ZSTs, DEBUG kernels, and copyin, oh my! (#267)

rzezeski · rzezeski · commit 23fdf5856f10 · 2022-09-30T12:16:30.000-06:00
diff --git a/dtrace/lib/common.d b/dtrace/lib/common.d
@@ -34,3 +34,15 @@ typedef struct ht_run_sdt_arg {
 	flow_id_sdt_arg_t	*flow_before;
 	flow_id_sdt_arg_t	*flow_after;
 } ht_run_sdt_arg_t;
+
+typedef struct opte_cmd_ioctl {
+	uint64_t		api_version;
+	int			cmd;
+	uint64_t		flags;
+	uint64_t		reserved;
+	char			*req_bytes;
+	size_t			req_len;
+	char			*resp_bytes;
+	size_t			resp_len;
+	size_t			resp_len_actual;
+} opte_cmd_ioctl_t;
diff --git a/dtrace/opte-ioctl.d b/dtrace/opte-ioctl.d
@@ -0,0 +1,23 @@
+/*
+ * Track the OPTE command ioctls as they come in.
+ *
+ * dtrace -L ./lib -I . -Cqs ./opte-ioctl.d
+ */
+xde_dld_ioc_opte_cmd:entry {
+	this->opte_cmd_ioctl = (opte_cmd_ioctl_t *)arg0;
+	print(*this->opte_cmd_ioctl);
+	printf("\n");
+	self->t = 1;
+}
+
+ddi_copyin:entry /self->t/ {
+	printf("ddi_copyin(%p, %p, %u, 0x%x) =>", arg0, arg1, arg2, arg3);
+}
+
+ddi_copyin:return /self->t/ {
+	printf(" %d\n", arg1);
+}
+
+xde_dld_ioc_opte_cmd:return {
+	self->t = 0;
+}
diff --git a/opte-api/src/cmd.rs b/opte-api/src/cmd.rs
@@ -140,27 +140,52 @@ impl OpteCmdIoctl {
 
 #[derive(Clone, Debug, Deserialize, Serialize)]
 pub enum OpteError {
-    BadApiVersion { user: u64, kernel: u64 },
-    BadLayerPos { layer: String, pos: String },
+    BadApiVersion {
+        user: u64,
+        kernel: u64,
+    },
+    BadLayerPos {
+        layer: String,
+        pos: String,
+    },
     BadName,
     BadState(String),
     CopyinReq,
     CopyoutResp,
     DeserCmdErr(String),
     DeserCmdReq(String),
     FlowExists(String),
-    InvalidRouterEntry { dest: IpCidr, target: String },
+    InvalidRouterEntry {
+        dest: IpCidr,
+        target: String,
+    },
     LayerNotFound(String),
-    MacExists { port: String, vni: Vni, mac: MacAddr },
+    MacExists {
+        port: String,
+        vni: Vni,
+        mac: MacAddr,
+    },
     MaxCapacity(u64),
+
+    /// The OpteCmdIoctl has `req_len == 0` but the specified `cmd`
+    /// types expects a request body. This can happen either by
+    /// developer error or a hand-rolled, negligent/malicious ioctl.
+    NoRequestBody,
+
     PortCreate(String),
     PortExists(String),
     PortNotFound(String),
-    RespTooLarge { needed: usize, given: usize },
+    RespTooLarge {
+        needed: usize,
+        given: usize,
+    },
     RuleNotFound(u64),
     SerCmdErr(String),
     SerCmdResp(String),
-    System { errno: c_int, msg: String },
+    System {
+        errno: c_int,
+        msg: String,
+    },
 }
 
 impl OpteError {
@@ -188,6 +213,7 @@ impl OpteError {
             Self::LayerNotFound(_) => ENOENT,
             Self::MacExists { .. } => EEXIST,
             Self::MaxCapacity(_) => ENFILE,
+            Self::NoRequestBody => EINVAL,
             Self::PortCreate(_) => EINVAL,
             Self::PortExists(_) => EEXIST,
             Self::PortNotFound(_) => ENOENT,
diff --git a/opte-api/src/lib.rs b/opte-api/src/lib.rs
@@ -54,7 +54,7 @@ pub use ulp::*;
 ///
 /// We rely on CI and the check-api-version.sh script to verify that
 /// this number is incremented anytime the oxide-api code changes.
-pub const API_VERSION: u64 = 14;
+pub const API_VERSION: u64 = 15;
 
