Kees Cook e7b34822fa net: openvswitch: Annotate struct dp_meter_instance with __counted_by
Prepare for the coming implementation by GCC and Clang of the __counted_by
attribute. Flexible array members annotated with __counted_by can have
their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS
(for array indexing) and CONFIG_FORTIFY_SOURCE (for strcpy/memcpy-family
functions).

As found with Coccinelle[1], add __counted_by for struct dp_meter_instance.

[1] https://github.com/kees/kernel-tools/blob/trunk/coccinelle/examples/counted_by.cocci

Cc: Pravin B Shelar <pshelar@ovn.org>
Cc: dev@openvswitch.org
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Gustavo A. R. Silva <gustavoars@kernel.org>
Link: https://lore.kernel.org/r/20230922172858.3822653-10-keescook@chromium.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2023-10-02 11:24:54 -07:00

64 lines
1.3 KiB
C

/* SPDX-License-Identifier: GPL-2.0-only */
/*
* Copyright (c) 2017 Nicira, Inc.
*/
#ifndef METER_H
#define METER_H 1
#include <linux/init.h>
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/netlink.h>
#include <linux/openvswitch.h>
#include <linux/genetlink.h>
#include <linux/skbuff.h>
#include <linux/bits.h>
#include "flow.h"
struct datapath;
#define DP_MAX_BANDS 1
#define DP_METER_ARRAY_SIZE_MIN BIT_ULL(10)
#define DP_METER_NUM_MAX (200000UL)
struct dp_meter_band {
u32 type;
u32 rate;
u32 burst_size;
u64 bucket; /* 1/1000 packets, or in bits */
struct ovs_flow_stats stats;
};
struct dp_meter {
spinlock_t lock; /* Per meter lock */
struct rcu_head rcu;
u32 id;
u16 kbps:1, keep_stats:1;
u16 n_bands;
u32 max_delta_t;
u64 used;
struct ovs_flow_stats stats;
struct dp_meter_band bands[];
};
struct dp_meter_instance {
struct rcu_head rcu;
u32 n_meters;
struct dp_meter __rcu *dp_meters[] __counted_by(n_meters);
};
struct dp_meter_table {
struct dp_meter_instance __rcu *ti;
u32 count;
u32 max_meters_allowed;
};
extern struct genl_family dp_meter_genl_family;
int ovs_meters_init(struct datapath *dp);
void ovs_meters_exit(struct datapath *dp);
bool ovs_meter_execute(struct datapath *dp, struct sk_buff *skb,
struct sw_flow_key *key, u32 meter_id);
#endif /* meter.h */