From 21b15badf6f72d45862f8c9c2cb741750dde5ea8 Mon Sep 17 00:00:00 2001 From: gamemann Date: Mon, 6 Dec 2021 16:54:20 +0000 Subject: [PATCH] Allocate stats with MAX_CPUS and check for NULL index to attempt to fix seg fault on issue #10. --- src/xdpfw.c | 18 +++++++++++++++--- src/xdpfw.h | 1 + 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/src/xdpfw.c b/src/xdpfw.c index 0340fd3..348620e 100644 --- a/src/xdpfw.c +++ b/src/xdpfw.c @@ -493,19 +493,31 @@ int main(int argc, char *argv[]) if ((curTime - statslastupdated) > 2 && !cfg.nostats) { __u32 key = 0; - struct stats stats[cpus]; - //memset(&stats, 0, sizeof(struct stats) * cpus); + struct stats stats[MAX_CPUS]; + //memset(stats, 0, sizeof(struct stats) * MAX_CPUS); __u64 allowed = 0; __u64 dropped = 0; if (bpf_map_lookup_elem(statsmap, &key, stats) != 0) { - fprintf(stderr, "Error performing stats map lookup.\n"); + fprintf(stderr, "Error performing stats map lookup. Stats map FD => %d.\n", statsmap); + + continue; } for (int i = 0; i < cpus; i++) { + // Although this should NEVER happen, I'm seeing very strange behavior in the following GitHub issue. + // https://github.com/gamemann/XDP-Firewall/issues/10 + // Therefore, before accessing stats[i], make sure the pointer to the specific CPU ID is not NULL. + if (&stats[i] == NULL) + { + fprintf(stderr, "Stats array at CPU ID #%d is NULL! Skipping...\n", i); + + continue; + } + allowed += stats[i].allowed; dropped += stats[i].dropped; } diff --git a/src/xdpfw.h b/src/xdpfw.h index 3a1b1cf..45401fc 100644 --- a/src/xdpfw.h +++ b/src/xdpfw.h @@ -5,6 +5,7 @@ #define MAX_PCKT_LENGTH 65535 #define MAX_FILTERS 100 #define MAX_TRACK_IPS 100000 +#define MAX_CPUS 256 #ifdef __BPF__ #define likely(x) __builtin_expect(!!(x), 1)