We often canonicalize data from internal kernel data structures that use ambiguous types (int, short, long, etc) and write them to the checkpoint stream with unambiguous types (__u16, __u32, __u64, etc). If an internal structure changes a type somewhere down the road, we may not notice and write invalid data to the checkpoint stream as a result. This patch introduces two helper macros to make it easier to generate a BUILD_BUG when this happens. Examples of usage are included in the comment before the macros in the code. Changes in v2: - Fix the example to match the code Signed-off-by: Dan Smith <danms@xxxxxxxxxx> --- include/linux/checkpoint_hdr.h | 15 +++++++++++++++ 1 files changed, 15 insertions(+), 0 deletions(-) diff --git a/include/linux/checkpoint_hdr.h b/include/linux/checkpoint_hdr.h index f4f9577..e455b99 100644 --- a/include/linux/checkpoint_hdr.h +++ b/include/linux/checkpoint_hdr.h @@ -42,6 +42,21 @@ #define CHECKPOINT_LSM_NAME_MAX 10 /* + * Macros to help generate a build break if an ambiguous type changes + * in such a way that the size differs from the unambiguous type we + * actually write to the checkpoint stream. + * + * Examples: + * + * CKPT_BUILD_BUG_ON_MISMATCH(short, __u16); + * CKPT_BUILD_BUG_ON_MISMATCH(CKPT_STRUCT_MEMBER(mystruct, mymember), + * CKPT_STRUCT_MEMBER(ckpt_hdr_foo, bar)); + * + */ +#define CKPT_STRUCT_MEMBER(type, member) (((struct type *)(NULL))->member) +#define CKPT_BUILD_BUG_ON_MISMATCH(a, b) (BUILD_BUG_ON(sizeof(a) != sizeof(b))) + +/* * To maintain compatibility between 32-bit and 64-bit architecture flavors, * keep data 64-bit aligned: use padding for structure members, and use * __attribute__((aligned (8))) for the entire structure. -- 1.7.1.1 _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
