[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v3] xen/gnttab: fix gnttab_acquire_resource()


  • To: Juergen Gross <jgross@xxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>
  • Date: Fri, 9 Sep 2022 13:12:03 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=9pojS8yM7yUoBtHmyd/FsjiEW8m7TUr4KatlgIq2TBA=; b=a3HazMSgOGIcm5RBK9x/Qkpbn81aZ6VRzkenInmDIAdIhUMntcAf6yf3u/T9fwROOiCZj98ihxFEWLCC6w2oal/N07G4qg4+9CwRoCM/jJPrNYmIXise0d+fSLK3TO7bN/SvsqIFWBf5ZwG+1qYvLiFCq5u20aa6ybg9IiUlwaV4ui85uey28UGuY4c8CuRFgfXTA84//t2c73otIUXuiKAQCbKGF2CI0ewKHbzzxYt5uYKGYgMQUdQr6SQy0xS/S+kVklkBDGmJiEyvrpHrJj6mI592ww7nR8MzWLJak4SGZ176TqUWvmg1+yNhlBVHzpR+Bdt9dQcHQKVoPxEGzg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ncDpSqe8kViO1ZtpHeCXDqRZoogrvWMiXYXhXxJeVNEetGe1dJXR+JWOh6qHfZUJCpw+NlIodUg2tT4UymI0eixr/f9Tl7d5M5lBfGIjBMsJjz0gYfBTO7b+pd00KmjB6tW7ZrcYhxXy7QudpHZpLTqBSUpOqRfgxifPWPIXFDMU+K5M/aqu+fPapui6BozZYzSV7xZxsFQEHWYPxI5pWucinVB02hXlqi2u4RekNczPhTF0eI3LS+AwnN874vjwKKd14rORlTnYmBG1/S/vPEqHptj5kfjvygTZt7HP3CanRtMbhOc3PPuOfWZ/ElTeyXLSz8+MZ6rvZdXdxuxdtg==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
  • Cc: "Henry.Wang@xxxxxxx" <Henry.Wang@xxxxxxx>, Wei Liu <wl@xxxxxxx>, Anthony Perard <anthony.perard@xxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>
  • Delivery-date: Fri, 09 Sep 2022 13:12:36 +0000
  • Ironport-data: A9a23:n27Ie6JnfXNrPXAPFE+RPZQlxSXFcZb7ZxGr2PjKsXjdYENS0zUHx mUXXj2HMq2LazPzKNB2Ydiy80oB6MfQmIVmSQNlqX01Q3x08seUXt7xwmUcns+xwm8vaGo9s q3yv/GZdJhcokf0/0vraP65xZVF/fngbqLmD+LZMTxGSwZhSSMw4TpugOd8iYNz6TSDK1rlV eja/ouOYzdJ5xYuajhOs/Pb+Us11BjPkGhwUmIWNKgjUGD2zxH5PLpHTYmtIn3xRJVjH+LSb 44vG5ngows1Vz90Yj+Uuu6Tnn8iG9Y+DiDX4pZiYICwgwAqm8AH+v1T2Mzwy6tgo27hc9hZk L2hvHErIOsjFvWkdO81C3G0H8ziVEHvFXCuzXWX6KSuI0P6n3TE7OdTIHAPJdYkyNlcLXBi7 fEoDwEKcUXW7w626OrTpuhEoO0GdZOuEKZB/3ZqwHfeEOosRo3FT+PS/9hE0Twsh8dIW/HDe 84ebjkpZxPFC/FNEg5PVNRiw6H11z+mLGcwRFG9/MLb50D6ygBr3aerG93SYtGQHu1en1qCp 3KA9GP8av0fHIPOmWbcrSz17gPJtS+8B94dSvqKzNhnmUGKlnQaOQAMU1Tu9JFVjWb7AbqzM Xc8+CU0qrMp3Fe2VdS7VBq9yFaUsxhZV9dOHukS7ACW1rGS8wufHnIDTDNKdJohrsBebRwn0 EWY2ezgAzNHuaeQD3ma89+8sjeaKSUTa2gYakcsTwEI/t3iq4EblQ/UQ5BoF6vdpt/oHTD9x RiaoS54gK8c5eYQzLmy913DhzOqp7DKQxQz6wGRWXiqhj6Vf6agbo2srFTes/BJKd/DSkHb5 Sde3c+D8OoJEJeB0jSXR/kAF62o4PDDNyDAhVloHN8q8DHFF2OfQL28KQpWfC9BWvvosxezC KMPkWu9PKNuAUY=
  • Ironport-hdrordr: A9a23:Wpq7i6jWGc1bubUUyMqz0gkC6nBQXioji2hC6mlwRA09TyX5ra 2TdZUgpHjJYVMqMk3I9uruBEDtex3hHNtOkOos1NSZLW3bUQmTTL2KhLGKq1Hd8m/Fh4xgPM 9bGJSWY+eAaGSS4/ya3OG5eexQvOVu8sqT9JjjJ6EGd3AVV0lihT0JezpyCidNNW977QJSLu vn2iJAzQDQAEg/X4CAKVQuefPMnNHPnIKOW296O/Z2gDP+9Q9B8dTBYmOl4is=
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHYxEs6aZ5V4BIu+E2gLbKrqRKb7K3XEukA
  • Thread-topic: [PATCH v3] xen/gnttab: fix gnttab_acquire_resource()

