From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.2 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,NICE_REPLY_A, SPF_HELO_NONE,SPF_NONE,USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E33D0C4708F for ; Thu, 3 Jun 2021 02:29:22 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id B291A613E9 for ; Thu, 3 Jun 2021 02:29:22 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229752AbhFCCbF (ORCPT ); Wed, 2 Jun 2021 22:31:05 -0400 Received: from us-smtp-delivery-124.mimecast.com ([216.205.24.124]:21008 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229617AbhFCCbE (ORCPT ); Wed, 2 Jun 2021 22:31:04 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1622687360; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Z8pfT0MZqL2Z8bkqcby4E+RJ01PN1727vqn0BLJ23M4=; b=YrsblBJxGFPGmWEp9uk++ymjnAe+NFQdCH6ZGidXLDczA9Ynferz1MIOXG0FXcoSsKyozG mFX008wBHU5+3cnMKrDBGTGsM1N69tz9JVTFAnb5+tb75VMt/4gcDkrQmnkYlIK8hc0hxF 1JbHlRNrxueVa7Db4DjUlzug1zvWGg4= Received: from mail-pf1-f197.google.com (mail-pf1-f197.google.com [209.85.210.197]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-285-JhIIHIRvNh2bAmmkMmAurQ-1; Wed, 02 Jun 2021 22:29:19 -0400 X-MC-Unique: JhIIHIRvNh2bAmmkMmAurQ-1 Received: by mail-pf1-f197.google.com with SMTP id e20-20020a62ee140000b02902ea0a23d589so2648782pfi.5 for ; Wed, 02 Jun 2021 19:29:19 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=Z8pfT0MZqL2Z8bkqcby4E+RJ01PN1727vqn0BLJ23M4=; b=nHcmAxrdYlnSUKhd/Kx4kTybQhkPISr5FyeneW7wOkDi6YrSJOzS/HoU85K3F3TD54 U+MF+f0ZtPeELjzTf8dhsoSazs653a/QnxowT3aXkiWVrsbQwmNmBtF9yOVZms5uzgie uvLVNgjik9dxQK/y0Wv4kB4A/0pYBDbaeDFsedTxnut/MS3oqTF03Z76xXXwj+c5xGiF DQZmmpmONBv2SRBUIo77cd8D1fC87AEFdATb6DhouC2g0Tn5CuqNTtt6St8fO4YeNMl7 O95ZcjhrkuhY9xsGwMBqTcgtjn1geusNb7/DJICvIoA2UgjT988G61WkV/Gj+UgJ9oJV phHQ== X-Gm-Message-State: AOAM532wXMUyvwetNPYzJPXQhJN4Q441cZW0wgkKdC6brfu+WDryFPAH cN//MfM/PZu4oZVnz+C/vuSzmaZSQNTB60R+GmkzZwqeDPOygAn+o3de/dkUDYSO/z0EzX38Vwj 2PK1+olmSZZEXt9/fZUN4wrvX3OXrweJZKm7mKRYpWk/4P6KId/OUoH8/U7EzZSPUFcgPYepZ3E 46 X-Received: by 2002:a17:90a:af8b:: with SMTP id w11mr33995001pjq.228.1622687357850; Wed, 02 Jun 2021 19:29:17 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzcAOh1B5HwVx/1uLe5ueMMD2TZKV165kULJvA56z6ifNMCkU6WkR/FyKpm6p4cpf8KJgEpBw== X-Received: by 2002:a17:90a:af8b:: with SMTP id w11mr33994974pjq.228.1622687357476; Wed, 02 Jun 2021 19:29:17 -0700 (PDT) Received: from wangxiaodeMacBook-Air.local ([209.132.188.80]) by smtp.gmail.com with ESMTPSA id f2sm895145pgl.67.2021.06.02.19.29.13 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 02 Jun 2021 19:29:17 -0700 (PDT) Subject: Re: [PATCH v1 3/8] virtio: Harden split buffer detachment To: Andi Kleen , mst@redhat.com Cc: virtualization@lists.linux-foundation.org, hch@lst.de, m.szyprowski@samsung.com, robin.murphy@arm.com, iommu@lists.linux-foundation.org, x86@kernel.org, sathyanarayanan.kuppuswamy@linux.intel.com, jpoimboe@redhat.com, linux-kernel@vger.kernel.org References: <20210603004133.4079390-1-ak@linux.intel.com> <20210603004133.4079390-4-ak@linux.intel.com> From: Jason Wang Message-ID: <284ca65d-d8b4-a671-4dba-df478a3610f1@redhat.com> Date: Thu, 3 Jun 2021 10:29:08 +0800 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.10.2 MIME-Version: 1.0 In-Reply-To: <20210603004133.4079390-4-ak@linux.intel.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 在 2021/6/3 上午8:41, Andi Kleen 写道: > Harden the split buffer detachment path by adding boundary checking. Note > that when this fails we may fail to unmap some swiotlb mapping, which could > result in a leak and a DOS. But that's acceptable because an malicious host > can DOS us anyways. > > Signed-off-by: Andi Kleen > --- > drivers/virtio/virtio_ring.c | 25 +++++++++++++++++++++---- > 1 file changed, 21 insertions(+), 4 deletions(-) > > diff --git a/drivers/virtio/virtio_ring.c b/drivers/virtio/virtio_ring.c > index d37ff5a0ff58..1e9aa1e95e1b 100644 > --- a/drivers/virtio/virtio_ring.c > +++ b/drivers/virtio/virtio_ring.c > @@ -651,12 +651,19 @@ static bool virtqueue_kick_prepare_split(struct virtqueue *_vq) > return needs_kick; > } > > -static void detach_buf_split(struct vring_virtqueue *vq, unsigned int head, > - void **ctx) > +static int detach_buf_split(struct vring_virtqueue *vq, unsigned int head, > + void **ctx) > { > unsigned int i, j; > __virtio16 nextflag = cpu_to_virtio16(vq->vq.vdev, VRING_DESC_F_NEXT); > > + /* We'll leak DMA mappings when this happens, but nothing > + * can be done about that. In the worst case the host > + * could DOS us, but it can of course do that anyways. > + */ > + if (!inside_split_ring(vq, head)) > + return -EIO; I think the caller have already did this for us with even more check on the token (virtqueue_get_buf_ctx_split()):         if (unlikely(i >= vq->split.vring.num)) {                 BAD_RING(vq, "id %u out of range\n", i);                 return NULL;         }         if (unlikely(!vq->split.desc_state[i].data)) {                 BAD_RING(vq, "id %u is not a head!\n", i);                 return NULL;         } > + > /* Clear data ptr. */ > vq->split.desc_state[head].data = NULL; > > @@ -666,6 +673,8 @@ static void detach_buf_split(struct vring_virtqueue *vq, unsigned int head, > while (vq->split.vring.desc[i].flags & nextflag) { > vring_unmap_one_split(vq, &vq->split.vring.desc[i]); > i = virtio16_to_cpu(vq->vq.vdev, vq->split.vring.desc[i].next); > + if (!inside_split_ring(vq, i)) > + return -EIO; Similarly, if we don't depend on the metadata stored in the descriptor, we don't need this check. > vq->vq.num_free++; > } > > @@ -684,7 +693,7 @@ static void detach_buf_split(struct vring_virtqueue *vq, unsigned int head, > > /* Free the indirect table, if any, now that it's unmapped. */ > if (!indir_desc) > - return; > + return 0; > > len = virtio32_to_cpu(vq->vq.vdev, > vq->split.vring.desc[head].len); > @@ -701,6 +710,7 @@ static void detach_buf_split(struct vring_virtqueue *vq, unsigned int head, > } else if (ctx) { > *ctx = vq->split.desc_state[head].indir_desc; > } > + return 0; > } > > static inline bool more_used_split(const struct vring_virtqueue *vq) > @@ -717,6 +727,7 @@ static void *virtqueue_get_buf_ctx_split(struct virtqueue *_vq, > void *ret; > unsigned int i; > u16 last_used; > + int err; > > START_USE(vq); > > @@ -751,7 +762,12 @@ static void *virtqueue_get_buf_ctx_split(struct virtqueue *_vq, > > /* detach_buf_split clears data, so grab it now. */ > ret = vq->split.desc_state[i].data; > - detach_buf_split(vq, i, ctx); > + err = detach_buf_split(vq, i, ctx); > + if (err) { > + END_USE(vq); This reminds me that we don't use END_USE() after BAD_RING() which should be fixed. Thanks > + return NULL; > + } > + > vq->last_used_idx++; > /* If we expect an interrupt for the next entry, tell host > * by writing event index and flush out the write before > @@ -863,6 +879,7 @@ static void *virtqueue_detach_unused_buf_split(struct virtqueue *_vq) > /* detach_buf_split clears data, so grab it now. */ > buf = vq->split.desc_state[i].data; > detach_buf_split(vq, i, NULL); > + /* Don't need to check for error because nothing is returned */ > vq->split.avail_idx_shadow--; > vq->split.vring.avail->idx = cpu_to_virtio16(_vq->vdev, > vq->split.avail_idx_shadow); From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.7 required=3.