Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp6416754pxb; Wed, 17 Feb 2021 04:07:45 -0800 (PST) X-Google-Smtp-Source: ABdhPJydgUZm9wL97NxXuPYWNScpoA3OTQ6cFVH2YsTGYkUrXL8TfHpPf/8vvit5nEoGbgXDznZQ X-Received: by 2002:a17:906:7d9:: with SMTP id m25mr24759063ejc.473.1613563665371; Wed, 17 Feb 2021 04:07:45 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1613563665; cv=none; d=google.com; s=arc-20160816; b=EYND0j3pfFGuYcYI3CntUNF8OShb2QXeq/Da30fIlrQdtzFe+o5tzkzPsAs6DsXmCK XJUMn+GamTH11DcHsCXunznqncVdr0q/MS3dNXmYPkf0zXyO8qDQUxXpXy1GDLig2l2s BDunnmNLPUVw8y87a4GhRkFfyhhGY/ZwrJe67Jv/AW7WTdqj0Y8XZzrFZtn/EU4uLlSf JDnXG7+ScT7EFDo4Z8jVC4ISOQe9L9qlsIHH9oSlZLOCdGUhkuV3qtgXbDrINhQWkxS7 K16Id6KBd9sXBv1ufwMC+D6Iyxy462iVcUD4oUxlc7ZOU12QsO6AQb45bGAEdVM3wzXT fWLg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:subject:reply-to:cc:from:to :dkim-signature:date; bh=6DL4KLQOQC3zKbOQ+sDV/WMzc6ub+ldnNzx24Bfbo8c=; b=DW7FzGLHH0WBQvklhdYs6zj87x8Y2DiPPQQYXju4FnZ0+MWzoqwTT16fRIXVGIfb+p 7sFEhXjTv8QyQycEWO9WW9tt6WrboDfElWaMZLOsie72TdEWPvsnehRWZGYCvLsd+6lZ JJh5DpNaVFZLhJXElH4j403p9BCBu9UQ6XU3RdycG6jL0VB3TepsNb8u++rI4hrVbhY0 FxN/q5NxLqCj4y6o7VcoGIEQJ1wXyDyOJGmtNTpxCDjPOb0YNiswU5TREWpGV2H+yAie DmzOT0zNQtXG32HS2/N9jSMk/mf7ctEFEsyJhOQx4XoTkiLZgzqfROW0LJtOCHtptHY8 niLg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@pm.me header.s=protonmail header.b=cERpgKPI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=pm.me Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id jg4si1358823ejc.313.2021.02.17.04.07.21; Wed, 17 Feb 2021 04:07:45 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@pm.me header.s=protonmail header.b=cERpgKPI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=pm.me Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232644AbhBQMFA (ORCPT + 99 others); Wed, 17 Feb 2021 07:05:00 -0500 Received: from mail-40134.protonmail.ch ([185.70.40.134]:55268 "EHLO mail-40134.protonmail.ch" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232560AbhBQMCZ (ORCPT ); Wed, 17 Feb 2021 07:02:25 -0500 Date: Wed, 17 Feb 2021 12:01:10 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pm.me; s=protonmail; t=1613563276; bh=6DL4KLQOQC3zKbOQ+sDV/WMzc6ub+ldnNzx24Bfbo8c=; h=Date:To:From:Cc:Reply-To:Subject:In-Reply-To:References:From; b=cERpgKPIoX8HUR9e8LXW7Tj0GZ3D1maFvT1wfGzcyQ8RnTvB/evnZg4jXQOHLMUFe oBc0QxAqUfgt4wFGSSQZoa6qKK1I8lY2neXTWd9MJIAX0d6DEu7zgFoJ0XWWEIIj7X dXITrQoqVjATrTjUpARuXR4WqU62IMJSKSZCQprqFyd4TlhVqMcqULX5zRN4bwxAuR Ccp7cMUPf9tL1b4VUJU/asvhPDHLn+OYBPUUZ230Xl+FnklsyAtWHWNieZVUjs2YiG D1NJItf0vUz56NULOCBlj77SGh5ZYqf8WZ5LlmRAVlw4MvfZGPXuR53Refu0D2LzSs JUOXK6H6eO1yw== To: Daniel Borkmann , Magnus Karlsson From: Alexander Lobakin Cc: "Michael S. Tsirkin" , Jason Wang , "David S. Miller" , Jakub Kicinski , Jonathan Lemon , Alexei Starovoitov , =?utf-8?Q?Bj=C3=B6rn_T=C3=B6pel?