[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v2 01/13] Export hypervisor symbols

To: Jan Beulich <JBeulich@xxxxxxxx>
From: Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx>
Date: Wed, 25 Sep 2013 10:03:23 -0400
Cc: suravee.suthikulpanit@xxxxxxx, George.Dunlap@xxxxxxxxxxxxx, jacob.shin@xxxxxxx, eddie.dong@xxxxxxxxx, dietmar.hahn@xxxxxxxxxxxxxx, jun.nakajima@xxxxxxxxx, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
Delivery-date: Wed, 25 Sep 2013 14:01:37 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On 09/25/2013 09:15 AM, Jan Beulich wrote:

On 20.09.13 at 11:42, Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx> wrote:

+    case XENPF_get_symbols:
+    {
+        ret = xensyms_read(&op->u.symdata);
+        if ( ret >= 0 && __copy_field_to_guest(u_xenpf_op, op, u.symdata) )
+            ret = -EFAULT;
+    }
+    break;

This yields a positive return value if a symbol was found, 0 if none
was found, and negative on error. Can we avoid this non-standard
first aspect?


We need to know on the caller side when EOF is reached. There is no good
error code that I can see that would be appropriate here. ERANGE or ENFILE

are the closest I can imagine but EOF is not really an error so I am notsure

this would be the right thing.

We could look at first byte of the string and see where it's a 0 butthat's also

somewhat non-standard. Encoding type or address as an invalid token also
doesn't look nice.

+        return 0;
+
+    spin_lock(&symbols_mutex);
+
+    if ( symdata->xen_symnum == 0 )
+        next_offset = next_symbol = 0;
+    else if ( next_symbol != symdata->xen_symnum )
+        /* Non-sequential access */
+        next_offset = get_symbol_offset(symdata->xen_symnum);
+
+    symdata->type = symbols_get_symbol_type(next_offset);
+    next_offset = symbols_expand_symbol(next_offset, symdata->name,
+        sizeof(symdata->name));
+    symdata->address = symbols_offsets[symdata->xen_symnum] + SYMBOLS_ORIGIN;
+
+    next_symbol = symdata->xen_symnum + 1;
+
+    spin_unlock(&symbols_mutex);
+
+    return strlen(symdata->name);

Altogether the changes you do appear to allow the nul terminator
to be written outside of the passed in array. Hence (a) you need
to avoid corrupting memory and (b) whether using strlen() here is
appropriate depends on how you deal with (a).

Yes, I should have passed 'sizeof(symdata->name)-1' tosymbols_expand_symbol()

(I was thinking of strlen instead of sizeof)

+
+struct xenpf_symdata {
+    /* IN variables */
+    uint64_t xen_symnum;
+
+    /* OUT variables */
+    uint64_t address;
+    uint64_t type;

"type" and "xen_symnum" could easily be less than 64 bits wide.

I am trying to avoid 32-bit compatibility issues here. You will seesometimes

unnecessary uint64_t in other structures well for the same reason.


-boris

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH v2 01/13] Export hypervisor symbols
  - From: Jan Beulich

References:
- [Xen-devel] [PATCH v2 00/13] x86/PMU: Xen PMU PV support
  - From: Boris Ostrovsky
- [Xen-devel] [PATCH v2 01/13] Export hypervisor symbols
  - From: Boris Ostrovsky
- Re: [Xen-devel] [PATCH v2 01/13] Export hypervisor symbols
  - From: Jan Beulich

Prev by Date: Re: [Xen-devel] [PATCH 2/2] microcode: Check whether the microcode is correct.
Next by Date: Re: [Xen-devel] [PATCH RFC 06/12] libxl: set correct permissions for the full backend path
Previous by thread: Re: [Xen-devel] [PATCH v2 01/13] Export hypervisor symbols
Next by thread: Re: [Xen-devel] [PATCH v2 01/13] Export hypervisor symbols
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.