From 22cc119da5f7c03af78f3b8f7c1a7876d4872717 Mon Sep 17 00:00:00 2001 From: Beniamino Galvani Date: Sat, 8 Oct 2016 14:38:03 +0200 Subject: [PATCH 1/2] shared: add unaligned.h The file, imported from systemd sources, contains macros for accessing potentially unaligned data in a safe way (i.e. byte-wise). --- Makefile.am | 1 + shared/nm-utils/unaligned.h | 129 ++++++++++++++++++++++++++++++++++++ 2 files changed, 130 insertions(+) create mode 100644 shared/nm-utils/unaligned.h diff --git a/Makefile.am b/Makefile.am index bfb5f9d3f4..86d66b9553 100644 --- a/Makefile.am +++ b/Makefile.am @@ -102,6 +102,7 @@ EXTRA_DIST = \ shared/nm-utils/nm-vpn-plugin-macros.h \ shared/nm-utils/nm-vpn-plugin-utils.c \ shared/nm-utils/nm-vpn-plugin-utils.h \ + shared/nm-utils/unaligned.h \ shared/nm-version-macros.h.in \ \ $(NULL) diff --git a/shared/nm-utils/unaligned.h b/shared/nm-utils/unaligned.h new file mode 100644 index 0000000000..7c847a3ccb --- /dev/null +++ b/shared/nm-utils/unaligned.h @@ -0,0 +1,129 @@ +#pragma once + +/*** + This file is part of systemd. + + Copyright 2014 Tom Gundersen + + systemd is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1 of the License, or + (at your option) any later version. + + systemd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with systemd; If not, see . +***/ + +#include +#include + +/* BE */ + +static inline uint16_t unaligned_read_be16(const void *_u) { + const uint8_t *u = _u; + + return (((uint16_t) u[0]) << 8) | + ((uint16_t) u[1]); +} + +static inline uint32_t unaligned_read_be32(const void *_u) { + const uint8_t *u = _u; + + return (((uint32_t) unaligned_read_be16(u)) << 16) | + ((uint32_t) unaligned_read_be16(u + 2)); +} + +static inline uint64_t unaligned_read_be64(const void *_u) { + const uint8_t *u = _u; + + return (((uint64_t) unaligned_read_be32(u)) << 32) | + ((uint64_t) unaligned_read_be32(u + 4)); +} + +static inline void unaligned_write_be16(void *_u, uint16_t a) { + uint8_t *u = _u; + + u[0] = (uint8_t) (a >> 8); + u[1] = (uint8_t) a; +} + +static inline void unaligned_write_be32(void *_u, uint32_t a) { + uint8_t *u = _u; + + unaligned_write_be16(u, (uint16_t) (a >> 16)); + unaligned_write_be16(u + 2, (uint16_t) a); +} + +static inline void unaligned_write_be64(void *_u, uint64_t a) { + uint8_t *u = _u; + + unaligned_write_be32(u, (uint32_t) (a >> 32)); + unaligned_write_be32(u + 4, (uint32_t) a); +} + +/* LE */ + +static inline uint16_t unaligned_read_le16(const void *_u) { + const uint8_t *u = _u; + + return (((uint16_t) u[1]) << 8) | + ((uint16_t) u[0]); +} + +static inline uint32_t unaligned_read_le32(const void *_u) { + const uint8_t *u = _u; + + return (((uint32_t) unaligned_read_le16(u + 2)) << 16) | + ((uint32_t) unaligned_read_le16(u)); +} + +static inline uint64_t unaligned_read_le64(const void *_u) { + const uint8_t *u = _u; + + return (((uint64_t) unaligned_read_le32(u + 4)) << 32) | + ((uint64_t) unaligned_read_le32(u)); +} + +static inline void unaligned_write_le16(void *_u, uint16_t a) { + uint8_t *u = _u; + + u[0] = (uint8_t) a; + u[1] = (uint8_t) (a >> 8); +} + +static inline void unaligned_write_le32(void *_u, uint32_t a) { + uint8_t *u = _u; + + unaligned_write_le16(u, (uint16_t) a); + unaligned_write_le16(u + 2, (uint16_t) (a >> 16)); +} + +static inline void unaligned_write_le64(void *_u, uint64_t a) { + uint8_t *u = _u; + + unaligned_write_le32(u, (uint32_t) a); + unaligned_write_le32(u + 4, (uint32_t) (a >> 32)); +} + +#if __BYTE_ORDER == __BIG_ENDIAN +#define unaligned_read_ne16 unaligned_read_be16 +#define unaligned_read_ne32 unaligned_read_be32 +#define unaligned_read_ne64 unaligned_read_be64 + +#define unaligned_write_ne16 