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,NICE_REPLY_A,SPF_HELO_NONE,SPF_NONE,USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 34465C47092 for ; Thu, 3 Jun 2021 02:29:26 +0000 (UTC) Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id C36BE613EB for ; Thu, 3 Jun 2021 02:29:25 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org C36BE613EB Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=redhat.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=iommu-bounces@lists.linux-foundation.org Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 86B0440529; Thu, 3 Jun 2021 02:29:25 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RYGkb5bQNsWo; Thu, 3 Jun 2021 02:29:24 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by smtp4.osuosl.org (Postfix) with ESMTP id 136C1404DE; Thu, 3 Jun 2021 02:29:24 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id EEC48C000E; Thu, 3 Jun 2021 02:29:23 +0000 (UTC) Received: from smtp2.osuosl.org (smtp2.osuosl.org [IPv6:2605:bc80:3010::133]) by lists.linuxfoundation.org (Postfix) with ESMTP id 16546C0001 for ; Thu, 3 Jun 2021 02:29:23 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id EBDED404D7 for ; Thu, 3 Jun 2021 02:29:22 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Authentication-Results: smtp2.osuosl.org (amavisd-new); dkim=pass (1024-bit key) header.d=redhat.com Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id juOo7beSPU8B for ; Thu, 3 Jun 2021 02:29:21 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by smtp2.osuosl.org (Postfix) with ESMTPS id 7BA7A400D8 for ; Thu, 3 Jun 2021 02:29:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1622687360; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Z8pfT0MZqL2Z8bkqcby4E+RJ01PN1727vqn0BLJ23M4=; b=YrsblBJxGFPGmWEp9uk++ymjnAe+NFQdCH6ZGidXLDczA9Ynferz1MIOXG0FXcoSsKyozG mFX008wBHU5+3cnMKrDBGTGsM1N69tz9JVTFAnb5+tb75VMt/4gcDkrQmnkYlIK8hc0hxF 1JbHlRNrxueVa7Db4DjUlzug1zvWGg4= Received: from mail-pf1-f199.google.com (mail-pf1-f199.google.com [209.85.210.199]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-283-3GUx_6TgMsKhg6rZ8QkKcw-1; Wed, 02 Jun 2021 22:29:18 -0400 X-MC-Unique: 3GUx_6TgMsKhg6rZ8QkKcw-1 Received: by mail-pf1-f199.google.com with SMTP id q3-20020aa784230000b02902ea311f25e2so1417324pfn.1 for ; Wed, 02 Jun 2021 19:29:18 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=Z8pfT0MZqL2Z8bkqcby4E+RJ01PN1727vqn0BLJ23M4=; b=ieA33kxShUgErLJ69kKPTA0md/VvDYFIS+wu8AhSzbcatn1xMdMFVuZ+k+absaZapb N6mwauHZgCRycKtSYhH3ZXft8/667Uf+nzcuFlARn/O60u6TIyPlZOsQPGSd21HCIKbk tn85s3coZQM2UzeCWagHNH9mqX+SqM2eUMdRyRXyCZCWn815dVjrg6Yid6xxKTYUcdkq zlYRYdHb74PYntBJpVPlZMfsslS2Q/LhmMDZen+t6Iuc7hSNzuQ8lXhzGWxYPpiJgf48 sD4KNWpFwGda78MY95Nz8BNlT5ga0RI47J/DyVMzjc8mEEKhoGHdN70kQp+UBfxPsZdd GVMw== X-Gm-Message-State: AOAM5312mS9+yuBk5pgm/nemUvOO92JgiN50xEvOxtL0P2G2di7dFwIk MmJXf09md7BdIhjr6kSMPBIsHIF95zZvN7BU4XsIMF2JFfa2mndjr8FP/g0ba9Cgw6pue5thqyg l7vheqUFH2Ls+ho9QbtV4jr3NLdCfTg== X-Received: by 2002:a17:90a:af8b:: with SMTP id w11mr33994994pjq.228.1622687357782; Wed, 02 Jun 2021 19:29:17 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzcAOh1B5HwVx/1uLe5ueMMD2TZKV165kULJvA56z6ifNMCkU6WkR/FyKpm6p4cpf8KJgEpBw== X-Received: by 2002:a17:90a:af8b:: with SMTP id w11mr33994974pjq.228.1622687357476; Wed, 02 Jun 2021 19:29:17 -0700 (PDT) Received: from wangxiaodeMacBook-Air.local ([209.132.188.80]) by smtp.gmail.com