 #[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
 pub enum Direction {
diff --git a/opte-ioctl/src/lib.rs b/opte-ioctl/src/lib.rs
@@ -15,7 +15,6 @@ use opte::api::XDE_DLD_OPTE_CMD;
 use oxide_vpc::api::AddRouterEntryReq;
 use oxide_vpc::api::CreateXdeReq;
 use oxide_vpc::api::DeleteXdeReq;
-use oxide_vpc::api::ListPortsReq;
 use oxide_vpc::api::ListPortsResp;
 use oxide_vpc::api::SetFwRulesReq;
 use oxide_vpc::api::SetVirt2PhysReq;
@@ -107,7 +106,7 @@ impl OpteHdl {
         let cmd = OpteCmd::CreateXde;
         let req = CreateXdeReq { xde_devname, linkid, cfg, passthrough };
 
-        let res = run_cmd_ioctl(self.device.as_raw_fd(), cmd, &req);
+        let res = run_cmd_ioctl(self.device.as_raw_fd(), cmd, Some(&req));
 
         if res.is_err() {
             let _ = link::delete_link_id(linkid, libnet::LinkFlags::Active);
@@ -121,16 +120,14 @@ impl OpteHdl {
         let link_id = libnet::LinkHandle::Name(name.into()).id()?;
         let req = DeleteXdeReq { xde_devname: name.into() };
         let cmd = OpteCmd::DeleteXde;
-        let resp = run_cmd_ioctl(self.device.as_raw_fd(), cmd, &req)?;
+        let resp = run_cmd_ioctl(self.device.as_raw_fd(), cmd, Some(&req))?;
         libnet::link::delete_link_id(link_id, libnet::LinkFlags::Active)?;
         Ok(resp)
     }
 
     /// List the extant OPTE ports.
     pub fn list_ports(&self) -> Result<ListPortsResp, Error> {
-        let req = ListPortsReq { unused: () };
-        let cmd = OpteCmd::ListPorts;
-        run_cmd_ioctl(self.device.as_raw_fd(), cmd, &req)
+        run_cmd_ioctl(self.device.as_raw_fd(), OpteCmd::ListPorts, None::<&()>)
     }
 
     /// Create a new handle to the OPTE control node.
@@ -142,7 +139,7 @@ impl OpteHdl {
 
     pub fn set_v2p(&self, req: &SetVirt2PhysReq) -> Result<NoResp, Error> {
         let cmd = OpteCmd::SetVirt2Phys;
-        run_cmd_ioctl(self.device.as_raw_fd(), cmd, &req)
+        run_cmd_ioctl(self.device.as_raw_fd(), cmd, Some(&req))
     }
 
     /// Set xde underlay devices.
@@ -153,35 +150,51 @@ impl OpteHdl {
     ) -> Result<NoResp, Error> {
         let req = SetXdeUnderlayReq { u1: u1.into(), u2: u2.into() };
         let cmd = OpteCmd::SetXdeUnderlay;
-        run_cmd_ioctl(self.device.as_raw_fd(), cmd, &req)
+        run_cmd_ioctl(self.device.as_raw_fd(), cmd, Some(&req))
     }
 
     pub fn add_router_entry(
         &self,
         req: &AddRouterEntryReq,
     ) -> Result<NoResp, Error> {
         let cmd = OpteCmd::AddRouterEntry;
-        run_cmd_ioctl(self.device.as_raw_fd(), cmd, &req)
+        run_cmd_ioctl(self.device.as_raw_fd(), cmd, Some(&req))
     }
 
     pub fn set_fw_rules(&self, req: &SetFwRulesReq) -> Result<NoResp, Error> {
         let cmd = OpteCmd::SetFwRules;
-        run_cmd_ioctl(self.device.as_raw_fd(), cmd, &req)
+        run_cmd_ioctl(self.device.as_raw_fd(), cmd, Some(&req))
     }
 }
 