unaligned_write_be16 +#define unaligned_write_ne32 unaligned_write_be32 +#define unaligned_write_ne64 unaligned_write_be64 +#else +#define unaligned_read_ne16 unaligned_read_le16 +#define unaligned_read_ne32 unaligned_read_le32 +#define unaligned_read_ne64 unaligned_read_le64 + +#define unaligned_write_ne16 unaligned_write_le16 +#define unaligned_write_ne32 unaligned_write_le32 +#define unaligned_write_ne64 unaligned_write_le64 +#endif From 89bcf50f617193e88d69992ed3f9ba73decdffe7 Mon Sep 17 00:00:00 2001 From: Beniamino Galvani Date: Sat, 8 Oct 2016 14:39:19 +0200 Subject: [PATCH 2/2] platform: avoid unaligned access to link stats on 64bit architectures The undefined behavior sanitizer complains with: platform/nm-linux-platform.c:1482:31: runtime error: member access within misaligned address 0x61a000016fac for type 'struct rtnl_link_stats64', which requires 8 byte alignment 0x61a000016fac: note: pointer points here bc 00 17 00 bf 05 00 00 00 00 00 00 bf 05 00 00 00 00 00 00 b5 68 02 00 00 00 00 00 b5 68 02 00 ^ platform/nm-linux-platform.c:1483:29: runtime error: member access within misaligned address 0x61a000016fac for type 'struct rtnl_link_stats64', which requires 8 byte alignment 0x61a000016fac: note: pointer points here bc 00 17 00 bf 05 00 00 00 00 00 00 bf 05 00 00 00 00 00 00 b5 68 02 00 00 00 00 00 b5 68 02 00 ^ platform/nm-linux-platform.c:1484:31: runtime error: member access within misaligned address 0x61a000016fac for type 'struct rtnl_link_stats64', which requires 8 byte alignment 0x61a000016fac: note: pointer points here bc 00 17 00 bf 05 00 00 00 00 00 00 bf 05 00 00 00 00 00 00 b5 68 02 00 00 00 00 00 b5 68 02 00 ^ platform/nm-linux-platform.c:1485:29: runtime error: member access within misaligned address 0x61a000016fac for type 'struct rtnl_link_stats64', which requires 8 byte alignment 0x61a000016fac: note: pointer points here bc 00 17 00 bf 05 00 00 00 00 00 00 bf 05 00 00 00 00 00 00 b5 68 02 00 00 00 00 00 b5 68 02 00 ^ That's because the pointer returned by nla_data() is only 32bit-aligned and using it to access structure members can cause issues on some 64bit architectures. Use the unaligned_read_ne64() macro to access the structure members. https://bugzilla.gnome.org/show_bug.cgi?id=772605 --- src/platform/nm-linux-platform.c | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/src/platform/nm-linux-platform.c b/src/platform/nm-linux-platform.c index 89a8db22de..700f1e5d7e 100644 --- a/src/platform/nm-linux-platform.c +++ b/src/platform/nm-linux-platform.c @@ -49,6 +49,7 @@ #include "nm-platform-utils.h" #include "wifi/wifi-utils.h" #include "wifi/wifi-utils-wext.h" +#include "nm-utils/unaligned.h" #define offset_plus_sizeof(t,m) (offsetof (t,m) + sizeof (((t *) NULL)->m)) @@ -1472,12 +1473,18 @@ _new_from_nl_link (NMPlatform *platform, const NMPCache *cache, struct nlmsghdr } if (tb[IFLA_STATS64]) { - struct rtnl_link_stats64 *stats = nla_data (tb[IFLA_STATS64]); + /* tb[IFLA_STATS64] is only guaranteed to be 32bit-aligned, + * so in general we can't access the rtnl_link_stats64 struct + * members directly on 64bit architectures. */ + char *stats = nla_data (tb[IFLA_STATS64]); - obj->link.rx_packets = stats->rx_packets; - obj->link.rx_bytes = stats->rx_bytes; - obj->link.tx_packets = stats->tx_packets; - obj->link.tx_bytes = stats->tx_bytes; +#define READ_STAT64(member) \ + unaligned_read_ne64 (stats + offsetof (struct rtnl_link_stats64, member)) + + obj->link.rx_packets = READ_STAT64 (rx_packets); + obj->link.rx_bytes = READ_STAT64 (rx_bytes); + obj->link.tx_packets = READ_STAT64 (tx_packets); + obj->link.tx_bytes = READ_STAT64 (tx_bytes); } obj->link.n_ifi_flags = ifi->ifi_flags;