with ESMTPSA id f2sm895145pgl.67.2021.06.02.19.29.13 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 02 Jun 2021 19:29:17 -0700 (PDT) Subject: Re: [PATCH v1 3/8] virtio: Harden split buffer detachment To: Andi Kleen , mst@redhat.com References: <20210603004133.4079390-1-ak@linux.intel.com> <20210603004133.4079390-4-ak@linux.intel.com> From: Jason Wang Message-ID: <284ca65d-d8b4-a671-4dba-df478a3610f1@redhat.com> Date: Thu, 3 Jun 2021 10:29:08 +0800 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.10.2 MIME-Version: 1.0 In-Reply-To: <20210603004133.4079390-4-ak@linux.intel.com> Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=jasowang@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Language: en-US Cc: x86@kernel.org, linux-kernel@vger.kernel.org, virtualization@lists.linux-foundation.org, iommu@lists.linux-foundation.org, jpoimboe@redhat.com, robin.murphy@arm.com, hch@lst.de X-BeenThere: iommu@lists.linux-foundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Development issues for Linux IOMMU support List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: base64 Content-Type: text/plain; charset="utf-8"; Format="flowed" Errors-To: iommu-bounces@lists.linux-foundation.org Sender: "iommu" CuWcqCAyMDIxLzYvMyDkuIrljYg4OjQxLCBBbmRpIEtsZWVuIOWGmemBkzoKPiBIYXJkZW4gdGhl IHNwbGl0IGJ1ZmZlciBkZXRhY2htZW50IHBhdGggYnkgYWRkaW5nIGJvdW5kYXJ5IGNoZWNraW5n LiBOb3RlCj4gdGhhdCB3aGVuIHRoaXMgZmFpbHMgd2UgbWF5IGZhaWwgdG8gdW5tYXAgc29tZSBz d2lvdGxiIG1hcHBpbmcsIHdoaWNoIGNvdWxkCj4gcmVzdWx0IGluIGEgbGVhayBhbmQgYSBET1Mu IEJ1dCB0aGF0J3MgYWNjZXB0YWJsZSBiZWNhdXNlIGFuIG1hbGljaW91cyBob3N0Cj4gY2FuIERP UyB1cyBhbnl3YXlzLgo+Cj4gU2lnbmVkLW9mZi1ieTogQW5kaSBLbGVlbiA8YWtAbGludXguaW50 ZWwuY29tPgo+IC0tLQo+ICAgZHJpdmVycy92aXJ0aW8vdmlydGlvX3JpbmcuYyB8IDI1ICsrKysr KysrKysrKysrKysrKysrKy0tLS0KPiAgIDEgZmlsZSBjaGFuZ2VkLCAyMSBpbnNlcnRpb25zKCsp LCA0IGRlbGV0aW9ucygtKQo+Cj4gZGlmZiAtLWdpdCBhL2RyaXZlcnMvdmlydGlvL3ZpcnRpb19y aW5nLmMgYi9kcml2ZXJzL3ZpcnRpby92aXJ0aW9fcmluZy5jCj4gaW5kZXggZDM3ZmY1YTBmZjU4 Li4xZTlhYTFlOTVlMWIgMTAwNjQ0Cj4gLS0tIGEvZHJpdmVycy92aXJ0aW8vdmlydGlvX3Jpbmcu Ywo+ICsrKyBiL2RyaXZlcnMvdmlydGlvL3ZpcnRpb19yaW5nLmMKPiBAQCAtNjUxLDEyICs2NTEs MTkgQEAgc3RhdGljIGJvb2wgdmlydHF1ZXVlX2tpY2tfcHJlcGFyZV9zcGxpdChzdHJ1Y3Qgdmly dHF1ZXVlICpfdnEpCj4gICAJcmV0dXJuIG5lZWRzX2tpY2s7Cj4gICB9Cj4gICAKPiAtc3RhdGlj IHZvaWQgZGV0YWNoX2J1Zl9zcGxpdChzdHJ1Y3QgdnJpbmdfdmlydHF1ZXVlICp2cSwgdW5zaWdu ZWQgaW50IGhlYWQsCj4gLQkJCSAgICAgdm9pZCAqKmN0eCkKPiArc3RhdGljIGludCBkZXRhY2hf YnVmX3NwbGl0KHN0cnVjdCB2cmluZ192aXJ0cXVldWUgKnZxLCB1bnNpZ25lZCBpbnQgaGVhZCwK PiArCQkJICAgIHZvaWQgKipjdHgpCj4gICB7Cj4gICAJdW5zaWduZWQgaW50IGksIGo7Cj4gICAJ X192aXJ0aW8xNiBuZXh0ZmxhZyA9IGNwdV90b192aXJ0aW8xNih2cS0+dnEudmRldiwgVlJJTkdf REVTQ19GX05FWFQpOwo+ICAgCj4gKwkvKiBXZSdsbCBsZWFrIERNQSBtYXBwaW5ncyB3aGVuIHRo aXMgaGFwcGVucywgYnV0IG5vdGhpbmcKPiArCSAqIGNhbiBiZSBkb25lIGFib3V0IHRoYXQuIElu IHRoZSB3b3JzdCBjYXNlIHRoZSBob3N0Cj4gKwkgKiBjb3VsZCBET1MgdXMsIGJ1dCBpdCBjYW4g b2YgY291cnNlIGRvIHRoYXQgYW55d2F5cy4KPiArCSAqLwo+ICsJaWYgKCFpbnNpZGVfc3BsaXRf cmluZyh2cSwgaGVhZCkpCj4gKwkJcmV0dXJuIC1FSU87CgoKSSB0aGluayB0aGUgY2FsbGVyIGhh dmUgYWxyZWFkeSBkaWQgdGhpcyBmb3IgdXMgd2l0aCBldmVuIG1vcmUgY2hlY2sgb24gCnRoZSB0 b2tlbiAodmlydHF1ZXVlX2dldF9idWZfY3R4X3NwbGl0KCkpOgoKIMKgwqDCoMKgwqDCoMKgIGlm ICh1bmxpa2VseShpID49IHZxLT5zcGxpdC52cmluZy5udW0pKSB7CiDCoMKgwqDCoMKgwqDCoMKg wqDCoMKgwqDCoMKgwqAgQkFEX1JJTkcodnEsICJpZCAldSBvdXQgb2YgcmFuZ2VcbiIsIGkpOwog wqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgIHJldHVybiBOVUxMOwogwqDCoMKgwqDCoMKg wqAgfQogwqDCoMKgwqDCoMKgwqAgaWYgKHVubGlrZWx5KCF2cS0+c3BsaXQuZGVzY19zdGF0ZVtp