On 09/09/2022 13:53, Juergen Gross wrote:
> Commit 9dc46386d89d ("gnttab: work around "may be used uninitialized"
> warning") was wrong, as vaddrs can legitimately be NULL in case
> XENMEM_resource_grant_table_id_status was specified for a grant table
> v1. This would result in crashes in debug builds due to
> ASSERT_UNREACHABLE() triggering.
>
> Check vaddrs only to be NULL in the rc == 0 case.
>
> Expand the tests in tools/tests/resource to verify that using
> XENMEM_resource_grant_table_id_status on a V1 grant table will result
> in EINVAL.
>
> Fixes: 9dc46386d89d ("gnttab: work around "may be used uninitialized" 
> warning")
> Signed-off-by: Juergen Gross <jgross@xxxxxxxx>
> Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx> # xen
> Release-acked-by: Henry Wang <Henry.Wang@xxxxxxx>
> ---
> V2:
> - rework (Jan Beulich, Julien Grall)
> V3:
> - added test support (Andrew Cooper)
> ---
>  tools/tests/resource/test-resource.c | 11 +++++++++++
>  xen/common/grant_table.c             |  2 +-
>  2 files changed, 12 insertions(+), 1 deletion(-)
>
> diff --git a/tools/tests/resource/test-resource.c 
> b/tools/tests/resource/test-resource.c
> index 189353ebcb..71a81f207e 100644
> --- a/tools/tests/resource/test-resource.c
> +++ b/tools/tests/resource/test-resource.c
> @@ -106,6 +106,17 @@ static void test_gnttab(uint32_t domid, unsigned int 
> nr_frames,
>      if ( rc )
>          return fail("    Fail: Unmap grant table %d - %s\n",
>                      errno, strerror(errno));
> +
> +    /* Verify that the attempt to map the status frames is failing for V1. */
> +    res = xenforeignmemory_map_resource(
> +        fh, domid, XENMEM_resource_grant_table,
> +        XENMEM_resource_grant_table_id_status, 0, 1,
> +        (void **)&gnttab, PROT_READ | PROT_WRITE, 0);
> +    if ( res || errno != EINVAL )
> +        fail("    Fail: Map status not failing with EINVAL %d - %s\n",
> +             res ? 0 : errno, res ? "no error" : strerror(errno));

I'd recommend not checking for EINVAL specifically.  This has bitten XTF
in the past when XSAs have caused one error to turn into another, and
plenty of hypercalls have exact errnos which change depending on how Xen
is compiled.

I'd go with the more simple:

if ( res )
{
    fail("    Fail: Managed to map gnttab v2 status frames in v1 mode\n");
    xenforeignmemory_unmap_resource(fh, res);
}

Everything else looks fine, so I'm happy to fix this up on commit.

~Andrew

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.