 #[cfg(target_os = "illumos")]
 pub fn run_cmd_ioctl<T, R>(
     dev: libc::c_int,
     cmd: OpteCmd,
-    req: &R,
+    req: Option<&R>,
 ) -> Result<T, Error>
 where
     T: CmdOk + DeserializeOwned,
     R: Serialize,
 {
-    let req_bytes =
-        postcard::to_allocvec(req).map_err(|e| Error::ReqSer(cmd, e))?;
+    let (req_bytes_ptr, req_len) = match req {
+        Some(req) => {
+            let bytes = postcard::to_allocvec(req)
+                .map_err(|e| Error::ReqSer(cmd, e))?;
+            let len = bytes.len();
+            // This is here to catch the case where you, the
+            // developer, have accidentally used a ZST as a request
+            // type. I would have added a compile-time check but as
+            // far as I can tell there is no way to use size_of with a
+            // generic type. This check is sufficient, and is just a
+            // means to save you hours of heartache if you were to
+            // accidentally create a ZST request type.
+            assert!(len > 0, "cannot use ZST for request type");
+            (bytes.as_ptr(), len)
+        }
+
+        None => (core::ptr::null(), 0),
+    };
 
     // It would be a shame if the command failed and we didn't have
     // enough bytes to serialize the error response, so we set this to
@@ -192,8 +205,8 @@ where
         cmd,
         flags: 0,
         reserved1: 0,
-        req_bytes: req_bytes.as_ptr(),
-        req_len: req_bytes.len(),
+        req_bytes: req_bytes_ptr,
+        req_len,
         resp_bytes: resp_buf.as_mut_ptr(),
         resp_len: resp_buf.len(),
         resp_len_actual: 0,
diff --git a/opteadm/src/lib.rs b/opteadm/src/lib.rs
@@ -22,7 +22,6 @@ use oxide_vpc::api::AddRouterEntryReq;
 use oxide_vpc::api::CreateXdeReq;
 use oxide_vpc::api::DeleteXdeReq;
 use oxide_vpc::api::FirewallRule;
-use oxide_vpc::api::ListPortsReq;
 use oxide_vpc::api::ListPortsResp;
 use oxide_vpc::api::RemFwRuleReq;
 use oxide_vpc::api::SetFwRulesReq;
@@ -58,8 +57,7 @@ impl OpteAdm {
         let xde_devname = name.into();
         let cmd = OpteCmd::CreateXde;
         let req = CreateXdeReq { xde_devname, linkid, cfg, passthrough };
-
-        let res = run_cmd_ioctl(self.device.as_raw_fd(), cmd, &req);
+        let res = run_cmd_ioctl(self.device.as_raw_fd(), cmd, Some(&req));
 
         if res.is_err() {
             let _ = link::delete_link_id(linkid, libnet::LinkFlags::Active);
@@ -73,7 +71,7 @@ impl OpteAdm {
         let link_id = libnet::LinkHandle::Name(name.into()).id()?;
         let req = DeleteXdeReq { xde_devname: name.into() };
         let cmd = OpteCmd::DeleteXde;
-        let resp = run_cmd_ioctl(self.device.as_raw_fd(), cmd, &req)?;
+        let resp = run_cmd_ioctl(self.device.as_raw_fd(), cmd, Some(&req))?;
         libnet::link::delete_link_id(link_id, libnet::LinkFlags::Active)?;
         Ok(resp)
     }
@@ -86,7 +84,7 @@ impl OpteAdm {
     ) -> Result<NoResp, Error> {
         let req = SetXdeUnderlayReq { u1: u1.into(), u2: u2.into() };
         let cmd = OpteCmd::SetXdeUnderlay;
-        run_cmd_ioctl(self.device.as_raw_fd(), cmd, &req)
+        run_cmd_ioctl(self.device.as_raw_fd(), cmd, Some(&req))
     }
 
     /// Add a firewall rule
@@ -100,7 +98,7 @@ impl OpteAdm {
             port_name: port_name.to_string(),
             rule: rule.clone(),
         };
-        run_cmd_ioctl(self.device.as_raw_fd(), cmd, &req)
+        run_cmd_ioctl(self.device.as_raw_fd(), cmd, Some(&req))
     }
 
     pub fn set_firewall_rules(
@@ -111,7 +109,7 @@ impl OpteAdm {
         let cmd = OpteCmd::SetFwRules;
         let req =
             SetFwRulesReq { port_name: port_name.to_string(), rules: rules };
-        run_cmd_ioctl(self.device.as_raw_fd(), cmd, &req)
+        run_cmd_ioctl(self.device.as_raw_fd(), cmd, Some(&req))
     }
 
     /// Return the contents of an OPTE layer.
@@ -125,21 +123,12 @@ impl OpteAdm {
             port_name: port_name.to_string(),
             name: name.to_string(),
         };
-        run_cmd_ioctl::<api::DumpLayerResp, _>(
-            self.device.as_raw_fd(),
-            cmd,
-            &req,
-        )
+        run_cmd_ioctl(self.device.as_raw_fd(), cmd, Some(&req))
     }
 