XS5kYXRhKSkgewogwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgIEJBRF9SSU5HKHZxLCAi aWQgJXUgaXMgbm90IGEgaGVhZCFcbiIsIGkpOwogwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDC oMKgIHJldHVybiBOVUxMOwogwqDCoMKgwqDCoMKgwqAgfQoKCj4gKwo+ICAgCS8qIENsZWFyIGRh dGEgcHRyLiAqLwo+ICAgCXZxLT5zcGxpdC5kZXNjX3N0YXRlW2hlYWRdLmRhdGEgPSBOVUxMOwo+ ICAgCj4gQEAgLTY2Niw2ICs2NzMsOCBAQCBzdGF0aWMgdm9pZCBkZXRhY2hfYnVmX3NwbGl0KHN0 cnVjdCB2cmluZ192aXJ0cXVldWUgKnZxLCB1bnNpZ25lZCBpbnQgaGVhZCwKPiAgIAl3aGlsZSAo dnEtPnNwbGl0LnZyaW5nLmRlc2NbaV0uZmxhZ3MgJiBuZXh0ZmxhZykgewo+ICAgCQl2cmluZ191 bm1hcF9vbmVfc3BsaXQodnEsICZ2cS0+c3BsaXQudnJpbmcuZGVzY1tpXSk7Cj4gICAJCWkgPSB2 aXJ0aW8xNl90b19jcHUodnEtPnZxLnZkZXYsIHZxLT5zcGxpdC52cmluZy5kZXNjW2ldLm5leHQp Owo+ICsJCWlmICghaW5zaWRlX3NwbGl0X3JpbmcodnEsIGkpKQo+ICsJCQlyZXR1cm4gLUVJTzsK CgpTaW1pbGFybHksIGlmIHdlIGRvbid0IGRlcGVuZCBvbiB0aGUgbWV0YWRhdGEgc3RvcmVkIGlu IHRoZSBkZXNjcmlwdG9yLCAKd2UgZG9uJ3QgbmVlZCB0aGlzIGNoZWNrLgoKCj4gICAJCXZxLT52 cS5udW1fZnJlZSsrOwo+ICAgCX0KPiAgIAo+IEBAIC02ODQsNyArNjkzLDcgQEAgc3RhdGljIHZv aWQgZGV0YWNoX2J1Zl9zcGxpdChzdHJ1Y3QgdnJpbmdfdmlydHF1ZXVlICp2cSwgdW5zaWduZWQg aW50IGhlYWQsCj4gICAKPiAgIAkJLyogRnJlZSB0aGUgaW5kaXJlY3QgdGFibGUsIGlmIGFueSwg bm93IHRoYXQgaXQncyB1bm1hcHBlZC4gKi8KPiAgIAkJaWYgKCFpbmRpcl9kZXNjKQo+IC0JCQly ZXR1cm47Cj4gKwkJCXJldHVybiAwOwo+ICAgCj4gICAJCWxlbiA9IHZpcnRpbzMyX3RvX2NwdSh2 cS0+dnEudmRldiwKPiAgIAkJCQl2cS0+c3BsaXQudnJpbmcuZGVzY1toZWFkXS5sZW4pOwo+IEBA IC03MDEsNiArNzEwLDcgQEAgc3RhdGljIHZvaWQgZGV0YWNoX2J1Zl9zcGxpdChzdHJ1Y3QgdnJp bmdfdmlydHF1ZXVlICp2cSwgdW5zaWduZWQgaW50IGhlYWQsCj4gICAJfSBlbHNlIGlmIChjdHgp IHsKPiAgIAkJKmN0eCA9IHZxLT5zcGxpdC5kZXNjX3N0YXRlW2hlYWRdLmluZGlyX2Rlc2M7Cj4g ICAJfQo+ICsJcmV0dXJuIDA7Cj4gICB9Cj4gICAKPiAgIHN0YXRpYyBpbmxpbmUgYm9vbCBtb3Jl X3VzZWRfc3BsaXQoY29uc3Qgc3RydWN0IHZyaW5nX3ZpcnRxdWV1ZSAqdnEpCj4gQEAgLTcxNyw2 ICs3MjcsNyBAQCBzdGF0aWMgdm9pZCAqdmlydHF1ZXVlX2dldF9idWZfY3R4X3NwbGl0KHN0cnVj dCB2aXJ0cXVldWUgKl92cSwKPiAgIAl2b2lkICpyZXQ7Cj4gICAJdW5zaWduZWQgaW50IGk7Cj4g ICAJdTE2IGxhc3RfdXNlZDsKPiArCWludCBlcnI7Cj4gICAKPiAgIAlTVEFSVF9VU0UodnEpOwo+ ICAgCj4gQEAgLTc1MSw3ICs3NjIsMTIgQEAgc3RhdGljIHZvaWQgKnZpcnRxdWV1ZV9nZXRfYnVm X2N0eF9zcGxpdChzdHJ1Y3QgdmlydHF1ZXVlICpfdnEsCj4gICAKPiAgIAkvKiBkZXRhY2hfYnVm X3NwbGl0IGNsZWFycyBkYXRhLCBzbyBncmFiIGl0IG5vdy4gKi8KPiAgIAlyZXQgPSB2cS0+c3Bs aXQuZGVzY19zdGF0ZVtpXS5kYXRhOwo+IC0JZGV0YWNoX2J1Zl9zcGxpdCh2cSwgaSwgY3R4KTsK PiArCWVyciA9IGRldGFjaF9idWZfc3BsaXQodnEsIGksIGN0eCk7Cj4gKwlpZiAoZXJyKSB7Cj4g KwkJRU5EX1VTRSh2cSk7CgoKVGhpcyByZW1pbmRzIG1lIHRoYXQgd2UgZG9uJ3QgdXNlIEVORF9V U0UoKSBhZnRlciBCQURfUklORygpIHdoaWNoIApzaG91bGQgYmUgZml4ZWQuCgpUaGFua3MKCgo+ ICsJCXJldHVybiBOVUxMOwo+ICsJfQo+ICsKPiAgIAl2cS0+bGFzdF91c2VkX2lkeCsrOwo+ICAg CS8qIElmIHdlIGV4cGVjdCBhbiBpbnRlcnJ1cHQgZm9yIHRoZSBuZXh0IGVudHJ5LCB0ZWxsIGhv c3QKPiAgIAkgKiBieSB3cml0aW5nIGV2ZW50IGluZGV4IGFuZCBmbHVzaCBvdXQgdGhlIHdyaXRl IGJlZm9yZQo+IEBAIC04NjMsNiArODc5LDcgQEAgc3RhdGljIHZvaWQgKnZpcnRxdWV1ZV9kZXRh Y2hfdW51c2VkX2J1Zl9zcGxpdChzdHJ1Y3QgdmlydHF1ZXVlICpfdnEpCj4gICAJCS8qIGRldGFj aF9idWZfc3BsaXQgY2xlYXJzIGRhdGEsIHNvIGdyYWIgaXQgbm93LiAqLwo+ICAgCQlidWYgPSB2 cS0+c3BsaXQuZGVzY19zdGF0ZVtpXS5kYXRhOwo+ICAgCQlkZXRhY2hfYnVmX3NwbGl0KHZxLCBp LCBOVUxMKTsKPiArCQkvKiBEb24ndCBuZWVkIHRvIGNoZWNrIGZvciBlcnJvciBiZWNhdXNlIG5v dGhpbmcgaXMgcmV0dXJuZWQgKi8KPiAgIAkJdnEtPnNwbGl0LmF2YWlsX2lkeF9zaGFkb3ctLTsK PiAgIAkJdnEtPnNwbGl0LnZyaW5nLmF2YWlsLT5pZHggPSBjcHVfdG9fdmlydGlvMTYoX3ZxLT52 ZGV2LAo+ICAgCQkJCXZxLT5zcGxpdC5hdmFpbF9pZHhfc2hhZG93KTsKCl9fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fCmlvbW11IG1haWxpbmcgbGlzdAppb21t dUBsaXN0cy5saW51eC1mb3VuZGF0aW9uLm9yZwpodHRwczovL2xpc3RzLmxpbnV4Zm91bmRhdGlv bi5vcmcvbWFpbG1hbi9saXN0aW5mby9pb21tdQ== From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.7 required=3.