= , Jesper Dangaard Brouer , John Fastabend , Andrii Nakryiko , Martin KaFai Lau , Song Liu , Yonghong Song , KP Singh , Paolo Abeni , Eric Dumazet , Xuan Zhuo , Dust Li , Alexander Lobakin , virtualization@lists.linux-foundation.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, bpf@vger.kernel.org, kernel test robot Reply-To: Alexander Lobakin Subject: [PATCH v7 bpf-next 2/6] netdevice: check for net_device::priv_flags bitfield overflow Message-ID: <20210217120003.7938-3-alobakin@pm.me> In-Reply-To: <20210217120003.7938-1-alobakin@pm.me> References: <20210217120003.7938-1-alobakin@pm.me> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-0.4 required=10.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,UPPERCASE_50_75 shortcircuit=no autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on mailout.protonmail.ch Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org We almost ran out of unsigned int bitwidth. Define priv flags and check for potential overflow in the fashion of netdev_features_t. Defined this way, priv_flags can be easily expanded later with just changing its typedef. Signed-off-by: Alexander Lobakin Reported-by: kernel test robot # Inverted assert condition --- include/linux/netdevice.h | 199 ++++++++++++++++++++------------------ 1 file changed, 105 insertions(+), 94 deletions(-) diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h index 3b6f82c2c271..2c1a642ecdc0 100644 --- a/include/linux/netdevice.h +++ b/include/linux/netdevice.h @@ -1483,107 +1483,118 @@ struct net_device_ops { * * You should have a pretty good reason to be extending these flags. * - * @IFF_802_1Q_VLAN: 802.1Q VLAN device - * @IFF_EBRIDGE: Ethernet bridging device - * @IFF_BONDING: bonding master or slave - * @IFF_ISATAP: ISATAP interface (RFC4214) - * @IFF_WAN_HDLC: WAN HDLC device - * @IFF_XMIT_DST_RELEASE: dev_hard_start_xmit() is allowed to + * @IFF_802_1Q_VLAN_BIT: 802.1Q VLAN device + * @IFF_EBRIDGE_BIT: Ethernet bridging device + * @IFF_BONDING_BIT: bonding master or slave + * @IFF_ISATAP_BIT: ISATAP interface (RFC4214) + * @IFF_WAN_HDLC_BIT: WAN HDLC device + * @IFF_XMIT_DST_RELEASE_BIT: dev_hard_start_xmit() is allowed to *=09release skb->dst - * @IFF_DONT_BRIDGE: disallow bridging this ether dev - * @IFF_DISABLE_NETPOLL: disable netpoll at run-time - * @IFF_MACVLAN_PORT: device used as macvlan port - * @IFF_BRIDGE_PORT: device used as bridge port - * @IFF_OVS_DATAPATH: device used as Open vSwitch datapath port - * @IFF_TX_SKB_SHARING: The interface supports sharing skbs on transmit - * @IFF_UNICAST_FLT: Supports unicast filtering - * @IFF_TEAM_PORT: device used as team port - * @IFF_SUPP_NOFCS: device supports sending custom FCS - * @IFF_LIVE_ADDR_CHANGE: device supports hardware address + * @IFF_DONT_BRIDGE_BIT: disallow bridging this ether dev + * @IFF_DISABLE_NETPOLL_BIT: disable netpoll at run-time + * @IFF_MACVLAN_PORT_BIT: device used as macvlan port + * @IFF_BRIDGE_PORT_BIT: device used as bridge port + * @IFF_OVS_DATAPATH_BIT: device used as Open vSwitch datapath port + * @IFF_TX_SKB_SHARING_BIT: The interface supports sharing skbs on transmi= t + * @IFF_UNICAST_FLT_BIT: Supports unicast filtering + * @IFF_TEAM_PORT_BIT: device used as team port + * @IFF_SUPP_NOFCS_BIT: device supports sending custom FCS + * @IFF_LIVE_ADDR_CHANGE_BIT: device supports hardware address *=09change when it's running - * @IFF_MACVLAN: Macvlan device - * @IFF_XMIT_DST_RELEASE_PERM: IFF_XMIT_DST_RELEASE not taking into accoun= t + * @IFF_MACVLAN_BIT: Macvlan device + * @IFF_XMIT_DST_RELEASE_PERM_BIT: IFF_XMIT_DST_RELEASE not taking into ac= count *=09underlying stacked devices - * @IFF_L3MDEV_MASTER: device is an L3 master device - * @IFF_NO_QUEUE: device can run without qdisc attached - * @IFF_OPENVSWITCH: device is a Open vSwitch master - * @IFF_L3MDEV_SLAVE: device is enslaved to an L3 master device - * @IFF_TEAM: device is a team device - * @IFF_RXFH_CONFIGURED: device has had Rx Flow indirection table configur= ed - * @IFF_PHONY_HEADROOM: the headroom value is controlled by an external + * @IFF_L3MDEV_MASTER_BIT: device is an L3 master device + * @IFF_NO_QUEUE_BIT: device can run without qdisc attached + * @IFF_OPENVSWITCH_BIT: device is a Open vSwitch master + * @IFF_L3MDEV_SLAVE_BIT: device is enslaved to an L3 master device + * @IFF_TEAM_BIT: device is a team device + * @IFF_RXFH_CONFIGURED_BIT: device has had Rx Flow indirection table conf= igured + * @IFF_PHONY_HEADROOM_BIT: the headroom value is controlled by an externa= l *=09entity (i.e. the master device for bridged veth) - * @IFF_MACSEC: device is a MACsec device - * @IFF_NO_RX_HANDLER: device doesn't support the rx_handler hook - * @IFF_FAILOVER: device is a failover master device - * @IFF_FAILOVER_SLAVE: device is lower dev of a failover master device - * @IFF_L3MDEV_RX_HANDLER: only invoke the rx handler of L3 master device - * @IFF_LIVE_RENAME_OK: rename is allowed while device is up and running + * @IFF_MACSEC_BIT: device is a MACsec device + * @IFF_NO_RX_HANDLER_BIT: device doesn't support the rx_handler hook + * @IFF_FAILOVER_BIT: device is a failover master device + * @IFF_FAILOVER_SLAVE_BIT: device is lower dev of a failover master devic= e + * @IFF_L3MDEV_RX_HANDLER_BIT: only invoke the rx handler of L3 master dev= ice + * @IFF_LIVE_RENAME_OK_BIT: rename is allowed while device is up and runni= ng + * + * @NETDEV_PRIV_FLAG_COUNT: total priv flags count */ enum netdev_priv_flags { -=09IFF_802_1Q_VLAN=09=09=09=3D 1<<0, -=09IFF_EBRIDGE=09=09=09=3D 1<<1, -=09IFF_BONDING=09=09=09=3D 