     /// List all the ports.
     pub fn list_ports(&self) -> Result<ListPortsResp, Error> {
-        let cmd = OpteCmd::ListPorts;
-        run_cmd_ioctl::<ListPortsResp, _>(
-            self.device.as_raw_fd(),
-            cmd,
-            &ListPortsReq { unused: () },
-        )
+        run_cmd_ioctl(self.device.as_raw_fd(), OpteCmd::ListPorts, None::<&()>)
     }
 
     pub fn list_layers(
@@ -150,7 +139,7 @@ impl OpteAdm {
         run_cmd_ioctl::<api::ListLayersResp, _>(
             self.device.as_raw_fd(),
             cmd,
-            &api::ListLayersReq { port_name: port.to_string() },
+            Some(&api::ListLayersReq { port_name: port.to_string() }),
         )
     }
 
@@ -167,7 +156,7 @@ impl OpteAdm {
         req: &RemFwRuleReq,
     ) -> Result<NoResp, Error> {
         let cmd = OpteCmd::RemFwRule;
-        run_cmd_ioctl(self.device.as_raw_fd(), cmd, req)
+        run_cmd_ioctl(self.device.as_raw_fd(), cmd, Some(req))
     }
 
     /// Return the TCP flows.
@@ -179,7 +168,7 @@ impl OpteAdm {
         run_cmd_ioctl::<api::DumpTcpFlowsResp, _>(
             self.device.as_raw_fd(),
             cmd,
-            &api::DumpTcpFlowsReq { port_name: port_name.to_string() },
+            Some(&api::DumpTcpFlowsReq { port_name: port_name.to_string() }),
         )
     }
 
@@ -189,7 +178,7 @@ impl OpteAdm {
         run_cmd_ioctl(
             self.device.as_raw_fd(),
             cmd,
-            &api::ClearUftReq { port_name: port_name.to_string() },
+            Some(&api::ClearUftReq { port_name: port_name.to_string() }),
         )
     }
 
@@ -199,22 +188,22 @@ impl OpteAdm {
         run_cmd_ioctl::<api::DumpUftResp, _>(
             self.device.as_raw_fd(),
             cmd,
-            &api::DumpUftReq { port_name: port_name.to_string() },
+            Some(&api::DumpUftReq { port_name: port_name.to_string() }),
         )
     }
 
     pub fn set_v2p(&self, req: &SetVirt2PhysReq) -> Result<NoResp, Error> {
         let cmd = OpteCmd::SetVirt2Phys;
-        run_cmd_ioctl(self.device.as_raw_fd(), cmd, &req)
+        run_cmd_ioctl(self.device.as_raw_fd(), cmd, Some(&req))
     }
 
     /// Dump the Virtual-to-Physical mappings.
     pub fn dump_v2p(&self) -> Result<overlay::DumpVirt2PhysResp, Error> {
         let cmd = OpteCmd::DumpVirt2Phys;
-        run_cmd_ioctl::<overlay::DumpVirt2PhysResp, _>(
+        run_cmd_ioctl(
             self.device.as_raw_fd(),
             cmd,
-            &overlay::DumpVirt2PhysReq { unused: 99 },
+            Some(&overlay::DumpVirt2PhysReq { unused: 99 }),
         )
     }
 
@@ -223,6 +212,6 @@ impl OpteAdm {
         req: &AddRouterEntryReq,
     ) -> Result<NoResp, Error> {
         let cmd = OpteCmd::AddRouterEntry;
-        run_cmd_ioctl(self.device.as_raw_fd(), cmd, &req)
+        run_cmd_ioctl(self.device.as_raw_fd(), cmd, Some(&req))
     }
 }
diff --git a/oxide-vpc/src/api.rs b/oxide-vpc/src/api.rs
@@ -355,12 +355,6 @@ pub struct DeleteXdeReq {
     pub xde_devname: String,
 }
 
-/// List existing xde ports.
-#[derive(Debug, Deserialize, Serialize)]
-pub struct ListPortsReq {
-    pub unused: (),
-}
-
 /// Information about a single existing xde port
 #[derive(Debug, Deserialize, Serialize)]
 pub struct PortInfo {
diff --git a/xde/src/ioctl.rs b/xde/src/ioctl.rs
diff --git a/xde/src/xde.rs b/xde/src/xde.rs