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,NICE_REPLY_A,SPF_HELO_NONE,SPF_NONE,USER_AGENT_SANE_1 autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 96349C47083 for ; Thu, 3 Jun 2021 02:29:27 +0000 (UTC) Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 505C4613E9 for ; Thu, 3 Jun 2021 02:29:27 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 505C4613E9 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=redhat.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=virtualization-bounces@lists.linux-foundation.org Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id DC330404DE; Thu, 3 Jun 2021 02:29:26 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SJcGFmn6IpUS; Thu, 3 Jun 2021 02:29:26 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [IPv6:2605:bc80:3010:104::8cd3:938]) by smtp2.osuosl.org (Postfix) with ESMTP id 62BF2404E2; Thu, 3 Jun 2021 02:29:25 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 32EDAC000E; Thu, 3 Jun 2021 02:29:25 +0000 (UTC) Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by lists.linuxfoundation.org (Postfix) with ESMTP id 30EBDC0024 for ; Thu, 3 Jun 2021 02:29:24 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id E3B9C404D7 for ; Thu, 3 Jun 2021 02:29:23 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Xtm4y_g-Dh5H for ; Thu, 3 Jun 2021 02:29:23 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by smtp2.osuosl.org (Postfix) with ESMTPS id 3FCFF400D8 for ; Thu, 3 Jun 2021 02:29:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1622687362; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Z8pfT0MZqL2Z8bkqcby4E+RJ01PN1727vqn0BLJ23M4=; b=bvONIXkHkk7nz9X9vioErqgaOa10R2Q93/P7CUTkVM/bXX72R+5+SlP88HsdO6OTLb1xnV QIagS+ebiP1ESNZ0PvBBcHlde8KDsrdFujwC6fYXLvwI3apCdBHSKiRn+UtdotEeH57Nkd CzV+R+qYq0vdwUmYRTgHbNpuNEu0kUs= Received: from mail-pl1-f199.google.com (mail-pl1-f199.google.com [209.85.214.199]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-466-TP1A4svIPxK9i554oBtmUQ-1; Wed, 02 Jun 2021 22:29:18 -0400 X-MC-Unique: TP1A4svIPxK9i554oBtmUQ-1 Received: by mail-pl1-f199.google.com with SMTP id x7-20020a1709027c07b02900e6489d6231so1970599pll.6 for ; Wed, 02 Jun 2021 19:29:18 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=Z8pfT0MZqL2Z8bkqcby4E+RJ01PN1727vqn0BLJ23M4=; b=aZWMoY3IzCU2+kwmCrJ6YL6aQXvAN9D7nkRDLc/sLRHC6xTekqAoZE1ab1YnyTu9lL 79s4sb4pNq1VRcX//HZ6KjbbEfDifQFgtD0LHcSNbE7AMjPQeLVjtBSqOygqguK+e+Eu tsJkKVDrBpHVAMY+D0mUk95c3Gh2HRHfmR41rFT+eHQ8M8JaY03Qmtcxr3v8AEWX7BgV GD7Ww3UQocp3WCT5X2sUGbZehrefdQBYgqtj43Mlod3bgA7Nf6rz4vfJHR12n6h78UHl ZZd5hvEfJc/B0q/+gJBdBQh+Ycf+XQF90UqeMDHE8esqDvX6ujkFxWeeKfcWCF8h+3D2 pwYQ== X-Gm-Message-State: AOAM533iWB3t9jHVsX7TXQo7CAxxnLy3SvTFGLX0rzJ2+FGqzLGijmss jGBvmd4oivbf0BNzmjuzAREtsKc26vCsqdTBIv23QcvibR6Qmdq1L6pvtKqm/gB4j1T9a8mOAKZ qGS5xIW3XEdD8MO+74a9eIUh5lIzKsldrusSzDGJeBg== X-Received: by 2002:a17:90a:af8b:: with SMTP id w11mr33994993pjq.228.1622687357782; Wed, 02 Jun 2021 19:29:17 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzcAOh1B5HwVx/1uLe5ueMMD2TZKV165kULJvA56z6ifNMCkU6WkR/FyKpm6p4cpf8KJgEpBw== X-Received: by 2002:a17:90a:af8b:: with SMTP id w11mr33994974pjq.228.1622687357476; Wed, 02 Jun 2021 19:29:17 -0700 (PDT) Received: from wangxiaodeMacBook-Air.local ([209.132.188.80]) by smtp.gmail.com with ESMTPSA id f2sm895145pgl.67.2021.06.02.19.29.13 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 02 Jun 2021 19:29:17 -0700 (PDT) Subject: Re: [PATCH v1 