From c2b7a9e2607f4a0dd3786290e9516dee08b2b225 Mon Sep 17 00:00:00 2001 From: "Russ Combs (rucombs)" Date: Wed, 7 Dec 2016 22:50:36 -0500 Subject: [PATCH] Merge pull request #741 in SNORT/snort3 from macros to master Squashed commit of the following: commit dd8de11b48dd18c5dbbd8d0d093b40028771b296 Author: Michael Altizer Date: Wed Dec 7 16:44:33 2016 -0500 build: Rework key structure padding guard macros --- .../inspectors/http_server/ips_http_header.cc | 9 +++----- src/detection/tag.cc | 5 ++-- src/file_api/file_cache.h | 6 ++--- src/file_api/file_enforcer.h | 6 ++--- src/filters/detection_filter.cc | 9 +++----- src/filters/rate_filter.cc | 9 +------- src/filters/sfrf.cc | 17 ++++---------- src/filters/sfrf.h | 2 +- src/filters/sfthd.cc | 13 +++-------- src/filters/sfthd.h | 13 ++++++----- src/filters/sfthd_test.cc | 1 + src/filters/sfthreshold.cc | 10 +++----- src/flow/flow_key.cc | 5 ++-- src/flow/flow_key.h | 14 ++++++----- .../appid/host_port_app_cache.cc | 5 ++-- src/network_inspectors/appid/service_state.cc | 5 ++-- src/network_inspectors/port_scan/ps_detect.cc | 5 ++-- .../dce_rpc/ips_dce_iface.cc | 1 + .../dce_rpc/ips_dce_opnum.cc | 1 + .../dce_rpc/ips_dce_stub_data.cc | 1 + src/utils/CMakeLists.txt | 1 + src/utils/Makefile.am | 1 + src/utils/cpp_macros.h | 23 +++++++++++++++++++ 23 files changed, 79 insertions(+), 83 deletions(-) create mode 100644 src/utils/cpp_macros.h diff --git a/extra/src/inspectors/http_server/ips_http_header.cc b/extra/src/inspectors/http_server/ips_http_header.cc index f5f1b020a..35d01479e 100644 --- a/extra/src/inspectors/http_server/ips_http_header.cc +++ b/extra/src/inspectors/http_server/ips_http_header.cc @@ -23,15 +23,12 @@ #include -#include "main/snort_types.h" -#include "main/snort_debug.h" -#include "profiler/profiler.h" -#include "flow/flow.h" #include "detection/detection_defines.h" -#include "framework/ips_option.h" #include "framework/cursor.h" -#include "framework/inspector.h" +#include "framework/ips_option.h" #include "framework/module.h" +#include "hash/sfhashfcn.h" +#include "profiler/profiler_defs.h" #include "protocols/packet.h" using namespace std; diff --git a/src/detection/tag.cc b/src/detection/tag.cc index abd00ca26..6819953cc 100644 --- a/src/detection/tag.cc +++ b/src/detection/tag.cc @@ -56,8 +56,7 @@ /* D A T A S T R U C T U R E S **********************************/ /**Key used for identifying a session or host. */ -#pragma GCC diagnostic push -#pragma GCC diagnostic warning "-Wpadded" +PADDING_GUARD_BEGIN struct tTagFlowKey { SfIp sip; ///source IP address @@ -67,7 +66,7 @@ struct tTagFlowKey uint16_t sp; ///source port uint16_t dp; ///destination port }; -#pragma GCC diagnostic pop +PADDING_GUARD_END /**Node identifying a session or host based tagging. */ diff --git a/src/file_api/file_cache.h b/src/file_api/file_cache.h index 33912895f..22146a31d 100644 --- a/src/file_api/file_cache.h +++ b/src/file_api/file_cache.h @@ -25,6 +25,7 @@ #include "hash/sfxhash.h" #include "sfip/sf_ip.h" +#include "utils/cpp_macros.h" #include "file_config.h" @@ -32,8 +33,7 @@ class FileCache { public: // FIXIT-L Merge definition with duplicate in file_enforcer.h? -#pragma GCC diagnostic push -#pragma GCC diagnostic warning "-Wpadded" +PADDING_GUARD_BEGIN struct FileHashKey { SfIp sip; @@ -41,7 +41,7 @@ public: uint32_t padding; uint64_t file_sig; }; -#pragma GCC diagnostic pop +PADDING_GUARD_END struct FileNode { diff --git a/src/file_api/file_enforcer.h b/src/file_api/file_enforcer.h index 5b28903a2..abac40bf8 100644 --- a/src/file_api/file_enforcer.h +++ b/src/file_api/file_enforcer.h @@ -28,6 +28,7 @@ #include "hash/sfxhash.h" #include "sfip/sf_ip.h" +#include "utils/cpp_macros.h" #include "file_config.h" @@ -52,8 +53,7 @@ public: private: // FIXIT-L Merge definition with duplicate in file_cache.h? -#pragma GCC diagnostic push -#pragma GCC diagnostic warning "-Wpadded" +PADDING_GUARD_BEGIN struct FileHashKey { SfIp sip; @@ -61,7 +61,7 @@ private: uint32_t padding; uint64_t file_sig; }; -#pragma GCC diagnostic pop +PADDING_GUARD_END void update_file_node(FileNode*, FileInfo*); FileVerdict check_verdict(Flow*, FileNode*, SFXHASH_NODE*); diff --git a/src/filters/detection_filter.cc b/src/filters/detection_filter.cc index be1b6f73a..6c5e62013 100644 --- a/src/filters/detection_filter.cc +++ b/src/filters/detection_filter.cc @@ -19,16 +19,13 @@ #include "detection_filter.h" -#include -#include -#include - -#include "filters/sfthd.h" +#include "hash/sfxhash.h" #include "log/messages.h" #include "main/thread.h" -#include "parser/parser.h" #include "utils/util.h" +#include "sfthd.h" + static THREAD_LOCAL SFXHASH* detection_filter_hash = NULL; DetectionFilterConfig* DetectionFilterConfigNew() diff --git a/src/filters/rate_filter.cc b/src/filters/rate_filter.cc index fc141971d..bfd3c7fdf 100644 --- a/src/filters/rate_filter.cc +++ b/src/filters/rate_filter.cc @@ -27,20 +27,13 @@ #include "config.h" #endif -#include -#include -#include -#include - #include "detection/rules.h" +#include "detection/treenodes.h" #include "main/snort_config.h" -#include "parser/parser.h" #include "protocols/packet.h" -#include "sfip/sf_ip.h" #include "utils/util.h" #include "sfrf.h" -#include "sfthd.h" //static int _printThresholdContext(RateFilterConfig*); diff --git a/src/filters/sfrf.cc b/src/filters/sfrf.cc index ace2dae75..e1c580517 100644 --- a/src/filters/sfrf.cc +++ b/src/filters/sfrf.cc @@ -26,20 +26,14 @@ #include "config.h" #endif -#include -#include -#include -#include -#include - #include "detection/rules.h" -#include "detection/treenodes.h" -#include "utils/util.h" -#include "utils/sflsq.h" #include "hash/sfghash.h" #include "hash/sfxhash.h" #include "sfip/sf_ip.h" #include "sfip/sf_ipvar.h" +#include "utils/cpp_macros.h" +#include "utils/sflsq.h" +#include "utils/util.h" // Number of hash rows for gid 1 (rules) #define SFRF_GEN_ID_1_ROWS 4096 @@ -52,8 +46,7 @@ // private data ... /* Key to find tracking nodes in trackingHash. */ -#pragma GCC diagnostic push -#pragma GCC diagnostic warning "-Wpadded" +PADDING_GUARD_BEGIN typedef struct { ///policy identifier. @@ -70,7 +63,7 @@ typedef struct SfIp ip; uint16_t padding; } tSFRFTrackingNodeKey; -#pragma GCC diagnostic pop +PADDING_GUARD_END /* Tracking node for rate_filter. One node is created on fly, in tracking * hash for each threshold configure (identified by Tid) and source or diff --git a/src/filters/sfrf.h b/src/filters/sfrf.h index 2a9f08d5d..179996000 100644 --- a/src/filters/sfrf.h +++ b/src/filters/sfrf.h @@ -24,8 +24,8 @@ // Implements rate_filter feature for snort -#include "main/policy.h" #include "actions/actions.h" +#include "main/policy.h" struct SfIp; diff --git a/src/filters/sfthd.cc b/src/filters/sfthd.cc index 703a72b53..949abca78 100644 --- a/src/filters/sfthd.cc +++ b/src/filters/sfthd.cc @@ -33,19 +33,12 @@ #include "config.h" #endif -#include -#include -#include -#include -#include - -#include "sfip/sf_ip.h" -#include "sfip/sf_ipvar.h" -#include "utils/sflsq.h" #include "hash/sfghash.h" #include "hash/sfxhash.h" -#include "utils/util.h" +#include "sfip/sf_ipvar.h" #include "utils/dyn_array.h" +#include "utils/sflsq.h" +#include "utils/util.h" // Debug Printing //#define THD_DEBUG diff --git a/src/filters/sfthd.h b/src/filters/sfthd.h index c3116d046..2b117af5b 100644 --- a/src/filters/sfthd.h +++ b/src/filters/sfthd.h @@ -27,11 +27,13 @@ #include "config.h" #endif -#include "utils/sflsq.h" -#include "hash/sfghash.h" -#include "hash/sfxhash.h" #include "main/policy.h" #include "sfip/sf_ip.h" +#include "utils/cpp_macros.h" + +struct SFGHASH; +struct SFXHASH; +typedef struct sf_list SF_LIST; /*! Max GEN_ID value - Set this to the Max Used by Snort, this is used for the @@ -95,8 +97,7 @@ typedef struct HASH Key to lookup and store Ip nodes. The structure now tracks thresholds for different policies. This destroys locality of reference and may cause poor performance. */ -#pragma GCC diagnostic push -#pragma GCC diagnostic warning "-Wpadded" +PADDING_GUARD_BEGIN typedef struct { int thd_id; @@ -113,7 +114,7 @@ typedef struct SfIp ip; uint16_t padding; } THD_IP_GNODE_KEY; -#pragma GCC diagnostic pop +PADDING_GUARD_END /*! THD_NODE diff --git a/src/filters/sfthd_test.cc b/src/filters/sfthd_test.cc index 0239b5339..1de5d0457 100644 --- a/src/filters/sfthd_test.cc +++ b/src/filters/sfthd_test.cc @@ -20,6 +20,7 @@ #include "catch/catch.hpp" #include "catch/unit_test.h" +#include "hash/sfxhash.h" #include "parser/parse_ip.h" #include "sfip/sf_ip.h" diff --git a/src/filters/sfthreshold.cc b/src/filters/sfthreshold.cc index b9a83f7e5..b3f691c77 100644 --- a/src/filters/sfthreshold.cc +++ b/src/filters/sfthreshold.cc @@ -38,15 +38,11 @@ */ #include "sfthreshold.h" -#include -#include -#include -#include - -#include "sfthd.h" +#include "hash/sfxhash.h" #include "main/snort_config.h" #include "utils/util.h" -#include "parser/parser.h" + +#include "sfthd.h" /* Data */ THD_STRUCT* thd_runtime = NULL; diff --git a/src/flow/flow_key.cc b/src/flow/flow_key.cc index 9c383c1d6..266ee07b0 100644 --- a/src/flow/flow_key.cc +++ b/src/flow/flow_key.cc @@ -24,12 +24,11 @@ #include "config.h" #endif +#include "hash/sfhashfcn.h" #include "main/snort_config.h" -#include "utils/util.h" -#include "sfip/sf_ip.h" -#include "protocols/packet.h" #include "protocols/icmp4.h" #include "protocols/icmp6.h" +#include "utils/util.h" //------------------------------------------------------------------------- // init foo diff --git a/src/flow/flow_key.h b/src/flow/flow_key.h index ce197cad3..0e30cb114 100644 --- a/src/flow/flow_key.h +++ b/src/flow/flow_key.h @@ -23,13 +23,15 @@ // FlowKey is used to store Flows in the caches. the data members are // sequenced to avoid void space. -#include "main/snort_types.h" -#include "hash/sfhashfcn.h" +#include + #include "framework/decode_data.h" -#include "sfip/sf_ip.h" +#include "utils/cpp_macros.h" + +struct SFHASHFCN; +struct SfIp; -#pragma GCC diagnostic push -#pragma GCC diagnostic warning "-Wpadded" +PADDING_GUARD_BEGIN struct FlowKey { uint32_t ip_l[4]; /* Low IP */ @@ -80,7 +82,7 @@ private: const SfIp *dstIP, uint16_t dstPort, uint32_t mplsId, bool order = true); }; -#pragma GCC diagnostic pop +PADDING_GUARD_END #endif diff --git a/src/network_inspectors/appid/host_port_app_cache.cc b/src/network_inspectors/appid/host_port_app_cache.cc index 017c4b9eb..07fc72766 100644 --- a/src/network_inspectors/appid/host_port_app_cache.cc +++ b/src/network_inspectors/appid/host_port_app_cache.cc @@ -27,8 +27,7 @@ #include "log/messages.h" #include "sfip/sf_ip.h" -#pragma GCC diagnostic push -#pragma GCC diagnostic warning "-Wpadded" +PADDING_GUARD_BEGIN struct HostPortKey { HostPortKey() @@ -63,7 +62,7 @@ struct HostPortKey IpProtocol proto; char padding; }; -#pragma GCC diagnostic pop +PADDING_GUARD_END THREAD_LOCAL std::map* host_port_cache = nullptr; diff --git a/src/network_inspectors/appid/service_state.cc b/src/network_inspectors/appid/service_state.cc index e3879cee9..96feeea87 100644 --- a/src/network_inspectors/appid/service_state.cc +++ b/src/network_inspectors/appid/service_state.cc @@ -30,8 +30,7 @@ //#define DEBUG_SERVICE_STATE 1 -#pragma GCC diagnostic push -#pragma GCC diagnostic warning "-Wpadded" +PADDING_GUARD_BEGIN class AppIdServiceStateKey { public: @@ -73,7 +72,7 @@ public: IpProtocol proto; char padding[3]; }; -#pragma GCC diagnostic pop +PADDING_GUARD_END // FIXIT-L - no memcap on size of this table, do we need that? THREAD_LOCAL std::map* service_state_cache = nullptr; diff --git a/src/network_inspectors/port_scan/ps_detect.cc b/src/network_inspectors/port_scan/ps_detect.cc index a53a36bec..b17265bb5 100644 --- a/src/network_inspectors/port_scan/ps_detect.cc +++ b/src/network_inspectors/port_scan/ps_detect.cc @@ -56,15 +56,14 @@ #include "sfip/sf_ip.h" #include "stream/stream.h" -#pragma GCC diagnostic push -#pragma GCC diagnostic warning "-Wpadded" +PADDING_GUARD_BEGIN typedef struct