10.0-RC1, armv6: "pfctl -s state" crashes on BeagleBone Black due to unaligned access

Guy Yur guyyur at gmail.com
Sat Jan 11 22:24:34 UTC 2014 

Hi,

New patch that adds new aligned state structs and new ioctls.

A trade-off of allowing correct alignment and improved speed for
architectures that require alignment at the cost of extra maintenance
when the state structs need to be extended.

I duplicated the structs pfsync_state_scrub, pfsync_state_peer,
pfsync_state_key and pfsync_state as non __packed structures.
(pfsync_state_key is not marked as __packed, should it be?)

pfsync_state_export also duplicated for the new struct.

In the new state struct I reordered creatorid before the packets array
to keep alignment on 8 bytes.
packets and bytes converted to u_int64_t instead of array of u_int32_t
(they are u_int64_t in the internal pf_state).

sizeof(struct pf_addr) = 16;              16 % 4 = 0
sizeof(struct pfioc_state2_scrub) = 8;    8 % 4 = 0
sizeof(struct pfioc_state2_peer) = 28;    28 % 4 = 0
sizeof(struct pfioc_state2_key) = 36;     36 % 4 = 0
sizeof(struct pfioc_state2) = 232;        232 % 8 = 0

offsetof(struct pfioc_state2, src) = 96;         96 % 4 = 0
offsetof(struct pfioc_state2, dst) = 124;        124 % 4 = 0
offsetof(struct pfioc_state2, rt_addr) = 152;    152 % 4 = 0
offsetof(struct pfioc_state2, rule) = 168;       168 % 4 = 0
offsetof(struct pfioc_state2, packets) = 192;    192 % 8 = 0

The export for the new struct is done in host byte order which is used
by the internal pf_state structure (except for pf_addr, id and creatorid
which are kept in network order).

I didn't bother creating a new version of DIOCADDSTATE since it is only
used for pfsync and it receives only one pfioc_state / pfsync_state.


Tested both of the new ioctls on the BeagleBone Black by modifying pfctl
to also issue the single state ioctl with the (id,creatorid) of the last
entry found in the print loop.

I am not sure about the new structs and ioctls naming and there might
be style bugs.


Also attached a patch to constify the print functions in pfctl if there
is interest in that.  Needs to be applied after the new structs patch.


P.S.
Are alignment traps disabled on the Raspberry Pi?
I wasn't able to cause a user space crash on the Pi with unaligned access.


Regards,
Guy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pf-pfioc_state2.patch
Type: application/octet-stream
Size: 11769 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-net/attachments/20140112/8a6c24a5/attachment-0002.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pfctl-constify.patch
Type: application/octet-stream
Size: 5135 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-net/attachments/20140112/8a6c24a5/attachment-0003.obj>

More information about the freebsd-net mailing list