Xen project Mailing List

Re: [Xen-devel] [PATCH v7 for-4.9 2/5] hvm/dmop: Make copy_buf_{from, to}_guest for a buffer not big enough an error.

To: Jennifer Herbert <jennifer.herbert@xxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxx>

From: Paul Durrant <Paul.Durrant@xxxxxxxxxx>

Date: Fri, 21 Apr 2017 13:29:40 +0000

Accept-language: en-GB, en-US

Cc: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>, Julien Grall <julien.grall@xxxxxxx>, Jennifer Herbert <jennifer.herbert@xxxxxxxxxx>, Jan Beulich <JBeulich@xxxxxxxx>

Delivery-date: Fri, 21 Apr 2017 13:29:55 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

Thread-index: AQHSuqFtKGQWEqZR8U+ax9daBVdEpqHP0NLg

Thread-topic: [PATCH v7 for-4.9 2/5] hvm/dmop: Make copy_buf_{from, to}_guest for a buffer not big enough an error.

> -----Original Message----- > From: jennifer.herbert@xxxxxxxxxx [mailto:jennifer.herbert@xxxxxxxxxx] > Sent: 21 April 2017 14:16 > To: Xen-devel <xen-devel@xxxxxxxxxxxxx> > Cc: Jennifer Herbert <jennifer.herbert@xxxxxxxxxx>; Jennifer Herbert > <jennifer.herbert@xxxxxxxxxx>; Paul Durrant <Paul.Durrant@xxxxxxxxxx>; > Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>; Jan Beulich > <JBeulich@xxxxxxxx>; Julien Grall <julien.grall@xxxxxxx> > Subject: [PATCH v7 for-4.9 2/5] hvm/dmop: Make copy_buf_{from, > to}_guest for a buffer not big enough an error. > > From: Jennifer Herbert <jennifer.herbert@xxxxxxxxxx> > > This makes copying to or from a buf that isn't big enough an error. > If the buffer isnt big enough, trying to carry on regardless > can only cause trouble later on. > > Signed-off-by: Jennifer Herbert <Jennifer.Herbert@xxxxxxxxxx> > -- > CC: Paul Durrant <paul.durrant@xxxxxxxxxx> > CC: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> > CC: Jan Beulich <JBeulich@xxxxxxxx> > CC: Julien Grall <julien.grall@xxxxxxx> > --- > This patch takes the behaviour change part of patch the previouse > [patch 2/4]. > --- > xen/arch/x86/hvm/dm.c | 18 ++++++++++-------- > 1 file changed, 10 insertions(+), 8 deletions(-) > > diff --git a/xen/arch/x86/hvm/dm.c b/xen/arch/x86/hvm/dm.c > index e583e41..63aa46c 100644 > --- a/xen/arch/x86/hvm/dm.c > +++ b/xen/arch/x86/hvm/dm.c > @@ -36,30 +36,32 @@ static bool copy_buf_from_guest(const > xen_dm_op_buf_t bufs[], > unsigned int nr_bufs, void *dst, > unsigned int idx, size_t dst_size) > { > - size_t size; > + size_t buf_bytes; > > if ( idx >= nr_bufs ) > return false; > > - memset(dst, 0, dst_size); > - > - size = min_t(size_t, dst_size, bufs[idx].size); > + buf_bytes = bufs[idx].size; > + if ( dst_size > buf_bytes ) > + return false; > > - return !copy_from_guest(dst, bufs[idx].h, size); > + return !copy_from_guest(dst, bufs[idx].h, buf_bytes); What happens if dst_size < buf_bytes? > } > > static bool copy_buf_to_guest(const xen_dm_op_buf_t bufs[], > unsigned int nr_bufs, unsigned int idx, > const void *src, size_t src_size) > { > - size_t size; > + size_t buf_bytes; > > if ( idx >= nr_bufs ) > return false; > > - size = min_t(size_t, bufs[idx].size, src_size); > + buf_bytes = bufs[idx].size; > + if ( src_size > buf_bytes ) > + return false; > > - return !copy_to_guest(bufs[idx].h, src, size); > + return !copy_to_guest(bufs[idx].h, src, buf_bytes); What happens if src_size < buf_bytes? > } > > static int track_dirty_vram(struct domain *d, xen_pfn_t first_pfn, > -- > 2.1.4 _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.