s_PS_HASH_KEY { int protocol; SfIp scanner; SfIp scanned; } PS_HASH_KEY; -#pragma GCC diagnostic pop +PADDING_GUARD_END typedef struct s_PS_ALERT_CONF { diff --git a/src/service_inspectors/dce_rpc/ips_dce_iface.cc b/src/service_inspectors/dce_rpc/ips_dce_iface.cc index dfe082047..1477e5bd0 100644 --- a/src/service_inspectors/dce_rpc/ips_dce_iface.cc +++ b/src/service_inspectors/dce_rpc/ips_dce_iface.cc @@ -26,6 +26,7 @@ #include "framework/module.h" #include "framework/ips_option.h" #include "framework/range.h" +#include "hash/sfhashfcn.h" #include "profiler/profiler.h" #include "target_based/snort_protocols.h" #include "utils/util.h" diff --git a/src/service_inspectors/dce_rpc/ips_dce_opnum.cc b/src/service_inspectors/dce_rpc/ips_dce_opnum.cc index f97563db4..a64c247a7 100644 --- a/src/service_inspectors/dce_rpc/ips_dce_opnum.cc +++ b/src/service_inspectors/dce_rpc/ips_dce_opnum.cc @@ -22,6 +22,7 @@ #include "detection/detection_defines.h" #include "framework/ips_option.h" #include "framework/module.h" +#include "hash/sfhashfcn.h" #include "profiler/profiler.h" #include "utils/util.h" diff --git a/src/service_inspectors/dce_rpc/ips_dce_stub_data.cc b/src/service_inspectors/dce_rpc/ips_dce_stub_data.cc index c1ed87261..c21ed1d44 100644 --- a/src/service_inspectors/dce_rpc/ips_dce_stub_data.cc +++ b/src/service_inspectors/dce_rpc/ips_dce_stub_data.cc @@ -23,6 +23,7 @@ #include "framework/cursor.h" #include "framework/ips_option.h" #include "framework/module.h" +#include "hash/sfhashfcn.h" #include "profiler/profiler.h" #include "dce_common.h" diff --git a/src/utils/CMakeLists.txt b/src/utils/CMakeLists.txt index 6ea5509f5..e668423d7 100644 --- a/src/utils/CMakeLists.txt +++ b/src/utils/CMakeLists.txt @@ -9,6 +9,7 @@ endif ( BUILD_SNPRINTF ) set( UTIL_INCLUDES bitop.h + cpp_macros.h dnet_header.h kmap.h safec.h diff --git a/src/utils/Makefile.am b/src/utils/Makefile.am index 01a022814..91310aae3 100644 --- a/src/utils/Makefile.am +++ b/src/utils/Makefile.am @@ -5,6 +5,7 @@ x_includedir = $(pkgincludedir)/utils x_include_HEADERS = \ bitop.h \ +cpp_macros.h \ dnet_header.h \ kmap.h \ safec.h \ diff --git a/src/utils/cpp_macros.h b/src/utils/cpp_macros.h new file mode 100644 index 000000000..3b01ef085 --- /dev/null +++ b/src/utils/cpp_macros.h @@ -0,0 +1,23 @@ +#ifndef CPP_MACROS_H +#define CPP_MACROS_H + +#define STRINGIFY(x) #x + +#if defined(__clang__) && !defined(__ICC) +# define PADDING_GUARD_BEGIN \ + _Pragma(STRINGIFY( clang diagnostic push )) \ + _Pragma(STRINGIFY( clang diagnostic warning "-Wpadded" )) +# define PADDING_GUARD_END \ + _Pragma(STRINGIFY( clang diagnostic pop )) +#elif defined(__GNUC__) && __GNUC__ > 4 && !defined(__ICC) +# define PADDING_GUARD_BEGIN \ + _Pragma(STRINGIFY( GCC diagnostic push )) \ + _Pragma(STRINGIFY( GCC diagnostic warning "-Wpadded" )) +# define PADDING_GUARD_END \ + _Pragma(STRINGIFY( GCC diagnostic pop )) +#else +# define PADDING_GUARD_BEGIN +# define PADDING_GUARD_END +#endif + +#endif -- 2.47.2