3/8] virtio: Harden split buffer detachment To: Andi Kleen , mst@redhat.com References: <20210603004133.4079390-1-ak@linux.intel.com> <20210603004133.4079390-4-ak@linux.intel.com> From: Jason Wang Message-ID: <284ca65d-d8b4-a671-4dba-df478a3610f1@redhat.com> Date: Thu, 3 Jun 2021 10:29:08 +0800 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.10.2 MIME-Version: 1.0 In-Reply-To: <20210603004133.4079390-4-ak@linux.intel.com> Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=jasowang@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Language: en-US Cc: sathyanarayanan.kuppuswamy@linux.intel.com, x86@kernel.org, linux-kernel@vger.kernel.org, virtualization@lists.linux-foundation.org, iommu@lists.linux-foundation.org, jpoimboe@redhat.com, robin.murphy@arm.com, hch@lst.de, m.szyprowski@samsung.com X-BeenThere: virtualization@lists.linux-foundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Linux virtualization List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Transfer-Encoding: base64 Content-Type: text/plain; charset="utf-8"; Format="flowed" Errors-To: virtualization-bounces@lists.linux-foundation.org Sender: "Virtualization" CuWcqCAyMDIxLzYvMyDkuIrljYg4OjQxLCBBbmRpIEtsZWVuIOWGmemBkzoKPiBIYXJkZW4gdGhl IHNwbGl0IGJ1ZmZlciBkZXRhY2htZW50IHBhdGggYnkgYWRkaW5nIGJvdW5kYXJ5IGNoZWNraW5n LiBOb3RlCj4gdGhhdCB3aGVuIHRoaXMgZmFpbHMgd2UgbWF5IGZhaWwgdG8gdW5tYXAgc29tZSBz d2lvdGxiIG1hcHBpbmcsIHdoaWNoIGNvdWxkCj4gcmVzdWx0IGluIGEgbGVhayBhbmQgYSBET1Mu IEJ1dCB0aGF0J3MgYWNjZXB0YWJsZSBiZWNhdXNlIGFuIG1hbGljaW91cyBob3N0Cj4gY2FuIERP UyB1cyBhbnl3YXlzLgo+Cj4gU2lnbmVkLW9mZi1ieTogQW5kaSBLbGVlbiA8YWtAbGludXguaW50 ZWwuY29tPgo+IC0tLQo+ICAgZHJpdmVycy92aXJ0aW8vdmlydGlvX3JpbmcuYyB8IDI1ICsrKysr KysrKysrKysrKysrKysrKy0tLS0KPiAgIDEgZmlsZSBjaGFuZ2VkLCAyMSBpbnNlcnRpb25zKCsp LCA0IGRlbGV0aW9ucygtKQo+Cj4gZGlmZiAtLWdpdCBhL2RyaXZlcnMvdmlydGlvL3ZpcnRpb19y aW5nLmMgYi9kcml2ZXJzL3ZpcnRpby92aXJ0aW9fcmluZy5jCj4gaW5kZXggZDM3ZmY1YTBmZjU4 Li4xZTlhYTFlOTVlMWIgMTAwNjQ0Cj4gLS0tIGEvZHJpdmVycy92aXJ0aW8vdmlydGlvX3Jpbmcu Ywo+ICsrKyBiL2RyaXZlcnMvdmlydGlvL3ZpcnRpb19yaW5nLmMKPiBAQCAtNjUxLDEyICs2NTEs MTkgQEAgc3RhdGljIGJvb2wgdmlydHF1ZXVlX2tpY2tfcHJlcGFyZV9zcGxpdChzdHJ1Y3Qgdmly dHF1ZXVlICpfdnEpCj4gICAJcmV0dXJuIG5lZWRzX2tpY2s7Cj4gICB9Cj4gICAKPiAtc3RhdGlj IHZvaWQgZGV0YWNoX2J1Zl9zcGxpdChzdHJ1Y3QgdnJpbmdfdmlydHF1ZXVlICp2cSwgdW5zaWdu ZWQgaW50IGhlYWQsCj4gLQkJCSAgICAgdm9pZCAqKmN0eCkKPiArc3RhdGljIGludCBkZXRhY2hf YnVmX3NwbGl0KHN0cnVjdCB2cmluZ192aXJ0cXVldWUgKnZxLCB1bnNpZ25lZCBpbnQgaGVhZCwK PiArCQkJICAgIHZvaWQgKipjdHgpCj4gICB7Cj4gICAJdW5zaWduZWQgaW50IGksIGo7Cj4gICAJ X192aXJ0aW8xNiBuZXh0ZmxhZyA9IGNwdV90b192aXJ0aW8xNih2cS0+dnEudmRldiwgVlJJTkdf REVTQ19GX05FWFQpOwo+ICAgCj4gKwkvKiBXZSdsbCBsZWFrIERNQSBtYXBwaW5ncyB3aGVuIHRo aXMgaGFwcGVucywgYnV0IG5vdGhpbmcKPiArCSAqIGNhbiBiZSBkb25lIGFib3V0IHRoYXQuIElu IHRoZSB3b3JzdCBjYXNlIHRoZSBob3N0Cj4gKwkgKiBjb3VsZCBET1MgdXMsIGJ1dCBpdCBjYW4g b2YgY291cnNlIGRvIHRoYXQgYW55d2F5cy4KPiArCSAqLwo+ICsJaWYgKCFpbnNpZGVfc3BsaXRf cmluZyh2cSwgaGVhZCkpCj4gKwkJcmV0dXJuIC1FSU87CgoKSSB0aGluayB0aGUgY2FsbGVyIGhh dmUgYWxyZWFkeSBkaWQgdGhpcyBmb3IgdXMgd2l0aCBldmVuIG1vcmUgY2hlY2sgb24gCnRoZSB0 b2tlbiAodmlydHF1ZXVlX2dldF9idWZfY3R4X3NwbGl0KCkpOgoKIMKgwqDCoMKgwqDCoMKgIGlm ICh1bmxpa2VseShpID49IHZxLT5zcGxpdC52cmluZy5udW0pKSB7CiDCoMKgwqDCoMKgwqDCoMKg wqDCoMKgwqDCoMKgwqAgQkFEX1JJTkcodnEsICJpZCAldSBvdXQgb2YgcmFuZ2VcbiIsIGkpOwog wqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgIHJldHVybiBOVUxMOwogwqDCoMKgwqDCoMKg wqAgfQogwqDCoMKgwqDCoMKgwqAgaWYgKHVubGlrZWx5KCF2cS0+c3BsaXQuZGVzY19zdGF0ZVtp XS5kYXRhKSkgewogwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgIEJBRF9SSU5HKHZxLCAi