 Jan 2024 19:26:34 +0000 (UTC) Received: from localhost.redhat.com (ovpn-0-13.rdu2.redhat.com [10.22.0.13]) by smtp.corp.redhat.com (Postfix) with ESMTP id D28C71121312 for ; Wed, 10 Jan 2024 19:26:33 +0000 (UTC) From: Mark Michelson To: dev@openvswitch.org Date: Wed, 10 Jan 2024 14:26:33 -0500 Message-Id: <20240110192633.14469-1-mmichels@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.3 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Subject: [ovs-dev] [PATCH ovn v2] pinctrl: Directly retrieve desired port_binding MAC. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" A static analyzer determined that if pb->n_mac was 0, then the c_addrs lport_addresses struct would never be initialized. We would then use and attempt to free uninitialized memory. In reality, pb->n_mac should always be 1. This is because the port binding is a representation of a northbound logical router port. Logical router ports do not contain an array of MACs like the southbound port bindings do. Instead, they have a single MAC string that is always guaranteed to be non-NULL. This string is copied into the port binding's MAC array. Therefore, a southbound port binding that comes from a logical router port will always have n_mac set to 1. How do we know this is a logical router port? The ports iterated over in this function must have IPv6 prefix delegation configured on them. Only northbound logical router ports have this option available. To silence the static analyzer, this change directly retrieves pb->mac[0] instead of iterating over the pb->mac array. As a safeguard, we ensure that the port binding has only one MAC before attempting to access it. This is based on the off chance that something other than northd has inserted the port binding into the southbound database. Reported-at: https://issues.redhat.com/browse/FDP-224 Signed-off-by: Mark Michelson Acked-by: Han Zhou --- controller/pinctrl.c | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/controller/pinctrl.c b/controller/pinctrl.c index 12055a675..49a56cf81 100644 --- a/controller/pinctrl.c +++ b/controller/pinctrl.c @@ -1286,11 +1286,25 @@ fill_ipv6_prefix_state(struct ovsdb_idl_txn *ovnsb_idl_txn, continue; } + /* To reach this point, the port binding must be a logical router + * port. LRPs are configured with a single MAC that is always non-NULL. + * Therefore, as long as we are working with a port_binding that was + * inserted into the southbound database by northd, we can always + * safely extract pb->mac[0] since it will be non-NULL. + * + * However, if a port_binding was inserted by someone else, then we + * need to double-check our assumption first. + */ + if (pb->n_mac != 1) { + static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); + VLOG_ERR_RL(&rl, "Port binding "UUID_FMT" has %"PRIuSIZE" MACs " + "instead of 1", UUID_ARGS(&pb->header_.uuid), + pb->n_mac); + continue; + } struct lport_addresses c_addrs; - for (size_t j = 0; j < pb->n_mac; j++) { - if (extract_lsp_addresses(pb->mac[j], &c_addrs)) { - break; - } + if (!extract_lsp_addresses(pb->mac[0], &c_addrs)) { + continue; } pfd = shash_find_data(&ipv6_prefixd, pb->logical_port);