Re: [PATCH bpf v2] libbpf: fix passing uninitialized bytes to setsockopt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 13.10.2019 1:24, Alexei Starovoitov wrote:

On Wed, Oct 09, 2019 at 06:49:29PM +0200, Ilya Maximets wrote:

'struct xdp_umem_reg' has 4 bytes of padding at the end that makes
valgrind complain about passing uninitialized stack memory to the
syscall:

   Syscall param socketcall.setsockopt() points to uninitialised byte(s)
     at 0x4E7AB7E: setsockopt (in /usr/lib64/libc-2.29.so)
     by 0x4BDE035: xsk_umem__create@@LIBBPF_0.0.4 (xsk.c:172)
   Uninitialised value was created by a stack allocation
     at 0x4BDDEBA: xsk_umem__create@@LIBBPF_0.0.4 (xsk.c:140)

Padding bytes appeared after introducing of a new 'flags' field.
memset() is required to clear them.

Fixes: 10d30e301732 ("libbpf: add flags to umem config")
Signed-off-by: Ilya Maximets <i.maximets@xxxxxxx>
---

Version 2:
   * Struct initializer replaced with explicit memset(). [Andrii]

  tools/lib/bpf/xsk.c | 1 +
  1 file changed, 1 insertion(+)

diff --git a/tools/lib/bpf/xsk.c b/tools/lib/bpf/xsk.c
index a902838f9fcc..9d5348086203 100644
--- a/tools/lib/bpf/xsk.c
+++ b/tools/lib/bpf/xsk.c
@@ -163,6 +163,7 @@ int xsk_umem__create_v0_0_4(struct xsk_umem **umem_ptr, void *umem_area,
  	umem->umem_area = umem_area;
  	xsk_set_umem_config(&umem->config, usr_config);
+ memset(&mr, 0, sizeof(mr)); 
  	mr.addr = (uintptr_t)umem_area;
  	mr.len = size;
  	mr.chunk_size = umem->config.frame_size;


This was already applied. Why did you resend?



Sorry, it wasn't me.  Looking at the mail delivery chain:

Received: from listssympa-test.colorado.edu (listssympa-test.colorado.edu [128.138.129.156])
	by spool.mail.gandi.net (Postfix) with ESMTPS id 66E2F780445
	for <i.maximets@xxxxxxx>; Sun, 13 Oct 2019 04:52:14 +0000 (UTC)
Received: from listssympa-test.colorado.edu (localhost [127.0.0.1])
	by listssympa-test.colorado.edu (8.15.2/8.15.2/MJC-8.0/sympa) with ESMTPS id x9D4pvsL015926
	(version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO);
	Sat, 12 Oct 2019 22:51:57 -0600
Received: (from root@localhost)
	by listssympa-test.colorado.edu (8.15.2/8.15.2/MJC-8.0/submit) id x9D4pujl015885;
	Sat, 12 Oct 2019 22:51:56 -0600
Received: from DM5PR03MB3273.namprd03.prod.outlook.com (2603:10b6:a03:54::17) by
 BYAPR03MB4376.namprd03.prod.outlook.com with HTTPS via
 BYAPR02CA0040.NAMPRD02.PROD.OUTLOOK.COM; Wed, 9 Oct 2019 22:04:15 +0000
Received: from BN6PR03CA0057.namprd03.prod.outlook.com (2603:10b6:404:4c::19) by
 DM5PR03MB3273.namprd03.prod.outlook.com (2603:10b6:4:42::32) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384)
 id 15.20.2347.16; Wed, 9 Oct 2019 17:44:13 +0000

There is some strange server listssympa-test.colorado.edu.
Looks like someone in colorado.edu is testing stuff on production server.

The simplified delivery chain looks like this:

Me -> relay6-d.mail.gandi.net -> vger.kernel.org -> mx.colorado.edu ->
mail.protection.outlook.com -> namprd03.prod.outlook.com ->
listssympa-test.colorado.edu -> spool.mail.gandi.net -> Me again!

Best regards, Ilya Maximets.
[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux