[ovs-git] [openvswitch/ovs] b792c5: bond: Fix using uninitialized 'lacp_fallback_ab_cf...

leiw-mlnx noreply at github.com
Mon Oct 19 12:55:29 UTC 2020


  Branch: refs/heads/branch-2.14
  Home:   https://github.com/openvswitch/ovs
  Commit: b792c5e5a70fb76e320e8459e347330359054588
      https://github.com/openvswitch/ovs/commit/b792c5e5a70fb76e320e8459e347330359054588
  Author: Ilya Maximets <i.maximets at ovn.org>
  Date:   2020-10-15 (Thu, 15 Oct 2020)

  Changed paths:
    M vswitchd/bridge.c
    M vswitchd/vswitch.xml

  Log Message:
  -----------
  bond: Fix using uninitialized 'lacp_fallback_ab_cfg' for 'bond-primary'.

's->lacp_fallback_ab_cfg' initialized down below in the code, so
we're using it uninitialized to detect if we need to get 'bond-primary'
configuration.

Found by valgrind:

 Conditional jump or move depends on uninitialised value(s)
    at 0x409114: port_configure_bond (bridge.c:4569)
    by 0x409114: port_configure (bridge.c:1284)
    by 0x40F6E6: bridge_reconfigure (bridge.c:917)
    by 0x411425: bridge_run (bridge.c:3330)
    by 0x406D84: main (ovs-vswitchd.c:127)
  Uninitialised value was created by a stack allocation
    at 0x408C53: port_configure (bridge.c:1190)

Fix that by moving this code to the point where 'lacp_fallback_ab_cfg'
already initialized.  Additionally clarified behavior of 'bond-primary'
in manpages for the fallback to AB case.

Fixes: b4e50218a0f8 ("bond: Add 'primary' interface concept for active-backup mode.")
Acked-by: Jeff Squyres <jsquyres at cisco.com>
Acked-by: Alin Gabriel Serdean <aserdean at cloudbasesolutions.com>
Signed-off-by: Ilya Maximets <i.maximets at ovn.org>


  Commit: e46d11e438ba16baf02a923c29903e05b5f1f8b8
      https://github.com/openvswitch/ovs/commit/e46d11e438ba16baf02a923c29903e05b5f1f8b8
  Author: Ilya Maximets <i.maximets at ovn.org>
  Date:   2020-10-15 (Thu, 15 Oct 2020)

  Changed paths:
    M lib/ofp-ed-props.c
    M tests/ofp-actions.at

  Log Message:
  -----------
  ofp-ed-props: Fix using uninitialized padding for NSH encap actions.

OVS uses memcmp to compare actions of existing and new flows, but
'struct ofp_ed_prop_nsh_md_type' and corresponding ofpact structure has
3 bytes of padding that never initialized and passed around within OF
data structures and messages.

  Uninitialized bytes in MemcmpInterceptorCommon
    at offset 21 inside [0x7090000003f8, 136)
  WARNING: MemorySanitizer: use-of-uninitialized-value
    #0 0x4a184e in bcmp (vswitchd/ovs-vswitchd+0x4a184e)
    #1 0x896c8a in ofpacts_equal lib/ofp-actions.c:9121:31
    #2 0x564403 in replace_rule_finish ofproto/ofproto.c:5650:37
    #3 0x563462 in add_flow_finish ofproto/ofproto.c:5218:13
    #4 0x54a1ff in ofproto_flow_mod_finish ofproto/ofproto.c:8091:17
    #5 0x5433b2 in handle_flow_mod__ ofproto/ofproto.c:6216:17
    #6 0x56a2fc in handle_flow_mod ofproto/ofproto.c:6190:17
    #7 0x565bda in handle_single_part_openflow ofproto/ofproto.c:8504:16
    #8 0x540b25 in handle_openflow ofproto/ofproto.c:8685:21
    #9 0x6697fd in ofconn_run ofproto/connmgr.c:1329:13
    #10 0x668e6e in connmgr_run ofproto/connmgr.c:356:9
    #11 0x53f1bc in ofproto_run ofproto/ofproto.c:1890:5
    #12 0x4ead0c in bridge_run__ vswitchd/bridge.c:3250:9
    #13 0x4e9bc8 in bridge_run vswitchd/bridge.c:3309:5
    #14 0x51c072 in main vswitchd/ovs-vswitchd.c:127:9
    #15 0x7f23a99011a2 in __libc_start_main (/lib64/libc.so.6)
    #16 0x46b92d in _start (vswitchd/ovs-vswitchd+0x46b92d)

