Browse Source

Define types for C calls in netlink_lib

Previously this was not done, which meant all arguments were
assumed to be ints. As long as we didn't get any large pointer
addresses this worked fine, but for some reason the addition of
threading to oslo.privsep triggered larger addresses that were then
truncated. This caused segfaults in the underlying C library because
we were passing it invalid pointers.

This change sets argument and return types for all of the calls
that are used in the module.

Change-Id: I9dbbb01eac8cf7cded7794f8ba69797d6357eeec
Closes-Bug: 1810518
tags/14.0.0.0b2
Ben Nemec 5 months ago
parent
commit
c6d358d4c6
1 changed files with 36 additions and 1 deletions
  1. 36
    1
      neutron/privileged/agent/linux/netlink_lib.py

+ 36
- 1
neutron/privileged/agent/linux/netlink_lib.py View File

@@ -49,9 +49,44 @@ from neutron.privileged.agent.linux import netlink_constants as nl_constants
49 49
 
50 50
 LOG = logging.getLogger(__name__)
51 51
 
52
-nfct = ctypes.CDLL(util.find_library('netfilter_conntrack'))
52
+nfct_lib = util.find_library('netfilter_conntrack')
53
+nfct = ctypes.CDLL(nfct_lib)
53 54
 libc = ctypes.CDLL(util.find_library('libc.so.6'))
54 55
 
56
+# In unit tests the actual nfct library may not be installed, and since we
57
+# don't make actual calls to it we don't want to add a hard dependency.
58
+if nfct_lib:
59
+    # It's important that the types be defined properly on all of the functions
60
+    # we call from nfct, otherwise pointers can be truncated and cause
61
+    # segfaults.
62
+    nfct.nfct_set_attr.argtypes = [ctypes.c_void_p,
63
+                                ctypes.c_int,
64
+                                ctypes.c_void_p]
65
+    nfct.nfct_set_attr_u8.argtypes = [ctypes.c_void_p,
66
+                                    ctypes.c_int,
67
+                                    ctypes.c_uint8]
68
+    nfct.nfct_set_attr_u16.argtypes = [ctypes.c_void_p,
69
+                                    ctypes.c_int,
70
+                                    ctypes.c_uint16]
71
+    nfct.nfct_snprintf.argtypes = [ctypes.c_char_p,
72
+                                ctypes.c_uint,
73
+                                ctypes.c_void_p,
74
+                                ctypes.c_uint,
75
+                                ctypes.c_uint,
76
+                                ctypes.c_uint]
77
+    nfct.nfct_new.restype = ctypes.c_void_p
78
+    nfct.nfct_destroy.argtypes = [ctypes.c_void_p]
79
+    nfct.nfct_query.argtypes = [ctypes.c_void_p,
80
+                                ctypes.c_int,
81
+                                ctypes.c_void_p]
82
+    nfct.nfct_callback_register.argtypes = [ctypes.c_void_p,
83
+                                            ctypes.c_int,
84
+                                            ctypes.c_void_p,
85
+                                            ctypes.c_void_p]
86
+    nfct.nfct_open.restype = ctypes.c_void_p
87
+    nfct.nfct_close.argtypes = [ctypes.c_void_p]
88
+
89
+
55 90
 IP_VERSIONS = [constants.IP_VERSION_4, constants.IP_VERSION_6]
56 91
 DATA_CALLBACK = None
57 92
 

Loading…
Cancel
Save