From: Amaury Denoyelle <adenoyelle@haproxy.com>
Date: Thu, 30 Jan 2025 17:01:53 +0000 (+0100)
Subject: BUILD: quic: fix overflow in global tune
X-Git-Tag: v3.2-dev5~73
X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=b849ee5fa35b7a909869db1dfd19f450f3172034;p=thirdparty%2Fhaproxy.git

BUILD: quic: fix overflow in global tune

A new global option was recently introduced to disable pacing. However,
the value used (1<<31) caused issue with some compiler as options field
used for storage is declared as int. Move pacing deactivation flag
outside into the newly defined quic_tune to fix this.

This should be backported up to 3.1 after a period of observation. Note
that it relied on the previous patch which defined new quic_tune type.
---

diff --git a/include/haproxy/global-t.h b/include/haproxy/global-t.h
index be4fcc922..6d4a3986c 100644
--- a/include/haproxy/global-t.h
+++ b/include/haproxy/global-t.h
@@ -87,7 +87,6 @@
 #define GTUNE_LISTENER_MQ_ANY    (GTUNE_LISTENER_MQ_FAIR | GTUNE_LISTENER_MQ_OPT)
 #define GTUNE_QUIC_CC_HYSTART    (1<<29)
 #define GTUNE_QUIC_NO_UDP_GSO    (1<<30)
-#define GTUNE_QUIC_NO_PACING     (1<<31)
 
 #define NO_ZERO_COPY_FWD             0x0001 /* Globally disable zero-copy FF */
 #define NO_ZERO_COPY_FWD_PT          0x0002 /* disable zero-copy FF for PT (recv & send are disabled automatically) */
diff --git a/include/haproxy/quic_tune-t.h b/include/haproxy/quic_tune-t.h
index 37cd74106..7d083c589 100644
--- a/include/haproxy/quic_tune-t.h
+++ b/include/haproxy/quic_tune-t.h
@@ -6,6 +6,8 @@
 #error "Must define USE_OPENSSL"
 #endif
 
+#define QUIC_TUNE_NO_PACING     0x00000001
+
 struct quic_tune {
 	uint options;
 };
diff --git a/src/cfgparse-quic.c b/src/cfgparse-quic.c
index 53c385a74..a1621967c 100644
--- a/src/cfgparse-quic.c
+++ b/src/cfgparse-quic.c
@@ -354,7 +354,7 @@ static int cfg_parse_quic_tune_setting0(char **args, int section_type,
 
 	suffix = args[0] + prefix_len;
 	if (strcmp(suffix, "disable-tx-pacing") == 0) {
-		global.tune.options |= GTUNE_QUIC_NO_PACING;
+		quic_tune.options |= QUIC_TUNE_NO_PACING;
 	}
 	else if (strcmp(suffix, "disable-udp-gso") == 0) {
 		global.tune.options |= GTUNE_QUIC_NO_UDP_GSO;
diff --git a/src/cfgparse.c b/src/cfgparse.c
index b36be44ea..c2d0ca5c3 100644
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@@ -72,6 +72,7 @@
 #include <haproxy/namespace.h>
 #include <haproxy/quic_cc-t.h>
 #include <haproxy/quic_sock.h>
+#include <haproxy/quic_tune.h>
 #include <haproxy/obj_type-t.h>
 #include <haproxy/openssl-compat.h>
 #include <haproxy/peers-t.h>
@@ -3059,7 +3060,7 @@ init_proxies_list_stage1:
 				  bind_conf->quic_cc_algo : default_quic_cc_algo;
 
 				if (!(cc_algo->flags & QUIC_CC_ALGO_FL_OPT_PACING) &&
-				    global.tune.options & GTUNE_QUIC_NO_PACING) {
+				    quic_tune.options & QUIC_TUNE_NO_PACING) {
 					ha_warning("Binding [%s:%d] for %s %s: using the selected congestion algorithm without pacing may cause slowdowns or high loss rates during transfers.\n",
 					           bind_conf->file, bind_conf->line,
 					           proxy_type_str(curproxy), curproxy->id);
diff --git a/src/mux_quic.c b/src/mux_quic.c
index d8b43a913..ebe37fe10 100644
--- a/src/mux_quic.c
+++ b/src/mux_quic.c
@@ -23,6 +23,7 @@
 #include <haproxy/quic_sock.h>
 #include <haproxy/quic_stream.h>
 #include <haproxy/quic_tp-t.h>
+#include <haproxy/quic_tune.h>
 #include <haproxy/quic_tx.h>
 #include <haproxy/session.h>
 #include <haproxy/ssl_sock-t.h>
@@ -40,7 +41,7 @@ static void qmux_ctrl_room(struct qc_stream_desc *, uint64_t room);
 /* Returns true if pacing should be used for <conn> connection. */
 static int qcc_is_pacing_active(const struct connection *conn)
 {
-	return !(global.tune.options & GTUNE_QUIC_NO_PACING);
+	return !(quic_tune.options & QUIC_TUNE_NO_PACING);
 }
 
 static void qcs_free_ncbuf(struct qcs *qcs, struct ncbuf *ncbuf)