  Uninitialized value was stored to memory at
    #0 0x4745aa in __msan_memcpy.part.0 (vswitchd/ovs-vswitchd)
    #1 0x54529f in rule_actions_create ofproto/ofproto.c:3134:5
    #2 0x54915e in ofproto_rule_create ofproto/ofproto.c:5284:11
    #3 0x55d419 in add_flow_init ofproto/ofproto.c:5123:17
    #4 0x54841f in ofproto_flow_mod_init ofproto/ofproto.c:7987:17
    #5 0x543250 in handle_flow_mod__ ofproto/ofproto.c:6206:13
    #6 0x56a2fc in handle_flow_mod ofproto/ofproto.c:6190:17
    #7 0x565bda in handle_single_part_openflow ofproto/ofproto.c:8504:16
    #8 0x540b25 in handle_openflow ofproto/ofproto.c:8685:21
    #9 0x6697fd in ofconn_run ofproto/connmgr.c:1329:13
    #10 0x668e6e in connmgr_run ofproto/connmgr.c:356:9
    #11 0x53f1bc in ofproto_run ofproto/ofproto.c:1890:5
    #12 0x4ead0c in bridge_run__ vswitchd/bridge.c:3250:9
    #13 0x4e9bc8 in bridge_run vswitchd/bridge.c:3309:5
    #14 0x51c072 in main vswitchd/ovs-vswitchd.c:127:9
    #15 0x7f23a99011a2 in __libc_start_main (/lib64/libc.so.6)

  Uninitialized value was created by an allocation of 'ofpacts_stub'
  in the stack frame of function 'handle_flow_mod'
    #0 0x569e80 in handle_flow_mod ofproto/ofproto.c:6170

This could cause issues with flow modifications or other operations.

To reproduce, some NSH tests could be run under valgrind or clang
MemorySantizer. Ex. "nsh - md1 encap over a veth link" test.

Fix that by clearing padding bytes while encoding and decoding.
OVS will still accept OF messages with non-zero padding from
controllers.

New tests added to tests/ofp-actions.at.

Fixes: 1fc11c5948cf ("Generic encap and decap support for NSH")
Signed-off-by: Ilya Maximets <i.maximets at ovn.org>
Acked-by: Jan Scheurich <jan.scheurich at ericsson.com>


  Commit: 30bebdefc83e30e8f5d25c70bcc8855993db3ca4
      https://github.com/openvswitch/ovs/commit/30bebdefc83e30e8f5d25c70bcc8855993db3ca4
  Author: Ilya Maximets <i.maximets at ovn.org>
  Date:   2020-10-19 (Mon, 19 Oct 2020)

  Changed paths:
    M .travis/linux-build.sh

  Log Message:
  -----------
  Revert "travis: Disable check for array of flexible structures in sparse."

This reverts commit 3c6b3a519ae6eae3da4cf7c59894b02b95cdade7.

The fix landed to Sparse main repository [1]:
  b5d46df743be ("flex-array: allow arrays of unions with flexible members.")

[1] https://git.kernel.org/pub/scm/devel/sparse/sparse.git

Acked-by: Aaron Conole <aconole at redhat.com>
Acked-by: Greg Rose <gvrose8192 at gmail.com>
Signed-off-by: Ilya Maximets <i.maximets at ovn.org>


  Commit: e320600be47ec78eddd2e9d4ab2d762a93a656f8
      https://github.com/openvswitch/ovs/commit/e320600be47ec78eddd2e9d4ab2d762a93a656f8
  Author: Lei Wang <leiw at mellanox.com>
  Date:   2020-10-19 (Mon, 19 Oct 2020)

  Changed paths:
    M lib/netdev-offload-dpdk.c

  Log Message:
  -----------
  netdev-offload-dpdk: Support vxlan encap offload with load actions.

Struct match has the tunnel values/masks in
match->flow.tunnel/match->wc.masks.tunnel.
Load actions such as load:0xa566c10->NXM_NX_TUN_IPV4_DST[],
load:0xbba->NXM_NX_TUN_ID[] are utilizing the tunnel masks fields,
but those should not be used for matching.
Offloading fails if masks is not clear. Clear it if no tunnel used.

Fixes: e8a2b5bf92bb ("netdev-dpdk: implement flow offload with rte flow")
Reviewed-by: Eli Britstein <elibr at mellanox.com>
Reviewed-by: Gaetan Rivet <gaetanr at mellanox.com>
Acked-by: Sriharsha Basavapatna <sriharsha.basavapatna at broadcom.com>
Tested-by: Emma Finn <emma.finn at intel.com>
Signed-off-by: Lei Wang <leiw at mellanox.com>
Signed-off-by: Ilya Maximets <i.maximets at ovn.org>


Compare: https://github.com/openvswitch/ovs/compare/a03c4a9cd126...e320600be47e


More information about the git mailing list