Jakub Kicinski <kuba@xxxxxxxxxx> writes:
> On Tue, 20 Oct 2020 12:51:02 +0200 Toke Høiland-Jørgensen wrote:
>> diff --git a/include/linux/filter.h b/include/linux/filter.h
>> index 20fc24c9779a..ba9de7188cd0 100644
>> --- a/include/linux/filter.h
>> +++ b/include/linux/filter.h
>> @@ -607,12 +607,21 @@ struct bpf_skb_data_end {
>> void *data_end;
>> };
>>
>> +struct bpf_nh_params {
>> + u8 nh_family;
>> + union {
>> + __u32 ipv4_nh;
>> + struct in6_addr ipv6_nh;
>> + };
>> +};
>
>> @@ -4906,6 +4910,18 @@ struct bpf_fib_lookup {
>> __u8 dmac[6]; /* ETH_ALEN */
>> };
>>
>> +struct bpf_redir_neigh {
>> + /* network family for lookup (AF_INET, AF_INET6) */
>> + __u8 nh_family;
>> + /* avoid hole in struct - must be set to 0 */
>> + __u8 unused[3];
>> + /* network address of nexthop; skips fib lookup to find gateway */
>> + union {
>> + __be32 ipv4_nh;
>> + __u32 ipv6_nh[4]; /* in6_addr; network order */
>> + };
>> +};
>
> Isn't this backward? The hole could be named in the internal structure.
> This is a bit of a gray area, but if you name this hole in uAPI and
> programs start referring to it you will never be able to reuse it.
> So you may as well not require it to be zeroed..
Hmm, yeah, suppose you're right. Doesn't the verifier prevent any part
of the memory from being unitialised anyway? I seem to recall having run
into verifier complaints when I didn't initialise struct on the stack...
-Toke