aWQgJXUgaXMgbm90IGEgaGVhZCFcbiIsIGkpOwogwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDC oMKgIHJldHVybiBOVUxMOwogwqDCoMKgwqDCoMKgwqAgfQoKCj4gKwo+ICAgCS8qIENsZWFyIGRh dGEgcHRyLiAqLwo+ICAgCXZxLT5zcGxpdC5kZXNjX3N0YXRlW2hlYWRdLmRhdGEgPSBOVUxMOwo+ ICAgCj4gQEAgLTY2Niw2ICs2NzMsOCBAQCBzdGF0aWMgdm9pZCBkZXRhY2hfYnVmX3NwbGl0KHN0 cnVjdCB2cmluZ192aXJ0cXVldWUgKnZxLCB1bnNpZ25lZCBpbnQgaGVhZCwKPiAgIAl3aGlsZSAo dnEtPnNwbGl0LnZyaW5nLmRlc2NbaV0uZmxhZ3MgJiBuZXh0ZmxhZykgewo+ICAgCQl2cmluZ191 bm1hcF9vbmVfc3BsaXQodnEsICZ2cS0+c3BsaXQudnJpbmcuZGVzY1tpXSk7Cj4gICAJCWkgPSB2 aXJ0aW8xNl90b19jcHUodnEtPnZxLnZkZXYsIHZxLT5zcGxpdC52cmluZy5kZXNjW2ldLm5leHQp Owo+ICsJCWlmICghaW5zaWRlX3NwbGl0X3JpbmcodnEsIGkpKQo+ICsJCQlyZXR1cm4gLUVJTzsK CgpTaW1pbGFybHksIGlmIHdlIGRvbid0IGRlcGVuZCBvbiB0aGUgbWV0YWRhdGEgc3RvcmVkIGlu IHRoZSBkZXNjcmlwdG9yLCAKd2UgZG9uJ3QgbmVlZCB0aGlzIGNoZWNrLgoKCj4gICAJCXZxLT52 cS5udW1fZnJlZSsrOwo+ICAgCX0KPiAgIAo+IEBAIC02ODQsNyArNjkzLDcgQEAgc3RhdGljIHZv aWQgZGV0YWNoX2J1Zl9zcGxpdChzdHJ1Y3QgdnJpbmdfdmlydHF1ZXVlICp2cSwgdW5zaWduZWQg aW50IGhlYWQsCj4gICAKPiAgIAkJLyogRnJlZSB0aGUgaW5kaXJlY3QgdGFibGUsIGlmIGFueSwg bm93IHRoYXQgaXQncyB1bm1hcHBlZC4gKi8KPiAgIAkJaWYgKCFpbmRpcl9kZXNjKQo+IC0JCQly ZXR1cm47Cj4gKwkJCXJldHVybiAwOwo+ICAgCj4gICAJCWxlbiA9IHZpcnRpbzMyX3RvX2NwdSh2 cS0+dnEudmRldiwKPiAgIAkJCQl2cS0+c3BsaXQudnJpbmcuZGVzY1toZWFkXS5sZW4pOwo+IEBA IC03MDEsNiArNzEwLDcgQEAgc3RhdGljIHZvaWQgZGV0YWNoX2J1Zl9zcGxpdChzdHJ1Y3QgdnJp bmdfdmlydHF1ZXVlICp2cSwgdW5zaWduZWQgaW50IGhlYWQsCj4gICAJfSBlbHNlIGlmIChjdHgp IHsKPiAgIAkJKmN0eCA9IHZxLT5zcGxpdC5kZXNjX3N0YXRlW2hlYWRdLmluZGlyX2Rlc2M7Cj4g ICAJfQo+ICsJcmV0dXJuIDA7Cj4gICB9Cj4gICAKPiAgIHN0YXRpYyBpbmxpbmUgYm9vbCBtb3Jl X3VzZWRfc3BsaXQoY29uc3Qgc3RydWN0IHZyaW5nX3ZpcnRxdWV1ZSAqdnEpCj4gQEAgLTcxNyw2 ICs3MjcsNyBAQCBzdGF0aWMgdm9pZCAqdmlydHF1ZXVlX2dldF9idWZfY3R4X3NwbGl0KHN0cnVj dCB2aXJ0cXVldWUgKl92cSwKPiAgIAl2b2lkICpyZXQ7Cj4gICAJdW5zaWduZWQgaW50IGk7Cj4g ICAJdTE2IGxhc3RfdXNlZDsKPiArCWludCBlcnI7Cj4gICAKPiAgIAlTVEFSVF9VU0UodnEpOwo+ ICAgCj4gQEAgLTc1MSw3ICs3NjIsMTIgQEAgc3RhdGljIHZvaWQgKnZpcnRxdWV1ZV9nZXRfYnVm X2N0eF9zcGxpdChzdHJ1Y3QgdmlydHF1ZXVlICpfdnEsCj4gICAKPiAgIAkvKiBkZXRhY2hfYnVm X3NwbGl0IGNsZWFycyBkYXRhLCBzbyBncmFiIGl0IG5vdy4gKi8KPiAgIAlyZXQgPSB2cS0+c3Bs aXQuZGVzY19zdGF0ZVtpXS5kYXRhOwo+IC0JZGV0YWNoX2J1Zl9zcGxpdCh2cSwgaSwgY3R4KTsK PiArCWVyciA9IGRldGFjaF9idWZfc3BsaXQodnEsIGksIGN0eCk7Cj4gKwlpZiAoZXJyKSB7Cj4g KwkJRU5EX1VTRSh2cSk7CgoKVGhpcyByZW1pbmRzIG1lIHRoYXQgd2UgZG9uJ3QgdXNlIEVORF9V U0UoKSBhZnRlciBCQURfUklORygpIHdoaWNoIApzaG91bGQgYmUgZml4ZWQuCgpUaGFua3MKCgo+ ICsJCXJldHVybiBOVUxMOwo+ICsJfQo+ICsKPiAgIAl2cS0+bGFzdF91c2VkX2lkeCsrOwo+ICAg CS8qIElmIHdlIGV4cGVjdCBhbiBpbnRlcnJ1cHQgZm9yIHRoZSBuZXh0IGVudHJ5LCB0ZWxsIGhv c3QKPiAgIAkgKiBieSB3cml0aW5nIGV2ZW50IGluZGV4IGFuZCBmbHVzaCBvdXQgdGhlIHdyaXRl IGJlZm9yZQo+IEBAIC04NjMsNiArODc5LDcgQEAgc3RhdGljIHZvaWQgKnZpcnRxdWV1ZV9kZXRh Y2hfdW51c2VkX2J1Zl9zcGxpdChzdHJ1Y3QgdmlydHF1ZXVlICpfdnEpCj4gICAJCS8qIGRldGFj aF9idWZfc3BsaXQgY2xlYXJzIGRhdGEsIHNvIGdyYWIgaXQgbm93LiAqLwo+ICAgCQlidWYgPSB2 cS0+c3BsaXQuZGVzY19zdGF0ZVtpXS5kYXRhOwo+ICAgCQlkZXRhY2hfYnVmX3NwbGl0KHZxLCBp LCBOVUxMKTsKPiArCQkvKiBEb24ndCBuZWVkIHRvIGNoZWNrIGZvciBlcnJvciBiZWNhdXNlIG5v dGhpbmcgaXMgcmV0dXJuZWQgKi8KPiAgIAkJdnEtPnNwbGl0LmF2YWlsX2lkeF9zaGFkb3ctLTsK PiAgIAkJdnEtPnNwbGl0LnZyaW5nLmF2YWlsLT5pZHggPSBjcHVfdG9fdmlydGlvMTYoX3ZxLT52 ZGV2LAo+ICAgCQkJCXZxLT5zcGxpdC5hdmFpbF9pZHhfc2hhZG93KTsKCl9fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fClZpcnR1YWxpemF0aW9uIG1haWxpbmcg bGlzdApWaXJ0dWFsaXphdGlvbkBsaXN0cy5saW51eC1mb3VuZGF0aW9uLm9yZwpodHRwczovL2xp c3RzLmxpbnV4Zm91bmRhdGlvbi5vcmcvbWFpbG1hbi9saXN0aW5mby92aXJ0dWFsaXphdGlvbg==