1<<2, -=09IFF_ISATAP=09=09=09=3D 1<<3, -=09IFF_WAN_HDLC=09=09=09=3D 1<<4, -=09IFF_XMIT_DST_RELEASE=09=09=3D 1<<5, -=09IFF_DONT_BRIDGE=09=09=09=3D 1<<6, -=09IFF_DISABLE_NETPOLL=09=09=3D 1<<7, -=09IFF_MACVLAN_PORT=09=09=3D 1<<8, -=09IFF_BRIDGE_PORT=09=09=09=3D 1<<9, -=09IFF_OVS_DATAPATH=09=09=3D 1<<10, -=09IFF_TX_SKB_SHARING=09=09=3D 1<<11, -=09IFF_UNICAST_FLT=09=09=09=3D 1<<12, -=09IFF_TEAM_PORT=09=09=09=3D 1<<13, -=09IFF_SUPP_NOFCS=09=09=09=3D 1<<14, -=09IFF_LIVE_ADDR_CHANGE=09=09=3D 1<<15, -=09IFF_MACVLAN=09=09=09=3D 1<<16, -=09IFF_XMIT_DST_RELEASE_PERM=09=3D 1<<17, -=09IFF_L3MDEV_MASTER=09=09=3D 1<<18, -=09IFF_NO_QUEUE=09=09=09=3D 1<<19, -=09IFF_OPENVSWITCH=09=09=09=3D 1<<20, -=09IFF_L3MDEV_SLAVE=09=09=3D 1<<21, -=09IFF_TEAM=09=09=09=3D 1<<22, -=09IFF_RXFH_CONFIGURED=09=09=3D 1<<23, -=09IFF_PHONY_HEADROOM=09=09=3D 1<<24, -=09IFF_MACSEC=09=09=09=3D 1<<25, -=09IFF_NO_RX_HANDLER=09=09=3D 1<<26, -=09IFF_FAILOVER=09=09=09=3D 1<<27, -=09IFF_FAILOVER_SLAVE=09=09=3D 1<<28, -=09IFF_L3MDEV_RX_HANDLER=09=09=3D 1<<29, -=09IFF_LIVE_RENAME_OK=09=09=3D 1<<30, +=09IFF_802_1Q_VLAN_BIT, +=09IFF_EBRIDGE_BIT, +=09IFF_BONDING_BIT, +=09IFF_ISATAP_BIT, +=09IFF_WAN_HDLC_BIT, +=09IFF_XMIT_DST_RELEASE_BIT, +=09IFF_DONT_BRIDGE_BIT, +=09IFF_DISABLE_NETPOLL_BIT, +=09IFF_MACVLAN_PORT_BIT, +=09IFF_BRIDGE_PORT_BIT, +=09IFF_OVS_DATAPATH_BIT, +=09IFF_TX_SKB_SHARING_BIT, +=09IFF_UNICAST_FLT_BIT, +=09IFF_TEAM_PORT_BIT, +=09IFF_SUPP_NOFCS_BIT, +=09IFF_LIVE_ADDR_CHANGE_BIT, +=09IFF_MACVLAN_BIT, +=09IFF_XMIT_DST_RELEASE_PERM_BIT, +=09IFF_L3MDEV_MASTER_BIT, +=09IFF_NO_QUEUE_BIT, +=09IFF_OPENVSWITCH_BIT, +=09IFF_L3MDEV_SLAVE_BIT, +=09IFF_TEAM_BIT, +=09IFF_RXFH_CONFIGURED_BIT, +=09IFF_PHONY_HEADROOM_BIT, +=09IFF_MACSEC_BIT, +=09IFF_NO_RX_HANDLER_BIT, +=09IFF_FAILOVER_BIT, +=09IFF_FAILOVER_SLAVE_BIT, +=09IFF_L3MDEV_RX_HANDLER_BIT, +=09IFF_LIVE_RENAME_OK_BIT, + +=09NETDEV_PRIV_FLAG_COUNT, }; =20 -#define IFF_802_1Q_VLAN=09=09=09IFF_802_1Q_VLAN -#define IFF_EBRIDGE=09=09=09IFF_EBRIDGE -#define IFF_BONDING=09=09=09IFF_BONDING -#define IFF_ISATAP=09=09=09IFF_ISATAP -#define IFF_WAN_HDLC=09=09=09IFF_WAN_HDLC -#define IFF_XMIT_DST_RELEASE=09=09IFF_XMIT_DST_RELEASE -#define IFF_DONT_BRIDGE=09=09=09IFF_DONT_BRIDGE -#define IFF_DISABLE_NETPOLL=09=09IFF_DISABLE_NETPOLL -#define IFF_MACVLAN_PORT=09=09IFF_MACVLAN_PORT -#define IFF_BRIDGE_PORT=09=09=09IFF_BRIDGE_PORT -#define IFF_OVS_DATAPATH=09=09IFF_OVS_DATAPATH -#define IFF_TX_SKB_SHARING=09=09IFF_TX_SKB_SHARING -#define IFF_UNICAST_FLT=09=09=09IFF_UNICAST_FLT -#define IFF_TEAM_PORT=09=09=09IFF_TEAM_PORT -#define IFF_SUPP_NOFCS=09=09=09IFF_SUPP_NOFCS -#define IFF_LIVE_ADDR_CHANGE=09=09IFF_LIVE_ADDR_CHANGE -#define IFF_MACVLAN=09=09=09IFF_MACVLAN -#define IFF_XMIT_DST_RELEASE_PERM=09IFF_XMIT_DST_RELEASE_PERM -#define IFF_L3MDEV_MASTER=09=09IFF_L3MDEV_MASTER -#define IFF_NO_QUEUE=09=09=09IFF_NO_QUEUE -#define IFF_OPENVSWITCH=09=09=09IFF_OPENVSWITCH -#define IFF_L3MDEV_SLAVE=09=09IFF_L3MDEV_SLAVE -#define IFF_TEAM=09=09=09IFF_TEAM -#define IFF_RXFH_CONFIGURED=09=09IFF_RXFH_CONFIGURED -#define IFF_PHONY_HEADROOM=09=09IFF_PHONY_HEADROOM -#define IFF_MACSEC=09=09=09IFF_MACSEC -#define IFF_NO_RX_HANDLER=09=09IFF_NO_RX_HANDLER -#define IFF_FAILOVER=09=09=09IFF_FAILOVER -#define IFF_FAILOVER_SLAVE=09=09IFF_FAILOVER_SLAVE -#define IFF_L3MDEV_RX_HANDLER=09=09IFF_L3MDEV_RX_HANDLER -#define IFF_LIVE_RENAME_OK=09=09IFF_LIVE_RENAME_OK +typedef u32 netdev_priv_flags_t; +static_assert(sizeof(netdev_priv_flags_t) * BITS_PER_BYTE >=3D +=09 NETDEV_PRIV_FLAG_COUNT); + +#define __IFF_BIT(bit)=09=09=09((netdev_priv_flags_t)1 << (bit)) +#define __IFF(name)=09=09=09__IFF_BIT(IFF_##name##_BIT) + +#define IFF_802_1Q_VLAN=09=09=09__IFF(802_1Q_VLAN) +#define IFF_EBRIDGE=09=09=09__IFF(EBRIDGE) +#define IFF_BONDING=09=09=09__IFF(BONDING) +#define IFF_ISATAP=09=09=09__IFF(ISATAP) +#define IFF_WAN_HDLC=09=09=09__IFF(WAN_HDLC) +#define IFF_XMIT_DST_RELEASE=09=09__IFF(XMIT_DST_RELEASE) +#define IFF_DONT_BRIDGE=09=09=09__IFF(DONT_BRIDGE) +#define IFF_DISABLE_NETPOLL=09=09__IFF(DISABLE_NETPOLL) +#define IFF_MACVLAN_PORT=09=09__IFF(MACVLAN_PORT) +#define IFF_BRIDGE_PORT=09=09=09__IFF(BRIDGE_PORT) +#define IFF_OVS_DATAPATH=09=09__IFF(OVS_DATAPATH) +#define IFF_TX_SKB_SHARING=09=09__IFF(TX_SKB_SHARING) +#define IFF_UNICAST_FLT=09=09=09__IFF(UNICAST_FLT) +#define IFF_TEAM_PORT=09=09=09__IFF(TEAM_PORT) +#define IFF_SUPP_NOFCS=09=09=09__IFF(SUPP_NOFCS) +#define IFF_LIVE_ADDR_CHANGE=09=09__IFF(LIVE_ADDR_CHANGE) +#define IFF_MACVLAN=09=09=09__IFF(MACVLAN) +#define IFF_XMIT_DST_RELEASE_PERM=09__IFF(XMIT_DST_RELEASE_PERM) +#define IFF_L3MDEV_MASTER=09=09__IFF(L3MDEV_MASTER) +#define IFF_NO_QUEUE=09=09=09__IFF(NO_QUEUE) +#define IFF_OPENVSWITCH=09=09=09__IFF(OPENVSWITCH) +#define IFF_L3MDEV_SLAVE=09=09__IFF(L3MDEV_SLAVE) +#define IFF_TEAM=09=09=09__IFF(TEAM) +#define IFF_RXFH_CONFIGURED=09=09__IFF(RXFH_CONFIGURED) +#define IFF_PHONY_HEADROOM=09=09__IFF(PHONY_HEADROOM) +#define IFF_MACSEC=09=09=09__IFF(MACSEC) +#define IFF_NO_RX_HANDLER=09=09__IFF(NO_RX_HANDLER) +#define IFF_FAILOVER=09=09=09__IFF(FAILOVER) +#define IFF_FAILOVER_SLAVE=09=09__IFF(FAILOVER_SLAVE) +#define IFF_L3MDEV_RX_HANDLER=09=09__IFF(L3MDEV_RX_HANDLER) +#define IFF_LIVE_RENAME_OK=09=09__IFF(LIVE_RENAME_OK) =20 /** *=09struct net_device - The DEVICE structure. @@ -1876,7 +1887,7 @@ struct net_device { =20 =09/* Read-mostly cache-line for fast-path access */ =09unsigned int=09=09flags; -=09unsigned int=09=09priv_flags; +=09netdev_priv_flags_t=09priv_flags; =09const struct net_device_ops *netdev_ops; =09int=09=09=09ifindex; =09unsigned short=09=09gflags; --=20 2.30.1