All of lore.kernel.org
 help / color / mirror / Atom feed
From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Xen-devel <xen-devel@lists.xen.org>
Cc: Wei Liu <wei.liu2@citrix.com>,
	Ian Campbell <Ian.Campbell@citrix.com>,
	Andrew Cooper <andrew.cooper3@citrix.com>,
	Ian Jackson <Ian.Jackson@eu.citrix.com>,
	David Vrabel <david.vrabel@citrix.com>,
	Yang Hongyang <yanghy@cn.fujitsu.com>
Subject: [PATCH v2 2/6] libxc/restore: Bail if unknown options are found
Date: Fri, 8 May 2015 22:14:31 +0100	[thread overview]
Message-ID: <1431119675-23847-3-git-send-email-andrew.cooper3@citrix.com> (raw)
In-Reply-To: <1431119675-23847-1-git-send-email-andrew.cooper3@citrix.com>

When restoring a domain, check for unknown options in Image Header.  Nothing
good will come from attempting to continue.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
CC: David Vrabel <david.vrabel@citrix.com>
CC: Ian Campbell <Ian.Campbell@citrix.com>
CC: Ian Jackson <Ian.Jackson@eu.citrix.com>
CC: Wei Liu <wei.liu2@citrix.com>
CC: Yang Hongyang <yanghy@cn.fujitsu.com>

---
David: The wording of the spec disallows even adding new options without
bumping the protocol version.  Do we want to relax the restriction slightly?
---
 docs/specs/libxc-migration-stream.pandoc |    5 +++--
 tools/libxc/xc_sr_restore.c              |    6 ++++++
 tools/libxc/xc_sr_stream_format.h        |    2 ++
 3 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/docs/specs/libxc-migration-stream.pandoc b/docs/specs/libxc-migration-stream.pandoc
index 520240f..fa501e7 100644
--- a/docs/specs/libxc-migration-stream.pandoc
+++ b/docs/specs/libxc-migration-stream.pandoc
@@ -131,11 +131,12 @@ version     0x00000002.  The version of this specification.
 
 options     bit 0: Endianness.  0 = little-endian, 1 = big-endian.
 
-            bit 1-15: Reserved.
+            bit 1-15: Reserved. (Must be zero)
 --------------------------------------------------------------------
 
 The endianness shall be 0 (little-endian) for images generated on an
-i386, x86_64, or arm host.
+i386, x86_64, or arm host.  The receiving side should confirm that no
+unexpected options have been specified.
 
 \clearpage
 
diff --git a/tools/libxc/xc_sr_restore.c b/tools/libxc/xc_sr_restore.c
index 0bf4bae..7d65a29 100644
--- a/tools/libxc/xc_sr_restore.c
+++ b/tools/libxc/xc_sr_restore.c
@@ -37,6 +37,12 @@ static int read_headers(struct xc_sr_context *ctx)
               ihdr.version, IHDR_VERSION);
         return -1;
     }
+    else if ( ihdr.options & IHDR_OPT_RSVD_MASK )
+    {
+        ERROR("Unknown options in Image Header: 0x%04x",
+              ihdr.options & IHDR_OPT_RSVD_MASK);
+        return -1;
+    }
     else if ( ihdr.options & IHDR_OPT_BIG_ENDIAN )
     {
         ERROR("Unable to handle big endian streams");
diff --git a/tools/libxc/xc_sr_stream_format.h b/tools/libxc/xc_sr_stream_format.h
index d116ca6..9d8c128 100644
--- a/tools/libxc/xc_sr_stream_format.h
+++ b/tools/libxc/xc_sr_stream_format.h
@@ -29,6 +29,8 @@ struct xc_sr_ihdr
 #define IHDR_OPT_LITTLE_ENDIAN (0 << _IHDR_OPT_ENDIAN)
 #define IHDR_OPT_BIG_ENDIAN    (1 << _IHDR_OPT_ENDIAN)
 
+#define IHDR_OPT_RSVD_MASK     (~(IHDR_OPT_BIG_ENDIAN))
+
 /*
  * Domain Header
  */
-- 
1.7.10.4

  parent reply	other threads:[~2015-05-08 21:14 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-05-08 21:14 [PATCH v2 0/6] Misc patches to aid migration v2 Remus support Andrew Cooper
2015-05-08 21:14 ` [PATCH v2 1/6] xen/hvm: Permit HVM_PARAM_IDENT_PT to be set more than once Andrew Cooper
2015-05-11  7:51   ` Hongyang Yang
2015-05-11  8:00     ` Andrew Cooper
2015-05-11  8:06       ` Hongyang Yang
2015-05-08 21:14 ` Andrew Cooper [this message]
2015-05-11  9:23   ` [PATCH v2 2/6] libxc/restore: Bail if unknown options are found David Vrabel
2015-05-11 10:44     ` David Vrabel
2015-05-11 10:43   ` David Vrabel
2015-05-08 21:14 ` [PATCH v2 3/6] libxc/migration: Be rather stricter with illformed callers Andrew Cooper
2015-05-11 11:33   ` Ian Campbell
2015-05-11 11:47     ` Andrew Cooper
2015-05-11 11:57       ` Ian Campbell
2015-05-08 21:14 ` [PATCH v2 4/6] libxc/save: Adjust stream-position callbacks for checkpointed streams Andrew Cooper
2015-05-11 11:36   ` Ian Campbell
2015-05-11 11:56     ` Andrew Cooper
2015-05-11 12:05       ` Ian Campbell
2015-05-11 12:06         ` Andrew Cooper
2015-05-08 21:14 ` [PATCH v2 5/6] tools/migration: Specification update for 'checkpointed' flag Andrew Cooper
2015-05-08 21:14 ` [PATCH v2 6/6] libxc/migration: Specification update for CHECKPOINT records Andrew Cooper

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1431119675-23847-3-git-send-email-andrew.cooper3@citrix.com \
    --to=andrew.cooper3@citrix.com \
    --cc=Ian.Campbell@citrix.com \
    --cc=Ian.Jackson@eu.citrix.com \
    --cc=david.vrabel@citrix.com \
    --cc=wei.liu2@citrix.com \
    --cc=xen-devel@lists.xen.org \
    --cc=yanghy@cn.fujitsu.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.