bpf: Forbid implicit int conversions #18501
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
d070f61 to
cae103a
Compare
Function update_trace_metrics updates metrics (number of bytes and packets) at various observation points. Observation points TRACE_FROM_HOST and TRACE_FROM_STACK were however missing from the list. This oversight was identified thanks to the new enumeration trace_point introduced in the next commit. Signed-off-by: Paul Chaignon <paul@cilium.io>
Define a trace_point enumeration to hold the TRACE_{FROM,TO}_XXX
constants. Doing so will allow us to rely on the compiler to expose
errors in subsequent commits.
Because of this new enumeration, we also need to define all cases
explicitly in the update_trace_metrics switch. Otherwise, the Clang
errors with the Wswitch warning.
This commit should include no functional changes.
Signed-off-by: Paul Chaignon <paul@cilium.io>
Define a nat_dir enumeration to hold the NAT_DIR_{IN,E}GRESS constants.
Doing so will allow to rely on the compiler to expose errors in subsequent
commits.
This commit should include no functional changes.
Signed-off-by: Paul Chaignon <paul@cilium.io>
Define ct_dir and metric_dir enumerations to hold the
{CT,METRIC}_{INGRESS,EGRESS,SERVICE} constants. Doing so will allow to
rely on the compiler to expose errors, notably if one tries to use a
ct_dir enum as a metric_dir enum without conversion.
This commit should include no functional changes.
Signed-off-by: Paul Chaignon <paul@cilium.io>
This commit defines enumeration ct_status for constants CT_NEW & co. ct_state was already taken for the structure that holds information from the conntrack maps. Having a dedicated enumeration helps clarify the intent of the various variables that hold CT states. It will also allow us to use the compiler in subsequent commits to detect errors. This commit shouldn't contain any functional changes. Signed-off-by: Paul Chaignon <paul@cilium.io>
With the next commit, this symbol type will include 16-bit long symbols as well so we need to adapt the name. Signed-off-by: Paul Chaignon <paul@cilium.io>
Until now, the LXC_ID static data (i.e., patched in the object file before loading) was declared and used as a 32-bit integer. The Cilium endpoint IDs are however encoded on 16 bits and several functions in the datapath expect a short instead of an integer. Signed-off-by: Paul Chaignon <paul@cilium.io>
We use the IPv6 option to pass information for DSR between nodes. The L4 port in there is encoded on 32 bits, which doesn't match the expectation of the rest of the datapath (16 bits as usual) and leads to implicit int casts. This commit changes the structure to encode the port on 16 bits. Signed-off-by: Paul Chaignon <paul@cilium.io>
The policy layer (policy_can_access_ingress & co) returns an integer which can take different values: - CTX_ACT_OK the packet is allowed based only on L3 and L4. - A negative error code if the packet is rejected. - A positive integer if the packet should be redirected to the proxy. In that last case, the positive integer represents a proxy port, which is encoded on only 16 bits. This commit introduces a 16-bits variable to hold the proxy port, to explicit the int conversion. This commit should include no functional changes. Signed-off-by: Paul Chaignon <paul@cilium.io>
This commit forbids implicit int conversions as well as conversions between enumerations. A bunch of int conversions are made explicit as well, but there shouldn't be any functional changes. Enforcing this restriction at the compiler would have allowed us to avoid 1cf3ef3 ("bpf: Fix invalid trace reason in bpf_host") if done earlier. It allowed us to detect and fix another minor incorrect cast, sent before this patch and merged as 108aa42 ("bpf: Fix implicit cast for BPF TPROXY debug message"). Several implicit int conversions "fixed" here are inherited from u32 BPF APIs (holding <32bit values for historic reasons). Other are due to our use of 32-bit long slots for the metadata. Finally, others are due to the get_prandom_u32 BPF helper returning a 32-bit integer, which can of course be safely used as a smaller integer. Signed-off-by: Paul Chaignon <paul@cilium.io>
cae103a to
f70cf5f
Compare
brb
added a commit
that referenced
this pull request
Apr 13, 2022
The PR [1] added "-Wimplicit-int-conversion" which broke ____revalidate_data_pull(). The latter is used when attaching bpf_host to a L3 netdev. [1]: #18501 Signed-off-by: Martynas Pumputis <m@lambda.lt>
brb
added a commit
that referenced
this pull request
Apr 13, 2022
The PR [1] added "-Wimplicit-int-conversion" which broke ____revalidate_data_pull(). The latter is used when attaching bpf_host to a L3 netdev. [1]: #18501 Signed-off-by: Martynas Pumputis <m@lambda.lt>
gandro
pushed a commit
that referenced
this pull request
May 3, 2022
The PR [1] added "-Wimplicit-int-conversion" which broke ____revalidate_data_pull(). The latter is used when attaching bpf_host to a L3 netdev. [1]: #18501 Signed-off-by: Martynas Pumputis <m@lambda.lt>
brb
added a commit
that referenced
this pull request
May 16, 2022
The PR [1] added "-Wimplicit-int-conversion" which broke ____revalidate_data_pull(). The latter is used when attaching bpf_host to a L3 netdev. [1]: #18501 Signed-off-by: Martynas Pumputis <m@lambda.lt>
jibi
pushed a commit
that referenced
this pull request
May 23, 2022
The PR [1] added "-Wimplicit-int-conversion" which broke ____revalidate_data_pull(). The latter is used when attaching bpf_host to a L3 netdev. [1]: #18501 Signed-off-by: Martynas Pumputis <m@lambda.lt>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This pull request enables flag
-Wimplicit-int-conversionin Clang to forbid implicit integer conversions. Enforcing this restriction at the compiler would have allowed us to avoid 1cf3ef3 ("bpf: Fix invalid trace reason in bpf_host") if done earlier. It also allowed us to detect and fix another minor incorrect cast, fixed at #18429.To help avoid implicit integer conversions, several lists of constants are converted to enumerations. Flag
-Wenum-conversionis therefore also enabled. Using enumerations whenever possible also uncovered a bug, fixed in the first commit.See commits for details.